I have a nice hard working cluster of 3 FreeIPA servers in an AWS account and VPC; all fully patched and updated as of yesterday. However we have a fancy new "Shared Services" AWS account and central VPC all wired up via Transit Gateway to be reachable by all of our other accounts and environments and I need to start the process of moving the FreeIPA cluster into the new SharedServices environment. Moving FreeIPA into the new shared environment will extend our RBAC abilities automatically into any new AWS environment we build which would be really nice. I've got an AWS AMI image of each of the FreeIPA systems taken last night; was thinking of just launching the AMI in the new AWS account and altering DNS to point to the new IP address it will receive. If I move one server at a time very slowly I was thinking that replication would catch up and things would be OK. Is this sensible? Or am I better off building a fresh servers with new replication agreements and then slowly sun-setting the original cluster node members over time? TL/DR: what is the risk of booting up a configured FreeIPA server with a new IP address? Thanks! Regards Chris