For small organizations, a single AWS account may be all that is required, but for many organizations, multiple accounts are a fact of life, whether for security, business/finance reasons, or due to mergers and acquisitions. Managing multiple accounts is a big challenge, but one for which AWS has provided tools. In this course, Identity and Access Management on AWS: Designing and Implementing an AWS Organization, you will gain the ability to manage multiple AWS accounts leveraging AWS tools and best practices. First, you will learn why multiple accounts may be needed, what the AWS Organizations feature is and how it can help in the management of those accounts, and the role of Organizational Units (OUs) in an Organization. Next, you will discover how to leverage Service Control Policies (SCPs) to gain finer-grained control over what IAM accounts can do within an AWS account. Finally, you will explore how to monitor an Organization, leverage Security Hub, and see how the Landing Zone concept can be used to deploy accounts according to best practices. When you’re finished with this course, you will have the skills and knowledge about AWS Organizations needed to effectively create, manage, and monitor multiple AWS accounts.
Brian is an energetic trainer and consultant with nearly 20 years of technical experience in datacenter management and design. As a virtualization instructor, Brian spends much of his time discussing the impact and intricacies of Software Defined Data Centers (SDDC), Software Defined Networking (SDN), and Software Defined Storage (SDS).
Course Overview If you've spent much time using Amazon Web Services, you probably have more than one AWS account. In this video series, I'll show you how to work with one of the newest, and arguably greatest, IAM services AWS has yet to offer, Organizations. You'll learn how to create an organization, and then begin joining your AWS accounts together to make both billing, as well as security policies a lot easier to manage. I'll show you how the organizational unit structure works, and then we'll dig into the world of security control policies, or SCPs, which help you tighten the security on your AWS accounts by limiting the actions users can perform. And finally, you'll learn some best practices around the setup and design of your AWS Organization as we introduce a tool called Landing Zone, which will help you create a structure that is both secure and flexible.