Accept or reject an Amazon Transit Gateway network function attachment - Amazon VPC
Accept or reject a network function attachment using the console
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Accept or reject an Amazon Transit Gateway network function attachment

You can use either the Amazon VPC console or the Amazon Network Firewall CLI or API to accept or reject a transit gateway network function attachment, including Network Firewall attachments. If you are the owner of a transit gateway and someone has created a firewall attachment to your transit gateway from another account, you need to accept or reject the attachment request.

To accept or reject a network function attachment using the Network Firewall CLI, see the AcceptNetworkFirewallTransitGatewayAttachment or RejectNetworkFirewallTransitGatewayAttachment APIs in the Amazon Network Firewall API Reference.

Accept or reject a network function attachment using the console

Use the Amazon VPC console to accept or reject a transit gateway network function attachment.

To accept or reject a network function attachment using the console

  1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

  2. In the navigation pane, choose Transit Gateways.

  3. Choose Transit gateway attachments.

  4. Select the attachment with a state of Pending acceptance and a type of Network function.

  5. Choose Actions, and then choose either Accept attachment or Reject attachment.

  6. In the confirmation dialog box, choose Accept or Reject.

If you accept the attachment, it becomes active and the firewall can inspect traffic. If you reject the attachment, it enters a rejected state and will eventually be deleted.