This is our second installment of the latest news from AWS Organizations, which allows you to centrally manage and govern your AWS environment across accounts. We have had some exciting launches over the past few months, including new service integrations and Region expansions. Here’s the latest since April 2020:
Create a backup policy that applies required backups across the entire organization
We’ve integrated with AWS Backup so you can apply a backup policy across member accounts in your organization, or different policies for accounts grouped into organizational units (OUs). This allows you to specify the required backup cadence for all resources to meet your corporate retention policies.
For more information, see How Cross-Account Management Works.
Discover and protect sensitive data across your accounts
You can designate a member account in your organization to identify sensitive data across all of your Amazon Simple Storage Service (Amazon S3) buckets within the organization. Amazon Macie uses machine learning to continuously evaluate and identify critical information, helping you to meet data security and privacy requirements.
For more information, see Managing multiple accounts in Amazon Macie.
Distribute operational tasks to member accounts within the organization with delegated administration
Delegated administration allows you to designate specific accounts within your organization to operate select AWS services, such as having a security account manage Amazon GuardDuty. Recently, we’ve added the following:
- Easily assess, maintain, and evaluate your resources against recommended configurations with AWS Config, allowing you to track compliance with your own internal guidelines. For more information, see Deploy AWS Config Conformance Packs Using a Delegated Admin Account.
- You can designate an account to view all your global operations data and investigate any anomalies in a single dashboard with Systems Manager Explorer.
- Quickly share your custom IT services and products with your entire organization. You can designate multiple accounts to share their services using AWS Service Catalog.
AWS Organizations expanded to China Regions
AWS Organizations is now available in China. You can now create your organization, create and organize accounts into OUs, and consolidate costs into a single bill.
Stay tuned for our next quarterly update, coming later this year!
About the Author
Andrew Blackham is a Product Manager for AWS Organizations. He’s worked with Amazon over 6 years and is currently evangelizing the recommended method of building and scaling an AWS multi-account infrastructure. There is a lot of information and customization out there, which is why he works towards simplifying the process and instructions about how to build and maintain a cloud environment.