'Is it better to create a completely separate AWS account or just create a separate IAM user to have a separate development environment?

Currently, I am using these services in AWS:

  1. EC2 instance
  2. S3 bucket
  3. SES for transactional mails

I access S3 and SES services in the backend using an AWS_ACCESS_KEY_ID, and an AWS_SECRET_ACCESS_KEY which basically means I cannot share those keys with the developers.

I would like to create a separate development environment that doesn't give access to those services in production.

I have made some research and I found-out that I can create a whole new account for development environment and then synchronize billing between the two especially that I have AWS credits.

Before investing time in that, I wonder if it's possible to achieve my goal with using a separate IAM identity.

cloudamazon-ses


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Amazon AWS S3 to Force Download Mp3 File instead of Stream It

How to enable terraform module only with a specific workspace

AWS RDS Postgres: WAL_LEVEL not set to 'logical' after changing rds.logical_replication = 1

Use terraform to set up a lambda function triggered by a scheduled event source

Use terraform to set up a lambda function triggered by a scheduled event source

Self stopping EC2 once task complete?

AWS - SWF - Asynchronous method

Why my cloudformation template is over 1 MB?

AWS elastic beanstalk - WARN install EACCES: permission denied, access '/tmp/.npm'

Aws step functions - Resume from failed step function activity instead of starting a new execution

Redirect Elastic Beanstalk URL to domain name

node-lambda - TypeError: handler is not a function