In a large organization, such as a business, there can be good reasons to have independent AWS accounts, to better track projects across business units. However, bills and accounting reports may still need to be consolidated in one place. To solve this problem, AWS created Master Organization accounts.
There are two ways to set up member accounts (also known as linked accounts) in a master organization account:
Create a new member account inside your master account. Each new member account can have its own users, groups, resources, and permissions, but the billing for it is consolidated in the S3 bucket of the master organization account.
Invite an already existing, independent AWS account into your master organization account. Upon acceptance of the invitation, the billing for the invited account is consolidated into the S3 bucket of the master organization account.
AWS allows you to have up to 20 member accounts. For more information on how master organization accounts can be set up, see http://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html.
If you want the resources in your member accounts (for example, virtual machines, data storage, CPU processing, network routing, and more) to be listed in the Discovery Service, you must add each member account individually to VMware Cloud services. This means you must:
Generate unique security credentials (Access Key ID and Secret Access Key) for each member account. See Collecting Your AWS Security Credentials.
Add the unique security credentials for each member account to VMware Cloud services using the AWS Add New Account form. See Fill In the AWS Add New Account Form.
Set IAM User Access to Billing Information in the IAM Management console. For more information, see Setting Up an Individual AWS Account.