June 12, 2024

Tutorial: Connect Your AWS and Microsoft Azure Environments

Follow our step-by-step code instructions and deploy a multicloud architecture in minutes.

Today more than ever, growing businesses are interconnecting multiple cloud environments for greater network reliability, better workload migration, and optimal application performance. As businesses grow, their IT infrastructure becomes more complex; implementing a hybrid multicloud architecture can help them meet their evolving IT needs.

Why should I connect my IT architecture to AWS and Azure?

As more and more enterprise workloads migrate to the cloud, many are choosing to connect to Amazon Web Services (AWS) and Microsoft Azure to have flexibility in application deployment and to avoid vendor lock-in.
By interconnecting IT architectures to these two clouds, organizations have the advantage of choosing
“best-of-breed” IaaS, SaaS, and tools available on each platform, thereby staying at the forefront of cloud technology capabilities. In addition, working with different cloud platforms broadens the skills and expertise within IT teams and makes organizations more adaptable to changes in technology landscapes.

How can we help?

To support your business connectivity needs, we present you a do-it-yourself tutorial that will run you through all the steps you need to connect your cloud workloads between AWS and Azure using the Megaport platform. We'll show you how to create a virtual cloud router, create a connection to AWS, create a connection to Microsoft Azure, and then run a ping test between those two cloud environments. And yes, you can do all this in minutes, not months! 

For more than a decade Megaport has made hybrid multicloud connectivity easy for thousands of businesses. With Megaport Cloud Router (MCR), companies can interconnect multiple cloud providers in minutes and without hardware. Megaport's MCR is a virtual router that allows you to privately peer between leading public cloud, IaaS, and SaaS providers while at the same time enabling you to route data to and between various providers without hairpinning your traffic back to a data center or your on-premises environment. 

Okay, but back to the mission at hand: Connecting your two cloud workloads.

Tutorial Table of Contents

    step-by-step TUTORIAl  

    Connect your AWS and Azure environments via Megaport  

    This tutorial provides a full multicloud demonstration environment including networking and compute instances. It requires account credentials for Megaport, Amazon Web Services, and Azure. The following steps are needed in order to build a private AWS to Azure multicloud deployment using Megaport and cURL.

    First thing's first - make sure you have signed up for your Megaport account.

    Create Account

    Overall Instructions

    Introduction - Available Programming Languages

    Step 1: Create an Account in the Production Portal

    Step 2: Use our Promo Code

    Stackexchangemcrvxcpromo

    * The promo code will waive fees for the first 4 monthly billing cycles. Early termination fees may apply if a service on a Minimum Term is canceled before the end of the term. If you intend to cancel the service within this timeframe, make sure to select "No Minimum Term" when ordering services through the Portal Interface, or set "term": 1 in the API calls to order the service (as per the examples).

    Step 3: Add a Company Profile and Specify Billing Markets

    Step 4: Create an API Key

    Step 5: Generate an API Token

    Step 6: Deploy a Megaport Cloud Router (MCR)

    Step 7: Deploy an AWS Direct Connect VXC (Virtual Cross Connect)

    Step 8: Deploy an ExpressRoute VXC (Virtual Cross Connect)

    Overall Notes and Diagram

    Step-by-Step Coding Instructions

    Step 1: Create a Megaport Account - Complete

    Step 2: Use our Promo Code - Complete

    Step 3:  Add a Company Profile and Specify Billing Markets - Complete

    Step 4:  Create an API key

    - API Key: rm1qki0li8qh6trgsec071234
    - API Key Secret: 1pdk5isbd862kd2h14omj6937n8nst0ea7oi77s6fult9j1234

    Step 5: Generate an Access Token

     curl 'https://auth-m2m.megaport.com/oauth2/token' \
        -H 'Content-Type: application/x-www-form-urlencoded' \
        -u'rm1qki0li8qh6trgsec071234:1pdk5isbd862kd2h14omj6937n8nst0ea7oi77s6fult9j1234' \
        --data-urlencode "grant_type=client_credentials" | json_pp

    Result:  

        {   "access_token" : "XXXX",
       "expires_in" : 86400,
       "token_type" : "Bearer"
    }

    Step 6: Deploy a Megaport Cloud Router (MCR)

    Step 6A: Get MCR Locations

    curl --location 'https://api.megaport.com/v2/locations?locationStatuses=Active&metro=Frankfurt' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer XXXX' | json_pp

    Result:  
    Within the result you would then search for either of the following: 

    "mcr" : true,
    "vRouterAvailable" : true

    In the case of the Frankfurt Metro you have two locations that support MCR, namely Interxion FRA6 (id=130) and Equinix FR5 (id=131) and the supported speeds:

    "id" : 130,
              "market" : "DE",
             "metro" : "Frankfurt",§
             "name" : "Interxion FRA6",
             "products" : {
                "mcr" : true,
                "mcr2" : [
                   1000,
                   2500,
                   5000,
                   10000
                ],
    "id" : 131,
             "market" : "DE",
             "metro" : "Frankfurt",
             "name" : "Equinix FR5",
             "networkRegion" : "MP1",
             "products" : {
                "mcr" : true,
                "mcr2" :[
                   1000,
                   2500,
                   5000,               
                  10000
                ],

    Step 6B: Validate MCR Order

    curl --location 'https://api.megaport.com/v3/networkdesign/validate' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer XXXX' \
--data '[
    {
        "locationId":130,
        "term": 1,
        "productName":"stackexchange-mcr",
        "productType":"MCR2",
        "portSpeed":1000,
        "config": {
          "mcrAsn": 133937
        }
    }
]' | json_pp

    Result:  

       "message" : "Validation passed",

    The order is valid.

