Allow Transcribe and Translate to be used for multiple projects on the same account

0

How can I pave the way for a single AWS account to be used for multiple projects? I have an account that will be used for multiple project teams that should not be able to see each others' work. These projects will be using S3, Transcribe, and Translate. I also need to be able to provide showback billing reports to indicate costs incurred by each separate project team.

2 Answers
3
Accepted Answer

I published the solution with examples to this public repo: https://github.com/zaphodbeeblebrox3rd/working_with_aws

It essentially involves the use of dedicated S3 buckets for each project. Access to the buckets is controlled by IAM policies assigned to the IAM role for each project team.

A set of EventBridge rules with Lambda functions allows the Transcribe jobs to be tagged so that they can be broken down per-project in Cost Explorer.

Unfortunately, Translate does not yet include resource tags in its API. I provided the instructions and code to use that feature if/when it becomes available.

answered a month ago
profile picture
EXPERT
reviewed a month ago
0

I like Eric's answer. My "answer" is more like thinking outside the box and may not be helpful.

Background

AWS is going to be changing sign-on to make it better. I wonder if this ties to Identity Center. Should you look at Identity center as a possible good long term solution unless you are already using SSO with your account at which point you already know this.

Why Identity Center

  • it allows you to make multiple "organizations" that are managed by your Identity center admin.
  • you could even use it to merge multiple accounts which I suspect is well beyond what you want/need to do.
  • SSO has some cool advantages.
  • Identity center is not a simple migration. So unless Identity Center is something you can see for other benefits then skip this crazy idea.
Allen S
answered a month ago
  • 100% agreed. I'm using it for an Org that uses Organizations and SSO, but this allows my department to be a little less dependent on centralized IT and Finance to constantly churn out new accounts. The strategy will work either way regardless of whether Organizations and/or SSO is implemented .

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions