AWS Cloud Operations Blog
Category: AWS Organizations
Protect your AWS resources from unauthorized access using AWS Organizations integrations
In today’s digital landscape, customers have complex and distributed workloads running on AWS, involving a large number of AWS resources across multiple services. Tackling security risks across numerous resources can seem daunting, but with the right approach following best practices, can be addressed in a timely manner. AWS offers tools and services designed to help […]
Best practices to optimize costs after mergers and acquisitions with AWS Organizations
Mergers and acquisitions (M&As) offer organizations the opportunity to scale operations, diversify product lines, and capture new markets. However, they come with a set of challenges, such as the nuances of integrating legacy IT systems, complying with stringent regulations, and maintaining business continuity, etc. Eliminating the redundancy of resources and optimizing processes to bring consistency […]
Identify AWS resources at risk across your multi-account environment with AWS Organizations integrations
With numerous AWS accounts in an organization, receiving an external security finding like a vulnerability assessment or pen test report impacting multiple resources can be challenging. Without a centralized resource viewing and search capability, identifying the affected resources require switching and inspecting each account individually, which is time-consuming and inefficient. Security vulnerabilities are time-sensitive, and […]
How SMBs can deploy a multi-account environment quickly using AWS Organizations and AWS CloudFormation StackSets
Small and Medium Businesses (SMBs) need to operate with high availability and mitigate security risks while keeping costs low. An AWS multi-account environment with workload isolation, robust access control, cost visualization, and integrated security mechanisms can help SMBs build a platform to support growth. SMBs want to deploy a multi-account environment on AWS quickly and […]
VMware’s Cloud Journey: AWS Account Management at Scale
This post was co-authored with Thiru Bhat, Director CSO-CM, Office of the CTO, VMware VMware has been developing virtualization software since 1998. Headquartered in Palo Alto, California, the company is known for its application modernization, cloud, networking, security, and digital workspace offerings. They require a thorough and all-encompassing approach to ensure that corporate controls and […]
Implementing automated and centralized tagging controls with AWS Config and AWS Organizations
Introduction This blog post is for customers who want to implement automated tagging controls and strategy for cost allocation. Customers want to centralize and maintain consistency for tags across AWS Organizations so they are available outside their AWS environment (e.g. in build scripts, etc.) or enforce centralized conditional tagging on existing and new AWS resources […]
Best practices for managing AWS account meta-data at scale
As we all know, using multiple accounts on your AWS environment is one of the recommended best practices when organizing your workloads and your environment. Using multiple accounts brings multiple benefits allowing you to better leverage AWS services. However, AWS accounts are additional resources that you need to manage. In this blog post, you will […]
Manage migrations to multiple AWS Accounts using AWS Application Migration Service (MGN) and AWS Organizations
Many customers have successfully migrated on-premises or cloud-based applications to AWS using the AWS Application Migration Service (AWS MGN). Customers commonly migrate their applications to a number of different AWS Accounts that are part of an AWS Organization, in line with the best practices of establishing a multi-account AWS environment. When using AWS MGN, the […]
Service Quota Observability Across Regions and Accounts
Customers often need to launch workloads in new accounts and regions. You could be developing an application in a development account, and looking to launch it in a production account, following AWS multi-account best practices on separating production and non-production workloads. You could also be launching a second instance of your payment processing application in […]
Achieving operational excellence with design considerations for AWS Organizations SCPs
Service control policies (SCPs) are a set of policies that allow organizations to manage permissions using AWS Organizations. SCPs help control access to AWS services and resources provisioned across multiple accounts created within an organization. In addition, SCPs enable you to set up permission guardrails by defining the maximum available permissions for IAM principals in […]