InternetGateway:
Type: AWS::EC2::InternetGateway
AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref MyVPC
InternetGatewayId: !Ref InternetGateway
RouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MyVPC
PublicRoute:
Type: AWS::EC2::Route
DependsOn: AttachGateway
Properties:
RouteTableId: !Ref RouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
RouteAssoc1:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref Subnet1
RouteTableId: !Ref RouteTable
RouteAssoc2:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref Subnet2
RouteTableId: !Ref RouteTable
Now we’re entering the “network connectivity” section of AWS CloudFormation template — this is what actually connects your private VPC and subnets to the internet 🌐.
Let’s go step by step — we’ll visualize it like you’re wiring up your own mini data center.
This part sets up:
Internet Gateway → door from your VPC to the internet 🌍
AttachGateway → connects that door to your VPC 🏠
RouteTable → defines which traffic goes where (the “roadmap”) 🗺️
PublicRoute → says: “If traffic goes to the internet (0.0.0.0/0), send it through the gateway.” 🚦
Subnet Associations (RouteAssoc1 & 2) → link your subnets to that route table so they can use the internet.
Continue With Google 
Continue With Facebook 
Programming
InternetGateway:
Type: AWS::EC2::InternetGateway
Creates an Internet Gateway (IGW) — think of it as the main door between your AWS VPC and the Internet.
Without this, your VPC is like an island with no bridge — it can’t send or receive internet traffic.
✅ Purpose:
Provides your VPC access to the public internet.
🧠 Analogy:
Internet Gateway = Broadband router of your AWS home.
AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref MyVPC
InternetGatewayId: !Ref InternetGateway
Just creating an IGW doesn’t automatically attach it — it’s a separate step.
This resource attaches the InternetGateway you created to your MyVPC.
✅ Purpose:
Connects the “door” (IGW) to your “house” (VPC), allowing traffic to flow through.
RouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MyVPC
A Route Table is like a map that defines where network traffic should go.
Each subnet must be associated with one.
Since you’re making a public route table, it will contain a route to the internet via the IGW.
✅ Purpose:
Holds routing rules for your subnets.
🧠 Analogy:
Route Table = Road directory that says “traffic to this destination → go through this path.”
PublicRoute:
Type: AWS::EC2::Route
DependsOn: AttachGateway
Properties:
RouteTableId: !Ref RouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
This adds a route entry to your route table.
DestinationCidrBlock: 0.0.0.0/0 means “any IP address anywhere in the world.”
GatewayId: !Ref InternetGateway means “send that traffic to the Internet Gateway.”
DependsOn: AttachGateway ensures that the gateway is attached before this route is created.
✅ Purpose:
Makes all outgoing traffic from your subnets (like ECS containers or EC2 instances) go through the Internet Gateway to reach the internet.
🧠 Analogy:
This is the rule that says “If you’re leaving the neighborhood, use the main highway (Internet Gateway).”
RouteAssoc1:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref Subnet1
RouteTableId: !Ref RouteTable
This binds Subnet 1 with your Route Table.
Meaning: Subnet 1 will follow the routes defined there (including internet access).
✅ Purpose:
Gives Subnet 1 access to the internet through the Internet Gateway.
RouteAssoc2:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref Subnet2
RouteTableId: !Ref RouteTable
Same logic as above, but for Subnet 2.
So both subnets (in two different Availability Zones) share the same public route table and have internet connectivity.
✅ Purpose:
Ensures Subnet 2 also has public internet access.
| Component | Type | Description |
|---|---|---|
| InternetGateway | AWS::EC2::InternetGateway | Door to the internet |
| AttachGateway | AWS::EC2::VPCGatewayAttachment | Attaches that door to your VPC |
| RouteTable | AWS::EC2::RouteTable | Traffic rules (map) for your subnets |
| PublicRoute | AWS::EC2::Route | Rule saying “send all 0.0.0.0/0 traffic to Internet Gateway” |
| RouteAssoc1 & 2 | AWS::EC2::SubnetRouteTableAssociation | Connects both subnets to that route table (so they can use the internet) |
Here’s what your network looks like now:
🌍 Internet
│
┌─────────────────┐
│ Internet Gateway │
└──────┬───────────┘
│
┌───────────────────────────────┐
│ VPC (10.0.0.0/16) │
│ │
│ ┌────────────────────┐ │
│ │ Subnet 1 (AZ A) │────┐ │
│ │ 10.0.1.0/24 │ │ │
│ └────────────────────┘ │ │
│ │ │
│ ┌────────────────────┐ │ │
│ │ Subnet 2 (AZ B) │────┘ │
│ │ 10.0.2.0/24 │ │
│ └────────────────────┘ │
│ │
│ Route Table: 0.0.0.0/0 → IGW│
└───────────────────────────────┘
| Concept | Explanation | Example |
|---|---|---|
| Internet Gateway | Connects VPC to the internet | Doorway to outside world |
| VPC Gateway Attachment | Attaches IGW to VPC | Connects your “door” |
| Route Table | Defines traffic directions | Like a city’s road map |
| Public Route | Tells where “internet traffic” goes | 0.0.0.0/0 → IGW |
| Subnet Associations | Subnets use that route table | Subnet1 & 2 can now access internet |