Skip to main content
In AWS, each Virtual Private Cloud (VPC) is an isolated network boundary. By default, resources in one VPC cannot reach resources in another VPC without an explicit link.
The image illustrates the behavior of Virtual Private Clouds (VPCs) acting as network boundaries, showing two VPCs with a boundary between them.

What Is VPC Peering?

VPC Peering establishes a private network connection between two VPCs, allowing instances to communicate as if they were on the same network. You can peer:
  • VPCs within the same AWS Region
  • VPCs across different regions (Inter-Region Peering)
  • VPCs in separate AWS accounts
The image illustrates VPC Peering between two AWS accounts, each containing a Virtual Private Cloud (VPC).
Once peered, you must update route tables; peering alone doesn’t modify routing.

Pricing Overview

Charge TypeDetails
Peering ConnectionNo setup fee or hourly rate
Intra-AZ Data TransferFree (within the same Availability Zone over a peering connection)
Inter-AZ Data TransferStandard cross-AZ rates apply

Establishing a VPC Peering Connection

Assume two VPCs with non-overlapping CIDR blocks:
  • VPC1: 10.1.0.0/16
  • VPC2: 10.2.0.0/16
Steps to create the peering link:
  1. Request Peering
    • AWS Console: VPC dashboard → Peering Connections → Create Peering Connection
    • AWS CLI: 
      aws ec2 create-vpc-peering-connection \
  --vpc-id vpc-01234567 --peer-vpc-id vpc-089abcdef
  2. Accept Peering
    • Console or CLI (accept-vpc-peering-connection) by the peer VPC owner.
  3. Verify Connection
    • Status changes to active in the Peering Connections list—but routing is still pending.
The image illustrates a VPC peering process between two virtual private clouds (VPC 1 and VPC 2) with IP ranges 10.1.0.0/16 and 10.2.0.0/16, showing the sending and accepting of a peering request.

Configuring Route Tables

After peering is active, add routes in each VPC’s route table: VPC1 route table 
Destination     Target
10.2.0.0/16     pcx-0a1b2c3d4e5f6g7h
VPC2 route table 
Destination     Target
10.1.0.0/16     pcx-0a1b2c3d4e5f6g7h
This ensures traffic flows over the peering link instead of the internet gateway.
The image illustrates a VPC peering connection between two virtual private clouds (VPC 1 and VPC 2) with their respective IP ranges and routing tables.
VPC Peering is non-transitive. If VPC1 peers with VPC2, and VPC2 peers with VPC3, VPC1 cannot reach VPC3 through VPC2. Each pair requires its own peering connection.

Transitive Peering Is Not Supported

  • VPC1 ↔ VPC2
  • VPC2 ↔ VPC3
  • No indirect VPC1 ↔ VPC3 communication

Summary

The image is a summary slide about VPC Peering, highlighting three points: network connection between VPCs, connection across regions and AWS accounts, and cost details regarding data transfer.
  • VPC Peering connects two VPCs privately.
  • Peerings can span regions and AWS accounts.
  • No cost for the connection itself; data transfer pricing applies.
  • Each VPC pair requires its own peering link—no transit routing.

Watch Video