I support an organization with many hundreds of AWS Accounts. We use RAM (via AWS Organizations OUs) to share VPC subnets to accounts. In this case a VPC is hosted in one account, and then RAM shared to many accounts. My question is how to understand the limit to how many accounts an individual VPC can be shared.
I can find no explicit documentation saying "A VPC can be shared to up to X accounts".
But I do find RAM Share quota limits:
So assuming an individual resource share contained multiple subnets, then the first limit I would hit would be the max number of shared resources per AWS Region in an account.
For example, if for each account that receives the RAM share there are four subnets in the RAM share, then I could share this VPC to a maximum of 5000 ÷ 4 = 1,250 accounts.
But (hypothetically speaking to make the math easy) I had ten vpcs hosted in in that one account, again RAM shared to a an AWS Orgs folder of targeted accounts, and each VPC contained 4 subnets, then each account would receive 10 x 4 = 40 resources in each RAM share. In that case I could share to at most 5000 ÷ 40 = 125 accounts.
Am I looking at this service quota limit correctly?