|
|
|
|
|
|
by poxrud
819 days ago
|
|
|
IAM is complicated but it doesn’t have to be, as long as you keep things organized. - Use AWS Organizations to organize your teams into Organizational Units - use SCP to limit permissions of the OUs. - let the OUs create new aws accounts for every project/workload - now you have permissions and costs organized per project/workload Don’t be afraid to create many AWS accounts, this is encouraged and considered best practice. |
|
|