SlideShare a Scribd company logo

Mastering AWS Organizations with Infrastructure as code

Yan Cui
Yan Cui

In this webinar, we will take a deep dive into AWS Organizations, what it is, and why you should use it. We will review how to use the open-source tool org-formation to manage your entire AWS Organization using infrastructure-as-code.

1 of 19
Download to read offline
Managing your AWS Organization using org-formation Olaf Conijn, IT Architect
• Full subsidiary of ABN AMRO • Online savings since 2008 • 0.5 mio customers in NL and DE • Combined savings & payments product • Small organization (<160 fte) • Focus on UX and customer value About Moneyou
Moneyou <3 Serverless We believe Serverless greatly improves • Time to market of solutions built • Ability to maintain the software we built • Focus on delivering customer value • Ability to demonstrate we are compliant
AWS Services typically used at Moneyou • Some satisfy functional requirements API GW, Lambda, DynamoDB, Step Functions • Some satisfy nonfunctional requirements SQS, SNS, CloudWatch • Some satisfy IT Security requirements Secrets Manager, IAM and AWS Organizations Serverless, not FaaS
Serverless, not FaaS Serverless services have: • Inherently scalable • Highly available • Pay per use / no capacity planning • Host security by AWS • Compliant under PCI, SOC, ISO & others
AWS Organizations • Account management service • Provides API to create new AWS accounts • Central insight in billing & cost analysis • Hierarchically organize AWS accounts • Apply policies to accounts
Probably for the same reason you don’t run production software on development environments. Why have multiple AWS accounts?
Why have multiple AWS accounts? Benefits of a multi account setup • Limited blast radius – because mistakes can happen • Security boundary – simplifies implementing least privilege • Data governance – control access to GDPR governed data • Scalability – every account gets their own resource limits • Cost monitoring – without tagging https://dev.to/oconijn/off-to-a-great-start-with-aws-organizations-1i74 😲
Why have multiple AWS accounts? Typical Serverless application design • Resources: API GW, Lambda, SNS, Dynamo DB • Services: Unit of deployment, high cohesion (within), low coupling • Product: Value delivered to customer, multiple environments By default, all resources within an account can be accessed by other resources within that account (resource policy). 🤯
Why not use AWS Organization? Reasons not to use AWS Organizations • Didn’t know – well, not anymore • Don’t care – fair enough • Too Complex – we’ve fixed this > npm i aws-organization-formation -g
AWS Organization Formation Three main use cases 1. Infrastructure as code for AWS Organizations 2. Continuous delivery of account baseline 3. Cross account, cross region annotated CloudFormation
Infra as code for AWS Organizations
Infra as code for AWS Organizations Support for 1. Infra as code support for AWS Organizations resources 2. Creating AWS Accounts, OUs and SCPs 3. Multiple models per AWS Organization 4. Setting up Account IAM Alias, Password Policy and Enterprise Support 5. Change sets that can be reviewed and applied
Continuous delivery of account baseline
Continuous delivery of account baseline Support for 1. Defining tasks in a task file 2. Defining dependencies between tasks (DependsOn) 3. Task types: update-organization, update-stacks, include, CDK, SLS, .. 4. Extensibility (through event-bridge) 5. Task file parameters & expressions (like !Ref, !GetAtt and !Sub)
Organization annotated CloudFormation
Organization annotated CloudFormation Support for 1. Deploying CloudFormation resources to multiple accounts 2. Referencing organization resources and attributes 3. Resolving !Ref across target AWS Accounts and Regions 4. Generating resources / producing resources `for-each` account in binding
Organization annotated CloudFormation Comparison with CloudFormation StackSets 1. Both deploy stacks across multiple accounts / regions 2. Org-formation deploys stacks based on different parts of single templates 3. Org-formation supports cross account / cross region !Ref, !GetAtt 4. Support for CloudFormation, serverless.com, CDK
Thank you! • No time like the current to get started with AWS Organizations! • Try org-formation at https://github.com/OlafConijn/AwsOrganizationFormation • Reach out over email: olaf.conijn at moneyou.nl • Questions, issues, stars & PRs are welcome!

