Mini project to demonstrate VPC peering in AWS using Terraform
Source: Dev.to
✅ What is VPC Peering?
VPC Peering is a networking connection between two Virtual Private Clouds (VPCs) that enables private‑IP communication between them as if they were part of the same network.
Architecture
✅ In this demo we create
✨ Networking
- Two VPCs – one in us‑east‑1 and one in us‑west‑2
- One public subnet in each VPC
- An Internet Gateway for each VPC (to allow internet access)
- Custom route tables with routes to the Internet and the peered VPC
- A cross‑region VPC peering connection between the two VPCs
✨ Compute Resources
- One EC2 instance in each VPC
✨ Security Groups
- SSH access from anywhere (port 22)
- ICMP (ping) allowed from the peered VPC
- All TCP traffic allowed between the VPCs
💡 Detailed implementation steps
📌 Step 1 – Prerequisites
- AWS CLI installed
- Terraform installed
- Configure AWS credentials with
aws configure
📌 Step 2 – Create SSH key pairs in each region
# us-east-1
aws ec2 create-key-pair \
--key-name vpc-peering-demo-east \
--region us-east-1 \
--query 'KeyMaterial' \
--output text > vpc-peering-demo-east.pem
# us-west-2
aws ec2 create-key-pair \
--key-name vpc-peering-demo-west \
--region us-west-2 \
--query 'KeyMaterial' \
--output text > vpc-peering-demo-west.pem✅ Main.tf file
(The full main.tf is omitted for brevity; it defines providers, VPCs, subnets, IGWs, route tables, peering, EC2 instances, and security groups.)
📌 Step 3 – Provision primary and secondary VPCs
📌 Step 4 – Create public subnets
📌 Step 5 – Attach Internet Gateways
📌 Step 6 – Create custom route tables
📌 Step 7 – Create the VPC peering connection
(Further steps – route‑table updates, security‑group rules, and EC2 instance provisioning – follow the same pattern and are included in the full Terraform configuration.)
Result:
The two VPCs are now peered across regions, allowing the EC2 instances to communicate securely via private IP addresses while still having internet access through their respective Internet Gateways. This setup demonstrates a clean, Terraform‑driven approach to cross‑region networking in AWS.
📌 Step 8 – Add Routes
Routes were added in both VPC route tables to direct traffic destined for the peer VPC CIDR via the peering connection. This enables bidirectional communication using private IP addresses.
Same routing configuration must be applied from the secondary VPC to the primary VPC.
📌 Step 9 – Security Groups
Security groups were defined in each VPC to allow SSH access for administration. ICMP and TCP traffic were permitted between the VPC CIDR ranges to validate connectivity.
| Image | Description |
|---|---|
 | SSH, ICMP, and TCP rules |
 | Allow all outbound traffic |
The same security‑group configuration must be applied for the secondary VPC.
📌 Step 10 – Launch EC2 Instances
EC2 instances were launched in each subnet using region‑appropriate AMIs and key pairs.
Repeat the instance creation steps for the secondary VPC.
📌 data_source.tf
Create an equivalent data_source.tf file for the secondary VPC.
📌 locals.tf
📌 variables.tf
📌 Outputs
| Output | Screenshot |
|---|---|
| Primary VPC outputs |  |
| Secondary VPC outputs |  |
| Additional outputs |  |
Further Resources
- YouTube video: Terraform Full Course – AWS VPC Peering (Day 15)
- GitHub repository: Terraform‑Full‑Course‑Aws / lessons / day15
DevOps #Terraform #AWS
Thanks to Piyush Sachdeva and The CloudOps Community