# Connectivity options
<a name="connectivity-options"></a>

There are two supported connectivity options for connecting to Teradata VantageCloud Lake:
+ AWS PrivateLink (recommended) – Connect from cloud to cloud. You can use this option to connect your AWS account to VantageCloud Lake.
+ Public internet – Connect over the internet. You can use this option to connect your on-premises system to VantageCloud Lake.

The following diagram shows these supported connectivity methods.

![\[AWS PrivateLink and public internet options for connecting to Teradata VantageCloud Lake on AWS.\]](http://docs.aws.amazon.com/prescriptive-guidance/latest/migration-teradata-vantagecloud-lake/images/connectivity-options.png)


## AWS PrivateLink architecture
<a name="private-link"></a>

AWS PrivateLink provides connectivity between virtual private clouds (VPCs). You can access Teradata VantageCloud Lake over private IP addresses from your virtual network while keeping the data flow on the AWS secure backbone network. Data never traverses the public internet. This significantly reduces exposure to common security threats.

AWS PrivateLink allows only unidirectional network connectivity. Applications that require a connection to be initiated from both endpoints require two AWS PrivateLink connections. 

The following diagram shows a AWS PrivateLink architecture where a private endpoint in an AWS account uses AWS PrivateLink to connect to Teradata Session Manager, which connects to a VantageCloud Lake primary cluster.

![\[Using PrivateLink to access Teradata VantageCloud Lake on AWS.\]](http://docs.aws.amazon.com/prescriptive-guidance/latest/migration-teradata-vantagecloud-lake/images/privatelink-connectivity.png)


For more information, see [AWS PrivateLink](https://aws.amazon.com/privatelink/) or contact your [Teradata account team.](https://www.teradata.com/About-Us/Contact)

## Public internet
<a name="public-internet"></a>

If your architecture requires hybrid connectivity from on premises to Teradata VantageCloud Lake, you can use the public internet connectivity option. You can also use this option to connect from another VPC over the internet. You control the allowed CIDR ranges. The following diagram shows a user's VPC using the internet to connect to Teradata-managed VantageCloud Lake.

![\[Using the public internet to access Teradata VantageCloud Lake on AWS.\]](http://docs.aws.amazon.com/prescriptive-guidance/latest/migration-teradata-vantagecloud-lake/images/internet-connectivity.png)