Recommended

Serverless Summit 21 - Resilient serverless architecture on AWS
Serverless Summit 21 - Resilient serverless architecture on AWSServerless Summit 21 - Resilient serverless architecture on AWS
Serverless Summit 21 - Resilient serverless architecture on AWS
Lee Gilmore
 
API310 - How to refactor a monolith to serverless in 8 steps
API310 - How to refactor a monolith to serverless in 8 stepsAPI310 - How to refactor a monolith to serverless in 8 steps
API310 - How to refactor a monolith to serverless in 8 steps
Yan Cui
 
Why your next serverless project should use AWS AppSync
Why your next serverless project should use AWS AppSyncWhy your next serverless project should use AWS AppSync
Why your next serverless project should use AWS AppSync
Yan Cui
 
Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)
Yan Cui
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observability
Yan Cui
 
Linuxtag 2012 - OpenNebula
Linuxtag 2012 - OpenNebula Linuxtag 2012 - OpenNebula
Linuxtag 2012 - OpenNebula
OpenNebula Project
 
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Philipp Müns
 
Debugging AWS Lambda Performance Issues
Debugging AWS Lambda Performance IssuesDebugging AWS Lambda Performance Issues
Debugging AWS Lambda Performance Issues
Yan Cui
 

Recommended

Serverless Summit 21 - Resilient serverless architecture on AWS
Serverless Summit 21 - Resilient serverless architecture on AWSServerless Summit 21 - Resilient serverless architecture on AWS
Serverless Summit 21 - Resilient serverless architecture on AWS
Lee Gilmore
 
API310 - How to refactor a monolith to serverless in 8 steps
API310 - How to refactor a monolith to serverless in 8 stepsAPI310 - How to refactor a monolith to serverless in 8 steps
API310 - How to refactor a monolith to serverless in 8 steps
Yan Cui
 
Why your next serverless project should use AWS AppSync
Why your next serverless project should use AWS AppSyncWhy your next serverless project should use AWS AppSync
Why your next serverless project should use AWS AppSync
Yan Cui
 
Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)
Yan Cui
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observability
Yan Cui
 
Linuxtag 2012 - OpenNebula
Linuxtag 2012 - OpenNebula Linuxtag 2012 - OpenNebula
Linuxtag 2012 - OpenNebula
OpenNebula Project
 
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Philipp Müns
 
Debugging AWS Lambda Performance Issues
Debugging AWS Lambda Performance IssuesDebugging AWS Lambda Performance Issues
Debugging AWS Lambda Performance Issues
Yan Cui
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud
Amazon Web Services
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless Architectures
Amazon Web Services
 
AWS Multiple Account Management
AWS Multiple Account ManagementAWS Multiple Account Management
AWS Multiple Account Management
Yihui Xu
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observability
Yan Cui
 
Crunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR Hadoop
Crunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR HadoopCrunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR Hadoop
Crunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR Hadoop
Adrian Cockcroft
 
DevOps, Microservices and Serverless Architecture
DevOps, Microservices and Serverless ArchitectureDevOps, Microservices and Serverless Architecture
DevOps, Microservices and Serverless Architecture
Mikhail Prudnikov
 
Serverless - When to FaaS?
Serverless - When to FaaS?Serverless - When to FaaS?
Serverless - When to FaaS?
Benny Bauer
 
Serverless Architecture
Serverless ArchitectureServerless Architecture
Serverless Architecture
Elana Krasner
 
AWS Lambda and the Serverless Cloud
AWS Lambda and the Serverless CloudAWS Lambda and the Serverless Cloud
AWS Lambda and the Serverless Cloud
Amazon Web Services
 
DevOps for the Enterprise: Continuous Integration
DevOps for the Enterprise: Continuous IntegrationDevOps for the Enterprise: Continuous Integration
DevOps for the Enterprise: Continuous Integration
Amazon Web Services
 
Building a social network in under 4 weeks with Serverless and GraphQL
Building a social network in under 4 weeks with Serverless and GraphQLBuilding a social network in under 4 weeks with Serverless and GraphQL
Building a social network in under 4 weeks with Serverless and GraphQL
Yan Cui
 
