What is the recommended pattern for deciding for splitting backend in multiple s3 accounts? We started using it by subscription, keeping it related to the RBAC to each sub. Because the network elements go on a shared sub, there is the need to reference them in the other subs, but as far as I understood, there is no way to perform this.
This leads to lots of id's and values referenced manually by configuration values, which is not ideal. Is there a better way? For now, it seems weird to put all of Pulumi data in a single self-managed backend state, independently of it's environment. With the new state scoping for self-managed backends, it makes this easier, but it is still unconfortable having all the projects living in the same state like this.
Am I looking at this from the wrong point of view? Anything I am missing?