This topic describes how to use Cloud Enterprise Network (CEN) to enable a cross-account mount for a file system.

Prerequisites

Before you enable a cross-account mount for a file system, the following requirements must be met:

Background information

By default, you can mount a file system only on an Elastic Compute Service (ECS) instance that is owned by the same account as that of the file system. Assume that you have multiple Alibaba Cloud accounts and want to allow mutual access between a file system and an ECS instance from these different accounts. You must establish a connection between the VPCs that host the file system and the ECS instance.

You can use CEN to connect the VPCs that are owned by different accounts.

This topic describes how to attach VPC 1 of Account A and VPC 2 of Account B to the same CEN instance.

Architecture

Step 1 Create a CEN instance

Use Account A to create a CEN instance.

  1. Log on to the CEN console.
  2. In the left-side navigation pane, click Instances, and then click Create CEN Instance.
  3. In the Create CEN Instance dialog box, set the parameters.
    The following table describes the required parameters.
    Parameter Description
    Network Type Select VPC from the drop-down list.
    Region The region where the network resides. Select the region where VPC 1 resides.
    Networks The network that you want to attach to the CEN instance. Select VPC 1.
  4. Click OK.
    Back up the CEN instance ID for subsequent operations.

Step 2: Authorize an account to access the network of a different account

Use Account B to authorize Account A to attach VPC 2. For more information, see VPC authorization.

Step 3: Use an account to attach a network that is owned by a different account

Use Account A to attach VPC 2.

  1. Log on to the Cloud Enterprise Network console.
  2. In the left-side navigation pane, click Instances. On the page that appears, find the CEN instance and click Manage.
  3. On the Networks tab, click Attach Network.
  4. In the Attach Network dialog box, click Different Account and set the following parameters.
    Parameter Description
    Owner Account The ID of the account that owns the target network. Enter the ID of Account B.
    Network Type Select VPC.
    Region The region where the network resides. Select the region where VPC 2 resides.
    Networks The network that you want to attach. Select VPC 2.
  5. Click OK.

Mount a file system

After the configuration is complete, you can perform a cross-account mount on a file system.