The account owner of a VPC network (resource owner) can share VSwitches in the VPC network under the account of the owner with other accounts in the same organization. After the owner shares a VSwitch with participants, the participants can create cloud resources in the shared VSwitch.

Background information

The account that owns the VPC (resource owner) shares the non-default VSwitches with other accounts (participants). The owner and participants must belong to the same resource directory. Resource directory is a hierarchical resource relation management service. Enterprises can use this service to create a hierarchical map of relations among resources. For more information, see Resource sharing overview.

By default, after a VSwitch is shared, participants can use the shared VSwitch without confirmation. Participants can create cloud resources in the shared VSwitch. Resources created by the owner and resources created by the participants in the same VPC network are interconnected by default.Shared VPCs diagram

For more information about the operations that can be performed on a shared VPC network, see Shared VPC overview.

Step 1: Enable Resource Directory

Resource Directory is a hierarchical resource relation management service. After you enable Resource Directory, enterprises can create a hierarchy map of relations among resources.
Note Make sure that your account has passed the enterprise real-name authentication before you enable Resource Directory.

Follow these steps to invite participants to join the resource directory:

  1. Log on to the Resource Management console.
  2. In the left-side navigation pane, click Resource Directory.
  3. Click Enable Resource Directory. In the dialog box that appears, click OK.
    After you enable Resource Directory, the system automatically creates a folder named Root, and specifies the current account as the master account. The master account has full permissions to manage the resource directory.root
  4. In the upper-right corner of the Resource Directory page, click Invite to invite participants to join the resource directory.
    Only participants in the resource directory can share VSwitches in the shared VPC network. You can also create member accounts for the resource directory. For more information, see Create a member account.
    Note Before you send an invitation, make sure that the following requirements are met:
    • The invited participant does not have a pending invitation to be confirmed. Otherwise, the participant must confirm the invitation before they can be invited again.
    • The legal entity of the participant must be the same as the legal entity of the account that sends the invitation. This means that both accounts must use the same legal entity to complete the enterprise real-name authentication.
    • The number of invitations sent on the current day has not reached 20.
    • The number of participants in the resource directory has not reached 20.

Step 2: Create a resource share

You can create a resource share, and then share VSwitches in the shared VPC network with the participants invited in step 1. Resource shares are cloud resources. Each resource share has a unique ID and Aliyun Resource Name (ARN). You can divide resource shares into resource groups and bind tags. For more information, see Resource sharing overview.

Follow these steps to create a resource share and share VSwitches in the VPC network:

  1. Log on to the Resource Management console.
  2. In the left-side navigation pane, choose Resource sharing > Resources shared to me.
  3. In the top status bar, select the region where the shared VPC network is deployed.
    Note Currently, only the China (Zhangjiakou-Beijing Winter Olympics) and Singapore regions support VPC sharing.
  4. On the Resource shares tab, click Create resource share.
  5. In the Create resource share dialog box, specify the following information, and then click OK.
    1. Name: enter a resource share name.

      The name must be 1 to 50 characters in length and can contain letters, digits, Chinese characters, periods (.), underscores (_), and hyphens (-).

    2. Resource type: select VSwitch.
    3. Resources: select the VSwitches that you want to share, and click Add.
    4. Participants: enter account UIDs, and click Add.
      Note You can only share resources with accounts in the same resource directory.
    5. Click OK.
  6. After you create the resource share, click View details.
    • If the status of a VSwitch displays Associated, the VSwitch has been shared. After a VSwitch is shared with the participants, the participants can create cloud resources in the shared VSwitch. For more information, see Create a cloud resource in a shared VSwitch.
    • If the status of a VSwitch displays Failed, the system failed to share the VSwitch. Reasons that may cause sharing failures are as follows. You can troubleshoot the causes and try again:
      • The account of the participant is the same as that of the resource owner. Resource owners are not allowed to share VSwitches to themselves.
      • The number of participants that share a single VPC network has exceeded 20.
      • The number of participants that share a single VSwitch in a VPC network has exceeded 20.
      • The number of VSwitches shared with a single participant has exceeded 10.

If you want to unshare a VSwitch, remove the VSwitch from the resource share. For more information, see Unshare a shared VSwitch. If you delete the resource share, all participants of the resource share will lose access permissions on the shared resources. Deleting a resource share does not delete all shared resources in the resource share.