CloudHub is more like a strategy/architecture than a service, right? I mean, it is implemented using a single private gateway connected to multiple gateways. And the main difference for a Transit Gateway (I believe is preferred) is the fact that Transit Gateway implies the connection of VPCs, while I could use CloudHub without a VPC. Is all that correct? Any comments/corrections will be appreciated.
And, BTW, can I really use a Private Gateway while it is detached (in red), i.e., without a VPC?
Jan’s explaination is really good so nothing to add there. However, I would caution on declaring Transit Gateways as preferred. Gateways can simplify your network but there are some reasons why a more traditional transit VPC might be used. Practically speaking, some people don’t like the fact that a Transit Gateway is kind of a black box.
AWS will be the first to say there is no "best" way because of so many different variables. (See AWS Transit Gateway Tech Talk: https://www.youtube.com/watch?v=A_2qq9fFxVU). For the exam, it’s important to know the general use cases where a Transit VPC or a Transit Gateway might be used but I wouldn’t worry about which is "right".