The Network Orchestration for AWS Transit Gateway solution automates the process of setting up and managing transit networks in distributed AWS environments. This solution allows customers to visualize and monitor their global network from a single dashboard rather than toggling between Regions from the AWS Console. It creates a web interface to help control, audit, and approve transit network changes.
Automate the process of setting up and managing transit networks in multi-account AWS environments.
Use the web user interface to either accept or reject connectivity requests when manual approval is required.
Deploy a web user interface to control, audit, and approve transit network changes.
Use rules to automatically accept or reject network changes based on the Organization Unit (OU).
The following diagram presents the architecture you can automatically deploy using the solution's implementation guide and accompanying AWS CloudFormation templates.
This template deploys an Amazon EventBridge rule that monitors specific virtual private cloud (VPC) and subnet tag changes.
An EventBridge rule in the spoke account sends the tags to the EventBridge bus in the hub account.
The rules associated with the EventBridge bus invoke an AWS Lambda function to start the solution workflow.
AWS Step Functions (solution state machine) processes network requests from the spoke accounts.
The state machine workflow attaches a VPC to the transit gateway.
The state machine workflow updates the VPC route table associated with the tagged subnet.
The state machine workflow updates the transit gateway route table with association and propagation changes.
(Optional) The state machine workflow updates the attachment name with the VPC name and the OU name for the spoke account (retrieved from the Org Management account).
Getting into the Serverless Mindset
Learn how to move forward without provisioning, scaling, or managing servers.
Subnets, Gateways, and Route Tables Explained
In this course, we will use sample three-tiered architecture to better understand how certain network components can help you effectively network your application. We review the differences between public and private subnets and discuss how gateways and route tables can be used for network routing.