Posts

VMware Cloud on AWS VPN BGP Route filtering

Image
Gilles Chekroun
 Lead VMware Cloud on AWS Solutions Architect --- Building a Route Based VPN with VMware Cloud on AWS is simple. There are multiple descriptions in this blog using APIs here and PowerCLI here . Today I want to highlight a very common request to filter BGP routes incoming and/or outgoing on a Route Based VPN tunnel. To do that, I will simply use an AWS Transit Gateway as the other end of the VPN tunnel. Initial Setup SDDC Side On the SDDC side I have a few Networks: Management at 10.10.0.0/23 NSX Segments 11.11.11.0/24 12.12.12.0/24 13.13.13.0/24 192.168.1.0/24 TGW Side On the TGW side I just added 2 static routes that will be propagated to the SDDC 22.22.0.0/24 33.33.0.0/24 SDDC Routes Visibility Note that when

Using VMware Cloud on AWS SDDC-Group APIs (Part 4)

Image
Gilles Chekroun
 Lead VMware Cloud on AWS Solutions Architect --- Following the  Part1 ,    Part2  and Part3 I am adding now more description and use of SDDC Grouping APIs. In this article, I will focus on: Add/Remove Direct Connect Gateway Association Detailed SDDC Group info Static vTGW routes for VPCs Add Direct Connect Gateway Association On AWS Console, create a DX Gateway and note the DXGW ID for the config.ini parameters The SDDC Grouping API for DXGW Association is: A code example would be: def attach_dxgw ( routes , resource_id , org_id , dxgw_owner , dxgw_id , region , session_token ): myHeader = { 'csp-auth-token' : session_token} myURL = " {} /network/ {} /aws/operations" .format(BaseURL, org_id) body = { "type" : &q

Using VMware Cloud on AWS SDDC-Group APIs (Part 3)

Image
Gilles Chekroun
 Lead VMware Cloud on AWS Solutions Architect --- Following the  Part1  and Part2 I am adding more description and use of SDDC Grouping APIs. In this article, I will focus on: Adding / removing AWS account Accepting / removing Customer VPC attachments Adding Customer AWS account The API to use for that is: def connect_aws_account ( account , region , resource_id , org_id , session_token ): myHeader = { 'csp-auth-token' : session_token} myURL = " {} /network/ {} /aws/operations" .format(BaseURL, org_id) body = { "type" : "ADD_EXTERNAL_ACCOUNT" , "resource_id" : resource_id, "resource_type" : "network-connectivity-config" , "config" : { "type" : "AwsAddExternalAccountConfig" , "account" : {