Virtual Private Cloud (VPC) peering is a method of connecting separate AWS or Google Cloud private networks to each other. It makes it possible for the virtual machines in the different VPC's to talk to each other directly without going through the public internet.
VPC peering setup is a per project and per region setting. This means that all services created and running utilize the same VPC peering connection. If needed, you can have multiple projects that peer with different connections.
NOTE: VPC peered services differ from regular Aiven services in the following way:
- Services are only accessible via your VPC's internal network, they are not accessible from the public internet
- TLS certificates for VPC peered services are signed by the Aiven project CA and cannot be validated against a public CA (Let's Encrypt)
Setting it up
In order to set up a VPC peering for your Aiven project please submit a request in the Aiven web console's VPC view.
All new services in the selected cloud region of the project will be placed in the peered network.
The IP Range should be chosen so that it doesn't overlap with any networks you wish to peer. For example, if your own networks use the 10.0.0.0/8 range, selecting 192.168.0.0/24 for your Aiven project VPC makes it possible to peer the networks.
Peering connections can be requested with the VPC request, or added later.
After the request has been submitted we'll set up peering on our side and the status is updated in the web console's VPC view together with instructions for starting peering with our network. We can typically complete the setup within one business day.