Stop calling everything serverless!
Stop calling everything serverless!Stop calling everything serverless!
Stop calling everything serverless!
Jeremy Daly
 
(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector
Amazon Web Services
 
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
Amazon Web Services
 
Microservice Architecture on AWS using AWS Lambda and Docker Containers
Microservice Architecture on AWS using AWS Lambda and Docker ContainersMicroservice Architecture on AWS using AWS Lambda and Docker Containers
Microservice Architecture on AWS using AWS Lambda and Docker Containers
Danilo Poccia
 
AWS security - NULL meet chennai
AWS security - NULL meet chennaiAWS security - NULL meet chennai
AWS security - NULL meet chennai
vinoth kumar
 
使用 Serverless 技術打造支援 Alexa 的物聯網服務
使用 Serverless 技術打造支援 Alexa 的物聯網服務使用 Serverless 技術打造支援 Alexa 的物聯網服務
使用 Serverless 技術打造支援 Alexa 的物聯網服務
Amazon Web Services
 
AWS Lambda and Serverless Cloud
AWS Lambda and Serverless CloudAWS Lambda and Serverless Cloud
AWS Lambda and Serverless Cloud
Amazon Web Services
 
(DVO311) Containers, Red Hat & AWS For Extreme IT Agility
(DVO311) Containers, Red Hat & AWS For Extreme IT Agility(DVO311) Containers, Red Hat & AWS For Extreme IT Agility
(DVO311) Containers, Red Hat & AWS For Extreme IT Agility
Amazon Web Services
 
Kapil Thangavelu - Cloud Custodian
Kapil Thangavelu - Cloud CustodianKapil Thangavelu - Cloud Custodian
Kapil Thangavelu - Cloud Custodian
ServerlessConf
 
Managing your AWS Organization using org-formation
Managing your AWS Organization using org-formationManaging your AWS Organization using org-formation
Managing your AWS Organization using org-formation
Olaf Conijn
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud Computing
Amazon Web Services
 

More Related Content

What's hot

(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud
Amazon Web Services
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless Architectures
Amazon Web Services
 
AWS Multiple Account Management
AWS Multiple Account ManagementAWS Multiple Account Management
AWS Multiple Account Management
Yihui Xu
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observability
Yan Cui
 
Crunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR Hadoop
Crunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR HadoopCrunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR Hadoop
Crunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR Hadoop
Adrian Cockcroft
 
DevOps, Microservices and Serverless Architecture
DevOps, Microservices and Serverless ArchitectureDevOps, Microservices and Serverless Architecture
DevOps, Microservices and Serverless Architecture
Mikhail Prudnikov
 
Serverless - When to FaaS?
Serverless - When to FaaS?Serverless - When to FaaS?
Serverless - When to FaaS?
Benny Bauer
 
Serverless Architecture
Serverless ArchitectureServerless Architecture
Serverless Architecture
Elana Krasner
 
AWS Lambda and the Serverless Cloud
AWS Lambda and the Serverless CloudAWS Lambda and the Serverless Cloud
AWS Lambda and the Serverless Cloud
Amazon Web Services
 
DevOps for the Enterprise: Continuous Integration
DevOps for the Enterprise: Continuous IntegrationDevOps for the Enterprise: Continuous Integration
DevOps for the Enterprise: Continuous Integration
Amazon Web Services
 
Building a social network in under 4 weeks with Serverless and GraphQL
Building a social network in under 4 weeks with Serverless and GraphQLBuilding a social network in under 4 weeks with Serverless and GraphQL
Building a social network in under 4 weeks with Serverless and GraphQL
Yan Cui
 
Stop calling everything serverless!
Stop calling everything serverless!Stop calling everything serverless!
Stop calling everything serverless!
Jeremy Daly
 
(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector
Amazon Web Services
 
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
Amazon Web Services
 
Microservice Architecture on AWS using AWS Lambda and Docker Containers
Microservice Architecture on AWS using AWS Lambda and Docker ContainersMicroservice Architecture on AWS using AWS Lambda and Docker Containers
Microservice Architecture on AWS using AWS Lambda and Docker Containers
Danilo Poccia
 
