Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

AWS Organizations - Restrict access of parent account in the child account

0

I have two AWS accounts. To take advantage of the unused Reserved Instances in account A (main), I would need to invite account B into its Organization. Is it possible to make it so that accounts remain fully independant except for Billing and Reservations? I don't want account A to have any access/control over account B.

Argomenti
Gestione e amministrazione
Tag
Organizzazioni AWSGestore account AWS
Lingua
English
rePost-User-8626755
posta un anno fa300 visualizzazioni
1 Risposta
1

You could use add B to the orgnaization and then apply consildated billing to access the instances from B.

You could also create a resource share, which allows you to (as the name suggests), share resources To share resources that you own, create a resource share. When you create a resource share, you do the following:

Add the resources that you want to share.

For each resource type that you include in the share, specify the permission to use for that resource type.

If only the default permission is available for a resource type, then AWS RAM automatically associates that permission with the resource type and there is no action for you.

If more than the default AWS RAM managed permission is available for a resource type, then you must choose the permission to associate with that resource type.

Here is a link that could provide you of assistance https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html

AWS_Guy
con risposta un anno fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente