Many organisations today choose a multi-account AWS strategy as a unit of isolation. That unit of isolation may be for billing, application and business isolation, Conway’s Law or all of the above.
While Amazon offers many ways to secure your infrastructure, what do you do when you want to secure your own API’s? What are your choices?
In this talk I will focus on the topic of identity and access management for API’s in a multi-account world and discuss the considerations and implications. I will present a multi-account architecture and strategy that may offer others ideas of where to start.
This will be a warts and all presentation of the choices Seek has made, as well as stumbled through.