Integrating with an existing Transit Gateway
Pega Cloud Services supports the integration of a client AWS Transit Gateway to centralize your external connections to your Pega Cloud environments in a monitored and secure private network. The Transit Gateway can act as a secure, centralized hub to route, provision, and monitor your enterprise network topology, including all of your networking connections with your Pega Cloud environments. You can integrate your Pega Cloud VPC, and any Pega Cloud VPN service, with your Transit Gateway, as you would with any other AWS VPC or VPN.
- Ensure that you can access your AWS Resource Access Manager (RAM) to create a resource share for Pega Cloud Services.
- You must also have a management account with sharing enabled for AWS organizations in order to create the Transit Gateway resource share.
For more information about subscribing to AWS Transit Gateway, see the official AWS Transit Gateway landing page.
After you subscribe to the AWS Transit Gateway service
through your AWS account, you can request that Pega Cloud Services provides the
information you need to integrate your service with your Pega Cloud
environments. The following illustration provides a model of how your Pega Cloud Services VPC integrates with your AWS Transit Gateway Service.
Integrating Pega Cloud environments with your Transit Gateway can simplify your enterprise network topology by providing the following benefits:
- Eliminating the need for complicated peering connections, especially in larger topologies, to let multiple environments communicate with one another
- Removing the requirement for multiple VPN connections between each of your AWS VPCs, including your Pega VPC, and on-premises environments
- Limiting traffic between your Pega Cloud environment and other VPCs
- Scaling your enterprise network topology to your Pega Cloud networking demands
- Responding to spikes in network traffic more resiliently through multiple interoperable VPCs
To implement a Transit Gateway integration, you must complete the following steps:
Request a new service by selecting New request in My Support Portal, or by contacting Pega Support with a request to integrate your Transit Gateway with your Pega Cloud environments. For the latest documentation on making requests, see My Support Portal: New Design, Streamlined Features.
Update your Transit Gateway service by allowing Pega Cloud Services to access your Transit Gateway:
In the AWS RAM console, create a resource share.
From the response to the request, or the from the call with your Pega representative, note the account number Pega Cloud Services shares with you.
In your RAM console, in the Principals section, enter the account number that you receive from Pega Cloud Services in response to your service request.
Select Create resource share.You can use the create-resource-share AWS API to enter the account number.
For additional information on how to create a resource share through the RAM console or by using the API, see the AWS Resource Access Manager documentation.
After you create a resource share of your Transit Gateway, Pega Cloud Services creates a resource share of your Pega Cloud environment.
Accept the resource share referencing your Pega Cloud environment.
For additional information on receiving a resource share, see the AWS Resource Access Manager documentation.
In your RAM console, select the Shared with me, Resource shares pane.
On the Pending resource share page, add your Pega Cloud environment by selecting Accept Resource Share.