AWS-VPC-TransitGw-default-route-table-propagation-disable
Severity: High
Description: This control ensures default route table propagation is disabled for Transit Gateways.  A transit gateway scales elastically based on the volume of network traffic. Default route table propagation automatically propagate routes from attachments into the default route table. This will allow anything connected to the default route table to route to each other.
Remediation Steps:
Perform following to modify VPC Transit Gateway route:
Login to the AWS Management Console at https://console.aws.amazon.com.
Navigate to VPC console.
In the left pane,  click on Transit Gateway.
Select the required Gateway, and click on Actions and select Modify
Uncheck Default route table propagation
Click on Modify Transit Gateway.
Important:
Reference:
Blue Hexagon Proprietary