Search code examples

VPC Peering in 2 different account via Terraform

I try to set up a vpc peering connection between 2 VPC in Singapore region in 2 different AWS accounts. I followed the terraform document on "vpc_peering_connection" and "vpc_peering_connection_accepter" on the official website. So this is my code and failure:


resource "aws_vpc_peering_connection" "requester" {
   provider = aws.anhvq
   vpc_id = module.vpc.vpc_id
   peer_owner_id = "aws account id of accepter"
   # peer_region = "ap-southeast-1"
   peer_vpc_id = "vpc id of accepter"
   auto_accept = false

   tags = local.tags
   accepter {
   allow_remote_vpc_dns_resolution = true
   requester {
   allow_remote_vpc_dns_resolution = true

When I run terraform plan nothing fails. when run terraform apply, I receive this failure:

│ Error: Unable to modify peering options. The VPC Peering Connection "pcx-0e625f0fd4ef93696" is not active. 
Please set `auto_accept` attribute to `true`, or activate VPC Peering Connection manually. 
│   with aws_vpc_peering_connection.requester,
│   on line 49, in resource "aws_vpc_peering_connection" "requester":
│   49: resource "aws_vpc_peering_connection" "requester" {

But the VPC Peering connection is still created and I got the VPC Peering ID


resource "aws_vpc_peering_connection_accepter" "accepter" {
    provider = aws.lamnx
    vpc_peering_connection_id = "pcx-0e625f0fd4ef93696"
    auto_accept = true
    accepter {
    allow_remote_vpc_dns_resolution = true

Result: terraform plan and terraform apply is done.

  • The status of VPC peering in both Accounts is active. But when I run terraform apply again in Requester, the VPC peering was destroyed and replaced.


  • I resolve myself. I read an issue on GitHub same as my issue. So I want to share with everybody how to fix it. The reason is:

    • Terraform not support enabling DNS resolve with vpc peering different accounts. It only supports with vpc peering in one account.
    • I fix it by using resource "aws_vpc_peering_connection_options". This is my worked code:
    resource "aws_vpc_peering_connection" "requester" {
        provider = aws.anhvq
        vpc_id = module.vpc.vpc_id
        peer_owner_id = "aws account id of accepter"
        # peer_region = "ap-southeast-1"
        peer_vpc_id = "vpc id of accepter"
        auto_accept = false
        tags = local.tags
    resource "aws_vpc_peering_connection_accepter" "accepter" {
        provider = aws.lamnx
        vpc_peering_connection_id = "${}"
        auto_accept = true
        tags = local.tags
    resource "aws_vpc_peering_connection_options" "requester" {
        provider = aws.anhvq
      vpc_peering_connection_id = "${}"
      requester {
        allow_remote_vpc_dns_resolution = true
    resource "aws_vpc_peering_connection_options" "accepter" {
      provider = aws.lamnx
      vpc_peering_connection_id = "${}"
      accepter {
        allow_remote_vpc_dns_resolution = true