With IPv4 we can create private subnets that allow us to use private IP addresses. And NAT Gateways that we set up restrict inbound access to EC2 instances, while still allowing outbound access for things like security patches. But with IPv6, all IP addresses are public. We can use NACLs and Security groups to help control access to an instance that has an IPv6 address, but to ensure that the instance is able to use outbound only internet access on IPv6, an egress-only internet gateway is required.
In this lesson we discuss and walk-through egress-only internet gateways.