To simplify permissions for the AWS Root Account Admin Team
To reduce dependency on IAM credentials to perform admin functions in the root account
✅ Definition of Done
[x] aws-root-account-admin-team have an SSO role that can view but not edit all services in the AWS Root Account
[x] aws-root-account-admin-team have an SSO role that can view and edit all services in the AWS Root Account
📓 Notes
Ideally, we want to minimise the dependencies on using IAM credentials since these are difficult to manage and duplicate. Using a general "Admin" role is not the ideal solution, and we should create more granular roles for specific functions in the future. For the time being, the general "Admin" role will allow everyone in the Admin Team to take administrative responsibility for the Root Account to spread knowledge of the different roles and responsibilities
👀 Purpose
✅ Definition of Done
aws-root-account-admin-team
have an SSO role that can view but not edit all services in the AWS Root Accountaws-root-account-admin-team
have an SSO role that can view and edit all services in the AWS Root Account📓 Notes