I've used the ASEA to get a number of organizations setup. I prefer it to Control Tower (it can be installed on top of CT). The ASEA is open source and written in AWS cdk so it can be forked and modified if needed.
The guy or gal that's been working on it the last two years has slowly been working through my bucket list.
If I can just get guardrails that configure the basic AWS security foundation stuff like password policies, I'll be satisfied. And oddly enough, the CloudFormation coverage for this stuff is abysmal. We don't even allow IAM users in the member accounts, but we really need to check off this compliance box.
Seems relevant to me. The article is from your organization, and that information is something I wouldn't have known if not for the prior commenter's comment.
If they had disclosed their involvement in their profile at least I could give them the benefit of the doubt but in this case, like the other commenters, I assumed he had used the tool as a customer and had a positive experience, not that he was literally the founder of the group making the tool.
That’s not to say his opinion is not wanted, just that the potential bias should be made transparent.
There aren‘t any DMs on Hacker News, and if he didn’t post that comment I would have thought it was a disinterested commenter recommending something they had used, not somebody who works on the project. The cultural norm here is to disclose when you are recommending your own product and it’s not childish to point out when people fail to do that, it’s reinforcing that cultural norm.
If config can go this long with half-assed implementation I don’t see why control tower is going to fare better with more adoption. Most large enterprises are going to want to roll their own anyway.
Centralized management and application of IAM policy with the goal of giving teams the freedom to manage their own account, including account security, while still protecting the organization as a whole.
When customers request single tenancy in the cloud, where single tenancy is referring to an AWS account, being able to automate account management will be important when trying to scale.
I've used the ASEA to get a number of organizations setup. I prefer it to Control Tower (it can be installed on top of CT). The ASEA is open source and written in AWS cdk so it can be forked and modified if needed.