• Virtual Private Cloud

vpc
  1. Help Center
  2. Virtual Private Cloud
  3. User Guide
  4. VPC Peering Connection
  5. Creating a VPC Peering Connection with a VPC in Another Account

Creating a VPC Peering Connection with a VPC in Another Account

Scenarios

The VPC service also allows you to create a VPC peering connection with a VPC in another account. The two VPCs must be in the same region. If you request a VPC peering connection with a VPC in another account in the same region, the owner of the peer account must accept the request to activate the connection.

Creating a VPC Peering Connection

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. On the console homepage, under Network, click Virtual Private Cloud.
  4. In the navigation pane on the left, click VPC Peering.
  5. In the right pane displayed, click Create VPC Peering Connection.
  6. Configure parameters as prompted. You must select Other tenant for Tenant.
    Figure 1 Create VPC Peering Connection
    Table 1 Parameter description

    Parameter

    Description

    Example Value

    Name

    Specifies the name of the VPC peering connection.

    The name contains a maximum of 64 characters, which consist of letters, digits, hyphens (-), and underscores (_).

    peering-001

    Local VPC

    Specifies the local VPC. You can select one from the drop-down list.

    0a396cff-8bc1-4509-98b9-267cae5ac460

    Local VPC CIDR Block

    Specifies the CIDR block for the local VPC.

    192.168.10.0/24

    Tenant

    Specifies the tenant of the VPC to peer with.

    • Current tenant: The VPC peering connection will be created between your local VPC and a VPC of your own in the same region.
    • Other tenant: The VPC peering connection will be created between your local VPC and a VPC of another tenant in the same region.

    Other tenant

    Peer Project ID

    This parameter is available only when Other tenant is selected.

    For details about how to obtain the project ID, see Obtaining the Project ID.

    N/A

    Peer VPC ID

    This parameter is available only when Other tenant is selected.

    Specifies the ID of the peer VPC.

    65d062b3-40fa-4204-8181-3538f527d2ab

  7. Click OK.

Accepting a VPC Peering Connection Request

To request a VPC peering connection with a VPC in another account, the owner of the peer account must accept the request to activate the connection.

  1. The owner of the peer account logs in to the management console.
  2. On the console homepage, under Network, click Virtual Private Cloud.
  3. In the navigation pane on the left, click VPC Peering.
  4. Locate the row that contains the target VPC peering connection in the connection list, and click Accept Request in the Operation column.
    Figure 2 VPC peering connection list
  5. Click Yes in the displayed dialog box.

Refusing a VPC Peering Connection

The owner of the peer account can reject any received VPC peering connection request. After a VPC peering connection request is rejected, the connection will not be established. You must delete the rejected VPC peering connection request before creating a new VPC peering connection between the same VPCs as those in the rejected request.

  1. The owner of the peer account logs in to the management console.
  2. On the console homepage, under Network, click Virtual Private Cloud.
  3. In the navigation pane on the left, click VPC Peering.
  4. Locate the row that contains the target VPC peering connection in the connection list, and click Reject Request in the Operation column.
  5. Click Yes in the displayed dialog box.

Adding Routes for the VPC Peering Connection

If you request a VPC peering connection with a VPC in another account, the owner of the peer account must accept the request. To enable communication between the two VPCs, you need to add routes for the VPC peering connection. The owner of the local account can add only the local route because the owner does not have the required permission to perform operations on the peer VPC. The owner of the peer account must add the peer route. The procedure for adding a local route and a peer route is the same.

  1. Log in to the management console.
  2. On the console homepage, under Network, click Virtual Private Cloud.
  3. In the navigation pane on the left, click VPC Peering.
  1. Locate the target VPC peering connection in the connection list.
  2. Click the name of the VPC peering connection to switch to the page showing details about the connection.
  3. On the displayed page, click the Local Routes tab.
  4. In the displayed Local Routes area, click Add Local Route. In the displayed dialog box, add a local route. Table 2 lists the parameters to be configured.
    Figure 3 Add Local Route
    Table 2 Route parameter description

    Parameter

    Description

    Example Value

    Destination

    Specifies the destination address. Set it to the peer VPC or subnet CIDR block.

    192.168.10.0/24

    Next Hop

    Specifies the next hop address. The default value is the VPC peering connection ID. Keep the default value.

    65d062b3-40fa-4204-550a

  5. Click OK.

    The routes are added for the VPC peering connection.

After a VPC peering connection is created, the two VPCs can communicate with each other through private IP addresses. You can run the ping command to check whether the two VPCs can communicate with each other.

If two VPCs cannot communicate with each other, check the configuration by following the instructions provided in What Can I Do If VPCs in a VPC Peering Connection Cannot Communicate with Each Other?.

Obtaining the Project ID

You can perform the following steps to obtain the project ID on the management console:

  1. Log in to the management console.
  2. Select My Credential from the username drop-down list.
  3. On the Project List tab, obtain the required project ID.