ACE Inc. has a Direct Connect for their on-premise location to connect to AWS. Security team has recently been notified of issues where employees and contractors working from the on-premise location are using non-corporate (personal or public) S3 buckets using ACE Inc.'s Direct Connect. This is overwhelming the Direct Connect and also showing the source of traffic to these S3 buckets as ACE Inc. which has potential compliance and security risks.
As a cloud architect, you are tasked with securing the Direct Connect for specific ACE Inc. corporate S3 buckets access only. Which Aviatrix feature can help ACE Inc. overcome this problem?