Shared multicast domains in Amazon VPC Transit Gateways
With multicast domain sharing, multicast domain owners can share the domain with other Amazon accounts inside its organization or across organizations in Amazon Organizations. As the multicast domain owner, you can create and manage the multicast domain centrally. Once shared, those users can perform the following operations on a shared multicast domain:
-
Register and deregister group members or group sources in the multicast domain
-
Associate a subnet with the multicast domain, and disassociate subnets from the multicast domain
A multicast domain owner can share a multicast domain with:
-
Amazon accounts inside its organization or across organizations in Amazon Organizations
-
An organizational unit inside its organization in Amazon Organizations
-
Its entire organization in Amazon Organizations
-
Amazon accounts outside of Amazon Organizations.
To share a multicast domain with an Amazon account outside of your Organization, you must create a resource share using Amazon Resource Access Manager, and then choose Allow sharing with anyone when selecting the Principals to share the multicast domain with. For more information on creating a resource share, see Creating a resource share in Amazon RAM in the Amazon RAM User Guide
Contents
Prerequisites for sharing a multicast domain
-
To share a multicast domain, you must own it in your Amazon account. You cannot share a multicast domain that has been shared with you.
-
To share a multicast domain with your organization or an organizational unit in Amazon Organizations, you must enable sharing with Amazon Organizations. For more information, see Enable Sharing with Amazon Organizations in the Amazon RAM User Guide.
Related services
Multicast domain sharing integrates with Amazon Resource Access Manager (Amazon RAM). Amazon RAM is a service that enables you to share your Amazon resources with any Amazon account or through Amazon Organizations. With Amazon RAM, you share resources that you own by creating a resource share. A resource share specifies the resources to share, and the users with whom to share them. Consumers can be individual Amazon accounts, or organizational units or an entire organization in Amazon Organizations.
For more information about Amazon RAM, see the Amazon RAM User Guide.
Shared multicast domain permissions
Permissions for owners
Owners are responsible for managing the multicast domain and the members and attachments that they register or associate with the domain. Owners can change or revoke shared access at any time. They can use Amazon Organizations to view, modify, and delete resources that consumers create on shared multicast domains.
Permissions for consumers
Users of the shared multicast domain can perform the following operations on shared multicast domains in the same way that they would on multicast domains that they created:
-
Register and deregister group members or group sources in the multicast domain
-
Associate a subnet with the multicast domain, and disassociate subnets from the multicast domain
Consumers are responsible for managing the resources that they create on the shared multicast domain.
Customers cannot view or modify resources owned by other consumers or by the multicast domain owner, and they cannot modify multicast domains that are shared with them.
Billing and metering
There are no additional charges for sharing multicast domains for either the owner, or consumers.
Quotas
A shared multicast domain counts toward the owner's and shared user's multicast domain quotas.