I have a situation where I have an applicaiton deployed in two different AWS accounts as primary and secondary (or failover and failback) and I need some resources to be shared cross account.
- For example I need the health check from the primary account to be added as a route53 resource record's health check in the secondary account.
- Similarly, I want the albcname from the primary account to be referred in the resource record for the secondary account.
- I know AWS RAM sllowd cross account SSM parameter sharing and that would have been ideal but my org does not allow resource sharing.
- I thought of using cloudformation custom resources but then I have to find a way to input the aws access key, seret kay, and session token and in my org that changes in every one hour.
- Hardcoding can be a workaround but not when the application is in the pipline and it creates primary account resources first, and then creates the secondary account resources and the reosurce ids will change.