The cloud infrastructure team at "SecureTech Solutions," managing hundreds of VPCs across multiple AWS accounts in AWS Organizations and needing to connect to an on-premises network via existing Site-to-Site VPN connections, requires a solution to control communication between VPCs with minimal administrative overhead. Which combination of steps will achieve this level of control with the LEAST operational effort? (Choose three.)