AWS Certified Solutions Architect - Professional 2020

Sign Up Free or Log In to participate!

Why Transitive Peering is a Con?

I came across a slide when I was going through your VPC to VPC connectivity that had mentioned Transitive Peering as a con. I am not sure why you had mentioned it as a con but to me, that is a security measure from the AWS which helps a lot when you have multiple AWS accounts and a lot of VPCs in it. Could you please weigh in on that? Thanks.

sean_13_

If I had to guess, and this is me taking a shot in the dark here, it’s because once an org grows to a certain point VPC peering becomes unwieldy. This is, in part, due to the lack of transitive communication and thus why the concept of transit gateways exist. While I personally agree with you that transitive communication via VPC peering would be a security issue, I think the ACG folks look at this as a con in terms of efficiency- as in "life would be easier if VPC peering allowed for transitive communication, as you wouldn’t be required to setup and maintain a transit gateway".

0 Answers

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?