http://builtsleek.com/categories/aws/Recent content in AWS on Built SleekHugo -- gohugo.ioenWed, 21 Feb 2024 00:00:00 +0000http://builtsleek.com/posts/aws-organizations-administrative-delegation/Wed, 21 Feb 2024 00:00:00 +0000http://builtsleek.com/posts/aws-organizations-administrative-delegation/What Is Delegation on AWS Cloud? Link to heading In the context of Amazon Web Services (AWS Cloud), delegation involves assigning specific responsibilities or permissions to particular entities within the AWS platform. By delegating tasks or privileges, organizations can efficiently manage and control their cloud resources. One key aspect of delegation is the use of delegated admin accounts. Delegated Admin Accounts Explained Link to heading Purpose Link to heading A delegated admin account is a member account within an AWS Organization that has been designated to perform administrative tasks on behalf of other member accounts.http://builtsleek.com/posts/cloud-provider-managed-services-evolution/Thu, 11 Jan 2024 00:00:00 +0000http://builtsleek.com/posts/cloud-provider-managed-services-evolution/Building Agnostic Services for the Ecosystem Link to heading Large enterprises like Amazon, Microsoft, and Google play a pivotal role in shaping the software landscape. Their internal software infrastructure supports diverse products and prototypes, ranging from code function hosts to deployment APIs. Developers within these organizations create services in an agnostic manner, ensuring that the ecosystem can be leveraged by other entities inside of their organization, and perhaps even outside of their organization.http://builtsleek.com/posts/ops-aws-iam-boundary-policies/Mon, 11 Dec 2023 00:00:00 +0000http://builtsleek.com/posts/ops-aws-iam-boundary-policies/When responsibility for fine-grained Policy creation is delegated to an Identity such as a Developer, the Identity often expects to utilize iam:createRole to configure permissions for cloud resources. Developer Needs Link to heading Developers frequently need to create Identities like IAM Roles during deployment to oversee permissions for various software resources. Nevertheless, the Operations admin might feel uneasy granting AdministratorAccess. Even when avoiding Admin grants, the needed Action iam:create[Role/User] would enable the developer to create an Identity that grants a seperate Policy, thereby bypassing the developer’s Identity Policy document.