Some folks got in touch and said they were having trouble commenting. It should now be fixed so comment away :)
This post details a command line tool I’ve written called awsbigbrother. It can be used to audit AWS accounts and check that you are not exposed in certain areas. The mentality behind it is continuous checking and monitoring for security issues.
I tend to work on a lot greenfield projects where we create AWS stuff from scratch. When I roll down somewhere the very first thing I need to think about is account structure. There are pros and cons to various account structures. There’s no ‘right’ way to do this but I’m going to cover why I generally prefer multiple accounts.