Setup AWS Transit Gateway

Wed, 12 Dec 2018 15:00:07 +0000

Amazon announced a new service at re:Invent 2018 in Las Vegas, called the AWS Transit Gateway. The Transit Gateway allows you to connect multiple VPCs together as well as VPN tunnels to on-premises networks through a single gateway device. As a consultant, I talk with customers often, about how they will plan to connect their data center with the AWS cloud, and how to interconnect all of those VPCs. In the past a solution like Aviatrix or a Cisco CSR transit gateway was used which leveraged some EC2 instances that lived within a VPC. You’d then connect spoke VPCs together via the use of VPN tunnels. With this new solution, there is a native service from AWS that allows you to do this without the need for VPN tunnels between spoke VPCs and you can use the AWS CLI/CloudFormation or console to deploy everything you need. This post takes you through an example of the setup of the AWS Transit Gateway in my own lab environment.

AWS Resource Access Manager

Mon, 10 Dec 2018 15:00:44 +0000

At AWS re:Invent this year in Las Vegas, Amazon announced a ton of services, but one that caught my eye was the AWS Resource Access Manager. This is a service that facilitates the sharing of some resources between AWS accounts so that they can be used or referenced across account boundaries. Typically, an AWS account is used as a control plane boundary (or billing boundary) between environments, but even then resources will need to communicate with each other occasionally. Now with AWS Resource Access Manager (RAM) we can shared Hosted DNS zones, Transit Gateways and other objects. This list will undoubtedly grow over time. This post will show you how you can share another new service, the AWS Transit Gateway, across multiple accounts within your organization.

Tgw on The IT Hollow

Setup AWS Transit Gateway

AWS Resource Access Manager