I'm learning AWS so I'd like to make some test projects.
I learned that using organizations and consolidate billing I will be able to charge the master account, i.e. the root user of the master organization, but have an overview of the cost of each organization.
This would be very helpful, since I could use an organization for each project and see each project how much is costing me.
What I cannot find out if is it possible to still use my root user (or an IAM user) and create/handle resources in each organization without the need to create additional accounts for each organization.
My main approach would be to handle resources via CDK/Cloudformation.
Is it possible?
If you start out learning AWS I will not recommend you to play with the control tower, it can add extra cost to you whit no benefits.
If you are over the beginning state and will and more security to your account, easier project management, and so on and are ready to pay the extra cost then I can strongly recommend reading up on AWS Control Tower.
The idea is you get SSO (Single Sign On) and you have a root account you only use to control your sub-account, its a separate login and you should never use it for other things than your root account.
Now you can add sub-accounts for each project, it's a good way to see the cost cross on your projects, and it's a nice way to isolate each project when you use IaC as CloudFormation or Terraform.
But again, I can't recommend using Control Tower if you are very new to AWS platform, so take care :)