What is AWS internet gateway?

Key takeaways:

  • AWS internet gateway (IGW) allows secure, scalable access to resources in AWS VPC.

  • AWS IGW supports both IPv4 and IPv6 traffic, enabling bidirectional data flow between EC2 instances and the internet.

  • AWS IGW is free to use, highly available, and automatically scales with traffic demands.

  • AWS IGW is essential for routing internet-bound traffic from public subnets via properly configured route tables.

  • Secure your VPC by managing security groups and network ACLs to control inbound and outbound traffic.

  • For private subnets, use a NAT gateway for secure outbound internet access.

  • AWS IGW is ideal for hosting public-facing applications and handling outbound data transfers in AWS environments.

An internet gateway (IGW) is a fundamental component of AWS virtual private cloud VPC, enabling seamless communication between your VPC and the broader internet. By acting as a bridge between public subnets in your VPC and the internet, the internet gateway ensures resources such as EC2 instances can send and receive data externally. The IGW is horizontally scalable, highly available, and supports both IPv4 and IPv6 traffic.

AWS internet gateway
AWS internet gateway

The internet gateway is provided at no additional cost with your AWS account. It can be associated with any of your VPCs and is not restricted to a specific availability zone. Since the internet gateway is a virtual component, it doesn’t have a physical connection to the VPC, but instead provides a virtual link between the VPC and the internet.

Internet gateway

In the diagram below, an internet gateway is shown within the AWS Cloud architecture. Every VPC has a route table by default, which facilitates communication between resources inside the VPC. The first route entry handles internal communication within the VPC. However, to enable internet traffic, you need to add a specific route that directs the traffic to the internet gateway, often referred to as “igw," as seen in the second entry of the route table.

VPC is connected to the internet via the internet gateway
VPC is connected to the internet via the internet gateway

Why is the internet gateway important?

Here are some key benefits of using an internet gateway (IGW) in your network:

  • Facilitates internet communication: The IGW is essential for enabling outbound and inbound internet traffic for public-facing resources.

  • Cost-efficient: AWS offers the internet gateway as a free service without additional charges for bandwidth or scaling.

  • Supports high availability: Since it’s a managed AWS service, the internet gateway doesn’t require manual scaling and is designed for availability across multiple availability zones.

How does an internet gateway work?

The AWS internet gateway is not a physical device but a logical connection allowing bidirectional traffic between the internet and instances located in a public subnet of your VPC. When a public subnet has an associated internet gateway, EC2 instances with public IP addresses can communicate freely with the outside world.

If your instances are within a private subnet, they cannot directly access the internet through the internet gateway. For such cases, a NAT gateway is required to allow outbound-only connections while blocking inbound internet traffic, ensuring additional security for sensitive data.

Components and role in a VPC

  • Route table integration: To route traffic from your VPC to the internet, a route must be added to the VPC route table. This route directs traffic destined for the internet (typically 0.0.0.0/0 for IPv4) through the internet gateway.

  • Security groups and network ACLs: Both security groups and network access control lists (NACLs) play an essential role in controlling the traffic flowing to and from your VPC instances. Ensure proper rules are defined to allow legitimate traffic.

How to configure an internet gateway in AWS

Follow these steps to configure an internet gateway for your VPC:

  1. Create an internet gateway:

    1. Open the AWS Management Console and navigate to VPC > Internet Gateways.

    2. Click on "Create internet gateway" and give it a name for easy identification.

  2. Attach the internet gateway to a VPC:

    1. Once created, attach the IGW to your desired VPC. An internet gateway can only be attached to one VPC at a time.

  3. Modify the route table:

    1. Go to the "Route Tables" section of your VPC.

    2. Select the route table associated with your public subnet.

    3. Add a route with the destination 0.0.0.0/0 (for IPv4) and ::/0 (for IPv6) with the target set to the newly created internet gateway.

