https://fortinetcloudcse.github.io/fortinet-ui-terraform/3_example_templates/3_2_autoscale_template/3_3_configuration.htmlPost-Deployment Configuration Configure TGW Route Tables If you enabled enable_tgw_attachment = true, configure Transit Gateway route tables to route traffic through inspection VPC: For Centralized Egress Spoke VPC route table (route internet traffic to inspection VPC): # Get inspection VPC TGW attachment ID INSPECT_ATTACH_ID=$(aws ec2 describe-transit-gateway-attachments \ --filters "Name=resource-type,Values=vpc" \ "Name=tag:Name,Values=*inspection*" \ --query 'TransitGatewayAttachments[0].TransitGatewayAttachmentId' \ --output text) # Add default route to spoke route table aws ec2 create-transit-gateway-route \ --destination-cidr-block 0.0.0.0/0 \ --transit-gateway-route-table-id <spoke-rt-id> \ --transit-gateway-attachment-id $INSPECT_ATTACH_ID Inspection VPC route table (route spoke traffic to internet):Hugoen-US