By using AWS re:Post, you agree to the AWS re:Post Terms of Use

ALB can have its target group in different account?

0

Hi all

I created a ingress/egress VPC in the Network account, and have a separate workload account. I need an ALB publicly accessible so put it in the ingress/egress VPC. My workload EC2 instances are in the private subnets in the workload accounts. Those accounts are connected via Transit Gateway. Two questions:

  1. Seems like we cannot create the ALB target group in different account, is it correct?
  2. What are the best practices in this case?

Thanks.

asked 25 days ago59 views
1 Answer
1
Accepted Answer

That it’s correct. There are many ways to achieve this.

Question 1. You are correct.

  1. Use IP target groups. Add the EC2’s in it.
  2. Use private link to the other account.
  3. Create ALB in workload account and add its IPs to the target group.
profile picture
EXPERT
answered 25 days ago
profile picture
EXPERT
reviewed 25 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions