VPC peering and Private Endpoints have limitations that make them unusable in some environments. Implementing native transit gateway support would allow admins with hybrid infrastructures and strict security requirements to control routing and security at a lower level then is currently supported. VPC peers do not support pass through routing, so organizations that use transit gateways to attach IPSEC tunnels or other external networks to AWS are unable to access atlas servers via these peer connections. Private Endpoints do allow connectivity in these cases, but cause an additional layer of expense, complexity, and reduced security. First, the "user" side still needs an underlying transit gateway network to route between networks without peering capability adding to cost and complexity. But the VPC endpoints don't listen on fixed ports, so security admins are unable to lock the service down based on service port. In the second case, simply adding transit gateways to the Atlas VPCs would eliminate the cost and additional complexity of the private endpoints. Improve throughput as traffic wouldn't be routed through the endpoint abstraction layer. And maintain direct access to port 27017 on the servers so that security can limit access and closely monitor open ports.