Create a core network policy version using the console

Use the Network Manager console to create a core network policy version. The console provides separate tabs for you to configure a network policy version. The following steps describe the high-level process.

Configure a core network.

You'll first set the network configuration parameters, including adding ASN ranges, CIDR blocks, and the edge locations to include in the policy.
Add a segment.

After defining the network configuration parameters, you'll add network segments and define the behavior for those segments. For example, you might want to include a segment that requires attachment acceptance.
Create a network function group.

The network function group provides an added level of security if you want to first steer specific segments to a third-party security device or an Inspection VPC. A network function group is the parent object for the segments you want to route to security appliances.
Set a segment action.

Define segment actions, such as sharing a segment, creating a segment route, or creating a service insertion action for the network function group.
Create an attachment policy.

Lastly, you'll create an attachment policy that defines the order when segments or network function groups should be run in the core network policy.

Topics

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Cloud WAN service insertion

Configure your core network