Revisit Amazon Web Services re:Invent 2024’s biggest moments and watch keynotes and innovation talks on demand
Routing
Amazon Transit Gateways supports dynamic and static layer 3 routing between Amazon Virtual Private Clouds (VPCs). Routes determine the next hop depending on the destination IP address of the packet, and can point to an Amazon VPC.
Amazon VPC feature interoperability
Amazon Transit Gateway enables the resolution of public DNS hostnames to private IP addresses when queried from Amazon VPCs that are also attached to the Amazon Transit Gateway.
An instance in an Amazon VPC can access a NAT gateway, Network Load Balancer, Amazon Web Services PrivateLink, and Amazon Elastic File System in others Amazon VPCs that are also attached to the Amazon Transit Gateway.
Monitoring
Amazon Transit Gateway provides statistics and logs that are then used by services such as Amazon CloudWatch and Amazon VPC Flow Logs. You can use Amazon CloudWatch to get bandwidth usage between Amazon VPCs, packet flow count, and packet drop count. You can also enable Amazon VPC Flow Logs on Amazon Transit Gateway so you can capture information on the IP traffic routed through the Amazon Transit Gateway.
Management
You can use the command-line interface (CLI), Amazon Web Services Management Console, or Amazon CloudFormation to create and manage your Amazon Transit Gateway. Amazon Transit Gateway provides Amazon CloudWatch metrics, such as the number of bytes sent and received between Amazon VPCs, the packet count, and the drop count. In addition, you can use Amazon VPC Flow Logs with Amazon Transit Gateway to capture information about the IP traffic going through the Amazon Transit Gateway attachment.
Security
Amazon Transit Gateway is integrated with Identity and Access Management (IAM), enabling you to manage access to Amazon Transit Gateway securely. Using IAM, you can create and manage users and groups of your Amazon Web Services services, and use permissions to allow and deny their access to the Amazon Transit Gateway.
Multicast
With Transit Gateway multicast, you can now easily create and manage multicast groups in the cloud, much easier than deploying and managing legacy hardware on premises. You can scale up and down your multicast solution in the cloud to simultaneously distribute a stream of content to multiple subscribers. With Transit Gateway multicast you have fine-grain control on who can produce and who can consume multicast traffic. Furthermore, you can use standard IGMP (Internet Group Management Protocol) for simplified management of multicast group membership on Transit Gateway.
Peering
With Amazon Transit gateway peering, you can establish peering connections between transit gateways in the same Amazon Web Services China region or across regions. Peering allows customers to directly route traffic between two transit gateways. Inter-region peering provides you with a simple and cost-effective way to share resources between Amazon Web Services China Regions or replicate data for geographic redundancy. Intra-region peering allows multiple teams within your organization to deploy their own transit gateways and easily interconnect their networks in the same Amazon Web Services China region.
Transit Gateway Connect
Amazon Transit Gateway Connect enables native integration of Software-Defined Wide Area Network (SD-WAN) appliances into Amazon Web Services. Customers can now seamlessly extend their SD-WAN edge into Amazon Web Services using standard protocols such as Generic Routing Encapsulation (GRE) and Border Gateway Protocol (BGP). It provides customers with added benefits such as improved bandwidth and supports dynamic routing with increased route limits, thus removing the need to set up multiple IPsec VPNs between the SD-WAN appliances and Transit Gateway.
Get started building with Amazon Transit Gateway in the Amazon Web Services Console.