Streamlining Incident Response with AWS Resource Access Manager (RAM): A Comprehensive Guide and Demonstration


In this comprehensive guide and in-depth demonstration, we will explore how AWS Resource Access Manager (RAM) can revolutionize the way you share Incident Manager contacts and escalation plans within your AWS environment. AWS RAM is a versatile tool that empowers users to efficiently distribute AWS resources across various accounts and AWS Organizations. Through this extensive exploration, we’ll delve deeper into the advantages of RAM and its application in the management of Incident Manager resources for incident response.

The Benefits of AWS Resource Access Manager (RAM)

Before we delve into the detailed demonstration, let’s thoroughly understand the significant advantages of AWS RAM:

  1. Eliminating Duplicated Resources: RAM simplifies resource management by eliminating the need to create redundant resources in each AWS account, which ultimately reduces operational overhead. This means that instead of replicating resources across accounts, you can centralize their management.
  2. Security and Consistency: RAM ensures a consistent approach to security management by enabling you to apply uniform policies and permissions across shared resources. This is a crucial aspect for maintaining security integrity when dealing with shared resources in a multi-account environment.
  3. Visibility and Auditability: RAM offers enhanced visibility into the usage of shared resources by seamlessly integrating with Amazon CloudWatch and AWS CloudTrail. This integration provides valuable insights, aiding in the efficient monitoring and auditing of shared resources, which is essential for compliance and security.

In-Depth Demonstration: Using RAM for Sharing Incident Manager Resources

Now, let’s move on to the practical demonstration of using AWS RAM to share Incident Manager resources. AWS Incident Manager, a vital component of AWS Systems Manager, is a tool designed to help users prepare for and respond to incidents with automated response plans. These response plans ensure that the right people and relevant information are brought together during critical situations.

Step-by-Step Guide

1. Creating Incident Manager Resources in the Resource Owner Account

In the resource owner account, the first step is to create Incident Manager resources. These resources consist of contacts, such as “senior incident responder” and “incident responder,” and an escalation plan, aptly named “demo.” This is a crucial preparatory step to ensure that the necessary personnel and procedures are in place.

2. Sharing Resources with the Consumer Account Using AWS RAM

The next stage takes us to the AWS RAM console. Here, we create a resource share, giving it an appropriate name, like “demo.” Both the escalation plans and contacts are selected for sharing. Furthermore, the permissions and principles are specified to ensure that sharing is restricted to within the AWS Organization, which is a critical aspect of maintaining a controlled and secure sharing environment.

3. Accessing Shared Resources in the Consumer Account

Now, we transition to the consumer account. Here, we validate that the shared resources are accessible by visiting the RAM console. Under the “Shared with me” section, we locate the shared Incident Manager contacts and escalation plans, confirming that the sharing process has been successfully executed. This accessibility is further verified by navigating to the Incident Manager console.

4. Creating a Response Plan in the Consumer Account

The final and crucial phase of the demonstration showcases the creation of a response plan in the consumer account. This plan is constructed by utilizing the shared contacts and escalation plans, ensuring that the correct contacts are efficiently engaged during an incident. This response plan is crucial for timely and effective incident management.


This comprehensive guide and in-depth demonstration have illuminated the power of AWS RAM in simplifying the sharing of Incident Manager resources across AWS accounts. By leveraging AWS RAM, organizations can streamline their incident response processes, minimize redundancy, and enhance security and auditing. The elimination of duplicated resources, the assurance of security and consistency, and the enhancement of visibility and auditability make AWS RAM an indispensable component of incident response within the AWS ecosystem. It ensures that organizations can respond to incidents promptly and efficiently while maintaining stringent security and compliance standards.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top