How do I set up a NAT gateway for a private subnet in Amazon VPC?
2 minute read
I have Amazon Elastic Compute Cloud (Amazon EC2) instances in a private subnet of my Amazon Virtual Private Cloud (Amazon VPC). How can I configure these instances to communicate securely with the internet?
A network address translation (NAT) gateway allows EC2 instances to establish outbound connections to resources on internet without allowing inbound connections to the EC2 instance. It's not possible to use the private IP addresses assigned to instances in a private VPC subnet over the internet. Instead, you must use NAT to map the private IP addresses to a public address for requests. Then, you must map the public IP address back to the private IP addresses for responses.