Controlled organizations
Overview
In Yandex Cloud, there are two regions isolated from each other on all levels. To put your resources in another region, you need to register a separate organization and link your billing account to it. Once you do that, the management console will only show to you the services and resources of the region you select; you will not be able to transfer accounts or synchronize the settings between your organizations.
You can create a controlled organization to create resources in different regions and manage them from a single interface. Use it to put your resources in another region without registering a separate organization for the purpose. A controlled organization will allow linking a region to your main organization.
A controlled organization is subject to several limitations:
- Users cannot navigate to a controlled organization via the Yandex Identity Hub UI.
- You cannot invite new users to a controlled organization.
- You cannot create user groups or federations or add new users to them in a controlled organization.
Warning
You cannot cancel creating a controlled organization or linking a region.
When you create a controlled organization, the resources in different regions remain isolated from each other. Your data is kept and available only within each individual region.
Syncing
A controlled organization automatically syncs the following entities with the main organization at the organization level:
- Yandex accounts and federated accounts
- User groups and group membership
- Federations
- Roles
The quotas for the listed entities get synced when you create a controlled organization. They will not be synced from then on.
The roles assigned for clouds, folders, or separate resources are not synced. The OS Login setting are not synced either.