    Step 6C: Order MCR Order

    curl --location 'https://api.megaport.com/v3/networkdesign/buy' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer XXXX' \
--data '[
    {
        "locationId":130,
        "term": 1,
        "promoCode": "stackexchangemcrvxcpromo",
        "productName":"stackexchange-mcr",
        "productType":"MCR2",
        "portSpeed":1000,
        "config": {
          "mcrAsn": 133937
        }
    }
]' | json_pp

    Result:  

       "message" : "MCR2 [9aac5caf-2351-410c-958f-ac7dcf5eb44b] created.",

    The MCR is created:   

    Please note the MCR2 product id is detailed in the results tab in Step 6C i.e.

    [9aac5caf-2351-410c-958f-ac7dcf5eb44b]

    This is also confirmed visually in the portal next to the product name which we have called
    “stackexchange-mcr” #9aac5caf

    Step 6D: Validate Live Orders

    curl --location 'https://api.megaport.com/v2/products?provisioningStatus=LIVE' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer XXXX' | json_pp

    Result:  


          },         "locationId" : 130,
             "locked" : false,
             "market" : "DE",
             "marketplaceVisibility" : false,
             "maxVxcSpeed" : 1000,
             "portSpeed" : 1000,         
    "productId" : 199458,         
    "productName" : "stackexchange-mcr",
             "productType" : "MCR2",
             "productUid" : "9aac5caf-2351-410c-958f-ac7dcf5eb44b",
             "provisioningStatus" : "LIVE",
             "resources" : {
                "virtual_router" : {
                   "bgpShutdownDefault" : false,
                   "mcrAsn" : 133937,
                   "resource_name" : "virtual_router",
                   "resource_type" : "virtual_router",
                   "speed" : 1000
                }

    The MCR productUid is 9aac5caf-2351-410c-958f-ac7dcf5eb44b

    Important consideration before you continue: Note that from Step 6 onwards you will need valid AWS and Azure credentials to complete the tutorial.  

    If you want a Megaport expert to help you deploy this tutorial, you can schedule a demo with us.
    Our solutions architects will walk you through the process and provide testing keys for both AWS and Azure. Just submit a request below.

    Book a Demo with a Solutions Architect

    Step 7: Deploying an AWS Direct Connect VXC (Virtual Cross Connect)

    Step 7A: Look Up AWS Hosted Connection Port Details

    curl --location 'https://api.megaport.com/v2/secure/awshc' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer XXXX' | json_pp

    Within the result you could then search for country, location ID, etc.
    "country" : "Germany",

    In the case of the Frankfurt Metro, you have two locations that support AWS HC, namely Interxion FRA6 (id=130) and Equinix FR5 (id=131). You would then use the first productUid as your port reference. 

       "description" : "AWS at Interxion FRA6",
                "locationId" : 130,
                "productUid" : "4348e355-5e76-470b-988b-ac245c48663b",
                "description" : "AWS at Interxion FRA6",

    Step 7B: Order AWS Direct Connect Hosted


    “productUid”: This identifies the MCR product ID (confirmed in 6C), as follows:  "message" : "MCR2 [9aac5caf-2351-410c-958f-ac7dcf5eb44b] created.",)
    "locationId": Location of the AWS VXC B End (confirmed in 7A: eg 131 for Interxion FRA6)"bEnd": {

              "productUid": This identifies the AWS location (confirmed in 7A), as follows:
    "productUid" : "4348e355-5e76-470b-988b-ac245c48663b",)
    bEnd: ownerAccount: Your AWS Account id
    rateLimit: 50, 100, 200, 300, 400, 500. 1000, 2000, 5000, 10000
    Term: Is the contract term for the VXC. Valid values are 1, 12, 24, and 36 months“
    productName”: Free Text field to describe the VXC
    “rateLimit”: Speed of the VXC
    curl --location 'https://api.megaport.com/v3/networkdesign/buy' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer XXXX' \
--data '[
  {
    "productUid": "9aac5caf-2351-410c-958f-ac7dcf5eb44b",
    "associatedVxcs": [
      {
        "rateLimit": 100,
        "productName": "awshc",
        "term": 1,
        "shutdown": false,
        "promoCode": "stackexchangemcrvxcpromo",
        "aEnd": {
          "locationId": 130,
          "vlan": 0,
          "partnerConfig": {
            "connectType": "VROUTER",
            "interfaces": [
              {
                "ipAddresses": [
                  "169.254.96.46/29"
                ],
                "bfd": {
                  "txInterval": 300,
                  "rxInterval": 300,
                  "multiplier": 3
                },
                "bgpConnections": [
                  {
                    "peerAsn": 62512,
                    "localIpAddress": "169.254.96.46",
                    "peerIpAddress": "169.254.96.41",
                    "password": "cnn6eaeaETSjvjvjvjv",
                    "shutdown": false,
                    "description": "BGP with MED and BFD enabled",
                    "bfdEnabled": true
                  }
                   ],
   
