AWS Account Creation

Owned by Luka Mirosevic
Apr 20, 2020
1 min read

Status: LIVE

AWS Account Creation

  • Never spin up services in the main 9Y AWS account. Always create a new account, using AWS Organisations.

    • Use hello+<customer>@9y.co as email

    • Never activate the root account for security reasons.

  • Use role based auth to allow easy switching between AWS accounts. This should be provided to all squad members by the person creating the AWS account.

  • When creating new users, give permission on a need-to-have basis, and enforce MFA.

  • For long term maintenance agreements with customers, where a fairly steady load is expected, consider purchasing reserved instances to reduce costs.

  • If the sub-account is being paid for using the 9Y parent account (this is the default), then you must notify PM that server costs are now accruing for the project.

 

 

Owner

The content of this macro can only be viewed by users who have logged in.

Reviewer

The content of this macro can only be viewed by users who have logged in.