2 Respuestas
- Más nuevo
- Más votos
- Más comentarios
3
I saw this article and provides an alternative:
Another option, I have seen implemented is via DevOps processes. We used Jenkins for all deployment and managed permissions on Jenkins jobs for user community. The Jenkins would then perform deployments for us into AWS.
respondido hace un año
0
You could do a combination of the following:
- Centralize permissions check under AWS Organizations and SCPs: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html. You can then centrally deny actions and set permission boundaries.
- You could have a Terraform AWS User for the specific environment (e.g. Dev), so that that user is allowed to perform certain "admin-like" actions, while individual AWS users (your own Access/Secret keys) get "restricted".
Contenido relevante
- OFICIAL DE AWSActualizada hace 7 meses