> For the complete documentation index, see [llms.txt](https://upsolver.gitbook.io/content/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://upsolver.gitbook.io/content/how-to-guides-1/setup/deploy-upsolver-on-aws/vpc-peering-guide.md).
# VPC Peering Guide
This article provides a guide on the steps necessary to implement VPC peering in AWS.
In order to connect to other EC2 resources (e.g. Kafka, databases, etc.), you need to peer the VPC in which the resources are allocated and the private VPC created by the integration.
To peer the VPC, you need to:
1. [Create VPC peering](#create-the-vpc-peering)
2. [Alter the route tables](#alter-the-route-tables)
3. [Alter security groups](#alter-security-groups)
## Glossary
**Your VPC -** The VPC containing your resources that you want Upsolver to be able to connect to
**Upsolver Private VPC** - The VPC Upsolver is deployed in. By default this will be a new VPC created by the integration process for Upsolver.
## Create the VPC peering
1\. In the navigation pane, select **Peering Connections**.
2\. Click **Create Peering Connection** and fill in the form.
3\. Give the **peering connection name** a meaningful name (e.g. Upsolver to Kafka).
4\. Select **your VPC** as the **requester**.
5\. Select **Upsolver Private VPC** as the **accepter**.
6\. Submit the form and click **OK**.
7\. Right-click the new **VPC Peering Connection** and then click **Accept Request**.
Follow the on-screen instructions to accept the request.
## Alter the route tables
To enable the VPCs to access one another, it is necessary to alter the route tables in both VPCs.
It is important to identify the correct route tables to alter. A VPC has a default route table which acts as the routing table for any subnet in that VPC that has not been explicitly assigned a different routing table. As a result, you may not just edit the default rout table, you need to check which route tables are being used by the subnets.
### Identifying the correct routing tables to modify
1. In the navigation pane fill in the **Filter By VPC** text box: \
This will filter all the tabs on the left and allow us to easily find the routing tables we should modify.
2. Click on the **Subnets** tab.
3. Locate the subnets that are being used by Upsolver / your resources.
4. For each subnet, click on it and then click on **Route Table** to see the routing table associated with the subnet: \
5. Write down the routing tables you identify this way. These are the routing tables we will need to modify. Typically you will only have one per VPC to modify, but complex VPC setups may have more.
### Altering the route tables
1. In the navigation pane, click **Route Tables**.
2. For each route table you wrote down in the previous step
1. Locate and select your VPC’s **route table**.
2. In the details pane, click **Routes > Edit Routes**
3. Click **Add Route** and enter the details below:
| Field | Details |
| --------------- | -------------------------------------------------------- |
| **Destination** | Enter the **Upsolver VPC IPv4 CIDR**. |
| **Target** | Select **Peering connection** and choose the connection. |
4\. Submit the form and click **Close**.
5\. **Repeat** these steps, this time altering the route tables of the **Upsolver Private VPC** to include routing to your **destination VPC** (in step 2.3 fill in **your VPC IPv4 CIDR**.)
## Alter security groups
Now that the VPCs are peered, you need to alter the security groups of your instances to allow inbound and outbound connections from the Upsolver Private VPC.
1\. Navigate to [AWS EC2 Dashboard](https://console.aws.amazon.com/ec2/v2/).
2\. Ensure the **correct region** is selected in the navigation pane.
3\. Click **Instances** in the navigation pane.
4\. Locate your instances and **find** a suitable **security group** or **attach a new security group** to all of the instances accessible to Upsolver Private VPC.
5\. Navigate to the security group by **selecting** the **group** in the details pane.
6\. Click **Inbound > Edit**.
7\. Add a rule with the details below:
| Field | Details |
| --------------- | ----------------------------------------------------------------- |
| **Type** | All Traffic. |
| **Source** | Custom; enter **Upsolver Private VPC IPv4 CIDR** in the text box. |
| **Description** | Upsolver Private VPC. |
{% hint style="info" %}
If you know the specific ports that should be accessible to Upsolver Private VPC, you can customize the rule.
{% endhint %}
8\. If there is no shared security group between all the instances, **repeat** steps 5-7 **for all the security groups** **needed**.
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:
```
GET https://upsolver.gitbook.io/content/how-to-guides-1/setup/deploy-upsolver-on-aws/vpc-peering-guide.md?ask=&goal=
```
`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.