Transfer AWS accounts between AWS Organizations while preserving AWS Lake Formation permissions
AWS Cloud Operations Blog
This article explains how to migrate AWS accounts between organizations while preserving AWS Lake Formation permissions using new AWS features.
- AWS Organizations now supports direct account transfers between organizations without standalone phase
- New AWS RAM RetainSharingOnAccountLeaveOrganization parameter keeps resource shares active during migration
- Solution uses temporary "bridge shares" to maintain Lake Formation data access during account movement
- Four-step process: create bridge shares, migrate accounts, restore original shares, delete bridge shares
- Requires IAM roles with specific permissions and Lake Formation administrator access
- Python Boto3 scripts provided for automating the migration workflow
- Post-migration validation recommended to verify permissions and data access functionality
This approach enables seamless account migrations across organizations for mergers, acquisitions, or restructuring without disrupting data access or analytics workloads.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Feb 11
2026
2026
AWS Lake Formation enhances cross-account sharing
Nov 19
2025
2025
AWS Organizations introduces direct account transfers between organizations
Sep 26
2024
2024
Apply enterprise data governance and management using AWS Lake Formation and AWS IAM Identity Center
Mar 21
2024
2024
Securely share AWS CloudTrail Lake logs across accounts without replicating data
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.