Routing

Amazon Transit Gateways supports dynamic and static layer 3 routing between Amazon Virtual Private Clouds (VPCs). Routes determine the next hop depending on the destination IP address of the packet, and can point to an Amazon VPC.

Amazon VPC feature interoperability

Amazon Transit Gateway enables the resolution of public DNS hostnames to private IP addresses when queried from Amazon VPCs that are also attached to the Amazon Transit Gateway.

An instance in an Amazon VPC can access a NAT gateway, Network Load Balancer, Amazon Web Services PrivateLink, and Amazon Elastic File System in others Amazon VPCs that are also attached to the Amazon Transit Gateway.

Monitoring

Amazon Transit Gateway provides statistics and logs that are then used by services such as Amazon CloudWatch and Amazon VPC Flow Logs. You can use Amazon CloudWatch to get bandwidth usage between Amazon VPCs, packet flow count, and packet drop count. You can also enable Amazon VPC Flow Logs on Amazon Transit Gateway so you can capture information on the IP traffic routed through the Amazon Transit Gateway.

Management

You can use the command-line interface (CLI), Amazon Web Services Management Console, or Amazon CloudFormation to create and manage your Amazon Transit Gateway. Amazon Transit Gateway provides Amazon CloudWatch metrics, such as the number of bytes sent and received between Amazon VPCs, the packet count, and the drop count. In addition, you can use Amazon VPC Flow Logs with Amazon Transit Gateway to capture information about the IP traffic going through the Amazon Transit Gateway attachment.

Security

Amazon Transit Gateway is integrated with Identity and Access Management (IAM), enabling you to manage access to Amazon Transit Gateway securely. Using IAM, you can create and manage users and groups of your Amazon Web Services services, and use permissions to allow and deny their access to the Amazon  Transit Gateway.

Multicast

With Transit Gateway multicast, you can now easily create and manage multicast groups in the cloud, much easier than deploying and managing legacy hardware on premises. You can scale up and down your multicast solution in the cloud to simultaneously distribute a stream of content to multiple subscribers. With Transit Gateway multicast you have fine-grain control on who can produce and who can consume multicast traffic. Furthermore, you can use standard IGMP (Internet Group Management Protocol) for simplified management of multicast group membership on Transit Gateway.

Peering

With Amazon Transit gateway peering, you can establish peering connections between transit gateways in the same Amazon Web Services China region or across regions. Peering allows customers to directly route traffic between two transit gateways. Inter-region peering provides you with a simple and cost-effective way to share resources between Amazon Web Services China Regions or replicate data for geographic redundancy. Intra-region peering allows multiple teams within your organization to deploy their own transit gateways and easily interconnect their networks in the same Amazon Web Services China region.

Transit Gateway Connect

Amazon Transit Gateway Connect enables native integration of Software-Defined Wide Area Network (SD-WAN) appliances into Amazon Web Services. Customers can now seamlessly extend their SD-WAN edge into Amazon Web Services using standard protocols such as Generic Routing Encapsulation (GRE) and Border Gateway Protocol (BGP). It provides customers with added benefits such as improved bandwidth and supports dynamic routing with increased route limits, thus removing the need to set up multiple IPsec VPNs between the SD-WAN appliances and Transit Gateway.

Learn more about product pricing

Simple pricing based on the amount of data.

Learn more 
Sign up for a free account

Instantly get access to the Amazon Web Services Free Tier. 

Sign up 
Start building in the console

Get started building with Amazon Transit Gateway in the Amazon Web Services Console.

Get started