Updated on 2024-03-15 GMT+08:00

Basic Concepts

Principal Sharing with You (Resource Owner)

An account used to create and manage resources. A resource owner can use RAM to create a resource share to share specified resources with other accounts.

Principal You Share With

The principal that the resource owner shares resources with. A principal is usually an individual account. When sharing with Organizations is enabled, a principal can also be an organization or organization unit (OU).

Resource share

A unit for resource sharing. Resource shares are created by resource owners. Each resource share consists of one or more resource groups, RAM managed permissions, and principals.

RAM managed permission

A permission that defines what actions principals can take on shared resources. There is at least one RAM managed permission for each shareable resource type. If a resource type has only one RAM managed permission, it is used automatically by default. If a resource type has more than one RAM managed permission, you can choose which one to use in a resource share.

Resource sharing invitation

When a resource owner attempts to share resources with principals, RAM issues an invitation. The principals can accept or reject the invitation. If sharing with Organizations is enabled, the resource owner can share resources with accounts in an organization. By default, the accounts accept the sharing invitation.