Accessing Resources in other VPCs
Depending upon the size of our organization, we may have more than one or two VPCs, or have a VPC deployed in more than one region. There are many cases for multiple VPCs:
- segregates applications based upon some criteria, like function, security level, data classification, etc.;
- use different VPCs for the various business units;
- service deployment in multiple regions; or
- for different stages in the development process.
If you have worked with AWS for any length of time, you know that every AWS account comes with a default VPC in every supported region. Every default VPC uses the same CIDR block, 172.31.0.0/16. This is important for later in the article.
However, we may find the CIDR block doesn’t fit our needs, or we want to implement additional VPCs for specific reasons, some of which are mentioned above. (My article, Creating a Custom VPC in AWS Using CloudFormation, dives into the network components needed when creating a custom VPC and illustrates the CloudFormation elements needed to accomplish the task.
Regardless of the specific reason for multiple VPCs, sometimes we need to connect them together so they can exchange information. There are two methods for achieving this connectivity in AWS. The first is VPC Peering, and the second is the Transit Gateway. This article is going to discuss using VPC peering.
