AWS VPC to VPC Peering Project (Networking)

Introduction

AWS VPC Peering enables direct network communication between two Virtual Private Clouds (VPCs), facilitating secure and efficient connectivity. This guide walks through setting up two VPCs (Test VPC & Prod VPC), configuring subnets and EC2 instances, setting up Internet Gateways and Route Tables, establishing a VPC Peering connection, implementing security configurations, and testing connectivity.

Step 1: Creating Test VPC and Prod VPC

1. Open AWS Management Console and navigate to VPC Dashboard → Create VPC.

2. Create Test VPC with:

   • Name: Test VPC

   • IPv4 CIDR Block: 10.0.0.0/16

3. Create Prod VPC with:

   • Name: Prod VPC

   • IPv4 CIDR Block: 192.168.0.0/16

4. Click Create VPC for both.

Step 2: Configuring Subnets and EC2 Instances

2.1 Create Subnets

1. Navigate to VPC Dashboard → Subnets.

2. Click Create Subnet.

3. Configure subnets:

   • Test VPC: 10.0.1.0/24 (Test Subnet)

   • Prod VPC: 192.168.1.0/24 (Prod Subnet)

4. Click Create Subnet for both.

2.2 Launch EC2 Instances

1. Navigate to EC2 Dashboard → Launch Instance.

2. Select Amazon Linux 2 AMI.

3. Assign one EC2 to Test VPC and one to Prod VPC.

4. Set Auto-assign Public IP: No (for private instances).

5. Launch instances and connect via SSH.

Step 3: Setting Up Internet Gateways and Route Tables

3.1 Attach Internet Gateways

1. Go to VPC Dashboard → Internet Gateways.

2. Click Create Internet Gateway.

3. Attach to corresponding VPCs:

   • Test-IGW → Test VPC

   • Prod-IGW → Prod VPC

3.2 Update Route Tables

1. Navigate to Route Tables.

2. Select Test VPC Route Table and Prod VPC Route Table.

3. Configure routes:

   • Test VPC: 0.0.0.0/0 → Test-IGW

   • Prod VPC: 0.0.0.0/0 → Prod-IGW

4. Click Save Routes.

Step 4: Establishing VPC Peering

4.1 Create a Peering Connection

1. Navigate to VPC Dashboard → Peering Connections.

2. Click Create Peering Connection.

3. Enter details:

   • Peering Name: Test-Prod Peering

   • Requester VPC: Test VPC

   • Accepter VPC: Prod VPC

4. Click Create Peering Connection.

4.2 Accept the Peering Request

1. Navigate to Peering Connections.

2. Select the pending request and click Accept.

4.3 Update Route Tables for Peering

1. Test VPC Route Table: Add a route:

   • Destination: 192.168.0.0/16

   • Target: Peering Connection

2. Prod VPC Route Table: Add a route:

   • Destination: 10.0.0.0/16

   • Target: Peering Connection

3. Click Save Routes.

Step 5: Testing VPC Peering Connection

1. Connect to the EC2 instance in Test VPC via SSH.

2. Run the following command to test connectivity:

    ping <Private IP of EC2 in Prod VPC>
   

3. If ping is successful, VPC Peering setup is complete!

Step 6: Security Configurations

6.1 Security Group Rules

1. Modify Security Groups for EC2 instances in both VPCs:

   • Inbound: Allow ALL ICMP - IPv4 from 192.168.0.0/16 (for Test VPC)

   • Outbound: Allow traffic to 192.168.0.0/16

Limitations of AWS VPC Peering

• No transitive peering – Direct VPC-to-VPC connection only.

• Manual route table updates are required.

• Higher costs for cross-region peering.

• Limited scalability – Transit Gateway is better for large architectures.

VPC Peering vs. AWS Transit Gateway

Conclusion

AWS VPC Peering is an efficient, low-latency way to connect VPCs, ensuring secure communication. Follow best practices to optimize connectivity and security. For complex architectures, consider AWS Transit Gateway.

Reference

This guide was created based on the tutorial: AWS VPC Peering Tutorial.