Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Work with shared prefix lists

Amazon prefix lists provide a convenient way to manage and reference the IP address ranges used by various Amazon services. In addition to the Amazon-managed prefix lists, you also can create and share your own customer-managed prefix lists with other Amazon accounts.

Sharing prefix lists can be particularly useful for organizations with complex networking requirements or those that need to coordinate IP address usage across multiple Amazon workloads. By sharing a prefix list, you can ensure consistent IP address management and simplify networking configurations for your collaborators.

This section describes and how to share prefix lists and how to identify and use prefix lists that have been shared with your account.

Share a prefix list

To share a prefix list, you must add it to a resource share. If you do not have a resource share, you must first create one using the Amazon RAM console.

If you are part of an organization in Amazon Organizations, and sharing within your organization is enabled, consumers in your organization are automatically granted access to the shared prefix list. Otherwise, consumers receive an invitation to join the resource share and are granted access to the shared prefix list after accepting the invitation.

You can create a resource share and share a prefix list that you own using the Amazon RAM console, or the Amazon CLI.

To create a resource share and share a prefix list using the Amazon RAM console

Follow the steps in Create a resource share in the Amazon RAM User Guide. For Select resource type, choose Prefix Lists, and then select the check box for your prefix list.

To add a prefix list to an existing resource share using the Amazon RAM console

To add a managed prefix that you own to an existing resource share, follow the steps in Updating a resource share in the Amazon RAM User Guide. For Select resource type, choose Prefix Lists, and then select the check box for your prefix list.

To share a prefix list that you own using the Amazon CLI

Use the following commands to create and update a resource share:

Unshare a shared prefix list

When you unshare a prefix list, consumers can no longer view the prefix list or its entries in their account, and they cannot reference the prefix list in their resources. If the prefix list is already referenced in the consumer's resources, those references continue to function as normal, and you can continue to view those references. If you update the prefix list to a new version, the references use the latest version.

To unshare a shared prefix list that you own, you must remove it from the resource share using Amazon RAM.

To unshare a shared prefix list that you own using the Amazon RAM console

See Updating a resource share in the Amazon RAM User Guide.

To unshare a shared prefix list that you own using the Amazon CLI

Use the disassociate-resource-share command.

Identify a shared prefix list

Owners and consumers can identify shared prefix lists using the Amazon VPC console and Amazon CLI.

To identify a shared prefix list using the Amazon CLI

Use the describe-managed-prefix-lists command. The command returns the prefix lists that you own and the prefix lists that are shared with you. OwnerId shows the Amazon account ID of the prefix list owner.

Identify references to a shared prefix list

Owners can identify the consumer-owned resources that are referencing a shared prefix list.

To identify references to a shared prefix list using the Amazon CLI

Use the get-managed-prefix-list-associations command.