Explore Courses Blog Tutorials Interview Questions
0 votes
in AWS by (5.6k points)

I'm working with AWS, where I have two VPC, say VPC-A and VPC-B and I have VPC peering between the two VPCs. I want tp allow traffic from VPC-B's SecurityGroup to VPC-A's SecurityGroup, I did this with the following call


          ip_permissions: [


              from_port: "-1",

              ip_protocol: "-1",

              to_port: "-1",

              user_id_group_pairs: [


                  description: "Accept all traffic from SecurityGroupB",



                  vpc_peering_connection_id: peering_connection_id,






When I try to put the Security group B in the ingress of Security Group A, I'm getting an error:

Error: Error authorizing security group rule type ingress: InvalidGroup.NotFound: You have specified two resources that belong to different networks

What am I doing wrong? Any suggestion?

1 Answer

0 votes
by (12.4k points)

Security group rule can reference security groups in peered VPCs if these following conditions are met:

  • The VPCs must be in the same region.
  • The peering connection should be in the active state.
  • If the peered VPC is in another account, then the reference should include the account number as a prefix.

You can look at the below example of how Terraform resource would look:

resource "aws_security_group_rule" "example" {

  type                     = "ingress"

  from_port                = 0

  to_port                  = 65535

  protocol                 = "tcp"

  security_group_id        = "sg-123456"

  source_security_group_id = "sg-789012"


Do Check out the AWS Certification Course offered by Intellipaat.

Related questions

0 votes
1 answer

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes
1 answer
0 votes
1 answer
0 votes
1 answer
asked Mar 14, 2021 in AWS by devin (5.6k points)
0 votes
1 answer

Browse Categories