Managing Multiple AWS Accounts - Organizations, Trusted Advisor and more - AWS Certification Cheat Sheet


Let’s get a quick overview of Managing Multiple AWS Accounts - Organizations, Trusted Advisor and more.

You will learn

  • How can you manage multiple AWS accounts together?
  • How can you use AWS Organizations, Trusted Advisor and more?

AWS Certification Study Material and Notes - 25 PDF Cheat Sheets

Each cheat sheet contains:

  • FAQs and Tutorials with 5-20 slides
  • Study Material and Notes to quickly review and prepare for certification exam
  • Certification Exam Tips
  • Certification and Interview Scenario Questions
Download

AWS Organizations

  • Organizations typically have multiple AWS accounts
    • Different business units
    • Different environments
  • How do you centralize your management (billing, access control, compliance and security) across multiple AWS accounts?
  • Welcome AWS Organizations!
  • Organize accounts into Organizational Units (OU)
  • Provides API to automate creation of new accounts

AWS Organizations - Features

  • One consolidated bill for all AWS accounts
  • Centralized compliance management for AWS Config Rules
  • Send AWS CloudTrail data to one S3 bucket (across accounts)
  • AWS Firewall Manager to manage firewall rules (across accounts)
    • AWS WAF, AWS Shield Advanced protections and Security Groups
  • Use Service control policies (SCPs) to define restrictions for actions (across accounts):
    • Prevent users from disabling AWS Config or changing its rules
    • Require Amazon EC2 instances to use a specific type
    • Require MFA to stop an Amazon EC2 instance
    • Require a tag upon resource creation

AWS Resource Access Manager

  • Share AWS resources with any AWS account or within your AWS Organization
    • AWS Transit Gateways
    • Subnets
    • AWS License Manager configurations
    • Amazon Route 53 Resolver rules
  • Reduce Operational Overhead
  • Optimize Costs

AWS Trusted Advisor

  • Recommendations for cost optimization, performance, security and fault tolerance
    • Red - Action recommended Yellow - investigate and Green - Good to go
  • All AWS customers get 4 checks for free:
    • Service limits (usage > 80%)
    • Security groups having unrestricted access (0.0.0.0/0)
    • Proper use of IAM
    • MFA on Root Account
  • Business or Enterprise AWS support plan provides over 50 checks
    • Disable those you are not interested in
    • How much will you save by using Reserved Instances?
    • How does your resource utilization look like? Are you right sized?

AWS Trusted Advisor Recommendations

  • Cost Optimization
    • Highlight unused resources
    • Opportunities to reduce your costs
  • Security
    • Settings that can make your AWS solution more secure
  • Fault Tolerance
    • Increase resiliency of your AWS solution
    • Redundancy improvements, over-utilized resources
  • Performance
    • Improve speed and responsiveness of your AWS solutions
  • Service Limits
    • Identify if your service usage is more than 80% of service limits

AWS Service Quotas

  • AWS account has Region-specific default quotas or limits for each service
    • You don’t need to remember all of them :)
  • Service Quotas allows you to manage your quotas for over 100 AWS services, from one location

AWS Directory Service

  • Provide AWS access to on-premise users without IAM users
  • Managed service deployed across multiple AZs
  • Option 1 : AWS Directory Service for Microsoft AD
    • More than 5000 Users
    • Trust relationship needed between AWS and on-premise directory
  • Option 2 : Simple AD
    • Less than 5000 users
    • Powered by Samba4 and compatible with Microsoft AD
    • Does not support trust relationships with other AD domains
  • Option 3 : AD Connector
    • Use your existing on-premise directory with AWS cloud services
    • Your users use existing credentials to access AWS resources

AWS Workspaces

  • Desktop-as-a-Service (DaaS)
  • Provision Windows or Linux desktops in minutes
  • Eliminate traditional desktop management - Virtual Desktop Infrastructure (VDI)

Search


Certification - Recommended Reading

Elastic Load Balancer (ELB) vs Network Load Balancer (NLB) - A Difference

Elastic Beanstalk vs Cloudformation vs Opswork vs Codedeploy - A Difference

EBS HDD Storages - A Difference

AWS Shield vs AWS WAF vs AWS Macie - Protect Resources and Data Cheat Sheet

Amazon CloudWatch - Logs, Events, Alarms and Dashboards Cheat Sheet

AWS CloudTrail vs Config vs CloudWatch Cheat Sheet

EBS SSD Storages - A Difference

NAT Gateway vs Instance - A Comparison

AWS Security Groups and Network Access Control List - A Comparison Cheat Sheet

AWS VPN vs AWS Direct Connect vs Software VPN vs CloudHub Cheat Sheet

Free Videos - Get Started with AWS Certification

Amazing AWS Certification Courses

Get our amazing courses pursued by thousands of learners

Image

Image

Image


Search