Example: Two segments and multiple AWS Regions

This policy sets up two networks, Secured and Non-Secured, across three AWS Regions. Attachments with the tag "Network" : "Secured" map to "Secured", while attachments with the tag "Network" : "Non-Secured" map to "Non-Secured". All attachments require acceptance. Attachments can only talk within their segment but not across segments.


{
    "version": "2021.12",
    "core-network-configuration": {
        "asn-ranges": ["64512-65534"],
        "edge-locations": [
            {"location": "us-east-1"},
            {"location": "us-east-2"},
            {"location": "eu-west-1"}
        ]
    },
    "segments": [
        {"name": "secured"},
        {"name": "nonSecured"}
    ],
    "attachment-policies": [
        {
            "rule-number": 100,
            "conditions": [{
                "type": "tag-value",
                "key": "Network",
                "value": "Secured",
                "operator": "equals"
            }],
            "action": {
            "association-method": "constant",
            "segment": "secured"
            }
        },
        {
            "rule-number": 200,
            "conditions": [{
                "type": "tag-value",
                "key": "Network",
                "value": "Non-Secured",
                "operator": "equals"
        }],
        "action": {
            "association-method": "constant",
            "segment": "non-secured"
            }
        }
    ]
}

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Example: One segment, one AWS Region

Example: Edge consolidation