SlideShare a Scribd company logo

AWS Organizations & Service Control Policy

B
Bhuvaneswari Subramani

This presentation focus on evolution of AWS Account & the need for multi-account. What is AWS Organizations, how do you setup and use it effectively as well as efficiently create and manage multiple AWS accounts with consolidated billing, centralized logging, security and controlled policy. We will have look at the Service Control Policy, a sample multi-account strategy and the best practices while dealing with multi-accounts.

Technology
1 of 52
PUNE
AWS Organizations & Service Control Policy Bhuvaneswari Subramani | Feb 2020
Bhuvaneswari Subramani (Bhuvana) Director, Engineering Operations, Infor AWS Community Hero Currently working on Cloud Computing, DevOps &, Performance QA https://installjournal.blogspot.com
Agenda • Evolution of AWS Adoption • Why you need multi-account ? • AWS Organizations • AWS Organizations - Setup • Service Control Policies • Multi-account Strategy
Evolution of AWS Adoption
What is an AWS Account? A Container for your AWS Resources You can create / manage resources in your account Access controlled through Identity & Access Management
Evolution of AWS Adoption Incrementally & Organically Mergers & Acquisition Security & Compliance Isolation of Application or Environment
Why you need AWS Multi- Account?
Why you need multi-account?
You need multi-account for .. Cost optimization and billing Security & governance Limit the blast radius Resource grouping Defining business units
Single vs Multiple AWS accounts Dev Test Prod
Single vs Multiple AWS accounts Dev Test Prod Dev Test Prod
AWS Organizations
What is AWS Organizations? Central governance and management across all your AWS accounts
AWS Organizations - Key Features Manage & define your organization and accounts Control access and permissions Audit, monitor, and secure your environment for compliance Share resources across accounts Centrally manage costs and billing
AWS Organizations – Steps to Create & Configure Create organization Create organizational units Create or Invite member Account Create service control policies Test Restrictions AWS Organizations creates OrganizationalAccountAccessRole in member account Member account to request for root user password
Root OU AWS Account AWS Account AWS Account AWS Account AWS Account AWS Account Policy Policy Policy OU OU AWS Account OU AWS Organizations - Components
Root OU AWS Account AWS Account AWS Account AWS Account AWS Account AWS Account Policy Policy Policy OU OU AWS Account OU AWS Organizations Account Limits 1 1000 1000 5 5
AWS Organizations – Components … Ø Invitation - The process of asking another account to join your organization Ø Handshake - A multi-step process of exchanging information between two parties Ø Feature Set Ø All Features - shared billing functionality + all features (default) Ø Consolidated billing - shared billing functionality Note: All features enabled back to consolidated billing features is not allowed Ø Service Control Policies Ø Tag Policies Ø Allow lists vs Deny lists Ø Default is FullAWSAccess; replace with desired set of permissions Works with All Features
AWS Organizations – Access Mechanisms AWS Management Console AWS Command Line Tools AWS SDKs AWS Organizations HTTPS Query API
AWS Organizations – Setup
Master account: AWS Organizations
Master account: Invite an existing account
Master account: Invite an existing account
Member account: Invitation notification
Member account: View member details
Master account: Notification to registered email id
Master account: Member accepted Invite
Master account: Member Declined Status
Master account: Create OUs
Master account: Move member to OU
Master account: Remove a member account
Master account: Remove a member account
Service Control Policies
Service Control Policies • SCPs can be enabled or Disabled in the root • No impact on master account; impacts linked accounts only • Don’t grant permissions; only ALLOW or DENY • Example: • SCP for Master OU to DENY CloudTrail for member accounts; All logs will be recorded by CloudTrail in master account • SCP for "database" account to allow only database service access Any user, group, or role in "database" account is denied access to any other service's operations.
Service Control Permissions IAM Permissions What users can actually do ?
AWS Multi-Account Strategy
Multi-Account Strategy Account Structure Consolidated Billing Network Architecture Central Logging Identity & Access Management Let’s discuss how best an enterprise can have isolated environments on separate AWS accounts with consolidated billing, centralized logging, security and controlled policy.
Account Structure Master account (root OU) OU_1 Security & audit account OU_2 Shared services account OU_3 Application account(s)
Account Structure Master account (root OU) OU_1 Security & audit account OU_2 Shared services account OU_3 Application account(s) How many accounts? Well, No one-size-fits-all answer
Account Structure Master account (root OU) OU_1 Security & audit account OU_2 Shared services account OU_3 Application account(s)
Account Structure Master account (root OU) OU_1 Security & audit account OU_2 Shared services account OU_3 Application account(s) Dev Test Prod
How do you apply SCPs? Master account (root OU) OU_1 Security & audit account OU_2 Shared services account OU_3 Application account(s)
Consolidated Billing
Networking Architecture
Log Everything Centrally
Log Everything Centrally AWS CloudTrail • Enable in All regions • Log to central bucket in security account AWS Config • Turn on & log to central bucket in security account • Include global resources VPC Flowlogs Application Logs Amazon S3 Amazon Glacier
Log Everything Centrally AWS CloudTrail •Enable in All regions •Log to central bucket in security account AWS Config •Turn on & log to central bucket in security account •Include global resources VPC Flowlogs Application Logs Amazon ElasticSearch Amazon S3 Amazon Glacier Amazon EC2 Amazon CloudWatch
Identity & Access Management • IAM • AWS Active Directory Service Cross- account Roles • SAML • Custom Identity Providers • Web IdentitiesFederation
IAM Security
Managing Multi-Accounts – Best Practice Ø Use a group alias rather than an individual email address as the account email address Ø Create and implement AWS tagging standards across your accounts Ø Verify Compliance regularly Ø Leverage compliance monitoring scripts to monitor your accounts
https://installjournal.blogspot.com https://www.linkedin.com/in/bhuvanas/ @installjournal Let’s harness the power of multi- account through AWS Organization..

