AWS Internet Gateway — What is it and how does it works?
When we create a VPC (Virtual Private Cloud), this resource doesn’t have access to the internet. For this reason, if an EC2 instance exists within a subnet, we can’t access it. To be able to access the EC2 instance, it is necessary to create an internet gateway and attach it to the VPC. However, only the internet gateway is not enough to allow the VPC to communicate with the external world; it is also necessary to create and configure a route table. In this article, I want to show you how to create the structure described above.
If you prefer, you can watch a video summarizing this content. here
So let’s get our hands dirty!
Showing the issue
Here, we have an EC2 instance named ‘my-server’ within a public subnet.
When the connection attempt is made, we get an error.
To solve this issue, first, we need to create the intenet gateway and then configure the route table to direct the traffic of the EC2 instance to the internet gateway. Let’s see how it’s done.
Creating an internet gateway
Here, I’ll describe step-by-step to create an internet gateway.
First, we need to go to the internet gateway dashboard by selecting the “internet gateway” option in the left-side menu.
Then select the top button named “Create internet gateway”.
In the next page, we will give a name to out internet gateway and click on the button “Create internet gateway”.
Okay, with the internet gateway created, it’s necessary to attach it to a VPC. Let’s return to the internet gateway dashboard, select our new internet gateway, and choose the option “Attach to VPC”. On the next page, we’ll select the VPC and click on button “Attach internet gateway”.
Now, we need to create a new route table and configure it. To create a route table, let’s select the “Route tables” menu in the left sidebar, and on the next page, click on the button “Create route table”.
Now it’s necessary give a name to the new route table and associate it with a VPC. Then, click on button “Create route table”.
With the previous step completed, it’s necessary to associate some subnets with the new route table. To do this, select the route table, click on “Action” buttom, choose the option “Edit subnet associations” and the “Edit associations” page will open.
Here, we’ll select the subnet(s) that we want associate with the new route table. One ou more subnets can be selected. Once the subnets are chosen, simply click on “Save associations” button.
Okay, at this moment, we’re almost finished. Keep calm! We only need to make one more configuration, which is adding a new route in the route table. This step is crucial because without it, redirecting requests to internet via internet gateway won’t be possible. So, let’s do it: select the route table, click on the “Action” button, then choose the “Edit routes” option, and the Edit routes page will open.
Here, it’s necessary to add a new route with the destination set as 0.0.0.0/0 to allow all traffic, and target should point to the internet gateway. To finish, click on the “Save change” button.
Now let’s try to connect to our EC2 instance.
Select the EC2 instance and then click on the “Connect” button. On the next page, select “EC2 Instance Connect” and then click on the “Connect” button.
And voilà, now we are able to connect to the EC2 instance. If we execute a ping command, we can reach the external world.
I hope I was able to explain about internet gateway and its operation.
DO NOT forget to terminate the EC2 instance to avoid unnecessary charges!