Since [[A fully local development workflow is impossible for most serverless applications]], the tendency amongst many (most?) development teams using [[Serverless MOC|Serverless]] on [[AWS]] is to have developers share a single AWS account which acts as their "local" development environment. (This account would usually not be part of a [[CICD]] pipeline). ## Isolation However, this approach lacks the isolation that developers are used to when working locally, and makes it more likely that developers will step on each others' toes: > Given that Lambda functions are probably the resource developers will be iterating upon most frequently, we don’t want one developer deploying changes over the top of another one. You could introduce a naming convention to prevent such collisions, but that adds unnecessary complexity to your configuration management. [^ps1] [^ps1]: [Give developers their own AWS account](https://serverlessfirst.com/give-developers-own-aws-account/) by [[@Paul Swail]] It can also introduce complexities where an application has multiple stacks which depend on each other. A change one developer makes to one could break a downstream one. By instead giving each developer their own AWS account, they don't need to worry about interfering with others, or being interfered with. See also: - [[Distinct product environments should be isolated within their own AWS account]] ## Other benefits of per-developer AWS accounts - More exposure to infrastructure management and encourages use of [[Infrastructure-as-Code]] across all team members - Less experienced developers get more confidence to experiment ## Objections to per-developer AWS accounts - Controlling costs - Overhead of provisioning new account for each developer - Security See [here](https://serverlessfirst.com/give-developers-own-aws-account/#common-objections) for some mitigations of these objections. --- tags: #AWS #DeveloperWorkflow