To connect to an AWS public endpoints for Amazon Simple Storage Service (Amazon S3) with dedicated network performance, use a public virtual interface.


Note: When you create a public virtual interface, it can take up to 72 hours for AWS to review and approve your request. For more information, please refer to the AWS documentation.



Prerequisites

To connect to AWS, you must have:

  • A Pureport account with permissions to create Networks and Connections.
  • Access to your AWS account(s) via the AWS console.
    Note: If you are using an IAM account or role, ensure you have the necessary permissions granted.
  • Your AWS account number. To locate your AWS account ID:
    1.  Log in to your AWS Management Console Support Center (https://console.aws.amazon.com/support).
    2.  Your AWS account number is located at the top of the page.



Create an AWS DirectConnect connection in the Pureport Console

To create a new connection:

  1. Login to the Pureport Console using an account with an appropriate Role.
    At a minimum you will need the Create and Update permissions for Networks. For more information on Roles, see the Accounts, Members and Roles article.  

  2. In the left navigation bar, select the Networks tab.
     
  3. On the Networks screen, select the network to add the connection to AWS.
    Note: To create a new network for this connection, see the Creating a Network article.

  4. Select Add Connection... at the top-right of the console, or  click a location on the network map.

  5. In the New Connection window, select AWS Direct Connect as the connection type, then click Next.

  6. Select the AWS Cloud Region for the connection, then click Next.

  7. Select the Pureport location you would like this connection to be created, and click Next. Note that only Pureport locations with direct access to the chose AWS Region will be able to be selected.

  8. Choose Public as the peering type.

  9. Select the Speed of the connection. Please note that only the 50Mbps bandwidth tier has a non-HA option. This option should only be selected if you do not require high availability or an SLA on the service (development project, etc).
  10. Enter your AWS Account ID, and click Next.

  11. In the Public Cloud Services section, choose the AWS Public Services you wish to peer with.

  12. Enter a meaningful Name and Description, then click Add Connection.

  13. After saving the Connection, the system displays the Primary and Secondary Gateway information:connection.
  14. You will need the following information from the Primary and Secondary Gateways in the new connection (you can use the copy icon to the right of each item to ensure an exact copy to the clipboard) in order to complete the peering in the AWS console:
    • Peering Subnet 
    • Pureport IP
    • Pureport ASN
    • Remote IP
    • BGP Password


Accept the Hosted Connection in the AWS Console

After creating the new Connection, use this procedure to accept the Connection in the AWS Console. See "Accepting a Hosted Connection" in the AWS Direct Connect User Guide for details. 

  1. Open the AWS Direct Connect console at https://console.aws.amazon.com/directconnect/v2/home.
    If necessary, change the Region in the navigation bar.

  2. In the navigation pane, choose Connections.


  3. On the Connections page are the two connections you created: Primary and Secondary. These connections are named the same as the connections you created in the Pureport Console. Both in the ordering state.
    Note: If you are not using an HA connection, there is only a Primary connection.

  4. Select the Primary hosted connection and choose Accept.
  5. Select Confirm in the confirmation window.


Repeat steps 4 and 5 for the Secondary connection.



Create a Public Virtual Interface

  1. Open the AWS Direct Connect console at https://console.aws.amazon.com/directconnect/v2/home.

  2. In the navigation pane, choose Connections.

  3. Select the Primary connection and choose Create Virtual Interface. The Create a Virtual Interface page appears.

  4. At the top of the page, select Public.

  5. In the Public Virtual Interface settings area:

    • Virtual Interface Name: Enter a name for the virtual interface.

    • Virtual Interface Owner: Select My AWS Account if the virtual interface is for your AWS account.

  6. In the VLAN area the value is already populate, do not change this:

    • VLAN: The ID is automatically set to match the Gateway VLAN in the Pureport Console and SHOULD NOT be changed.

  7. In the BGP area:

  8. In the Address Family area:
    • Address family: Select IPv4. Pureport only supports IPv4 at this time.

    • Your router peer IP: Enter the value of the Pureport IP in CIDR format from Creating a Connection.

    • Amazon router peer IP: Enter the value of the Amazon IP in CIDR format from Creating a Connection.

    • Prefixes you want to advertise: Enter the value of the Peering Subnet in CIDR format from Creating a Connection.

  9. Expand the Additional Settings area:
  10. Select Continue.

Repeat this process for the Secondary connection.


Once complete, AWS will verify the VIFs. As noted above, this process can take up to 72 hours. Your VIFs will show a status of "Verifying:"