AWS Multi-Account Management

Managing an AWS multi-account environment poses significant challenges for companies, including security risks, high manual effort and a lack of transparency regarding account structures. This becomes particularly problematic when the environment consists of individually configured and manually created accounts, as there is no central control or governance.

Together with our customer from the manufacturing sector, adesso has developed a central account governance solution based on AWS that combines security, automation and transparency. The solution includes automated provisioning, management and monitoring of policy-compliant accounts.

The technologies used include GitLab CI/CD, Amazon SQS, AWS Lambda, AWS Service Catalog, AWS Control Tower, AWS Step Functions, AWS CodePipeline, AWS CodeBuild, and other API connections to external systems.

The solution, implemented as infrastructure as code, enables customers to create and manage new accounts in the cloud environment in an automated, secure, controlled and reliable manner, while saving time and resources.

1. Increased efficiency:

Automated provision of compliant accounts reduces operational effort to less than an hour. This leaves more time for core activities.

2. Transparency and control:

Centralised monitoring and cost management enable straightforward account monitoring and ensure transparent internal cost allocation.

3. Security:

The automated integration and updating of security policies and account configurations ensure standardised and secure accounts in the cloud environment.