The DevSecOps Talks Podcast #66 - Multi-Account Strategy And Landing Zones: Account Segmentation Approaches For Security And Efficiency On AWS
May 27, 2024
In this discussion, AWS Consultant Fernando Gonçalves dives into the intricate world of AWS account segmentation. With a rich background in event-driven solutions, he shares insights on multi-account strategies for enhanced security and efficiency. Listeners will discover debates around development environments, the AWS Landing Zone, and practical tools for account management. Fernando's perspective on Identity and Access Management uncovers critical safety protocols, while co-host Julien challenges traditional staging methods, making for a lively and informative conversation.
AI Snips
Chapters
Transcript
Episode notes
Premature Division
- One startup divided everything up front, leading to much reinvention and frustration.
- Don't divide resources until it's necessary or there's a good reason.
Divide When Necessary
- Divide resources when you feel the pain or have a good reason, such as for access management.
- Slicing things up too early can lead to a lot of frustration.
Combined Environments
- Another anecdote describes an account with test, prod, and everything combined.
- Dividing environments is generally a good way to start.