Sharing data across Amazon Web Services accounts
You can share data for read purposes across Amazon Web Services accounts. Sharing data across Amazon Web Services accounts works similarly to sharing data within an account. The difference is that there is a two-way handshake required in sharing data across Amazon Web Services accounts. A producer account administrators can either authorize consumer accounts to access datashares or choose not to authorize any access. To use an authorized datashare, a consumer account administrator can associate the datashare. The administrator can associate the datashare with an entire Amazon Web Services account or with specific clusters in the consumer account, or decline the datashare. For more information about sharing data within an account, see Sharing read access to data within an Amazon Web Services account.
A datashare can have data consumers that are either namespaces in the same account or different Amazon Web Services accounts. You don't need to create separate datashares for sharing within an account and cross-account sharing.
For cross-account data sharing, both the producer and consumer cluster must be encrypted.
When sharing data with Amazon Web Services accounts, producer administrators share with the Amazon Web Services account as an entity. A consumer administrator can decide which namespaces in the consumer account get access to a datashare.