Setup AWS VPC Peering

From Bonus Bits
Jump to: navigation, search

Purpose

This article gives the steps to setup Amazon Web Services Virtual Private Cloud Peering. This can be good for the need to give another VPC access to EFS, RDS etc. during a migration.


Prerequisites

  • Must have different CIDR Blocks that do not conflict.


Create Connection

  1. Login to the AWS Web Console
  2. Select VPC | Peering Connections
  3. Select Create VPC Peering Connection
  4. Add Name Tag
  5. Select the two VPC to connect
  6. Select VPC | Peering Connections


Accept Pending

After creating the connection it will remain in a pending acceptance state until you accept it or it times out (30 days).

Show Current State

aws ec2 --profile account1 describe-vpc-peering-connections
{
    "VpcPeeringConnections": [
        {
            "Status": {
                "Message": "Pending Acceptance by 1234567890",
                "Code": "pending-acceptance"
            },
            "Tags": [
                {
                    "Value": "your-peering-name-tag",
                    "Key": "Name"
                }
            ],
            "RequesterVpcInfo": {
                "PeeringOptions": {
                    "AllowEgressFromLocalVpcToRemoteClassicLink": false,
                    "AllowDnsResolutionFromRemoteVpc": false,
                    "AllowEgressFromLocalClassicLinkToRemoteVpc": false
                },
                "OwnerId": "1234567890",
                "VpcId": "vpc-00000001",
                "CidrBlock": "10.100.0.0/16"
            },
            "VpcPeeringConnectionId": "pcx-abcde123",
            "ExpirationTime": "2016-12-04T23:35:08.000Z",
            "AccepterVpcInfo": {
                "OwnerId": "1234567890",
                "VpcId": "vpc-00000002"
            }
        }
    ]
}

Accept from CLI

aws ec2 --profile account1 accept-vpc-peering-connection --vpc-peering-connection-id pcx-abcde123
{
    "VpcPeeringConnection": {
        "Status": {
            "Message": "Provisioning",
            "Code": "provisioning"
        },
        "Tags": [],
        "AccepterVpcInfo": {
            "PeeringOptions": {
                "AllowEgressFromLocalVpcToRemoteClassicLink": false,
                "AllowDnsResolutionFromRemoteVpc": false,
                "AllowEgressFromLocalClassicLinkToRemoteVpc": false
            },
            "OwnerId": "1234567890",
            "VpcId": "vpc-00000001",
            "CidrBlock": "10.100.0.0/16"
        },
        "VpcPeeringConnectionId": "pcx-abcde123",
        "RequesterVpcInfo": {
            "PeeringOptions": {
                "AllowEgressFromLocalVpcToRemoteClassicLink": false,
                "AllowDnsResolutionFromRemoteVpc": false,
                "AllowEgressFromLocalClassicLinkToRemoteVpc": false
            },
            "OwnerId": "1234567890",
            "VpcId": "vpc-00000002",
            "CidrBlock": "10.120.0.0/16"
        }
    }
}
aws ec2 --profile account1 describe-vpc-peering-connections
{
    "VpcPeeringConnections": [
        {
            "Status": {
                "Message": "Active",
                "Code": "active"
            },
            "Tags": [
                {
                    "Value": "your-peering-name-tag",
                    "Key": "Name"
                }
            ],
            "AccepterVpcInfo": {
                "PeeringOptions": {
                    "AllowEgressFromLocalVpcToRemoteClassicLink": false,
                    "AllowDnsResolutionFromRemoteVpc": false,
                    "AllowEgressFromLocalClassicLinkToRemoteVpc": false
                },
                "OwnerId": "1234567890",
                "VpcId": "vpc-00000001",
                "CidrBlock": "10.100.0.0/16"
            },
            "VpcPeeringConnectionId": "pcx-abcde123",
            "RequesterVpcInfo": {
                "PeeringOptions": {
                    "AllowEgressFromLocalVpcToRemoteClassicLink": false,
                    "AllowDnsResolutionFromRemoteVpc": false,
                    "AllowEgressFromLocalClassicLinkToRemoteVpc": false
                },
                "OwnerId": "1234567890",
                "VpcId": "vpc-00000002",
                "CidrBlock": "10.120.0.0/16"
            }
        }
    ]
}


Sources