Automating Creation of VPC Peering Connections
Question
You want to automate the creation of a peering connection between VPCs in your AWS account.
How would you achieve this?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - A.
An example of this is given in the AWS Documentation.
AWS::EC2::VPCPeeringConnection.
A VPC peering connection enables a network connection between two virtual private clouds (VPCs) so that you can route traffic between them using a private IP address.
For more information about VPC peering and its limitations, see VPC Peering Overview in the Amazon VPC Peering Guide.
Note.
You can create a peering connection with another AWS account.
For a detailed walkthrough, see Walkthrough: Peer with an Amazon VPC in Another AWS Account.
Topics.
Syntax.
Properties.
Return Values.
Examples.
Syntax.
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON.
Option B is incorrect since Cloudformation should be used instead of Opsworks.
Options C and D are incorrect since these would not assist in the automatic creation of resources.
For more information on VPC peering with Cloudformation, please refer to the below URL.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcpeeringconnection.html
To automate the creation of a peering connection between VPCs in your AWS account, you can use option A: Use a CloudFormation template to deploy and peer the VPCs.
CloudFormation is a service that allows you to define and deploy infrastructure as code using templates. CloudFormation templates are JSON or YAML formatted files that describe the resources that you want to create in AWS. These templates can be versioned and used to automate the creation of your infrastructure.
To create a peering connection between VPCs using a CloudFormation template, you can define the following resources in your template:
Two VPCs: Define two VPC resources in your template, each with its own set of subnets.
Peering Connection: Define a peering connection resource that specifies the VPCs you want to peer, the AWS account ID of the other VPC owner, and the region where the other VPC is located.
Route Tables: Define route tables for each VPC that includes a route to the CIDR block of the other VPC via the peering connection.
Security Groups: Define security groups for each VPC to allow traffic between them via the peering connection.
Once you have defined the resources in your CloudFormation template, you can use the AWS CLI or AWS Management Console to create a CloudFormation stack. The stack creation process will automatically create the VPCs, peering connection, route tables, and security groups specified in your template.
Option B: Use an Opswork stack to peer the VPCs is not a valid solution, as OpsWorks is a service that provides a managed infrastructure solution for applications. It does not provide peering connection capabilities.
Option C: Use CloudTrail along with a Lambda function is not a valid solution, as CloudTrail is a service that logs AWS API calls, and Lambda is a service that allows you to run code in response to events. While you could use Lambda to automate the creation of a peering connection, it would require you to write a custom Lambda function that uses the AWS SDK to make API calls to create the necessary resources.
Option D: Use CloudWatch metrics along with a Lambda function is not a valid solution, as CloudWatch is a service that provides monitoring and observability for AWS resources, and Lambda is a service that allows you to run code in response to events. While you could use Lambda to automate the creation of a peering connection, it would require you to write a custom Lambda function that uses the AWS SDK to make API calls to create the necessary resources. Additionally, CloudWatch metrics are not relevant to creating a peering connection.