Certified Security - Specialty

Sign Up Free or Log In to participate!

Master Account immunity?

Can you apply SCP’s to the Master Account itself from itself?

1 Answers

Hi, it is possible to apply a SCP at your AWS account root level, however it is not recommended.

AWS strongly recommends that you don’t attach SCPs to the root of your organization without thoroughly testing the impact that the policy has on accounts. Instead, create an OU that you can move your accounts into one at a time, or at least in small numbers, to ensure that you don’t inadvertently lock users out of key services. _

https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?