AWS security - NULL meet chennai
AWS security - NULL meet chennaiAWS security - NULL meet chennai
AWS security - NULL meet chennai
vinoth kumar
 
使用 Serverless 技術打造支援 Alexa 的物聯網服務
使用 Serverless 技術打造支援 Alexa 的物聯網服務使用 Serverless 技術打造支援 Alexa 的物聯網服務
使用 Serverless 技術打造支援 Alexa 的物聯網服務
Amazon Web Services
 
AWS Lambda and Serverless Cloud
AWS Lambda and Serverless CloudAWS Lambda and Serverless Cloud
AWS Lambda and Serverless Cloud
Amazon Web Services
 
(DVO311) Containers, Red Hat & AWS For Extreme IT Agility
(DVO311) Containers, Red Hat & AWS For Extreme IT Agility(DVO311) Containers, Red Hat & AWS For Extreme IT Agility
(DVO311) Containers, Red Hat & AWS For Extreme IT Agility
Amazon Web Services
 
Kapil Thangavelu - Cloud Custodian
Kapil Thangavelu - Cloud CustodianKapil Thangavelu - Cloud Custodian
Kapil Thangavelu - Cloud Custodian
ServerlessConf
 

What's hot (20)

(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless Architectures
 
AWS Multiple Account Management
AWS Multiple Account ManagementAWS Multiple Account Management
AWS Multiple Account Management
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observability
 
Crunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR Hadoop
Crunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR HadoopCrunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR Hadoop
Crunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR Hadoop
 
DevOps, Microservices and Serverless Architecture
DevOps, Microservices and Serverless ArchitectureDevOps, Microservices and Serverless Architecture
DevOps, Microservices and Serverless Architecture
 
Serverless - When to FaaS?
Serverless - When to FaaS?Serverless - When to FaaS?
Serverless - When to FaaS?
 
Serverless Architecture
Serverless ArchitectureServerless Architecture
Serverless Architecture
 
AWS Lambda and the Serverless Cloud
AWS Lambda and the Serverless CloudAWS Lambda and the Serverless Cloud
AWS Lambda and the Serverless Cloud
 
DevOps for the Enterprise: Continuous Integration
DevOps for the Enterprise: Continuous IntegrationDevOps for the Enterprise: Continuous Integration
DevOps for the Enterprise: Continuous Integration
 
Building a social network in under 4 weeks with Serverless and GraphQL
Building a social network in under 4 weeks with Serverless and GraphQLBuilding a social network in under 4 weeks with Serverless and GraphQL
Building a social network in under 4 weeks with Serverless and GraphQL
 
Stop calling everything serverless!
Stop calling everything serverless!Stop calling everything serverless!
Stop calling everything serverless!
 
(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector
 
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
 
Microservice Architecture on AWS using AWS Lambda and Docker Containers
Microservice Architecture on AWS using AWS Lambda and Docker ContainersMicroservice Architecture on AWS using AWS Lambda and Docker Containers
Microservice Architecture on AWS using AWS Lambda and Docker Containers
 
AWS security - NULL meet chennai
AWS security - NULL meet chennaiAWS security - NULL meet chennai
AWS security - NULL meet chennai
 
使用 Serverless 技術打造支援 Alexa 的物聯網服務
使用 Serverless 技術打造支援 Alexa 的物聯網服務使用 Serverless 技術打造支援 Alexa 的物聯網服務
使用 Serverless 技術打造支援 Alexa 的物聯網服務
 
AWS Lambda and Serverless Cloud
AWS Lambda and Serverless CloudAWS Lambda and Serverless Cloud
AWS Lambda and Serverless Cloud
 
(DVO311) Containers, Red Hat & AWS For Extreme IT Agility
(DVO311) Containers, Red Hat & AWS For Extreme IT Agility(DVO311) Containers, Red Hat & AWS For Extreme IT Agility
(DVO311) Containers, Red Hat & AWS For Extreme IT Agility
 
Kapil Thangavelu - Cloud Custodian
Kapil Thangavelu - Cloud CustodianKapil Thangavelu - Cloud Custodian
Kapil Thangavelu - Cloud Custodian
 

