Manage and define your organization and accounts

We recommend a multi-account environment as a security and compliance best practice. By isolating your workloads or applications into individual accounts, you can control access to specific workloads using accounts and manage all of your accounts using Amazon Organizations.

To accomplish this, you can create new Amazon Web Services accounts programmatically using Amazon Organizations and group them into organizational units (OUs) for management. 

Centrally manage costs and billing

You can use Amazon Organizations to consolidate usage across all accounts in your organization into a single bill. Additionally, you can manage your tax settings across Amazon Web Services China region accounts in your organization from a central Tax console, and gain insights into your Amazon Web Services spending across your organization.