Recommended

Designing security & governance via AWS Control Tower & Organizations - SEC30...
Designing security & governance via AWS Control Tower & Organizations - SEC30...Designing security & governance via AWS Control Tower & Organizations - SEC30...
Designing security & governance via AWS Control Tower & Organizations - SEC30...Amazon Web Services
 
Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS OrganizationsAmazon Web Services
 
Deploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerDeploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerAmazon Web Services
 
Executing a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWSExecuting a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWSAmazon Web Services
 
Setting Up a Landing Zone
Setting Up a Landing ZoneSetting Up a Landing Zone
Setting Up a Landing ZoneAmazon Web Services
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWSAmazon Web Services
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
Deep Dive on AWS Lambda
Deep Dive on AWS LambdaDeep Dive on AWS Lambda
Deep Dive on AWS LambdaAmazon Web Services
 

Recommended

Designing security & governance via AWS Control Tower & Organizations - SEC30...
Designing security & governance via AWS Control Tower & Organizations - SEC30...Designing security & governance via AWS Control Tower & Organizations - SEC30...
Designing security & governance via AWS Control Tower & Organizations - SEC30...Amazon Web Services
 
Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS OrganizationsAmazon Web Services
 
Deploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerDeploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerAmazon Web Services
 
Executing a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWSExecuting a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWSAmazon Web Services
 
Setting Up a Landing Zone
Setting Up a Landing ZoneSetting Up a Landing Zone
Setting Up a Landing ZoneAmazon Web Services
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWSAmazon Web Services
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
Deep Dive on AWS Lambda
Deep Dive on AWS LambdaDeep Dive on AWS Lambda
Deep Dive on AWS LambdaAmazon Web Services
 
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Amazon Web Services
 
AWS 101
AWS 101AWS 101
AWS 101Amazon Web Services
 
AWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_SingaporeAWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_SingaporeAmazon Web Services
 