                "natIpAddresses": []
              }
            ]
          }
        },
        "bEnd": {
          "locationId": 130,
          "ownerUid": "605cb850-dfb4-4a05-a171-8bf17757b3a2",
          "productUid": "4348e355-5e76-470b-988b-ac245c48663b",
          "vlan": 0,
          "partnerConfig": {
            "name": "awshc",
            "ownerAccount": "ABCDEFGHIJKL",
            "connectType": "AWSHC"
          }
        },
        "productType": "VXC",
        "connectType": "AWSHC"
      }
    ]
  }
]'  | json_pp

    Result:  

       "message" : "VXC [bb885e57-849a-44de-9f2f-b0dc7f0a678f] created.",

    The AWS Direct Connect Hosted VXC is created:

    The MCR Interface and Layer 3 BGP configuration is complete:

    Step 8: Deploy an ExpressRoute VXC (Virtual Cross Connect)

    Step 8A: Click on “Create ExpressRoute” circuit

    Step 8B: Complete the configuration as follows

    Step 8C: Copy the ExpressRoute Service Key

    Step 8D: Validate Azure Service Key

    curl --location 'https://api.megaport.com/v2/secure/azure/e478a815-2993-4a9d-bb14-123456789123' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer xxxx'  | json_pp

    Result: Within the results response, note the “name” is detailed as either “Primary” or “Secondary”.
    This allows you to deploy the VXC as a primary or backup connection..

     
    "data" : {
          "bandwidth" : 50,
                "description" :
    "Azure ExpressRoute at Interxion FRA6",
                "name" : "Frankfurt Primary",
                "productUid" : "f53112ac-6979-4abd-8197-33220415d4e3",

             },
             {
                "description" : "Azure ExpressRoute at Interxion FRA6",
                "name" : "Frankfurt Secondary",
                "productUid" : "1a3c0dbd-9ebd-48d1-8bff-b99af74bc7ea",
       "message" : "Successful lookup",

    Step 8E: Order Azure ExpressRoute VXC

     
    “productUid”: This identifies the MCR product ID (confirmed in 6C, as follows:  "message" : "MCR2 [d2bfee03-ee8b-4b41-abd9-82cb424a82ed] created.",)“
    productName”: Free Text field to describe the VXC
     “rateLimit”: Speed of the VXC“
    bEnd”: productUid: This identifies the Azure end location (confirmed in 8E as follows:
    "productUid" : "a7ae8a35-433e-44aa-87cb-a1b7995ab008",)
    "serviceKey" The Azure Service Key you created earlier ‘(confirmed in 8C)
    curl --location 'https://api.megaport.com/v3/networkdesign/buy' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer XXXX' \
--data ' [
     {
        "productUid": "9aac5caf-2351-410c-958f-ac7dcf5eb44b",
        "associatedVxcs": [
            {
                "productName": "Azure Primary VXC from MCR",
                "promoCode": "stackexchangemcrvxcpromo",
                "rateLimit": 200,
                "aEnd": {
                    "vlan": 0
                },
                "bEnd": {
                    "productUid" : "f53112ac-6979-4abd-8197-33220415d4e3",
                    "vlan": "0",
                    "innerVlan": 12,
                    "partnerConfig" : {
                        "connectType": "AZURE",
                        "serviceKey": "e478a815-2993-4a9d-bb14-123456789123",
                        "peers": [{"type": "private"}]
                    }
                }
            }
        ]
    }
]
'  | json_pp

    Result:

      "message" : "VXC [b473e232-5f6a-479c-a3eb-3bcb40540d03] created.",

    The Azure VXC is created:

    The Azure private peering configuration has also auto-populated:

    If you have reached this step, you should be proud of yourself because you have successfully finished this tutorial! Congratulations on connecting your AWS and Azure environments!

    via GIPHY

    Note on How to can Cancel a VXC and an MCR

    - Learn how to terminate a VXC
    - Learn how to terminate an MCR
    - Please note that to delete an Azure ExpressRoute VXC, you first have to delete the peering information directly within the Azure portal. Once this is removed, you can then delete the VXC.  

    Ready to enable your cross-cloud architecture with Megaport?

    With Megaport, interconnecting your clouds for cross-cloud has never been easier. Megaport Cloud Router’s virtual network function capabilities allow you to connect at Layer 3 in an instant, taking the complexity out of setup.

    There’s no need to learn the ins and outs of network engineering: Simply log in to your Megaport account and start building your virtual network in a few clicks. MCR supports multicloud and allows you to privately peer between leading cloud providers such as AWS and Azure.

    No matter your unique needs, Megaport has scalable and flexible solutions ready to help. Did we mention that this private cloud-to-cloud architecture can be deployed in an afternoon?

    Create Account