Quick start: Create an AWS Cloud WAN global network and core network - AWS Network Manager

Quick start: Create an AWS Cloud WAN global network and core network

With AWS Cloud WAN, you'll first create a global network framework, which eventually will contain all of your network resources, such as core networks, sites, devices, and attachments. During the creation process, you can choose to create your core network and core network policy simultaneously. Or you can choose to create the core network, and then create a policy at a later time. Creating a core network and policy creates the structure of your core network and implements it. Until you finish creating your core network and core network policy, you won't be able to do anything in your global network. After the structure is implemented, you can then add attachments, devices, or sites, and you can register existing transit gateways.

Prerequisites

There are no prerequisites for setting up AWS Cloud WAN. However, some features are not available to you unless you set them up in advance. These features are described in the following table:

Prerequisite Description
Events and metrics

Before viewing events on the Events dashboard, you must complete a one-time setup that registers your events with CloudWatch Logs Insights. Until you register your events, you'll be unable to view any of your events on the dashboard. See Onboard CloudWatch Logs Insights for AWS Cloud WAN for the steps to register your events.

Transit gateways

A transit gateway must first be created on the Amazon Virtual Private Cloud console at console.aws.amazon.com/vpc/home.

Transit gateways that you have created in Amazon VPC can then be registered in AWS Cloud WAN to be part of your AWS Cloud WAN global network.

Step 1: Create a global network

The first step in using AWS Cloud WAN is to create your global network. Your global network can contain a single core network, which in turn contains all of your attachments, transit gateways, site, and devices.

Note

If you're only creating and managing a global network without a core network, use AWS Global Networks for Transit Gateways. For more information, see the AWS Global Networks for Transit Gateways User Guide.

You can either create a global network using the AWS console or through the command line or API. You can create as many global networks as your account allows; however, each global network can have only one core network.

To create a global network using the AWS console
  1. Access the Network Manager console at https://console.aws.amazon.com/networkmanager/home/.

  2. Under Connectivity, choose Global Networks.

  3. Choose Create global network.

  4. Enter a Name and Description for your global network.

  5. (Optional) In Additional settings, add Key and Value tags that further help identify an Network Manager resource. To add multiple tags, choose Add tag for each tag that you want to add.

  6. Keep the Add core network in your global network check box selected, and then choose Next to set up your core network and policies.

    The Global networks page appears with a confirmation box that your global network was created successfully.

To create a global network using the command line or API

You can also view dashboards of your global and core networks as topological trees and logical diagrams, and you can monitor and track events. See AWS Cloud WAN global and core network dashboards for the ways you can visualize and monitor your global and core networks.

Step 2: Create a core network

After creating a global network, you'll be prompted to create a core network. You have the option to create the core network later, but until you create one you won't be able to deploy core network resources.

To create a core network after creating a global network
  1. Access the AWS Cloud WAN console at https://console.aws.amazon.com/networkmanager/home/.

  2. Under Core network general settings, enter a Name and Description identifying the core network.

  3. (Optional) Choose Additional settings to add one more or more Key and Value Tags to help identify this network resource.

  4. (Optional) Under Core network policy settings, set the beginning and ending Autonomous System Number (ASN) ASN range. Format the range as xxxxx - xxxxx.

    Note

    ASN is the Border Gateway Protocol (BGP) for the new core network. Valid ranges are 64512 - 65334 and 4200000000 - 4294967294.

  5. Choose the Edge locations. These are the Regions where your edges are located. You can have more than one edge location, but you must choose at least one. You can select multiple edge locations from the dropdown list.

  6. Enter a Name identifying the segment. You can have up to 100 alphanumeric characters. Hyphens (-) are allowed, but white space is not. For example, you might want this core network to be used for development. You might name the segment development.

  7. Choose Next to review the global network details. Choose Edit to make any changes.

  8. Choose Create global network.

    Your global network and core network are created. During this time the core network policy starts creating and deploying your core network.

    Important

    A core network is not deployed instantaneously after creation. It can sometimes take up to 30 minutes to complete. During this time you can't create any attachments within your core network or create policy versions. Once the core network is deployed successfully, the Policy versions tab displays that the core network policy is LIVE and that the Change set state has succeeded when the policy has deployed successfully.

