Create an AWS Cloud WAN core network policy version using the console
Use the Network Manager console to create a core network policy version. The console provides separate tabs for you to configure a network policy version. The following steps describe the high-level process.
-
Configure the core network settings in an AWS Cloud WAN policy version.
You'll first set the network configuration parameters, including adding ASN ranges, CIDR blocks, and the edge locations to include in the policy.
-
Add a segment to an AWS Cloud WAN core network policy version.
After defining the network configuration parameters, you'll add network segments and define the behavior for those segments. For example, you might want to include a segment that requires attachment acceptance.
-
Create a network function group in an AWS Cloud WAN policy version.
The network function group provides an added level of security if you want to first steer specific segments to a third-party security device or an Inspection VPC. A network function group is the parent object for the segments you want to route to security appliances.
-
Add a segment action in an AWS Cloud WAN core network policy version.
Define segment actions, such as sharing a segment, creating a segment route, or creating a service insertion action for the network function group.
-
Create an attachment policy in an AWS Cloud WAN core network policy version.
Lastly, you'll create an attachment policy that defines the order when segments or network function groups should be run in the core network policy.