Tutorial: Setting Up a VPC Peering Connection

You can configure your Virtual Private Cloud (VPC) to allow traffic to and from its peer VPC. This includes configuring the route table, and updating the rules of the security group.

Before you begin: Create a VPC platform. For more information, see Expert Mode: Creating a Custom VPC Platform.

  1. Create a VPC peering connection. For more information, see Creating a VPC Peering Connection.

    The owner of the accepter VPC must accept the request to peer the VPCs. For more information, see Accepting a VPC Peering Connection.

  2. In the route tables associated with the subnets of your VPC, create a route with the CIDR block of the peer VPC as destination, and the ID of the VPC peering connection as target. For more information, see Creating a Route.

    The owner of the peer VPC must create equivalent routes in their route tables pointing to your VPC.

    You can create a route for a VPC peering connection that is in the pending-acceptance state. However, in that case, the route is in the blackhole state until the VPC peering connection becomes active.

  3. Add the following rules to the security group associated with the instances of your VPC:

    • One or more rules allowing inbound flows from one or more security groups of the peer VPC

    • One or more rules allowing outbound flows to one or more security groups of the peer VPC

      For more information, see Adding Rules to a Security Group.

      The owner of the peer VPC must add equivalent rules to their security groups allowing flows to and from the security groups of your VPC.

      Your VPC peering connection is set up, and the peered VPCs can communicate using a private connection.

Related Pages

Corresponding API Methods