Manage an organization VPC peering with AWS Limited availability
Set up a peering connection between your Aiven organization VPC and an AWS VPC.
Prerequisites
- Manage organization networking permissions
- Two VPCs to be peered: an organization VPC in Aiven and a VPC in your AWS account
- Access to the AWS Management Console
- One of the following tools for operations on the Aiven Platform:
Create a peering connection
Collect data from AWS
To create a peering connection in Aiven, first collect the required data from AWS:
- Log in to the AWS Management Console and go to your profile information.
- Find and save your account ID.
- Open the navigation menu, and select All services.
- Find Networking & Content Delivery, and go to VPC > Your VPCs.
- Find a VPC to peer, preview its details, and save its ID and a cloud region that it's located in.
Create a peering in Aiven
With the data collected from AWS, create an organization VPC peering connection using a tool of your choice:
- Aiven Console
- Aiven API
- Aiven Provider for Terraform
- Log in to the Aiven Console, and click Admin in the top navigation bar.
- Click VPCs in the sidebar.
- On the Virtual private clouds page, select an organization VPC to peer.
- On the VPC details page, go to the VPC peering connections section and click Create peering request.
- In the Create peering request window:
- Enter the following:
- AWS account ID
- AWS VPC region
- AWS VPC ID
- Click Create.
- Enter the following:
Make an API call to the OrganizationVpcPeeringConnectionCreate endpoint:
curl --request POST \
--url https://api.aiven.io/v1/organization/ORGANIZATION_ID/vpcs/ORGANIZATION_VPC_ID/peering-connections \
--header 'Authorization: Bearer BEARER_TOKEN' \
--header 'content-type: application/json' \
--data '
{
"peer_cloud_account":"AWS_ACCOUNT_ID",
"peer_vpc":"AWS_VPC_ID"
}
'
Replace the following placeholders with meaningful data:
ORGANIZATION_IDORGANIZATION_VPC_IDBEARER_TOKENAWS_ACCOUNT_IDAWS_VPC_ID
Use the aiven_aws_org_vpc_peering_connection resource.
This adds a connection with the Pending peer status in the Aiven Console and a connection pending acceptance in the AWS Management Console.
Accept the peering request in AWS
- Log in to the AWS Management Console, open the navigation menu, and select All services.
- Find Networking & Content Delivery, and go to VPC > Peering connections.
- Find your peering connection from Aiven pending acceptance, select it, and click Actions > Accept request.
- Create or update your AWS route tables to match your Aiven CIDR settings.
At this point, your peering connection status should be visible as Active both in the Aiven Console and in the AWS Management Console.
Delete the peering
Once you delete your VPC peering on the Aiven Platform, the cloud-provider side of the
peering connection becomes inactive or deleted, and the traffic between the disconnected
VPCs is terminated.
Delete an organization VPC peering using a tool of your choice:
- Aiven Console
- Aiven API
- Aiven Provider for Terraform
- Log in to the Aiven Console, and click Admin in the top navigation bar.
- Click VPCs in the sidebar.
- On the Virtual private clouds page, select an organization VPC.
- On the VPC details page, go to the VPC peering connections section, find the peering to be deleted, and click Actions > Delete.
- In the Confirmation window, click Delete VPC peering.
Make an API call to the OrganizationVpcPeeringConnectionDelete endpoint:
curl --request DELETE \
--url https://api.aiven.io/v1/organization/ORGANIZATION_ID/vpcs/ORGANIZATION_VPC_ID/peering-connections/PEERING_CONNECTION_ID \
--header 'Authorization: Bearer BEARER_TOKEN'
Replace the following placeholders with meaningful data:
ORGANIZATION_ID: Aiven organization IDORGANIZATION_VPC_ID: Aiven organization VPC IDPEERING_CONNECTION_ID: ID or name of your cloud provider VPCBEARER_TOKEN
To delete your aiven_CLOUD_PROVIDER_NAME_org_vpc_peering_connection resource, run terraform destroy.
See the
Aiven Provider for Terraform documentation
for details.