RAM Flashcards
Resource Access Manager (RAM)
One sentence for RAM?
Share resources across accounts, even in the AWS Console & CLI
Resource Access Manager (RAM)
What is the cost structure for RAM?
Free
Resource Access Manager (RAM)
What things can you share resources to?
Accounts, OUs or entire Org
Resource Access Manager (RAM)
Availability Zone ID?
AZ IDs are use1-az1 and use1-az2, globally the same across accounts
Resource Access Manager (RAM)
Just confusing more with a different set of letters for AZs and AZ IDs?
Nope, AZs use letters: us-east-1a, AZ IDs use numbers: use1-az2
Resource Access Manager (RAM)
How do you accept a shared resource in your account?
Trick: if just an account, HAVE to accept it. If in an Org, happens automatically.
Resource Access Manager (RAM)
Special Term: Shared Services VPC?
One acct in Org shares subnets (not VPCs), other in the OU deploy there.
Resource Access Manager (RAM)
Name for accts that use a Shared Services VPC?
Participant accounts
Resource Access Manager (RAM)
What can participants do in a Shared Services VPC?
See and deploy into subnets, not modify anything about the VPC.
Resource Access Manager (RAM)
Who owns EC2 instances deployed by a Participant account in a Shared Services VPC?
Participant account
Resource Access Manager (RAM)
What can Participant accounts see in a Shared Services VPC?
Only things that they own (like EC2 & RDS)! No visibility to (unshared) resources from other Participants.
Resource Access Manager (RAM)
Given the visibility, why bother if things can’t see each other?
They CAN. Resources can communicate, accounts can’t see other resources in the console.
Resource Access Manager (RAM)
How do you share a VPC between accounts?
Trick: can’t with RAM, RAM shares Subnets you can deploy into.
Resource Access Manager (RAM)
What networking things can be shared with RAM?
Subnets, Transit Gateways (not VPCs)
Resource Access Manager (RAM)
What Route 53 things can be shared with RAM?
Resolver Rules
