Add module organization_account

[laurobmb]

SUMMARY

This PR introduces a new module aws_manage_account.py for managing AWS Organizations accounts. The module provides functionality to create new AWS accounts within an Organization and move existing accounts between Organizational Units (OUs). This addresses the need for automated account lifecycle management in AWS Organizations environments.

Key features include:

• Create new AWS accounts with optional custom IAM role names and tags
• Move existing accounts between Organizational Units
• Automatic polling and waiting for account creation completion
• Comprehensive error handling and validation
• Support for billing access configuration

---

ISSUE TYPE

• New Module Pull Request

---

COMPONENT NAME

aws_manage_account (AWS Organizations Account Management)

---

ADDITIONAL INFORMATION

The module supports two main actions:

1. create_account: Creates a new AWS account within the Organization

   • Supports custom IAM role names (defaults to OrganizationAccountAccessRole)
   • Optional account-level tags
   • Configurable billing access permissions
   • Automatic polling until account creation completes

2. move_account: Moves existing accounts between Organizational Units

   • Validates current parent OU before attempting move
   • Prevents unnecessary operations if account is already in target OU
   • Provides clear feedback on source and destination OUs

The module includes comprehensive documentation with examples for both simple account creation and advanced scenarios with custom roles and tags. It also provides detailed return values for integration with other Ansible tasks.

Usage Example:

---
- name: AWS Account Management
  hosts: localhost
  connection: local
  gather_facts: false
  vars:
    project: "AppProject"
    email: "[email protected]"
    destination_ou_id: "ou-8rpp-cm4auzsq"

    role_name_custom: "OrganizationAccountAccessRole"

    tags_da_conta:
      - Key: Project
        Value: "{{ project }}"
      - Key: Environment
        Value: "development"
      - Key: AutomationTool
        Value: "Ansible"

  tasks:
    - name: Criar nova conta AWS com Role e Tags
      laurobmb.aws.organization_account:
        action: create_account
        email: "{{ email }}"
        name: "{{ project }}"
        admin_role_name: "{{ role_name_custom }}"
        tags: "{{ tags_da_conta }}"
      register: create_account_result

    - name: Mostrar o resultado completo da criação
      ansible.builtin.debug:
        var: create_account_result

    - name: Mover a conta recém-criada para a OU de destino
      laurobmb.aws.organization_account:
        action: move_account
        id: "{{ create_account_result.status.AccountId }}"
        ou_id: "{{ destination_ou_id }}"
      when: create_account_result.changed

[github-actions]

Docs Build 📝

Thank you for contribution!✨

The docsite for this PR is available for download as an artifact from this run:
https://github.com/ansible-collections/community.aws/actions/runs/17741373310

You can compare to the docs for the main branch here:
https://ansible-collections.github.io/community.aws/branch/main

File changes:

• A collections/community/aws/organization_account_module.html
• M collections/community/aws/index.html
• M collections/community/aws/opensearch_info_module.html
• M collections/community/aws/redshift_module.html
• M collections/index_module.html

Click to see the diff comparison.

NOTE: only file modifications are shown here. New and deleted files are excluded.
See the file list and check the published docs to see those files.

