Q6 - What is management account? #aws #multi-account #cloudcomputing #architecturedesign
Check my Udemy Training for more details. You can watch preview before enrolling.
https://www.udemy.com/course/security-services-in-aws/
The management account creates the AWS organization’s resources, OUs, and policies, to manage the organization’s member accounts. Access to the management account must be strictly controlled by a small set of highly-trusted individuals from the organization, following the Principles of Least Privilege based on the activities they need to perform. This account is not used for workloads and should generally not contain customer resources.
Additionally, the organization management account is where automation tooling is installed to automate consistent deployment of guardrails or other standardized infrastructure constructs across accounts in an organization. A trust relationship, which is used by the automation tooling, exists between child AWS accounts in the organization and the organization management account. This relationship is established by default when new AWS accounts are created in the organization, and it enables management account users and roles to assume this cross-account AWS Identity and Access Management (IAM) role in child accounts.
The management account is your initial AWS account when you begin onboarding with AMS. It utilizes AWS Organizations as a management account (also known as the payer account that pays the charges of all the member accounts), which gives the account the ability to create and financially manage member accounts. It contains the AWS landing zone (ALZ) framework, account configuration stack sets, AWS Organization service control policies (SCPs), etc.
Видео Q6 - What is management account? #aws #multi-account #cloudcomputing #architecturedesign канала Analogies Cloud
https://www.udemy.com/course/security-services-in-aws/
The management account creates the AWS organization’s resources, OUs, and policies, to manage the organization’s member accounts. Access to the management account must be strictly controlled by a small set of highly-trusted individuals from the organization, following the Principles of Least Privilege based on the activities they need to perform. This account is not used for workloads and should generally not contain customer resources.
Additionally, the organization management account is where automation tooling is installed to automate consistent deployment of guardrails or other standardized infrastructure constructs across accounts in an organization. A trust relationship, which is used by the automation tooling, exists between child AWS accounts in the organization and the organization management account. This relationship is established by default when new AWS accounts are created in the organization, and it enables management account users and roles to assume this cross-account AWS Identity and Access Management (IAM) role in child accounts.
The management account is your initial AWS account when you begin onboarding with AMS. It utilizes AWS Organizations as a management account (also known as the payer account that pays the charges of all the member accounts), which gives the account the ability to create and financially manage member accounts. It contains the AWS landing zone (ALZ) framework, account configuration stack sets, AWS Organization service control policies (SCPs), etc.
Видео Q6 - What is management account? #aws #multi-account #cloudcomputing #architecturedesign канала Analogies Cloud
Комментарии отсутствуют
Информация о видео
25 апреля 2024 г. 14:00:25
00:00:59
Другие видео канала
