Allow Transcribe and Translate to be used for multiple projects on the same account

0

How can I pave the way for a single AWS account to be used for multiple projects? I have an account that will be used for multiple project teams that should not be able to see each others' work. These projects will be using S3, Transcribe, and Translate. I also need to be able to provide showback billing reports to indicate costs incurred by each separate project team.

2 個答案
3
已接受的答案

I published the solution with examples to this public repo: https://github.com/zaphodbeeblebrox3rd/working_with_aws

It essentially involves the use of dedicated S3 buckets for each project. Access to the buckets is controlled by IAM policies assigned to the IAM role for each project team.

A set of EventBridge rules with Lambda functions allows the Transcribe jobs to be tagged so that they can be broken down per-project in Cost Explorer.

Unfortunately, Translate does not yet include resource tags in its API. I provided the instructions and code to use that feature if/when it becomes available.

已回答 3 個月前
profile picture
專家
已審閱 3 個月前
0

I like Eric's answer. My "answer" is more like thinking outside the box and may not be helpful.

Background

AWS is going to be changing sign-on to make it better. I wonder if this ties to Identity Center. Should you look at Identity center as a possible good long term solution unless you are already using SSO with your account at which point you already know this.

Why Identity Center

  • it allows you to make multiple "organizations" that are managed by your Identity center admin.
  • you could even use it to merge multiple accounts which I suspect is well beyond what you want/need to do.
  • SSO has some cool advantages.
  • Identity center is not a simple migration. So unless Identity Center is something you can see for other benefits then skip this crazy idea.
Allen S
已回答 3 個月前
  • 100% agreed. I'm using it for an Org that uses Organizations and SSO, but this allows my department to be a little less dependent on centralized IT and Finance to constantly churn out new accounts. The strategy will work either way regardless of whether Organizations and/or SSO is implemented .

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南