Peering connections
You can create a peering connection between HashiCorp Cloud Platform (HCP) and your virtual private cloud (VPC) in AWS to link resources between the two services.
Overview
HCP Consul Dedicated and HCP Vault Dedicated use peering connections to communicate with the clients hosted in your AWS environment.
You can create peering connections from the HCP interface. You can also use the HCP provider in Terraform. For instructions on how to create peering connections with Terraform, refer to the HCP provider documentation.
You can use peering connections to quickly connect the HVN to your VPC and create HVN peering connections across different AWS regions. However, peering connections may not scale to meet the requirements of complex environments. For larger environments, we recommend connecting HCP to your VPCs through transit gateways.
Requirements
- An AWS account ID
- The ID of the VPC you wish to connect
- VPCs must be configured with RFC1918 or RFC6598 specification IP addresses.
Create peering connections
To set up a peering connection:
Configure the connection request in HCP
- Sign in to the HCP Portal and select your organization.
- From the sidebar, click HashiCorp Virtual Network.
- Click on an HVN in the ID column.
- From the sidebar, click Peering connections.
- Click Create connection.
- Complete the requested fields:
- In the Connection ID field, enter a name for the peering connection. The name can be up to 36 characters and can only include letters, numbers, and dashes.
- Enter your AWS Account ID.
- Select your VPC region.
- Enter your VPC ID.
- Click Create connection.
The HVN sends a peering connection request to AWS. The peering request expires after seven days. The status of the connection appears as pending until either the request is accepted or it expires.
Complete configuration for AWS
HCP generates terminal commands that you can copy and paste into your AWS CLI to accept the request. HCP also provides links to the AWS documentation if you prefer to use the AWS browser interface.
- Sign in to the HCP Portal and select your organization.
- From the sidebar, click HashiCorp Virtual Network.
- Click on an HVN in the ID column.
- From the sidebar, click Peering connections.
- Click the name of the connection in the ID column.
- Copy the commands for inbound and outbound rules and run each command in your terminal.
You can also accept the request from the AWS console. For information about accepting VPC peering connections, refer to the AWS documentation.
Next steps
The HVN peering connection does not contain routing information. Once the connection is active, you can add a route for all or part the VPC CIDR range. For more details, refer to Routes.