In this course, we will analyze the most cost-effective connectivity options between AWS and on-premises environments and the key networking cost contributors in these architectures.
Learning Objectives
- A greater understanding of networking costs in hybrid architectures, including:
- The costs of connectivity services like Direct Connect, Site-to-Site VPN, and Transit Gateway
- How to select the most cost-effective connectivity option considering your business requirements
Intended Audience
- Those who are planning on implementing and managing hybrid architectures on AWS and need to better understand the cost implications of the different connectivity options
Prerequisites
- You should have a fundamental understanding of networking services on AWS, including VPCs, Direct Connect, Site-to-Site VPNs, and Transit Gateway.
- For more information on these services, please see our existing content titled:
Hello and welcome to the final lecture, where I’ll briefly summarize some of the core points I mentioned in the course.
In this course, we discussed networking costs on AWS for hybrid architectures. The main services discussed were Direct Connect, Transit Gateway, and AWS Site-to-Site VPN.
At face value, the most expensive connectivity service to provision is Direct Connect, especially if you are implementing a maximum resiliency architecture. However, if your workload requires you to transfer large amounts of data and needs a high degree of bandwidth and throughput, you may find this option is cheaper in the long run. This is because Direct Connect decreases your utilization costs, as data transfer fees are reduced and you no longer need to rely on your internet service provider for high bandwidth. Direct Connect has a per-hour service charge, plus data transfer fees and provisioning costs.
However, if your workload expects a smaller volume of data and you can rely on transferring this using the bandwidth of your internet connection, it may be cheaper to use AWS Site-to-Site VPN. This is the best choice if you need temporary connectivity between environments. If you require a more permanent connection, it’s worth considering Direct Connect. VPN has a per-hour service charge, plus data transfer fees.
WIth both VPN and Direct Connect, you can use Transit Gateway to access 1000s of VPCs within your environment easily. If you plan on scaling out your hybrid network, using Transit Gateway will minimize your operational overhead as you create new connections between VPCs and your on-premises environments. This adds additional cost into your hybrid network but saves you time and maintenance further down the road. Transit Gateway has a per-hour service charge for each attachment and a per-GB data processing charge.
However, if you don’t intend to scale out your network, you can save yourself this extra cost by relying on virtual private gateways. You can use Direct Connect with Direct Connect Gateway and virtual private gateway, or you can use a VPN with a virtual private gateway and reduce costs. Keep in mind, by using virtual private gateways, if you do scale in the future, this may require more maintenance and management in terms of connecting your network and turn into a hidden cost over time.
That brings us to the end of this video. Once again, my name is Alana Layton and I hope you’ve enjoyed our time together. If you have any feedback, positive or negative, please contact us at support@cloudacademy.com. Your feedback is greatly appreciated. Thank you and till next time!
Alana Layton is an experienced technical trainer, technical content developer, and cloud engineer living out of Seattle, Washington. Her career has included teaching about AWS all over the world, creating AWS content that is fun, and working in consulting. She currently holds six AWS certifications. Outside of Cloud Academy, you can find her testing her knowledge in bar trivia, reading, or training for a marathon.