The answer to this question is Yes, even if CGW has Policy based implementation, the AWS side (VGW or TGW) will still have 2 Tunnels as well as the Tunnel Outside IPs (169.254.x.x/30) that is because AWS Site-Site VPN is a Route based VPN implementation.
Will those tunnel IP's will still be generated on AWS side, even though remote is configured just for policy based ?
That being said, if your CGW only supports Policy based VPN you can still implement it and it will work; the only issue being only 1 SA (Security Association) will be supported so that would mean 1 single Policy. This is described in this KC article.
If however your CGW does supports Route based VPN then it is recommended to use Route based instead of Policy based VPN, with this you will not run into SA limitation, you can choose to use Static or BGP based VPN.
Hello, As mentioned in the documentation below, AWS Site-Site VPN is a Route based VPN solution. So to put it in simple words, AWS Site-Site VPN does NOT support multiple policies and hence is not a policy based solution. If you are using a policy-based configuration, you must limit your configuration to a single security association (SA). Static and Dynamic are routing options depending on whether or not, your CGW device supports BGP or not. It is always recommended to use Dynamic routing with BGP. Hope this helps clear out your confusion.
Policy Based Site to Site VPN-VGWAccepted Answerasked 2 months ago
AWS Site to site vpn connection with synology NASasked 6 months ago
Site to Site VPN Issueasked 6 months ago
Why VPC with a "public subnet only and AWS Site-to-Site VPN access" cannot be configured?Accepted Answerasked 2 months ago
AWS Site-to-Site VPN ping working, TCP notasked 3 months ago
AWS S2S VPN - Policy based Vs Route based implementationAccepted Answerasked 2 months ago
Policy based VPN in AWSAccepted Answerasked 5 years ago
Site to Site VPN Issueasked 3 months ago
Terminate each Site-to-Site VPN Tunnels to Multiple Customer GatewaysAccepted Answerasked 2 years ago
Site-to-Site - Status pendingasked 3 months ago