AWS multi-region VPC peering using Terraform
How to securely connect two VPCs from different regions.
VPC peering is a networking connection between between two VPCs that enables traffic routing between the two using private IPv4 and/or IPv6 addresses.
AWS blog : What is VPC peering?A way to privately connect the two VPCs without exposing them to the internet and the resources in either VPC can communicate with each other as if they are within the same network.
Check this very detailed article from Ashish Patel for more information.
NB : The two VPCs should not have matching or overlapping CIDR blocks.
Steps
1/ Create a peering connection using a aws_vpc_peering_connection in one of the VPCs (this VPC will be the 'requester' of the peering connection, and the one that requests access to the other VPC's resources).
resource "aws_vpc_peering_connection" "this" {
vpc_id = var.requester_vpc_id
peer_vpc_id = var.accpeter_vpc_id
peer_region = var.accepter_region
}
2/ Create and accept the peering connection in the other VPC using a aws_vpc_peering_connection_accepter . (When using cross-account or cross-region the other vpc will be the 'accepter' side and will need to create and accept the incoming request of peering to allow access to it's resources).
resource "aws_vpc_peering_connection_accepter" "this" {
provider = aws.accepter
vpc_peering_connection_id = aws_vpc_peering_connection.this.id
auto_accept = true
}
3/ Create the necessary aws_routes in the routes tables of both VPCs so they can handle and know where to redirect traffic and where each resource is. And that's why is the peering requires having different and non-overlapping CIDRs.
A complete example with the all the necessary resources is available here
And that's it 👋
Top comments (0)