[forgomonika]

Is billing aggregation a problem and do you need to open up 10 different support tickets if all the accounts are part of an AWS Organization?

As for keeping the number of accounts down, I've seen that blow up significantly if you have someone break into an account or have a disgruntled employee that can get into a single account and wreak massive damage. Or if your software runs in multiple regions and you need to meet compliance requirements like GDPR, etc.

[rcrowley]

Actually upgrading your Support plan is one of the very, very few things you still need to break into the root of each account to do. However, if you’re big enough you just sign an EDP contract that forces all your accounts onto Enterprise Support anyway.

[Merrack]

This papercut has, as of last week, finally been fixed: https://aws.amazon.com/about-aws/whats-new/2022/09/aws-updat...

[rcrowley]

Actually, as of Friday, that’s no longer true. \o/

<https://aws.amazon.com/about-aws/whats-new/2022/09/aws-updat...>

[gw99]

None of these concerns require multiple accounts. An account is a container for resources and resources do have tangible isolation between them if configured properly and properly delegated credentials should be issued to staff which are specific and limited in capability. Same with assumed roles. Same with VPC configurations.

If you didn't do that, you fucked up. Adding more accounts doesn't guarantee that you didn't fuck up.

And yes you need to open 10 tickets, even if you have enough spend to have a direct line to AWS internal staff with multiple enterprise accounts...

[scarface74]

- get all of the account numbers in your org

- for each account number

   - aws service-quotas request-service-quota-increase