|
|
|
|
|
|
by samstave
3286 days ago
|
|
|
I'd say that the best way to "fix" it - is to have new iterations/versions of an entire region that comes online with an updated stance on all aspects of environment management: deployment/security/auth etc.. Let new infra come up in the new region with auth-gateways to allow the new to talk to the old and vs versa... maybe you put an S3 mirror of data from new-bucket-type to an old-bucket-type for RO data access from within the old region for data created in the new... old users can make functional requests of the new api - but cannot manipulate anything directly... Or some such model -- but role out wholly new regions and sunset old over time. (A new region can be us-east-3 next to us-east-2 and can sit in the same physical location to allow for in-house data transit on AWS' part, etc.) |
|
|