Category: AWS Organizations

AWS Organizations has extended its existing tagging support for AWS accounts to include all Organizations resources, such as organizational units (OUs) and your root and organization-level policies. You can tag these resources as you create them, giving you a convenient way to make sure that your Organizations resources are categorized from the start, without needing […]

In this post, we show how you can use Account Factory in AWS Control Tower to provision new accounts that are ready for your teams to use. We demonstrate how you can use AWS Control Tower lifecycle events to automatically request regional service quota limit increases and enrollment in AWS Enterprise Support using the respective […]

This is our second installment of the latest news from AWS Organizations, which allows you to centrally manage and govern your AWS environment across accounts. We have had some exciting launches over the past few months, including new service integrations and Region expansions. Here’s the latest since April 2020: Create a backup policy that applies […]

AWS customers look to move quickly and securely when launching new business innovations. The multi-account environment provides guidance to help customers plan their AWS environment. This framework is designed to meet security needs, while maintaining the ability to scale and adapt their environments with changing business demands. The basis of a well-architected multi-account AWS environment […]

Note: This is a June 2020 update to the blog post How to set up a multi-region, multi-account catalog of company standard AWS Service Catalog products. Overview I have seen interest in the native infrastructure template sharing capabilities offered by AWS Service Catalog. For example, my customers share AWS Service Catalog portfolios directly to AWS […]

Update 10/2020 – Viewing patch compliance findings across AWS accounts in AWS Security Hub is supported natively. For more information please see What’s new announcement here. Introduction In this blog post, I discuss how to import critical patch compliance findings into Security Hub. Security Hub is a service that provides customers with a comprehensive view […]

Many of the customers we work with look for ways to manage compliance and gain additional insights across their AWS multi-account organization from a central location. We often begin the discussion with AWS Control Tower, as it offers the easiest way to set up and govern a multi-account AWS environment. AWS Control Tower is an […]

Introduction Many of the customers that we have worked with are using advanced network architectures in AWS for multi-VPC and multi-account architectures. Placing workloads into separate Amazon Virtual Private Clouds (VPCs) has several advantages, chief among them isolating sensitive workloads and allowing teams to innovate without fear of impacting other systems. Many companies are taking […]

AWS Config Rules allow customers to evaluate the configuration of resources against best practices and perform remediation when specified configuration policies are not being followed. Using AWS Config Conformance Packs, customers can create a collection of AWS Config rules and remediation actions in a single pack that can be deployed across AWS Organizations. This provides […]

Public and private sector customers are now often working to automate their account creation and operations into the AWS GovCloud (US) Regions. These customers use the AWS GovCloud (US) Regions to access FedRamp certified services and ITAR-governed datasets for multiple accounts. Managing this type of multi-account enterprise footprint with AWS Organizations helps reduce operational costs […]