AWS Services that Support IPv6
Start course

In this course, we will review some of the internet protocol version 4 features of Amazon VPCs. Then you will be presented with internet protocol version 6, its notation and how to enable it for use with Amazon Virtual Private Clouds and EC2 Instances.

Learning Objectives

Discuss IPv4, IPv6 and how to configure it to be supported by Amazon VPCs and EC2 Instances.

Intended Audience

This course is intended for architects and system operators looking to benefit by using IPv6 addressing with AWS resources. This course also covers some of the objectives for both the solutions architect professional and the AWS Networking Specialty certifications. 


To get the most out of this course you will need to meet the requirements for any of the AWS associate level certifications or the equivalent experience.  

This course expects that you are familiar with the fundamentals of networking using AWS including Amazon Virtual Private Clouds, Public Subnets, Private Subnets, and IPv4 as used in EC2 Instances.  


AWS services that support IPv6. In general, Amazon VPC and EC2 instances are not the only services you can use with IPv6. AWS supports for IPv6 includes Amazon S3, S3 Transfer acceleration, Amazon CloudFront, Web Application Firewall, Route 53, and AWS Lambda for inbound connections. Application Load Balancers and Network Load Balancers support IPv6 provided that they are configured as Internet-facing. 

Internal Elastic Load Balancers do not support IPv6. More specifically, AWS provides IPv6 support for the following services: A VPC can operate in dual stack mode. IPv6 is optional. With dual stack enabled, an IPv6 CIDR is assigned and the remaining part of the VPC including Internet gateways, VPC peering, VPC Flow Logs, Network Access Control Lists, security groups, and route tables all support IPv6 entries. For subnets on such a VPC, you can define IPv4 only, dual stack, and IPv6 only addressing.

Amazon EC2 instances that are current generation instances types support IPv6 using dual stack. IPv6 only EC2 instances are limited to Nitro-based instance types. Amazon Route 53 supports IPv6 using AAAA records and health checks. Elastic Load Balancer can also be configured to use dual stack IP addresses and resolves IPv6 addresses to the AAAA DNS record for clients. It also supports security group configurations for IPv6 traffic. The load balancers need to be configured as Internet-facing. Amazon S3 supports dual stack endpoints for S3 buckets and S3 transfer acceleration. CloudFront supports IPv6 for newly created distributions. You can also reconfigure an existing distribution to enable IPv6 in the console.

Resources that connect to a CloudFront Edge location over IPv6 will automatically be served content over IPv6. The Web Application Firewall is able to inspect incoming traffic requests for both IPv4 and IPv6. Direct Connect supports dual stack configurations on public and private virtual interfaces. API Gateway does not yet support IPv6. The workaround is to create your very own CloudFront distribution with IPv6 and configure it to use the API gateway as its own. Please note that as of this writing, the Relational Database Service and Fargate do not support IPv6. You want to check AWS IPv6 reference as more services continue to be added to this growing list.


About the Author
Jorge Negrón
AWS Content Architect
Learning Paths

Experienced in architecture and delivery of cloud-based solutions, the development, and delivery of technical training, defining requirements, use cases, and validating architectures for results. Excellent leadership, communication, and presentation skills with attention to details. Hands-on administration/development experience with the ability to mentor and train current & emerging technologies, (Cloud, ML, IoT, Microservices, Big Data & Analytics).