AWS Security Blog

Category: AWS Organizations

AWS Organizations now available in the AWS GovCloud (US) Regions for central governance and management of AWS accounts

AWS Organizations is now available in the AWS GovCloud (US) Regions, enabling you to centrally govern and manage your AWS GovCloud (US) accounts. AWS Organizations helps you to centrally manage billing; control access, compliance, and security; and share resources across your AWS accounts. Using AWS Organizations, you can: Define organization-wide permission guardrails to establish controls […]

Read More

How to use service control policies to set permission guardrails across accounts in your AWS Organization

AWS Organizations provides central governance and management for multiple accounts. Central security administrators use service control policies (SCPs) with AWS Organizations to establish controls that all IAM principals (users and roles) adhere to. Now, you can use SCPs to set permission guardrails with the fine-grained control supported in the AWS Identity and Access Management (IAM) […]

Read More

AWS Organizations now requires email address verification in order to invite accounts to an organization

AWS Organizations, the service for centrally managing multiple AWS accounts, enables you to invite existing accounts to join your organization. To provide additional assurance about your organization’s identity to AWS accounts that you invite, AWS Organizations is adding a new feature. Beginning on September 27, 2018, you’ll need to verify the email address associated with […]

Read More

An easier way to control access to AWS resources by using the AWS organization of IAM principals

AWS Identity and Access Management (IAM) now makes it easier for you to control access to your AWS resources by using the AWS organization of IAM principals (users and roles). For some services, you grant permissions using resource-based policies to specify the accounts and principals that can access the resource and what actions they can […]

Read More

AWS Organizations Now Supports Self-Service Removal of Accounts from an Organization

Today, AWS Organizations made it easier for you to remove AWS accounts from an organization. You can remove accounts from an organization without requiring assistance from AWS Support, and the accounts you remove can operate as standalone accounts or be invited to join another organization. For example, you could remove graduating students’ AWS accounts from […]

Read More

How to Use AWS Organizations to Automate End-to-End Account Creation

AWS Organizations offers new capabilities for managing AWS accounts, including automated account creation via the Organizations API. For example, you can bring new development teams onboard by using the Organizations API to create an account, AWS CloudFormation templates to configure the account (such as for AWS Identity and Access Management [IAM] and networking), and service control […]

Read More

Attend This Free April 27 Tech Talk—Applying AWS Organizations to Complex Account Structures

Update: This webinar is now available as an on-demand video and slide deck. As part of the AWS Monthly Online Tech Talks series, AWS will present Applying AWS Organizations to Complex Account Structures on Thursday, April 27. This tech talk will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time. AWS Principal Product Manager Anders Samuelsson […]

Read More

The New AWS Organizations User Interface Makes Managing Your AWS Accounts Easier

With AWS Organizations—launched on February 27, 2017—you can easily organize accounts centrally and set organizational policies across a set of accounts. Starting today, the Organizations console includes a tree view that allows you to manage accounts and organizational units (OUs) easily. The new view also makes it simple to attach service control policies (SCPs) to individual […]

Read More

How to Use Service Control Policies in AWS Organizations to Enforce Healthcare Compliance in Your AWS Account

AWS customers with healthcare compliance requirements such as the U.S. Health Insurance Portability and Accountability Act (HIPAA) and Good Laboratory, Clinical, and Manufacturing Practices (GxP) might want to control access to the AWS services their developers use to build and operate their GxP and HIPAA systems. For example, customers with GxP requirements might approve AWS […]

Read More

Now Generally Available – AWS Organizations: Policy-Based Management for Multiple AWS Accounts

Over the years, we have found that many of our customers are managing multiple AWS accounts. Instead of dealing with a multitude of per-team, per-division, or per-application accounts, our customers have asked for a way to define access control policies that can be easily applied to all, some, or individual accounts. In many cases, these […]

Read More