Public Subnet | Private Subnet |
---|---|
Instances have public IP addresses | Instances do not have public IP address (selectable during instance creation) |
Route table attached to the subnet has a default route | Route table attached to the subnet has no default route |
Internet Gateway
AWS Internet Gateway is a one-to-one private IP to public IP NAT device/service, not a regular NAT device like a home router. Instances inside the VPC subnet needs to have a public IP address associated with it. If not, Internet Gateway would not be able to route traffic for it.Egress-only Internet Gateway
IPv6 OnlyNAT gateway or NAT Instance
IPv4 OnlyInternet Access for Default and Nondefault VPCs
The following table provides an overview of whether your VPC automatically comes with the components required for internet access over IPv4 or IPv6.
Component | Default VPC | Nondefault VPC |
---|---|---|
Internet gateway | Yes | Yes, if you created the VPC using the first or second option in the VPC wizard. Otherwise, you must manually create and attach the internet gateway. |
Route table with route to internet gateway for IPv4 traffic (0.0.0.0/0) | Yes | Yes, if you created the VPC using the first or second option in the VPC wizard. Otherwise, you must manually create the route table and add the route. |
Route table with route to internet gateway for IPv6 traffic (::/0) | No | Yes, if you created the VPC using the first or second option in the VPC wizard, and if you specified the option to associate an IPv6 CIDR block with the VPC. Otherwise, you must manually create the route table and add the route. |
Public IPv4 address automatically assigned to instance launched into subnet | Yes (default subnet) | No (nondefault subnet) |
IPv6 address automatically assigned to instance launched into subnet | No (default subnet) | No (nondefault subnet) |