AWS Direct Connect + VPN
With AWS Direct Connect

Figure 9 - AWS Direct Connect and VPN
This solution combines the benefits of the end-to-end secure IPSec connection with low latency and increased bandwidth of the AWS Direct Connect to provide a more consistent network experience than internet-based VPN connections. A BGP connection is established between the AWS Direct Connect and your router on the public VIF. Another BGP session or a static router will be established between the virtual private gateway and your router on the IPSec VPN tunnel.