Transit Gateway

Transit Gateway:        
-        https://docs.aws.amazon.com/vpc/latest/tgw/what-is-transit-gateway.html

-       Transit hub for interconnecting VPCs as well as on-premise networks

-      -       REGIONAL resource, not global – but can work across accounts

-        Example: Can establish one VPN from home n/w to Transit G/w, then access to all connected VPCs

-        Can control who talks to whom via route table entries on Transit G/w and each VPC

-        Can attach the following to the gateway:

o   VPC

o   AWS Direct Connect Gateways

o   VPN

o   Peered Transit Gateways

-        Each Transit G/w is associated w 1 Route Table

-        Transit G/w Route Table - solves transitive peering!

-        1 per VPC by default, but can add multiple

-        Dynamic/static routes to other VPCs/VPNs

-      -        Anything attached gets an entry in  the route table by default

-      -        Dynamic Propagation - can configure VPC to propagate all its routes to the Transit G/w. But can have static routes also. VPN would propagate via BGP.

-      -        Direct links (comms?) can’t connect directly into the Transit G/w - need Direct Connect gateway 

         Without Transit Gateway:

         

With Transit Gateway:

    

-        Source: https://aws.amazon.com/transit-gateway/