VpcPeeringConnection

Provides a resource to manage a VPC peering connection.

NOTE on VPC Peering Connections and VPC Peering Connection Options: This provider provides both a standalone VPC Peering Connection Options and a VPC Peering Connection resource with accepter and requester attributes. Do not manage options for the same VPC peering connection in both a VPC Peering Connection resource and a VPC Peering Connection Options resource. Doing so will cause a conflict of options and will overwrite the options. Using a VPC Peering Connection Options resource decouples management of the connection options from management of the VPC Peering Connection and allows options to be set correctly in cross-account scenarios.
Note: For cross-account (requester’s AWS account differs from the accepter’s AWS account) or inter-region VPC Peering Connections use the aws.ec2.VpcPeeringConnection resource to manage the requester’s side of the connection and use the aws.ec2.VpcPeeringConnectionAccepter resource to manage the accepter’s side of the connection.
Notes

If both VPCs are not in the same AWS account do not enable the auto_accept attribute. The accepter can manage its side of the connection using the aws.ec2.VpcPeeringConnectionAccepter resource or accept the connection manually using the AWS Management Console, AWS CLI, through SDKs, etc.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var foo = new Aws.Ec2.VpcPeeringConnection("foo", new Aws.Ec2.VpcPeeringConnectionArgs
        {
            PeerOwnerId = @var.Peer_owner_id,
            PeerVpcId = aws_vpc.Bar.Id,
            VpcId = aws_vpc.Foo.Id,
        });
    }

}

package main

import (
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        _, err := ec2.NewVpcPeeringConnection(ctx, "foo", &ec2.VpcPeeringConnectionArgs{
            PeerOwnerId: pulumi.String(_var.Peer_owner_id),
            PeerVpcId:   pulumi.String(aws_vpc.Bar.Id),
            VpcId:       pulumi.String(aws_vpc.Foo.Id),
        })
        if err != nil {
            return err
        }
        return nil
    })
}

import pulumi
import pulumi_aws as aws

foo = aws.ec2.VpcPeeringConnection("foo",
    peer_owner_id=var["peer_owner_id"],
    peer_vpc_id=aws_vpc["bar"]["id"],
    vpc_id=aws_vpc["foo"]["id"])

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const foo = new aws.ec2.VpcPeeringConnection("foo", {
    peerOwnerId: var_peer_owner_id,
    peerVpcId: aws_vpc_bar.id,
    vpcId: aws_vpc_foo.id,
});

Create a VpcPeeringConnection Resource

new VpcPeeringConnection(name: string, args: VpcPeeringConnectionArgs, opts?: CustomResourceOptions);

def VpcPeeringConnection(resource_name, opts=None, accepter=None, auto_accept=None, peer_owner_id=None, peer_region=None, peer_vpc_id=None, requester=None, tags=None, vpc_id=None, __props__=None);

func NewVpcPeeringConnection(ctx *Context, name string, args VpcPeeringConnectionArgs, opts ...ResourceOption) (*VpcPeeringConnection, error)

public VpcPeeringConnection(string name, VpcPeeringConnectionArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args VpcPeeringConnectionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args VpcPeeringConnectionArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args VpcPeeringConnectionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

VpcPeeringConnection Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The VpcPeeringConnection resource accepts the following input properties:

PeerVpcId string: The ID of the VPC with which you are creating the VPC Peering Connection.
VpcId string: The ID of the requester VPC.
Accepter VpcPeeringConnectionAccepterArgs: An optional configuration block that allows for VPC Peering Connection options to be set for the VPC that accepts the peering connection (a maximum of one).
AutoAccept bool: Accept the peering (both VPCs need to be in the same AWS account).
PeerOwnerId string: The AWS account ID of the owner of the peer VPC. Defaults to the account ID the AWS provider is currently connected to.
PeerRegion string: The region of the accepter VPC of the [VPC Peering Connection]. auto_accept must be false, and use the aws.ec2.VpcPeeringConnectionAccepter to manage the accepter side.
Requester VpcPeeringConnectionRequesterArgs: A optional configuration block that allows for VPC Peering Connection options to be set for the VPC that requests the peering connection (a maximum of one).
Tags Dictionary<string, string>: A map of tags to assign to the resource.

PeerVpcId string: The ID of the VPC with which you are creating the VPC Peering Connection.
VpcId string: The ID of the requester VPC.
Accepter VpcPeeringConnectionAccepterType: An optional configuration block that allows for VPC Peering Connection options to be set for the VPC that accepts the peering connection (a maximum of one).
AutoAccept bool: Accept the peering (both VPCs need to be in the same AWS account).
PeerOwnerId string: The AWS account ID of the owner of the peer VPC. Defaults to the account ID the AWS provider is currently connected to.
PeerRegion string: The region of the accepter VPC of the [VPC Peering Connection]. auto_accept must be false, and use the aws.ec2.VpcPeeringConnectionAccepter to manage the accepter side.
Requester VpcPeeringConnectionRequester: A optional configuration block that allows for VPC Peering Connection options to be set for the VPC that requests the peering connection (a maximum of one).
Tags map[string]string: A map of tags to assign to the resource.

