Creating a Local Peering Gateway
Create a local peering gateway (LPG) that instances, load balancers, and other resources can use to connect to resources in other virtual cloud networks (VCNs) in the same Oracle Cloud Infrastructure (OCI) region.
LPGs require a specific IAM policy setting. After you create an LPG, you must establish a connection to another LPG, and configure routing rules and security settings before the VCN can connect to resources in another VCN.
The administrator of each VCN that you're trying to peer with creates an LPG for their own VCN. "You" in the following procedure means an administrator (either the acceptor or requestor).
Required IAM Policy to Create LPGs
If both administrators already have broad network administrator permissions (see Let network admins manage a cloud network), then they have permission to create, update, and delete LPGs. Otherwise, here's an example policy giving the necessary permissions to a group called LPGAdmins
. The second statement is required because creating an LPG affects the VCN that it belongs to, so the administrator must have permission to manage VCNs.
Allow group LPGAdmins to manage local-peering-gateways in tenancy
Allow group LPGAdmins to manage vcns in tenancy
Use the network local-peering-gateway create command and required parameters to create an LPG:
oci network local-peering-gateway create --compartment-id ocid --vcn-id ocid ... [OPTIONS]
For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the CreateLocalPeeringGateway operation to create a local peering gateway.