AWS Resource Access Manager (RAM) now supports a resource share configuration that allows you to maintain resource sharing continuity when accounts move between AWS Organizations. With the new RetainSharingOnAccountLeaveOrganization parameter and corresponding ram:RetainSharingOnAccountLeaveOrganization condition key, security administrators can configure resource shares to retain access when accounts leave the organization and enforce consistent policies across their organization using Service Control Policies (SCPs).
This capability helps organizations undergoing mergers, acquisitions, or restructuring maintain access to shared resources like Route53 Resolver Rules, Transit Gateways, and IPAM pools without disruption. Security teams can use SCPs to enforce the RetainSharingOnAccountLeaveOrganization configuration organization-wide. When enabled, RAM treats organization accounts as external accounts, requiring explicit invitation acceptance and preserving resource access during account transitions between organizations.
This feature is available in all AWS commercial Regions at no additional cost. To learn more about resource share configurations, see the AWS RAM documentation or visit the AWS RAM product page.
Categories: marketing:marchitecture/security-identity-and-compliance
Source: Amazon Web Services
Latest Posts
- Oracle Database@AWS is now available in the Dublin AWS Region
- Amazon Bedrock batch inference now supports the Converse API format
- EC2 Image Builder enhances lifecycle policies with wildcard support and simplified IAM
- (Updated) Microsoft 365 Copilot: Add web links as references in Copilot Notebooks [MC1193414]
![(Updated) Microsoft Teams: Hiding inactive channels [MC804771]](https://mwpro.co.uk/wp-content/uploads/2025/06/pexels-atahandemir-28779687-96x96.webp "(Updated) Microsoft Teams: Hiding inactive channels [MC804771] 7")