Skip to main content
Index

Connect to AWS

End users can create connections to AWS Direct Connect using either a Dot1q port or a QinQ port.

 

The following video shows how to connect to AWS Direct Connect using Equinix Fabric APIs.

Click here to download the postman scripts shown in this demo. 

 

Layer 2 Connection To AWS Direct Connect

 

 

Step 1: Retrieve AWS Account Info

Locate your AWS account ID using the AWS Management console.

 

The AWS Account ID is a 12 - digit number and is essential for creating an AWS Direct Connect connection.

 

Refer https://aws.amazon.com/console/ for instructions on how to signup for AWS. 

Step 2: Create Connection

These steps outline what you must do to create an AWS Direct Connect connection:

2a) Authenticate

Submit your user credentials, Client ID, and Client Secret for OAuth authentication.

 

Refer to Generating Client ID and Client Secret key  in the Getting Started section for instructions on how to create your client ID and client secret credentials. Refer to Requesting Access and Refresh tokens for instructions on how to call the OAuth API to get your OAuth tokens.

 

If you have trouble getting your for Equinix Fabric user credentials, contact your local Equinix Service Desk. 

 

2b) Get the Port information

Retrieve your allocated Equinix Fabric port information.

 

Refer to GET Port under the API Reference section for instructions on how to retrieve port details. Skip this step if you already know your port information.

 

2c) Get Metros

Find all metros where Equinix Fabric is available to check if a connection can be established between the port selected earlier and your desired destination metro.

 

Use this API to identify the metro codes of your source (A-side) and destination (Z-side) for your connection.

 

Refer to GET Metros under the API Reference section for instructions on how to get the metro code. You may skip this step if you already know this information.  

 

2d) Get Service Profile

Identify all service profiles available for a given metro or metros, and select the profile to which you wish to connect.

 

Refer to GET Services under the API Reference section for instructions on how to retrieve service profiles in Equinix Fabric. You may skip this step if you already know the service profile details.

 

2e) Get ValidateAuthorizationKey

Verify whether your AWS Account Info can be used to create a connection to the seller profile selected earlier.

 

The validate authorization key API currently only performs regular expression validation and checks if a connection can be established to the selected seller service profile. It does not validate the authenticity and accuracy of the key against AWS. This feature will be included in the future.

 

Refer to GET validateAuthorizationKey under the API Reference section for instructions on how to validate your authorization key. You may skip this step if you are certain that your key is authorized for creating connections with the selected service profile.

 

2f) Post Connections

POST /ecx/v3/l2/connections

Method POST
URL or End Point /ecx/v3/l2/connections
Headers Authorization, Content-Type
Query Parameters Not applicable
Body Parameters primaryName, primaryPortUUID, primaryVlanSTag,  primaryVlanCTag,  profileUUID, authorizationKey, speed, speedUnit, notifications [...], purchaseOrderNumber, sellerRegion, sellerMetroCode

 

The POST connections API creates a layer 2 connection between your port and the destination service profile. The authorization token and content-type are the only headers that are passed to this API and a response is received based on the values passed.

 

If you are unaware of how to obtain an authorization token, refer to Requesting Access and Refresh tokens section under Getting Started.

 

The following screenshots show a sample curl request to create a layer 2 AWS Direct Connect connection using a Dot1q and QinQ port and a sample JSON response for this API. 

 

Should you want to estimate the price of this connection, use the API GET Prices

 

AWS Direct Connect connection using a Dot1q port

 

curl -X

POST "https://api.equinix.com/ecx/v3/l2/connections"

-H "content-type: application/json"

-H "authorization: Bearer qwErtY8zyW1abcdefGHI"

-d '{
  "primaryName": "JohnDoe_AWS_Dot1q",
  "profileUUID": "3214888b-39b0-49ea-a232-005088dc9c84",
  "speed": 50,
  "speedUnit": "MB",
  "notifications": [
    "JohnDoe@example.com"
  ],
  "purchaseOrderNumber": "1234567890",
  "primaryPortUUID": "7f891d3b-973e-73e0-bae0-30ac1885197a",
  "primaryVlanSTag": "774",
  "sellerRegion": "us-west-1",
  "sellerMetroCode": "SV",
  "authorizationKey": "123456789012"
}'

 

AWS Direct Connect connection using a QinQ port

 

curl -X

POST "https://api.equinix.com/ecx/v3/l2/connections"

-H "content-type: application/json"

-H "authorization: Bearer qwErtY8zyW1abcdefGHI"

-d '{
  "primaryName": "JohnDoe_AWS_QinQ",
  "profileUUID": "999552b-39b0-49ea-a232-005088dc9c84",
  "speed": 50,
  "speedUnit": "MB",
  "notifications": [
    "JohnDoe@example.com"
  ],
  "purchaseOrderNumber": "0987654321",
  "primaryPortUUID": "99991d3b-9750-7500-bae0-30ac1885197a",
  "primaryVlanSTag": "774",
  "primaryVlanCTag": "775",
  "sellerRegion": "us-west-1",
  "sellerMetroCode": "SV",
  "authorizationKey": "123456789012"
}'

 

The description of the body parameters is as follows:

 

Body Parameter Name Mandatory Type Example Applicable Values Description
primaryName Yes string JohnDoe_AWS_QinQ  

User-defined name of the primary connection.

 

Supply an alpha-numeric string, which can include hyphens and underscores ('-' & '_') as special characters (no other special characters are allowed).

 

Max Length: 24 characters

primaryPortUUID Yes string 99991d3b-9750-7500-bae0-30ac1885197a   Unique Equinix-assigned ID of the buyer's primary port from where the connection originates.
primaryVlanSTag Yes integer 774

2 - 4094

S-Tag/Outer-Tag of the primary connection.

 

Range: 2 - 4094

primaryVlanCTag Yes integer 775

2 - 4094

C-Tag/Inner-Tag of the primary connection on the Z side.

 

Range: 2 - 4094

profileUUID Yes string 999552b-39b0-49ea-a232-005088dc9c86   Unique Equinix-assigned ID of the provider's service profile.
authorizationKey Yes string 123456789012  

Authorization Key provided by AWS.

 

For example, the account ID from AWS.

speed Yes integer 50   Speed/bandwidth to be allocated to the connection.
speedUnit Yes string MB MB

Unit of the speed/bandwidth to be allocated to the connection.

 

Values: Either MB or GB.

notifications Yes array [string] JohnDoe@example.com

 

A list of email addresses that are notified when there are any updates on this connection.

 

Example:
["user@example.com", "user2@example.com"]

purchaseOrderNumber Yes string 0987654321   This optional field links the purchase order to the connection on Equinix. This link is reflected on the invoice.
sellerRegion Yes string us-west-1   The region in which the seller port resides.
sellerMetroCode Yes string SV  

The metro code that denotes the connection’s destination (Z side). 

 

If sellerMetroCode is empty, the value defaults to the metro code of the port. 

 

The following table indicates the tagging criteria to be followed when a buyer/customer (A-side) wants to connect to AWS (Z-side). Ensure to add the correct S tag or C tag based on your port type.

Port Type (A-side) S-tag required C-tag required Port Type ( Z-side)
Dot1q port Yes No Dot1q port
QinQ port Yes Yes Dot1q port

 

If you get “Access Denied” error, contact your local Equinix Service Desk for Equinix Fabric Portal access.

 

{
    "message": "Connection Saved Successfully",
    "primaryConnectionId": "9999a8-0e07-44d0-944c-88a25d8d28f7"
}

 

The description of the response payload is as follows:

 

Field Name Type Example Description
message string Connection Saved Successfully Indicates the status of the API call.
primaryConnectionID string 9999a8-0e07-44d0-944c-88a25d8d28f7 Returns the newly created connection ID.

 

Once the POST Connections API is successfully called, you may check the status of the connection using the API GET Connections{uuid}

 

When a connection is created, the connection transitions through various states within the Equinix and AWS infrastructure. These states can be monitored using the response attributes of the API GET Connections{uuid}. The "status" attribute indicates the connection status in Equinix and the "providerStatus" indicates the status in AWS.

