Do you think IIT Guwahati certified course can help you in your career?
Introduction
AWS Internet Gateway is the fundamental component of Amazon Web Services(AWS). AWS internet gateway is a service that allows internet traffic to actually enter into a Virtual Private Cloud(VPC).
In this article, we will learn about AWS internet gateway, how to create it, and its benefits and limitations with some FAQS
What is AWS Internet Gateway?
An AWS Internet Gateway is a gateway that facilitates seamless communication between a Virtual Private Cloud (VPC) and the public Internet. It is not a physical device.
Internet Gateway allows traffic to flow bidirectionally, which enables the resources within the VPC to access the Internet and, at the same time, be reachable from the Internet.
This gateway serves as the entry and exit point for data, ensuring secure and controlled connectivity for AWS cloud resources. It supports both IPv4 and IPv6 traffic. Furthermore, each VPC has only one Internet Gateway. If a VPC doesn’t have an Internet Gateway, the resources cannot be accessed from the Internet.
Working of AWS Internet Gateway
When you create an Internet Gateway, you attach it to one or more subnets in your VPC. This enables instances in those subnets to connect to the internet.
If an instance in VPC has a public IP address, it can send the traffic directly through the internet gateway (IGW). However, if an instance does not have a public IP address, then in order to send the traffic to the internet, the traffic should be routed through a Network Address Translation (NAT) gateway.
A NAT gateway is a type of virtual device that allows instances in the VPC to connect to the internet even if they do not have a public IP address. When an instance in VPC sends traffic to the internet, the NAT gateway converts the instance's private IP address to a public so the traffic can reach the internet.
Below are the steps that take place when an instance in VPC sends the traffic to the Internet:
The instance sends the traffic to the IGW
The IGW translates the instance's private IP address to a public IP address
The IGW sends the traffic to the internet
The internet responds to the traffic and sends it back to the IGW
The IGW translates the internet's public IP address back to the instance's private IP address
The IGW sends the traffic to the instance
Creating AWS Internet Gateway
In order to add an internet gateway to VPC, follow the below steps:
Step 1. Sign in to the AWS Management Console: Go to the AWS homepage (https://aws.amazon.com/) and sign in with your AWS account credentials.
Step 2. From the left panel, go under the Virtual Private Cloud tab option, and open the Internet Gateways option.
Step 3. Click on Create internet gateway
Step 4. Fill in the internet gateway settings with a name, and the internet gateway is created.
Note: We know that an internet gateway is used to allow internet traffic to VPC, so it needs to be associated with a VPC.
Step 5. Select the internet gateway that is just created. Go to the Actions tab, choose Attach to VPC
Step 6. Select any VPCs created earlier from the options
Step 7. Success! Internet Gateway is created and attached
Now, by default, the subnet we created gets associated with the main route table for the VPC, and the main route table does not contain any route to an internet gateway.
So, let's create a custom route table with a route that forwards the traffic destined outside the VPC to the internet gateway.
Step 8: Back to the navigation tab, click on Route Tables and then click on create route table
Step 9: Fill in the settings with a name, and then select create route table
Step 10: On Route Table, click on edit option and then add the following route:
For IPv4 traffic, enter 0.0.0.0/0 in the Destination box and in the Target list select the internet gateway ID.
For IPv6 traffic, enter ::/0in the Destination box, and in the Target list, select the internet gateway ID.
Afterwards, hit the save button present below on the right side
Step 11: Success! Custom Route Table established
Benefits of AWS Internet Gateway
Let's see the key benefits of using AWS internet gateway:
Scalability: Internet Gateways are horizontally scaled due to which they can handle increased traffic demands
Availability: Internet Gateways has its multiple copies deployed across multiple Availability Zones, due to which they are highly available
Cost-effectiveness: There is no additional charge for creating an Internet Gateway
Ease of use: Internet Gateways are very easy to create and manage using the AWS Management Console, the AWS CLI, or the AWS SDKs
Limitations of AWS Internet Gateway
Some of the few limitations of using an AWS Internet Gateway are:
Security: An Internet Gateway can expose all instances in VPC to the Internet. So, configuring the security groups and network ACLs becomes very important
Performance: An Internet Gateway can introduce some latency. In order to get low-latency connections to the Internet, we need to use a NAT Gateway
Cost: There is no additional charge for creating an IGW, but there is a charge for each gigabyte of data that flows through the Internet gateway
Complexity: Internet Gateways can be complex to configure to someone not good with networking concepts
AWS Internet Gateway vs NAT Gateway
Let's see a table comparing AWS Internet Gateway vs NAT Gateway below:
Feature
NAT Gateway
Internet Gateway
Purpose
Allows instances in a private subnet to connect to the internet
Allows instances in a VPC to connect to the internet
Traffic Direction
Outbound only
Outbound and inbound
Scalability
Horizontally scaled
Horizontally scaled
Redundancy
Highly available, with multiple copies deployed across multiple Availability Zones
Highly available, with multiple copies deployed across multiple Availability Zones
Cost
Incurred based on usage
No additional charge
Security
Can restrict access to the internet
Does not provide any security controls
IP addresses
Uses a private IP address
Uses a public IP address
Note: "Outbound" refers to traffic going from the VPC to the internet, while "Inbound" refers to traffic coming from the internet to the VPC.
Frequently Asked Questions
When an AWS Internet Gateway be used?
AWS Internet Gateway should be used to allow instances in VPC to connect to the internet and to connect VPC to a third-party network such as a cloud provider’s network.
When to avoid using an AWS Internet Gateway?
AWS Internet Gateway should avoid using it when there is a need for low latency connections to the internet and if there is a need to restrict access to the internet from VPC.
Can AWS Internet Gateway be used with multiple VPCs?
No, AWS Internet Gateway can only be used with a single VPC. In order to connect multiple VPCs to the internet, we need to take the help of Transit Gateway.
Conclusion
Congratulations, you did a fantastic job!!. This article covered about the AWS internet gateway, how to create it, and its benefits and limitations. At last, the internet gateway vs NAT gateway was discussed, and some frequently asked questions were discussed.
84+ registered