AWS Health Dashboard

• Global service
• Show how AWS outages directly impact you
• Show the impact on your resources
• Will show maintenance events from AWS
• Aggregations across multiple accounts of an AWS Organization

Health Event Notifications

• Use EventBridge (CloudWatch Events) to react to changes for AWS Health events in your AWS account

• Example: receive email notifications when EC2 instances in your AWS account are scheduled for updates

  

AWS Organizations

• Global service

• Allows to manage multiple AWS accounts

• The main account is the management account

• Other accounts are member accounts

• Member accounts can only be part of one organization

• Consolidated Billing across all accounts - single payment method

• Pricing benefits from aggregated usage (volume discount for EC2, S3…)

• Shared reserved instances and Savings Plans discounts across accounts

  

• Advantages

  • Multi Account vs One Account Multi VPC
  • Use tagging standards for billing purposes
  • Enable CloudTrail on all accounts, send logs to central S3 account
  • Send CloudWatch Logs to central logging account
  • Establish Cross Account Roles for Admin purposes

• Security: Service Control Policies (SCP)

  • IAM policies applied to OU or Accounts to restrict Users and Roles

  • They do not apply to the management account (full admin power)

  • Must have an explicit allow (does not allow anything by default – like IAM)