Similar to Mastering AWS Organizations with Infrastructure as code

Managing your AWS Organization using org-formation
Managing your AWS Organization using org-formationManaging your AWS Organization using org-formation
Managing your AWS Organization using org-formation
Olaf Conijn
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud Computing
Amazon Web Services
 
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneSimplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Amazon Web Services
 
ENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management Tools ENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management Tools
Amazon Web Services
 
AWS Landing Zone - Architecting Security and Governance
AWS Landing Zone - Architecting Security and GovernanceAWS Landing Zone - Architecting Security and Governance
AWS Landing Zone - Architecting Security and Governance
Akesh Patil
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
AWS Chicago
 
Using AWS Management Tools to Enable Governance, Compliance, Operational, and...
Using AWS Management Tools to Enable Governance, Compliance, Operational, and...Using AWS Management Tools to Enable Governance, Compliance, Operational, and...
Using AWS Management Tools to Enable Governance, Compliance, Operational, and...
Amazon Web Services
 
(ISM315) How to Quantify TCO & Increase Business Value Gains Using AWS
(ISM315) How to Quantify TCO & Increase Business Value Gains Using AWS(ISM315) How to Quantify TCO & Increase Business Value Gains Using AWS
(ISM315) How to Quantify TCO & Increase Business Value Gains Using AWS
Amazon Web Services
 
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneSimplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Amazon Web Services
 
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
Amazon Web Services
 
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
Amazon Web Services
 
Governance at Scale
Governance at Scale Governance at Scale
Governance at Scale
Amazon Web Services
 
ENT302 Deep Dive on AWS Management Tools and New Launches
ENT302 Deep Dive on AWS Management Tools and New LaunchesENT302 Deep Dive on AWS Management Tools and New Launches
ENT302 Deep Dive on AWS Management Tools and New Launches
Amazon Web Services
 
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
Amazon Web Services
 
Accelerating your Business with Security
Accelerating your Business with SecurityAccelerating your Business with Security
Accelerating your Business with Security
Amazon Web Services
 
Intro & Security Update
Intro & Security UpdateIntro & Security Update
Intro & Security Update
Amazon Web Services
 
Launch AWS Faster using Automated Landing Zones - AWS Online Tech Talks
Launch AWS Faster using Automated Landing Zones - AWS Online Tech TalksLaunch AWS Faster using Automated Landing Zones - AWS Online Tech Talks
Launch AWS Faster using Automated Landing Zones - AWS Online Tech Talks
Amazon Web Services
 
Demystifying identity on AWS
Demystifying identity on AWSDemystifying identity on AWS
Demystifying identity on AWS
AWS User Group Bengaluru
 
Building scalable OTT workflows on AWS - Serverless Video Workflows
Building scalable OTT workflows on AWS - Serverless Video WorkflowsBuilding scalable OTT workflows on AWS - Serverless Video Workflows
Building scalable OTT workflows on AWS - Serverless Video Workflows
Amazon Web Services
 
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...
Amazon Web Services
 

Similar to Mastering AWS Organizations with Infrastructure as code (20)

Managing your AWS Organization using org-formation
Managing your AWS Organization using org-formationManaging your AWS Organization using org-formation
Managing your AWS Organization using org-formation
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud Computing
 
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneSimplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing Zone
 
ENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management Tools ENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management Tools
 
AWS Landing Zone - Architecting Security and Governance
AWS Landing Zone - Architecting Security and GovernanceAWS Landing Zone - Architecting Security and Governance
AWS Landing Zone - Architecting Security and Governance
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
 
Using AWS Management Tools to Enable Governance, Compliance, Operational, and...
Using AWS Management Tools to Enable Governance, Compliance, Operational, and...Using AWS Management Tools to Enable Governance, Compliance, Operational, and...
Using AWS Management Tools to Enable Governance, Compliance, Operational, and...
 
