You can edit the auto-created forwarding policies or add new ones.

For example, to use services provided by the public cloud, such as S3 by AWS, you can manually create a policy to allow a set of IP addresses to access this service by being routed through underlay.

Prerequisites

You must have a VPC or VNet with a PCG deployed on it.

Procedure

  1. Click Add Section. Name the section appropriately, for example, AWS Services.
  2. Select the check box next to the section and click Add Rule. Name the rule, for example, S3 Rules.
  3. In the Sources tab, select the VPC or VNet where you have the workload VMs to which you want to provide the service access, for example, the AWS VPC. You can also create a Group here to include multiple VMs matching one or more criteria.
  4. In the Destinations tab, select the VPC or VNet where the service is hosted, for example, a Group that contains the IP address of the S3 service in AWS.
  5. In the Services tab, select the service from the drop-down menu. If the service does not exist, you can add it. You can also leave the selection to Any because you can provide the routing details under Destinations.
  6. In the Action tab, select how you want the routing to work, for example, select Route to Underlay if setting up this policy for the AWS S3 service.
  7. Click Publish to finish setting up the Forwarding Policy.