How can I share a portfolio with accounts in my organization using AWS Service Catalog?

Last updated: 2021-01-06

I want to share a portfolio with accounts in my organization using AWS Service Catalog. Then, I want to allow users in the receiving account to view and launch those products.

Short description

To share your portfolio, complete the steps in the following sections:

  • Share the portfolio with the organization or a specific organizational unit (OU) from the provider account
  • Import the portfolio to the target account
  • Allow users to access products in the shared portfolio from the target account

Resolution

Share the portfolio with the organization or a specific OU from the provider account

  1. Open the AWS Service Catalog console.
  2. In the navigation pane, choose Portfolios list.
  3. To choose the portfolio that you want to share, select the radio button next to the portfolio.
  4. Choose Share Portfolio.
  5. Choose Organization.
  6. For Node Type, choose Organization or Organizational Unit based on your needs.
    Note: To share the portfolio with all OUs in the organization, choose Organization. To share the portfolio with a single OU within the organization, choose Organizational Unit.
  7. For Input Value, enter your organization ID or OU ID.
  8. Choose Share.

Now, a message confirms that you have successfully shared your portfolio.

Import the portfolio to the target account

  1. Open the AWS Service Catalog console of the target account.
  2. In the navigation pane, choose Portfolios.
  3. Choose the Imported tab.
  4. Choose Actions, and then choose Import portfolio.
  5. For Portfolio ID, enter the portfolio ID that has been shared with this account from the management account.
  6. Choose Import.

Now, the shared portfolio is listed in the Portfolios section of the Imported tab.

Allow users to access products in the shared portfolio from the target account

To allow other users, groups, and roles to see the products shared in the portfolio, complete the following steps from the target account:

  1. Open the AWS Service Catalog console of the target account.
  2. In the navigation pane, choose Portfolios list, and then choose the shared portfolio.
  3. Choose Users, Groups, and Roles, and then choose Add user, group or role.
  4. To give an AWS Identity and Access Management (IAM) entity access to products in the portfolio, choose the Groups tab, Users tab, or Roles tab, depending on your needs.
  5. Select the IAM entity that you want to add access for.
  6. Choose ADD ACCESS.

Did this article help?


Do you need billing or technical support?