AWS Multi-account architecture

PreviousSign up for Auto Pay Nextvia 'Join Account(s)'

Last updated 8 months ago

AWS Multi-account architecture

If your company has a multi-account architecture, we recommend calculating the savings estimate on Pump first using your management account. This will provide us with a fairly accurate estimate of your potential savings.

Your management account is your 'root account' that you created your AWS account with, you can also verify this by visiting this link and seeing which account is designated as 'management account'

Once you've checked your savings with your management account following the steps listed in Getting started, assess if you'd need to be breaking your organization or importing it whole.

If you have only one account within your AWS organization (like the example shown above) or have only one active account amongst other unused accounts and don't have SSO setup - we recommend you disassociating your accounts from the organization & join the standalone account via the steps linked here

Otherwise removing an AWS Org can impact the following ways and we recommend you evaluate each of the impact items for yourself -

Impact

Description

Access control

Breaking an organization can affect access control and permissions, which may require additional configuration and management.

Cross-account functions management

Managing cross-account functions like logging, security, and monitoring can become more complex when you break an organization.

Please proceed here with caution, and check in with us at support@pump.co or starting an intercom chat.

Account management

Managing multiple accounts separately can be more difficult than managing them within an organization.

Organizational structure

Pump can recreate the OUs for you in our organization

Bottom line - If you do not have SSO setup for your AWS organization or have communication setup between accounts, we recommend that you break up your organization following these steps.

However, if you do have it setup or cannot break an organization due to a complex setup, we recommend you to follow the steps here.

PreviousSign up for Auto Pay Nextvia 'Join Account(s)'

Last updated 8 months ago

Your management account is your 'root account' that you created your AWS account with, you can also verify this by visiting this link and seeing which account is designated as 'management account'

Once you've checked your savings with your management account following the steps listed in Getting started, assess if you'd need to be breaking your organization or importing it whole.

Otherwise removing an AWS Org can impact the following ways and we recommend you evaluate each of the impact items for yourself -

Impact

Description

Access control

Breaking an organization can affect access control and permissions, which may require additional configuration and management.

If you have SSO setup through (see if it is enabled on your end) we recommend you DO NOT disassociate your AWS accounts from your organization.

Cross-account functions management

Managing cross-account functions like logging, security, and monitoring can become more complex when you break an organization.

Please proceed here with caution, and check in with us at support@pump.co or starting an intercom chat.

Account management

Managing multiple accounts separately can be more difficult than managing them within an organization.

Pump sets up a for you to overcome this.

Organizational structure

You may lose the that you have set up within the organization, which can impact the way you manage and organize your accounts.

Pump can recreate the OUs for you in our organization

Bottom line - If you do not have SSO setup for your AWS organization or have communication setup between accounts, we recommend that you break up your organization following these steps.

However, if you do have it setup or cannot break an organization due to a complex setup, we recommend you to follow the steps here.