The course is part of this learning path
In this course, we look at the benefits of sharing a Virtual Private Cloud, a VPC, from a centralized networking AWS account using AWS Resource Access Manager (RAM). We discuss the capabilities of VPC sharing and the role RAM plays in VPC sharing.
Learning Objectives
By the end of this course, you will have a greater understanding of:
- The benefits of sharing VPCs
- The role of RAM in sharing VPCs
- The capabilities and restrictions of VPC sharing
Intended Audience
Anyone working with AWS Networking will benefit from this course, as well as those who are:
- Studying for the AWS Networking Specialty certification
- Studying for the AWS Solutions Architect certifications
If you want to increase your AWS knowledge, this course is for you.
Prerequisites
Before attending this course, you should be familiar with Amazon VPCs and how they are configured. Experience with AWS Organizations and how they are used to manage multiple AWS Accounts is also desirable.
In this section, we will discuss the role Resource Access Manager plays in sharing of centralized resources. In order to use VPC sharing, you must work with AWS Resource Access Manager, RAM. RAM allows you to share a whole host of AWS resources from centralized AWS accounts. Using RAM, you can share resources such as Aurora DB Clusters, Dedicated Hosts, Resource Groups, and of course VPC Subnets. The first thing you should do if you want to easily use RAM is to enable sharing. This can be done through the Resource Access Manager console or through the AWS CLI. Next, using the console or CLI you create a resource share.
When you create a resource share, you provide a name for the share and the list of resources you wish to share. Here, we can see that we are creating a share called DevTeam1 and we're sharing three subnets from the same VPC. Next, we can assign permissions to the share. The permissions allow us to restrict the actions that principles are allowed to perform on the share. If you're happy with the permissions, you can click 'Next' and identify the principles you wish to share the resources with. If you select OU, then the resources you are sharing will be shared with all AWS accounts in the organizational units and any new AWS accounts that are added to the OU in the future. We would then complete the wizard and very quickly the shared resources, in this case three shared subnets, would appear in the VPC console of the chosen AWS accounts.
Mike has worked in IT since 1997, specializing in networking, storage, and architecture. He's been in cloud computing for the last 8 years, working across several cloud platforms but specializing in AWS. He's been involved in many cloud projects over the years covering migrations, hybrid connectivity, security optimization, networking, and storage architecture.
He gained his first training qualification in 1998 and, about 3 years ago, became an AWS Authorized Champion Instructor. He's delivered AWS cloud courses across Europe for a range of clients, with a focus on Architecture, Security, and Networking. He currently holds certifications for the four biggest cloud vendors, including the AWS Solutions Architect Professional, AWS DevOps Engineer, and AWS Advanced Networking specialty certifications.
He lives in the North of England with his wife Frances and their dog Inca.