Lab Steps

lock
Logging in to the Amazon Web Services Console
lock
Creating a VPC
lock
Creating a VPC Internet Gateway
lock
Creating a Public Subnet
lock
Creating a Bastion Host
lock
Creating a Private Subnet
lock
Creating a Network ACL for a Private Subnet
lock
Adding Rules to a Private Network ACL
lock
Launching an EC2 Instance on a Private Subnet
lock
Launching a Network Address Translation (NAT) instance
lock
Testing access of Private Subnet Instances
lock
Highlights of Securing your VPC
live-help Need help? Contact our support team

Here you can find the instructions for this specific Lab Step.

If you are ready for a real environment experience please start the Lab. Keep in mind that you'll need to start from the first step.

Introduction

An Internet Gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between instances in your VPC and the Internet. It imposes no availability risks or bandwidth constraints on your network traffic. An Internet gateway serves two purposes:

  1. Provide a target in your VPC route tables for Internet-routable traffic
  2. Perform network address translation (NAT) for instances that have been assigned public IP addresses. (Note: It does not do this for instances with private IP addresses.)

You can create a new Internet Gateway for your previously created VPC using the AWS Management Console.

 

Instructions 

1. From the VPC Dashboard, click Internet Gateways in the left navigation pane. The Internet Gateways page lists all previously created gateways:

alt

 Note: Your student account may already have an Internet gateway. If it does, it is likely attached to a default VPC. Regardless, this Lab Step will walk you through creating your own.

 

2. Click Create Internet Gateway to begin creating a new gateway. Creating a gateway is a one step operation. You only need to choose a meaningful name.

  • Name tag: Enter labs-gw

alt

 Click Create Internet Gateway when ready to proceed. The State of your Internet Gateway will be detached to start. Now you need to attach the new gateway to the VPC you created earlier.

 

3. Click ActionsAttach to VPC.

 

4. In the Attach to VPC form, select the cloudacademy-labs VPC from the drop-down menu:

alt

Note: The ID of your VPC will differ slightly. 

An Internet Gateway can only be attached to one VPC. Therefore, even if you have another Internet Gateway, and it's already attached to the default VPC, the drop-down menu when attaching your Internet Gateway will only include the detached VPC.

Click Attach Internet Gateway when ready to proceed.

 

5. View the Summary tab. Your new Internet Gateway is attached and available to be used by EC2 instances of the attached VPC:

alt

 

Summary

In this Lab Step you created an Internet Gateway, and attached it to the VPC that you created earlier. Instances in the public subnet will route traffic destined for the public internet through the internet gateway. If you think back to the lab environment diagram on the lab landing page, so far you have created the VPC and the Internet Gateway. You will continue creating other resources from the diagram, mostly in a left-to-right fashion. That is, next you will create a public subnet (and resources within it), then a private subnet (and resources within it). However, the NAT instance in the public subnet will be created last.

Validation checks
1Checks
Attached Internet Gateway

Attached the Internet Gateway to the non-default VPC

Networking for AWS