Spoke VPCs


Figure 1: Spoke VPCs

Spoke VPCs A & B are designated as workload VPCs. Spoke VPCs do not have any direct Internet connectivity and are attached with AWS Transit Gateway for all east-west, or north-south communication. The default route in the VPC route tables towards AWS Transit Gateway ensures any traffic exiting a Spoke VPC will go to the Inspection VPC (discussed in next steps).

VPC Assigned CIDR
Spoke VPC A
Spoke VPC B