Bird
Raised Fist0
AWScloud~5 mins

Internet Gateway for public access in AWS - Cheat Sheet & Quick Revision

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Recall & Review
beginner
What is an Internet Gateway in AWS?
An Internet Gateway is a component that allows communication between instances in a VPC and the internet. It acts like a door for public internet access.
Click to reveal answer
beginner
Why do you need an Internet Gateway for public access in AWS?
You need an Internet Gateway to let your public subnet instances send and receive traffic from the internet, like a house needing a front door to go outside.
Click to reveal answer
intermediate
How do you attach an Internet Gateway to a VPC?
You create an Internet Gateway and then attach it to your VPC. This connection allows your VPC to route traffic to and from the internet.
Click to reveal answer
intermediate
What route must be added to a route table for public access?
You add a route that sends all internet-bound traffic (0.0.0.0/0) to the Internet Gateway. This tells AWS to send traffic outside the VPC through the gateway.
Click to reveal answer
intermediate
Can instances in private subnets access the internet through an Internet Gateway?
No, instances in private subnets cannot use the Internet Gateway directly. They need a NAT Gateway or NAT instance to access the internet safely.
Click to reveal answer
What is the main purpose of an Internet Gateway in AWS?
ATo monitor network traffic
BTo store data securely
CTo manage user permissions
DTo allow VPC instances to communicate with the internet
Which route destination is used to send all internet traffic to the Internet Gateway?
A0.0.0.0/0
B10.0.0.0/16
C192.168.1.0/24
D127.0.0.1/32
Can an Internet Gateway be attached to multiple VPCs at the same time?
AYes, it can be shared across VPCs
BNo, it can only be attached to one VPC
CYes, but only in the same region
DNo, it is automatically attached to all VPCs
What happens if you do not attach an Internet Gateway to your VPC?
AInstances cannot access the internet
BThe VPC will automatically create a NAT Gateway
CThe VPC will be deleted
DInstances can still access the internet
Which AWS component allows private subnet instances to access the internet?
AInternet Gateway
BElastic Load Balancer
CNAT Gateway
DSecurity Group
Explain how an Internet Gateway enables public access in an AWS VPC.
Think about the path internet traffic takes from your VPC.
You got /4 concepts.
    Describe the difference between public and private subnets regarding internet access.
    Focus on how traffic flows in each subnet type.
    You got /4 concepts.

      Practice

      (1/5)
      1. What is the main purpose of an Internet Gateway in AWS?
      easy
      A. To allow communication between a VPC and the internet
      B. To store data securely in the cloud
      C. To manage user permissions in AWS
      D. To create private subnets within a VPC

      Solution

      1. Step 1: Understand the role of an Internet Gateway

        An Internet Gateway is a component that connects a Virtual Private Cloud (VPC) to the internet, enabling resources in the VPC to access or be accessed from the internet.

      2. Step 2: Identify the correct purpose

        Among the options, only allowing communication between a VPC and the internet matches the Internet Gateway's function.

      3. Final Answer:

        To allow communication between a VPC and the internet -> Option A

      4. Quick Check:

        Internet Gateway = Connects VPC to internet [OK]
      Hint: Internet Gateway connects VPC to internet, not storage or permissions [OK]
      Common Mistakes:
      • Confusing Internet Gateway with storage services
      • Thinking it manages user permissions
      • Assuming it creates private subnets
      2. Which AWS resource must an Internet Gateway be attached to for it to provide internet access?
      easy
      A. An EC2 instance
      B. A Virtual Private Cloud (VPC)
      C. An S3 bucket
      D. A Security Group

      Solution

      1. Step 1: Identify the attachment requirement of an Internet Gateway

        An Internet Gateway must be attached to a VPC to enable internet access for resources inside that VPC.

      2. Step 2: Match the correct AWS resource

        Among the options, only a VPC is the correct resource to attach an Internet Gateway to.

