The virtual private cloud (VPC) sharing feature allows multiple Alibaba Cloud accounts to create cloud resources in a shared and centrally managed VPC, and allows different accounts to access cloud resources each other over the shared VPC. For example, Alibaba Cloud Account A (Account A) can access Container Registry Enterprise Edition instances (Enterprise Edition instances) in Alibaba Cloud Account B (Account B) over a shared VPC.
Prerequisites
Alibaba Cloud DNS PrivateZone is activated for Account A. To enable Alibaba Cloud DNS PrivateZone, visit Alibaba Cloud DNS PrivateZone. In addition, Container Registry is granted the permission to access Alibaba Cloud DNS PrivateZone. To grant the permission, click RAM Quick Authorization.
NoteYou are charged for using Alibaba Cloud DNS PrivateZone. For more information about the billing of Alibaba Cloud DNS PrivateZone, see Billing.
An Enterprise Edition instance is created in Account B. For more information, see Create a Container Registry Enterprise Edition instance.
The VPC in Account A is shared with Account B. For more information, see Resource owner enables VPC sharing.
Limits
Before you use the VPC sharing feature to access an Enterprise Edition instance across accounts, you must understand the limits of VPC sharing. For more information, see VPC sharing.
Configure cross-account VPC access control for the Enterprise Edition instance
Use Account B to log on to the Container Registry console.
Log on to the Container Registry console.
In the top navigation bar, select a region.
In the left-side navigation pane, click Instances.
On the Instances page, click the Enterprise Edition instance that you want to manage.
In the left-side navigation pane of the management page of the Enterprise Edition instance, choose .
On the VPC tab of the Access Control page, click Add VPC.
In the Add VPC dialog box, select a VPC and vSwitch in Account A. Click Confirm.
Wait until the Status of the VPC and vSwitch changes to Running.
References
For more information, see VPC sharing.