# Leaving an organization from a member account with AWS Organizations
When you sign in to a member account, you can leave an organization. The management account can't leave the organization using this technique. To remove the management account, you must [delete the organization](orgs_manage_org_delete.md).
## Considerations
**An account’s status with an organization affects what cost and usage data is visible**
Accounts maintain access to all past invoices delivered to them and all bills data generated by them, regardless of organizations membership changes. However, Cost Explorer data visibility is tied to current organizations membership. The table below shows how three common account transitions affect data visibility:
****
| | Invoice availability | Bills availability (e.g., Bills page) | Cost Explorer availability |
| --- | --- | --- | --- |
| Scenario 1Member account leaves organizationA and becomes a standalone account | The account maintains access to all historical invoices delivered to it. | The account maintains access to all historical bills data it generated as a member of organizationA. | The account loses access to historical cost and usage data it generated as a member of organizationA. |
| Scenario 2Member account leaves organizationA and joins organizationB | The account maintains access to all historical invoices delivered to it. | The account maintains access to all historical bills data it generated as a member of organizationA. | The account loses access to historical cost and usage data it generated as a member of organizationA. |
| Scenario 3Account rejoins an organization that it previously belonged to | The account maintains access to all historical invoices delivered to it. | The account maintains access to all historical bills data it generated (regardless if generated as a standalone account or as a member of another organization). | The account regains access to cost and usage data for the full range of time it was a member of the organization, but loses access to all historical cost and usage generated outside of its current organization. |
**The account is no longer covered by organization agreements that were accepted on its behalf**
If you leave an organization, you are no longer covered by organization agreements that were accepted on your behalf by the management account of the organization. You can view a list of these organization agreements in the AWS Artifact console on the [AWS Artifact Organization Agreements](https://console.aws.amazon.com/artifact/home?#!/agreements?tab=organizationAgreements) page. Before leaving the organization, you should determine (with the assistance of your legal, privacy, or compliance teams where appropriate) whether it is necessary for you to have new agreement(s) in place.
**The account’s quota limits may change and could cause impact**
Leaving an organization as a member account may affect the service quota limits available to that account. If you have automated workloads that require higher limits, please revisit your quotas in service quotas console after leaving the organization to ensure uninterrupted experience. Please contact [AWS Support Center](https://console.aws.amazon.com/support/home#/) after leaving the organization for assistance.
## Leave an organization from a member account
To leave an organization, complete the following procedure.
**Minimum permissions**
To leave an organization, you must have the following permissions:
`organizations:DescribeOrganization` – required only when using the Organizations console.
`organizations:LeaveOrganization` – Note that the organization administrator can apply a policy to your account that removes this permission, preventing you from removing your account from the organization.
If you sign in as an IAM user and the account is missing payment information, the user must have either `aws-portal:ModifyBilling` and `aws-portal:ModifyPaymentMethods` permissions (if the account has not yet migrated to fine-grained permissions) OR `payments:CreatePaymentInstrument` and `payments:UpdatePaymentPreferences` permissions (if the account has migrated to fine-grained permissions). Also, the member account must have IAM user access to billing enabled. If this isn't already enabled, see [Activating Access to the Billing and Cost Management Console](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate) in the *AWS Billing User Guide*.
------
#### [ AWS Management Console ]
**To leave an organization from your member account**
1. Sign in to the AWS Organizations console at [AWS Organizations console](https://console.aws.amazon.com/organizations/v2). You must sign in as an IAM user, assume an IAM role, or sign in as the root user ([not recommended](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials)) in a member account.
By default, you don't have access to the root user password in a member account that was created using AWS Organizations. If required, recover the root user password by following the steps in **Using the root user (Not recommended for everyday tasks)** in [Accessing member accounts in an organization with AWS Organizations](orgs_manage_accounts_access.md).
1. On the **[Organizations Dashboard](https://console.aws.amazon.com/organizations/v2/home/dashboard)** page, choose **Leave this organization**.
1. In the **Confirm leaving the organization?** dialog box, choose **Leave organization**. When prompted, confirm your choice to remove the account. After you have confirmed, you are redirected to the **Getting Started** page of the AWS Organizations console, where you can view any pending invitations for your account to join other organizations.
If you see a **You can't leave the organization yet** message, your account doesn't have all the required information to operate as a standalone account. If this is the case, proceed to the next step.
1. If the **Confirm leaving the organization?** dialog box displays the message **You can't leave the organization yet**, choose the **Complete the account sign-up steps** link.
If you do not see the **Complete the account sign-up steps** link, use [this link](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html?client=organizations&enforcePI=True) to go the **Sign up for AWS** page complete the missing registration steps.
1. On the **Sign up for AWS** page, enter all of the required information necessary for this to become a standalone account. This might include the following types of information:
+ Contact name and address
+ Valid payment method
+ Phone number verification
+ Support plan options
1. When you see the dialog box stating that the sign-up process is complete, choose **Leave organization**.
A confirmation dialog box appears. Confirm your choice to remove the account. You are redirected to the **Getting Started** page of the AWS Organizations console, where you can view any pending invitations for your account to join other organizations.
1. Remove the IAM roles that grant access to your account from the organization.
**Important**
If your account was created in the organization, then Organizations automatically created an IAM role in the account that enabled access by the organization's management account. If the account was invited to join, then Organizations did not automatically create such a role, but you or another administrator might have created one to get the same benefits. In either case, when you remove the account from the organization, any such role isn't automatically deleted. If you want to terminate this access from the former organization's management account, then you must manually delete this IAM role. For information about how to delete a role, see [Deleting roles or instance profiles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_delete.html) in the *IAM User Guide*.
------
#### [ AWS CLI & AWS SDKs ]
**To leave an organization as a member account**
You can use one of the following commands to leave an organization:
+ AWS CLI: [leave-organization](https://docs.aws.amazon.com/cli/latest/reference/organizations/leave-organization.html)
The following example causes the account whose credentials are used to run the command to leave the organization.
```
$ aws organizations leave-organization
```
This command produces no output when successful.
+ AWS SDKs: [LeaveOrganization](https://docs.aws.amazon.com/organizations/latest/APIReference/API_LeaveOrganization.html)
After the member account has left the organization, make sure to remove the IAM roles that grant access to your account from the organization.
**Important**
If your account was created in the organization, then Organizations automatically created an IAM role in the account that enabled access by the organization's management account. If the account was invited to join, then Organizations did not automatically create such a role, but you or another administrator might have created one to get the same benefits. In either case, when you remove the account from the organization, any such role isn't automatically deleted. If you want to terminate this access from the former organization's management account, then you must manually delete this IAM role. For information about how to delete a role, see [Deleting roles or instance profiles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_delete.html) in the *IAM User Guide*.
Member accounts can also be removed by a user in the management account with [remove-account-from-organization](https://docs.aws.amazon.com/cli/latest/reference/organizations/remove-account-from-organization.html) instead. For more information, see [Remove a member account from an organization](orgs_manage_accounts_remove.md#orgs_manage_accounts_remove-member-account).
------