VPC peering and Deploying a Web Server using AWS CDK for Python

Felix Mulei
5 min readOct 26, 2023


I will be guiding you through the process of creating a Virtual Private Cloud (VPC), setting up VPC peering connection, and launching a web server within a VPC using AWS CDK for Python.

To get started will open an empty folder/directly and initialize an app using the following CDK command

I have attached a GitHub repository link at the bottom of the article for your reference.

cdk init app --language python

Once the files have been downloaded, activate the virtual environment. This is a good practice when working with Python to isolate and manage dependencies for different projects. I’m working on windows thus I will run the following command.


Now on the folder structure on the left look for the folder that has a similar name as the folder you working in. Expand and open the with the name similar to the folder.

As you can see we missing some modules and thus we need to install them. Run the following command.

pip install -r requirements.txt

Once done, now lets start creating our resources. We will be starting with the VPC. For this to happen we need to import the ec2 construct library.

from aws_cdk import aws_ec2 as ec2

Now we can start to use to create our resources. Just heads up, I usually use the cdk.json file to save my parameters to make my work neat and easy to make changes. Additional I use this files to customize my environment when doing multi-environment deployment. Here is a snapshot of what i have added.

Below is the VPC creation code. We will be creating a VPC with 2 public subnets and 2 private subnets. We will not create a NAT gateway as the private subnet doesn’t need access to the internet, We will utilize VPC peering to test access from the default VPC.

Additionally, we will now import the default VPC from our AWS account on the region we working in to our stack for the purpose of VPC peering

After importing the default VPC, now its time to establish a VPC peering connection from the custom VPC to the default VPC and the Modify the Route table to add the peering routes.

Peering Connection and modifying of the route tables

The last step would be to launch two EC2 instance; One in the default VPC Public Subnet and the other in the Private Subnet of the Custom VPC.

Private Instance in the custom VPC

For the Instance In the Public subnet, we will install a webserver. Here are the commands.

User data

For the instance in the public subnet, we will import the user data and then create the instance. This instance has a key pair as we will need to shh to test connection to the private instance.

Public Instance

Now that we are done creating the instance, we need to open ports 22 and 80 for the public instance and ICMP for the private instance because of ping.

Allowing Traffic

Lasty, we will get the private IP address of our private instance and the Public instance when the creation is done using the following block of code

Export the IP addresses of the instance to the console

Now that we are done, we can check if check if everything is Okay by running

cdk ls

Everything seems to be working well. Its time to deploy by running

cdk deploy

The resource creation is done. Lets test the webserver.

The web serving is working as expected.

Shh to the public instance is also working.

Lastly pinging the private instance from the webserver is also working.

Here is the ec2 instance console

Lastly here is the route table of the private subnet

Link to GitHub repository.

Thank you for your time