In this lab, you will learn how to set up the AWS SSO service to efficiently provision and manage resource access to your AWS Organization AWS accounts.
AWS SSO is a service that enables you to provide Single Sign-On access to one or more AWS accounts within your AWS Organization for users listed in your directory.
AWS Organization is a service designed for managing multiple AWS accounts within your organization from a central standpoint. With AWS Organization, you can organize AWS Accounts into Organizational Units and aggregate the expenses of all AWS accounts into a Management Account.
An Organizational Unit is a collection of AWS accounts. Each OU can have up to five levels of nested OUs. Management policies assigned to an OU are applied to all its member OUs and AWS accounts.
The Management Account is the AWS account with the highest level of permissions. It possesses the authority to control all other AWS accounts within the AWS Organization. Additionally, the management account bears the responsibility for covering the general costs incurred by its member accounts.