connecting-vpcs-with-peering
Connecting VPCs with Peering
Overview
Domain expertise for establishing private network connectivity between two VPCs using VPC peering. Covers the full lifecycle: creating the peering connection, accepting it, updating route tables in both VPCs, configuring DNS resolution, and adjusting security groups for cross-VPC traffic. Supports same-region, cross-region, and cross-account peering scenarios.
Create a VPC peering connection
To establish a VPC peering connection between two VPCs, follow the procedure exactly. See VPC peering connection procedure.
The procedure requires the requester and accepter VPC IDs at minimum. It validates both VPCs exist, checks for CIDR overlap, creates and accepts the peering, updates all route tables, and configures DNS resolution.
Troubleshooting
Peering stuck in pending state
Cross-account connections require manual acceptance from the accepter account. Same-account connections with auto_accept: true should transition automatically.
Route creation fails
Check for existing routes with the same destination CIDR. Replace existing routes instead of creating new ones.
DNS resolution not working
Both VPCs must have DNS resolution and DNS hostnames enabled in their VPC settings, not just the peering connection options.
Cross-region connectivity issues
Verify routes are added in both regions and security groups allow traffic from the peer VPC's CIDR blocks.
More from aws/agent-toolkit-for-aws
aws-iam
Verified corrections for IAM behaviors that AI agents frequently get\
199aws-serverless
Builds, deploys, manages, debugs, configures, and optimizes serverless applications on AWS using Lambda, API Gateway, Step Functions, EventBridge, and SAM/CDK. Covers cold starts, CORS debugging, event source mappings, troubleshooting, concurrency, SnapStart, Powertools, function URLs, EventBridge Scheduler, Lambda layers, Durable Functions, durable execution, checkpoint-and-replay, and production readiness. Use when the user mentions Lambda, API Gateway, Step Functions, SAM templates, CDK serverless stacks, DynamoDB stream triggers, SQS event sources, cold starts, timeouts, 502/504 errors, throttling, concurrency, CORS, Powertools, Durable Functions, durable execution, checkpoint-and-replay, or any event-driven architecture on AWS, even if they don't say "serverless." Do NOT use for EC2, ECS/Fargate containers, or Amplify hosting.
181aws-cloudformation
Author, validate, and troubleshoot AWS CloudFormation templates. Covers template authoring with secure defaults, pre-deployment validation (cfn-lint, cfn-guard, change sets), and root-cause diagnosis of failed stacks using CloudFormation events and CloudTrail correlation.
174aws-sdk-python-usage
|
173aws-cdk
Authors, deploys, and troubleshoots AWS infrastructure using CDK with TypeScript or Python. Covers best practices, stack architecture, and construct patterns. Always use when writing CDK constructs, bootstrapping environments, running cdk deploy/synth/diff, fixing CDK or CloudFormation errors, planning stack structure, importing existing resources, resolving drift, or refactoring stacks without resource replacement.
171aws-messaging-and-streaming
>
144