How do I allow my Organization's management account to view my EC2 instance?

0

I am handling all of my company's AWS activities. There are 2 root accounts in our organization (Mine and the Operations team leader's account). I assumed that the Management account (the team leader's account) would automatically be able to see any instances/resources that I create, but this is not the case. How do I allow the management account to view my instances and any other resources in the future?

3 Answers
0

If by "view" you mean find about them, you could set up Resource Explorer on your Organization, it allows you to easily search for and discover your resources, such as Amazon Elastic Compute Cloud (EC2) instances, Amazon Kinesis data streams, and Amazon DynamoDB tables, across AWS Regions and accounts. From the search results, you can quickly navigate to the resources in the appropriate service console and take action.

This is a link about deploying resource explorer to an Organization..

For administration purposes, you can use Identity Center (SSO) to manage permisions sets across accounts, documentation here.

profile pictureAWS
answered 10 months ago
  • I have been looking into this since you responded.

    By "view" I mean that the Instance will show in his EC2 Manager (EC2 Dashboard & Instances).

    I've been looking into the resource explorer, but our resources are different from eachother. He does not have the instance resource. I want to share my instance with the Management account, but I can't figure out how to share them. I have a resource group set up with just my instance in it, but when I go to share it in the Resource Access Manager, there is a message saying, "Currently, you can only share host resource groups that were created in AWS License Manager."

0

You will have to switch roles into the account that hosts your EC2's or login into the account that has the EC2's.

As per romerogt, you are best to use Identity centre to login and switch to the account where your EC2s are.

profile picture
EXPERT
answered 10 months ago
0

Take a look at this also: Multi-Account Multi-Region Data Aggregation. As stated above, to manage them, you will need credentials in each account provide easier by Identity Center.

profile pictureAWS
EXPERT
kentrad
answered 10 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions