Resource: awsRamResourceShareAccepter
Manage accepting a Resource Access Manager (RAM) Resource Share invitation. From a receiver AWS account, accept an invitation to share resources that were shared by a sender AWS account. To create a resource share in the sender, see the awsRamResourceShare
resource.
\~> Note: If both AWS accounts are in the same Organization and RAM Sharing with AWS Organizations is enabled, this resource is not necessary as RAM Resource Share invitations are not used.
Example Usage
This configuration provides an example of using multiple Terraform AWS providers to configure two different AWS accounts. In the sender account, the configuration creates a awsRamResourceShare
and uses a data source in the receiver account to create a awsRamPrincipalAssociation
resource with the receiver's account ID. In the receiver account, the configuration accepts the invitation to share resources with the awsRamResourceShareAccepter
.
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.provider.AwsProvider(this, "aws", {
profile: "profile2",
});
const awsAlternate = new aws.provider.AwsProvider(this, "aws_1", {
alias: "alternate",
profile: "profile1",
});
const awsRamResourceShareSenderShare =
new aws.ramResourceShare.RamResourceShare(this, "sender_share", {
allowExternalPrincipals: true,
name: "tf-test-resource-share",
provider: `\${${awsAlternate.fqn}}`,
tags: {
Name: "tf-test-resource-share",
},
});
const dataAwsCallerIdentityReceiver =
new aws.dataAwsCallerIdentity.DataAwsCallerIdentity(this, "receiver", {});
const awsRamPrincipalAssociationSenderInvite =
new aws.ramPrincipalAssociation.RamPrincipalAssociation(
this,
"sender_invite",
{
principal: dataAwsCallerIdentityReceiver.accountId,
provider: `\${${awsAlternate.fqn}}`,
resourceShareArn: awsRamResourceShareSenderShare.arn,
}
);
new aws.ramResourceShareAccepter.RamResourceShareAccepter(
this,
"receiver_accept",
{
shareArn: awsRamPrincipalAssociationSenderInvite.resourceShareArn,
}
);
Argument Reference
The following arguments are supported:
shareArn
- (Required) The ARN of the resource share.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
invitationArn
- The ARN of the resource share invitation.shareId
- The ID of the resource share as displayed in the console.status
- The status of the resource share (ACTIVE, PENDING, FAILED, DELETING, DELETED).receiverAccountId
- The account ID of the receiver account which accepts the invitation.senderAccountId
- The account ID of the sender account which submits the invitation.shareName
- The name of the resource share.resources
- A list of the resource ARNs shared via the resource share.
Import
Resource share accepters can be imported using the resource share ARN, e.g.,