Written by @Fran_Tello 

1. Keep the existing TGW-based architecture and introduce an intermediate C8Kv router that peers via eBGP with your vMX and with eBGP over GRE with the TGW
2. Use the TGW-vMX quickstart which uses Lambda functions to maintain routing information in your TGWs based on the availability of your vMXs: https://aws-quickstart.github.io/quickstart-cisco-meraki-sd-wan-vmx/
3. Transition the customer to CloudWAN tunnel-less connect, which does not require GRE encapsulation in BGP. Think of Cloud WAN as a natively multi-region TGW construct, similar to vWAN Hubs in Azure.
1. We have this documentation article on how to set this up: https://documentation.meraki.com/MX/Deployment_Guides/Deploying_Meraki_vMX_in_a_Transit_VPC_with_AWS...
2. I also made a yet unpublished migration guide to move from TGW to Cloud WAN: https://cisco.box.com/s/96hn1fquaep6pf36bstkckqn2ytxzju0
4. Untested: It may be possible to use the MX19 BGP in IPsec capability to peer a vMX to a TGW, as TGWs also support IPsec encapsulation, but we have not tested this use case.
1. https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/aws-transit-gateway-vpn....
2. https://documentation.meraki.com/MX/Site-to-site_VPN/BGP_routing_over_IPsec_VPN