Abstract
Data sharing
- The Hub could be a central data repo or database, applications in each Spoke can access and use this data
2 Components
Hub
- Serves as a central point for communication & data exchange with multiple Spoke resources
Spoke
Benefits
Ease of management
- Spoke only needs to form a 1-1 connection with hub to access other Spoke, instead of 1-many in order to communicate many other Spoke
- Simplifies network management and allows for easier scalability (Just to update Hub, so all other Spoke can access the new Spoke)
More secure & reliable
Enhanced Security: since all traffic goes through the hub, we can
- Enforce consistent security policies
- Monitor traffic
- Apply additional layers of security
Cons
Single Point of Failure
- If Hub is down, all the Spoke are down. Thus, entire system is down
- Make use of redundancy & high-availability on the Hub to mitigate this drawback
AWS Setup Example
VPC
- A central VPC contains shared resources, services or security controls
- Other VPC act as spoke, representing isolated environments for different applications or teams
Transit Gateway
- Allows connecting multiple VPC connections
