Creating Isolated AWS Accounts for Testing and Experimentation

Asankha Perera
Apr 17, 2018 · 6 min read


Creating a sub-account from within the AWS Console of the primary account

Creating a new account from within AWS Organizations

Creating a budget for a sub-account

Creating a Cost budget in AWS

Creating IAM users under the sub-account

Creating IAM users for testing
Generated keys and passwords for the test accounts

Inviting an already existing AWS account to be a sub-account under a primary account

Inviting an AWS account under your Organization
Accepting the invitation to join the AWS organization

Account isolation and management under the root Organization

Creating an Organizational Unit (OU)
Moving the newly invited account
Allowing a subset of AWS services via a Policy
Attaching a Service Control Policy in AWS
Assigning a custom Service Control Policy, and removing the default

Asankha Perera

Written by

Founder and CEO of SLAppForge —Enterprise Serverless Computing https://slappforge.com

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade