Please enable JavaScript.
Coggle requires JavaScript to display documents.
25.283: Organizations - Coggle Diagram
25.283: Organizations
Features
Global service
Allow to manage multiple AWS account
Main account is the management account
Other account are member account
Member account can only be part of one ORG
Consolidated BiIling across all account- single payment method
Price benefits from aggregated usage
Shard reserved instances and Saving Plans discounts across accounts
API is available to automate AWS Account creation
Advantage
Multi Account vs One Account Multi VPC
Use tagging standard for billing purpose
Enable CloudTrail on all accounts, send log to central S3 account
Send CW Logs to central logging account
Establish Cross Account Roles for Admin purpose
Security: Service Control Policies
IAM policies applied to OU or Account to restrict users and roles
They do not apply to the managed account
Must have an explicit allow