VPC Peering Procedure
I believe till now you have understanding of what VPC peering is and why we should do it. Now moving ahead we will go through VPC Peering Procedure.
We need three steps to perform to create and implement VPC Peering
- First step is to create a VPC Peering connection
- Second step is to accept the Peering request
- Third step is to update the Routes in route tables of both the VPCs
- You should have an AWS account. If you don’t have create one from here.
- You should know VPC and VPC Peering already.
Here we will cover the Intra-Account VPC Peering scenario.
We have two VPCs App-VPC and RDS-VPC, which want to communicate to each other.
Create a VPC Peering connection (OR VPC Peering Procedure)
To create a VPC Peering connection you need to go to your VPC console in AWS
Go to Peering Connections link in VPC
Click on Create Peering Connection button
Clicking this button will take you to another page where you will fill the details of both the VPCs between which VPC Peering has to be done.
Specify the name of VPC Peering connection.
Select App-VPC as requester VPC
After selection it will show details like this
Select Second VPC
Now we need to select the other VPC for VPC Peering here. And as we discussed that we are going to perform intra-account and intra-region VPC Peering we will proceed with below selection.
Select RDS-VPC with which App-VPC will be peered.
After selection it will show details like this.
It will ask you to confirm the details like given below and you click OK to confirm it.
Now you can notice that Accepter VPC CIDRs are not being shown in above picture. The reason is that the Accepter still has to accept the VPC Peering connection request.
Accepting VPC Peering connection
The AWS account user with proper permission has to Accept the VPC Peering request. The request has life of 2 days. Within these 2 days the user can accept or reject this request.
Go to VPC Peering again and you can see VPC Peering connection status is Pending.
To make the status active, click Actions and then Accept Request
And accept the request by clicking Yes, Accept button after verifying the details about both the VPCs.
Now your VPC Peering connection is in Active state.
Now VPC Peering is done and these VPCs are eligible to talk to each other but you still need to update the route tables in both the VPCs so that they can actually talk to each other.
Update the Route table of App-VPC
Update the Route table of App-VPC so that it can accept/send traffic from/to peering connection.
NOTE: Here we will allow the complete CIDR block of RDS-VPC to communicate via the peering connection to App-VPC.
Add the CIDR block of RDS-VPC in Destination and Go to Target and click on Peering Connection.
It will show you the VPC Peering connections available in this account. Here we have only one so we will select the available one and click on save routes button.
Update the Route table of RDS-VPC
Similar has to be done for the route table of RDS-VPC.
Copy the CIDR of App-VPC and put it in destination of VPC Peering connection.
Click on Save routes and VPC Peering is complete.
Now come to the application part.
If you want that your RDS should be able to talk to the application, you should do the Security group settings.
To understand what is VPC and how to create one, please go to below article
To know What is VPC Peering connection go to below article: