📃
AWS SAA-C02
  • Practice Test Scores
  • Basics of IAM
  • Elastic Compute Cloud (EC2)
    • Overview
    • Security Groups
    • IP Addresses
    • User Data
    • Launch Types
    • Spot Instances
    • Instance Types
    • Amazon Machine Image (AMI)
    • Placement Groups
    • Elastic Network Interface (ENI)
    • Hibernate
  • Elastic Load Balancer (ELB)
    • Basic Terms
    • Elastic Load Balancing
    • Classic Load Balancer (CLB)
    • Application Load Balancer (ALB)
    • Network Load Balancer (NLB)
    • Stickiness
    • Cross Zone Load Balancing
    • SSL Certificates
    • Connection Draining/Deregistration Delay
  • Auto Scaling Groups (ASG)
    • Launch Configurations & Launch Templates
    • Overview
    • Dynamic Scaling and Scheduled Scaling
    • Lifecycle Hooks
    • Scaling Cooldowns
  • EC2 Storage (EBS, EFS, Instance Store)
    • Elastic Block Storage (EBS)
    • EBS Volume Types
    • EBS Snapshots
    • EBS Volume Migration
    • EBS Volume Encryption
    • EBS RAID configurations
    • Instance Store
    • Elastic File System (EFS)
    • EFS vs EBS
  • Relational Database Service (RDS)
    • RDS Overview
    • Running Databases on EC2
    • RDS Backups & RDS Restores
    • RDS Read Replicas
    • RDS Multi AZ
    • RDS Encryption
    • RDS IAM database authentication
    • Aurora
    • ElastiCache
  • Route53
    • Overview
    • DNS Record Types
    • Routing Policies
    • 3rd Party Domains
  • Simple Storage Service (S3)
    • S3
    • Server-Side Encryption
    • S3 Security
    • Pre-signed URLs
    • S3 Websites
    • Cross-origin resource sharing (CORS)
    • Consistency Model
  • Advanced S3 & Athena
    • MFA Delete
    • Access Logs
    • Replication
    • Storage Classes
    • Lifecycle Configuration
    • Performance Optimization
    • Select and Glacier Select
    • Event Notifications
    • Object Lock and Glacier Lock
    • Athena Overview
  • CloudFront & Global Accelerator
    • CloudFront Overview
    • CloudFront Signed URL / Signed Cookies
    • Global Accelerator
  • Storage Gateway & FSx & Snowball/Snowmobile
    • Storage Gateway Overview
    • Storage Gateway File Gateway Hardware Appliance
    • FSx for Windows Servers
    • FSx for Lustre
    • Storage Comparison
    • Snowball/Snowmobile Overview
  • AWS Messaging
  • Simple Queue Service (SQS)
    • Overview
    • Message Visibility Timeout
    • Dead Letter Queues
    • Delay Queues
    • FIFO Queues
    • SQS + Auto Scaling Group
  • Simple Notification Service (SNS)
    • Overview
    • SNS & SQS - Fan Out Pattern
  • Kinesis + MQ
    • Kinesis
    • Amazon MQ
  • Serverless
    • Lamda Overview
    • Lambda@Edge
    • DynamoDB Overview
    • DynamoDB RCUs and WCUs
    • DynamoDB Advanced Features
    • API Gateway Overview
    • API Gateway Security
    • Cognito Overview
    • AWS SAM (Serverless Application Model)
  • Databases & Analytics
    • Databases
    • Analytics
  • Monitoring
    • CloudWatch Concepts
    • CloudWatch Logs
    • CloudWatch Agent
    • EC2 Instance Recovery
    • CloudWatch Events
    • CloudTrail
    • Config
  • Mini Security Lesson
    • IAM Policies
    • Authorization
    • IAM Conditions
    • IAM for S3 Resources
    • IAM Permission Boundaries
  • Security & Management
    • Security Token Service (STS)
    • Identity Federation in AWS
    • Directory Service
    • Organizations
    • Resource Access Manager (RAM)
    • Single Sign On (SSO)
  • Security & Encryption
    • Encryption Overview
    • KMS Overview
    • SSM Parameter Store Overview
    • Secrets Manager Overview
    • CloudHSM
    • Shield
    • Web Application Firewall (WAF) Overview
  • Virtual Private Cloud (VPC)
    • Networking for VPCs
    • Default VPC Overview
    • VPC Overview
    • VPC Subnets
    • Internet Gateways & Route Tables
    • NAT Instances
    • NAT Gateways
    • DNS support in your VPC
    • NACLs vs Security Groups
    • VPC Peering
    • VPC Endpoints
    • VPC Flow Logs
    • Bastion Hosts
    • Site to Site VPN
    • Direct Connect
    • Egress-only Internet Gateway
    • AWS PrivateLink
    • AWS ClassicLink
    • VPN CloudHub
    • Transit Gateway
  • Disaster Recovery & Migrations
    • Plan for Disaster Recovery
    • Database Migration Service (DMS)
    • Migration Services
    • DataSync Overview
  • Other Services
    • Overview of Other Services
Powered by GitBook
On this page
  • Internet Gateways
  • Enabling internet access
  • Route Tables
  • Main Route Table

Was this helpful?

  1. Virtual Private Cloud (VPC)

Internet Gateways & Route Tables

Internet Gateways

  • It is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet.

  • It serves two purposes:

    • Provide a target in your VPC route tables for internet-routable traffic.

    • Perform network address translation (NAT) for instances that have been assigned public IPv4 addresses.

  • You can only have 1 Internet Gateway per VPC.

Enabling internet access

  1. Create an internet gateway.

  2. Attach the internet gateway to your VPC.

  3. Add a route to your subnet's route table that directs internet-bound traffic to the internet gateway.

  4. Ensure that instances in your subnet have a globally unique IP address (public IPv4 address, Elastic IP address, or IPv6 address).

  5. Ensure that your network access control lists and security group rules allow the relevant traffic to flow to and from your instance.

Route Tables

  • A route table contains a set of rules, called routes, that are used to determine where network traffic from your subnet or gateway is directed.

Main Route Table

  • When you create a VPC, it automatically has a main route table.

  • The main route table controls the routing for all subnets that are not explicitly associated with any other route table.

  • You cannot delete a main route table.

PreviousVPC SubnetsNextNAT Instances

Last updated 4 years ago

Was this helpful?