(ISM315) How to Quantify TCO & Increase Business Value Gains Using AWS
(ISM315) How to Quantify TCO & Increase Business Value Gains Using AWS(ISM315) How to Quantify TCO & Increase Business Value Gains Using AWS
(ISM315) How to Quantify TCO & Increase Business Value Gains Using AWS
 
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneSimplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
 
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
 
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
 
Governance at Scale
Governance at Scale Governance at Scale
Governance at Scale
 
ENT302 Deep Dive on AWS Management Tools and New Launches
ENT302 Deep Dive on AWS Management Tools and New LaunchesENT302 Deep Dive on AWS Management Tools and New Launches
ENT302 Deep Dive on AWS Management Tools and New Launches
 
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
 
Accelerating your Business with Security
Accelerating your Business with SecurityAccelerating your Business with Security
Accelerating your Business with Security
 
Intro & Security Update
Intro & Security UpdateIntro & Security Update
Intro & Security Update
 
Launch AWS Faster using Automated Landing Zones - AWS Online Tech Talks
Launch AWS Faster using Automated Landing Zones - AWS Online Tech TalksLaunch AWS Faster using Automated Landing Zones - AWS Online Tech Talks
Launch AWS Faster using Automated Landing Zones - AWS Online Tech Talks
 
Demystifying identity on AWS
Demystifying identity on AWSDemystifying identity on AWS
Demystifying identity on AWS
 
Building scalable OTT workflows on AWS - Serverless Video Workflows
Building scalable OTT workflows on AWS - Serverless Video WorkflowsBuilding scalable OTT workflows on AWS - Serverless Video Workflows
Building scalable OTT workflows on AWS - Serverless Video Workflows
 
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...
 

More from Yan Cui

How to win the game of trade-offs
How to win the game of trade-offsHow to win the game of trade-offs
How to win the game of trade-offs
Yan Cui
 
How to choose the right messaging service
How to choose the right messaging serviceHow to choose the right messaging service
How to choose the right messaging service
Yan Cui
 
How to choose the right messaging service for your workload
How to choose the right messaging service for your workloadHow to choose the right messaging service for your workload
How to choose the right messaging service for your workload
Yan Cui
 
Patterns and practices for building resilient serverless applications.pdf
Patterns and practices for building resilient serverless applications.pdfPatterns and practices for building resilient serverless applications.pdf
Patterns and practices for building resilient serverless applications.pdf
Yan Cui
 
Lambda and DynamoDB best practices
Lambda and DynamoDB best practicesLambda and DynamoDB best practices
Lambda and DynamoDB best practices
Yan Cui
 
Lessons from running AppSync in prod
Lessons from running AppSync in prodLessons from running AppSync in prod
Lessons from running AppSync in prod
Yan Cui
 
Serverless observability - a hero's perspective
Serverless observability - a hero's perspectiveServerless observability - a hero's perspective
Serverless observability - a hero's perspective
Yan Cui
 
How to ship customer value faster with step functions
How to ship customer value faster with step functionsHow to ship customer value faster with step functions
How to ship customer value faster with step functions
Yan Cui
 
How serverless changes the cost paradigm
How serverless changes the cost paradigmHow serverless changes the cost paradigm
How serverless changes the cost paradigm
Yan Cui
 
Build social network in 4 weeks
Build social network in 4 weeksBuild social network in 4 weeks
Build social network in 4 weeks
Yan Cui
 
Patterns and practices for building resilient serverless applications
Patterns and practices for building resilient serverless applicationsPatterns and practices for building resilient serverless applications
Patterns and practices for building resilient serverless applications
Yan Cui
 
How to bring chaos engineering to serverless
How to bring chaos engineering to serverlessHow to bring chaos engineering to serverless
How to bring chaos engineering to serverless
Yan Cui
 
Migrating existing monolith to serverless in 8 steps
Migrating existing monolith to serverless in 8 stepsMigrating existing monolith to serverless in 8 steps
Migrating existing monolith to serverless in 8 steps
Yan Cui
 
Building a social network in under 4 weeks with Serverless and GraphQL
Building a social network in under 4 weeks with Serverless and GraphQLBuilding a social network in under 4 weeks with Serverless and GraphQL
Building a social network in under 4 weeks with Serverless and GraphQL
Yan Cui
 
