Closing an AWS Account

Audience: Cloud Operations and Platform Engineering teams.

Purpose: Standard operating procedure for safely closing AWS accounts while preserving financial history and audit trails.

Draft Document

This document is a work in progress. Procedures may be updated as processes evolve.

Overview

This SOP covers the complete lifecycle for closing an AWS account, including customer communication, resource verification, repository updates, and account suspension.

Related Platforms

Steps for closing Azure subscriptions or GCP projects follow similar patterns, with provider-specific console actions.

Prerequisites

Before beginning the account closure process, ensure you have:

Access Required	Resource
GitHub	Maintain access to it-cloud-kion-account-hub
Kion	Manage All Projects and Manage All Accounts at kion.cloud.tamu.edu
AWS Console	Access to Master Payer account (704918398091) or delegated admin (442707310061)

Procedure

Phase 1: Customer Request & Verification

Step 1: Obtain Written Confirmation

Collect the following from the account owner:

Written confirmation to close the account
Account name and 12-digit account number
Acknowledgment that:
- Account will be suspended immediately
- Full closure occurs after 90 days
- 2-3 additional billing cycles may occur

Step 2: Verify Resource Deletion

Before proceeding:

Check	Expected State
Billing (last 24 hours)	Near $0.00
Expected Charges	CloudTrail, Security Hub, GuardDuty only
Unexpected Resources	Verify with owner before proceeding

tip

Use AWS Cost Explorer or Cloudability to review recent charges. Any unexpected costs should be discussed with the account owner.

Phase 2: Repository Updates

Step 3: Update Kion Account Hub

Create a new branch:
```
REQ1234567/remove-aws-account-name
```

Move the account JSON file:

/accounts/aws/definitions/ → /accounts/aws/deleted_accounts/

Commit changes with a descriptive message
Submit a pull request

Finding the JSON File

The JSON filename may differ from the AWS account name. Search file contents for the account name or number using VS Code or command-line tools.

Step 4: Complete Manual Actions

After the pull request is merged, GitHub Actions will create issues for manual steps. Example actions include:

Move Project in Kion:
- Navigate to the project in Kion
- Move to the Archived Projects OU
- Configure:
  - Cloud Rule Settings: Remove all inherited cloud rules
  - Financial Settings: Move all spend data to destination OU
  - Project Budgets: Move all past, current, and future budgets
Archive Project (after account lifecycle complete):
- Navigate to project page in Kion
- Click the Archive button

Current Practice

At this time, we do not perform step 2 (archiving projects). This is reserved for future implementation.

For detailed guidance, see Kion Support: Preserving Financial History.

Phase 3: Account Closure & Communication

Step 5: Close the AWS Account

Follow the official AWS procedure:

Sign in to AWS Organizations with appropriate permissions
Navigate to the account
Initiate the closure process

📖 Reference: Closing a member account in your organization

Step 6: Close the Ticket

Respond to the customer with:

Confirmation that the closure request was submitted
Timeline: Account will fully close in 90 days
Billing expectations:
- 2-3 additional bills may arrive (previous months + partial current month)
- Due to AWS billing processing delays

Close the ticket after customer acknowledgment.

Quick Reference

Phase	Action	Owner
Request	Obtain written confirmation	Customer
Verify	Check billing near $0	Cloud Ops
Repository	Move JSON, create PR	Cloud Ops
Kion	Move project to Archived OU	Cloud Ops
AWS	Close account in Organizations	Cloud Ops
Communication	Notify customer, close ticket	Cloud Ops

Overview​

Prerequisites​

Procedure​

Phase 1: Customer Request & Verification​

Phase 2: Repository Updates​

Phase 3: Account Closure & Communication​

Quick Reference​