By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to change CIDR range of account created by Control Tower

0

I created two accounts using Control Tower that have the same CIDR range. I'm wanting to change one of the CIR ranges so I can have enable VPC peering across accounts via the transit gateway.

How can I do this?

Topics
Networking & Content DeliveryManagement & Governance
Tags
Amazon VPCAWS Control TowerNetworking & Content DeliveryAWS OrganizationsAWS Account Management
Language
English
Matthew
asked 9 months ago266 views
1 Answer
1

According to https://docs.aws.amazon.com/controltower/latest/userguide/vpc-ct-cidr.html

If you change the CIDR range in the settings of Account Factory, all new accounts that are subsequently created by AWS Control Tower (using Account Factory) are assigned the new CIDR range. The old accounts are not updated. For example, you can create an account, then change the CIDR range and create a new account, and the VPCs allocated to those two accounts can be peered.

So it doesn't look like you can change the CIDR range of a VPC on-the-fly, you would have to delete one of the accounts with the overlapping CIDR range, then change the CIDR range in Account Factory, then re-create the account.

profile picture
EXPERT
Steve_M
answered 9 months ago
profile pictureAWS
EXPERT
Didier_Durand
reviewed 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content