FinDev as a business advantage in the post covid19 economy
FinDev as a business advantage in the post covid19 economyFinDev as a business advantage in the post covid19 economy
FinDev as a business advantage in the post covid19 economy
Yan Cui
 
How to improve lambda cold starts
How to improve lambda cold startsHow to improve lambda cold starts
How to improve lambda cold starts
Yan Cui
 
What can you do with lambda in 2020
What can you do with lambda in 2020What can you do with lambda in 2020
What can you do with lambda in 2020
Yan Cui
 
A chaos experiment a day, keeping the outage away
A chaos experiment a day, keeping the outage awayA chaos experiment a day, keeping the outage away
A chaos experiment a day, keeping the outage away
Yan Cui
 
How to debug slow lambda response times
How to debug slow lambda response timesHow to debug slow lambda response times
How to debug slow lambda response times
Yan Cui
 
What can you do with lambda in 2020
What can you do with lambda in 2020What can you do with lambda in 2020
What can you do with lambda in 2020
Yan Cui
 

More from Yan Cui (20)

How to win the game of trade-offs
How to win the game of trade-offsHow to win the game of trade-offs
How to win the game of trade-offs
 
How to choose the right messaging service
How to choose the right messaging serviceHow to choose the right messaging service
How to choose the right messaging service
 
How to choose the right messaging service for your workload
How to choose the right messaging service for your workloadHow to choose the right messaging service for your workload
How to choose the right messaging service for your workload
 
Patterns and practices for building resilient serverless applications.pdf
Patterns and practices for building resilient serverless applications.pdfPatterns and practices for building resilient serverless applications.pdf
Patterns and practices for building resilient serverless applications.pdf
 
Lambda and DynamoDB best practices
Lambda and DynamoDB best practicesLambda and DynamoDB best practices
Lambda and DynamoDB best practices
 
Lessons from running AppSync in prod
Lessons from running AppSync in prodLessons from running AppSync in prod
Lessons from running AppSync in prod
 
Serverless observability - a hero's perspective
Serverless observability - a hero's perspectiveServerless observability - a hero's perspective
Serverless observability - a hero's perspective
 
How to ship customer value faster with step functions
How to ship customer value faster with step functionsHow to ship customer value faster with step functions
How to ship customer value faster with step functions
 
How serverless changes the cost paradigm
How serverless changes the cost paradigmHow serverless changes the cost paradigm
How serverless changes the cost paradigm
 
Build social network in 4 weeks
Build social network in 4 weeksBuild social network in 4 weeks
Build social network in 4 weeks
 
Patterns and practices for building resilient serverless applications
Patterns and practices for building resilient serverless applicationsPatterns and practices for building resilient serverless applications
Patterns and practices for building resilient serverless applications
 
How to bring chaos engineering to serverless
How to bring chaos engineering to serverlessHow to bring chaos engineering to serverless
How to bring chaos engineering to serverless
 
Migrating existing monolith to serverless in 8 steps
Migrating existing monolith to serverless in 8 stepsMigrating existing monolith to serverless in 8 steps
Migrating existing monolith to serverless in 8 steps
 
Building a social network in under 4 weeks with Serverless and GraphQL
Building a social network in under 4 weeks with Serverless and GraphQLBuilding a social network in under 4 weeks with Serverless and GraphQL
Building a social network in under 4 weeks with Serverless and GraphQL
 
FinDev as a business advantage in the post covid19 economy
FinDev as a business advantage in the post covid19 economyFinDev as a business advantage in the post covid19 economy
FinDev as a business advantage in the post covid19 economy
 
How to improve lambda cold starts
How to improve lambda cold startsHow to improve lambda cold starts
How to improve lambda cold starts
 
What can you do with lambda in 2020
What can you do with lambda in 2020What can you do with lambda in 2020
What can you do with lambda in 2020
 
A chaos experiment a day, keeping the outage away
A chaos experiment a day, keeping the outage awayA chaos experiment a day, keeping the outage away
A chaos experiment a day, keeping the outage away
 
How to debug slow lambda response times
How to debug slow lambda response timesHow to debug slow lambda response times
How to debug slow lambda response times
 
What can you do with lambda in 2020
What can you do with lambda in 2020What can you do with lambda in 2020
What can you do with lambda in 2020
 

