Create an internet gateway

Hello Everyone

Welcome to CloudAffaire and this is Debjeet

In the last blog post, we have created a public subnet and EC2 instance with public IPv4 address.

https://cloudaffaire.com/create-a-public-subnet/

But to connect to the internet we need one Internet gateway which is attached to our VPC. In this blog post, we are going to create an Internet gateway and attach it to the VPC. We are also going to edit the route table and make an entry for this new internet gateway and configure security group. Below is the configuration diagram for this demo.

Create an internet gateway:

Step 1: Login to AWS console and navigate to ‘VPC’.

Step 2: Navigate to ‘Internet Gateways’ and click ‘Create internet gateway’.

Step 3: Provide the name to the internet gateway and click ‘Create’.

One success message will be displayed, click ‘Close’.

Your new internet gateway successfully created.

Note: In order to use this internet gateway, we need to first attach it to a VPC.

Step 4: Select the internet gateway and from ‘Actions’ click ‘Attach to VPC’.

Step 5: Select the VPC and click ‘Attach’.

Internet gateway successfully attached to the VPC.

If you try to connect to your instance now, it will fail as this internet gateway is not visible to the router.

Next, we are going to create an entry in the route table for this internet gateway. Our public subnet is explicitly associated with a custom route table. Hence, we will make an entry in our custom route table.

Step 6: Navigate to ‘Route Tables’ and select your custom route table. Click ‘Edit routes’ located under ‘Routers’ tab.

Step 7: Click ‘Add route’ and select your internet gateway from the drop-down in the ‘Target’. Click ‘Save routes’.

Note: 0.0.0.0/0 will be the destination to route anywhere in the subnet.

A success message will be displayed. Click ‘Close’.

A new route entry has been created in our custom route table.

If you try to connect to your instance now it will still fail.

Next, we are going to modify the security group of the instance (instance 2) which is located in the public subnet (subnet 2). We have not created any new security group hence the default security group of our VPC is used by all the instance. Hence, we will modify the default security group of our VPC.

Step 8: Navigate to ‘Security Groups’ and select your security group. Click ‘Edit rules’ located under the ‘Inbound Rules’ tab.

Step 9: Select ‘Anywhere’ in the ‘Source’ and click ‘Save rules’.

One success message will be displayed, click ‘Close’.

Now if you try to connect to your instance, it will connect.

Cleanup: Delete your EC2 instance and then navigate to ‘Your VPCs’, select your VPC and from action click ‘Delete’.

Note: We will use this same VPC and existing configuration in upcoming blogs, hence if you wish to continue then don’t delete your VPC.

Hope you have enjoyed this blog post. In the next blog post, we are going to learn how to connect to an instance in private subnet from the internet.

To get more details on VPC, please refer below AWS documentation

https://docs.aws.amazon.com/vpc/index.html