Strategy for Proper Developer Access

In one of the recent posts I mentioned how we are using AWS Organizations to manage multiple environments in multiple AWS Accounts. There is a lot of literature and discussions available online to justify this being a best practice, and it all boils down to simple things which matter the most — unified billing of resources, and separation of concerns. After all, no body wants to accidentally test a feature in a prod CIDR range.

Previous to the last week, I also explored AWS Amplify to accelerate the frontend development using React. The advantage broke quite a few beliefs about cherishing the favourite tech stack for “everything”. This resulted in viewing the architecture into 3 main parts — frontend, backend components supporting frontend, and backend.

This post takes this discussion further with respect to providing appropriate developer access in target environments. It will help teams who are struggling with this topic and act as a resource to those for whom IAM is in a state of mess.

Who is a developer?

Let us revisit this question to better understand the role. Simply put, developer is any individual who actively contributes to the code base, to build a component or an end-to-end service, that supports any business application.

In a broader sense, developers…