Create an IPAM
Follow the steps in this section to create your IPAM. If you have delegated an IPAM administrator, these steps should be completed by the IPAM account.
Important
When you create an IPAM, you will be asked to allow IPAM to replicate data from source accounts into an IPAM delegate account. To integrate IPAM with Amazon Organizations, IPAM needs your permission to replicate resource and IP usage details across accounts (from member accounts to the delegated IPAM member account) and across Amazon Regions (from operating Regions to the home Region of your IPAM). For single account IPAM users, IPAM needs your permission to replicate resource and IP usage details across operating Regions to the home Region of your IPAM.
When you create the IPAM, you choose the Amazon Regions where the IPAM is allowed to manage IP address CIDRs. These Amazon Regions are called operating Regions. IPAM discovers and monitors resources only in the Amazon Regions that you select as operating Regions. IPAM doesn't store any data outside of the operating Regions that you select.
The following example hierarchy shows how the Amazon Regions that you assign when you create the IPAM will impact the Regions that will be available for pools that you create later.
-
IPAM operating in Amazon Region 1 and Amazon Region 2
-
Private scope
-
Top-level IPAM pool
-
Regional IPAM pool in Amazon Region 2
-
Development pool
-
Allocation for a VPC in Amazon Region 2
-
-
-
-
-
You can only create one IPAM. For more information about increasing quotas related to IPAM, see Quotas for your IPAM.
When you have completed these steps, IPAM has done the following:
Created your IPAM. You can see the IPAM and the currently selected operating Regions by choosing IPAMs in the left navigation pane of the console.
Created one private and one public scope. You can see the scopes by choosing Scopes in the navigation pane. For more information about scopes, see How IPAM works.