12 - Organizations member accounts Flashcards

1
Q

Organizations member accounts

A
  • AWS Organizations member accounts belong to the organization and reside in the overall organization’s structure.
  • All billing for member accounts is consolidated to the management account of the organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Member Accounts

A
  • Most of your workloads will reside in member accounts, except for some centrally managed processes that must reside in either the management account or in accounts assigned as designated administrators for specific AWS services.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Organizational Unit

A
  • An organizational unit (OU) provides a means to group accounts within a root.
  • An OU can also contain other OUs.
  • When you attach a policy to one of the nodes in the hierarchy, it flows down and affects all the branches (OUs) and leaves (accounts) beneath it.
  • An OU can have exactly one parent, and each account can be a member of exactly one OU.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

OUs are Not

A
  • OUs are not meant to mirror your own organization’s reporting structure.
  • Instead, OUs are intended to group accounts that have common overarching security policies and operational needs.
  • The primary question to ask yourself is: How likely will the group need a set of similar policies?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SCPs

A
  • AWS Organizations service control policies (SCPs) are a type of organization policy that you can use to manage permissions in your organization.
  • SCPs offer central control over the maximum available permissions for all accounts in your organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly