+

Managing Private Spaces

Use Anypoint Runtime Manager to manage private spaces, such as adding and removing a route from the route table or detaching a transit gateway from the private space.

Add or Remove a Route from the Route Table

Routes determine how to direct traffic from your private space, for example, to the public internet or through a connection (VPN or transit gateway).

You might want to add a route to enable a new subnet to be accessible or remove a route if you no longer want a subnet to be accessible through the transit gateway.

  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. On the Network tab, in the Private Network section, click Route Table:

    The route table shows all routes for the private space.

    • Add a route by entering the subnet in CIDR notation, selecting the connection, and clicking Add Route:

      You can’t add a route that matches a priority route (a route that’s used by your private network).

      Routes can be used by only one connection at a time. If you enter a non-local/Internet Gateway (IGW) route, CloudHub 2.0 warns that the route is being used by another connection.

      Routes should not overlap with existing routes. CloudHub 2.0 warns if you enter a route that overlaps with another route in the route table.

    • Remove a route by clicking the X icon for a row in the table and then clicking Delete to confirm.

      If the X icon doesn’t appear for a route, you can’t remove it.

      You can remove routes for static VPN connections.

  4. Click Done to close the route table.

Anypoint Platform submits the new route to AWS.

Rename a Connection

  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. On the Network tab, in the Connections section, click the Connections menu (…​) and select Rename:

  4. Enter the new name and click Save.

Create Redundant VPN

  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. On the Network tab, in the Connections section, click the VPN menu (…​) and select Create Redundant VPN:

    <screenshot>

  4. Follow the steps in Create a Redundant VPN.

Rename a VPN

  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. On the Network tab, in the Connections section, click the VPN menu (…​) and select Rename:

  4. Enter the new name and click Save.

Change VPN Connection Settings

You can change the tunnel initiation behavior after configuring the VPN connection.

This setting applies to all VPNs in this connection and is enabled by default.

Modifying the tunnel initiation after VPN creation causes all VPNs in this connection to restart.
  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. On the Network tab, in the Connections section, click the VPN menu (…​) and select Connection Settings:

  4. On the Connection Settings page, you can:

    • Enter a new name for the VPN connection.

    • Expand Advanced Options to change the Automatic Tunnel Initiation option.

      Enable this option to specify that VPN starts up automatically.

      If you deselect this option, you must generate traffic from the customer gateway to establish VPN tunnels.

  5. Click Save or Cancel to close the Connection Settings window.

    Modifying the Automatic Tunnel Initiation option restarts all VPNs in the connection.

View VPN Status

  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. On the Network tab, in the Connections section, click the VPN menu (…​) and select View Details:

  4. Click X to close the VPN Details window.

Delete a VPN

Deleting the last VPN in a connection removes the entire connection.

You can’t undo this action.
  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. On the Network tab, in the Connections section, click the VPN menu (…​) and select Delete:

  4. Click Delete to confirm the deletion or Cancel.

Rename a Transit Gateway Attachment

You might want to rename a transit gateway attachment to match the attachment name in AWS.

To rename a transit gateway attachment:

  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. On the Network tab, in the Connections section, click the transit gateway menu (…​) and select Rename:

  4. Enter the new name and click Save.

Detach a Transit Gateway from the Private Space

You might need to detach a transit gateway so that you can reattach it.

Detaching a transit gateway from a private space also deletes the attachment in AWS. The resource share on AWS remains unaffected. The transit gateway appears under Add a transit gateway if you only detach it and do not delete it from your organization. Any apps deployed to the private space continue to run, but they are no longer connected to your Amazon VPCs and VPNs.

To detach the transit gateway:

  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. On the Network tab, in the Connections section, click the transit gateway menu (…​) and select Detach:

  4. At the confirmation prompt, click Detach.

    Detaching a transit gateway might take several minutes.

Remove a Transit Gateway Attachment

You might want to remove a transit gateway attachment for the following reasons:

  • If you reject an attachment in AWS, the transit gateway attachment appears as Rejected in Anypoint Platform. In this case, you must remove the attachment before trying to attach it again.

  • If an attachment is deleted on AWS, you can remove the attachment from Anypoint Platform.

Removing a transit gateway attachment also deletes any associate routes. The resource share on AWS remains unaffected so you can readd the transit gateway without creating a new one.

To completely remove the transit gateway from your Anypoint Platform organization, use the DELETE <>/organizationns/:orgId/transitgateways/:tgw-id API call and delete the resources share on AWS. For information, see Deleting a resource share in the AWS documentation.

Delete a Private Network

You can’t delete a private network if any apps are deployed to it or if any connections exist.

You can’t undo this action.
  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. On the Network tab, click the Private Network menu (…​) and select Delete:

  4. Click Delete to confirm the deletion.

Delete a Private Space

You can’t delete a private space if it has any related private network, VPNs, or transit gateway attachments.

You can’t undo this action.
  1. From Anypoint Platform, select Runtime Manager > Private Spaces.

  2. Click the name of the private space to manage.

  3. Click the Private Space menu (…​) and select Delete.

    Delete option in the Private Space menu
  4. Click Delete private space to confirm the deletion or Cancel.

See Also

Was this article helpful? Thanks for your feedback!
View on GitHub