Posted On: Dec 1, 2016
EC2 instances in Amazon Virtual Private Cloud (VPC) now offer native support for the IPv6 protocol. IPv6 can be enabled for existing and new VPCs through the AWS management console, API/SDK and CLI. Customers can use IPv6 on EC2 instances to access Internet resources as well as on-premise applications using Direct Connect. This enables numerous use cases such as hosting public services and meeting IPv6 compliance requirements.
With this ability, VPCs can now operate in a dual-stack mode with the ability to assign both IPv4 and IPv6 addresses on EC2 instances. With IPv6 enabled in a VPC, applications can be secured in the same easy manner available today through security groups, network ACLs and route tables. Additionally, IPv6 is supported in other key VPC features such as Internet Gateway, VPC Peering and VPC Flow Logs. There is no additional charge to use IPv6 in VPC.
By default, every IPv6 address is public and internet-routable. For customers requiring a private subnet on their IPv6-enabled VPCs, we are introducing a new resource within the VPC called the Egress-only Internet Gateway, which can be setup to allow one-way access to Internet resources. With the Egress-only Internet Gateway, outgoing traffic to the Internet will be allowed. However, incoming traffic initiated from the Internet will be blocked. There is no additional charge to use the Egress-only Internet Gateways. Data transfer charges apply as applicable today.
IPv6 support for Amazon EC2 is currently available in the US East (Ohio) region, with the support in other AWS regions coming soon. IPv6 support for the Application Load Balancer is coming soon as well.
For more information on IPv6 support on Amazon EC2, see the Amazon VPC page.
