Time
27 minutes
Difficulty
Intermediate
CEU/CPE
1

Video Transcription

00:00
all right. So before we dive into I am, I wanted to talk a little bit about eight of us organizations which kind of focuses on the organization of multiple AWS accounts and security and compliance for all of that. So
00:15
a dubious organizations is a newer service, Um,
00:18
and has been pretty. It's been pretty helpful. I know for me in my organization, um, as far as managing all the accounts that we have, So when you have multiple a devious accounts, you know, you're usually gonna be using them for different purposes. Maybe you have a dubious accounts that handle que environments. You have an abusive accounts that handle
00:38
internal
00:39
infrastructure for whatever business is whatever
00:43
applications were running and internally, you may have heard of this accounts for specific projects that you're working with and having an AWS organization accounts that that handles all those other accounts. All those sub accounts, if you will,
00:59
is a really great way to keep in charge or keep on top of the building.
01:03
Ah, you know, keep on top of her. Done in service is and resource is that don't need to be deployed anymore
01:10
and just really be able to audit and monitor and secure all of your environment. So here's some of the key bullet points. It does allow you to manage the finding organization. Your accounts. You can control access and permissions to your accounts kind of keeping more. You know, tighter guard rails on who has access to what and each accounts.
01:30
Like I said, you can audit, monitor and secure environment for compliance.
01:34
Ah, you can share Resource is across multiple accounts. That's also really great benefit Essentially manage costs and building within your atavus organization account. And this is what I mean here. Ah, So obviously, this is your head honchos accounts. This is your organization account and then here you might have softer development team won and suffer development team too.
01:53
Any of the other accounts
01:56
as well. These air the sub accounts
01:59
and so you can you can designate your compliance requirements for each accounts will say this one has to be hip a compliant. This one has to be PC a compliant. They don't have to cross over, but you need to be able to handle the building
02:13
and the you know both the compliance requirements still like that within your head account within eight of these organizations.
02:20
It's a really great way to distribute access to your devil up steam or developer teamwork. You're a team for that specific team environment,
02:29
but they don't necessarily have to have access to your organization's either. So you can kind of reduced who has access to what, thus keeping your internal security posture. And, you know, only leaving this open to senior management directors things like that who need access to the organizational accounts.
02:46
So it's a really helpful thing. I'm not gonna go too far in depth into it because this is, of course, primarily focused on I am.
02:53
But it is worth mentioning organizations as part of the security of your your accounts. And so you know whether you're gonna be pursuing it obvious security specialty exam or you just want to learn how to secure your obvious environments.
03:07
This is definitely a topic worth noting, and I encourage you to read more and even play with it on your own, so
03:14
hopefully this was helpful. I'll see you guys and the next lecture

Up Next

Identity Access Management in AWS

In this course, students will learn identity and access management- namely the feature details of AWS IAM- and gain an understanding of IAM relationships with other AWS services.

Instructed By

Instructor Profile Image
Nicolas Moy
Senior Cloud Security Engineer
Instructor