Skip to content


  • It is used to centrally manage the AWS account using the Org Units (OU).
  • When you create an organization, AWS Organizations automatically creates a root, which is the parent container for all the accounts in your organization.
  • You can get one bill per AWS account.
  • Here the star account ⭐ is the master account.
  • Enable/ Disable the services on AWS using the Service Control Policies (SCP).
  • Bucket policies are at the bucket level only.
  • ACLs go down to the object level.


Do not use the paying account to deploy the resources.

Organizational units

In AWS Organizations, you can group accounts into organizational units (OUs) to make it easier to manage accounts with similar business or security requirements. When you apply a policy to an OU, all the accounts in the OU automatically inherit the permissions specified in the policy.

Was this page helpful?