| AWS Direct Connect | Dedicated physical connection between on-premises infrastructure and AWS. | High bandwidth, low latency workloads requiring consistent network performance. | – Low latency, high bandwidth<br>- Private connection (no public internet)<br>- Cost-effective for large data transfers | – Requires physical connection setup<br>- Longer provisioning time<br>- Limited to specific locations |
| AWS Site-to-Site VPN | Secure IPSec VPN connection over the public internet between on-premises and AWS VPC. | Secure and encrypted connectivity with moderate bandwidth requirements. | – Easy to set up<br>- Cost-effective<br>- Encrypted communication | – Limited bandwidth compared to Direct Connect<br>- Latency depends on internet quality |
| AWS Client VPN | Managed client-based VPN service that enables secure access to AWS resources from remote users. | Remote user access to AWS resources or on-premises applications through AWS. | – Scalable and fully managed by AWS<br>- Supports multi-factor authentication | – Requires client-side configuration<br>- Bandwidth depends on internet connection |
| AWS Transit Gateway | Centralized hub for interconnecting multiple VPCs and on-premises networks via VPN or Direct Connect. | Simplify network architecture when connecting multiple VPCs and on-premises environments. | – Simplifies network management<br>- Scales easily with growing needs | – Additional cost for Transit Gateway usage<br>- Requires proper routing configuration |
| AWS Outposts | Fully managed service that extends AWS infrastructure, services, APIs, and tools to on-premises facilities. | Workloads that require low latency and local data processing with full AWS integration. | – Consistent AWS experience on-premises<br>- Low latency for local processing | – High upfront costs<br>- Requires on-premises space and power |
| AWS Snow Family (Snowball Edge) | Physical devices for offline data transfer and edge computing. | Large-scale data migrations or temporary edge computing in disconnected environments. | – Ideal for massive data transfers<br>- No dependency on network connectivity | – Manual shipping process<br>- Not real-time connectivity |
| AWS PrivateLink | Provides private connectivity between VPCs, AWS services, and on-premises applications without using public IPs. | Securely access AWS services or third-party services privately without traversing the internet. | – Enhanced security<br>- No exposure to public internet | – Limited to supported services<br>- Additional cost for PrivateLink endpoints |
| AWS Storage Gateway | Hybrid cloud storage service that connects on-premises environments to AWS storage services. | Backup, archiving, disaster recovery, and tiered storage solutions. | – Seamless integration with AWS storage<br>- Optimizes storage costs | – Requires local hardware/software setup<br>- Internet-dependent |
| AWS Wavelength | AWS infrastructure deployed at the edge of 5G networks to deliver ultra-low latency applications. | Applications requiring ultra-low latency, such as IoT, gaming, or AR/VR. | – Ultra-low latency<br>- Optimized for 5G-enabled devices | – Limited to specific geographic regions with 5G support |
| AWS Local Zones | Extension of AWS infrastructure closer to end-users in metropolitan areas. | Latency-sensitive applications like media streaming, gaming, or real-time analytics. | – Low latency for end-users<br>- Localized compute and storage | – Limited availability in select cities<br>- Higher costs compared to standard AWS regions |