Recently uploaded

Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 

Recently uploaded (20)

Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 

Mastering AWS Organizations with Infrastructure as code

  • 1. Managing your AWS Organization using org-formation Olaf Conijn, IT Architect
  • 2. • Full subsidiary of ABN AMRO • Online savings since 2008 • 0.5 mio customers in NL and DE • Combined savings & payments product • Small organization (<160 fte) • Focus on UX and customer value About Moneyou
  • 3. Moneyou <3 Serverless We believe Serverless greatly improves • Time to market of solutions built • Ability to maintain the software we built • Focus on delivering customer value • Ability to demonstrate we are compliant
  • 4. AWS Services typically used at Moneyou • Some satisfy functional requirements API GW, Lambda, DynamoDB, Step Functions • Some satisfy nonfunctional requirements SQS, SNS, CloudWatch • Some satisfy IT Security requirements Secrets Manager, IAM and AWS Organizations Serverless, not FaaS
  • 5. Serverless, not FaaS Serverless services have: • Inherently scalable • Highly available • Pay per use / no capacity planning • Host security by AWS • Compliant under PCI, SOC, ISO & others
  • 6. AWS Organizations • Account management service • Provides API to create new AWS accounts • Central insight in billing & cost analysis • Hierarchically organize AWS accounts • Apply policies to accounts
  • 7. Probably for the same reason you don’t run production software on development environments. Why have multiple AWS accounts?
  • 8. Why have multiple AWS accounts? Benefits of a multi account setup • Limited blast radius – because mistakes can happen • Security boundary – simplifies implementing least privilege • Data governance – control access to GDPR governed data • Scalability – every account gets their own resource limits • Cost monitoring – without tagging https://dev.to/oconijn/off-to-a-great-start-with-aws-organizations-1i74 😲
  • 9. Why have multiple AWS accounts? Typical Serverless application design • Resources: API GW, Lambda, SNS, Dynamo DB • Services: Unit of deployment, high cohesion (within), low coupling • Product: Value delivered to customer, multiple environments By default, all resources within an account can be accessed by other resources within that account (resource policy). 🤯
  • 10. Why not use AWS Organization? Reasons not to use AWS Organizations • Didn’t know – well, not anymore • Don’t care – fair enough • Too Complex – we’ve fixed this > npm i aws-organization-formation -g
  • 11. AWS Organization Formation Three main use cases 1. Infrastructure as code for AWS Organizations 2. Continuous delivery of account baseline 3. Cross account, cross region annotated CloudFormation
  • 12. Infra as code for AWS Organizations
  • 13. Infra as code for AWS Organizations Support for 1. Infra as code support for AWS Organizations resources 2. Creating AWS Accounts, OUs and SCPs 3. Multiple models per AWS Organization 4. Setting up Account IAM Alias, Password Policy and Enterprise Support 5. Change sets that can be reviewed and applied
  • 14. Continuous delivery of account baseline
  • 15. Continuous delivery of account baseline Support for 1. Defining tasks in a task file 2. Defining dependencies between tasks (DependsOn) 3. Task types: update-organization, update-stacks, include, CDK, SLS, .. 4. Extensibility (through event-bridge) 5. Task file parameters & expressions (like !Ref, !GetAtt and !Sub)
  • 17. Organization annotated CloudFormation Support for 1. Deploying CloudFormation resources to multiple accounts 2. Referencing organization resources and attributes 3. Resolving !Ref across target AWS Accounts and Regions 4. Generating resources / producing resources `for-each` account in binding
  • 18. Organization annotated CloudFormation Comparison with CloudFormation StackSets 1. Both deploy stacks across multiple accounts / regions 2. Org-formation deploys stacks based on different parts of single templates 3. Org-formation supports cross account / cross region !Ref, !GetAtt 4. Support for CloudFormation, serverless.com, CDK
  • 19. Thank you! • No time like the current to get started with AWS Organizations! • Try org-formation at https://github.com/OlafConijn/AwsOrganizationFormation • Reach out over email: olaf.conijn at moneyou.nl • Questions, issues, stars & PRs are welcome!