Configure a Confluent Cloud network peering connection for AWS

Follow this procedure to configure Confluent Cloud network peering for a cluster in AWS.

Prerequisite
A Dedicated Kafka cluster in AWS with VPC Peering enabled. The cluster must be provisioned in its own network and provide a CIDR for Confluent Cloud. For more information about how to create a dedicated cluster, see Create a Cluster in Confluent Cloud.
  1. Navigate to the Cluster Settings page, click the Networking tab, and click Add Peering.

  2. Provide the AWS Account number, AWS VPC ID, and AWS VPC CIDR for your peering connection and click Save. Your peering connection status will transition from “Pending” to “Inactive” in the Confluent Cloud UI.

    AWS Account Number

    AWS Account ID of the peer VPC owner.

    AWS VPC ID

    Unique identifier of the peer VPC. Must start with vpc-.

    AWS VPC CIDR

    AWS VPC CIDR block or subset. This must not overlap with your Confluent Cloud CIDR block or any other network peering connection VPC CIDR.

    The RFC 6598 shared address space is supported on AWS.

    For AWS, the CIDR block must be in one of the following supported private networks:

    • 10.0.0.0/8
    • 100.64.0.0/10
    • 172.16.0.0/12
    • 192.168.0.0/16
    • 198.18.0.0/15

    For AWS, the following CIDR blocks are denied:

    • 10.100.0.0/16
    • 10.255.0.0/16
    • 172.17.0.0/16
    • 172.20.0.0/16
  3. When the connection status is “Inactive” in the Confluent Cloud UI, navigate to the Amazon VPC Console and accept the peering request. You have seven days to accept the request before it expires. For more information on accepting peering connections, see the AWS documentation.

    Tip

    If your request has expired, contact Confluent to resend the request. After you have accepted the peering request, the status of the peering connection will change to “Active”.

  4. Add the new peering connection to the route table for your VPC in the AWS Management Console. For more information about updating route tables, see the AWS documentation.

    1. Navigate to the Amazon VPC Console and click Route Tables.
    2. Select the route table for your VPC and click Edit routes.
    3. Click Add route.
    4. Add the Confluent Cloud VPC CIDR blocks to the Destination column. You can find the Confluent Cloud VPC CIDR blocks in the Cluster Settings page in the Networking tab.
    5. Add the AWS Peering Connection ID to the Target column. This value is prefixed with pcx-.
    6. Click Save routes.

    When you are done, the VPC peering status should display “Active” in the Confluent Cloud UI.