AWS Certified Solutions Architect - Associate (SAA-C02)

Sign Up Free or Log In to participate!

Private links versus Transit Gateways

How is Transit Gateway different from Private link. what are the different scenarios in which we should choose one among them

1 Answers

AWS PrivateLink is best suited for scenarios where you want to share a single service to many VPCs when connecting them to supported services: AWS Marketplace applications, AWS services, and your own VPCs.

The choice between Transit Gateway, VPC peering, and AWS PrivateLink is dependent on connectivity.

AWS PrivateLink — Use AWS PrivateLink when you have a client/server set up where you want to allow one or more consumer VPCs unidirectional access to a specific service or set of instances in the service provider VPC. Only the clients in the consumer VPC can initiate a connection to the service in the service provider VPC. This is also a good option when client and servers in the two VPCs have overlapping IP addresses as AWS PrivateLink leverages ENIs within the client VPC such that there are no IP conflicts with the service provider. You can access AWS PrivateLink endpoints over VPC Peering, VPN, and AWS Direct Connect.

VPC peering and Transit Gateway — Use VPC peering and Transit Gateway when you want to enable layer-3 IP connectivity between VPCs.

Your architecture will contain a mix of these technologies in order to fulfill different use cases. All of these services can be combined and operated with each other. For example, AWS PrivateLink handling API style client-server connectivity, VPC peering for handling direct connectivity requirements where placement groups may still be desired within the Region or inter-Region connectivity is needed, and Transit Gateway to simplify connectivity of VPCs at scale as well as edge consolidation for hybrid connectivity.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?