Importance of Transit Gateway in Anypoint Platform

Introduction

Anypoint Platform is multitenant integration platform as a service and it is used for wide use cases. MuleSoft introduce and keep enhancing the Anypoint Platform and recently they have added Transit Gateway as a part of Anypoint Platform. 

Transit Gateway acts as a Cloud Router in AWS and simplify the network access between VPC's, on premise data centers and third party software. It generally merge the on premise and cloud network into single network topology. You can add multiple transit gateway in your Anypoint Organization and that is completely depends on number of the Transit Gateway entitlement with your organizations.

To create Transit Gateway on Anypoint Platform, Anypoint Virtual Private Cloud and AWS Transit Gateway must exists in the same region. One of the main advantage of the Transit Gateway to simplify the network topology and merge all the network (On Premise or Cloud) to act as a single network topology.

With AWS transit gateway, you can connect on premise, cloud resources and also establish the connection with Direct connect and using Anypoint Transit gateway within Virtual Private Cloud you can connect AWS transit gateway.

Now, we will be take one of the use cases where Transit Gateway fits in Mule Ecosystem. 

XYZ Inc. is looking to implement MuleSoft for connecting below list of the resources.

• SaaS applications like Salesforce 
• SAP system in private AWS VPC 
• Web Services in other private AWS VPC 
• Databases in corporate data center. 

Cloud based solution where they don’t want to manage infrastructure and all applications must be highly available and fault tolerance.  Application can be access by fewer client publicly. API must be secured with OAuth JWT. Platform must have feature like Intelligent healing, Zero Down Time updates.

Here is the solution without Transit Gateway that can be implemented to cover above requirements.

In this solution, we create various network connection between CloudHub, AWS and Corporate Datacenter to access the resources by the application deployed in CloudHub Runtime Manager.

• VPC Peering for accessing resources like SAP located in AWS private VPC by CloudHub.
• VPC Peering for accessing resources like Webservices located in AWS private VPC by CloudHub.
• VPN IPSec Tunneling for accessing resources like Database located in Corporate Datacenter by CloudHub.
• SaaS application can be directly accessed by CloudHub over internet.

This network can further simplify using Transit Gateway that will connect to AWS Private VPC, Corporate Datacenter etc. and Transit Gateway can be attached to the CloudHub Runtime Manager. So, CloudHub can communicate to all resources located in AWS Private VPC or Corporate Datacenter via AWS Transit Gateway. 

In this approach, we are getting few advantages as listed below.

• Simplifies the network topology and merge all the network (On Premise or Cloud) to act as a single network topology.
• In future, there might be requirement to connect more AWS VPCs or other datacenter. In such cases, there will no changes on CloudHub. You need to simply enable connection between Transit Gateway and AWS VPCs or other Datacenters. In this ways, CloudHub can access new VPCs or other Datacenter via Transit Gateway.

Now, you know how and where Transit Gateway fitted in Anypoint Platform ecosystems.