Detect, troubleshoot & optimize AWS environments in real-time ->

Amazon Web Service (AWS)

Direct Connect Gateway

Direct Connect Gateway is a service that enables customers to extend their on-premises networks into the AWS cloud over AWS Direct Connect. With Direct Connect Gateway, customers can connect their networks to multiple VPCs and AWS accounts, and interconnect with other VPCs and networks over AWS Transit Gateway. Direct Connect Gateway enables customers to connect their on-premises network to AWS without the need for a VPN connection or public Internet, providing a more secure and scalable solution for hybrid cloud deployments. The service allows customers to route traffic between their on-premises network and AWS over a dedicated connection, reducing latency and jitter compared to a typical Internet connection. AWS Direct Connect Gateway is a fully managed service and requires no additional hardware or software to be deployed. Customers can choose between 1 Gbps and 10 Gbps connections, and can scale their network connection as needed to accommodate changing demands.
The cost of Direct Connect Gateway depends on several factors, including the number of VPCs connected, the amount of data transferred over the connection, and the connection speed (1 Gbps or 10 Gbps). There is an hourly charge for each hour a Direct Connect Gateway is provisioned, which varies depending on the connection speed. For 1 Gbps connections, the hourly charge is $0.045 per hour, and for 10 Gbps connections, the hourly charge is $0.14 per hour. In addition, there may be charges for data transfer over the connection. Data transfer costs are based on the amount of data transferred and the direction of transfer (inbound or outbound), and are billed separately.
Direct Cost


Indirect Cost
No items found.
Terraform Name
Direct Connect Gateway

The following arguments are supported:

  • name - (Required) The name of the connection.
  • amazon_side_asn - (Required) The ASN to be configured on the Amazon side of the connection. The ASN must be in the private range of 64,512 to 65,534 or 4,200,000,000 to 4,294,967,294.

Associating resources with a
Direct Connect Gateway
Resources do not "belong" to a
Direct Connect Gateway
Rather, one or more Security Groups are associated to a resource.
Direct Connect Gateway
via Terraform:
The following HCL creates a Direct Connect Gateway.

resource "aws_dx_gateway" "example" {
 name            = "tf-dxg-example"
 amazon_side_asn = "64512"

Direct Connect Gateway
via CLI:

--direct-connect-gateway-name <value>
[--amazon-side-asn <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--endpoint-url <value>]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
[--cli-binary-format <value>]


aws directconnect create-direct-connect-gateway --direct-connect-gateway-name "DxGateway1"

Best Practices for
Direct Connect Gateway

Categorized by Availability, Security & Compliance and Cost

No items found.
Explore all the rules our platform covers
Related blog posts
All Resources