Connecting VPCs

With VPC Peering, you can peer two VPCs in the same region. The VPCs can be in the same account or different accounts.

In Figure 1, a VPC peering connection (Peering-AB) connects two VPCs (VPC-A and VPC-B) in a region.

Figure 1 Connecting VPCs in the same region over a VPC peering connection

An enterprise router can connect multiple VPCs in the same account or different accounts to set up a hub-and-spoke network. Compared with VPC Peering, Enterprise Router is more suitable for complex networking where many VPCs need to be connected.

For details, see Using an Enterprise Router to Enable Communications Between VPCs in the Same Region.

In Figure 2, an enterprise router connects multiple VPCs in the same region and forwards traffic among them. The routes are automatically configured for the VPCs and the enterprise router.

Figure 2 Connecting VPCs in the same region using an enterprise router

You can load VPCs in different regions to a cloud connection, regardless of whether the VPCs are in the same account or different accounts. For details, see Connecting VPCs in Different Regions.

In Figure 3, two VPCs (VPC-AX and VPC-AY) in region A, a VPC (VPC-B) in region B, and a VPC (VPC-C) in region C are connected over a cloud connection for private network communications.

Figure 3 Using a cloud connection to connect VPCs in different regions

You can attach VPCs in the same region to an enterprise router, and then add enterprise routers in different regions to a central network as attachments, so the VPCs can communicate with each other. This solution features higher scalability and is suitable for complex networking if there are multiple VPCs in different regions.

For details, see Connecting VPCs Across Regions Using Enterprise Router and Central Network.

In Figure 4, there are four VPCs in three regions: VPC-A in region A, VPC-B in region B, and VPC-C and VPC-D in region C. There is an enterprise router in each region: ER-A for VPC-A, ER-B for VPC-B, and ER-C for VPC-C and VPC-D. The VPCs are attached to the enterprise router in each region, and the enterprise routers in the three regions are added to a central network for cross-region network connectivity. If there will be more VPCs in the future, you only need to attach the VPCs to the enterprise router in the same region. Compared with a cloud connection, this solution features simpler network topology.

Figure 4 Connecting VPCs in different regions using a central network

You can use VPN connect VPCs in different regions, so that they can communicate with each other over the Internet.

In Figure 5, there is a VPC in each region: VPC-A in region A and VPC-B in region B. Each VPC is connected to a VPN connection. The two VPCs can communicate with each other through an encrypted channel on the Internet. VPN can be enabled fast and is cost-effective.

Figure 5 Connecting VPCs in different regions using VPN

You can use Direct Connect to connect VPCs in different regions.

In Figure 6, there is a VPC in each region: VPC-A in region A and VPC-B in region B. Each VPC is connected to a Direct Connect connection. The two VPCs can communicate with each other through a dedicated connection. Compared with VPN, Direct Connect enables faster, more stable data transmission.

Figure 6 Connecting VPCs in different regions using Direct Connect