Hello
We are looking at potentially implementing Transit GW (as opposed to VPC peering). However, one of the nice security features of VPC Peering is the ability to define Security Groups rules from another account, as referenced here: https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-security-groups.html
The peer VPC can be a VPC in your account, or a VPC in another AWS account. To reference a security group in another AWS account, include the account number in Source or Destination field; for example, 123456789012/sg-1a2b3c4d.
What we like about this capability is that we can define which EC2 instances can connect to our RDS Instances in another account.
Is there an equivalent construct / design approach for TGW?
Thanks!!!
Do you know if its on the roadmap? Any projected timelines?
Thanks!!