VPC Peering

VPC Peering is a powerful feature that allows you to connect two VPCs so they can communicate directly with each other.

You can create a VPC peering connection between your own VPCs, or with a VPC in another AWS account. The VPCs can be in different Regions (also known as an inter-Region VPC peering connection).

it allows you to route traffic between two VPCs using private IP addresses. This means that resources in different VPCs can communicate as if they were in the same network, without needing public IP addresses or traversing the public internet.

it is neither a gateway nor a VPN connection, and does not rely on a separate piece of physical hardware. There is no single point of failure for communication or a bandwidth bottleneck.

When you establish peering relationships between VPCs across different AWS Regions, resources in the VPCs (for example, EC2 instances and Lambda functions) in different AWS Regions can communicate with each other using private IP addresses, without using a gateway, VPN connection, or network appliance. The traffic remains in the private IP address space. All inter-Region traffic is encrypted with no single point of failure, or bandwidth bottleneck. Traffic always stays on the global AWS backbone, and never traverses the public internet, which reduces threats, such as common exploits, and DDoS attacks. Inter-Region VPC peering provides a simple and cost-effective way to share resources between Regions or replicate data for geographic redundancy.

Follow below steps for VPC peering:

1. Begin by logging into your AWS Management Console. Ensure you have the necessary permissions to create and manage VPCs.

2. Navigate to the VPC Dashboard.

- Go to "Peering Connections" in the left-hand menu.
- Click on "Create Peering Connection."

- Fill in the details for the Peering Connection:
- Peering Connection Name Tag: Enter a name for your connection.
- VPC (Requester): Choose the VPC that will initiate the peering request.
- Account: Select if the peer VPC is in the same account or another AWS account.
- VPC (Accepter): If it’s another account, enter the VPC ID of the peer VPC.

Click "Create Peering Connection."

3. Accept Request

- Navigate to "Peering Connections" and find the new peering connection listed.
- Select the peering connection and choose "Actions" then "Accept Request."
- Confirm the acceptance to establish the peering link.

4. Update Route Tables

For the VPCs to communicate, you need to update their route tables:
- Go to "Route Tables" in the VPC Dashboard.
- Select the route table associated with each VPC.
- Click on "Routes," then "Edit Routes," and "Add Route."
- Add a route that directs traffic destined for the peered VPC's CIDR block to the peering connection.

6. Ensure that the security groups and network ACLs associated with your resources allow inbound and outbound traffic from the CIDR blocks of the peered VPCs.