Getting Started with AWS Organizations

AWS Organizations

Centrally govern your environment as you grow and scale your workloads on AWS
1

Create account

Create a new account to be the management account of the organization

2

Add accounts

Create new accounts or invite existing accounts to your organization

3

Group accounts

Group accounts into organizational units (OUs) by use-case or workstream

4

Apply policies

Apply policies to accounts or OUs, such as service control policies (SCPs) which create permission boundaries

5

Enable AWS services

Enable AWS services integrated with AWS Organizations

Creating an organization is simple

  1. Select (or create) an account to manage your organization (we recommend using an account that does not run existing workloads). This will be the management (formerly known as master) account for your organization
  2. Visit the AWS Organizations page on the console 
  3. Choose “Create Organization.” Your organization is now created
  4. Verify the email address of the management account

Once you’ve created the organization and verified your email, you can create or invite other accounts into your organization, categorize the accounts into organizational units (OUs), create service control policies (SCPs), and take advantage of the Organizations features from supported AWS services.

You can also create an organization via CLI or API.

We recommend reviewing the article, Establishing your best practice AWS environment, if you would like to learn how to build your organizational unit (OU) structure.

AWS re:Invent 2019: Architect governance at enterprise scale with Goldman Sachs