Is possible to set up the BGP pass on a S2S VPN connection


Hi all, I want to set up a S2S VPN connection using dynamic routing between on-prem and AWS environment. But on-prem engineers are telling me to set up a BGP password on this VPN in AWS side. Is possible to set up a BGP password in AWS side? As I didn't found anything about BGP password on S2S VPN documentation and in console as well, didn't found the field for BGP password. I know that on a Direct Connect is possible to set up a BGP password. I'm only asking is for a S2S VPN is possible as well? Thank you, Valentin.

1 Answer
Accepted Answer

No, that's not possible today. Please get in touch with your local AWS account team so that we can add this as a feature request.

Also: What's the requirement for having a password on the BGP session? The BGP session can only be established within the VPN tunnel which is already authenticated and encrypted so adding a password for BGP doesn't increase the level of security.

profile pictureAWS
answered 2 years ago
  • Thank you Brettski for the fast reply on my question. That was my assumption as well, it's great to have a confirmation :). In my opinion the requirement is purely due to following some guidelines too strictly. Most of them applied on on-prem configuration. Have a great day! Valentin

  • Hello. I'm also reviewing the requirement to set a BGP password as part of the creation of a Site to Site VPN. Is anyone able to confirm since last year whether this feature is not yet available? The CLI docs and service pages seem to suggest not, but it's always good to ask! Many Thanks!

  • The answer is still valid; please reach out to your account team so that we can understand your use case.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions