Segment actions - AWS Network Manager
Segment sharingSegment routes

Segment actions

Segment actions allow you to optionally share your segments or create routes.

Segment sharing

Create a shared segment between two segments.

Segment sharing is bidirectional by default. When you create a segment share between two segments, routes from both segments are automatically advertised to each other. For example, you might share a segment named test with another segment named dev. Routes from test are advertised to dev, and vice versa. To make routes in shared segments unidirectional, create a deny list filter to share routes from one segment to the other, but not vice versa. Using the previous example, you could make a deny list filter that prevents routes from test being advertised to dev. For more information on creating the deny list for a segment, see Segments.

To create a shared segment

  1. Access the Network Manager console at https://console.aws.amazon.com/networkmanager/home/.

  2. Under Connectivity choose Cloud WAN.

  3. On the Global networks page, choose the global network ID that for the core network you want to create a policy version for, and then choose Core network.

  4. In the navigation pane, choose Policy versions.

  5. Choose Create policy version.

  6. Choose Segment actions.

  7. (Optional) In the Sharing section, choose Create, and then do the following:

    1. From the Segment dropdown list, choose the core network segment that you want to share.

    2. For the Segment filter, choose whether you want to allow all shared routes from other segments, to allow only selected routes, or to deny selected routes. The default is Allow all.

    3. Choose Create sharing.

Segment routes

Create a segment route for a policy version.

To create a segment route

  1. Access the Network Manager console at https://console.aws.amazon.com/networkmanager/home/.

  2. Under Connectivity choose Cloud WAN.

  3. On the Global networks page, choose the global network ID that for the core network you want to create a policy version for, and then choose Core network.

  4. In the navigation pane, choose Policy versions.

  5. Choose Create policy version.

  6. (Optional) In the Routes section, choose Create, and then do the following:

    1. From the Segment dropdown list, choose the core network segment that you want to share.

    2. For Destination CIDR Block, enter a static route. You can enter multiple CIDR blocks by choosing Add for each block that you want to add. Choose Remove for any blocks that you don't want.

      Note

      You can't leave any blank destination CIDR blocks. Choose Remove to delete any empty blocks.

    3. Choose Blackhole if you want to "black hole" the route. If you make this choice, you can't add any attachments to the route.

    4. From the Attachments list, choose any attachments that you want to include in this route.

    5. Choose Create segment route.

  7. (Optional) Add Attachment policies. For more information, see Attachment policies.

  8. Choose Create route.