The places I've worked just control that with SSO and groups in their auth syste... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		nijave on Oct 3, 2022 \| parent \| context \| favorite \| on: Have lots of AWS accounts The places I've worked just control that with SSO and groups in their auth system. Much easier to make a group in your auth software than try to create multiple permission boundaries in the same AWS account. It also makes cost allocation much easier (you don't need complicated tagging policies everywhere)

kfrzcode on Oct 4, 2022 [–]

Security in layers.

Infrastructure as code.

Easier for you, easier for the black hatters.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact