Amazon Resource Access Manager - Getting Started with Amazon Web Services in China
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Amazon Resource Access Manager

Amazon Resource Access Manager (Amazon RAM) helps you securely share your Amazon Web Services within your organization or organizational units (OUs) in Amazon Organizations, and with Amazon Web Services accounts. For supported resource types, you can also share resources with Amazon Identity and Access Management (IAM) roles and IAM users. If you have multiple Amazon Web Services accounts, you can create a resource once and use Amazon RAM to share that resource across accounts.

Region Availability

Amazon Resource Access Manager is available in the following regions in China:

  • Beijing Region

  • Ningxia Region

Feature Availability and Implementation Differences

The Amazon Web Services in China implementation of Amazon RAM is unique in the following ways:

  • Resources that are not supported for sharing – Unless otherwise noted, Amazon RAM does not support resource sharing for the following services in the Beijing and Ningxia Regions:

    • Amazon App Mesh

    • Amazon Aurora

    • Amazon Certificate Manager Private Certificate Authority

    • Amazon EC2

    • Amazon License Manager

    • Amazon Network Firewall

    • Amazon Outposts

    • Amazon Resource Groups

    • Amazon Route 53

      The following resource type is not supported for sharing in the Beijing and Ningxia Regions: Route 53 resolver firewall groups.

    • Amazon Systems Manager Incident Manager

    • Amazon VPC

      The following resource type is not supported for sharing in the Beijing and Ningxia Regions: prefix lists.

  • Resources that are supported for sharing with limitations – Unless otherwise noted, in the Beijing and Ningxia Regions, Amazon RAM does not support resource sharing for the following services within Amazon Organizations. However, you can still share resources with individual Amazon Web Services accounts. For supported resource types, you can also share resources with IAM roles or IAM users who are outside your organization. In this case, these principals are treated as external principals. They receive an invitation to join the resource share, and they must accept the invitation to gain access to the shared resources.

    • Amazon CodeBuild

    • EC2 Image Builder

    • Amazon Glue

    • Amazon Route 53: Resolver query logging configurations.

    • Amazon SageMaker

Guides and References

Amazon Web Services in China user guides are available in HTML and PDF, in both Chinese and English. API references are available in HTML and PDF. Some API references may be available only in English. Currently, not all API references are available in the Beijing and Ningxia Regions. Links to some API references will take you to the global Amazon Web Services site. Note that some features and functionality described in the guides and references may not be available in the current Amazon Web Services in China release.

General Information About Amazon Web Services in China

The following information applies to all Amazon Web Services that are available in the China Regions.

Amazon Web Services Accounts in the China Regions

To use services in the Beijing and Ningxia Regions, you need an account and credentials specific to each of those Regions.

  • Accounts and credentials for other Amazon Regions will not work for services operating in the Beijing and Ningxia Regions.

  • Accounts and credentials for the Beijing and Ningxia Regions will not work for other Amazon Regions.

  • For more information, see Signup, Accounts, and Credentials

Domain for Amazon Web Services in China

The domain for Amazon Web Services in China is www.amazonaws.cn.

Endpoints & Amazon Resource Names (ARNs)

For information about endpoints and ARNs in Amazon Web Services in China, see Endpoints and ARNs for Amazon Web Services in China

Availability Zones for the China Regions

  • In the Beijing Region, there are three Availability Zones.

  • In the Ningxia Region, there are three Availability Zones.

General Information for Amazon Web Services in China

The following applies to all Amazon Web Services that are available in the China Regions. For detailed information about specific Amazon Web Services, see the service-specific topic in this guide.

  • Amazon Identity and Access Management (IAM)

    • You can grant or deny a service access to resources using the Principal policy element.

    • Service principal values vary by Region.

  • EC2-Classic Platform

    • The EC2-Classic platform is not supported.

  • Free Usage Tier

    • The free usage tier is supported in the Ningxia Region.

    • The free usage tier is not supported in the Beijing Region.

Amazon Web Services Console

The console for Amazon Web Services in China is unique to China. The screenshots in the Amazon Web Services guides might differ from what you see on your console. For information about differences in service functionality, see the topics for each service in this guide.

Code Examples

The Amazon Web Services documentation might include endpoints and ARNs in code examples that are not specific to the Beijing and Ningxia Regions. When using examples, verify you are using the endpoints and ARNs for your Region.