Quick, practical moves in cloud, security, and AI.
Hello Again 👋🏿
If you’re building in AWS, you’ll eventually hit this question:
“Should we use VPC peering, or is it time for Transit Gateway?”
Let’s break down what these services actually do, when to use each, and how to avoid the headaches I see teams run into every year.
🧠 What Are VPC Peering and Transit Gateway?
VPC Peering is a way to connect two Virtual Private Clouds (VPCs) so they can talk to each other privately, without going over the public internet.
Think of it as a private tunnel between two neighborhoods.
It’s direct, fast, and secure.
You set up a peering connection, update your route tables, and you’re done.
No extra AWS infrastructure to manage.
AWS Transit Gateway is a central hub that connects multiple VPCs (and even on-premises networks) together.
Instead of building a web of tunnels, you connect every neighborhood to a single city center.
It’s designed for scale.
You attach each VPC to the Transit Gateway, and it handles the routing.
You can connect VPCs across multiple AWS accounts, and even link to your data center.
Official docs:
☁️ When VPC Peering Makes Sense
If you’re running a small setup—maybe two or three VPCs, all in the same AWS account—peering is perfect.
It’s free to set up (you only pay for the data you move).
There’s no extra infrastructure to manage.
It’s low-latency and private.
But:
Peering is always one-to-one.
If you want VPC A to talk to VPC B, and B to C, and A to C, you need three separate peering connections.
This is fine for a handful of VPCs.
But as you grow, the number of connections (and route table entries) explodes.
🔄 When Transit Gateway Becomes the Better Choice
If you’re planning to grow, or you’re already running more than five VPCs, Transit Gateway is your friend.
It acts as a central router for all your VPCs.
You only need one connection per VPC, no matter how many you have.
It works across multiple AWS accounts and regions.
You can connect your on-premises network too.
Transit Gateway does cost more than peering, but it saves you hours of network management and reduces the risk of mistakes.
If you’re making frequent changes, or you’re tired of updating 10+ route tables every time something changes, Transit Gateway is worth it.
💸 AWS Pricing—The Simple Version
AWS pricing can be confusing, so here’s the quick version:
VPC Peering:
No monthly fee.
You pay about $0.01 per GB of data transferred between VPCs.
Transit Gateway:
About $36/month for each VPC you connect.
$0.02 per GB of data moved through the gateway.
If you’re small and not moving much data, peering is cheaper.
If you’re growing, the time you save with Transit Gateway is often worth the extra cost.
🚩 Common Mistakes (And How to Dodge Them)
Mistake 1:
Jumping to Transit Gateway too early.
If you only have two VPCs, you’re just paying for extra infrastructure you don’t need.
Mistake 2:
Sticking with peering for too long.
If you’re managing more than five VPCs, you’re probably wasting time and increasing your risk of mistakes.
Mistake 3:
Not planning for multi-account growth.
If you’re planning to split workloads into multiple AWS accounts, Transit Gateway will save you a ton of pain later.
Mistake 4:
Forgetting about routing complexity.
Every new peering connection means more routes to update.
Transit Gateway centralizes this, so you only have to update routes in one place.
🏗️ Real-World Moves
Here’s what I tell teams:
If you’re just starting out, keep it simple.
Use peering for up to five VPCs, especially if you’re not growing fast.
As soon as you hit five VPCs, or you’re adding new accounts, start planning your Transit Gateway migration.
If you’re making network changes every month, Transit Gateway will save you time and reduce mistakes.
And if you’re not sure?
Draw your network on a whiteboard.
If it looks like a spider web, it’s time for Transit Gateway.
🍪 Wrap-Up
AWS gives you options, but not every option is right for every stage.
Start with peering if you’re small and stable.
Move to Transit Gateway when growth and complexity demand it.
Don’t let your network become the thing that slows you down.
Reply and tell me: What’s your VPC story? Ever had to untangle a peering mess?
— Mike
P.S. If you’re about to add your sixth VPC, forward this to your team. Trust me, you’ll thank yourself later.
Official AWS Documentation Links: