AWS vpc documentation change
Summary
Added encryption control concept and cost allocation details
Security assessment
Introduces encryption enforcement as a core feature but doesn't address vulnerabilities.
Diff
diff --git a/vpc/latest/tgw/what-is-transit-gateway.md b/vpc/latest/tgw/what-is-transit-gateway.md index dccd660e3..b36c4689a 100644 --- a//vpc/latest/tgw/what-is-transit-gateway.md +++ b//vpc/latest/tgw/what-is-transit-gateway.md @@ -34,0 +35,2 @@ The following are the key concepts for transit gateways: + * Encryption control — A transit gateway can be configured to support Encryption control, which enforces encryption-in-transit for all traffic on VPCs attached to the transit gateway. When Encryption control is enabled, the transit gateway can be attached to VPCs with Encryption control enforced. This feature ensures that all traffic flowing through the transit gateway is encrypted, providing enhanced security for your network communications. + @@ -74 +76 @@ You can create, access, and manage your transit gateways using any of the follow -You are charged hourly for each attachment on a transit gateway, and you are charged for the amount of traffic processed on the transit gateway. For more information, see [AWS Transit Gateway pricing](https://aws.amazon.com/transit-gateway/pricing/). +You are charged hourly for each attachment on a transit gateway, and you are charged for the amount of traffic processed on the transit gateway. By default, data processing charges are allocated to the account that owns the source attachment. You can use flexible cost allocation to customize how these charges are allocated based on your organizational needs. For more information, see [AWS Transit Gateway pricing](https://aws.amazon.com/transit-gateway/pricing/) and [Flexible cost allocation](./metering-policy.html).