What is an Internet Gateway in AWS?

Amazon Web Services (AWS) Internet Gateway is a horizontally scalable, redundant, and highly available VPC component that allows communication between instances in your VPC and the Internet. It, therefore, acts as a bridge between your VPC and the Internet.

An Internet Gateway is not automatically created when you create a VPC. Instead, you must create and attach an Internet Gateway to your VPC before your instances in the VPC can communicate with the Internet. Once an Internet Gateway is attached to a VPC, you can then route Internet traffic to your instances.

Internet Gateways are horizontally scaleable, meaning that they automatically adjust their capacity to handle the number of requests that pass through them. They are also redundant, which means that if one Internet Gateway fails, another one takes over and ensures that there is no interruption in service. This redundancy ensures that your instances are always able to communicate with the Internet.

To create an Internet Gateway, you must first log in to the AWS Management Console and navigate to the VPC dashboard. Once there, you can click on the “Internet Gateways” menu and select “Create Internet Gateway.” You will then be prompted to give your Internet Gateway a name and select the VPC that it should be attached. Once the Internet Gateway is created, it will be in a “detached” state. To attach the Internet Gateway to a VPC, you must click on the Internet Gateway and select “Actions,” then “Attach to VPC.”

Once an Internet Gateway is attached to a VPC, it can be used to route Internet traffic to instances in that VPC. To do this, you must create a route in the VPC’s routing table that points Internet traffic (0.0.0.0/0) to the Internet Gateway. This is often referred to as the “default route” for Internet traffic.

When you create a new VPC, it automatically comes with a default route table, which you can use to route Internet traffic to the Internet Gateway. You can also create additional route tables and associate them with specific subnets in your VPC. This allows you to control the Internet access for instances in those subnets.

AWS Internet Gateway allows access to Internet resources over IPv4 and IPv6 protocols. Additionally, if you want to connect to your on-premises resources, you can create a VPN connection or a Direct Connect link between your on-premises data center and your VPC over Internet Gateway. It also provides network address translation (NAT) service, which allows instances in a private subnet to connect to the Internet, but prevents the Internet from initiating connections with those instances.

AWS Internet Gateway also provides security features such as Security Group and Network Access Control List (NACL) to control inbound and outbound traffic to your instances via Internet Gateway. It allows you to create rules that permit or deny traffic based on protocol, port, and source or destination IP address. You can also use AWS Web Application Firewall (WAF) to protect your applications and APIs from various web-based attacks.

Conclusion

In summary, Amazon Web Services (AWS) Internet Gateway is a horizontally scalable, redundant, and highly available VPC component that enables the communication between instances in a VPC and the Internet. It acts as a bridge between a VPC and the Internet and allows you to route Internet traffic to your instances. Internet Gateways also provide security features such as security groups and network access control lists to control inbound and outbound traffic, as well as a way to connect to on-premises resources via VPN or Direct Connect.