Give internet to VPC B which is private from VPC A which is public and has internet access

Question

Hi,
I have created two vpc's and those are connected together by Transit gateway.
now I want to give internet to VPC B without having an internet gateway in VPC B, I mean I want to give internet from VPC A to VPC B, we can use NAT gateway, I have tried things like keeping IG and Public NAT in VPC A and then adding Route to VPC B to redirect 0.0.0.0 to TGA but it did not successful as well..
basically I want to achieve that my VPC B which is private should have internet but we cant have Internet gateway in that VPC B.
If anyone knows possible ways to do it, it will really be helpful.

Accepted Answer

The setup you are proposing is definitely possible. The main source of issues is to get the routing in both VPCs and on Transit Gateway right. To debug that more information would be needed but as a start you might want to check this blog article: https://aws.amazon.com/blogs/networking-and-content-delivery/creating-a-single-internet-exit-point-from-multiple-vpcs-using-aws-transit-gateway/

It describes exactly your setup and shows examples of routing tables and the necessary modifications.

Answer

It's possible and supported. Pleaser also refer to https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-nat-igw.html for more details. I do want to point out that it will incur additional charges on TGW if cost is also a concern.

Give internet to VPC B which is private from VPC A which is public and has internet access

관련 콘텐츠