Create an IPAM
Follow the steps in this section to create your IPAM. If you have delegated an IPAM administrator, these steps should be completed by the IPAM account.
Important
When you create an IPAM, you will be asked to allow IPAM to replicate data from source accounts into an IPAM delegate account. To integrate IPAM with AWS Organizations, IPAM needs your permission to replicate resource and IP usage details across accounts (from member accounts to the delegated IPAM member account) and across AWS Regions (from operating Regions to the home Region of your IPAM). For single account IPAM users, IPAM needs your permission to replicate resource and IP usage details across operating Regions to the home Region of your IPAM.
When you create the IPAM, you choose the AWS Regions where the IPAM is allowed to manage IP address CIDRs. These AWS Regions are called operating Regions. IPAM discovers and monitors resources only in the AWS Regions that you select as operating Regions. IPAM doesn't store any data outside of the operating Regions that you select.
The following example hierarchy shows how the AWS Regions that you assign when you create the IPAM will impact the Regions that will be available for pools that you create later.
-
IPAM operating in AWS Region 1 and AWS Region 2
-
Private scope
-
Top-level IPAM pool
-
Regional IPAM pool in AWS Region 2
-
Development pool
-
Allocation for a VPC in AWS Region 2
-
-
-
-
-
You can only create one IPAM. For more information about increasing quotas related to IPAM, see Quotas for your IPAM.
When you have completed these steps, IPAM has done the following:
Created your IPAM. You can see the IPAM and the currently selected operating Regions by choosing IPAMs in the left navigation pane of the console.
Created one private and one public scope. You can see the scopes by choosing Scopes in the navigation pane. For more information about scopes, see How IPAM works.