Homepage » Amazon Web Services Solutions » Compute & Networking » Network Orchestration for Amazon Transit Gateway

Network Orchestration for Amazon Transit Gateway

Automate setting up and managing your transit networks with Amazon Transit Gateway

Overview

The Network Orchestration for Amazon Transit Gateway solution automates the process of setting up and managing transit networks in distributed Amazon Web Services environments. This solution allows customers to visualize and monitor their global network from a single dashboard rather than toggling between Regions from the Amazon Web Services Console. It creates a web interface to help control, audit, and approve transit network changes.

Benefits

Cross-account and cross-Region capability

Automate the process of setting up and managing transit networks in multi-account Amazon Web Services environments.

Change management

Use the web user interface to either accept or reject connectivity requests when manual approval is required.

Web user interface

Deploy a web user interface to control, audit, and approve transit network changes.

Compliance

Use rules to automatically accept or reject network changes based on the Organization Unit (OU).

Technical details

You can automatically deploy this architecture using the implementation guide and the accompanying Amazon CloudFormation templates.

适用于 Amazon Transit Gateway 的网络编排 | 架构流程图

Step 1
This template deploys an Amazon EventBridge rule that monitors specific virtual private cloud (VPC) and subnet tag changes.

Step 2
An EventBridge rule in the spoke account sends the tags to the EventBridge bus in the hub account.

Step 3
The rules associated with the EventBridge bus invoke an Amazon Lambda function to start the solution workflow.

Step 4
Amazon Step Functions (solution state machine) processes network requests from the spoke accounts.

Step 5
The state machine workflow attaches a VPC to the transit gateway.

Step 6
The state machine workflow updates the VPC route table associated with the tagged subnet.

Step 7
The state machine workflow updates the transit gateway route table with association and propagation changes.

Step 8
(Optional) The state machine workflow updates the attachment name with the VPC name and the OU name for the spoke account (retrieved from the Org Management account).

Step 9
The solution updates Amazon DynamoDB with the information extracted from the event and resources created, updated, or deleted in the workflow.

Use cases for this Amazon Web Services Solutions

Compute & Networking

About this deployment

Version

3.3.4

Released

4/2024

Author

Amazon

Est. deployment time

25 分钟

Estimated cost

See details

View implementation guide

Download implementation guide Source code CloudFormation templates

Deployment options

Ready to get started?

Deploy this solution by launching it in your Amazon Web Services Console

Launch in the Amazon Web Services Console

Need help? Deploy with a partner.

Find an Amazon Web Services Certified third-party expert to assist with this deployment

Deploy with an Amazon IQ expert

“Australia Post is a self-funded postal service business with both commercial and community service obligations, serving 12.3 million delivery points across Australia. Our organization is made up of 35,000 employees so when we needed to expand our cloud technologies to scale our network across our growing cloud infrastructure with siloed VPCs and on-premises data centers, we experienced significant latency issues. The Network Orchestration for Amazon Transit Gateway solution allowed us to automate our configuration and customize our network setup based on our needs with AmazonTransit Gateway, reducing our network setup time from weeks to minutes, resulting on the final solution reaching 13X improved network traffic speeds between accounts.”

Jason Gorringe, Cloud Services Manager

Australia Post