To connect to an AWS public endpoints for Amazon Simple Storage Service (Amazon S3) with dedicated network performance, use a public virtual interface.

Note: When you create a public virtual interface, it can take up to 72 hours for AWS to review and approve your request. For more information, please refer to the AWS documentation.


To connect to AWS, you must have:

  • A Pureport account with permissions to create Networks and Connections.
  • Access to your AWS account(s) via the AWS console.
    Note: If you are using an IAM account or role, ensure you have the necessary permissions granted.
  • Your AWS account number. To locate your AWS account ID:
    1.  Log in to your AWS Management Console Support Center (
    2.  Your AWS account number is located at the top of the page.

Create an AWS DirectConnect connection in the Pureport Console

To create a new connection:

  1. Login to the Pureport Console using an account with an appropriate Role.
    At a minimum you will need the Create and Update permissions for Networks. For more information on Roles, see the Accounts, Members and Roles article.

  2. In the left navigation bar, select the Networks tab.
  3. On the Networks screen, select the network to add the connection to AWS.
    Note: To create a new network for this connection, see the Creating a Network article.

  4. Select Add Connection... at the top-right of the console, or click a location on the network map.

  5. In the Type drop-down list, select AWS Direct Connect as the connection type, then click Next.
  6. Next, select the Pureport location you want to connect from:
  7. Select the AWS region you would want to connect to, and click Next. Note that only AWS Regions that are directly accessible from the Pureport POP you selected are available. This is typically limited to a single AWS region.
    Be aware that the Public VIF gives you access to AWS Public-facing services throughout the geopolitical region (eg: North America).
  8. Select a Peering Type. For connectivity to AWS Public services, choose the Public option.
  9. Select the Speed & Availability of the connection. Note that Pureport's connection SLAs only apply to when HA is selected.
  10. Enter your AWS Account ID, and click Next.
  11. In the Public Cloud Services section, choose the AWS Public Services you wish to peer with.
  12. Enter a meaningful Name and Description, then click Add Connection.
  13. After saving the Connection, the system displays the Primary and Secondary Gateway information:connection.
  14. You will need the following information from the Primary and Secondary Gateways in the new connection (you can use the copy icon to the right of each item to ensure an exact copy to the clipboard) in order to complete the peering in the AWS console:
    • Peering Subnet 
    • Pureport IP
    • Pureport ASN
    • Remote IP
    • BGP Password

Accept the Hosted Connection in the AWS Console

After creating the new Connection, use this procedure to accept the Connection in the AWS Console. See "Accepting a Hosted Connection" in the AWS Direct Connect User Guide for details. 

  1. In the Purport Console, you will be presented with a Post-Configuration screen with details about the connection next steps once the connection to AWS has been provisioned.

  2. To Accept each of the connections, Click on the "Via the AWS Console" drop box (Via the AWS CLI can also be used if you are leveraging the CLI to manage your cloud environment.  This option will produce the CLI command to accept each of the provisioned connections).

  3. Click on each of the Blue boxes, a new window will open to AWS directly to the associated connection with all values pre-populated.  Simply click accept in the AWS screen to accept the connection and close the new window.

  4. Repeat steps 2 & 3 to accept the second connection.  Optionally, if you do not wish to leverage the links through the Pureport console, the following steps can be taken via the AWS console to complete the acceptance.

  5. Once the connections have been Accepted. Click Next to start creating the Virtual Interface.

Note:  The following steps are only needed if not using the Connection Acceptance steps via the Pureport console as mentioned above (Otherwise skip to "Create a Public Virtual Interface").

  1. Open the AWS Direct Connect console at
    If necessary, change the Region in the navigation bar.

  2. In the navigation pane, choose Connections.

  3. On the Connections page are the two connections you created: Primary and Secondary. These connections are named the same as the connections you created in the Pureport Console. Both in the ordering state.
    Note: If you are not using an HA connection, there is only a Primary connection.

  4. Select the Primary hosted connection and choose Accept.
  5. Select Confirm in the confirmation window.

Repeat steps 4 and 5 for the Secondary connection.

Create a Public Virtual Interface

  1. Now that the connections have been created, you will be presented with the steps to create your Public Virtual Interfaces for your new connections in the Pureport Console.

  2. Expand the "Via the AWS Console" drop down box and click on each of the buttons to create your Virtual Interface. This will open a new window with the AWS console pre-populated with the necessary settings to create your virtual interface.

  3. Review the settings in the AWS console and click "create virtual interface".  You may need to scroll to the top of the AWS console for a successful creation notice.

    Note:  It can take up to five minutes for the connection acceptance to process in AWS.  If you receive an error at this point, ensure that enough time has elapsed for the connection acceptance to be processed.

  4. Repeat steps 3 & 4 to create a VIF for the secondary connection.
  5. Your newly created VIF(s) will transition into a Verification state once it has been created.  During this time AWS will need to validate and approve the connection.  This process can take up to 72 hours to complete.

If you do not wish to leverage the above steps, your connection can be manually created in the AWS console by following the below steps. 

The following steps can be skipped (go to the VIF Verification section) if you have already completed the VIF creation above.

  1. Open the AWS Direct Connect console at

  2. In the navigation pane, choose Connections.

  3. Select the Primary connection and choose Create Virtual Interface. The Create a Virtual Interface page appears.

  4. At the top of the page, select Public.

  5. In the Public Virtual Interface settings area:

    • Virtual Interface Name: Enter a name for the virtual interface.

    • Virtual Interface Owner: Select My AWS Account if the virtual interface is for your AWS account.

  6. In the VLAN area the value is already populate, do not change this:

    • VLAN: The ID is automatically set to match the Gateway VLAN in the Pureport Console and SHOULD NOT be changed.

  7. In the BGP area:

  8. In the Address Family area:
    • Address family: Select IPv4. Pureport only supports IPv4 at this time.

    • Your router peer IP: Enter the value of the Pureport IP in CIDR format from Creating a Connection.

    • Amazon router peer IP: Enter the value of the Amazon IP in CIDR format from Creating a Connection.

    • Prefixes you want to advertise: Enter the value of the Peering Subnet in CIDR format from Creating a Connection.

  9. Expand the Additional Settings area:
  10. Select Continue.

Repeat this process for the Secondary connection.

VIF Verification

Once complete, AWS will verify the VIFs. As noted above, this process can take up to 72 hours. Your VIFs will show a status of "Verifying:"