  4. Update security groups and network ACLs:

    1. Ensure that your security groups and NACLs allow traffic from the internet. Modify inbound and outbound rules to permit HTTP, HTTPS, or other relevant protocols.

Note: Always configure your route tables, security groups, and network ACLs correctly to secure your environment while maintaining necessary access.

Advantages of the AWS internet gateway

  1. Scalability: The internet gateway automatically scales to handle your VPC’s internet traffic without manual intervention.

  2. Cost efficiency: As a free service, there are no direct charges for using the internet gateway.

  3. Availability: The IGW spans across multiple availability zones, ensuring reliable and redundant internet connectivity.

Common use cases for an internet gateway

  1. Hosting public-facing applications: Applications like web servers hosted in EC2 instances require internet access to serve content to users. The IGW enables this connectivity.

  2. Accessing AWS services via public IP: If assigned public IP addresses, resources in a VPC can access AWS services like S3 or DynamoDB through the internet gateway.

  3. Outbound data transfer: Services that need to send logs, data, or metrics to external monitoring tools or third-party APIs rely on IGW for outbound communication.

Conclusion

The AWS internet gateway plays an important role in enabling internet communication for resources inside your VPC. Whether you’re hosting public-facing applications or routing traffic securely through a NAT gateway, the internet gateway ensures flexible, scalable, and reliable connectivity with the outside world. Without it, accessing the internet from a VPC would require additional resources such as VPN or AWS direct connect.

1

What is the primary function of an internet gateway (IGW) in AWS?

A)

To connect private subnets to the internet

B)

To provide internet access for resources within a VPC

C)

To manage network traffic within a private data center

D)

To handle encryption of data at rest

Question 1 of 40 attempted

Frequently asked questions

Haven’t found what you were looking for? Contact Us

Do I need an internet gateway for private subnets?

No, private subnets don’t directly connect to the internet via an IGW. To enable outbound internet access from private subnets, you need to use a NAT Gateway or NAT instance.

What is the purpose of an AWS internet gateway?

The primary purpose of an AWS internet gateway is to enable communication between instances in a VPC and the internet. It allows both inbound and outbound traffic to pass through, facilitating data transfer to and from public subnets.

Can I attach multiple internet gateways to a single VPC?

No, you can only attach one internet gateway to a VPC at a time. If you need multiple connections, you would typically set up multiple VPCs with their own internet gateways.

Do resources in a VPC need a public IP to use an internet gateway?

Yes, resources like EC2 instances need to have a public IP address (or an Elastic IP) to communicate with the internet through an Internet Gateway.

Can I detach an internet gateway from a VPC?

Yes, you can detach an Internet Gateway from a VPC through the AWS Management Console or AWS CLI. However, this will immediately disrupt internet communication for any public-facing resources in that VPC.

Free Resources

Copyright ©2024 Educative, Inc. All rights reserved

Learn in-demand tech skills in half the time

PRODUCTS

Mock Interview

New

Courses

Skill Paths

Projects

Assessments

TRENDING TOPICS

Learn to Code

Tech Interview Prep

Generative AI

Data Science

Machine Learning

GitHub Students Scholarship

Early Access Courses

Blind 75

Layoffs

Pricing

For Individuals

Try for Free

Gift a Subscription

CONTRIBUTE

Become an Author

Become an Affiliate

Earn Referral Credits

RESOURCES

Blog

Cheatsheets

Webinars

Answers

ABOUT US

Our Team

Careers

Hiring

Frequently Asked Questions

Contact Us

Press

LEGAL

Privacy Policy

Cookie Policy

Terms of Service

Business Terms of Service

Data Processing Agreement

INTERVIEW PREP COURSES

Grokking the Modern System Design Interview

Grokking the Product Architecture Design Interview

Grokking the Coding Interview Patterns

Machine Learning System Design

Tiktok Streamline Icon: https://streamlinehq.com

Copyright ©2024 Educative, Inc. All rights reserved.

soc2