Transit Gateway

transit_gateway

Figure 1: Transit Gateway

For centralized deployment model, AWS Transit Gateway is a prerequisite. AWS Transit Gateway acts as a network hub and simplifies the connectivity between VPCs as well as on-premises networks. AWS Transit Gateway also provides inter-region peering capabilities to other Transit Gateways to establish a global network using AWS backbone.

We create three Transit Gateway route tables:

  1. Spoke Route Table. Spoke VPCs are associated with this route table. We create:
    • Default route with Inspection VPC C attachment as the target.
  2. Firewall Route Table. Inspection VPC C is associated with this route table. We create:
    • Default route with Egress VPC D attachment as the target.
    • Spoke VPC A CIDR route with Spoke VPC A attachment as the target.
    • Spoke VPC B CIDR route with Spoke VPC B attachment as the target.
  3. Egress Route Table. Egress VPC D is associated with this route table. We create:
    • Default route with Inspection VPC C attachment as the target.