Aws landing zone. journey to the cloud
Aws landing zone. journey to the cloudAws landing zone. journey to the cloud
Aws landing zone. journey to the cloudЕкатерина Задорожная
 
Deep dive into AWS IAM
Deep dive into AWS IAMDeep dive into AWS IAM
Deep dive into AWS IAMAmazon Web Services
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best PracticesAmazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 
Landing Zones - Creating a Foundation for Your AWS Migrations
Landing Zones - Creating a Foundation for Your AWS MigrationsLanding Zones - Creating a Foundation for Your AWS Migrations
Landing Zones - Creating a Foundation for Your AWS MigrationsAmazon Web Services
 
Introduction to AWS Cost Management
Introduction to AWS Cost ManagementIntroduction to AWS Cost Management
Introduction to AWS Cost ManagementAmazon Web Services
 
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Amazon Web Services
 
AWS IAM and security
AWS IAM and securityAWS IAM and security
AWS IAM and securityErik Paulsson
 
Elastic Load Balancing Deep Dive - AWS Online Tech Talk
Elastic Load Balancing Deep Dive - AWS Online Tech TalkElastic Load Balancing Deep Dive - AWS Online Tech Talk
Elastic Load Balancing Deep Dive - AWS Online Tech TalkAmazon Web Services
 
Day 5 - AWS Autoscaling Master Class - The New Capacity Plan
Day 5 - AWS Autoscaling Master Class - The New Capacity PlanDay 5 - AWS Autoscaling Master Class - The New Capacity Plan
Day 5 - AWS Autoscaling Master Class - The New Capacity PlanAmazon Web Services
 
Fundamentals of AWS Security
Fundamentals of AWS SecurityFundamentals of AWS Security
Fundamentals of AWS SecurityAmazon Web Services
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018Amazon Web Services
 
AWS IAM Introduction
AWS IAM IntroductionAWS IAM Introduction
AWS IAM IntroductionAmazon Web Services
 
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016Amazon Web Services
 
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneSimplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneAmazon Web Services
 
AWS networking fundamentals
AWS networking fundamentalsAWS networking fundamentals
AWS networking fundamentalsAmazon Web Services
 
Amazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Web Services
 
AWS Cloud organizations presentation
AWS Cloud organizations presentationAWS Cloud organizations presentation
AWS Cloud organizations presentationTATA LILIAN SHULIKA
 
Windsor AWS UG Deep Dive - AWS Organizations
Windsor AWS UG Deep Dive - AWS OrganizationsWindsor AWS UG Deep Dive - AWS Organizations
Windsor AWS UG Deep Dive - AWS OrganizationsGoran Karmisevic
 

More Related Content

What's hot

Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Amazon Web Services
 
AWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_SingaporeAWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_SingaporeAmazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 
Landing Zones - Creating a Foundation for Your AWS Migrations
Landing Zones - Creating a Foundation for Your AWS MigrationsLanding Zones - Creating a Foundation for Your AWS Migrations
Landing Zones - Creating a Foundation for Your AWS MigrationsAmazon Web Services
 
Introduction to AWS Cost Management
Introduction to AWS Cost ManagementIntroduction to AWS Cost Management
Introduction to AWS Cost ManagementAmazon Web Services
 
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Amazon Web Services
 
AWS IAM and security
AWS IAM and securityAWS IAM and security
AWS IAM and securityErik Paulsson
 
Elastic Load Balancing Deep Dive - AWS Online Tech Talk
Elastic Load Balancing Deep Dive - AWS Online Tech TalkElastic Load Balancing Deep Dive - AWS Online Tech Talk
Elastic Load Balancing Deep Dive - AWS Online Tech TalkAmazon Web Services
 
