Use IPAM with a single account - Amazon Virtual Private Cloud
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Use IPAM with a single account

If you choose not to Integrate IPAM with accounts in an Amazon Organization, you can use IPAM with a single Amazon account.

When you create an IPAM in the next section, a service-linked role is automatically created for the Amazon VPC IPAM service in Amazon Identity and Access Management. IPAM uses the service-linked role to monitor and store metrics for CIDRs associated with EC2 networking resources. For more information on the service-linked role and how IPAM uses it, see Service-linked roles for IPAM.


If you use IPAM with a single Amazon account, you must ensure that the Amazon account you use to create the IPAM uses a IAM role with a policy attached to it that permits the iam:CreateServiceLinkedRole action. When you create the IPAM, you automatically create the AWSServiceRoleForIPAM service-linked role. For more information on managing IAM policies, see Editing IAM policies in the IAM User Guide.

Once the single Amazon account has permission to create the IPAM service-linked role, go to Create an IPAM.