When you create a Virtual Private Cloud (VPC) in AWS, it lacks internet access by default. This post will walk you through the configuration process to enable internet access for your VPC using an AWS Internet Gateway (IGW). By the end, you will understand how to configure an Internet Gateway and set up your VPC for external access.
The Problem: VPCs and Lack of Default Internet Access
AWS VPCs are isolated networks within the AWS Cloud. While this isolation ensures security, it also means that VPCs do not have internet access out of the box. If you plan to host web applications, connect to third-party services, or access the internet from an EC2 instance, you must configure your VPC properly.
The Solution: AWS Internet Gateway
An AWS Internet Gateway (IGW) is a horizontally scaled, redundant, and highly available component that allows communication between your VPC and the Internet. Attaching an IGW to your VPC enables internet access for instances in public subnets.
Creating Your Internet Gateway: A Step-by-Step Walkthrough
Here’s how you can set up an Internet Gateway to enable Internet access for your VPC.
Step 1: Create an Internet Gateway
- Log in to the AWS Management Console.
- Navigate to VPC under the Networking & Content Delivery section.
- In the VPC Dashboard, go to the Internet Gateways section.
- Click on Create Internet Gateway.
- Enter a name tag (My-Internet-Gateway) and click Create Internet Gateway.
Step 2: Attach the Internet Gateway to Your VPC
- After creating your Internet Gateway, select it from the list.
- Click Actions and choose Attach to VPC.
- Select the appropriate VPC from the dropdown and click Attach Internet Gateway.
Your VPC now has an Internet Gateway attached, but it must still be fully configured for Internet access.
Creating and Configuring the Route Table
You need to update the Route Table to allow traffic to flow from your VPC to the internet. This step involves creating and configuring a Route Table to route internet traffic via the Internet Gateway.
Step 3: Create the Route Table
- In the VPC Dashboard, select Route Tables.
- Click Create Route Table.
- Enter a name for your route table (e.g., Public-Route-Table), and associate it with the VPC with the Internet Gateway attached.
- Click Create Route Table.
Step 4: Associating Subnets
For public access, ensure that the route table is associated with the public subnets of your VPC.
- In the Route Tables section, select your newly created route table.
- Under the Subnet Associations tab, click Edit Subnet Associations.
- Select the subnets you want to associate with this route table, typically public subnets, and click Save Associations.
Step 5: Adding the Crucial Route for Internet Access
Now that your route table is set up and associated with the correct subnets, you must add a route to direct traffic to the Internet Gateway.
- Select your route table and click the Routes tab.
- Click Edit Routes, then Add Route.
- Set the Destination to 0.0.0.0/0 (all traffic) and the Target to your Internet Gateway (e.g., igw-abc12345).
- Click Save Changes.
At this point, your VPC and subnets are configured for internet access.
Testing Your Connection: Connecting to Your EC2 Instance
Let’s test your configuration by launching an EC2 instance and checking internet connectivity.
- Navigate to EC2 and launch a new instance in the public subnet of your VPC.
- Ensure that you associate a public IP address with your instance.
- After launching, connect to your EC2 instance via SSH or Remote Desktop.
- To verify that the instance has internet access, try pinging a website or running an internet command like curl: https://aws.amazon.com.
Don’t Forget: Terminate Your EC2 Instance to Avoid Charges
When you’re done testing, remember to terminate your EC2 instance to avoid any unexpected charges. To do so, go to the EC2 dashboard, select the instance, click Actions, and choose Terminate Instance.
Conclusion
Following these steps, you can configure your AWS VPC to have internet access through an Internet Gateway. This is essential for enabling external access to your instances, hosting web applications, or using internet-facing services.