Skip to main content

Delete: AWS Resource Manager (RAM)

This is used to share AWS resources between AWS Accounts. These resources need to support RAM in order to work with RAM. Makes sense.

AWS also rotates the physical locations of their availability zones. What is us-east-2a for one may not be us-east-2a for another. Availability zone ID's solve this problem. Owner retains the full ownership of the resource

Service Quotas

Quotas usually are used to place hard or soft limits on services within the accounts.

some can't be changed - 5000 IAM users for example.
are put into place to limit the blast radius of a new account.

You can send in templates that mass adjust across all of your accounts so you don't need to manage them individually.

Links:

https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html https://console.aws.amazon.com/servicequotas/home?region=us-east-1#!/ https://docs.aws.amazon.com/servicequotas/latest/userguide/configure-cloudwatch.html https://awscli.amazonaws.com/v2/documentation/api/latest/reference/service-quotas/list-service-quotas.html

Mini Demo: Implementing a CloudWatch Alarm on S3 bucket quotas

Links:
Mini Demo: Implementing a CloudWatch Alarm on S3 bucket quotas