Creating a Namespace in a Shared VPC
A shared VPC is a VPC that is shared among accounts through the Resource Access Manager (RAM) service. For example, you can share your VPC and subnets with another account so that this account can view the VPC and subnets and create resources for example, a CCI 2.0 namespace, in a shared subnet. For details, see VPC Sharing Overview.
Scenario
With VPC sharing, you can organize accounts in an orderly and centralized manner based on the organization structure or service form so that you can manage resources centrally and share them with other members to avoid repeated configurations. This helps you avoid repeated configurations and unify security and O&M for easier configurations of security policies.
Suppose that an enterprise IT account, the resource owner, creates a VPC and subnets and shares multiple subnets with other accounts.
- An enterprise service account (account A) creates resources in a shared subnet (subnet 1).
- Another enterprise service account (account B) creates resources in another shared subnet (subnet 2).
Constraints
- For clusters created in a shared VPC, load balancers cannot be shared.
- If a CCI 2.0 namespace has been created in a shared VPC, the owner of the shared VPC cannot delete the resource share, or the namespace will work abnormally.
Procedure
- You create a VPC share through RAM and specify account B as the resource principal. For details, see Creating a Resource Share.
After the resource share is created, RAM sends an invitation to account B. Account B can access and use the shared VPC only after accepting the invitation.
- Account B logs in to the CCI 2.0 console and create a namespace.
Account B selects the VPC subnet you shared when configuring the network for the namespace. For details about other configurations, see Creating a Namespace.
Figure 1 Selecting a shared VPC subnet
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot