So what is AWS VPC Peering ?
A VPC peering connection is basically a networking connection between two VPCs that enables you to route traffic between them using private IP addresses.
Basics of VPC Peering
So what does it take to make a VPC peering connection ? Firstly the owner of the requester VPC sends a request to the owner of the VPC-II with which he wants to make the VPC peering connection. VPC peering connection is made at the CIDR block level, so you need to be clear about what CIDR is.
After the request is accepted peering connection is made and AWS gives you a Peering Connection ID in for of “pcx12345678”.
Then what you need to do is simply update the routing tables at VPC level & security groups at instance level according to your use.
A Simple Scenario
In this scenario, you have two or more VPCs that you want to peer to enable full sharing of resources between.
Here are the VPCs that I have created in my account.
Subnets associated with each VPC.
Note:- There is no need of any NAT instance here as VPC-Peering states that instances in different VPCs can communicate with each other by their private IP addresses as if they are in same VPC.
You need to have one instance in public subnet of VPC-I and one in private subnet of VPC-II
Now, create a VPC-Peering connection .You will find “Peering connections” option in VPC console.
After clicking on Peering connections, Go to “Create VPC Peering Connection”
Make a peering connection between VPC-I (VPC to Peer ) to VPC-II(VPC to peer with) . If you are making an inter-account VPC peering connection then select the option “Another account” in peer with option .Then it will ask for the Account ID and VPC ID.
Then click the “Create” button and a request will be sent to the VPC-II.
A request will appear like this in your AWS console.
Accept the Peering Connection.
After accepting request the VPC-Peering connection will be active which will look like this.
Updating the routing tables for each VPC. In VPC 1’s route table add CIDR block of VPC-II in destination option of new line and in target option choose the VPC-Peering connection ID(pcx-5a46ba33) & vice-versa.
(pcx-54a46ba33 is the VPC peering connection ID which i got when peering connection was made)
Save the settings.
Now, all the configurations have been made. Your instances now can be connected inter-VPC by their private IPs. The architecture will be :-
Finally, you can check whether you can login into your private instance in VPC-II directly by your private instance in VPC-I.
Note:- Keep your Credentials with you ( .Pem Files ) for login.
Now, you will be able to login to your private servers in different VPCs. So VPC-Peering is successfully implemented.
* I would like to thank my colleague Tarun Saxena without whom this post would not have been possible.