Skip to content

Instantly share code, notes, and snippets.

@judell

judell/aws-azure-gcp-organizational.md

Last active June 14, 2024 19:16
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save judell/42b05d35c4ca92b9874cc02c7ee243ef to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save judell/42b05d35c4ca92b9874cc02c7ee243ef to your computer and use it in GitHub Desktop.
Download ZIP
aws azure gcp organizational concepts
Raw
aws-azure-gcp-organizational.md

Claude

Concept AWS Azure GCP
Hierarchical Grouping AWS Organizations Azure Management Groups GCP Resource Hierarchy
Root Level Root (Master Account) Root Management Group Organization
Tenant Concept Not Applicable Azure Active Directory (Azure AD) Tenant Not Applicable
Grouping Levels Organizational Units (OUs) Management Groups Folders
Lowest Level AWS Accounts (Member Accounts) Subscriptions Projects
Policies Service Control Policies (SCPs) Azure Policies Organization Policies
Consolidated Billing Available at the Organization level Available at the Billing Account level Available at the Billing Account level
Access Management IAM (Identity and Access Management) Azure RBAC (Role-Based Access Control) IAM (Identity and Access Management)
Cross-Account Resource Sharing AWS Resource Access Manager (RAM) Azure Lighthouse Shared VPC, Shared IAM
Account/Subscription Creation Via AWS Organizations Via Azure EA Portal or Azure Portal Via GCP Console or Cloud Identity
Compliance Monitoring AWS Config, AWS CloudTrail Azure Policy, Azure Activity Log Cloud Security Command Center, Cloud Audit Logs

ChatGPT reinterpretation

Hierarchical Grouping:

  • AWS: AWS Organizations
  • Azure: Azure Management Groups
  • GCP: GCP Resource Hierarchy

Root Level:

  • AWS: Root (Master Account)
  • Azure: Root Management Group
  • GCP: Organization

Tenant Concept:

  • AWS: Not Applicable
  • Azure: Azure Active Directory (Azure AD) Tenant
  • GCP: Not Applicable

Grouping Levels:

  • AWS: Organizational Units (OUs)
  • Azure: Management Groups
  • GCP: Folders

Lowest Level:

  • AWS: AWS Accounts (Member Accounts)
  • Azure: Subscriptions
  • GCP: Projects

Policies:

  • AWS: Service Control Policies (SCPs)
  • Azure: Azure Policies
  • GCP: Organization Policies

Consolidated Billing:

  • AWS: Available at the Organization level
  • Azure: Available at the Billing Account level
  • GCP: Available at the Billing Account level

Access Management:

  • AWS: IAM (Identity and Access Management)
  • Azure: Azure RBAC (Role-Based Access Control)
  • GCP: IAM (Identity and Access Management)

Cross-Account Resource Sharing:

  • AWS: AWS Resource Access Manager (RAM)
  • Azure: Azure Lighthouse
  • GCP: Shared VPC, Shared IAM

Account/Subscription Creation:

  • AWS: Via AWS Organizations
  • Azure: Via Azure EA Portal or Azure Portal
  • GCP: Via GCP Console or Cloud Identity

Compliance Monitoring:

  • AWS: AWS Config, AWS CloudTrail
  • Azure: Azure Policy, Azure Activity Log
  • GCP: Cloud Security Command Center, Cloud Audit Logs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment