# AWS VPC Peering Connection

This video provides a brief walkthrough of how to create a VPC peering connection between EMQX Cloud and your AWS VPC. You can follow the video for a visual overview or refer to the step-by-step instructions below for detailed configuration.

<!-- <LazyIframeVideo vendor="youtube" src="https://www.youtube.com/embed/ajnLBS3LLKY/?autoplay=1&null" /> -->

## Create a VPC Peering Connection

1. Log in to the [EMQX Cloud Console](<https://cloud-intl.emqx.com/console>) and enter your deployment.

2. Click **Network Management** from the left menu. In the **VPC Peering Connection** area, click the **+ VPC Peering Connection** button.

3. Record the following information on the pop-up dialog for future use, and leave the dialog box open.

   - **Region of Deployment**
   - **VPC ID of Deployment**
   - **CIDR of Deployment**
   - **Account ID of EMQX Cloud**

   ![create-vpc1](./_assets/aws_vpc_peering.png)

4. Log in to the Amazon Web Services console, and switch to the "Region of Deployment" that is recorded in the previous step. 

5. Go to **Networking & Content Delivery** -> **VPC** -> **Peering Connection**, and click the **Create Peering Connection** button.

   * Select `Another account` for **Account**.
   * Enter the **Account ID** with the `Account ID of EMQX Cloud` recorded before.
   * Select `This region(us-east-1)` for **Region**.
   * Enter the **VPC (Accepter)** with the `VPC ID of deployment` recorded before.

   ![aws-vpc-request](./_assets/aws-vpc-request.png)

   After you complete the settings, click **Create Peering Connection**.

6. Once created, you will see a VPC peering entry listed. Record the information in **Requester VPC owner**, **Requester VPC ID** and **VPC Peering Connection** at the bottom of the page for future use.

   ![aws-vpc1](./_assets/aws-vpc1.png)

7. Return to the [EMQX Cloud Console](<https://cloud-intl.emqx.com/console>), complete the rest of the VPC Peering Connection settings with the information recorded from the AWS console, and click the **Confirm** button.

   * **Peering ID**: Enter the information in the **VPC Peering Connection** in the AWS console.
   * **VPC ID**: Enter the information in **Requester VPC ID** in the AWS console.

   ![create-vpc2](./_assets/aws_vpc_peering_info.png)

8. Return to the Amazon Web Services console, go to `Networking & Content Delivery` -> `VPC` -> `Route Tables`, and add the `CIDR of deployment` recorded in step 1 to the route table of the corresponding VPC.

   ![route-tables](./_assets/route-tables.png)

9. Go to `Networking & Content Delivery` -> `VPC` -> `Security Groups`,configure the security group bound to the corresponding VPC, edit inbound rules and add a rule.

   ![security-groups](./_assets/security-groups.png)

## Delete a VPC Peering Connection

To delete a peering connection, you need to ensure that the status of the VPC peering connection is **Running**.

::: tip

Before deleting the peering connection, make sure that there are no associated resources in the deployment; otherwise, there will be unpredictable risks.

:::

1. Go to the VPC Peering Connection area on the Network Management page in your deployment.

   ![vpc-list](./_assets/aws_vpc_peeing_status.png)

2. Click the "delete" icon in the **Actions** column of the peering connection.

   ![vpc-delete](./_assets/aws_vpc_peering_delete.png)