What you'll learn

For small organizations, a single AWS account may be all that is required, but for many organizations, multiple accounts are a fact of life, whether for security, business/finance reasons, or due to mergers and acquisitions. Managing multiple accounts is a big challenge, but one for which AWS has provided tools. In this course, Identity and Access Management on AWS: Designing and Implementing an AWS Organization, you will gain the ability to manage multiple AWS accounts leveraging AWS tools and best practices. First, you will learn why multiple accounts may be needed, what the AWS Organizations feature is and how it can help in the management of those accounts, and the role of Organizational Units (OUs) in an Organization. Next, you will discover how to leverage Service Control Policies (SCPs) to gain finer-grained control over what IAM accounts can do within an AWS account. Finally, you will explore how to monitor an Organization, leverage Security Hub, and see how the Landing Zone concept can be used to deploy accounts according to best practices. When you’re finished with this course, you will have the skills and knowledge about AWS Organizations needed to effectively create, manage, and monitor multiple AWS accounts.