Files

.git-crypt
codeSample
contents
- acm
- api-gateway
- athena
- cloudformation
- cloudfront
- cloudhsm
- cloudtrail
- cloudwatch
- compromised-resources
- config_cost_explorer
- data_protection
- detective
- direct_connect
- ec2
- ecr
- event-bridge
- firewall-and-shield
- glue
- guard_duty
- iam
- infrastructure-and-security
- inspector
- kms
- lambda
- load_balancing
- logging
- macie
- opensearch
- organizations_and_accout_tower
- other_services
- policy
- route53
- s3
- secrets_manager
- security-hub
- security-testing
- security_groups_NACLs
- signer_and_verified_access
- simple-email-service
- transit-gateway
  - README.md
  - gateway_between_accounts.png
  - site-to-site-map.png
  - throughput_vpn_to_private_gateway.png
  - throughput_vpn_to_transit_gateway.png
  - topology_complicated.png
  - transite_gateway.png
- vpc
.gitattributes
.gitignore
README.md

README.md

Add| rearrange folder structure

Jan 11, 2024

d371167 · Jan 11, 2024

Transit Gateway

Network topologies can become complicated

Solution to this is Transit Gateway

For having transitive peering between thousands of VPC and on-premises, hub-and-spoke (star) connection
Regional resource, can work cross-region
Share cross-account using Resource Access Manager (RAM)
You can peer Transit Gateways across regions
Route Tables: limit which VPC can talk with other VPC
Works with Direct Connect Gateway, VPN connections
Supports $I P M u l t i c a s t$ (not supported by any other AWS service)

Site to Site VPN ECMP

ECMP = Equal-cost multi-path routing
Routing strategy to allow to forward a packet over multiple best path
Use case: create multiple Site-to-Site VPN connections to increase the bandwidth of your connection to AWS

Throughput with ECMP

VPN To Private Gateway

VPN To Transit Gateway

Share Direct Connect between multiple accounts