We want to spin up resources per branch.
So a new pull request would spin up RDS, VPC, EKS, S3, Cloudfront.
Create a policy and add them to a group.
A developer in said group could then use their rights to check the RDS or create a kubeonfig for the EKS cluster, etc.
Will also be creating “users” which are basically our Applications.
For creating signed cookies on Cloudfront or upload files to S3.