If someone wants to run a VPN appliance (or two - for redundancy) in each VPC then this will work. But it's an expensive way to go (many virtual appliances required; potentially significant network resources on premises also required; probably lots of configuration as VPCs come and go) so I'm not sure I'd recommend it.
Another alternative is to use a Direct Connect Public VIF (which removes the requirement for Direct Connect Gateway) and have a VPN connection to Transit Gateway. This has the advantage of using a managed service at the AWS end but has a disadvantage of limiting flows to 1.5 Gb/s and overall bandwidth to 10 Gb/s.
Is using Direct Connect Gateway a requirement?
In summary: This is probably an area where I would raise a SpecReq to drill down into requirements for encryption and the best way to achieve connectivity - as it's going to be different for every customer.
Business case for direct connect vs VPNAccepted Answerasked 2 years ago
Is it better to have a single Direct Connect Gateway or multiple Direct Connect Gateways?Accepted AnswerEXPERTasked 5 months ago
Migrate VPN to Direct Connect+Transit GatewayAccepted Answer
VPN over Direct Connect with Direct Connect GatewayAccepted Answerasked 2 years ago
VPN over Direct Connect with Transit GatewayAccepted Answer
Connect remote sites using VPN to access on-prem via existing Direct Connect?Accepted Answerasked 6 months ago
Direct Connect Gateway pricing?Accepted Answerasked 5 years ago
Transit Gateway to Direct Connect Gateway to Transit GatewayAccepted Answerasked 3 years ago
Single DC-GW connected to multiple direct-connect linksAccepted Answerasked 7 months ago
Private link access over direct connect - Direct Connect GatewayAccepted Answerasked 4 years ago