...
Each Abiquo enterprise using the Amazon public cloud region should have its own AWS account. Abiquo will validate your Amazon credentials (Access Key ID and Secret Access Key) with AWS. Each enterprise may register ONE set of credentials for the enterprise's AWS account. You cannot register another set of credentials for the same account in another enterprise. In the case of a tenant hierarchy, the reseller may register the credentials of their partner account. Then each customer will have a set of compute credentials. You can also register an AWS organization at the key node level, so that each enterprise under the key node enterprise will have its own credentials.
...
An AWS account may also have access to pricing data. If you register pricing credentials, the platform can onboard public cloud price lists for use with features such as cost estimates for users, budgets, and billing. If you also enable programmatic billing in Amazon and register the S3 bucket where you are saving billing reports, the platform can display provider billing data on the dashboard. The platform can aggregate this data at the customer level for a set of related tenants, as well as at the reseller level.
...
Abiquo configures VPC networking Scenario 2 as described in the AWS documentation. See https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html.
...
Abiquo creates VPCs with NAT support.
...
The private subnet is a private connect network.
The private subnet has an Internet gateway and access to the VPC from outside the cloud is through NAT or Elastic IPs via a public subnet.
Within your virtual datacenter, you can create more Abiquo private networks (subnets in your VPC), so you can deploy to different Availability Zones.
The private subnets in the same availability zone as a public subnet will have internet access through the public subnet.
...