Shareable Resources - AWS Resource Access Manager

Shareable Resources

AWS RAM lets you share resources that are provisioned and managed in other AWS services. AWS RAM does not let you manage resources, but it does provide the features that let you make resources available across AWS accounts.

The following sections list the services that integrate with AWS RAM, and the resources that support sharing.

AWS App Mesh

You can share the following AWS App Mesh resources using AWS RAM.

Resource Use case

Mesh

Create and manage a mesh centrally, and share it with other AWS accounts. A shared mesh allows resources created by different AWS accounts to communicate with each other in the same mesh. For more information, see Working with Shared Meshes in the AWS App Mesh User Guide.

Amazon Aurora

You can share the following Amazon Aurora resources using AWS RAM.

Resource Use case

DB clusters

Create and manage a DB cluster centrally, and share it with other AWS accounts. This lets multiple AWS accounts clone a shared, centrally-managed DB cluster. For more information, see Cross-Account Aurora DB Cluster Cloning in the Amazon Aurora User Guide.

AWS CodeBuild

You can share the following AWS CodeBuild resources using AWS RAM.

Resource Use case

Projects

Create a project and use it to run builds. Share the project with other AWS accounts or users. This lets multiple AWS accounts and users view information about a project and analyze its builds. For more information, see Working with Shared Projects in the AWS CodeBuild User Guide.

Report groups

Create a report group and use it to create reports when you build a project. Share the report group with other AWS accounts or users. This lets multiple AWS accounts and users view the report group and its reports, and the test case results for each report. A report can be viewed for 30 days after it is created, and then it expires and is no longer available to view. For more information, see Working with Shared Report Groups in the AWS CodeBuild User Guide.

Amazon EC2

You can share the following Amazon EC2 resources using AWS RAM.

Resource Use case

Capacity Reservations

Create and manage Capacity Reservations centrally, and share the reserved capacity with other AWS accounts. This lets multiple AWS accounts launch their Amazon EC2 instances into centrally-managed reserved capacity. For more information, see Working with Shared Capacity Reservations in the Amazon EC2 User Guide for Linux Instances.

Dedicated Hosts

Allocate and manage Amazon EC2 Dedicated Hosts centrally, and share the host's instance capacity with other AWS accounts. This lets multiple AWS accounts launch their Amazon EC2 instances onto centrally-managed Dedicated Hosts. For more information, see Working with Shared Dedicated Hosts in the Amazon EC2 User Guide for Linux Instances.

Amazon EC2 Image Builder

You can share the following Amazon EC2 Image Builder resources using AWS RAM.

Resource Use case

Components

Create and manage components centrally, and share them with other AWS accounts or your organization. Manage who can use predefined build and test components in their image recipes. For more information, see Resource Sharing in EC2 Image Builder in the EC2 Image Builder User Guide.

Images

Create and manage your golden images centrally, and share them with other AWS accounts and your organization. Manage who can use images created with EC2 Image Builder across your organization.. For more information, see Resource Sharing in EC2 Image Builder in the EC2 Image Builder User Guide.

Image recipes

Create and manage your image recipes centrally, and share them with other AWS accounts and your organization. This allows you to manage who can use predefined documents to automate repeatable image pipelines for a desired configuration. For more information, see Resource Sharing in EC2 Image Builder in the EC2 Image Builder User Guide.

AWS Glue

You can share the following AWS Glue resources using AWS RAM.

Resource Use case

Data catalogs

Manage a central data catalog and share metadata about databases and tables with AWS accounts and organizations within your enterprise. This enables users to run queries on data across multiple accounts. For more information, see Sharing Data Catalog Tables and Databases Across AWS Accounts in the AWS Lake Formation Guide.

Databases

Create and manage data catalog databases centrally and share them with AWS accounts and organizations within your enterprise. Databases are collections of data catalog tables. This enables users to run queries and extract, transform, and load (ETL) jobs that can join and query data across multiple accounts. For more information, see Sharing Data Catalog Tables and Databases Across AWS Accounts in the AWS Lake Formation Guide.

Tables

Create and manage data catalog tables centrally and share them with AWS accounts and organizations within your enterprise. Data catalog tables contain metadata about data tables in Amazon S3, JDBC data sources, Amazon Redshift, streaming sources, and other data stores. This enables users to run queries and ETL jobs that can join and query data data across multiple accounts. For more information, see Sharing Data Catalog Tables and Databases Across AWS Accounts in the AWS Lake Formation Guide.

AWS License Manager

You can share the following AWS License Manager resources using AWS RAM.

Resource Use case

License configurations

Create and manage license configurations centrally, and share them with other AWS accounts. This lets you enforce centrally-managed licensing rules that are based on the terms of your enterprise agreements across multiple AWS accounts. For more information, see Using License Configurations in the AWS License Manager User Guide.

AWS Resource Groups

You can share the following AWS Resource Groups resources using AWS RAM.

Resource Use case

Resource groups

Create and manage a host resource group centrally, and share it with other AWS accounts. This lets multiple AWS accounts share a group of Amazon EC2 Dedicated Hosts created using AWS License Manager. For more information, see Host Resource Groups in AWS License Manager in the AWS License Manager User Guide.

Amazon Route 53

You can share the following Amazon Route 53 resources using AWS RAM.

Resource Use case

Forwarding rules

Create and manage forwarding rules centrally, and share them with other AWS accounts. This lets multiple AWS accounts forward DNS queries from their VPCs to the target IP addresses defined in shared, centrally-managed resolver rules. For more information, see Sharing Forwarding Rules with Other AWS Accounts and Using Shared Rules in the Amazon Route 53 Developer Guide.

Amazon VPC

You can share the following Amazon VPC resources using AWS RAM.

Resource Use case
Customer-owned IPv4 addresses

During the AWS Outposts installation process, AWS creates an address pool, known as a customer-owned IP address pool, based on information that you provide about your on-premises network.

Customer-owned IP addresses provide local, or external connectivity to resources in your Outpost subnets through your on-premises network. You can assign these addresses to resources on your Outpost, such as EC2 instances, using Elastic IP addresses.

Prefix lists

Create and manage prefix lists centrally, and share them with other AWS accounts. This lets multiple AWS accounts reference prefix lists in their resources, such as VPC security groups and subnet route tables. For more information, see Working with Shared Prefix Lists in the Amazon VPC User Guide.

Subnets

Create and manage subnets centrally, and share them with other accounts or organizational units that are in the same organization from AWS Organizations. This lets multiple AWS accounts launch their application resources into centrally-managed VPCs. These resources include Amazon EC2 instances, Amazon Relational Database Service (RDS) databases, Amazon Redshift clusters, and AWS Lambda functions. For more information, see Working with VPC Sharing in the Amazon VPC User Guide.

Traffic mirror targets

Create and manage traffic mirror targets centrally, and share them with other AWS accounts. This lets multiple AWS accounts send mirrored network traffic from traffic mirror sources in their accounts to a shared, centrally-managed traffic mirror target. For more information, see Cross-Account Traffic Mirroring Targets in the Traffic Mirroring Guide.

Transit gateways

Create and manage transit gateways centrally, and share them with other AWS accounts. This lets multiple AWS accounts route traffic between their VPCs and on-premises networks through a shared, centrally-managed transit gateway. For more information, see Sharing a Transit Gateway in the Transit Gateways Guide.