  9. After your policy is LIVE and the core network was created, you can begin to add attachments to your core network. See Attachments in AWS Cloud WAN .

To create a core network using the command line or API

(Optional) Step 3: Modify your global and core networks

Once you've created your global and core networks you can optionally modify your global and core network by completing any of the following tasks based on the needs of your network:

Task Description More information
Add attachment tags Add tags to your attachments. This helps you to more easily identify and organize your attachment resources. See Attachment tags.
Create attachments Add attachments to your core network. Cloud WAN supports Connect attachments, VPC attachments, Site-to-Site VPN attachments, and Transit gateway route table attachments. In addition, Cloud WAN also supports Tunnel-less and GRE Connect peer connections with third-party appliances, such as SD-WAN appliances. See Attachments.
Create a core network policy version Create a core network policy if you want to make changes to your network, such as adding new segments or creating a network function group for routing secure traffic between VPCs. The policy version you deploy implements that policy version as your new core network. Policy versions can be created through the AWS Network Manager console or by modifying a JSON file. See Core network policy versions.
Create a peering A peering allows you to interconnect your core network edge with an AWS transit gateway in the same Region. Peering supports dynamic routing. See Peerings.
Share attachments Share any of your VPC or transit gateway route table attachments across AWS accounts. See Shared attachments.
Share your core network Share your core network across AWS accounts or across your organization. See Shared core network.
Share peerings Create and share a transit gateway peering that allows you to establish peering connections between your core network and transit gateways in the same AWS Region. See Shared peerings.
Add devices Add a physical or virtual device. Once you add a device, you can associate that device with a specific site. See Devices.
Create sites and links Create one or more global network sites, which are physical network locations. You can then add create a link between that site and any devices you've added to your global network. See Sites and links.
Register transit gateways Register transit gateways you've created in Amazon VPC with your Cloud WAN global network. See Transit gateways.
Monitor events and track metrics using Amazon CloudWatch. Onboard CloudWatch Logs Insight, allowing you to monitor our Cloud WAN resources. Use Amazon CloudWatch Events to track CloudWatch metrics and to set threshold alarms on metrics. See CloudWatch events and metrics.

(Optional) Step 4: View your global and core network dashboards

View dashboards of your global and core networks. Cloud WAN uses Amazon CloudWatch events and metrics, allowing you to monitor your global and core networks. You can use these events and metrics to set alarms notifying you when any threshold is reached or a change occurs; for example a change event might be when a VPC attachment is deleted from your core network.

To access the global network dashboards
  1. Access the Network Manager console at https://console.aws.amazon.com/networkmanager/home/.

  2. Under Global Networks, choose the link for the global network you want to access the dashboard for.

    The global network dashboard opens for that global network. For information on navigating this dashboard, see Access AWS Cloud WAN global network dashboards.

To access the core network dashboards
  1. Access the Network Manager console at https://console.aws.amazon.com/networkmanager/home/.

  2. Under Global Networks, choose the link for the global network that you want to view the core network dashboard for.

  3. In the navigation pane choose Core network.

    The dashboard opens for that core network. For information on navigating this dashboard, see Access Cloud WAN core network dashboards.

(Optional) Step 5: View your transit gateway network and transit gateway dashboards

View dashboards of both your transit gateway network and your transit gateways to view logical diagrams, geographical representations, and topologies of your transit gateway network and transit gateways. You can also view CloudWatch metrics, as well as set threshold alarms on events.

To access the transit gateway network dashboards
  1. Access the Network Manager console at https://console.aws.amazon.com/networkmanager/home/.

  2. Under Global Networks, choose the link for the global network you want to access the transit gateway networks dashboard for.

  3. In the navigation pane, choose Transit gateway network.

    The transit gateway network dashboard opens. For information on navigating this dashboard, see Access AWS Cloud WAN transit gateway network dashboards.

To access the transit gateway dashboards
  1. Access the Network Manager console at https://console.aws.amazon.com/networkmanager/home/.

  2. Under Global Networks, choose the link for the global network that you want to view the transit gateway dashboard for.

  3. Under Transit gateway network in the navigation pane, choose Transit gateways.

    The dashboard opens for that transit gateway. For information on navigating this dashboard, see Access AWS Cloud WAN transit gateway dashboards.