Updated on 2025-05-22 GMT+08:00

SEC03-04 Securely Sharing Resources

In large enterprises, resources often need to be securely shared across various organizational units, departments, and teams.

  • Risk level

    Medium

  • Key strategies
    • Large enterprises typically comprise multiple organizational units and accounts, necessitating resource sharing across these accounts. Secure resource sharing must adhere to the following practices:
    • Use resource tags: Classify and label resources using tags to facilitate efficient management and policy application.
    • Share resources only with trusted entities: Employ Service Control Policies (SCPs) to restrict account permissions within an organization, ensuring that resources are shared exclusively within the defined organizational boundaries.
    • Establish specific service accounts for accessing shared resources.
  • Related cloud services and tools
    • Organizations
    • Resource Access Manager (RAM): Provides secure cross-account resource sharing capabilities. If you manage multiple Huawei Cloud accounts, you can create resources once in a central account and use RAM to share these resources with other accounts, eliminating the need for redundant resource creation in each account.