How to put VPC attachment of core network into appliance mode when using AWS Cloud WAN
About AWS CloudWAN. I cannot figure out how to put VPC attachment of core network into appliance mode. If i want to do inspection for either ingress or east-west traffic, i would need that to make traffic symmetric.
Icon is transit gateway but for this discussion, it should be considered as Core Network Edge with transit gateway, i'd set the bottom VPC attachment into Appliance mode. inspection depicted here is AWS network firewall but it's also just to show the question. It might be gwlb with NVA or just NVAs.
Hi Fabio,
The TGW Appliance mode is applied to a specific 'Attachment ID'. Using CloudShell (currently this can only be enabled via CLI and not GUI) you can use below command to enable it for the VPC attachment that connects to the Inspection VPC.
Example command:
aws ec2 modify-transit-gateway-vpc-attachment --transit-gateway-attachment-id tgw-attach-xxxxX12345 --options ApplianceModeSupport=enable
Refer: https://docs.aws.amazon.com/cli/latest/reference/ec2/modify-transit-gateway-vpc-attachment.html
Please note: CloudWAN does not natively support Appliance mode (yet)
Relevant content
- asked 8 months ago
- Accepted Answerasked 3 years ago
- Accepted Answerasked 6 months ago
- asked 3 months ago
AWS OFFICIALUpdated 7 months ago- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 8 months ago