Wednesday, October 22, 2025

AWS - Resource Sharing

In AWS, Resource Sharing means making AWS resources owned by one account available for use in other AWS accounts.

This is typically done via AWS Resource Access Manager (RAM).

Instead of duplicating infrastructure in every account, you share centrally and let other accounts or AWS Organizations members use those resources.

(Not all AWS resources are shareable; only supported ones via RAM.)

How Resource Sharing Works (via AWS RAM)

  1. Owner account (Resource owner)

    • Creates the resource (e.g., VPC subnets, Transit Gateway, License configuration).

    • Shares it via AWS RAM.

  2. Shared accounts (Principals)

    • Can be:

      • Another AWS account

      • An AWS Organization / OU

      • Specific IAM roles or users (in some cases)

  3. Accepting the share

    • The other account accepts the resource share invitation (unless sharing is inside an Organization with auto-accept enabled).

  4. Using the resource

    • Shared account can use the resource, but usually cannot manage/delete it (ownership stays with the resource owner).

Example Resources You Can Share

  • VPC Subnets (for centralized networking).

  • Transit Gateway (hub-and-spoke networking).

  • Route 53 Resolver rules.

  • AWS License Manager configurations.

  • Dedicated Hosts.

  • Aurora DB clusters (via Aurora global).

  • Outposts resources.

(Not all AWS resources are shareable; only supported ones via RAM.)

Real-World Example

Imagine a company with 3 AWS accounts:

  • Networking account → hosts central VPC, Transit Gateway, Route 53 rules.

  • App account → runs EC2 & ECS.

  • DB account → runs RDS clusters.

Instead of duplicating networking in every account:

  • The Networking account shares the Transit Gateway and VPC subnets using AWS RAM.

  • The App account attaches its workloads to the shared VPC and TGW.

  • The DB account uses shared Route 53 rules to resolve internal DNS.

This way → centralized control + cost savings + easier management.

Benefits of Resource Sharing

  • Centralized management (one networking/account manages core infra).

  • Cost optimization (no duplicate TGWs, subnets, rules).

  • Security & compliance (principals can use but not modify resources).

  • Scalability (works across AWS Organizations).


-
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

CI/CD - Safe DB Changes/Migrations

Safe DB Migrations means updating your database schema without breaking the running application and without downtime . In real systems (A...

  • Understanding XML Schema - XSD
    XML Schema - An XML schema describes the structure of an XML document. XML schema language also referred as XML schema definition(XSD). ...
  • Architecture - Some Important Concepts of DDD
    ✅ 1. Domain Events Domain events model things that happen inside the domain and allow other parts of the system to react. Use cases Send em...
  • Web API Facts
    Web Api is REST based service on web works on http or https. REST - Representational State Transfer  Facts  Rest Facts Client-Server model: ...