- What's New
- Service Overview
- Getting Started
-
User Guide
- Permissions Management
- Managing Organizations
- Managing OUs
- Managing Accounts
-
Managing SCPs
- Overview of an SCP
- Enabling or Disabling the SCP Type
- Creating an SCP
- Modifying or Deleting an SCP
- Attaching or Detaching an SCP
- Example SCPs
- System-defined SCPs
- Cloud Services for Using SCPs
- Regions for Using SCPs
-
Actions Supported by SCP-based Authorization
- Compute
- Storage
- Networking
- Containers
- Analytics
- Content Delivery & Edge Computing
- Databases
- Security & Compliance
- Internet of Things
- Middleware
- Developer Services
- Business Applications
-
Management & Governance
- Simple Message Notification (SMN)
- Log Tank Service (LTS)
- Identity and Access Management (IAM)
- Security Token Service (STS)
- Resource Formation Service (RFS)
- IAM Identity Center
- Organizations
- Resource Access Manager (RAM)
- Enterprise Project Management Service (EPS)
- Tag Management Service (TMS)
- Config
- IAM Access Analyzer
- Cloud Trace Service (CTS)
- Resource Governance Center (RGC)
- Application Operations Management (AOM)
- Cloud Eye (CES)
- IAM Identity Broker
- User Support
- Migration
- Managing Tag Policies
- Managing Trusted Services
- Managing Tags
- CTS Auditing
- Adjusting Quotas
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
APIs
- Managing Organizations
- Managing OUs
-
Managing Accounts
- Creating an Account
- Listing Accounts in an Organization
- Closing an Account
- Getting Account Information
- Updating an Account
- Removing the Specified Account
- Moving an Account
- Inviting an Account to Join an Organization
- Querying Account Creation Requests in Specified State
- Querying Account Creation Status
- Querying CloseAccount Requests in Specified State
- Managing Invitations
- Managing Trusted Services
- Managing Delegated Administrators
- Managing Policies
-
Managing Tags
- Listing Tags for the Specified Resource
- Adding Tags to the Specified Resource
- Removing Tags from the Specified Resource
- Listing Tags for the Specified Resource Type
- Adding Tags to the Specified Resource Type
- Deleting Tags with the Specified Key from the Specified Resource Type
- Querying Resource Instances by Resource Type and Tag
- Querying Number of Resource Instances by Resource Type and Tag
- Querying Resource Tags
- Others
- Permissions and Supported Actions
- Appendixes
- Change History
- FAQs
- General Reference
Copied.
Overview of an Account
Accounts in Your Organization
An account is used to contain your Huawei Cloud resources. It is the smallest unit of an organization. Each organization has one management account and multiple member accounts.
Account Type |
Function |
Quota |
---|---|---|
Management account |
With the Organizations service, you can use the management account to create an organization and manage OUs, accounts, and policies for the organization. |
1 (Each organization can have exactly one management account.) |
Member account |
Except for the management account, other accounts in an organization are member accounts. Each member account is part of only one organization at a time. Generally, member accounts hold resources for a specific application or project of an organization. |
9 |
Impacts of Being in an Organization
When you invite an existing account to your organization or create a new account in your organization, Organizations will automatically make the following changes to the new member account:
- A service-linked agency is created in the member account. It is a cloud service agency with the system-defined permission OrganizationsServiceLinkedAgencyPolicy for all resources.
- The permissions of the new member account are affected by service control policies and tag policies. You may have service control policies and tag policies attached to the root or the OU that contains the new member account. If so, the policies will apply to the new member account and all IAM users in the member account.
- When you use the management account to enable a trusted service, the trusted service can create a service-linked agency for that trusted service in the member account.
Helpful links:
- Inviting an Account to Join Your Organization: You can create invitations, manage invitations you have sent, and accept or reject invitations.
- Creating an Account: You can use the management account to create new accounts.
- Closing an Account: You can use the management account to close any unwanted accounts that you have created. Invited accounts cannot be closed.
- Moving an Account: You can move accounts from one OU to another OU.
- Viewing Account Details: You can view the account name, account ID, the time when it joined an organization, any account-owing OUs, and the policies, tags, and delegated services that are attached to the account.
- Removing a Member Account from Your Organization: You can use the management account to remove member accounts from your organization.
- Viewing Account Records: When you sign in to the management account of your organization, on the Accounts page, you can view account details, including the account list, invitations, and creation requests. You can also invite, create, close, move, remove, and cancel any pending invitations.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot