RAM

Feauture

• AWS Resource Access Manager service
• easily and securely share AWS resources with any AWS account or within your AWS Organization
• You can share AWS Transit Gateways, Subnets, AWS License Manager configurations, and Amazon Route 53 Resolver rules resources with RAM.

Scenario

• A global IT company with offices around the world has multiple AWS accounts. To improve efficiency and drive costs down, the Chief Information Officer (CIO) wants to set up a solution that centrally manages their AWS resources. This will allow them to procure AWS resources centrally and share resources such as AWS Transit Gateways, AWS License Manager configurations, or Amazon Route 53 Resolver rules across their various accounts.
  As the Solutions Architect, which combination of options should you implement in this scenario? (Choose 2)
  • Solution 1) Consolidate all of the company’s accounts using AWS Organizations.
  • Solution 2) Use the AWS Resource Access Manager(RAM) service to easily and securely share your resources with your AWS accounts.
  • RAM eliminates the need to create duplicate resources in multiple accounts, reducing the operational overhead of managing those resources in every single account you own. You can create resources centrally in a multi-account environment, and use RAM to share those resources across accounts in three simple steps: create a Resource Share, specify resources, and specify accounts. RAM is available to you at no additional charge.
  • IAM : is incorrect because although you can delegate access to resources that are in different AWS accounts using IAM, this process is extremely tedious and entails a lot of operational overhead since you have to manually set up cross-account access to each and every AWS account of the company.