Best practices for networking Amazon ECS services across Amazon Web Services accounts and VPCs - Amazon Elastic Container Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Best practices for networking Amazon ECS services across Amazon Web Services accounts and VPCs

If you're part of an organization with multiple teams and divisions, you probably deploy services independently into separate VPCs inside a shared Amazon Web Services account or into VPCs that are associated with multiple individual Amazon Web Services accounts. No matter which way you deploy your services, we recommend that you supplement your networking components to help route traffic between VPCs. For this, several Amazon services can be used to supplement your existing networking components.

  • Amazon Transit Gateway — You should consider this networking service first. This service serves as a central hub for routing your connections between Amazon VPCs, Amazon Web Services accounts, and on-premises networks. For more information, see What is a transit gateway? in the Amazon VPC Transit Gateways Guide.

  • Amazon VPC and VPN support — You can use this service to create site-to-site VPN connections for connecting on-premises networks to your VPC. For more information, see What is Amazon Site-to-Site VPN? in the Amazon Site-to-Site VPN User Guide.

  • Amazon VPC — You can use Amazon VPC peering to help you to connect multiple VPCs, either in the same account, or across accounts. For more information, see What is VPC peering? in the Amazon VPC Peering Guide.

  • Shared VPCs — You can use a VPC and VPC subnets across multiple Amazon accounts. For more information, see Working with shared VPCs in the Amazon VPC User Guide.