A VPC Peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IP address. Instances in either VPC can communicate with each other as if they are within the same network. You can create a VPC peering connection between your own VPCs, or within a VPC in another AWS account within a single region.
So what does it take to make a VPC peering connection ? Firstly the owner of the requester VPC sends a request to the owner of the VPC-II with which he wants to make the VPC peering connection. VPC peering connection is made at the CIDR block level.
After the request is accepted peering connection is made and AWS gives you a Peering Connection ID like “pcx12345678″. You simply update the routing tables at VPC level & security groups at instance level according to your use.
Let’s consider a scenario, where you have two or more VPCs which you want to peer to enable full sharing of resources between.
Here are the VPCs that I have created in my account and subnets associated with each VPC respectively.
Note: There is no need of any NAT Instance here as a VPC Peering states that instances in different VPCs can communicate with each other by their private IP addresses as if they are in the same VPC.
You need to have one instance in public subnet of VPC-I and one in the private subnet of VPC-II.
Now create a VPC Peering connection. You will find “peering connections” option in VPC Console. After clicking on Peering Connections, Go to “Create VPC Peering Connection.”
Make a peering connection between VPC-I (VPC to Peer) to VPC-II (VPC to peer with). If you are making an inter-account VPC peering connection then select the option “Another account” in peer with option .Punch in the AWS Account ID and VPC ID.Later click the “Create” button and a request will be sent to the VPC-II.
A request will appear on your AWS Console and upon accepting the request, the VPC Peering connection will be active which will look like this.
Update the route tables for each VPC. In VPC 1’s route table add CIDR block of VPC-II in destination option of new line and in target option choose the VPC-Peering connection ID (pcx-5a46ba33) & vice-versa and save the settings.
Your instances now can be connected inter-VPC by their private IPs. The architecture defined will look like :
Finally, you can check whether you can login to your private instance in VPC-II directly by your private instance in VPC-I.
Note: Keep your Credentials with you ( .Pem Files ) for login.
Now, you will be able to login to your private servers in different VPCs. So VPC Peering is successfully implemented.
— Abraham Orsu (AWS Solution Architect), TechMinfy!!