Day 5 - AWS Autoscaling Master Class - The New Capacity Plan
Day 5 - AWS Autoscaling Master Class - The New Capacity PlanDay 5 - AWS Autoscaling Master Class - The New Capacity Plan
Day 5 - AWS Autoscaling Master Class - The New Capacity PlanAmazon Web Services
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018Amazon Web Services
 
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016Amazon Web Services
 
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneSimplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneAmazon Web Services
 

What's hot (20)

Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
 
AWS 101
AWS 101AWS 101
AWS 101
 
AWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_SingaporeAWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_Singapore
 
Aws landing zone. journey to the cloud
Aws landing zone. journey to the cloudAws landing zone. journey to the cloud
Aws landing zone. journey to the cloud
 
Deep dive into AWS IAM
Deep dive into AWS IAMDeep dive into AWS IAM
Deep dive into AWS IAM
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best Practices
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS Security
 
Landing Zones - Creating a Foundation for Your AWS Migrations
Landing Zones - Creating a Foundation for Your AWS MigrationsLanding Zones - Creating a Foundation for Your AWS Migrations
Landing Zones - Creating a Foundation for Your AWS Migrations
 
Introduction to AWS Cost Management
Introduction to AWS Cost ManagementIntroduction to AWS Cost Management
Introduction to AWS Cost Management
 
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
 
AWS IAM and security
AWS IAM and securityAWS IAM and security
AWS IAM and security
 
Elastic Load Balancing Deep Dive - AWS Online Tech Talk
Elastic Load Balancing Deep Dive - AWS Online Tech TalkElastic Load Balancing Deep Dive - AWS Online Tech Talk
Elastic Load Balancing Deep Dive - AWS Online Tech Talk
 
Day 5 - AWS Autoscaling Master Class - The New Capacity Plan
Day 5 - AWS Autoscaling Master Class - The New Capacity PlanDay 5 - AWS Autoscaling Master Class - The New Capacity Plan
Day 5 - AWS Autoscaling Master Class - The New Capacity Plan
 
Fundamentals of AWS Security
Fundamentals of AWS SecurityFundamentals of AWS Security
Fundamentals of AWS Security
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
 
AWS IAM Introduction
AWS IAM IntroductionAWS IAM Introduction
AWS IAM Introduction
 
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
 
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneSimplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
 
AWS networking fundamentals
AWS networking fundamentalsAWS networking fundamentals
AWS networking fundamentals
 
Amazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Cognito Deep Dive
Amazon Cognito Deep Dive
 

Similar to AWS Organizations & Service Control Policy

AWS Cloud organizations presentation
AWS Cloud organizations presentationAWS Cloud organizations presentation
AWS Cloud organizations presentationTATA LILIAN SHULIKA
 
Windsor AWS UG Deep Dive - AWS Organizations
Windsor AWS UG Deep Dive - AWS OrganizationsWindsor AWS UG Deep Dive - AWS Organizations
Windsor AWS UG Deep Dive - AWS OrganizationsGoran Karmisevic
 
Track 5 Session 2_SEC01 多重帳戶安全策略與方針.pptx
Track 5 Session 2_SEC01 多重帳戶安全策略與方針.pptxTrack 5 Session 2_SEC01 多重帳戶安全策略與方針.pptx
Track 5 Session 2_SEC01 多重帳戶安全策略與方針.pptxAmazon Web Services
 
Using AWS Organizations to Ensure Compliance in Your Cloud
Using AWS Organizations to Ensure Compliance in Your CloudUsing AWS Organizations to Ensure Compliance in Your Cloud
Using AWS Organizations to Ensure Compliance in Your CloudAmazon Web Services
 
AWS re:Invent 2016: NEW SERVICE: Centrally Manage Multiple AWS Accounts with ...
AWS re:Invent 2016: NEW SERVICE: Centrally Manage Multiple AWS Accounts with ...AWS re:Invent 2016: NEW SERVICE: Centrally Manage Multiple AWS Accounts with ...
AWS re:Invent 2016: NEW SERVICE: Centrally Manage Multiple AWS Accounts with ...Amazon Web Services
 
