Establish Trusted Access in AWS Organizations

In this step, we will create a trusted relationship between AWS Organizations and the service principals for AWS CloudFormation and AWS Config.

This setup enables:

Multi-account capabilities – Trusted access allows AWS services to operate across multiple accounts in your organization without manually configuring permissions in each account.
Centralized management – Services like AWS Config, CloudTrail, and Security Hub can be deployed and managed organization-wide from the management account.
Service-linked roles – Trusted access automatically creates the service-linked roles required in member accounts.