CloudWiki
Resource
Detect, troubleshoot & optimize AWS environments in real-time ->

Amazon Web Service (AWS)

Direct Connect Gateway

Network
Direct Connect Gateway is a service that enables customers to extend their on-premises networks into the AWS cloud over AWS Direct Connect. With Direct Connect Gateway, customers can connect their networks to multiple VPCs and AWS accounts, and interconnect with other VPCs and networks over AWS Transit Gateway. Direct Connect Gateway enables customers to connect their on-premises network to AWS without the need for a VPN connection or public Internet, providing a more secure and scalable solution for hybrid cloud deployments. The service allows customers to route traffic between their on-premises network and AWS over a dedicated connection, reducing latency and jitter compared to a typical Internet connection. AWS Direct Connect Gateway is a fully managed service and requires no additional hardware or software to be deployed. Customers can choose between 1 Gbps and 10 Gbps connections, and can scale their network connection as needed to accommodate changing demands.
Costs
The cost of Direct Connect Gateway depends on several factors, including the number of VPCs connected, the amount of data transferred over the connection, and the connection speed (1 Gbps or 10 Gbps). There is an hourly charge for each hour a Direct Connect Gateway is provisioned, which varies depending on the connection speed. For 1 Gbps connections, the hourly charge is $0.045 per hour, and for 10 Gbps connections, the hourly charge is $0.14 per hour. In addition, there may be charges for data transfer over the connection. Data transfer costs are based on the amount of data transferred and the direction of transfer (inbound or outbound), and are billed separately.
Direct Cost

--

Indirect Cost
No items found.
Terraform Name
aws_dx_gateway
Direct Connect Gateway
attributes:

The following arguments are supported:

  • name - (Required) The name of the connection.
  • amazon_side_asn - (Required) The ASN to be configured on the Amazon side of the connection. The ASN must be in the private range of 64,512 to 65,534 or 4,200,000,000 to 4,294,967,294.

Associating resources with a
Direct Connect Gateway
Resources do not "belong" to a
Direct Connect Gateway
Rather, one or more Security Groups are associated to a resource.
Create
Direct Connect Gateway
via Terraform:
The following HCL creates a Direct Connect Gateway.
Syntax:

resource "aws_dx_gateway" "example" {
 name            = "tf-dxg-example"
 amazon_side_asn = "64512"
}

Create
Direct Connect Gateway
via CLI:
Parametres:

create-direct-connect-gateway
--direct-connect-gateway-name <value>
[--amazon-side-asn <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
[--cli-binary-format <value>]
[--no-cli-pager]
[--cli-auto-prompt]
[--no-cli-auto-prompt]

Example:

aws directconnect create-direct-connect-gateway --direct-connect-gateway-name "DxGateway1"

Best Practices for
Direct Connect Gateway

Categorized by Availability, Security & Compliance and Cost

No items found.
Explore all the rules our platform covers
Related blog posts
We haven't write about
Direct Connect Gateway
yet.
View all blog posts ->
All Resources
Compute
Athena
Auto Scaling Group
Availability Zone
EC2
ECS
ECS Task Definition
EKS
Lambda Function
Region
SageMaker Notebook
Database
DMS
DocumentDB
DynamoDB
EMR
ElastiCache
Glue
OpenSearch
RDS
Network
ALB
API Gateway
CloudFront
Direct Connect
Direct Connect Gateway
ELB
ENI
Elastic IP
GLB
Internet Gateway
NAT Gateway
NLB
Prefix List
Route 53
Route Table
Site-to-Site VPN Connection
Subnet
Target Group
Transit Gateway
VPC
VPC Endpoint
VPC Peering
VPN Customer Gateway
Virtual Private Gateway
Permission
IAM Account Password Policy
IAM Group
IAM Policy
IAM Role
IAM User
Instance Profile
Queue
Kinesis
MSK
SES
SNS
SQS
Security
CloudWatch
GuardDuty
Config
WAF
Network ACL
KMS
Security Group
Storage
EFS
S3 Glacier
AMI
EBS Snapshots
EBS Volume
S3 Bucket
Kubernetes
Network Policy
StatefulSet
Service
ReplicaSet
Namespace
Ingress
Endpoints
Deployment
Service Account
Pod