๐ŸŒ AWS Internet Gateway โ€“ Connect Your VPC to the Internet

In AWS, a VPC (Virtual Private Cloud) is isolated by default. Resources inside a VPC cannot communicate with the internet unless explicitly allowed.

The AWS Internet Gateway (IGW) is the solution. It is a horizontally scaled, redundant, and highly available VPC component that allows:

  • Outbound traffic from your VPC to the internet.
  • Inbound traffic from the internet to your public subnets.

Think of the IGW as a gateway door that connects your private house (VPC) to the outside world (internet). Without it, your cloud resources remain completely isolated.


โš™๏ธ Key Features of AWS Internet Gateway

  1. Internet Access: Enables EC2 instances and other resources in public subnets to send and receive traffic.
  2. Highly Available: Fully redundant across all Availability Zones in a region.
  3. No Bandwidth Bottleneck: Horizontally scaled to support high-volume traffic.
  4. Stateless or Stateful? Works with route tables and security groups to allow controlled traffic flow.
  5. Integration with Public Subnets: Must associate with a route table that targets the IGW.

๐Ÿ—‚๏ธ How It Works

  1. Attach the IGW to your VPC.

  2. Configure the route table for public subnets:

    • Destination: 0.0.0.0/0
    • Target: Internet Gateway ID
  3. Launch EC2 instances in the public subnet with auto-assign public IP.

Without these steps, your EC2 will remain private, even if an IGW exists.


๐Ÿ› ๏ธ Programs (Python โ€“ boto3)


โœ… 1: Create and Attach an Internet Gateway

import boto3
ec2 = boto3.client('ec2')
# Create VPC
vpc = ec2.create_vpc(CidrBlock='10.0.0.0/16')
vpc_id = vpc['Vpc']['VpcId']
# Create Internet Gateway
igw = ec2.create_internet_gateway()
igw_id = igw['InternetGateway']['InternetGatewayId']
# Attach IGW to VPC
ec2.attach_internet_gateway(InternetGatewayId=igw_id, VpcId=vpc_id)
print(f"Internet Gateway {igw_id} attached to VPC {vpc_id}")

Use Case: This is essential for public-facing resources like web servers.


โœ… 2: Configure a Route Table for Public Subnet

# Create a public subnet
subnet = ec2.create_subnet(VpcId=vpc_id, CidrBlock='10.0.1.0/24')
subnet_id = subnet['Subnet']['SubnetId']
# Create route table
route_table = ec2.create_route_table(VpcId=vpc_id)
rtb_id = route_table['RouteTable']['RouteTableId']
# Create route to Internet Gateway
ec2.create_route(
RouteTableId=rtb_id,
DestinationCidrBlock='0.0.0.0/0',
GatewayId=igw_id
)
# Associate route table with subnet
ec2.associate_route_table(SubnetId=subnet_id, RouteTableId=rtb_id)
print(f"Route table {rtb_id} associated with subnet {subnet_id}")

Use Case: Ensures all traffic from this subnet can flow to the internet through the IGW.


โœ… 3: Launch Public EC2 Instance

# Launch EC2 instance in public subnet
ec2.run_instances(
ImageId='ami-0c55b159cbfafe1f0',
InstanceType='t2.micro',
MaxCount=1,
MinCount=1,
SubnetId=subnet_id,
NetworkInterfaces=[{'AssociatePublicIpAddress': True, 'DeviceIndex': 0}]
)
print("EC2 instance launched in public subnet with Internet Gateway connectivity")

Use Case: Demonstrates public-facing web applications or APIs accessible from the internet.


๐Ÿง  How to Remember for Exams & Interviews

  1. Key Principle:

    • IGW = โ€œInternet Gatewayโ€ = door to the internet.
  2. Memory Trick:

    • Public Subnet requires IGW to communicate with the outside.
    • Private Subnets do not use IGW; they use NAT Gateway for outbound internet.
  3. Exam Hot Points:

    • IGW must be attached to VPC.
    • Public subnet route table must point to IGW (0.0.0.0/0).
    • EC2 needs public IP to access the internet.

๐ŸŽฏ Why AWS Internet Gateway is Important

  1. Internet-Connected Applications: Without IGW, no EC2 in public subnet can access the internet.
  2. Security Control: Works with route tables, security groups, and NACLs to ensure secure internet access.
  3. Foundation for Cloud Architectures: Multi-tier architectures rely on IGWs for public-facing web servers.
  4. Exam Relevance: Commonly asked in AWS Solutions Architect Associate and Networking Specialty.
  5. High Availability: IGW is fully managed and highly available by AWS.

๐Ÿ”’ Best Practices

  • Use IGW only for public subnets.
  • Never attach a private subnet directly to IGW.
  • Combine with security groups and NACLs for traffic control.
  • Use Elastic IPs for static internet-facing resources.
  • Monitor traffic with VPC Flow Logs.

๐Ÿ“˜ Conclusion

The AWS Internet Gateway is the gateway to the outside world for your VPC. It enables EC2 instances and other public resources to communicate with the internet, while working in tandem with public subnets, route tables, and security controls.

For exams and interviews:

  • IGW = Internet access
  • Public subnet + route table = 0.0.0.0/0 โ†’ IGW
  • Private subnet = NAT Gateway (for outbound)

Mastering IGW ensures you can design secure, scalable, and internet-connected AWS architectures.