Identity and Access Management on AWS: Designing and Implementing an AWS Organization

by Brian Eiler

This course will explain the proper use of multiple accounts in AWS and how to manage multiple accounts using the Organizations feature and Service Control Policies in AWS.

What you'll learn

For small organizations, a single AWS account may be all that is required, but for many organizations, multiple accounts are a fact of life, whether for security, business/finance reasons, or due to mergers and acquisitions. Managing multiple accounts is a big challenge, but one for which AWS has provided tools. In this course, Identity and Access Management on AWS: Designing and Implementing an AWS Organization, you will gain the ability to manage multiple AWS accounts leveraging AWS tools and best practices. First, you will learn why multiple accounts may be needed, what the AWS Organizations feature is and how it can help in the management of those accounts, and the role of Organizational Units (OUs) in an Organization. Next, you will discover how to leverage Service Control Policies (SCPs) to gain finer-grained control over what IAM accounts can do within an AWS account. Finally, you will explore how to monitor an Organization, leverage Security Hub, and see how the Landing Zone concept can be used to deploy accounts according to best practices. When you’re finished with this course, you will have the skills and knowledge about AWS Organizations needed to effectively create, manage, and monitor multiple AWS accounts.

About the author

Brian is an energetic trainer and consultant with nearly 20 years of technical experience in datacenter management and design. As a virtualization instructor, Brian spends much of his time discussing the impact and intricacies of Software Defined Data Centers (SDDC), Software Defined Networking (SDN), and Software Defined Storage (SDS).

Ready to upskill? Get started