Connecting Networks Across Regions with Infrastructure as Code ๐
As part of my 30 Days of AWS Terraform challenge, Day 15 marked a major milestone: reaching the halfway point and stepping into one of the most practical areas of cloud engineering โ AWS networking with VPC Peering.
Until now, much of my Terraform journey focused on provisioning resources and learning Terraform concepts. But todayโs project shifted from deploying isolated services to solving a real-world networking challenge: securely connecting two private AWS VPCs across different regions using Terraform.
This project was a strong reminder that Infrastructure as Code is not just about automation โ itโs about understanding architecture, networking principles, and system design.
Why VPC Peering Matters
In real-world cloud environments, applications and services often live in different VPCs:
- Separate environments (Dev / Staging / Prod)
- Multi-account setups
- Regional redundancy architectures
- Shared services and private APIs
To allow these isolated networks to communicate securely over private IP addresses, AWS provides VPC Peering.
What VPC Peering Does
VPC Peering creates a private connection between two VPCs, enabling resources in each network to talk to each other as if they were on the same local network.
Benefits include:
โ
Private communication (no internet exposure)
โ
Low latency
โ
Better security
โ
Simplified architecture
Project Overview ๐๏ธ
For this mini-project, I provisioned:
- VPC 1 in US East (N. Virginia)
- VPC 2 in US West (Oregon)
- EC2 instances in both VPCs
- VPC Peering connection between them
- Route table updates for bidirectional traffic
The goal was simple:
๐ Allow private communication between instances in both regions.
And yes โ successfully testing cross-region private connectivity felt amazing. ๐ฏ
Key Learnings from Day 15
1. Multi-Region Terraform with Provider Aliases ๐
One of the biggest learnings today was managing resources across multiple AWS regions in a single Terraform project.
Using provider aliases, I configured:
-
aws.primaryโ US East 1 -
aws.secondaryโ US West 2
This made it possible to:
- Deploy resources cleanly in separate regions
- Keep code structured and maintainable
- Avoid duplicated configurations
Why This Matters
In enterprise cloud environments, multi-region deployments are common for:
- Disaster recovery
- High availability
- Geo-distributed applications
Understanding provider aliases is essential for scalable Terraform projects.
2. CIDR Planning is Critical ๐ง
One of the first rules of VPC Peering:
โ CIDR ranges must NOT overlap
If both VPCs share the same IP range:
- Route tables conflict
- Traffic breaks
- Connectivity fails
This reinforced an important lesson:
๐ Good networking starts with good IP planning.
Even with Terraform, automation cannot fix poor architecture.
3. VPC Peering is NOT Transitive โ ๏ธ
A major cloud networking concept I learned:
If:
- VPC A โ VPC B
- VPC B โ VPC C
That does NOT mean:
- VPC A can talk to VPC C
This is called non-transitive peering.
Why This Matters
For larger enterprise setups:
- VPC Peering can become hard to manage
- Mesh architectures get complex quickly
This is where services like:
- AWS Transit Gateway
- Hub-and-spoke networking
Become important.
Understanding this limitation was one of todayโs biggest takeaways.
4. Route Tables Make the Magic Happen ๐ฃ๏ธ
Creating the peering connection is only half the setup.
The real work is in routing.
For both VPCs, I had to:
- Update route tables
- Add peer VPC CIDR blocks
- Point traffic to the peering connection ID
Without correct routes:
Terraform may succeedโฆ but traffic will still fail.
This taught me a practical lesson:
๐ Cloud networking is as much about traffic flow as it is about resource creation.
Hands-On Testing & Validation ๐
The most satisfying part of todayโs project was testing connectivity.
After setup, I verified:
- Ping between instances
- Curl requests to private IPs
- Cross-region communication over private network
Seeing an EC2 instance in Oregon reach a web server in Virginia privately was an exciting milestone.
This was one of the clearest demonstrations so far of how powerful Terraform + AWS can be together.
Key Takeaways ๐ก
Day 15 taught me more than just Terraform syntax.
It reinforced:
โ๏ธ Cloud networking fundamentals matter
โ๏ธ Architecture decisions impact scalability
โ๏ธ Debugging builds confidence
โ๏ธ Terraform is powerful when paired with strong design principles
Whatโs Next? ๐ฅ
Reaching the halfway point feels great, but thereโs still a lot ahead:
- Security hardening
- Modules & reusable architecture
- Advanced state management
- Production deployment workflows
Excited for the second half of this challenge.
Final Thoughts
Day 15 was one of the most practical and rewarding days of my Terraform journey so far.
If youโre learning Terraform, donโt stop at basic resource creation. Start exploring networking, debugging routes, and understanding how systems communicate.
Thatโs where real cloud engineering begins.
Top comments (0)