AWS Management & Governance Blog

Category: AWS Organizations

GoDaddy’s journey to the cloud and their Standard Cloud Platform

GoDaddy’s journey to the cloud and their Standard Cloud Platform

In this blog post, we explore GoDaddy’s journey to the cloud and their Public Cloud Portal, an application created to onboard engineering teams to AWS. GoDaddy started this journey in early 2018 when they announced their partnership with AWS. We’ll focus on how GoDaddy created a service to enable thousands of employees and hundreds of […]

Read More
How to manage cost overruns in your AWS multi-account environment – Part I

How to manage cost overruns in your AWS multi-account environment – Part 1

AWS provides a flexible and secure environment where you can experiment, innovate, and scale more quickly. As you build and deploy your workloads, you need mechanisms to isolate your resources (for example, a resource container). You can use multiple AWS accounts for this purpose. An AWS account provides natural security, access, and billing boundaries for […]

Read More
How to manage cost overruns in your AWS multi-account environment – Part II

How to manage cost overruns in your AWS multi-account environment – Part 2

In the first post of this two-part series, we showed you two approaches for preventing cost overruns in a centralized budget management pattern: Applying a restrictive service control policy (SCP) to an organizational unit (OU). Moving the account to another OU with restrictive SCPs. In this post, we share how you can prevent cost overruns […]

Read More
Latest from AWS Organizations

The latest from AWS Organizations (Spring 2021)

AWS Organizations provides features customers can use to manage their AWS environment across accounts. When paired with other AWS services, AWS Organizations helps you manage permissions, create and share resources, govern your environment, and centrally control your security requirements. Here’s what the team has been up to since our virtual 2020 re:Invent season. Use attribute-based […]

Read More

AWS Health Aware – Customize AWS Health Alerts for Organizational and Personal AWS Accounts

AWS strives for high availability and has a 99.9% uptime for most services. However, in the rare event that incidents do occur, customers should be prepared to respond. AWS Health is the primary channel to communicate service degradation, scheduled changes, and resource impacting issues. For customers running critical applications, having access to proactive and real-time […]

Read More

CloudFormation StackSets delegated administration

If you are using AWS CloudFormation StackSets, you are having to manage your stacks from the AWS Organizations management account. According to best practice, the management account should be used only for tasks that require it. Until today, you had to use the management account to manage your AWS CloudFormation stack sets. To help limit […]

Read More

Best practices for creating and managing sandbox accounts in AWS

Organizations use multiple environments, each with different security and compliance controls, as part of their deployment pipeline. Following the principle of least privilege, production environments have the most restrictive security and compliance controls. They tightly limit who can access the environment and which actions each user (or principal) can perform. Development and test environments also […]

Read More
ReadOnly SCP Post Featured Image

How to implement a read-only service control policy (SCP) for accounts in AWS Organizations

Customers who manage multiple AWS accounts in AWS Organizations can use service control policies (SCPs) to centrally manage permissions in their environment. SCPs can be applied to an organization unit (OU), account, or entire organization to restrict the maximum permissions that can be applied in the scoped AWS accounts. In this post, we are going to explore the use of SCPs to restrict an AWS account to read-only access.

Read More

How to aggregate and visualize AWS Health events using AWS Organizations and Amazon Elasticsearch Service

In this post, I show you how to aggregate AWS Health events centrally from all accounts in your organization using AWS Organizations, AWS Lambda, and AWS Health API, and then build automation to ingest and visualize the operations data using Amazon Elasticsearch Service. As your organization grows, the number of operational emails and AWS Personal […]

Read More

AWS Management and Governance at Re:Invent 2020

AWS re:Invent is always an exciting time of the year to engage with our customers to learn, and share information about our services and features. Due to the current pandemic, re:Invent is pivoting to a free and virtual format presented across 3 weeks from November 30 to December 18 this year. Yes, you read that […]

Read More