peerVpcId string: The ID of the VPC with which you are creating the VPC Peering Connection.
vpcId string: The ID of the requester VPC.
accepter VpcPeeringConnectionAccepter: An optional configuration block that allows for VPC Peering Connection options to be set for the VPC that accepts the peering connection (a maximum of one).
autoAccept boolean: Accept the peering (both VPCs need to be in the same AWS account).
peerOwnerId string: The AWS account ID of the owner of the peer VPC. Defaults to the account ID the AWS provider is currently connected to.
peerRegion string: The region of the accepter VPC of the [VPC Peering Connection]. auto_accept must be false, and use the aws.ec2.VpcPeeringConnectionAccepter to manage the accepter side.
requester VpcPeeringConnectionRequester: A optional configuration block that allows for VPC Peering Connection options to be set for the VPC that requests the peering connection (a maximum of one).
tags {[key: string]: string}: A map of tags to assign to the resource.

peer_vpc_id str: The ID of the VPC with which you are creating the VPC Peering Connection.
vpc_id str: The ID of the requester VPC.
accepter Dict[VpcPeeringConnectionAccepter]: An optional configuration block that allows for VPC Peering Connection options to be set for the VPC that accepts the peering connection (a maximum of one).
auto_accept bool: Accept the peering (both VPCs need to be in the same AWS account).
peer_owner_id str: The AWS account ID of the owner of the peer VPC. Defaults to the account ID the AWS provider is currently connected to.
peer_region str: The region of the accepter VPC of the [VPC Peering Connection]. auto_accept must be false, and use the aws.ec2.VpcPeeringConnectionAccepter to manage the accepter side.
requester Dict[VpcPeeringConnectionRequester]: A optional configuration block that allows for VPC Peering Connection options to be set for the VPC that requests the peering connection (a maximum of one).
tags Dict[str, str]: A map of tags to assign to the resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the VpcPeeringConnection resource produces the following output properties:

AcceptStatus string: The status of the VPC Peering Connection request.
Id string: The provider-assigned unique ID for this managed resource.

AcceptStatus string: The status of the VPC Peering Connection request.
Id string: The provider-assigned unique ID for this managed resource.

acceptStatus string: The status of the VPC Peering Connection request.
id string: The provider-assigned unique ID for this managed resource.

accept_status str: The status of the VPC Peering Connection request.
id str: The provider-assigned unique ID for this managed resource.

Look up an Existing VpcPeeringConnection Resource

Get an existing VpcPeeringConnection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: VpcPeeringConnectionState, opts?: CustomResourceOptions): VpcPeeringConnection

static get(resource_name, id, opts=None, accept_status=None, accepter=None, auto_accept=None, peer_owner_id=None, peer_region=None, peer_vpc_id=None, requester=None, tags=None, vpc_id=None, __props__=None);

func GetVpcPeeringConnection(ctx *Context, name string, id IDInput, state *VpcPeeringConnectionState, opts ...ResourceOption) (*VpcPeeringConnection, error)

public static VpcPeeringConnection Get(string name, Input<string> id, VpcPeeringConnectionState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AcceptStatus string: The status of the VPC Peering Connection request.
Accepter VpcPeeringConnectionAccepterArgs: An optional configuration block that allows for VPC Peering Connection options to be set for the VPC that accepts the peering connection (a maximum of one).
AutoAccept bool: Accept the peering (both VPCs need to be in the same AWS account).
PeerOwnerId string: The AWS account ID of the owner of the peer VPC. Defaults to the account ID the AWS provider is currently connected to.
PeerRegion string: The region of the accepter VPC of the [VPC Peering Connection]. auto_accept must be false, and use the aws.ec2.VpcPeeringConnectionAccepter to manage the accepter side.
PeerVpcId string: The ID of the VPC with which you are creating the VPC Peering Connection.
Requester VpcPeeringConnectionRequesterArgs: A optional configuration block that allows for VPC Peering Connection options to be set for the VPC that requests the peering connection (a maximum of one).
Tags Dictionary<string, string>: A map of tags to assign to the resource.
VpcId string: The ID of the requester VPC.

AcceptStatus string: The status of the VPC Peering Connection request.
Accepter VpcPeeringConnectionAccepterType: An optional configuration block that allows for VPC Peering Connection options to be set for the VPC that accepts the peering connection (a maximum of one).
AutoAccept bool: Accept the peering (both VPCs need to be in the same AWS account).
PeerOwnerId string: The AWS account ID of the owner of the peer VPC. Defaults to the account ID the AWS provider is currently connected to.
PeerRegion string: The region of the accepter VPC of the [VPC Peering Connection]. auto_accept must be false, and use the aws.ec2.VpcPeeringConnectionAccepter to manage the accepter side.
PeerVpcId string: The ID of the VPC with which you are creating the VPC Peering Connection.
Requester VpcPeeringConnectionRequester: A optional configuration block that allows for VPC Peering Connection options to be set for the VPC that requests the peering connection (a maximum of one).
Tags map[string]string: A map of tags to assign to the resource.
VpcId string: The ID of the requester VPC.

