Key Concepts
Transit Gateway is a centralized network hub that allows easy and flexible connection of multiple Virtual Private Clouds (VPCs) and on-premises networks. It supports Multi-AZ (Multiple Availability Zones), a key technology that improves the fault tolerance and availability of applications, enabling disaster recovery and enhancing the overall system availability.
Transit gateway attachment
An attachment represents the source/destination of packets for a Transit Gateway, allowing you to select subnets per AZ within a VPC to configure Multi-AZ high availability. By creating a Transit Gateway attachment and associating it with a routing table, traffic can be centrally managed.
Route table
You can control the flow of traffic for resources by connecting VPCs, VPNs, and Direct Connect through the independent route table of the transit gateway. Route Tables can be centrally organized or configured in a simplified manner for various architectures of large-scale networks, such as isolated VPCs.
IAM-based role management
The role management of the transit gateway service follows IAM role-based access control (RBAC).
Access permissions
Project Members and Project Readers cannot access the transit gateway list, and only Project Admin has access and control capabilities.
| Category | Project Admin | Project Member | Project Reader |
|---|---|---|---|
| Create transit gateway | ✓ | ||
| View transit gateway | ✓ | ||
| Configure transit gateway | ✓ | ||
| Delete transit gateway | ✓ |
Attachment access permissions
Project Members and Project Readers cannot access the attachment list, and only Project Admin has access and control capabilities.
| Category | Project Admin | Project Member | Project Reader |
|---|---|---|---|
| Create attachment | ✓ | ||
| View attachment | ✓ | ||
| Configure attachment | ✓ | ||
| Approve attachment | ✓ | ||
| Delete attachment | ✓ |
Route table access permissions
Project Members and Project Readers cannot access the route table list, and only Project Admin has access and control capabilities.
| Category | Project Admin | Project Member | Project Reader |
|---|---|---|---|
| Create route table | ✓ | ||
| View route table | ✓ | ||
| Configure route table | ✓ | ||
| Delete route table | ✓ |