SYSTEM Cited by 2 sources
AWS Organizations¶
What it is¶
AWS Organizations is the AWS service that manages multiple AWS accounts as a tree of organizational units (OUs), with policy inheritance (Service Control Policies / SCPs), consolidated billing, and centralized account lifecycle operations.
Per-partition Organizations topology¶
AWS Organizations is itself partition-scoped, which makes cross- partition architectures load-bearing on how you set up Organizations topology across partitions:
| Partition pair | Shape |
|---|---|
| Standard ↔ standard (same partition, cross-region) | Single Organization; SCPs inherited normally |
| Standard ↔ GovCloud | Paired-optional — GovCloud accounts can be invited into a commercial Organization (via AWS GovCloud invite flow), or operated as a separate Organization |
| Standard ↔ European Sovereign Cloud | Mandatory separate Organization — cannot be paired |
| Standard ↔ GovCloud when sovereign-standalone is the goal | Separate recommended — "failing over to an AWS European Sovereign Cloud-only state is simpler if the AWS Organizations setup is separate from the start" (Source: sources/2026-01-30-aws-sovereign-failover-design-digital-sovereignty) |
"This doesn't require starting from scratch. Instead, you can manage the same organizational units (OUs) and policies for the AWS European Sovereign Cloud by reusing your existing deployment automation."
Tooling gap across sovereign partitions¶
"AWS Control Tower can't directly manage AWS GovCloud (US) or AWS European Sovereign Cloud accounts" (Source: sources/2026-01-30-aws-sovereign-failover-design-digital-sovereignty). Also: "limited availability of some AWS Organizations features in these partitions."
Governance parity across partitions requires hand-built automation that replicates OU structure + SCP hierarchy separately per sovereign Organization.
Billing¶
"Consolidated billing can be managed through Organizations" — applies within a partition. Cross-partition consolidated billing is not a feature; each Organization has its own bill.
Stub page¶
Seen in¶
- sources/2026-01-30-aws-sovereign-failover-design-digital-sovereignty — canonical reference for the per-partition Organizations topology, the GovCloud-vs-Sovereign-Cloud pairing asymmetry, and the Control Tower management gap.
- sources/2026-02-25-aws-6000-accounts-three-people-one-platform — the SaaS-tenant-level application of AWS Organizations: ProGlove uses Organizations + SCPs + StackSets as the fabric for ~6,000 tenant accounts under a 3-person platform team. Explicit call-out that "although multi-account strategies are common at the enterprise level, adopting them at the SaaS tenant level is less common. Patterns, tooling, and reference architectures are still evolving, which means building custom solutions becomes necessary." Organizations is the load-bearing primitive for OU-scoped policy inheritance, consolidated billing (per-tenant cost attribution via Cost Explorer), and tag policies used to enforce telemetry-tagging discipline (patterns/central-telemetry-aggregation).