AWS - IAM Best Practices for Multi-Account AWS Environments:
Nowadays many companies are migrating from on-premise to cloud as the cloud platform like AWS provide good security, cost-effective and easily managable services. As the bussinesses grow and becoming more complex using single AWS account with multiple roles, users and user group is not enough and recommended.
First of let's understand what is AWS- IAM and how it is important for security of your bussiness. In simple terms in an AWS account we create the users as per the role in the bussiness and requirement of the services to be accessed by that user so we give access to that user as per what he requires that is called principle of least priviledge. So this is the secure way of giving access to muliple users with pre-determined permissions.
We can create as many users we want in a single AWS account (Nearly 100000 as per the AWS Identity center) but having multiple accounts is more benificial.
Below are the reasons why muliple AWS accounts is recommended in you bussiness
It provides high performance and secure architecture
Provides billing separation to directly map costs to underlying projects. that means we can easily manage the cost of each project if we have separate accounts for each of them
Offcourse, we are not charged for the accounts but we are charged for the resources we use. So it is better to use the different accounts for managed resources.
Management of muliple workloads at same time.
For more details you can read this official document from AWS here
I hope you enjoyed the blog
you can contact me through my website: https://haardpatel.info