Multiple Accounts
First of all, I want to explain the benefits of using multiple AWS accounts. By using an AWS account per project you get:
Separation of concern and group up workloads together
- You know everything in the AWS Account relates to one project, keeping the use of services clean and easy to navigate. I’ve often found Lambdas, S3, and CloudWatch to become very noisy as you start to combine projects, making it difficult to navigate and troubleshoot.
Breakdown of billing per project
- Get a monthly bill broken down by project, and via the Organisational Unit, you can see a high level of all costs across all subscriptions.
Limit the scope of impact from adverse events
- Know as you use IAM and Security Credentials that they are only able to access one project
AWS also recommends it:
Adding a new account
It’s fairly simple to add new AWS accounts via the AWS Organizations Service. From there you can manage the users who can access the AWS Account via the IAM Identity Management Center.
Switching between acounts
I’ve found it difficult manage multiple accounts though, often logging in and out of accounts in the same browser to use different services. Authentication cookies are shared between tabs so it becomes a bit of a nightmare.
However I’ve discovered that the FireFox Team at Mozzila have made an extension for the Firefox Browser so that cookies are contained within the tab, allowing you to have different sessions in different tabs.
Example of having multiple AWS Accounts open in the same browser window:
There are a few customisation options with the the icons and coloring the tabs, but it becomes really powerful when you add a further extension ‘open-url-in-container’.
Open multiple containers on launch
With this extension, you can set Firefox to open with multiple tab containers with multiple AWS accounts. This smoothens the experience of using multiple accounts and instantly being able to jump into all of them.
As an example, this opens up a tab in the `SearchOps`` container with it’s own AWS account (which I’m using to build ElasticSearch test infrastructure).
ext+container:name=SearchOps&url=https://us-east-1.console.aws.amazon.com
In Firefox settings, you can combine multiple tabs together with a pipe |
:
ext+container:name=SearchOps&url=https://us-east-1.console.aws.amazon.com|ext+container:name=AWSMain&url=https://us-east-1.console.aws.amazon.com
Bookmarks
You can also put these urls into your bookmarks, so you open up independent containers for each AWS session.
Video demo
Launching Firefox with two AWS accounts in two container tabs
Quick Download links
Firefox https://www.mozilla.org/en-GB/firefox/new/
Multi Account Extension https://addons.mozilla.org/en-GB/firefox/addon/multi-account-containers/
Open links in container Extension https://addons.mozilla.org/en-GB/firefox/addon/open-url-in-container/
Conclusion
Using Firefox with multiple containers to management AWS Accounts is super useful and can optmise your workflow.
Also, managing AWS Accounts is a good example, but this workflow would support other usecases to login to multiple sites in the same browser.