#17 AWS Account Structure - a podcast by Andreas Wittig and Michael Wittig focusing on AWS

Using multiple AWS accounts to isolate workloads has been a best practice, not only since AWS introduced consolidated billing in 2010. AWS made a huge step by introducing AWS Organizations in 2017 and has added more and more features on top of the formerly boundary of an AWS account. In my opinion, we have passed the sweet spot between centralism and isolated accounts. The possibilities powered by AWS Organizations ruin the concept of isolated accounts with limited blast radius.

I recommend, to manage no more than 50 AWS accounts per AWS organization. Use multiple AWS organizations instead. Also, think twice before using SCP or Trusted Organization Access, both features make centralism permanent. I haven't seen a thriving, innovative, and centralized IT organization so far. Correct me if I'm wrong.

Further episodes of cloudonaut

Further podcasts by Andreas Wittig and Michael Wittig focusing on AWS

Website of Andreas Wittig and Michael Wittig focusing on AWS