I have a question. I would like to manage multiple accounts and users using an AWS API (SDK). So is it possible to use AWS Organization in order to manage account and get access to a list of users ?
I mean i put AWS Organization connect to AWS SSO to manage multiple accounts, so can i manage accounts and users through the AWS SDK or i have to add another components ?
Any AWS SDK's Organization client will let you List, Add, Remove(Check condition to remove any account form org), Move to different OU under the same Org, etc. But in order to list all users under a linked account, you have to use the IAM client of that account.
1- Create a role(with admin permission) let say XRole in all linked accounts and with the trust policy for the master account.
2- From Master account assume the role( XRole ) of linked account and manage/list your account's users using IAM Client.
