|
|
|
|
|
|
by coredog64
1955 days ago
|
|
|
In theory, ABAC solves a lot of problems. In practice, there’s no mandate for AWS product teams to support ABAC in a consistent fashion. Assuming it doesn’t cause networking issues, IMO the best approach is to finely scope AWS accounts. They’re free, and Amazon includes some reasonable tools for working with them. The major downside is the double charge on Transit Gateway traffic. |
|
|