AWS Organizations help you to centrally manage, grow and scale your AWS resources. Using AWS organization allows programmatically creating new AWS accounts, allocating resources, group accounts to organize your workflows, and simplifying billing by using a single payment method for all of your accounts.
* AWS Organizations integrated with other AWS services so you can setup central configuration, security mechanism, and resource sharing across accounts in your organization
* It is available for all AWS customers without any additional charges.
AWS Organization Benefits
- Scale your workloads quickly: It helps you to quickly scale your environment by allowing you to create a new AWS account. It gives you built-in security boundaries by using multiple accounts.
- Provide a custom environment for different workloads: You can apply policies that give your teams the freedom to build with the resources they need while staying within the safe boundaries you set.
- Easily managing permission and access control: Using AWS Single Sign-On (SSO) simply manages the user-based permission for everyone in the organization.
- Efficient in resource provision across accounts: It allows reducing resource duplication by sharing critical resources within your organization using the AWS Resource Access Manager (RAM).
AWS Organization Use Cases
1. Creation of AWS accounts and categorize workloads using groups: Automate the creation of new AWS accounts, when you need to quickly launch a new work environment, auditing and touchless infrastructure deployments.
For example, Easy to create separate groups to categorize development and production accounts, use AWS CloudFormation StackSets to provision services and permissions to each group.
2. Share Common resources across accounts: It makes it easy for you to share critical central resources across your accounts.
For example, you can easily share your central AWS Directory Service Managed Microsoft Active Directory so that applications can access your central identity store.
AWS Config
AWS Config is a service that provides you to assess, audit, and evaluate the configurations of your AWS resources. It continuously monitors and records the configuration of your AWS resources and enables you to automate the evaluation of recorded configurations against desired configurations.
1. Amazon S3 Bucket:
It tracks the changes in your AWS resource configurations, and it sends updated configuration details to an Amazon S3 bucket. For each Config record, it sends a configuration history file in every six hours. The configuration history file contains details of the resources that changed in that six-hour period.
2. Amazon SNS(Amazon Simple Notification Service) Topic :
It is a communication channel that Amazon SNS uses to deliver messages to subscribing endpoints.
Benefits:
1. Continuous monitoring
2. Continuous assessment
3. Support for third-party resources
Use Cases:
1. Discovery:
It will easily discover the resources that exist in your account, record their current configuration, and capture any changes to these configurations.
2. Change management:
When your resources are created, updated, or deleted, AWS config stream these changes to the Amazon Simple Notification Service (SNS), so that you will be notified of all the configuration changes.
Terraform
Terraform is an infrastructure as code. That allows managing to build, change, and version infrastructure efficiently. It includes low-level components like computing instances, storage, and networking, as well as high-level components like DNS entries and SaaS features.
Basic Terraform commands.
1. terraform init - To initialize the terraform working directory.
2. terraform get - To download and update modules mentioned in the root module.
3. terraform plan - To create an execution plan.
It reads the current state of the already existing remote objects to make sure that the terraform state is up to date.
Compare the current state to a previous state and note the changes.
4. terraform apply - To execute the actions mentioned in the Terraform plan.
5. terraform import - To import the existing resources in to Terraform.
6. terraform state list - Used to list resources with in a terraform state.
7. terraform graph - It gives the visual execution graph of terraform resource configuration.
8. terraform workspace list - List the all existing workspces.
9. terraform workspace select - used to choose the defferent workspace to use for further operations.
10. terraform workspace show - to show the current workspace
Use cases:
1. Multi cloud deployment.
2. PaaS Application setup
3. Kubernetes
Looking for help with your server management?