Amazon VPC Ingress Routing is a service that helps customers simplify the integration of network and security appliances within their network topology. With Amazon VPC Ingress Routing, customers can define routing rules at the Internet Gateway (IGW) and Virtual Private Gateway (VGW) to redirect ingress traffic to third-party appliances, before

Internet Gateway (IGW) This also performs NAT, but unlike the above, it performs a static NAT. Put simply, there is static record as follows: Internal HOST IP <-> Public IP Assigned to the Internal Host. Note a host inside an AWS VPC is only aware of it's own private ip within the VPC. The public IP assigned to it is only used by the Internet

Traffic between an Amazon VPC and AWS Transit Gateway remains on the AWS global private network and is not exposed to the public internet. AWS Transit Gateway inter-Region peering encrypts all traffic, with no single point of failure or bandwidth bottleneck.

