Last updated
Please be sure to review, bookmark and follow all the AWS related standards in the .
Most important! Please note that all infrastructure must be created in the us-east-1 region in AWS. Any infrastructure found outside that region will need to be moved immediately or will be automatically de-provisioned. Thank you!
Labs manages a set of AWS accounts using the service. This allows us to create a structure and better manage dozens of separate accounts.
All student are located in the Students Organizational Unit (OU).
Only Engineering Managers can create new AWS Product Accounts.
Labs projects must never use AWS Accounts not managed by Lambda School Labs.
You can see a list of accounts . Note, this list is not automatically updated, if you don't see your account, contact your engineering manager! Thanks.
Each member of a student team will have an associated IAM User. This IAM User will be created and managed by the APL for the Product.
Only APLs have the ability to provision and manage IAM Users
IAM Users have the permissions required to for their own use
Labs APLs will have access to a Slack Bot that will allow them to manage user accounts for student teams.
APLs can run /labsbot in Slack to work with the Labs Bot
Example: jane.doe@lambdaschool.com - Jane Doe
Each account will have a group named Students that all student IAM Users will be assigned to. This group has only specific permissions required for their project, adhering to the .
Labs Bot can create IAM users. These users should be created following the .