 

Equinix States under /ecx/v3/l2/connections/{connId} AWS States
"status" attribute values "providerStatus" attribute values AWS Direct Connect State Description
PROVISIONING NOT_AVAILABLE   Connection request has not been yet sent to AWS.
PROVISIONED PENDING_APPROVAL 

Ordering -> Requested 

The connection awaits for acceptance.

 

You will see a card stating “Accept Hosted Connection”  on your Equinix Fabric portal dashboard.

 

PROVISIONED PROVISIONING Pending Connection establishment in progress.
PROVISIONED PROVISIONED Pending -> Available

The connection has been accepted by the client.

 

These status values will only be reflected after the below "Accept Connection" step is performed. 

 

 

Refer https://docs.aws.amazon.com/directconnect/latest/APIReference/API_Connection.html for the different AWS connection states.  

 

 

When an end user deletes a connection using the API DELETE Connections{uuid}  the connection transitions through the following states within the Equinix infrastructure. 

 

Equinix States under /ecx/v3/l2/connections/{connId}
"status" attribute values "providerStatus" attribute values Description

DEPROVISIONING

DEPROVISIONING

Connection disbandment in progress.

DEPROVISIONED DEPROVISIONED

Connection deleted.

Step 3: Accept Connection

Accept the virtual connection using AWS Management Console, Equinix Portal, or the below API.

 

PATCH l2/connections/{connid}

 Method  PATCH
 URL or End Point  /ecx/v3/l2/connections/{connId}
 Headers  Authorization, Content-Type
 Query Parameters  action
 Body Parameters  AWS Access Keys (Access Key ID and Secret Access Key)

 

ConnId is an identifier unique for each connection.

 

The PATCH connections API accepts or rejects a layer 2 connection for a given connection connID.

 

If you are unaware of how to obtain an authorization token, refer to Requesting Access and Refresh tokens under the Getting Started section.

 

The following screenshots show a sample curl request to accept a layer 2 connection and its respective JSON response. 

 

curl -X

PATCH "https://api.equinix.com/ecx/v3/l2/connections/9999a8-0e07-44d0-944c-88a25d8d28f7?action=Approve"

-H "content-type: application/json"

-H "Authorization: Bearer qwErtY8zyW1abcdefGHI"

-d '{

"accessKey":"AKIAGGJKJU7BC3QJKYQ",

"secretKey":"CXGJW1lWbqENEqSkBAK"

}'

 

The description of the query and request payload is as follows:

 

Query Parameter Name Mandatory Type Example Applicable Values Description
action Yes string Approve

"Approve"

"Reject"

The action to perform on the connection.
connId Yes string 9999a8-0e07-44d0-944c-88a25d8d28f7   The unique identifier of the connection.

 

Body Parameter Name Mandatory Type Example Description
accessKey Yes string AKIAGGJKJU7BC3QJKYQ Special keys provided by AWS to authenticate API requests.
secretKey Yes string CXGJW1lWbqENEqSkBAK Special keys provided by AWS to authenticate API requests.

 

{
    "message": "updated connection successfully",
    "primaryConnectionId": "9999a8-0e07-44d0-944c-88a25d8d28f7"
}

 

The description of the response payload is as follows:

 

Field Name Type Example Description
message string updated connection successfully The status message of the PATCH API call.
primaryConnectionID string primaryConnectionId: "9999a8-0e07-44d0-944c-88a25d8d28f7" The primary connection ID of the connection that was accepted.

 

If you get “Access Denied” error, contact your local Equinix Service Desk for Equinix Fabric Portal access.

 

Refer

https://aws.amazon.com/directconnect/ for instructions on how to accept the connection using the AWS console and

https://docs.equinix.com/en-us/Content/Interconnection/ECXF/landing-pages/ECXF-landing-main.htm for instructions on how to accept the connection using the Equinix Cloud Exchange Fabric Portal.