If your workload VMs need access to AWS EC2 instances and services such as S3 over a DX connection, configure a public virtual interface for that traffic in your VPC.
In typical configurations, traffic between your on-premises data center and your SDDC flows over a private VIF. When you need to access AWS services from your SDDC, use direct connect with a public VIF. You can configure AWS security groups to manage traffic between AWS services and VMs in your SDDC.
- Ensure that you meet the prerequisites for virtual interfaces as described in Prerequisites for Virtual Interfaces.
- Log in to the AWS Console. and complete the steps for creating a hosted public virtual interface under Create a Hosted Virtual Interface.
When the interface has been created, the AWS console reports that it is ready for acceptance.
- In the Interface Owner field, select My AWS Account.
- Specify Your router peer IP and Amazon router peer IP.
- Select Auto-generate BGP key and list any on-premises routes that you want advertised on the AWS backbone in Prefixes you want to advertise.
- In the VMC Console, select and accept the virtual interface by clicking ATTACH.