Amazon recently announced that it's moving AWS Organizations to general availability, giving customers a way to centrally manage policies across multiple accounts. It's available now in all Amazon Web Services regions except China and AWS GovCloud.
The service was developed to help customers who are increasingly managing multiple AWS accounts for various reasons, Jeff Barr, chief evangelist for AWS, explained in a blog post. In some organizations, individual teams and divisions move to AWS incrementally, while other companies take on new accounts through mergers and acquisitions. Others create multiple accounts to meet compliance guidelines.
With AWS organizations, administrators responsible for an organization's Master account can define policies for specific accounts or "organizational units" (OU) that house multiple accounts.
"For example, you could give your advanced R&D team access to a wide range of AWS services, and then be a bit more cautious with your mainstream development and test accounts," Barr explained. "Or, on the production side, you could allow access only to AWS services that are eligible for HIPAA compliance."
While it can be used to manage multiple accounts, certain AWS resources -- such as EC2 instances or S3 buckets -- can't be moved from one account to another. It does, however, give the administrator access to cross-account features like VPC peering and EBS snapshot sharing.
"We have big plans for Organizations, and are currently thinking about adding support for multiple payers, control over allocation of Reserved Instance discounts, multiple hierarchies, and other control policies," Barr wrote.
VIDEO: Amazon Alexa jumps from speakers to smartphones