Ephemeral AWS Account?

Hi there,

Would it be possible (considering every microservices uses the same underlying technology: Typescript, Lambda, SQS/SNS, DynamoDB, API GW, KMS, WAF, Cognito, other AWS true serverless services) to tear down a particular AWS account so that every time a microservice is built (same CI/CD for all microservices) the following things would happen?

  • PRE: Copy dynamoDB tables (new names) ftrom a SEED table another account);
  • PRE: Run CDK or Terraform (IaC)
  • Run the tests on this AWS account (performance, smoke, end-to-end, security);
  • Collect results from tests
  • POST: Clear any cache, queues or any state created by the test/build;
  • POST Remove DynamoDB tables (so we won’t pay for the storage)

In case there is already a BUILD running on any particular account (myproject-ephemeral-account01) I could just use another one (myproject-ephemeral-account02). We would have enough accounts to support our needs;

Another thing would be to use THE SAME CI/CD pipeline (it would be triggered by any microservice commit. Some conventions/standards for those microservices would be required). As we want to achieve the same thing for every build (ensure quality, performance, secure and code integration/merges) it sounds reasonable to me to have only one CI/CD pipeline (which could run in parallel if more than one build is necessary)

What are your thoughts on that? Anyone doing a similar thing?

Thanks