Organizations Flashcards
This deck aims to help retain concepts related to the AWS Organizations service.
How is the standard AWS account used for creating an organization referred to?
Management account
How is the standard AWS account that joined an organization referred to?
Member account
Which architectural components are used to achieve hierarchical structure within Organizations?
Organizational Units (OUs)
Which policy feature provides restrictions to member accounts within the Organization?
Service Control Policies (SCPs)
What are the main benefits of using Organizations?
Account management, consolidated billing, security, and compliance
Which type of account is never affected by SCPs?
Management account
To which units within the Organization can SCPs be attached?
Root container, one or more organizational units, an individual member account
Can Service control policies (SCPs) be inherited?
Yes, inheritance applies down the organization tree
Can SCPs grant permissions?
No, SCPs control what an account CAN or CANNOT grant via identity-based policies
Which AWS service offers the easiest way to set up and govern multi-account environments by orchestrating the capabilities of several AWS services such as Organizations, Service Catalog, Identity Center, Config, CloudFormation, and more?
Control Tower
Which component of the Control Tower service represents a multi-account environment?
Landing zone
Which component of the Control Tower service represents a high-level rule that provides ongoing governance for the overall AWS environment?
Controls or Guardrails
Which component of the Control Tower service represents a configurable account template that helps to standardize the provisioning of new accounts with pre-approved account configurations?
Account Factory
Which component of the Control Tower service represents continuous oversight of your landing zone to your team of central cloud administrators?
Dashboard
