This post will highlight some considerations that can be adhered to when it comes to selecting the account structure for an organization of any size.
Startup
Okay you are a startup organization with the next big bright idea. You are eager to iterate fast and start getting some paying customers onboard - AWS is here to help you. My advice is to keep it simple - get a product out there, get it in front of people, deploy it to 1 account. Perhaps have a test account and 1 production account but do keep it simple. This is not the time to over complicate things with using all the AWS services in the world. This is no time to split your workloads over multiple accounts. Very few new ideas (if any) scale to millions of users immeadiately. Now is the time to focus on your value proposition and iterate on your idea.
It is not uncommon for your initial idea to look completely different to the idea that will end up making you your millions.
Growth Stage / Scale up
Okay,you idea has taken off, revenue is increasing, you are growing your team and are entering differnt markets. This growth is great news for your business but comes with its own challenges. Once paying customes are onboard, you have an obligation to ensure your service is available the majority of the time and is performant. Now it is time to invest in your product and AWS account structure. What you developed in the STartup phase has proven out the idea but it is now time to move to a hardening phase.
Look at the AWS services you are using - perhaps look at more managed services such as AWS Lambda or AWS Fargate. Can these services scale to meet the customer demands in this growth phase?
Also, you should definitely have separate AWS Accounts for Dev / Test / Customer Testing / Performance Testing and Production. There should be clear CI/CD processes in place to deploy your code to the various environments and also for performing automated testing.
Now is a time to look at a service such as AWS Organizations to group your accounts into different Organizational Units.
Remember - you do not pay for an AWS Account - just the resources that run in that account.
Mature/Established Business
So the product is going well and you are getting more paying customers. You are now looking at ways to add features to keep the existing and new customer base happy as well as staying ahead of the competition. Now would be the ideal time to look at AWS Control Tower. AWS Control Tower is a service that helps organizations set up and manage a secure, multi-account AWS environment using best practices. It automates account provisioning, enforces governance with guardrails, and integrates with AWS Organizations for centralized management. It simplifies compliance, security, and operational efficiency across multiple AWS accounts.
You should examine your workloads to ensure there is a clear separating in workloads that live in each individual account. A new workload could potentially be multiple new AWS accounts when you factor in dev/test/performance environments etc.
Enterprise/Corporation
You product has surpassed all expectations and you are now investigating mergers and perhaps going for an IPO (Initial Public Offering). You have a large team now compared to when you started, you are no longer stuck in the day to day weeds of managing AWS Accounts or coding. You are now making the hard decisions. Now is the time to ensure you have a motivated staff who want to do good for your company. You should now continue to invest in tools for ensuring the quality of your code, the security of your AWS Accounts and infrastructure as well as keeping up with security patches etc. You have a well established Control Tower environment setup where each workload is running in its own account with clear patterns for ingress and egress traffic. You have some bright minds working for you to ensure hat you code and infrastructure is safe from and attacks by hackers. Now is not the time to rest on your laurels but you should be in a phase of continuous improvement.
Top comments (0)