diff --git a/home/runner/work/community.aws/community.aws/docsbuild/base/collections/community/aws/index.html b/home/runner/work/community.aws/community.aws/docsbuild/head/collections/community/aws/index.html
index 75011d0..e16b2bd 100644
--- a/home/runner/work/community.aws/community.aws/docsbuild/base/collections/community/aws/index.html
+++ b/home/runner/work/community.aws/community.aws/docsbuild/head/collections/community/aws/index.html
@@ -281,6 +281,7 @@
 <li><p><a class="reference internal" href="networkfirewall_rule_group_info_module.html#ansible-collections-community-aws-networkfirewall-rule-group-info-module"><span class="std std-ref">networkfirewall_rule_group_info module</span></a> – describe AWS Network Firewall rule groups</p></li>
 <li><p><a class="reference internal" href="opensearch_module.html#ansible-collections-community-aws-opensearch-module"><span class="std std-ref">opensearch module</span></a> – Creates OpenSearch or ElasticSearch domain</p></li>
 <li><p><a class="reference internal" href="opensearch_info_module.html#ansible-collections-community-aws-opensearch-info-module"><span class="std std-ref">opensearch_info module</span></a> – obtain information about one or more OpenSearch or ElasticSearch domain</p></li>
+<li><p><a class="reference internal" href="organization_account_module.html#ansible-collections-community-aws-organization-account-module"><span class="std std-ref">organization_account module</span></a> – Creates AWS accounts within an Organization</p></li>
 <li><p><a class="reference internal" href="redshift_module.html#ansible-collections-community-aws-redshift-module"><span class="std std-ref">redshift module</span></a> – create, delete, or modify an Amazon Redshift instance</p></li>
 <li><p><a class="reference internal" href="redshift_cross_region_snapshots_module.html#ansible-collections-community-aws-redshift-cross-region-snapshots-module"><span class="std std-ref">redshift_cross_region_snapshots module</span></a> – Manage Redshift Cross Region Snapshots</p></li>
 <li><p><a class="reference internal" href="redshift_info_module.html#ansible-collections-community-aws-redshift-info-module"><span class="std std-ref">redshift_info module</span></a> – Gather information about Redshift cluster(s)</p></li>
diff --git a/home/runner/work/community.aws/community.aws/docsbuild/base/collections/community/aws/opensearch_info_module.html b/home/runner/work/community.aws/community.aws/docsbuild/head/collections/community/aws/opensearch_info_module.html
index 76033dc..0ddd832 100644
--- a/home/runner/work/community.aws/community.aws/docsbuild/base/collections/community/aws/opensearch_info_module.html
+++ b/home/runner/work/community.aws/community.aws/docsbuild/head/collections/community/aws/opensearch_info_module.html
@@ -22,7 +22,7 @@
       <script src="../../../_static/sphinx_highlight.js?v=dc90522c"></script>
     <script src="../../../_static/js/theme.js"></script>
     <link rel="search" title="Search" href="../../../search.html" />
-    <link rel="next" title="community.aws.redshift module – create, delete, or modify an Amazon Redshift instance" href="redshift_module.html" />
+    <link rel="next" title="community.aws.organization_account module – Creates AWS accounts within an Organization" href="organization_account_module.html" />
     <link rel="prev" title="community.aws.opensearch module – Creates OpenSearch or ElasticSearch domain" href="opensearch_module.html" /><!-- extra head elements for Ansible beyond RTD Sphinx Theme -->
 
 
@@ -1051,7 +1051,7 @@ see <a class="reference internal" href="#ansible-collections-community-aws-opens
 
 <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
         <a href="opensearch_module.html" class="btn btn-neutral float-left" title="community.aws.opensearch module – Creates OpenSearch or ElasticSearch domain" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
-        <a href="redshift_module.html" class="btn btn-neutral float-right" title="community.aws.redshift module – create, delete, or modify an Amazon Redshift instance" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
+        <a href="organization_account_module.html" class="btn btn-neutral float-right" title="community.aws.organization_account module – Creates AWS accounts within an Organization" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
     </div>
 
   <hr/>
diff --git a/home/runner/work/community.aws/community.aws/docsbuild/base/collections/community/aws/redshift_module.html b/home/runner/work/community.aws/community.aws/docsbuild/head/collections/community/aws/redshift_module.html
index cff9a24..87d74b5 100644
--- a/home/runner/work/community.aws/community.aws/docsbuild/base/collections/community/aws/redshift_module.html
+++ b/home/runner/work/community.aws/community.aws/docsbuild/head/collections/community/aws/redshift_module.html
@@ -23,7 +23,7 @@
     <script src="../../../_static/js/theme.js"></script>
     <link rel="search" title="Search" href="../../../search.html" />
     <link rel="next" title="community.aws.redshift_cross_region_snapshots module – Manage Redshift Cross Region Snapshots" href="redshift_cross_region_snapshots_module.html" />
-    <link rel="prev" title="community.aws.opensearch_info module – obtain information about one or more OpenSearch or ElasticSearch domain" href="opensearch_info_module.html" /><!-- extra head elements for Ansible beyond RTD Sphinx Theme -->
+    <link rel="prev" title="community.aws.organization_account module – Creates AWS accounts within an Organization" href="organization_account_module.html" /><!-- extra head elements for Ansible beyond RTD Sphinx Theme -->
 
 
 
@@ -786,7 +786,7 @@ see <a class="reference internal" href="#ansible-collections-community-aws-redsh
           
 
 <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
-        <a href="opensearch_info_module.html" class="btn btn-neutral float-left" title="community.aws.opensearch_info module – obtain information about one or more OpenSearch or ElasticSearch domain" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
+        <a href="organization_account_module.html" class="btn btn-neutral float-left" title="community.aws.organization_account module – Creates AWS accounts within an Organization" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
         <a href="redshift_cross_region_snapshots_module.html" class="btn btn-neutral float-right" title="community.aws.redshift_cross_region_snapshots module – Manage Redshift Cross Region Snapshots" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
     </div>
 
diff --git a/home/runner/work/community.aws/community.aws/docsbuild/base/collections/index_module.html b/home/runner/work/community.aws/community.aws/docsbuild/head/collections/index_module.html
index 4c73fae..0058817 100644
--- a/home/runner/work/community.aws/community.aws/docsbuild/base/collections/index_module.html
+++ b/home/runner/work/community.aws/community.aws/docsbuild/head/collections/index_module.html
@@ -224,6 +224,7 @@
 <li><p><a class="reference internal" href="community/aws/networkfirewall_rule_group_info_module.html#ansible-collections-community-aws-networkfirewall-rule-group-info-module"><span class="std std-ref">community.aws.networkfirewall_rule_group_info</span></a> – describe AWS Network Firewall rule groups</p></li>
 <li><p><a class="reference internal" href="community/aws/opensearch_module.html#ansible-collections-community-aws-opensearch-module"><span class="std std-ref">community.aws.opensearch</span></a> – Creates OpenSearch or ElasticSearch domain</p></li>
 <li><p><a class="reference internal" href="community/aws/opensearch_info_module.html#ansible-collections-community-aws-opensearch-info-module"><span class="std std-ref">community.aws.opensearch_info</span></a> – obtain information about one or more OpenSearch or ElasticSearch domain</p></li>
+<li><p><a class="reference internal" href="community/aws/organization_account_module.html#ansible-collections-community-aws-organization-account-module"><span class="std std-ref">community.aws.organization_account</span></a> – Creates AWS accounts within an Organization</p></li>
 <li><p><a class="reference internal" href="community/aws/redshift_module.html#ansible-collections-community-aws-redshift-module"><span class="std std-ref">community.aws.redshift</span></a> – create, delete, or modify an Amazon Redshift instance</p></li>
 <li><p><a class="reference internal" href="community/aws/redshift_cross_region_snapshots_module.html#ansible-collections-community-aws-redshift-cross-region-snapshots-module"><span class="std std-ref">community.aws.redshift_cross_region_snapshots</span></a> – Manage Redshift Cross Region Snapshots</p></li>
 <li><p><a class="reference internal" href="community/aws/redshift_info_module.html#ansible-collections-community-aws-redshift-info-module"><span class="std std-ref">community.aws.redshift_info</span></a> – Gather information about Redshift cluster(s)</p></li>

[softwarefactory-project-zuul]

Build succeeded.
https://ansible.softwarefactory-project.io/zuul/buildset/3c51a750e02b426d96b2b5f7f4c30ce1

✔️ ansible-galaxy-importer SUCCESS in 3m 43s (non-voting)
✔️ build-ansible-collection SUCCESS in 11m 13s
✔️ ansible-test-splitter SUCCESS in 4m 19s
Skipped 22 jobs

[softwarefactory-project-zuul]

Build succeeded.
https://ansible.softwarefactory-project.io/zuul/buildset/8402fde906d14500829443216f11c710

❌ ansible-galaxy-importer FAILURE in 4m 44s (non-voting)
✔️ build-ansible-collection SUCCESS in 11m 48s
✔️ ansible-test-splitter SUCCESS in 4m 41s
Skipped 22 jobs

[softwarefactory-project-zuul]

Build succeeded.
https://ansible.softwarefactory-project.io/zuul/buildset/f1cc159005074c8dbcc8c5387f67fe80

❌ ansible-galaxy-importer FAILURE in 3m 54s (non-voting)
✔️ build-ansible-collection SUCCESS in 11m 43s
✔️ ansible-test-splitter SUCCESS in 4m 31s
Skipped 22 jobs