Skip to main content
Just announced HashiConf Global full schedule: keynotes, sessions, labs & more. Register Now
Type '/' to Search

A new platform for documentation and tutorials is launching soon.

We are migrating Learn content into HashiCorp Developer, our new developer experience.

HCP

Peering an AWS VPC with HashiCorp Cloud Platform (HCP)

This tutorial also appears in: HCP Vault Operations and HashiCorp Cloud Platform.

The HashiCorp Cloud Platform (HCP) supports network peering with an AWS VPC. Network peering enables compute resources in two different networks to communicate with each other. In order for the Consul and Vault servers hosted on the HashiCorp Cloud Platform (HCP) to communicate with the clients hosted on your AWS environment, a network peering connection must be established.

This tutorial provides guidance on how to create a network peering connection between HashiCorp Cloud Platform and an AWS VPC.

»Prerequisites

  • An AWS Account
  • AWS CLI installed
  • An AWS VPC
  • An HCP Account
  • An HashiCorp Virtual Network (HVN)
  • AWS permissions to perform the follow actions:
    • Accept peering connections
    • Create and edit security groups
    • Create VPC routes
    • Create IAM roles (automated method only)

»Create a peering connection

There are two methods to create a peering connection between the HCP HVN and AWS VPC - manual or automated.

The automated method connects to your AWS account and launches a CloudFormation template to complete the peering configuration. The CloudFormation template handles creating the peering request, accepting the peering request, and creating the necessary routes between the HVN and VPC.

The manual process will require you to perform each step in your HCP and AWS accounts.

  1. Navigate to the left sidebar and click on the HashiCorp Virtual Network link at the top.

  2. Select the HVN you want to create a peering connection with.

  3. In the selected HVN overview page, navigate to the left sidebar and click on the Peering connections link.

    Overview of the HVN available

    If you have peering connections available, they are listed in the center of the screen.

  4. Click the Create connection pull down menu and select Automate peering connection. ui-hcp-automate-peering-aws

  5. Select the VPC region you want to create the peering connection in and click Launch stack creation in AWS CloudFormation. ui-hcp-automate-peering-aws-config

    A new browser tab/page will open. If you are not already authenticated, log into your AWS account.

  6. In the Parameters section, select the VPC you wish to peer with your HCP HVN. ui-aws-cloudformation-select-vpc

  7. Click the I acknowledge that AWS CloudFormation might create IAM resources checkbox and click Create stack. ui-aws-cloudformation-create-stack

  8. Monitor the progress until the status changes to CREATE_COMPLETE. ui-aws-cloudformation-peering-complete

  9. Return to the HCP Portal and click Peering connections in the left navigation menu. The new peering connection is listed. ui-hcp-new-peering-connection

  10. Click Route table in the left navigation menu. In addition to creating, and accepting the peering connection, the automated process also handled route creation to allow traffic between your HCP HVN and AWS VPC. ui-hcp-route-table-aws-peering

    Note: You can delete all resources created by the CloudFormation template by deleting the stack in AWS. ui-aws-cloudformation-delete-stack

»Next steps

In this tutorial, you created a peering connection between a HashiCorp Cloud Platform (HCP) and an AWS VPC.

HVN Peering connections can also be created using the HashiCorp Cloud Platform Terraform Provider. The HCP Terraform Provider can be found in the Terraform registry.

We encourage you to visit other HCP Learn tutorials and continue to expand your learning.

stdin: is not a tty