- Newest
- Most votes
- Most comments
What your looking for is a Hub and spoke topology. Yes you can achieve this the way you describe. Either way will work. If you want something simple, create a new VPN VPC (HUB), then peer each VPC to this central HUB VPC. In the HUB VPC setup VPN to here. Remember VPC Peering isnt transitive, only the Hub will be able too connect to the other VPCs directly.
Transit gateway will give you a full mesh and is easier to manage than peering all VPC's with each other..
Question: Do you have any CIDR overlap?
Keep in mind Transit Gateway is a regional construct, you can not attach a VPC in other region to a Transit gateway in other region.
In general, having dependency on one region for connectivity to two other regions is sort of anti-pattern, you may want to look at options to connect to three regions independently to each other from resiliency standpoint.
Why use a 3rd party piece of software when you can use transit gateway peering to peer another TG in another region and build your multi region transit gateway deployment.
I removed that particular comment of using 3rd party appliance. TGW inter-region peering will work however there is still dependency on that one TGW for connectivity to three regions. Also, TGW peering only supports Static routing today, no dynamic routing over peering connection.
Relevant content
- asked 8 months ago
- asked 2 months ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 8 months ago
so it is not possible that the 2 branches to communicate with each other ?