​

Organization Configuration

A well-structured AWS Organizations setup is essential for effective management, security, and resource optimization. This guide provides an example framework and key considerations for creating an organizational structure tailored to your specific requirements.

​

Recommended Structure

​

1. Root

The top-level entity in AWS Organizations, containing all OUs and AWS accounts.

​

2. Organizational Units (OUs)

Organize your AWS accounts under OUs based on environment, function, or purpose. Examples:

• Production OU: Accounts for production environments.

  • Application A Production

  • Application B Production

• Staging OU: Accounts for pre-production or staging environments.

  • Application A Staging

  • Application B Staging

• Development OU: Accounts for development environments.

  • Team A Development

  • Team B Development

• Shared Services OU: Accounts for shared resources such as logging and security.

  • Logging and Monitoring

  • Security and Compliance

​

3. AWS Accounts

Each OU contains AWS accounts specific to its purpose. For example:

• Production Application A OU: Includes accounts like Prod-AppA-WebServer and Prod-AppA-Database.

​

4. Service Control Policies (SCPs)

Apply SCPs at the OU level to enforce permissions and restrictions for all accounts within the OU. This helps ensure compliance and security.

​

Example OU Structure

Root
|-- Production
|   |-- Application-A
|   |-- Application-B
|   `-- Shared-Services
|-- Staging
|   |-- Application-A
|   |-- Application-B
|   `-- Shared-Services
|-- Development
|   |-- Team-A
|   |-- Team-B
|   `-- Shared-Services
`-- Sandbox

​

Naming Conventions

​

OU Naming Convention

Use a consistent format to describe the purpose and environment. Suggested format:

[Environment]-[Function/Department]-[Additional_Info]

Examples:

• Prod-ApplicationA

• Dev-SharedServices

• Sandbox

​

AWS Account Naming Convention

Name accounts to reflect their environment, project, and purpose. Suggested format:

[Environment]-[Project]-[Purpose]

Examples:

• Prod-AppA-WebServer

• Prod-AppB-Database

• Dev-AppA-API

• Sandbox-Experiment1

​

Key Considerations

1. Scalability: Design the structure to accommodate future growth, such as new projects or environments.

2. Security: Use SCPs and IAM policies to enforce security best practices across all OUs and accounts.

3. Consistency: Apply naming conventions uniformly to simplify management and improve clarity.

4. Documentation: Maintain a clear guide for your organization’s structure and naming conventions to ensure alignment across teams.

​

Benefits of a Structured Configuration

1. Improved resource management.

2. Simplified cost allocation and reporting.

3. Enhanced security and compliance through clear boundaries and policies.

4. Streamlined operations with organized accounts and OUs.

By following these guidelines, you can establish a robust AWS Organizations configuration that meets your operational, security, and management needs.