Posted On: Jan 25, 2017
EC2 instances in Amazon Virtual Private Cloud (VPC) now offer native support for the IPv6 protocol worldwide. Last month, IPv6 in VPC was launched in the US East (Ohio) region. We now support IPv6 in all AWS regions, except regions in China.
IPv6 can be enabled for existing and new VPCs through the AWS management console, API/SDK and CLI. Customers can use IPv6 on EC2 instances to access Internet resources as well as on-premise applications. This enables numerous use cases such as hosting public services and meeting IPv6 compliance requirements.
With this ability, VPCs can now operate in a dual-stack mode with the ability to assign both IPv4 and IPv6 addresses on EC2 instances. With IPv6 enabled in a VPC, applications can be secured in the same easy manner available today through security groups, network ACLs and route tables. Additionally, IPv6 is supported in other key VPC features such as Internet Gateway, VPC Peering, and VPC Flow Logs. There is no additional charge to use IPv6 in VPC.
By default, every IPv6 address is public and internet-routable. For customers requiring a private subnet on their IPv6-enabled VPCs, we are introducing a new resource within the VPC called the Egress-only Internet Gateway, which can be setup to allow one-way access to Internet resources. With the Egress-only Internet Gateway, outgoing traffic to the Internet will be allowed. However, incoming traffic initiated from the Internet will be blocked. There is no additional charge to use the Egress-only Internet Gateways. Data transfer charges apply as applicable today.
For more information on IPv6 support on Amazon EC2, see the Amazon VPC page.