How To: VPC Peering Connection | AWS | Between 2 VPCs in Different Accounts & Regions

Описание к видео How To: VPC Peering Connection | AWS | Between 2 VPCs in Different Accounts & Regions

In this tutorial, you'll learn how to create a VPC peering connection between two VPCs in different accounts and regions.


Facebook:   / gokcedbsql  

Video Transcript:
_
Hi guys, this is Abhi from Gokcedb. In this video, you're going to learn how to set up vpc peering connection between two vpcs running in different accounts and different regions in AWS. Let's start by navigating to the vpc service then click on create vpc and give it a name.

Enter a cider block and leave the tenancy to default. I'm going to select one for the availability zone, one for the public subnet, 0 for the private subnet, none for the nat gateway, and none for vpc endpoint. Hit the create vpc button and wait for the vpc workflow to complete.

Save the vpc and the owner ID because we'll need them when setting up the peering connection. Let's confirm that the vpc workflow created one public subnet, one public route table, and one internet gateway. Next click on security groups then hit the create button.

Give your security group a name and a description then select the project vpc. For inbound rules, I'm going to create for ssh anywhere and HTTP from anywhere. I'm also going to add a rule for ICMP, for a vpc running in the Canada region that will create soon.

Hit create then navigate to the ec2 service. Click on instance then hit the launch instances button. Give your instance a name.

Select ami then click on edit in the network settings. Select the project PPC from the drop-down. Enable auto-assign in public IP, then select the security group that we just created.

Click on the launch instance then hit the refresh button. You should see your instance in a pending state. Now, I'm going to switch to a different account called sandbox and change the region to Canada.

Navigate to the vpc service then click on the create vpc. Give your vpc a name then enter a cider block. Note, you cannot create a vpc peering connection with overlapping cider blocks so make sure it's different than the original. Select default for tenancy, one for availability zone, 1 for the public subnet, 0 for the private subnet, none for nat gateway, and none for vpc endpoint.

Hit create then wait for the vpc workflow to complete. Confirm that the vpc workflow created, one public subnet, one public route table, and one internet gateway. Next, click on peering connection then hit the create peering connection button.

Give your peering connection a name and select the project vpc from the dropdown. Enter the account ID region and vpc ID of the original vpc. Hit create and you should see a message saying appearing connection has been requested.

Switch back to the original account. Select the North Virginia region then click on peering connections. Click on the Actions dropdown and accepts this request.

Now we can switch back to the sandbox account and change the region to Canada. Click on pairing connections and you should see the status as active for our new peering connection. Next, navigate to the routes tab of the public route table then click on edit.

Click on add route and enter the cider block of the original vpc. For target, click on peering connection and our new peering connection should automatically pop up. Hit the save button to exit.

Click on security groups then hit the create button. Give your security group a name description then select the project vpc from the drop-down. Enter an inbound rule for ssh from anywhere and HTTP from anywhere.

I'm also going to add a rule ICMP from the vpc cider block of the original vpc. Hit the create button then navigate to the ec2 dashboard. Click on instances then hit the launch instances button.

Give your instance a name, select an AMI then click on edit in network settings. Select the project vpc from the dropdown and enable auto-assign public IP. Select the security group that we just created then hit the launch button.

Click on the refresh button and you should see your instance in a pending state. Save the private IP address of this instance then switch back to the original account. Navigate to the vpc service and change the region to North Virginia.

Go to the routes tab of the public table then click on edit routes. Click on add route then enter the cider block of the vpc running in the Canada region. For target, select the new peering connection the hit save.

Next, navigate to the ec2 dashboard then connect to my web server instance using instance connect. Type the ping command followed by the private IP Address of the ec2 instance running in the Canada Region. Looks like the peering connection was successfully set up.

Watch what happens if I switch back to the sandbox account and remove the peering connection route from the public route table and try pinging the IPA address again. This time I'm experiencing 100 packet loss. There you have it. Make sure you like, subscribe, and turn on the notification bell.

Until next time.

Комментарии

Информация по комментариям в разработке