VPC Peering | e6data on AWS

Manage and deploy AWS resources using the AWS provider in Terraform. Ensure correct setup using the official configuration guidelines.

VPC Network Peering allows you to connect Virtual Private Clouds (VPCs) so workloads in different VPCs can communicate internally. This internal traffic remains within the cloud provider's network and not on the public internet.

AWS Configuration

  • Utilize the AWS provider to manage and deploy resources on AWS with Terraform. Configure the provider with the appropriate credentials before use. This provider is maintained by the HashiCorp AWS Provider team, and methods for configuration are provided in the documentation.

  • In this Terraform configuration, the route tables for both the source and destination VPCs are modified to facilitate communication. It is essential to associate the private subnet with a route table. Use the configurations provided below for AWS peering.

  • To grant access to VPC peering resources, attach the following IAM policy to an IAM identity (user, group, or role):


json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "ec2:AcceptVpcPeeringConnection",
                "ec2:AssociateRouteTable",
                "ec2:CreateRoute",
                "ec2:CreateVpcPeeringConnection",
                "ec2:DescribeRouteTables",
                "ec2:DescribeVpcPeeringConnections",
                "ec2:DescribeVpcs",
                "ec2:ModifyVpcPeeringConnectionOptions",
                "ec2:ReplaceRoute",
                "ec2:ReplaceRouteTableAssociation",
                "ec2:DescribeVpcAttribute",
                "ec2:DeleteRoute",
                "ec2:DeleteVpcPeeringConnection",
                "ec2:CreateTags"
            ],
            "Resource": "*"
        }
    ]
}

Execution Instructions

For VPCs in the Same Region Navigate to the same_region directory and execute the Execution commands after updating your tfvars file.

For VPCs in Different Regions Navigate to the different_region directory and execute the Execution commands after updating your tfvars file.

Note that establishing VPC peering across different regions may take 3-4 minutes to become active after running the Terraform code.

Note: Ensure that both your cluster and the data you query are in the same region.

Terraform Commands

To initialize, plan, and apply your Terraform configuration, use:

terraform init
terraform plan -var-file="terraform.tfvars" --out="e6.plan"
terraform apply "e6.plan"

Cleanup Commands

To remove all resources created by Terraform, execute:

terraform destroy

This process outlines how to set up VPC peering using Terraform effectively, ensuring secure communication between different VPCs within AWS.

PreviousAWS PrivateLink and e6dataNextGCP Setup

Last updated