reference deployment

Aviatrix Orchestrator for AWS Transit Gateway on AWS

Orchestrate and manage VPC connectivity

This Quick Start automatically deploys an Aviatrix Controller for enabling Aviatrix Orchestrator for AWS Transit Gateway in a new or existing virtual private cloud (VPC) on the Amazon Web Services (AWS) Cloud.  

The Aviatrix Controller is a centralized control plane for orchestration and management of various networking and connectivity solutions on AWS. One key feature of the Aviatrix Controller is the Aviatrix Orchestrator, which orchestrates and manages end-to-end connectivity by using AWS Transit Gateway. AWS Transit Gateway, in turn, simplifies VPC-to-VPC connection and consolidates edge connections.

This Quick Start is for users who manage large numbers of VPCs, and who want to use AWS Transit Gateway to connect them with high performance and security.

This Quick Start was developed by Aviatrix Systems, Inc., in collaboration with AWS. Aviatrix Systems, Inc., is an APN Partner.

AWS Service Catalog administrators can add this architecture to their own catalog.

  •  What you'll build
  • Use this Quick Start to automatically set up the following environment on AWS:

    • An Aviatrix Orchestrator that includes the Aviatrix Controller in a highly available configuration that spans two Availability Zones. You can deploy the controller in a new VPC or use an existing VPC.
    • A VPC configured with public and private subnets according to AWS best practices, to provide you with your own virtual network on AWS.
    • AWS Transit Gateway, spoke VPC, and a high availability (HA) Aviatrix gateway at the edge. AWS Transit Gateway provides connectivity to on-premises networks via IPsec VPN or AWS Direct Connect.
    • An Amazon Elastic Compute Cloud (Amazon EC2) instance for the Aviatrix Controller.
    • An Aviatrix security group (named AviatrixSecurityGroup).
    • An Elastic IP address assigned to the Aviatrix Controller.
    • An AWS Identity and Access Management (IAM) EC2 role and attached policy.
    • An IAM App role and attached policy.
    • AWS Key Management Service (AWS KMS).
  •  How to deploy
  • To build an Aviatrix Orchestrator for AWS Transit Gateway environment in about 10 minutes, follow the instructions in the deployment guide. The deployment process includes these steps:

    1. If you don't already have an AWS account, sign up at, and sign in to your account.
    2. Subscribe to the Amazon Machine Image (AMI) for Aviatrix in AWS Marketplace. Choose the Aviatrix Secure Networking Platform PAYG - Metered license.
    3. Launch the Quick Start. You can choose from two options:
    4. Perform initial setup of the Aviatrix Controller.
    5. Create a primary access account.
    6. Deploy the Aviatrix Orchestrator.

    Amazon may share user-deployment information with the AWS Partner that collaborated with AWS on this solution.  

  •  Cost and licenses
  • You are responsible for the cost of the AWS services used while running this Quick Start reference deployment. There is no additional cost for using this Quick Start.

    The AWS CloudFormation template for this Quick Start includes configuration parameters that you can customize. Some of these settings, such as instance type, will affect the cost of deployment. For cost estimates, see the pricing pages for each AWS service you will be using. Prices are subject to change.

    Tip   After you deploy the Quick Start, we recommend that you enable the AWS Cost and Usage Report to track costs associated with the Quick Start. This report delivers billing metrics to an S3 bucket in your account. It provides cost estimates based on usage throughout each month, and finalizes the data at the end of the month. For more information about the report, see the AWS documentation.
    Aviatrix Controller offers metered licensing through AWS Marketplace. The Quick Start requires a subscription to the following Amazon Machine Image (AMI) for Aviatrix Controller: