How to Move AWS Member Accounts Across AWS Organization?

If you have a large AWS Organization with multiple AWS account managements, it can potentially result in issues related to billing and team structures. Additionally, not everyone has the opportunity to migrate their member accounts to another organization. This process can come with several significant drawbacks and may result in service downtimes if not carefully executed.

Before moving the accounts, we have to ensure that the account has some form of payment method set up, either a credit card or a default billing method. Next, we need to list all the major services that will be affected, such as Remote Access Management, Transit Gateways, and Active Directories that use SSO. Additionally, it’s important to back up all billing statements before proceeding with the move.

To initiate the account transfer, start by creating an organization for the destination account and invite the member account that you wish to connect. Then, navigate to the account you intend to move away from, access the RAM service, and grant account-level access. Following that, go to the organization settings and formally leave the organization. Upon leaving, you will receive an invitation from the new manager account. Quickly accept this invitation.

Now, access the Transit Gateway of the member account and grant access to the organization. This should allow you to retain access to all VPCs connected to the Transit Gateway. For Active Directory, you may need to recreate it or import it based on the process recommended by your organization.

There are various methods for backing up and recreating resources from one AWS account to another, as outlined in the AWS documentation: https://aws.amazon.com/blogs/architecture/migrate-resources-between-aws-accounts/