Automated route propagation among networks attached to scalable virtual traffic hubs

What is claimed is: 1. A computer-implemented method, comprising: establishing a hub for packets transmitted between a plurality of networks, wherein the hub comprises resources within a first isolated virtual network of a cloud computing environment; associating, based at least in part on input received via one or more programmatic interfaces of the cloud computing environment, a plurality of isolated virtual networks as spokes in a hub-and-spoke configuration comprising the hub, wherein the plurality of isolated virtual networks include a second isolated virtual network and a third isolated virtual network; and transmitting, via the hub, (a) at least some packets which originate at a premise external to the cloud computing environment to the second isolated virtual network and (b) at least some packets which originate at the premise external to the cloud computing environment to the third isolated virtual network. 2. The computer-implemented method as recited in claim 1 , further comprising: storing a representation of a security group associated with the second isolated virtual network, wherein the security group comprises one or more filtering rules for traffic of the second isolated virtual network; and verifying that transmission, to the second isolated virtual network, of a particular packet which originates at the premise outside the cloud computing environment complies with the one or more filtering rules. 3. The computer-implemented method as recited in claim 1 , wherein the cloud computing environment comprises at least a first availability zone and a second availability zone, wherein at least a portion of the second isolated virtual network is configured within the first availability zone, the computer-implemented method further comprising: transmitting, via the hub, a packet originating at the second isolated virtual network to a destination within the second availability zone. 4. The computer-implemented method as recited in claim 1 , further comprising: obtaining, via the one or more programmatic interfaces, routing information for transmitting packets via the hub. 5. The computer-implemented method as recited in claim 1 , wherein at least one packet which originates at the premise external to the cloud computing environment is received at the hub via a direct dedicated link configured between the premise and the cloud computing environment. 6. The computer-implemented method as recited in claim 1 , further comprising: propagating, via the hub to the third virtual network, an indication of a change of a routing table of the second isolated virtual network. 7. The computer-implemented method as recited in claim 1 , wherein the resources within the first isolated virtual network include one or more virtual machines. 8. A system, comprising: one or more computing devices; wherein the one or more computing devices include instructions that upon execution on or across the one or more computing devices: establish a hub for packets transmitted between a plurality of networks, wherein the hub comprises resources within a first isolated virtual network of a cloud computing environment; associate, based at least in part on input received via one or more programmatic interfaces of the cloud computing environment, a plurality of isolated virtual networks as spokes in a hub-and-spoke configuration comprising the hub, wherein the plurality of isolated virtual networks include a second isolated virtual network and a third isolated virtual network; and transmit, via the hub, (a) at least some packets which originate at a premise external to the cloud computing environment to the second isolated virtual network and (b) at least some packets which originate at the premise external to the cloud computing environment to the third isolated virtual network. 9. The system as recited in claim 8 , wherein the one or more computing devices include further instructions that upon execution on or across the one or more computing devices: store a representation of a security group associated with the second isolated virtual network, wherein the security group comprises one or more filtering rules for traffic of the second isolated virtual network; and verify that transmission, to the second isolated virtual network, of a particular packet which originates at the premise outside the cloud computing environment complies with the one or more filtering rules. 10. The system as recited in claim 8 , wherein the cloud computing environment comprises at least a first availability zone and a second availability zone, wherein at least a portion of the second isolated virtual network is configured within the first availability zone, wherein the one or more computing devices include further instructions that upon execution on or across the one or more computing devices: transmit, via the hub, a packet originating at the second isolated virtual network to a destination within the second availability zone. 11. The system as recited in claim 8 , wherein the one or more computing devices include further instructions that upon execution on or across the one or more computing devices: obtain, via the one or more programmatic interfaces, routing information for transmitting packets via the hub. 12. The system as recited in claim 8 , wherein at least one packet which originates at the premise external to the cloud computing environment is received at the hub via a direct dedicated link configured between the premise and the cloud computing environment. 13. The system as recited in claim 8 , wherein the one or more computing devices include further instructions that upon execution on or across the one or more computing devices: propagate, via the hub to the third virtual network, an indication of a change of a routing table of the second isolated virtual network. 14. The system as recited in claim 8 , wherein the resources within the first isolated virtual network include one or more virtual machines. 15. One or more non-transitory computer-accessible storage media storing program instructions that when executed on or across one or more processors: establish a hub for packets transmitted between a plurality of networks, wherein the hub comprises resources within a first isolated virtual network of a cloud computing environment; associate, based at least in part on input received via one or more programmatic interfaces of the cloud computing environment, a plurality of isolated virtual networks as spokes in a hub-and-spoke configuration comprising the hub, wherein the plurality of isolated virtual networks include a second isolated virtual network and a third isolated virtual network; and transmit, via the hub, (a) at least some packets which originate at a premise external to the cloud computing environment to the second isolated virtual network and (b) at least some packets which originate at the premise external to the cloud computing environment to the third isolated virtual network. 16. The one or more non-transitory computer-accessible storage media as recited in claim 15 , storing further program instructions that when executed on or across the one or more processors: store a representation of a security group associated with the second isolated virtual network, wherein the security group comprises one or more filtering rules for traffic of the second isolated virtual network; and verify that transmission, to the second isolated virtual network, of a particular packet which originates at the premise outside the cloud computing environment complies with the one or more filtering rules.