Skip to main content

AWS Solutions Library

Account Assessment for AWS Organizations

Investigate resource-based policy dependencies for your AWS Organizations accounts

Open guide
Go to source code

Overview

Account Assessment for AWS Organizations allows you to centrally manage and evaluate all AWS accounts within your AWS Organizations, helping you to better understand and navigate the dependencies of AWS Organizations. The process to manually evaluate AWS Organizations dependencies can be time consuming—potentially involving reviews of tens or even hundreds of AWS resources of individual accounts. Now, you can run three types of scans to find delegated administrator accounts, identity-based and resource-based policies, and AWS services that have trusted access enabled for your AWS Organizations—all from a simple UI. 

Benefits

View, examine, and troubleshoot your scan results in an intuitive web UI.
Use more than 25 AWS services enabled with trusted access to perform operations across all of the AWS accounts in your AWS Organizations.
Scan for resource-based policies, delegated admin accounts, and trusted access with the web UI.

How it works

You can automatically deploy this architecture using the implementation guide and the accompanying AWS CloudFormation template.

View implementation guide

About this deployment

  • Version: 1.1.3
  • Released: 8/2025
  • Author: AWS
  • Est. deployment time: 30 mins
  • Estimated cost: See details

Deploy with confidence

Everything you need to launch this AWS Solution in your account is right here

We'll walk you through it

Get started fast. Read the implementation guide for deployment steps, architecture details, cost information, and customization options.

Open guide

Let's make it happen

Ready to deploy? Open the CloudFormation template in the AWS Console to begin setting up the infrastructure you need. You'll be prompted to access your AWS account if you haven't yet logged in. 

Launch in the AWS Console