Organizations

Overview

• Global service

• Allows to manage multiple AWS accounts

• The main account is the master account

• Cost Benefits:

  • Consolidated Billing across all accounts - single payment method

  • Pricing benefits from aggregated usage (volume discount for EC2, S3...)

  • Pooling of Reserved EC2 instances for optimal savings

• API is available to automate AWS account creation

• Restrict account privileges using Service Control Policies (SCP)

Multi Account Strategies

  • Create accounts per department, per cost center, per dev/test/prod, based on regulatory restrictions (using SCP), for better resource isolation (ex: VPC), to have separate per-account ser vice limits, isolated account for logging

  • Multi Account vs One Account Multi VPC

  • Use tagging standards for billing purposes

  • Enable CloudTrail on all accounts, send logs to the central S3 account

  • Send CloudWatch Logs to the central logging account

Consolidated Billing

• When enabled, provides you with:

  • Combined Usage – combine the usage across all AWS accounts in the AWS Organization to share the volume pricing, Reserved Instances and Savings Plans discounts

  • One Bill – get one bill for all AWS Accounts in the AWS Organization

• The management account can turn off Reserved Instances discount sharing for any account in the AWS Organization, including itself

PreviousAccount Management, Billing & SupportNextSCP

Last updated