AWS Security ChangesHomeSearch

AWS directconnect documentation change

Service: directconnect · 2026-07-01 · Documentation low

File: directconnect/latest/UserGuide/virtualgateways.md

Summary

Capitalized 'Transit Gateway' and added note about ASN advertisement behavior

Security assessment

Clarifies routing advertisement behavior but doesn't address vulnerabilities. The ASN visibility note helps network design but isn't a security fix.

Diff

diff --git a/directconnect/latest/UserGuide/virtualgateways.md b/directconnect/latest/UserGuide/virtualgateways.md
index ed36d3688..089fddf4b 100644
--- a//directconnect/latest/UserGuide/virtualgateways.md
+++ b//directconnect/latest/UserGuide/virtualgateways.md
@@ -17 +17 @@ The following rules apply to virtual private gateway associations:
-  * You cannot attach a Direct Connect gateway to a virtual private gateway when the Direct Connect gateway is already associated with a transit gateway.
+  * You cannot attach a Direct Connect gateway to a virtual private gateway when the Direct Connect gateway is already associated with a Transit Gateway.
@@ -44,0 +45,4 @@ The following rules apply to virtual private gateway associations:
+###### Note
+
+When you associate a Direct Connect gateway with a virtual private gateway, the virtual private gateway ASN is not visible in the AS_PATH advertised to your on-premises router; only the Direct Connect gateway ASN appears. The virtual private gateway ASN is advertised on-premises only when a private virtual interface attaches directly to the virtual private gateway, without a Direct Connect gateway.
+