CloudWiki
Resource
Detect, troubleshoot & optimize AWS environments in real-time ->

Amazon Web Service (AWS)

Internet Gateway

Network
An internet gateway (IGW) allows resources associated with public IP (IPv4 or IPv6 address) within your VPC to access the internet. Likewise, resources on the internet can initiate a connection to resources in your subnet using the public IPv4 address or IPv6 address.
Costs
The cost of using an Internet Gateway is determined by the amount of data processed through it, with no additional charges for creation or deletion of the Internet Gateway. The cost starts at $0.05 per GB of data processed and decreases as data processed increases.
Direct Cost

--

Indirect Cost
No items found.
Terraform Name
aws_internet_gateway
Internet Gateway
attributes:
  • vpc_id - (Optional) The VPC ID to create in. See the aws_internet_gateway_attachment resource for an alternate way to attach an Internet Gateway to a VPC.
  • tags - (Optional) A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Associating resources with a
Internet Gateway
Resources do not "belong" to a
Internet Gateway
Rather, one or more Security Groups are associated to a resource.
Create
Internet Gateway
via Terraform:
The following HCL creates an internet gateway with the tag Name my-igw
Syntax:

resource "aws_internet_gateway" "gw" {
 vpc_id = aws_vpc.main.id

 tags = {
   Name = "my-igw"
 }
}

Create
Internet Gateway
via CLI:
Parametres:

create-internet-gateway
[--tag-specifications <value>]
[--dry-run | --no-dry-run]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
[--cli-binary-format <value>]
[--no-cli-pager]
[--cli-auto-prompt]
[--no-cli-auto-prompt]

Example:

aws ec2 create-internet-gateway \
   --tag-specifications ResourceType=internet-gateway,Tags=[{Key=Name,Value=my-igw}]

Best Practices for
Internet Gateway

Categorized by Availability, Security & Compliance and Cost

Low
Ensure Internet Gateway is attached to a VPC
Other
APRA
AWS Well-Architected Framework
MAS
Low
Internet Gateway (IGW) changes alarm
Security & Compliance
CIS
CISAWSF
PCI-DSS
APRA
MAS
Explore all the rules our platform covers
Related blog posts
We haven't write about
Internet Gateway
yet.
View all blog posts ->
All Resources
Compute
Athena
Auto Scaling Group
Availability Zone
EC2
ECS
ECS Task Definition
EKS
Lambda Function
Region
SageMaker Notebook
Database
DMS
DocumentDB
DynamoDB
EMR
ElastiCache
Glue
OpenSearch
RDS
Network
ALB
API Gateway
CloudFront
Direct Connect
Direct Connect Gateway
ELB
ENI
Elastic IP
GLB
Internet Gateway
NAT Gateway
NLB
Prefix List
Route 53
Route Table
Site-to-Site VPN Connection
Subnet
Target Group
Transit Gateway
VPC
VPC Endpoint
VPC Peering
VPN Customer Gateway
Virtual Private Gateway
Permission
IAM Account Password Policy
IAM Group
IAM Policy
IAM Role
IAM User
Instance Profile
Queue
Kinesis
MSK
SES
SNS
SQS
Security
CloudWatch
GuardDuty
Config
WAF
Network ACL
KMS
Security Group
Storage
EFS
S3 Glacier
AMI
EBS Snapshots
EBS Volume
S3 Bucket
Kubernetes
Network Policy
StatefulSet
Service
ReplicaSet
Namespace
Ingress
Endpoints
Deployment
Service Account
Pod