You can configure a public virtual interface to provide your workload VMs with access to AWS EC2 instances and services such as S3 without having to route that traffic over the Internet.
In typical configurations, traffic between your on-premises data center and your SDDC flows over a private VIF. When you need to access AWS services from your SDDC, use direct connect with a public VIF. You can configure AWS security groups to manage traffic between AWS services and VMs in your SDDC.
- Ensure that you meet the prerequisites for virtual interfaces as described in Prerequisites for Virtual Interfaces.
- Log in to the AWS Console. and complete the steps for creating a hosted public virtual interface under Create a Hosted Virtual Interface.
When the interface has been created, the AWS console reports that it is ready for acceptance.
- In the Interface Owner field, select My AWS Account.
- Specify Your router peer IP and Amazon router peer IP.
- Select Auto-generate BGP key and list any on-premises routes that you want advertised on the AWS backbone in Prefixes you want to advertise.
- In the VMC Console, select and accept the virtual interface by clicking ATTACH.