# VPC Peering | e6data on AWS

VPC Network Peering allows you to connect Virtual Private Clouds (VPCs) so workloads in different VPCs can communicate internally. This internal traffic remains within the cloud provider's network and not on the public internet.

### AWS Configuration <a href="#aws-configuration" id="aws-configuration"></a>

* Utilize the AWS provider to manage and deploy resources on AWS with Terraform. Configure the provider with the appropriate credentials before use. This provider is maintained by the HashiCorp AWS Provider team, and methods for configuration are provided in the [documentation](https://spacelift.io/blog/terraform-aws-provider).
* In this Terraform configuration, the route tables for both the source and destination VPCs are modified to facilitate communication. It is essential to associate the private subnet with a route table. Use the configurations provided below for AWS peering.
* To grant access to VPC peering resources, attach the following IAM policy to an IAM identity (user, group, or role):

```

json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "ec2:AcceptVpcPeeringConnection",
                "ec2:AssociateRouteTable",
                "ec2:CreateRoute",
                "ec2:CreateVpcPeeringConnection",
                "ec2:DescribeRouteTables",
                "ec2:DescribeVpcPeeringConnections",
                "ec2:DescribeVpcs",
                "ec2:ModifyVpcPeeringConnectionOptions",
                "ec2:ReplaceRoute",
                "ec2:ReplaceRouteTableAssociation",
                "ec2:DescribeVpcAttribute",
                "ec2:DeleteRoute",
                "ec2:DeleteVpcPeeringConnection",
                "ec2:CreateTags"
            ],
            "Resource": "*"
        }
    ]
}

```

### Execution Instructions <a href="#execution-instructions" id="execution-instructions"></a>

**For VPCs in the Same Region**\
Navigate to the [same\_region](https://github.com/e6x-labs/e6-oss-community/tree/main/terraform/aws/vpc_peering/same_region) directory and execute the [**Execution commands**](https://github.com/e6data/e6-oss-community/tree/main/terraform/aws/vpc_peering#execution-commands) after updating your `tfvars` file.

**For VPCs in Different Regions**\
Navigate to the [different\_region](https://github.com/e6x-labs/e6-oss-community/tree/main/terraform/aws/vpc_peering/different_region) directory and execute the [**Execution commands**](https://github.com/e6data/e6-oss-community/tree/main/terraform/aws/vpc_peering#execution-commands) after updating your `tfvars` file.

Note that establishing VPC peering across different regions may take 3-4 minutes to become active after running the Terraform code.

{% hint style="info" %}
**Note:** Ensure that both your cluster and the data you query are in the same region.
{% endhint %}

### Terraform Commands <a href="#terraform-commands" id="terraform-commands"></a>

To initialize, plan, and apply your Terraform configuration, use:

```
terraform init
terraform plan -var-file="terraform.tfvars" --out="e6.plan"
terraform apply "e6.plan"
```

### Cleanup Commands <a href="#cleanup-commands" id="cleanup-commands"></a>

To remove all resources created by Terraform, execute:

```
terraform destroy
```

This process outlines how to set up VPC peering using Terraform effectively, ensuring secure communication between different VPCs within AWS.