Manage and define your organization and accounts

We recommend a multi-account environment as a security and compliance best practice. By isolating your workloads or applications into individual accounts, you can control access to specific workloads using accounts and manage all of your accounts using AWS Organizations.

To accomplish this, you can create new AWS accounts programmatically using AWS Organizations and group them into organizational units (OUs) for management. 

Centrally manage costs and billing

You can use AWS Organizations to consolidate usage across all accounts in your organization into a single bill. Additionally, you can manage your tax settings across AWS China region accounts in your organization from a central Tax console, and gain insights into your AWS spending across your organization.