Have you ever needed to manage resources in multiple accounts and felt frustrated with provisioning the same resource multiple times and keeping them up to date?
With AWS Resource Access Manager (RAM), you can share resources you create in a central account across multiple accounts or Organisational Units in your Organisation, or accounts outside of your Organisation. It reduces operational overhead by allowing you to create a resource once and make it usable in other accounts.
Setting up AWS RAM
Creating a resource share in AWS RAM is super easy. Choose the resource you want to share, select the managed permissions to assign, and principals that you want to share it with and you're all set! AWS RAM will send invitations to the specified accounts to allow them to view the shared resources.
Benefits of AWS RAM
- No Duplication: Share resources from a central account instead of duplicating them
- Cost Efficiency: Avoid unnecessary costs from duplicate resources
- Improved Security: Share resources with fine-grained access controls with only authorised accounts or principals
AWS RAM Use Cases
- Sharing VPC subnets across multiple AWS accounts for shared network resources
- Private hosted zones in one account can be shared and associated with VPCs in another account to enable DNS resolution for EC2s in the other account
- Enabling cross-account access to data lakes and analytics resources for machine learning and data processing
- Facilitating centralised security tooling by sharing resources like Security Hub findings or AWS Firewall Manager configurations
- Enabling resource sharing for multi-account disaster recovery setups, improving resilience and failover strategies
Top comments (1)
pretty cool seeing how much overhead this actually cuts down, always makes me wonder though- you think habits or the tools matter more for keeping stuff organized once youโre juggling a ton of accounts?