Manage the associations for a VPC Lattice service network

When you associate a service with the service network, it enables clients (resources in a VPC associated with the service network), to make requests to the service. When you associate a VPC with the service network, it enables all the targets within that VPC to be clients and communicate with other services in the service network.

Manage service associations

You can associate services that reside in your account or services that are shared with you from different accounts. This is an optional step while creating a service network. However, a service network is not fully functional until you associate a service. Service owners can associate their services to a service network if their account has the required access. For more information, see How VPC Lattice works.

When you delete a service association, the service can no longer connect to other services in the service network.

To manage service associations using the console

1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

2. In the navigation pane, under VPC Lattice, choose Service networks.

3. Select the name of the service network to open its details page.

4. Choose the Service associations tab.

5. To create an association, do the following:

   1. Choose Create associations.

   2. Select a service from Services. To create a service, choose Create an Amazon VPC Lattice service.

   3. (Optional) To add a tag, expand Service association tags, choose Add new tag, and enter a tag key and tag value.

   4. Choose Save changes.

6. To delete an association, select the check box for the association and then choose Actions, Delete service associations. When prompted for confirmation, enter confirm and then choose Delete.

To create a service association using the AWS CLI

Use the create-service-network-service-association command.

To delete a service association using the AWS CLI

Use the delete-service-network-service-association command.

Manage VPC associations

Clients can send requests to services associated with the service network only if they are in VPCs associated with the service network. Client traffic that traverses a VPC peering connection or a transit gateway is denied.

Associating a VPC is an optional step when you create a service network. However, the service network is not fully functional until you associate a VPC. Network owners can associate VPCs to a service network if their account has the required access. For more information, see How VPC Lattice works.

When you a delete a VPC association, clients in the VPCs can no longer connect to services in the service network.

To manage VPC associations using the console

1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

2. In the navigation pane, under VPC Lattice, choose Service networks.

3. Select the name of the service network to open its details page.

4. Choose the VPC associations tab.

5. To create a VPC association, do the following:

   1. Choose Create VPC associations.

   2. Choose Add VPC association.

   3. Select a VPC from VPC and select up to five security groups from Security groups. To create a security group, choose Create new security group.

   4. (Optional) To add a tag, expand VPC association tags, choose Add new tag, and enter a tag key and tag value.

   5. Choose Save changes.

6. To edit the security groups for an association, select the check box for the association and then chose Actions, Edit security groups. Add and remove security groups as needed.

7. To delete an association, select the check box for the association and then choose Actions, Delete VPC associations. When prompted for confirmation, enter confirm and then choose Delete.

To create a VPC association using the AWS CLI

Use the create-service-network-vpc-association command.

To update the security groups for a VPC association using the AWS CLI

Use the update-service-network-vpc-association command.

To delete a VPC association using the AWS CLI

Use the delete-service-network-vpc-association command.