Organizations helps you centrally manage and govern your environment as you grow and scale your AWS resources. It helps you manage policies for groups of accounts and automate account creation.
AWS Organizations is designed to help you manage multiple AWS accounts, including consolidating billing information, setting up policies, and enforcing governance across your organization.
How AWS ‘Organizations’ Works
- AWS Organizations
- when you create an organization, a root - which is the parent container for all the accounts in your organization - is created.
- Management Account
- is the central account that creates and manages the organization.
- responsible for overall control and governance.
- Organizational Unit (OU)
- is a logical grouping of accounts in an AWS organization
- Member account not in an OU
What's the difference between an AWS Account and an IAM User?
- AWS Account = top-level container & billing unit.
- IAM User = identity within an account that interacts with AWS resources.