AWS Security ChangesHomeSearch

AWS directconnect documentation change

Service: directconnect · 2025-08-22 · Documentation low

File: directconnect/latest/UserGuide/limits.md

Summary

Added ASN limits section detailing valid customer/Amazon-side ASN ranges, private ASN ranges, and requirements for public virtual interfaces

Security assessment

The change documents proper ASN configuration requirements to prevent routing misconfigurations. While it enhances security awareness, there's no evidence of addressing a specific vulnerability.

Diff

diff --git a/directconnect/latest/UserGuide/limits.md b/directconnect/latest/UserGuide/limits.md
index ad93d0caa..de7f286cf 100644
--- a//directconnect/latest/UserGuide/limits.md
+++ b//directconnect/latest/UserGuide/limits.md
@@ -5 +5 @@
-BGP quotasLoad balance considerations
+BGP quotasASN limitsLoad balance considerations
@@ -63,0 +64,25 @@ We recommend that you do not configure graceful restart and BFD at the same time
+## ASN limits
+
+The following limits apply to Autonomous System Numbers (ASNs) used with AWS Direct Connect:
+
+  * **Customer-side ASN range** : 1 to 4,294,967,294
+
+    * ASNs: 1 to 2147483647
+
+    * Long ASNs: 1 to 4294967294
+
+  * **Amazon-side ASN** : Fixed values assigned by AWS (typically 7224 for public virtual interfaces)
+
+  * **Private ASN ranges** :
+
+    * private ASNs: 64,512 to 65,534
+
+    * private long ASNs: 4,200,000,000 to 4,294,967,294
+
+
+
+
+###### Note
+
+For public virtual interfaces, your ASN must be either a private ASN or already registered and allowed for use with the virtual interface.
+