Sharing Your Resources
To use RAM to share your resources, take the steps described in the following sections:
Enabling Sharing with Organizations
If you use Huawei Cloud Organizations to manage your accounts, you can enable sharing with Organizations to share resources more easily. If your account is in an organization, you can share resources either with individual accounts or with all accounts in an organization unit (OU) or in the entire organization without having to enumerate each account.
To share resources within your organization, you first need to use the RAM console to enable sharing with Organizations. When you share resources in your organization, the accounts in your organization can access and use the shared resources without exchanging invitations.
If you no longer need to share resources with the entire organization or OUs, you can disable sharing with Organizations. After this function is disabled, you cannot set the principal type to an organization when you create a resource share.
Only the organization administrator can enable or disable Sharing with Organizations.
When sharing with Organizations is enabled:
- If a member account exits the organization or is removed from the organization by the organization administrator, the principals within the organization will be disassociated from all resource shares that the member account has created. In addition, the member account will be disassociated from any resource shares that are shared with the member account within the organization.
- If the organization administrator deletes an OU from the organization, the OU will be disassociated from all resource shares that are shared with the OU.
- If the organization administrator deletes the entire organization, all accounts in the organization will be disassociated from any resource shares that are shared with the organization.
- Log in to the Huawei Cloud management console.
- Click
in the upper left corner and choose Management & Governance > Resource Access Manager. The Resource Access Manager page is displayed. - In the navigation pane, choose Settings and turn on the toggle key Enable sharing with Organizations.
Figure 1 Enabling sharing with Organizations
- The toggle switch Sharing with Organizations of RAM is associated with the Trusted Service switch of Organizations. Specifically, if RAM is enabled as a trusted service in the Organizations service, sharing with Organizations will be automatically enabled, and vice versa. For details about how to enable a trusted service, see Enabling or Disabling a Trusted Service.
- If you disable RAM from being a trusted service in your organization, the organization, OUs, and member accounts will lose access to the previously shared resources.
Creating a Resource Share
- Log in to the Huawei Cloud management console.
- Click in the upper left corner and choose Management & Governance > Resource Access Manager. The Resource Access Manager page is displayed.
- Choose Shared by Me > Resource Shares.
- Click Create Resource Share in the upper right corner.
Figure 2 Creating a resource share
- On the displayed Specify Resource Share Details page, configure basic information and specify the resources to share, and then click Next: Associate Permissions in the lower right corner.
When creating a resource share, you can specify up to 20 resources to share at a time. However, you can update the resource share you created to add more resources. For details, see Updating a Resource Share.
Figure 3 Specifying resources to share
- On the Associate Permissions page, associate a RAM managed permission with each resource type, and then click Next: Specify Principals in the lower right corner.
RAM managed permissions available for your selection are system permissions predefined by RAM. Some resource types may have multiple permissions available. You can select as needed. For the details of each permission, see Viewing the RAM Permissions Library.
Figure 4 Associating permissions
- On the Grant Access to Principals page, specify the principals that you want to have access to the resources, and then click Next: Confirm in the lower right corner.
In this step, you can select either Allow sharing with any Huawei Cloud principal or Allow sharing only within your organization. If you select the latter, choose any principals that are within your organization.
You can set Principal Type to Organization or Huawei Cloud account ID. The Organization option is available only when the toggle key Sharing with Organizations is turned on. For details, see Enabling Sharing with Organizations.
Figure 5 Granting access to any Huawei Cloud principal
Figure 6 Granting access to principals within your organization
- Review and confirm the configuration details of your resource share and select I have read and agree to Privacy Statement on the Confirm page. Then, click Submit in the lower right corner.
Figure 7 Confirming configurations
After a resource share is created, RAM sends a sharing invitation to the specified principals. The principals can access and use the shared resources only after they accept the invitation. If the specified principals are within your organization and sharing with Organizations is enabled, the principals can access and use the shared resources without accepting the invitation.
Each principal can be shared with a maximum of 100 VPC subnets.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
