ACM.429 Extract variations to prevent hardcoded values ββin code in a deployment container
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ ~~~~~~
βοΈ Part of my series on Automation of cybersecurity measures. THE Coded.
π Related Stories: AWS Security | Application security | Abstraction
π» Free content on Cybersecurity Jobs | βοΈ Register for Broadcast list
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ ~~~~~~
In the last article, I migrated the code to deploy a delegated administrator to our new container deployment method.
One of the things I had to change in the code to find the account ID of the account we want to use as the delegated administrator account like this:
But what if an organization wants to use another account name in addition to the organization policies as the account for their organization’s delegated administrator?
This code is not very flexible.
It also doesn’t allow me to fully automate my code created by my code generator. I’ve been thinking about how I want to implement this next item for a while and it might take some trial and error over the next few blog posts. Let’s see how it goes.
Limit manual entries to avoid incidents
I want to avoid passing parameters on the command line to the container. It’s a source of gross errors that have proven to create disasters over time, like an AWS S3 outage, for example.