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...Amazon Web Services
 
1BT_Tech_Talk_AWS_Cross_Account_Access
1BT_Tech_Talk_AWS_Cross_Account_Access1BT_Tech_Talk_AWS_Cross_Account_Access
1BT_Tech_Talk_AWS_Cross_Account_AccessCrishantha Nanayakkara
 
Aws meetup control_tower
Aws meetup control_towerAws meetup control_tower
Aws meetup control_towerAdam Book
 
Enrollement steps
Enrollement stepsEnrollement steps
Enrollement stepsAmir Arama
 
Deep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksDeep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksAmazon Web Services
 
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...Amazon Web Services
 
Managing your AWS Organization using org-formation
Managing your AWS Organization using org-formationManaging your AWS Organization using org-formation
Managing your AWS Organization using org-formationOlaf Conijn
 
Mastering AWS Organizations with Infrastructure as code
Mastering AWS Organizations with Infrastructure as codeMastering AWS Organizations with Infrastructure as code
Mastering AWS Organizations with Infrastructure as codeYan Cui
 
How to Manage Multiple AWS Accounts using AWS Organizations
How to Manage Multiple AWS Accounts using AWS OrganizationsHow to Manage Multiple AWS Accounts using AWS Organizations
How to Manage Multiple AWS Accounts using AWS OrganizationsAmazon Web Services
 
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...Amazon Web Services
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxAWS Chicago
 
Billing & pricing
Billing & pricing Billing & pricing
Billing & pricing Parag Patil
 
Webcast: AWS account setup tips for audit, governance, and security
Webcast: AWS account setup tips for audit, governance, and securityWebcast: AWS account setup tips for audit, governance, and security
Webcast: AWS account setup tips for audit, governance, and securityApplatix
 

Similar to AWS Organizations & Service Control Policy (20)

AWS Cloud organizations presentation
AWS Cloud organizations presentationAWS Cloud organizations presentation
AWS Cloud organizations presentation
 
Windsor AWS UG Deep Dive - AWS Organizations
Windsor AWS UG Deep Dive - AWS OrganizationsWindsor AWS UG Deep Dive - AWS Organizations
Windsor AWS UG Deep Dive - AWS Organizations
 
Track 5 Session 2_SEC01 多重帳戶安全策略與方針.pptx
Track 5 Session 2_SEC01 多重帳戶安全策略與方針.pptxTrack 5 Session 2_SEC01 多重帳戶安全策略與方針.pptx
Track 5 Session 2_SEC01 多重帳戶安全策略與方針.pptx
 
Using AWS Organizations to Ensure Compliance in Your Cloud
Using AWS Organizations to Ensure Compliance in Your CloudUsing AWS Organizations to Ensure Compliance in Your Cloud
Using AWS Organizations to Ensure Compliance in Your Cloud
 
AWS re:Invent 2016: NEW SERVICE: Centrally Manage Multiple AWS Accounts with ...
AWS re:Invent 2016: NEW SERVICE: Centrally Manage Multiple AWS Accounts with ...AWS re:Invent 2016: NEW SERVICE: Centrally Manage Multiple AWS Accounts with ...
AWS re:Invent 2016: NEW SERVICE: Centrally Manage Multiple AWS Accounts with ...
 
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...
 
1BT_Tech_Talk_AWS_Cross_Account_Access
1BT_Tech_Talk_AWS_Cross_Account_Access1BT_Tech_Talk_AWS_Cross_Account_Access
1BT_Tech_Talk_AWS_Cross_Account_Access
 
Governance at Scale
Governance at Scale Governance at Scale
Governance at Scale
 
Aws meetup control_tower
Aws meetup control_towerAws meetup control_tower
Aws meetup control_tower
 
Enrollement steps
Enrollement stepsEnrollement steps
Enrollement steps
 
Deep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksDeep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech Talks
 
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
Applying AWS Organizations to Complex Account Structures - April 2017 AWS Onl...
 
