Exploring AWS !!
Day 74
AWS Organization Concepts
Organization:
Can be used for consolidating various or multiple accounts so that we can administer all of them as a single unit.
An Organization will have one master account and zero or more member accounts. The Organization can be organized in a hierarchical order by keeping root at the top.
Root:
Master account for all other member accounts. On applying any policy to the root, it gets applied automatically to all the member accounts. When we create an Organization, Root gets automatically created and we can have only one Root.
Organization Unit (OU):
A container for accounts within a root. An OU can contain other OUs, and that’s how we can have a tree like architecture. Attaching a policy to OU, will affect all other OUs and member accounts under it.
Account:
This refers to AWS accounts containing AWS services and resources. Policies can be attached to the account only to control the resources within it.
Master account creates the Organization and we can administer using it.
All other accounts in member accounts are part of Organization.
Invitation:
A process of asking other AWS account to join our Organization. This invitation can be sent only by Master account, and once the request is accepted, they become a member.
Handshake:
A process of sharing information with to accounts or parties. Handshakes are used to send invitations and get back acknowledgement. We can directly work with handshakes when using CLI or Organization’s APIs.