Why and How my Lambda(in VPC) is able to connect DynamoDB without VPC endpoint nor NAT GW

Question

I read many posts about how to connect DynamoDB when using a lambda in VPC. They all talk about either I need to create VPC Endpoint and use it for Dynamo client configuration or I need to configure NAT gateway.

But, at the moment, in my current existing app, I don't use none of these. But, my lambda works ok. Only I see severe timeout when I execute benchmark tests which many people recommend using VPCE.

I just can't figure out how my lambda currently works (connect DDB and read/write there).
My lambda lives in VPC as I am also connecting Aurora Postgres.

In my account, I can't locate any single VPC endpoint nor NAT gateway. So, this just confuses me.

Answer 1

As I mentioned in my question, I re-confirmed that I can't locate either VPCE or NAT GW. I checked the correct region.

So, there is another case that, I believe, needs to be included as part of these documents or posting to avoid any confusion like this.

The scenario is that VPC can be connected to a TGW. Then, my VPC doesn't need to have the IGW/NAT to reach out to internet. All non local traffic will be routed to TGW and there it will be taken care of assuming there is IGW or NAT. They call it "Centralized outbound routing"

Centralized outbound routing to the internet using TGW

The following diagram shows the key components of the configuration for this scenario. You have applications in VPC A and VPC B that need outbound only internet access. You configure VPC C with a NAT gateway and an internet gateway. Connect all VPCs to a transit gateway. Configure routing so that outbound internet traffic from VPC A and VPC B traverses the transit gateway to VPC C. The NAT gateway in VPC C routes the traffic to the internet gateway