Account Assessment for AWS Organizations
Investigate resource-based policy dependencies for your AWS Organizations accounts
Overview
Account Assessment for AWS Organizations allows you to centrally manage and evaluate all AWS accounts within your AWS Organizations, helping you to better understand and navigate the dependencies of AWS Organizations. The process to manually evaluate AWS Organizations dependencies can be time consuming—potentially involving reviews of tens or even hundreds of AWS resources of individual accounts. Now, you can run three types of scans to find delegated administrator accounts, identity-based and resource-based policies, and AWS services that have trusted access enabled for your AWS Organizations—all from a simple UI.
Benefits
Intuitive web UI
View, examine, and troubleshoot your scan results in an intuitive web UI.
Compatible with over 25 AWS services
Use more than 25 AWS services enabled with trusted access to perform operations across all of the AWS accounts in your AWS Organizations.
Three types of scans
Scan for resource-based policies, delegated admin accounts, and trusted access with the web UI.
How it works
You can automatically deploy this architecture using the implementation guide and the accompanying AWS CloudFormation template.
About this deployment
- Version: 1.1.3
- Released: 8/2025
- Author: AWS
- Est. deployment time: 30 mins
- Estimated cost: See details
Deploy with confidence
Everything you need to launch this AWS Solution in your account is right here
We'll walk you through it
Get started fast. Read the implementation guide for deployment steps, architecture details, cost information, and customization options.
Let's make it happen
Ready to deploy? Open the CloudFormation template in the AWS Console to begin setting up the infrastructure you need. You'll be prompted to access your AWS account if you haven't yet logged in.
Related content
Did you find what you were looking for today?
Let us know so we can improve the quality of the content on our pages