https://github.com/ibm-cloud/cross-account-resource-sharing
Share resources across IBM Cloud accounts
https://github.com/ibm-cloud/cross-account-resource-sharing
cost-optimization ibm-cloud ibm-cloud-solutions resource-sharing security sharing
Last synced: 3 months ago
JSON representation
Share resources across IBM Cloud accounts
- Host: GitHub
- URL: https://github.com/ibm-cloud/cross-account-resource-sharing
- Owner: IBM-Cloud
- License: apache-2.0
- Created: 2022-10-05T10:46:39.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2022-10-14T13:27:58.000Z (over 3 years ago)
- Last Synced: 2025-01-17T18:18:24.176Z (over 1 year ago)
- Topics: cost-optimization, ibm-cloud, ibm-cloud-solutions, resource-sharing, security, sharing
- Language: HCL
- Homepage: https://cloud.ibm.com/docs/solution-tutorials?topic=solution-tutorials-resource-sharing
- Size: 33.2 KB
- Stars: 0
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Sharing resources across IBM Cloud accounts
This repository includes code samples and additional material related to the IBM Cloud solution tutorial on resource sharing across accounts.
### Sharing security-related resources
The diagram shows the following scenarios:
1. Instances of Object Storage and Databases for MongoDB in Account A and Account B utilize encryption keys managed in the Main Account in Key Protect.
2. Security and Compliance Center in the Main Account governs resources in all three accounts (see black lines above).
3. Instances of Activity Tracker in Account A and Account B direct security logs with Activity Tracker Event Routing to Object Storage buckets in the Main Account (see blue lines above).
This kind of sharing can be done independently of having an IBM Cloud Enterprise account or not.
### Sample Terraform configurations
- **Multi-account access**: [Configure multi-account access using aliases](terraform-multiaccount)
- **Service to service authorization across accounts**: [Service to service authorization for Cloud Object Storage to Key Protect](/terraform-services/authorization-policy.tf)
- **Activity Tracker event routing**: [Route Activity Tracker events from local to central corporate AT instance](/terraform-services/activitytracker-to-activitytracker.tf)
- **Security and Compliance Center**: [Configure Security and Compliance Center to scan other IBM Cloud accounts](/terraform-services/security-and-compliance-center.tf)