2 Antworten
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
3
I saw this article and provides an alternative:
Another option, I have seen implemented is via DevOps processes. We used Jenkins for all deployment and managed permissions on Jenkins jobs for user community. The Jenkins would then perform deployments for us into AWS.
beantwortet vor einem Jahr
0
You could do a combination of the following:
- Centralize permissions check under AWS Organizations and SCPs: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html. You can then centrally deny actions and set permission boundaries.
- You could have a Terraform AWS User for the specific environment (e.g. Dev), so that that user is allowed to perform certain "admin-like" actions, while individual AWS users (your own Access/Secret keys) get "restricted".
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 2 Jahren