1. Home
  2. Mapping Frameworks
  3. AWS Home
  4. AWS Organizations

AWS aws_organizations Mappings

AWS Organizations is an account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage. AWS Organizations is integrated with other AWS services so you can define central configurations, security mechanisms, and resource sharing across accounts in your organization.

Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name Notes
aws_organizations AWS Organizations protect partial T1078 Valid Accounts
Comments
This control may protect against malicious use of cloud accounts but may not mitigate exploitation of local, domain, or default accounts present within deployed resources.
References
  1. https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html
  2. https://aws.amazon.com/organizations/getting-started/best-practices/
aws_organizations AWS Organizations protect significant T1078.004 Cloud Accounts
Comments
This control may protect against malicious use of cloud accounts by implementing service control policies that define what actions an account may take. If best practices are followed, AWS accounts should only have the least amount of privileges required.
References
    aws_organizations AWS Organizations protect minimal T1087 Account Discovery
    Comments
    This control may protect against cloud account discovery but does not mitigate against other forms of account discovery.
    References
    1. https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html
    2. https://aws.amazon.com/organizations/getting-started/best-practices/
    aws_organizations AWS Organizations protect partial T1087.004 Cloud Account
    Comments
    This control may protect against cloud account discovery by segmenting accounts into separate organizational units and restricting to least privileges between groups.
    References
      aws_organizations AWS Organizations protect partial T1538 Cloud Service Dashboard
      Comments
      This control may protect against cloud service dashboard abuse by segmenting accounts into separate organizational units and restricting dashboard access by least privilege.
      References
      1. https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html
      2. https://aws.amazon.com/organizations/getting-started/best-practices/
      aws_organizations AWS Organizations protect partial T1580 Cloud Infrastructure Discovery
      Comments
      This control may protect against cloud infrastructure discovery by segmenting accounts into separate organizational units and restricting infrastructure access by least privilege.
      References
      1. https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html
      2. https://aws.amazon.com/organizations/getting-started/best-practices/
      aws_organizations AWS Organizations protect partial T1651 Cloud Administration Command
      Comments
      This control may protect against cloud administration command abuse by segmenting accounts into separate organizational units and restricting Amazon Security Manager access by least privilege.
      References
      1. https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html
      2. https://aws.amazon.com/organizations/getting-started/best-practices/