      3. Final Answer:

        A Virtual Private Cloud (VPC) -> Option B

      4. Quick Check:

        Internet Gateway attaches to VPC [OK]
      Hint: Internet Gateway attaches only to VPC, not instances or buckets [OK]
      Common Mistakes:
      • Trying to attach Internet Gateway directly to EC2
      • Confusing with storage like S3 buckets
      • Thinking it attaches to Security Groups
      3. Given the following AWS setup, what will happen if the Internet Gateway is not attached to the VPC?
      VPC: vpc-1234
      Internet Gateway: igw-5678 (created but not attached)
      EC2 Instance: in public subnet with route to igw-5678
      medium
      A. The EC2 instance will not have internet access
      B. The EC2 instance will be terminated automatically
      C. The EC2 instance will have internet access
      D. The EC2 instance will have internet access only for outbound traffic

      Solution

      1. Step 1: Understand Internet Gateway attachment requirement

        An Internet Gateway must be attached to the VPC to enable internet traffic flow. Without attachment, the gateway is inactive for that VPC.

      2. Step 2: Analyze the effect on EC2 instance

        Even if the route table points to the Internet Gateway, since it is not attached, the EC2 instance cannot send or receive internet traffic.

      3. Final Answer:

        The EC2 instance will not have internet access -> Option A

      4. Quick Check:

        Internet Gateway unattached = no internet access [OK]
      Hint: Internet Gateway must be attached to VPC for internet access [OK]
      Common Mistakes:
      • Assuming route table alone enables internet
      • Thinking instance auto-terminates without internet
      • Believing outbound-only access works without attachment
      4. You created an Internet Gateway and attached it to your VPC, but your EC2 instance in the public subnet still cannot access the internet. What is the most likely cause?
      medium
      A. The Internet Gateway is not attached to the VPC
      B. The EC2 instance is stopped
      C. The route table for the subnet does not have a route to the Internet Gateway
      D. The security group allows all traffic

      Solution

      1. Step 1: Confirm Internet Gateway attachment

        The question states the Internet Gateway is attached to the VPC, so this is not the issue.

      2. Step 2: Check route table configuration

        For internet access, the subnet's route table must have a route directing 0.0.0.0/0 traffic to the Internet Gateway. Missing this route blocks internet access.

      3. Final Answer:

        The route table for the subnet does not have a route to the Internet Gateway -> Option C

      4. Quick Check:

        Route table missing IGW route = no internet [OK]
      Hint: Check route table for 0.0.0.0/0 route to IGW [OK]
      Common Mistakes:
      • Ignoring route table routes
      • Assuming attachment alone grants internet
      • Confusing security group rules with routing
      5. You want to provide internet access to instances in a public subnet of your VPC. Which combination of steps is required to achieve this?
      hard
      A. Create a VPN connection and update the route table to route 0.0.0.0/0 to the VPN
      B. Create a NAT Gateway, attach it to the VPC, and assign private IPs to instances
      C. Attach an Internet Gateway to the subnet directly and assign Elastic IPs to instances
      D. Create and attach an Internet Gateway to the VPC, update the subnet's route table to route 0.0.0.0/0 to the Internet Gateway, and ensure instances have public IPs

      Solution

      1. Step 1: Attach Internet Gateway to VPC

        Internet Gateway must be created and attached to the VPC to enable internet connectivity.

      2. Step 2: Update subnet route table

        The route table for the public subnet must have a route sending all internet-bound traffic (0.0.0.0/0) to the Internet Gateway.

      3. Step 3: Assign public IPs to instances

        Instances need public IP addresses to communicate over the internet directly.

      4. Final Answer:

        Create and attach an Internet Gateway to the VPC, update the subnet's route table to route 0.0.0.0/0 to the Internet Gateway, and ensure instances have public IPs -> Option D

      5. Quick Check:

        IGW + route + public IP = internet access [OK]
      Hint: Internet Gateway + route + public IP = public internet access [OK]
      Common Mistakes:
      • Confusing NAT Gateway with Internet Gateway for public subnet
      • Trying to attach IGW to subnet directly
      • Forgetting to assign public IPs to instances