ndlr/fz/96 🦄

/home

/posts

/tags

/contact-me

Guide to AWS VPC Peering

Intro #

VPC Peering is needed when you want to connect two different VPC each other. Mostly used for cross-department in SDLC.

In this example, I will connect between two VPCs Developer and Finance, and each VPC attached to different EC2 intance.

Check Private IP range of an EC2 instance #

Make sure to check local IP address range for both Developer and Finance instances.

  1. Navigate to the Developer instance, select and click on the Subnet ID
  2. In the subnet section, select your subnet name and click on the Route table
  3. In the route table section, select your route table and click Routes tab
  4. Take a notes on the private IP address range for the Developer instance

Creating VPC Peering #

  1. Go to the VPC menu via console, select Peering connections, then click Create peering connection button
  2. Enter your peering details such as:
    • Name: Developer <> Finance
    • VPC ID (Requester): Select the Developer VPC and check the local IP address range of the VPC
    • VPC ID (Accepter): Select the Finance VPC and check the local IP range of the VPC
    • Tags: Name => Developer <> Finance
  3. Confirm click the Create peering connection
  4. On the peering details, you can see the Status is Pending
  5. Click Actions menu and select Accept request and confirm again (The Status of peering become Active)

Adding VPC Peering to Subnet Route Table #

This must be done on EC2 servers for both Developer and Finance.

Here I will configure the Developer instance.

  1. Back to the EC2 instance and select Developer instance details, then Subnet ID => Route table => Routes (like the first step)

  2. Click Edit routes to add new routes for VPC peering

  3. Click Add route with the following:

    • Destination: Enter local IP address range for the Finance instance
    • Target: Peering connection and select your VPC Peering that you’ve created
    • Save changes

  4. Now move to the EC2 instance and select the Finance instance. Then, do the same as on top, but make sure to enter the IP address range of the Developer instance in the Destination.

Allow ICMP/Ping between EC2 Instances #

In this example, I will allow ping to the Finance instance from the Developer instance.

  1. Click on the EC2 and select the Finance instance
  2. Click on the Security tab and then click Security groups section
  3. In the Inbound rules tab, click Edit inbound rules
  4. Now Add rule
    • Type: Custom ICMP- IPv4
    • Source: Enter the range IP address of Developer instance
    • Save rules

Test VPC Peering #

  1. Connect to your EC2 instance (Developer) via Session Manager or SSH
  2. You can now ping to the local IP of the Finance instance
Guide to AWS VPC (Virtual Private Cloud)
Guide to Amazon RDS (Relational Database Service)
back to top