Managing your AWS Organization using org-formation
Managing your AWS Organization using org-formationManaging your AWS Organization using org-formation
Managing your AWS Organization using org-formation
 
Mastering AWS Organizations with Infrastructure as code
Mastering AWS Organizations with Infrastructure as codeMastering AWS Organizations with Infrastructure as code
Mastering AWS Organizations with Infrastructure as code
 
Getting Started with AWS
Getting Started with AWSGetting Started with AWS
Getting Started with AWS
 
How to Manage Multiple AWS Accounts using AWS Organizations
How to Manage Multiple AWS Accounts using AWS OrganizationsHow to Manage Multiple AWS Accounts using AWS Organizations
How to Manage Multiple AWS Accounts using AWS Organizations
 
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
 
Billing & pricing
Billing & pricing Billing & pricing
Billing & pricing
 
Webcast: AWS account setup tips for audit, governance, and security
Webcast: AWS account setup tips for audit, governance, and securityWebcast: AWS account setup tips for audit, governance, and security
Webcast: AWS account setup tips for audit, governance, and security
 

More from Bhuvaneswari Subramani

Architecting for Success: Designing Secure GCP Landing Zone for Enterprises
Architecting for Success: Designing Secure GCP Landing Zone for EnterprisesArchitecting for Success: Designing Secure GCP Landing Zone for Enterprises
Architecting for Success: Designing Secure GCP Landing Zone for EnterprisesBhuvaneswari Subramani
 
How AWS Community in India reflects Unity in Diversity
How AWS Community in India reflects Unity in DiversityHow AWS Community in India reflects Unity in Diversity
How AWS Community in India reflects Unity in DiversityBhuvaneswari Subramani
 
End-to-End CI/CD at scale with Infrastructure-as-Code on AWS
End-to-End CI/CD at scale with Infrastructure-as-Code on AWSEnd-to-End CI/CD at scale with Infrastructure-as-Code on AWS
End-to-End CI/CD at scale with Infrastructure-as-Code on AWSBhuvaneswari Subramani
 
COM 203 Enable continuous delivery and resiliency for a static website
COM 203 Enable continuous delivery and resiliency for a static websiteCOM 203 Enable continuous delivery and resiliency for a static website
COM 203 Enable continuous delivery and resiliency for a static websiteBhuvaneswari Subramani
 
A Pathway to Continuous Integration/Continuous Delivery on AWS
A Pathway to Continuous Integration/Continuous Delivery on AWSA Pathway to Continuous Integration/Continuous Delivery on AWS
A Pathway to Continuous Integration/Continuous Delivery on AWSBhuvaneswari Subramani
 
Transformational DevOps with AWS Native Tools
Transformational DevOps with AWS Native ToolsTransformational DevOps with AWS Native Tools
Transformational DevOps with AWS Native ToolsBhuvaneswari Subramani
 
Application & Account Monitoring in AWS
Application & Account Monitoring in AWSApplication & Account Monitoring in AWS
Application & Account Monitoring in AWSBhuvaneswari Subramani
 
CI CD using AWS Developer Tools Online Workshop
CI CD using AWS Developer Tools Online WorkshopCI CD using AWS Developer Tools Online Workshop
CI CD using AWS Developer Tools Online WorkshopBhuvaneswari Subramani
 
IndiaCloudSummit - Transforming to feature-driven development
IndiaCloudSummit - Transforming to feature-driven developmentIndiaCloudSummit - Transforming to feature-driven development
IndiaCloudSummit - Transforming to feature-driven developmentBhuvaneswari Subramani
 
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018Bhuvaneswari Subramani
 
AWS reinvent 2019 - Transforming to feature-driven development
AWS reinvent 2019 - Transforming to feature-driven developmentAWS reinvent 2019 - Transforming to feature-driven development
AWS reinvent 2019 - Transforming to feature-driven developmentBhuvaneswari Subramani
 

