I have 2 AWS accounts -- we'll call them AWSDev and AWSProd. I also have 2 MongoDB Atlas clusters under a single MongoDB account. I set up a Peer Connection for AWSProd's default VPC and added an entry into the AWSProd Route Table. Works great.
Now I'm setting up the peer connection for AWSDev's default VPC. The peer connection appears to be active, but my Lambda function is unable to connect.
I'm thinking that maybe the issue is that both my AWS VPCs run on the same CIDR block. See the green highlight in the following image:
Is this a problem? Will this mean MongoDB Atlas can only communicate with the first one because it's own routing tables can't differentiate between them?
Other things I've done to diagnose:
- I ensured the lambda is set up for my default VPC by setting it to run on my VPC's subnets and under the security group.
- I verified the mongodb connection string is correct including the user and password.
I'm thinking about creating a new VPC in my AWSDev account and redeploying things to there to see if that resolves it. Any other ideas?
CodePudding user response:
VPC Peering cannot use CIDR blocks which overlap:
https://docs.aws.amazon.com/vpc/latest/peering/create-vpc-peering-connection.html
It's also not possible to change or modify the IP address range of an existing virtual private cloud (VPC) or subnet. However, you can do one of the following:
- Add an additional IPv4 CIDR block as a secondary CIDR to your VPC. https://docs.aws.amazon.com/vpc/latest/userguide/working-with-vpcs.html#add-ipv4-cidr
-or-
- Create a new VPC with your preferred CIDR block and then migrate the resources from your old VPC to the new VPC (if applicable). https://docs.aws.amazon.com/vpc/latest/userguide/working-with-vpcs.html#Create-VPC