Monday, July 20, 2020

RAM – Resource Access Manager


RAM – Resource Access Manager
-         https://docs.aws.amazon.com/ram/latest/userguide/what-is.html
-         RAM lets you share your resources with any AWS account or through AWS Organizations. If you have multiple AWS accounts, you can create resources centrally and use AWS RAM to share those resources with other accounts.
-         Access via: Console, SDK, API. Command line, WAS tools for Windows PowerShell
-         Can share across: accounts, OU, AWS Organization
-         When sharing a resource with another account – all policies in the receiving account apply
-         Reduces overhead – removes need for duplicate resources
-         Integrates with CloudWatch and CloudTrail
-         Sharing resources in VPC – the owner creates a VPC and shares specific subnets with others in same AWS Organization. Participants cannot view / delete / modify other participants’ resources in a VPC
-         The following sections list the services that integrate with AWS RAM, and the resources that support sharing.
          §  AWS App Mesh
          §  Amazon Aurora
          §  AWS CodeBuild
          §  Amazon EC2 (incl. Transit Gateway)
          §  Amazon EC2 Image Builder
          §  AWS License Manager
          §  AWS Resource Groups
          §  Amazon Route 53
-         AZ ID - a unique ID. To ensure that resources are distributed across the Availability Zones for a Region, AWS independently map Availability Zones to names for each account. For example, the Availability Zone us-east-1a for your AWS account might not have the same location as us-east-1a for another AWS account. AZ ID should be used to provide unique reference.

No comments:

Post a Comment