13. IGW Internet Gateway

ND9991 C02 L02 A10 IGW Internet Gateway

Internet access

If I just created a VPC and I want to provide internet to it, I should make sure to…
SOLUTION:
  • Create a route to the IGW and associate it with your subnet(s)
  • Create an IGW
  • Attach the IGW to your VPC

Internet Gateway

  • An internet gateway is a resource that enables inbound and outbound traffic from the internet to your VPC.
  • An internet gateway allows external users access to communicate with parts of your VPC.
  • If you create a private VPC for an application that is internal to your company, you will not need an internet gateway.

Network Address Translation (NAT) Gateway: provides outbound-only internet gateway for private services to access the internet. This keeps the private service protected from inbound connections, but allows it to connect to the internet in order to perform functions such as downloading software updates. The NAT gateway serves as an intermediary to take a private resource’s request, connect to the internet, and then relay the response back to the private resource without exposing that private resource’s IP address to the public.

Note: Place NAT Gateways inside the public subnets and not the private subnets. NAT gateways need to be in the public subnet so that they can communicate with the public internet, and handle requests from resources that are in a private subnet.

Next Concept