Category: AWS Organizations

Organizations building modern applications require a way to gain actionable insights into their Amazon Elastic Compute Cloud (Amazon EC2) workloads. Amazon CloudWatch is a monitoring and observability service that collects operational data from logs, metrics, and events. The service lets customers monitor your resources spread across different accounts or regions in a single view, visualize […]

This post is written by Karl Schween, Principal Solutions Architect at AWS. This post is part one of two part series ‘Sharing AWS Outposts in a multi account AWS environment’ providing you guidance and considerations for sharing AWS Outposts and Amazon S3 on Outposts in a multiple AWS Account environment. AWS Outposts is a fully […]

Today, you can centrally close member accounts in your AWS organization enabling easier and more efficient account management of your AWS environment. This means you’re able to close member accounts from your organization’s management account without needing to login to each member account individually with root credentials. You can also ensure that only authorized IAM […]

Customers use the cloud to move faster and build differentiated products and services. AWS lets you experiment, innovate, and scale more quickly, all while providing a flexible and secure cloud environment. Furthermore, a multi-account AWS environment lets you build and deploy workloads quickly, while providing mechanisms to do so in a secure, scalable, and resilient […]

This is a guest post co-authored with Kershnee Ballack and Wilkister Wechuli from Old Mutual Limited Old Mutual Limited (OML) is a pan-African financial services group that offers financial solutions to retail and corporate customers across 14 African countries. Its purpose is to help customers thrive by enabling them to achieve their lifetime financial goals, […]

I introduced the fundamental concepts of service control policies (SCPs) in the previous post. We discussed what SCPs are, why you should create SCPs, the two approaches you can use to implement SCPs, and how to iterate and improve SCPs as your workload and business needs change. In this post, I will discuss how you […]

Each AWS account enables cellular design – it provides a natural isolation of AWS resources, security, partitions access, and establishes billing boundaries. Separation of concern through multi-account setup is a key design principle that customers use to experiment, innovate, and scale quickly on AWS. The basis of a multi-account AWS environment is AWS Organizations, which […]

Customers will often start using various AWS services through a single AWS account. As customers continue their AWS journey, they increase the number and diversity of workloads operating on AWS. Furthermore, as the number of users grows, managing this account becomes difficult and time consuming. Then, customers create more accounts for multiple users. This helps […]

Many of our customers manage multiple AWS accounts in AWS Organizations and utilize Service Control Policies (SCPs) to centrally manage permissions in their organization. SCPs offer central control over the maximum available permissions for every account in your organization and can be applied to an account, organization units (OUs), or the organization as a whole […]

AWS Control Tower provides the easiest way for you to set up and govern your AWS environment, or landing zone, following prescriptive AWS best practices managed on your behalf. AWS Control Tower orchestrates multiple AWS services (AWS Organizations, AWS CloudFormation StackSets, Amazon S3, AWS Single Sign-On, AWS Config, AWS CloudTrail) to build a landing zone […]