What is AWS Transit Gateway?

AWS Transit Gateway is a service that allows customers to connect multiple VPCs and their on-premises networks together.

Simplification is the key solution here. Before Transit Gateway, you had to use VPC Peering to connect VPCs, and that too one VPC Peering per pair of VPCs made it an administration nightmare. Also, to join in on-premise network(s) you needed VPNs. Transit Gateway makes it simple by acting as a hub that allows all these components to talk to each other.


A scenario before Transit Gateway:

A scenario before Transit Gateway

Image courtesy of AWS


Same scenario after Transit Gateway:

Same scenario after Transit Gateway

Image courtesy of AWS


Note: for Direct Connect, you have to use Direct Connect Gateway to connect to Transit Gateway


Features of AWS Transit Gateway

  • Simplified network connectivity, and thus easier administration
  • Transit Gateway inter-Region peering encrypts traffic
  • Centralized view of connectivity to easily monitor the connections
  • Transit Gateway supports both dynamic and static routing between attached VPCs and VPNs
    • Transit Gateway does not support routing between VPCs with overlapping CIDRs
    • Transit Gateway supports VPCs with IPv6 CIDRs
  • Transit Gateway supports all compliance requirements that are supported by VPC (e.g., PCI DSS Level 1, HIPAA, etc.)


Limits and Constraints

  • Maximum of 5,000 attachments per Transit Gateway
  • Maximum of 5 Transit Gateways per Region per account
  • Maximum of 20 Direct Connect Gateways per Transit Gateway



There are two elements you are charged on:

  • Number of connections to the Transit Gateway – charged per each connection per hour
  • Amount of data transferred through Transit Gateway – per each GB


External Resources