continuousphp · chris-continuous · Apr 9, 2020
diff --git a/vpcPeering/peering-accepter-role.yml b/vpcPeering/peering-accepter-role.yml
@@ -0,0 +1,31 @@
+AWSTemplateFormatVersion: 2010-09-09
+Description: Create an assumable role for cross account VPC peering.
+
+Parameters:
+  PeerRequesterAccountId:
+    Type: String
+    Description: "Requester account id"
+
+Resources:
+  peerRole:
+    Type: 'AWS::IAM::Role'
+    Properties:
+      AssumeRolePolicyDocument:
+        Statement:
+          - Principal:
+              AWS: !Ref PeerRequesterAccountId
+            Action:
+              - 'sts:AssumeRole'
+            Effect: Allow
+      Path: /
+      Policies:
+        - PolicyName: root
+          PolicyDocument:
+            Version: 2012-10-17
+            Statement:
+              - Effect: Allow
+                Action: 'ec2:AcceptVpcPeeringConnection'
+                Resource: '*'
+Outputs:
+  RoleARN:
+    Value: !GetAtt peerRole.Arn
diff --git a/vpcPeering/vpc-peering.yml b/vpcPeering/vpc-peering.yml
@@ -0,0 +1,34 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: VPC Peering
+
+Parameters:
+  LocalVpcId:
+    Description: id vpc local.
+    Type: String 
+  IdPeerVpc:
+    Description: id vpc remote.
+    Type: String 
+  PeerOwnerId:
+    Description: vpc peer accounr id.
+    Type: String
+  PeerRoleArn:
+    Description: vpc peer accepter role arn.
+    Type: String
+  PeerRegion:
+    Description: vpc peer region code.
+    Type: String
+
+Resources:
+  VpcPeering:
+    Type: AWS::EC2::VPCPeeringConnection
+    Properties:
+      VpcId: !Ref LocalVpcId
+      PeerVpcId: !Ref IdPeerVpc
+      PeerOwnerId: !Ref PeerOwnerId
+      PeerRoleArn: !Ref PeerRoleArn
+      PeerRegion: !Ref PeerRegion
+
+Outputs:
+  VpcPeeringId:
+    Description: VPC Peering ID
+    Value: !Ref VpcPeering