Migrate CWPP Agents
There are two methods you can use to move CWPP agents to new POPs.
To migrate CWPP agents using a helper script:
The helper script is used to create an endpoint and hosted zone in agent VPCs.
Delete the stack which is created after deploying the helper script. It deletes the resources created as part of it namely endpoint and DNS hosted zone.
Deploy the helper script with new POP details. Now the endpoint connecting to the new POP privateLink service and DNS hosted zone for the same is created.
After the next sync, all agents are managed and associated with the new POP.
To manually create an endpoint:
Manual creation of endpoint and hosted zone in agent VPCs.
Create an endpoint for the new POP privateLink services in the AWS console.
If the DNS hosted zone is already created, enter the record sets of created endpoints else create DNS hosted zone and enter the record sets of created endpoints.