CloudWiki
Resource
Detect, troubleshoot & optimize AWS environments in real-time ->

Amazon Web Service (AWS)

Direct Connect

Network
Direct Connect is a network service hat enables secure, dedicated network connections from a customer's on-premises data center to AWS. It provides higher bandwidth and lower latency compared to a typical internet connection, and enhances network security by eliminating internet exposure for data transfer. Direct Connect can be used to transfer large amounts of data, such as video and scientific data, and to connect virtual private clouds (VPCs) for hybrid cloud deployments.
Costs
The cost of Direct Connect depends on several factors, including the connection speed (1 Gbps or 10 Gbps), the number of physical connections required, the location of the customer's data center, and the location of the AWS Direct Connect partner. For 1 Gbps connections, the hourly rate is $0.30 per hour and the port fee is $0.085 per hour. For 10 Gbps connections, the hourly rate is $0.95 per hour and the port fee is $0.85 per hour. In addition, there may be costs associated with cross-connects or VLANs at the AWS Direct Connect partner's location. Data transfer costs apply for data transferred over the connection, and are billed separately based on the amount of data transferred and the direction of transfer (inbound or outbound).
Direct Cost

--

Indirect Cost
No items found.
Terraform Name
aws_dx_connection
Direct Connect
attributes:

The following arguments are supported:

  • bandwidth - (Required) The bandwidth of the connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps, 10Gbps and 100Gbps. Case sensitive.
  • encryption_mode - (Optional) The connection MAC Security (MACsec) encryption mode. MAC Security (MACsec) is only available on dedicated connections. Valid values are no_encrypt, should_encrypt, and must_encrypt.
  • location - (Required) The AWS Direct Connect location where the connection is located. See DescribeLocations for the list of AWS Direct Connect locations. Use locationCode.
  • name - (Required) The name of the connection.
  • provider_name - (Optional) The name of the service provider associated with the connection.
  • request_macsec - (Optional) Boolean value indicating whether you want the connection to support MAC Security (MACsec). MAC Security (MACsec) is only available on dedicated connections. See MACsec prerequisites for more information about MAC Security (MACsec) prerequisites. Default value: false.

NOTE:

Changing the value of request_macsec will cause the resource to be destroyed and re-created.

  • skip_destroy - (Optional) Set to true if you do not wish the connection to be deleted at destroy time, and instead just removed from the Terraform state.
  • tags - (Optional) A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Associating resources with a
Direct Connect
Resources do not "belong" to a
Direct Connect
Rather, one or more Security Groups are associated to a resource.
Create
Direct Connect
via Terraform:
The following HCL creates a connection of Direct Connect
Syntax:

resource "aws_dx_connection" "hoge" {
 name      = "tf-dx-connection"
 bandwidth = "1Gbps"
 location  = "EqDC2"
}

Create
Direct Connect
via CLI:
Parametres:

create-connection
--location <value>
--bandwidth <value>
--connection-name <value>
[--lag-id <value>]
[--tags <value>]
[--provider-name <value>]
[--request-mac-sec | --no-request-mac-sec]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]

Example:

aws directconnect create-connection --location TIVIT --bandwidth 1Gbps --connection-name "Connection to AWS"

Best Practices for
Direct Connect

Categorized by Availability, Security & Compliance and Cost

No items found.
Explore all the rules our platform covers
Related blog posts
We haven't write about
Direct Connect
yet.
View all blog posts ->
All Resources
Compute
Athena
Auto Scaling Group
Availability Zone
EC2
ECS
ECS Task Definition
EKS
Lambda Function
Region
SageMaker Notebook
Database
DMS
DocumentDB
DynamoDB
EMR
ElastiCache
Glue
OpenSearch
RDS
Network
ALB
API Gateway
CloudFront
Direct Connect
Direct Connect Gateway
ELB
ENI
Elastic IP
GLB
Internet Gateway
NAT Gateway
NLB
Prefix List
Route 53
Route Table
Site-to-Site VPN Connection
Subnet
Target Group
Transit Gateway
VPC
VPC Endpoint
VPC Peering
VPN Customer Gateway
Virtual Private Gateway
Permission
IAM Account Password Policy
IAM Group
IAM Policy
IAM Role
IAM User
Instance Profile
Queue
Kinesis
MSK
SES
SNS
SQS
Security
CloudWatch
GuardDuty
Config
WAF
Network ACL
KMS
Security Group
Storage
EFS
S3 Glacier
AMI
EBS Snapshots
EBS Volume
S3 Bucket
Kubernetes
Network Policy
StatefulSet
Service
ReplicaSet
Namespace
Ingress
Endpoints
Deployment
Service Account
Pod