docs
First Steps
AWS Organizations

Setting Up Production and Staging Accounts

To effectively manage and secure your environments, it's best practice to create separate AWS accounts for production and staging. We'll use the root account to set up an AWS Organization and then create individual accounts for each environment.

1. Create an AWS Organization

AWS Organizations allows you to centrally manage multiple AWS accounts.

  • Access AWS Organizations: Navigate to AWS Organizations.

Create Permission Set

  • Click on the Create an organization button. Then click on Add an AWS account.

Create Permission Set

2. Add Production and Staging Accounts

Now, we'll create two accounts within your organization: one for production (prod) and one for staging (staging).

Create Permission Set

  • Fill in Account Details:

    • Account Name: Enter prod for the production account.
    • Email Address: Each AWS account requires a unique email. i.e. prod@domainname
    • IAM Role Name: Leave it as the default OrganizationAccountAccessRole.
    • Create Account: Click "Create AWS account".
  • Repeat for Staging Account: Follow the same steps to create the staging account.

    • Account Name: Enter staging for the staging account.
    • Email Address: Each AWS account requires a unique email. i.e. staging@domainname
    • IAM Role Name: Leave it as the default OrganizationAccountAccessRole.
    • Create Account: Click "Create AWS account".

Create Permission Set

⚠️ If you don't have a business email and want to do this for practice, you can use Gmail. i.e. prodCompanyName@gmail.com or stagingCompanyName@gmail.com

Great job, now it's time to move on to IAM Identity Center.