By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Organizations - Restrict access of parent account in the child account

0

I have two AWS accounts. To take advantage of the unused Reserved Instances in account A (main), I would need to invite account B into its Organization. Is it possible to make it so that accounts remain fully independant except for Billing and Reservations? I don't want account A to have any access/control over account B.

Topics
Management & Governance
Tags
AWS OrganizationsAWS Account Management
Language
English
rePost-User-8626755
asked a year ago291 views
1 Answer
1

You could use add B to the orgnaization and then apply consildated billing to access the instances from B.

You could also create a resource share, which allows you to (as the name suggests), share resources To share resources that you own, create a resource share. When you create a resource share, you do the following:

Add the resources that you want to share.

For each resource type that you include in the share, specify the permission to use for that resource type.

If only the default permission is available for a resource type, then AWS RAM automatically associates that permission with the resource type and there is no action for you.

If more than the default AWS RAM managed permission is available for a resource type, then you must choose the permission to associate with that resource type.

Here is a link that could provide you of assistance https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html

AWS_Guy
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content