cloud-init not setting default route to NAT Gateway

Question

The current setup is:  
 - VPC with a public subnet 172.31.80.0/20  
 - Routing Table has 0.0.0.0/0 directing to IGW  
 - NAT in public subnet has private IP of 172.31.90.191  
  
Manually setting the NAT private IP as the default route ( using **ip ro**) in the EC2 allows the NAT Gateway to function as expected.  
The issue is that at boot time the **Amazon Linux 2** service **cloud-init** receives 172.31.80.1 as the gateway, not the NAT.  
DOPTS does not seem to have a field for setting the default gateway.  
  
Question:  
How can I make **cloud-init** receive the NAT IP as the setting for the default route?

In relation to this, the EC2 will also need a route for the AWS DNS at **169.something**.   
I suspect that a solution to the question will also help resolve this, but advice is welcome.

Answer

I solved this myself. This is what I had to do.  
  
Create VPC (Virtual Private Cloud) subnet 172.31.0.0/16  
Create an IGW (Internet Gateway)  
Create a public subnet within the VPC subnet 172.31.100.0/24  
Create a public route table that has a route 0.0.0.0/0 pointing to the IGW  
Add the public subnet to the public route table. The public subnet should now also use the public route table.  
Create EC2s without access from the Internet must be in a private subnet that does not have a route to the IGW  
Create an EIP (Elastic IP)  
Create a NAT (NAT Gateway) in the private subnet and associate the EIP  
Create a private route table for the private subnet and add a route of 0.0.0.0/0 pointing to the NAT  
The public and private subnets must both be within the VPC subnet but not overlapping.  
  
The default GW from cloud-init now works for the EC2.

cloud-init not setting default route to NAT Gateway

관련 콘텐츠