How to enable internet in VPC

AwsHow-ToBeginner · 3 min read

How to Enable Internet Access in AWS VPC

To enable internet access in a VPC, attach an Internet Gateway to it and update the route table to direct internet-bound traffic (0.0.0.0/0) to this gateway. Also, ensure your subnet is public by associating it with this route table and that instances have public IPs or Elastic IPs.

📐

Syntax

To enable internet access in a VPC, you need to create and attach an Internet Gateway, then update the Route Table to send outbound traffic to the internet through this gateway.

Internet Gateway: A gateway that connects your VPC to the internet.
Route Table: Contains rules that direct traffic; you add a route for 0.0.0.0/0 pointing to the Internet Gateway.
Subnet: Must be associated with the route table that has the internet route to be public.

terraform

resource "aws_internet_gateway" "igw" {
  vpc_id = aws_vpc.main.id
}

resource "aws_route_table" "public" {
  vpc_id = aws_vpc.main.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.igw.id
  }
}

resource "aws_route_table_association" "public_assoc" {
  subnet_id      = aws_subnet.public.id
  route_table_id = aws_route_table.public.id
}

💻

Example

This example shows how to create a VPC with a public subnet that has internet access by attaching an Internet Gateway and updating the route table.

terraform

provider "aws" {
  region = "us-east-1"
}

resource "aws_vpc" "main" {
  cidr_block = "10.0.0.0/16"
}

resource "aws_subnet" "public" {
  vpc_id            = aws_vpc.main.id
  cidr_block        = "10.0.1.0/24"
  map_public_ip_on_launch = true
}

resource "aws_internet_gateway" "igw" {
  vpc_id = aws_vpc.main.id
}

resource "aws_route_table" "public" {
  vpc_id = aws_vpc.main.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.igw.id
  }
}

resource "aws_route_table_association" "public_assoc" {
  subnet_id      = aws_subnet.public.id
  route_table_id = aws_route_table.public.id
}

Output

Apply complete! Resources: 6 added, 0 changed, 0 destroyed.

⚠️

Common Pitfalls

Not attaching the Internet Gateway to the VPC will block internet access.
Forgetting to add the route 0.0.0.0/0 to the route table pointing to the Internet Gateway.
Not associating the subnet with the route table that has the internet route.
Instances without public IPs or Elastic IPs cannot access the internet even if the subnet is public.

terraform

/* Wrong: Missing internet gateway attachment and route */
resource "aws_route_table" "public" {
  vpc_id = aws_vpc.main.id
  # No route to internet gateway
}

/* Right: Attach IGW and add route */
resource "aws_internet_gateway" "igw" {
  vpc_id = aws_vpc.main.id
}

resource "aws_route_table" "public" {
  vpc_id = aws_vpc.main.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.igw.id
  }
}

📊

Quick Reference

Internet Gateway: Connects VPC to internet.
Route Table: Add route 0.0.0.0/0 to Internet Gateway.
Subnet: Associate with route table and enable public IP on launch.
Instances: Must have public or Elastic IP for internet access.

✅

Key Takeaways

Attach an Internet Gateway to your VPC to enable internet access.

Add a route for 0.0.0.0/0 in the route table pointing to the Internet Gateway.

Associate your subnet with the route table that has the internet route to make it public.

Ensure instances have public or Elastic IPs to communicate with the internet.

Without these steps, your VPC will remain isolated from the internet.