In this hands-on lab scenario, you’re a cloud network engineer working for a large organization that has multiple VPCs. Each VPC is dedicated to a business unit (e.g., Marketing, Sales, Services, etc.). The Marketing department requires access to all resources in the Sales department, and vice versa. We will create a VPC peering connection between the Marketing and Sales VPCs, allowing them to act as if they are on the same network. We’ll also add the necessary routes to the associated network route tables.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Secure the EC2 Instance
- In the AWS Management Console, navigate to VPC.
- Under SECURITY, select Network ACLs.
- Select Public2-NACL.
- Click Inbound Rules.
- Click Edit Inbound Rules.
- Change the source for Rule #
104to10.0.0.0/13. - Click Save.
- Create a VPC Peering Connection
- Navigate to VPC.
- Under VIRTUAL PRIVATE CLOUD, select Peering Connections.
- Click Create Peering Connection.
- Set the following values:
- Peering connection name tag: Marketing<->Sales
- VPC (Requester): Marketing-VPC
- VPC (Accepter): Sales-VPC
- Leave the rest as their defaults and click Create Peering Connection.
- Click OK. The Status should now be Pending Acceptance.
- To accept the VPC peering connection, select the newly created connection and click Actions > Accept Request.
- Review and click Yes, Accept
- Click Close.
- Configure Routing
- Under VIRTUAL PRIVATE CLOUD, select Route Tables.
- Select Public1-RT.
- Select Routes.
- Click Edit Routes.
- Click Add Route and enter the following values:
- Destination: 10.2.0.0/16
- Target: Marketing<->Sales
- Click Save routes.
- Repeat the steps above for Private1-RT.
- Repeat the steps above for Public2-RT and Private2-RT, setting the Destination to 10.1.0.0/16.
