mach-composer-cli icon indicating copy to clipboard operation
mach-composer-cli copied to clipboard

Published 20 hours ago verified publisher icon mach-composer

Should we execute individual component deployments with individual IAM AssumeRole (in case of AWS)?

Open pimvernooij opened this issue 4 years ago • 1 comments

To limit permission scope for rolling out individual components, that might be built by different teams, we could consider to execute these with individual set of permissions.

Discussed with @mvantellingen

pimvernooij avatar Jan 18 '21 12:01 pimvernooij

@pimvernooij do you think this is still relevant? I imagine this is more related to the whole concept of stacks, where one team works on a single stack and should be able to use their team permissions on that stack instead of the upper layer one?

demeyerthom avatar Sep 13 '24 11:09 demeyerthom