Posted On: Dec 4, 2018
You can now allow other AWS accounts to create their application resources, such as EC2 instances, Relational Database Service (RDS) databases, Redshift clusters, and Lambda functions, into shared, centrally-managed Amazon Virtual Private Clouds (VPCs).
Customers create multiple AWS accounts to streamline billing and restrict access to various environments, such as development, staging, and production, across different business and application teams. With the increase in the number of accounts, you need to efficiently manage network and security policies across your application environments. Today, you can create separate Amazon VPCs for each account with the account owner being responsible for connectivity and security of each Amazon VPC. With VPC sharing, your IT team can own and manage your Amazon VPCs and your application developers no longer have to manage or configure Amazon VPCs, but they can access them as needed.
You can also share Amazon VPCs to leverage the implicit routing within a VPC for applications that require a high degree of interconnectivity and are within the same trust boundaries. This reduces the number of VPCs that need to be created and managed, while you still benefit from using separate accounts for billing and access control. Customers can further simplify network topologies by interconnecting shared Amazon VPCs using connectivity features, such as AWS PrivateLink, AWS Transit Gateway, and Amazon VPC peering.
VPC sharing is available in all commercial AWS Regions except in South America (São Paulo), Asia Pacific (Osaka-Local), and China regions. There are no additional charges for using this feature. For more information about VPC sharing, please visit our documentation.