By using AWS re:Post, you agree to the Terms of Use

AppConfig and Multiple Accounts

0

Our application is deployed across multiple AWS accounts, and completely using Cloudformation. So, we update our code, push to Git, this triggers a build, and then a package and deploy using the AWS CLI to one of 3 accounts depending on the environment.

It's unclear how this workflow will work with AppConfig, which doesn't seem to be able to support multiple account access. I've considered a couple of different approaches:

  1. Have a separate account with the configuration information for ALL accounts. Unfortunately, unless we have a separate role in the configuration account for AppConfig access, there does not appear to be a way for an application to get configuration data from a different account, so this approach doesn't seem feasible.
  2. Have a separate AppConfig::Application for each account, and each will just have a single environment. This is created via our Cloudformation deploy process, and we'll just manage and deploy configurations on an account by account basis (possibly using a separate Git repo to house the configuration data and push to each account in an automated way on commit).

Are there any other options? This seems more difficult than it should be, as AWS often suggests using separate accounts for different stages of deploy for security reasons.

asked 7 months ago115 views
2 Answers
1

In my opinion you should deploy AppConfig on each account the same as you are deploying every other resource because of exactly the same reasons :)

Basically, if you are separating the accounts to safely deploy applications in isolation, then the same should be done with config. You should not be able to break production editing config for dev what can happen if you are managing it in one AppConfig.

answered 7 months ago
0

We just implemented this and this blog post will get you there: https://aws.amazon.com/blogs/mt/cross-account-configuration-with-aws-appconfig/

answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions