This topic describes how to use Cloud Enterprise Network (CEN) to enable a cross-account mount for a file system.
Before you enable a cross-account mount for a file system, the following requirements must be met:
By default, you can mount a file system only on an Elastic Compute Service (ECS) instance that is owned by the same account as that of the file system. Assume that you have multiple Alibaba Cloud accounts and want to allow mutual access between a file system and an ECS instance from these different accounts. You must establish a connection between the VPCs that host the file system and the ECS instance.
You can use CEN to connect the VPCs that are owned by different accounts.
This topic describes how to attach VPC 1 of Account A and VPC 2 of Account B to the same CEN instance.
Step 1 Create a CEN instance
Use Account A to create a CEN instance.
- Log on to the CEN console.
- In the left-side navigation pane, click Instances, and then click Create CEN Instance.
- In the Create CEN Instance dialog box, set the parameters.The following table describes the required parameters.
Parameter Description Network Type Select VPC from the drop-down list. Region The region where the network resides. Select the region where VPC 1 resides. Networks The network that you want to attach to the CEN instance. Select VPC 1.
- Click OK.Back up the CEN instance ID for subsequent operations.
Step 2: Authorize an account to access the network of a different account
Use Account B to authorize Account A to attach VPC 2. For more information, see Acquire permissions from a VPC.
Step 3: Use an account to attach a network that is owned by a different account
Use Account A to attach VPC 2.
- Log on to the Cloud Enterprise Network console.
- In the left-side navigation pane, click Instances. On the page that appears, find the CEN instance and click Manage.
- On the Networks tab, click Attach Network.
- In the Attach Network dialog box, click Different Account and set the following parameters.
Parameter Description Owner Account The ID of the account that owns the target network. Enter the ID of Account B. Network Type Select VPC. Region The region where the network resides. Select the region where VPC 2 resides. Networks The network that you want to attach. Select VPC 2.
- Click OK.
Mount a file system
After the configuration is complete, you can perform a cross-account mount on a file system.