acceptStatus string: The status of the VPC Peering Connection request.
accepter VpcPeeringConnectionAccepter: An optional configuration block that allows for VPC Peering Connection options to be set for the VPC that accepts the peering connection (a maximum of one).
autoAccept boolean: Accept the peering (both VPCs need to be in the same AWS account).
peerOwnerId string: The AWS account ID of the owner of the peer VPC. Defaults to the account ID the AWS provider is currently connected to.
peerRegion string: The region of the accepter VPC of the [VPC Peering Connection]. auto_accept must be false, and use the aws.ec2.VpcPeeringConnectionAccepter to manage the accepter side.
peerVpcId string: The ID of the VPC with which you are creating the VPC Peering Connection.
requester VpcPeeringConnectionRequester: A optional configuration block that allows for VPC Peering Connection options to be set for the VPC that requests the peering connection (a maximum of one).
tags {[key: string]: string}: A map of tags to assign to the resource.
vpcId string: The ID of the requester VPC.

accept_status str: The status of the VPC Peering Connection request.
accepter Dict[VpcPeeringConnectionAccepter]: An optional configuration block that allows for VPC Peering Connection options to be set for the VPC that accepts the peering connection (a maximum of one).
auto_accept bool: Accept the peering (both VPCs need to be in the same AWS account).
peer_owner_id str: The AWS account ID of the owner of the peer VPC. Defaults to the account ID the AWS provider is currently connected to.
peer_region str: The region of the accepter VPC of the [VPC Peering Connection]. auto_accept must be false, and use the aws.ec2.VpcPeeringConnectionAccepter to manage the accepter side.
peer_vpc_id str: The ID of the VPC with which you are creating the VPC Peering Connection.
requester Dict[VpcPeeringConnectionRequester]: A optional configuration block that allows for VPC Peering Connection options to be set for the VPC that requests the peering connection (a maximum of one).
tags Dict[str, str]: A map of tags to assign to the resource.
vpc_id str: The ID of the requester VPC.

Supporting Types

VpcPeeringConnectionAccepter

See the input and output API doc for this type.

AllowClassicLinkToRemoteVpc bool: Allow a local linked EC2-Classic instance to communicate with instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection to the remote VPC.
AllowRemoteVpcDnsResolution bool: Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. This is not supported for inter-region VPC peering.
AllowVpcToRemoteClassicLink bool: Allow a local VPC to communicate with a linked EC2-Classic instance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink connection.

AllowClassicLinkToRemoteVpc bool: Allow a local linked EC2-Classic instance to communicate with instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection to the remote VPC.
AllowRemoteVpcDnsResolution bool: Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. This is not supported for inter-region VPC peering.
AllowVpcToRemoteClassicLink bool: Allow a local VPC to communicate with a linked EC2-Classic instance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink connection.

allowClassicLinkToRemoteVpc boolean: Allow a local linked EC2-Classic instance to communicate with instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection to the remote VPC.
allowRemoteVpcDnsResolution boolean: Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. This is not supported for inter-region VPC peering.
allowVpcToRemoteClassicLink boolean: Allow a local VPC to communicate with a linked EC2-Classic instance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink connection.

allowClassicLinkToRemoteVpc bool: Allow a local linked EC2-Classic instance to communicate with instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection to the remote VPC.
allowRemoteVpcDnsResolution bool: Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. This is not supported for inter-region VPC peering.
allowVpcToRemoteClassicLink bool: Allow a local VPC to communicate with a linked EC2-Classic instance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink connection.

VpcPeeringConnectionRequester

See the input and output API doc for this type.

AllowClassicLinkToRemoteVpc bool: Allow a local linked EC2-Classic instance to communicate with instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection to the remote VPC.
AllowRemoteVpcDnsResolution bool: Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. This is not supported for inter-region VPC peering.
AllowVpcToRemoteClassicLink bool: Allow a local VPC to communicate with a linked EC2-Classic instance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink connection.

AllowClassicLinkToRemoteVpc bool: Allow a local linked EC2-Classic instance to communicate with instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection to the remote VPC.
AllowRemoteVpcDnsResolution bool: Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. This is not supported for inter-region VPC peering.
AllowVpcToRemoteClassicLink bool: Allow a local VPC to communicate with a linked EC2-Classic instance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink connection.

allowClassicLinkToRemoteVpc boolean: Allow a local linked EC2-Classic instance to communicate with instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection to the remote VPC.
allowRemoteVpcDnsResolution boolean: Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. This is not supported for inter-region VPC peering.
allowVpcToRemoteClassicLink boolean: Allow a local VPC to communicate with a linked EC2-Classic instance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink connection.

allowClassicLinkToRemoteVpc bool: Allow a local linked EC2-Classic instance to communicate with instances in a peer VPC. This enables an outbound communication from the local ClassicLink connection to the remote VPC.
allowRemoteVpcDnsResolution bool: Allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. This is not supported for inter-region VPC peering.
allowVpcToRemoteClassicLink bool: Allow a local VPC to communicate with a linked EC2-Classic instance in a peer VPC. This enables an outbound communication from the local VPC to the remote ClassicLink connection.

Package Details

Repository: https://github.com/pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud