I recently needed to authorize one Amazon EC2 instance to access another EC2 instance’s solr server.  The instances, however, were owned by separate AWS accounts.  The solution was easy enough, but hidden in the documentation, rather than in the first results of my search.  Credit goes to Tyler Harms for spotting it.

In the AWS security group section of the administration console, just add the AWS account which owns the security group as a prefix.  So, security group ‘sg-blahblah’ becomes ‘1234567/sg-blahblah’.  It is the same format to do it from the command line tools for AWS.  Voilà:

AWS Security Groups across accounts

AWS Security Groups across accounts