Add discovery and reporting for RAM shares #28
Labels
enhancement
New feature or request
Comments
|
Thanks for opening this feature request. We have added this to our backlog and will add in the next release v1.1.0. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
The tool perform discovery on a number of resources that could/would be impacted by the migration of accounts between instances of AWS Organizations. However, it does have a blind spot for RAM shared resources.
This problem has been compounded by a security improvement that was introduced last years, where resources shared explicitly by an account id as the principle are treated differently depending on whether the (at the time of share creation) the provider and subscriber AWS accounts are within the same organizations.
This means that even where a a share is explicitly between two linked account s within an organizations and without RAM being enabled as a trusted services in organizations the share would be impacted when one or other participant moves outside of the organization.
Describe the feature you'd like
To add reporting of RAM shared resources? both Org/OU id based shares but alls account id based. Since they are treated differently for accounts within the same org and when account migrate the shares dis-associate or disappear (r53).
Additional context
Reach out for additional context.
The text was updated successfully, but these errors were encountered: