🌱 JYunth's Garden

Recent Posts

AWS Organizations

Nov 28, 20242 min read

AWS Organizations Summary

AWS Organizations is a service that enables you to centrally manage and govern your AWS environment as it grows. It allows you to consolidate multiple AWS accounts into an organization, simplifying billing and administration.

Key features of AWS Organizations:

  • Account Management: Create new accounts, organize them into Organizational Units (OUs), apply tag policies, and delegate administrative responsibilities.
  • Governance: Define and enforce policies using Service Control Policies (SCPs) to control access to services and resources.
  • Resource Sharing: Share resources across accounts using AWS RAM, centrally manage software licenses with AWS License Manager, and share IT services using AWS Service Catalog.
  • Compliance and Auditing: Activate AWS CloudTrail across accounts to log activities, enforce backups with AWS Backup, and define configuration settings with AWS Config.
  • Centralized Billing: Receive a single consolidated bill for all accounts, view usage across accounts, track costs using AWS Cost Explorer, and optimize resource usage using AWS Compute Optimizer.

Structure of an AWS Organization:

  • Root: The top-level container in the hierarchy, representing the management account. Policies applied to the root affect all OUs and accounts.
  • Organizational Units (OUs): Groups of AWS accounts organized hierarchically. OUs allow you to apply policies to a subset of accounts.
  • Management Account: The account used to create the organization. It has full control over the organization and is responsible for all billing.
  • Member Accounts: Accounts other than the management account that belong to the organization.

Benefits of AWS Organizations:

  • Automation: Automate account creation, policy application, and infrastructure deployments.
  • Security and Compliance: Enforce policies, audit activities, manage security tools, and apply compliance rules.
  • Collaboration: Enable secure collaboration between teams by providing different levels of access.
  • Resource Optimization: Share resources efficiently, manage licenses, and reduce costs.

Important things to remember:

  • SCPs only apply to member accounts, not the management account.
  • An organization’s hierarchy can be up to five levels deep.
  • Organizations simplifies multi-account management, which is a best practice for security and scalability.
  • The management account is the payer account for the entire organization.

Graph View

Backlinks