We work with a lot of companies that maintain a large, ever-growing number of AWS accounts. Keeping a handle on all these accounts is typically quite difficult to do – even for the most seasoned Amazon Web Services (AWS) users.
With the release of AWS Organizations and, more recently, AWS Control Tower, you have the ability to centrally manage your AWS accounts, arrange them into logical groupings and hierarchies, and apply controls to them in ways that help you create a secure and compliant environment.
In this chapter, we will cover the following recipes:
- Setting up an automated landing zone with AWS Control Tower
- Setting up a master account with AWS Organizations
- Creating a member account
- Inviting an account
- Managing your accounts
- Adding a Service Control Policy (SCP)
- Setting up consolidated billing