DataEngPrep.tech

JavaScript is required to use this application. Please enable JavaScript in your browser settings or disable any extensions that may be blocking scripts.

How would you implement VPC peering between two AWS accounts?

Cloud/Toolshard0.8 min read

**Why VPC Peering**: Direct private connectivity without traversing the public internet—lower latency, no egress charges for cross-account traffic within the same region. **Architecture**: (1) In Account A, create a peering connection request to Account B using peer account ID...

🤖 Analyze Your Answer

Frequency

Low

Asked at 1 company

Why This Question Matters

This hard-level Cloud/Tools question appears frequently in data engineering interviews at companies like Persistent Systems. While less common, it tests deeper understanding that distinguishes strong candidates.

How to Approach This

This is a senior-level question that tests architectural thinking. Lead with the high-level design, then drill into specifics. Discuss trade-offs explicitly - there is rarely one correct answer. Show awareness of scale, fault tolerance, and operational complexity.

Expert Answer

160 words

Why VPC Peering: Direct private connectivity without traversing the public internet—lower latency, no egress charges for cross-account traffic within the same region. Architecture: (1) In Account A, create a peering connection request to Account B using peer account ID and VPC ID. (2) Account B accepts. (3) Update route tables in both VPCs—add routes to peer CIDR via pcx-xxx. (4) Update security groups to allow peer CIDR. (5) Ensure no overlapping CIDR blocks—transitive peering is not supported. Scalability trade-off: Peering is non-transitive; with N VPCs you need N*(N-1)/2 peering connections—a 10-VPC mesh = 45 connections. Beyond ~20 VPCs, Transit Gateway is the right pattern. Cost: Same-region peering has no data transfer charge; cross-region peering incurs $0.02/GB (both sides). At 10TB/month cross-region, that's $400+—Transit Gateway may be cheaper for complex topologies. Implementation: Terraform/CloudFormation for repeatability. Enable DNS resolution in peering for private hosted zones. Use separate route tables per subnet if you need to restrict which traffic goes peer vs. internet.

Want feedback on your answer?

Paste your answer to this question and our AI Coach scores it, finds gaps, and shows you the FAANG-level version.

Try Answer Analyzer →

Want all answers as a PDF for offline study?

1,863 questions across 7 categories — Interview Packs →

Free: Top 20 SQL Interview Questions (PDF)

Get the most asked SQL questions with expert answers. Instant download.

No spam. Unsubscribe anytime.

Related Cloud/Tools Questions

easyWhat are Airflow Operators? Give examples.Free easyExplain the difference between Azure Data Factory (ADF) and Databricks.Free easyHow do you handle data security and compliance in a cloud environment?Free hardWhat are the key components of AWS Glue, and how do they work together?Free easyWhat is Azure Data Factory (ADF), and what are its main components?Free

Companies that ask this Cloud/Tools question

Persistent Systems interview questions →

Want to know if YOUR answer is good enough?

Paste your answer and get instant AI feedback with a FAANG-level improved version.

Analyze My Answer — Free

According to DataEngPrep.tech, this is one of the most frequently asked Cloud/Tools interview questions, reported at 1 company. DataEngPrep.tech maintains a curated database of 1,863+ real data engineering interview questions across 7 categories, verified by industry professionals.

← Back to all questions More Cloud/Tools questions →