More from Bhuvaneswari Subramani (20)

Architecting for Success: Designing Secure GCP Landing Zone for Enterprises
Architecting for Success: Designing Secure GCP Landing Zone for EnterprisesArchitecting for Success: Designing Secure GCP Landing Zone for Enterprises
Architecting for Success: Designing Secure GCP Landing Zone for Enterprises
 
How AWS Community in India reflects Unity in Diversity
How AWS Community in India reflects Unity in DiversityHow AWS Community in India reflects Unity in Diversity
How AWS Community in India reflects Unity in Diversity
 
An Insight Into Cloud Migration Story
An Insight Into Cloud Migration StoryAn Insight Into Cloud Migration Story
An Insight Into Cloud Migration Story
 
End-to-End CI/CD at scale with Infrastructure-as-Code on AWS
End-to-End CI/CD at scale with Infrastructure-as-Code on AWSEnd-to-End CI/CD at scale with Infrastructure-as-Code on AWS
End-to-End CI/CD at scale with Infrastructure-as-Code on AWS
 
COM 203 Enable continuous delivery and resiliency for a static website
COM 203 Enable continuous delivery and resiliency for a static websiteCOM 203 Enable continuous delivery and resiliency for a static website
COM 203 Enable continuous delivery and resiliency for a static website
 
LoadRunner walkthrough
LoadRunner walkthroughLoadRunner walkthrough
LoadRunner walkthrough
 
Jmeter Walkthrough
Jmeter WalkthroughJmeter Walkthrough
Jmeter Walkthrough
 
Fundamentals Performance Testing
Fundamentals Performance TestingFundamentals Performance Testing
Fundamentals Performance Testing
 
Fundamentals of Cloud Computing & AWS
Fundamentals of Cloud Computing & AWSFundamentals of Cloud Computing & AWS
Fundamentals of Cloud Computing & AWS
 
IaC on AWS Cloud
IaC on AWS CloudIaC on AWS Cloud
IaC on AWS Cloud
 
Infrastructure as Code on AWS
Infrastructure as Code on AWSInfrastructure as Code on AWS
Infrastructure as Code on AWS
 
A Pathway to Continuous Integration/Continuous Delivery on AWS
A Pathway to Continuous Integration/Continuous Delivery on AWSA Pathway to Continuous Integration/Continuous Delivery on AWS
A Pathway to Continuous Integration/Continuous Delivery on AWS
 
Transformational DevOps with AWS Native Tools
Transformational DevOps with AWS Native ToolsTransformational DevOps with AWS Native Tools
Transformational DevOps with AWS Native Tools
 
Demystifying DevOps
Demystifying DevOpsDemystifying DevOps
Demystifying DevOps
 
Application & Account Monitoring in AWS
Application & Account Monitoring in AWSApplication & Account Monitoring in AWS
Application & Account Monitoring in AWS
 
Industry Awareness to KSRCT
Industry Awareness to KSRCT Industry Awareness to KSRCT
Industry Awareness to KSRCT
 
CI CD using AWS Developer Tools Online Workshop
CI CD using AWS Developer Tools Online WorkshopCI CD using AWS Developer Tools Online Workshop
CI CD using AWS Developer Tools Online Workshop
 
IndiaCloudSummit - Transforming to feature-driven development
IndiaCloudSummit - Transforming to feature-driven developmentIndiaCloudSummit - Transforming to feature-driven development
IndiaCloudSummit - Transforming to feature-driven development
 
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
 
AWS reinvent 2019 - Transforming to feature-driven development
AWS reinvent 2019 - Transforming to feature-driven developmentAWS reinvent 2019 - Transforming to feature-driven development
AWS reinvent 2019 - Transforming to feature-driven development
 

Recently uploaded

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

AWS Organizations & Service Control Policy