AWS Organizations vs Google Organization
Lance Armah-Abrahamupdated on October 20, 2022
The need for organizations and resource managers
Managing cloud accounts can be a tedious tasks for administrators in especially larger organizations where you might not only need to have separate accounts for each team or department but also require separate billing account management.
For smaller organizations, they might just start with a single cloud account and single billing account which will be enough to manage their daily activities.
Larger organizations have to deal with management of multiple billing accounts for each department and so need a way to consolidate this management from a single place.
This is why AWS and Google cloud has the concept of organizations to help with this consolidation and management.
AWS Organizations is a way for AWS customers to consolidate their cloud accounts and billing resources for central managment. AWS Organizations allow you to create a root(organization) account which can then have organizational units (departments or teams). The organizational units can then have cloud accounts in which resources can be deployed.
A root account is required in AWS organizations as the organization that holds and manages all other OUs and AWS accounts. You can consolidate your billing under your aws organization.
An Organizational Unit (OU) can represent departments or teams in an organization and holds one or more aws cloud accounts. An OU can also hold or have a sub but single OU as it's child OU (at the time of writing this article, this might change in the future).
An AWS cloud account is the organizational unit that can hold AWS resources like instances and databases. One can create multiple AWS accounts in an OU for sub teams or environments like production and staging environments.
You can create service control policies that govern how, when and who can create or use resources in the organization. When you attach a policy to an OU, the child OU or cloud accounts under it inherit and also apply that policy. This allows you to define policies that applies to all aws accounts in a certain OU or department in your organization.
Google Cloud Organization (Resource Manager)
Google cloud organization allows a company to manage multiple projects. With a single google cloud organization, one can create a folder for each department. Projects represent the resource in the hierarchy that can host resources. Hence teams can keep their respective resources in their departmental folder.
A google cloud organization is the root of the google cloud resource hierarchy and it holds or manages all projects and folders under it.
A folder is a representation that allows you to group and manage multiple projects. A folder can have multiple sub folders under it.
A project is the basic resource in the google cloud resource hierarchy that allows you to host resources such as compute engine instances and cloud sql databases.
You can create policies that govern how, when and who can create or use resources in your google cloud organization. When you attach a policy to a folder, the child folders and projects under it inherit and also apply that policy. This allows you to define policies that applies to all projects in a certain folder or department in your organization.
Samuel owns Example Corp. on premises and is planning to move to the cloud. Samuel has 4 departments and the budget for each department is managed separately. Each department also has some sub departmental teams that might also need their separate cloud accounts. Samuel needs a way to setup his organization on AWS cloud. Replicate the solution on Google cloud.
Solution on AWS
- Create an AWS organization (Example Corp).
- Create an organizational unit (OU) for each department.
- Add each department or team's cloud account to their respective OU.
Solution on Google Cloud
- Create a Google organization (Example Corp).
- Create a folder for each department.
- Add each department or sub department project to the specific folder(department) they fall under.
Organizations on both AWS and Google Cloud are free of charge.