Maintain Uniformity in AWS member accounts without access to their resources

How can a management account setup the architecture in AWS member accounts without having the access to the resources in member AWS accounts.

The management account want to maintain updates in the architecture in AWS member accounts from time to time but, it should not be able to make any calls in the member accounts or access any resources. Also, the member acccounts need to have an User Interface which is accessible by only them.

Can there be a way to maintain centralized repository for the architecture

Topics

Security, Identity, & Compliance Front-End Web & Mobile Management & Governance

Tags

Security, Identity, & Compliance AWS Amplify AWS CloudFormation AWS Organizations

Language

English

Keerthi

asked 7 days ago211 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

In AWS, the management account can handle administrative tasks and policies and member accounts can be delegated responsibilities. Remember access to member accounts can be managed using the OrganizationAccountAccessRole IAM role.

You can then use S3 as a centralized repository managing all the permissions as needed.

EXPERT

Giovanni Lauria

answered 7 days ago

Relevant content

Access to one of the member account in control tower from another client external AWS account
Chandra
asked a year ago
How to get the management account Identity Center Instance Tags from a member account in an AWS Organization
Aleximandro
asked 2 months ago
How do deactivate my AWS services when I have a member account listed in the organization?
rePost-User-3078453
asked a year ago
How to Effectively prevent Full Authority Access to Member Accounts in case of Management Account being compromised
HumbleLearner
asked 3 months ago
How do I navigate between member accounts in AWS Organizations?
AWS OFFICIALUpdated 10 months ago
How can I provide cross-account access to resources in the AWS Glue Data Catalog?
AWS OFFICIALUpdated 2 years ago
How do I change the email address of a member account in Organizations?
AWS OFFICIALUpdated 10 months ago
How do I remove a member account from an organization in AWS Organizations when I can't sign in to the member account?
AWS OFFICIALUpdated 2 years ago
How to use the AWS CLI to collect Cost Explorer Forecasting data per account for all accounts in an AWS Organization
EXPERT
Fernando_F
published a year ago
How to setup cross-account Redshift auto copy
EXPERT
RiteshKSinha
published 9 months ago