You can use the management account or a member of a resource directory to share resources with all members in the resource directory, all members in a specific folder in the resource directory, or a specific member in the resource directory.
Background information
In this example, a resource owner (the management account of a resource directory) shares one or more vSwitches in a virtual private cloud (VPC) within the resource owner to a member in the resource directory.
Step 1: Enable resource sharing
Log on to the Resource Management console by using the management account of your resource directory.
In the left-side navigation pane, choose Resource Sharing > Settings.
On the page that appears, click Enable.
In the Service-linked Role for Resource Sharing dialog box, click OK.
The system creates a service-linked role named AliyunServiceRoleForResourceSharing to obtain the organizational structure of the resource directory. For more information, see Service-linked role for Resource Sharing.
Step 2: Create a resource share
Log on to the Resource Management console as a resource owner.
In the left-side navigation pane, choose Resource Sharing > Resources I Share.
In the top navigation bar, select the region where the resources to be shared reside.
ImportantIf you want to share global resources, such as templates in Resource Orchestration Service (ROS), you can select only the China (Shanghai) region to create resource shares.
Click Create Resource Share. On the page that appears, configure the parameters.
Configure basic information and add resources.
Enter a resource share name, add tags to the resource share based on your business requirements, and then add select resources to be shared. In this example, vSwitches are selected for sharing.
Add permissions.
The permissions define the operations that principals can perform on the resources. In this example, the AliyunRSDefaultPermissionVSwitch permission is added. You can click the permission name to view the permission details.
Add principals.
Set Principal Scope to Objects Within Resource Directory and Method to Add from Resource Directory, and select a folder or member in the resource directory. In this example, a member is selected.
Confirm the configurations and click OK.
Step 3: Verify the result
You can use one of the following methods to check whether resources are successfully shared:
Resource owner
On the details page of the resource share in the Resource Management console, view the status of the resources and principal. If they are in the Associated state, resources are successfully shared.
Principal
In the console of the Alibaba Cloud service to which the resources belong, view and manage the resources. In this example, you can use a member to log on to the VPC console and view the vSwitches that are shared.
