"then hook it up to your local development environment via AWS SSO command line tool or preferably granted.dev, an open source project that enables the Customer Obsession that AWS has studiously ignored in this area. You then either have to do something monstrous with key storage, or set up an OIDC relationship between GitHub (yes, or GitLab, I hear you, please do not email me) and AWS, then prod GitHub Actions if you're sane (or AWS CodeBuild if you're not) into doing the deplo"
"you push code to a repo, the CI/CD nonsense (which curiously enough is probably some guy named "Jenkins," who's worked at most of the same places that I have - yet strangely I've never met him in person) fires off, and it winds up in production somehow. But that tooling is exactly my point: without a fair bit of work to set it up, it doesn't exist, at which point working with AWS is a massive pain in the ass."
Provisioning and deploying a simple webapp on AWS from scratch requires creating an account, configuring AWS SSO/IAM Identity Center, and establishing an AWS Organization and permission sets. Developers must navigate hard-to-remember SSO URLs, select roles from long lists, switch into accounts, and integrate the AWS SSO CLI or third-party helpers like granted.dev for local credentials. Continuous integration requires either complex key storage or an OIDC trust with GitHub, then configuring GitHub Actions or AWS CodeBuild to perform deployments. Enterprise CI/CD pipelines hide most of these steps; without such automation, the initial AWS setup is time-consuming, error-prone, and disproportionately painful.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]