- Newest
- Most votes
- Most comments
Hello.
To achieve connectivity between on-premises networks and AWS accounts, while controlling communication between VPCs with minimal operational effort.
A. Create a transit gateway in an AWS account. Share the transit gateway across accounts by using AWS Resource Access Manager (AWS RAM).
- Creating a single transit gateway allows you to centralize the connection between your VPCs and on-premises network. Sharing the transit gateway across multiple AWS accounts using AWS RAM simplifies the process of connecting VPCs across accounts.
B. Configure attachments to all VPCs and VPNs.
- After creating the transit gateway, you need to attach the VPCs and Site-to-Site VPN connections to the transit gateway. This enables communication between your on-premises network and the VPCs.
C. Setup transit gateway route tables. Associate the VPCs and VPNs with the route tables.
- Transit gateway route tables allow you to control the routing between VPCs and on-premises networks. By associating specific VPCs and VPNs with appropriate route tables, you can control which VPCs can communicate with each other and with your on-premises network.
https://000020.awsstudygroup.com/4-transigatewayattachments/
https://docs.aws.amazon.com/vpc/latest/tgw/tgw-connect.html
https://docs.aws.amazon.com/vpc/latest/peering/working-with-vpc-peering.html
Hello.
I thought that options A, B, and C were correct.
VPC peering cannot connect hundreds of VPCs due to quota limitations.
A maximum of 125 VPC peerings can be configured in one VPC.
Also, I think options E and F are wrong choices because they probably explain a single Site to Site VPN.
https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-connection-quotas.html
hello...isaac
To connect your on-premises network to your VPCs with the least operational effort and to control VPC communication, the best combination of steps would be:
1. Create a transit gateway in an AWS account. Share the transit gateway across accounts by using AWS Resource Access Manager (AWS RAM).
2. Configure attachments to all VPCs and VPNs.
3. Setup transit gateway route tables. Associate the VPCs and VPNs with the route tables.
These steps allow centralized routing and control over which VPCs can communicate, avoiding the complexity and limitations of VPC peering and individual VPC route tables.
https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-connection-quotas.html
Relevant content
- asked a year ago
- asked 6 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 2 years ago