| AWS Support absolutely fumbled the incident, but what you should have learned from the experience, and the majority of others commenting here is: Running a business critical workload in one AWS account is a self-inflicted single point of failure. Using separate accounts for prod/dev/test (and a break-glass account) is one of #1 security best practices: “SEC01-BP01 Separate workloads using accounts.” - https://docs.aws.amazon.com/wellarchitected/latest/security-... Keep resources out of the payer/management accounts. Consolidated billing is fine, but the management account should stay empty. "Best practices for the management account" - https://docs.aws.amazon.com/organizations/latest/userguide/o... Enable cross-account backups. Copy snapshots or AWS Backup vaults to a second account so Support lockouts don’t equal data loss. "Creating backup copies across AWS accounts" - https://docs.aws.amazon.com/aws-backup/latest/devguide/creat... Populate Billing, Security, and Ops alternate contacts. AWS Support escalates to those addresses when the primary inbox is dead.
"Update the alternate contacts for your AWS account" - https://docs.aws.amazon.com/accounts/latest/reference/manage... Follow the multi-account white-paper for long-term org design. It is not optional reading.
"Organizing Your AWS Environment Using Multiple Accounts" - https://docs.aws.amazon.com/whitepapers/latest/organizing-yo... Maybe get some training? https://aws.amazon.com/training/classroom/ |