Controlled organizations
Note
This feature is in the Preview stage. To get access, contact tech support or your account manager.
Overview
In Yandex Cloud, there are two regions isolated from each other on all levels. To put your resources in another region, you need to register a separate organization and link your billing account to it. Once you do that, the management console will only show to you the services and resources of the region you select; you will not be able to transfer accounts or synchronize the settings between your organizations.
You can create a controlled organization to create resources in different regions and manage them from a single interface. Use it to put your resources in another region without registering a separate organization for the purpose. A controlled organization will allow linking a region to your main organization.
A controlled organization is subject to several limitations:
- Users cannot navigate to a controlled organization via the Yandex Identity Hub UI.
- You cannot invite new users to a controlled organization.
- You cannot create user groups or federations or add new users to them in a controlled organization.
Warning
You cannot cancel creating a controlled organization or linking a region.
When you create a controlled organization, the resources in different regions remain isolated from each other. Your data is kept and available only within each individual region.
Syncing
A controlled organization automatically syncs the following entities with the main organization at the organization level:
- Yandex accounts and federated accounts
- User groups and group membership
- Federations
- Roles
The quotas for the listed entities get synced when you create a controlled organization. They will not be synced from then on.
The roles assigned for clouds, folders, or separate resources are not synced. The OS Login setting are not synced either.