AWS Organizations customers

Resource control policies (RCPs) provide us with a central mechanism to control and restrict external access to AWS resources not previously possible across our entire organization. It empowers our security team to improve our security posture by proactively controlling access to our AWS resources by attaching RCPs to the root account in AWS Organizations.

Using AWS Organizations, we’re able to accelerate development by giving teams their own environments in separate accounts, allowing them to progress simultaneously without impacting other teams or pipelines. We’re able to group accounts by business units using organizational units, and we can support three common development stages for applications. As a result, we were able to accelerate projects onboarded to the cloud by 5x, reduce the number of IAM permission tickets by 10x, and experienced 3x fewer stability issues. This is all made possible using simple APIs from AWS Organizations.

We made it easier for our finance department to track cloud costs using AWS Organizations, as it provided them with a single bill and allowed us to qualify for volume discounts and lower pricing from AWS savings plans. In addition, using AWS SSO with AWS Organizations allowed us to centralize authentication to our identity provider (IdP), which has been a massive improvement on a daily basis for our employees, so they don't have different sets of credentials for accessing multiple AWS accounts. Our infrastructure security team was also able to centralize access management, resulting in an increase in platform security and a decrease in operational costs.

Using AWS Organizations, GoDaddy is able to implement consistent security guardrails across accounts, while giving our application teams the flexibility to build at their own accelerated pace. For example, we utilize AWS Config at the organization level to monitor and collect infrastructure configuration details. We can view and maintain costs as teams develop new applications, and provision specific development environments by giving teams accounts for sandbox, test, and production stages. We’ve built custom applications that help developers confidently deploy resources to GoDaddy compliance standards, and can easily distribute them to accounts using the AWS Service Catalog integration.

We started using AWS Organizations to manage the accounts for our multi-account environment and simplify our billing. We have also greatly simplified our access management with the AWS SSO integration. AWS Organizations enables us to isolate workloads with similar risk profiles within their own account, to identify ownership of accounts via account tags, and enforce controls with service control policies that cannot be overridden by the administrators of the member accounts. We now deliver new accounts quickly and securely, freeing our developers to focus on business solutions.

GE uses AWS identity services to support their global enterprise and allow their businesses to operate securely in the cloud. AWS Organizations and service control policies (SCPs) provide top-down governance and allow for the delegation of identity-based and resource-based policy administration to each business unit. This model allows the businesses to move independently and operate at scale to solve today’s industrial challenges.