By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Can private fargate instances access public sites via internet gateway instead of a NAT?

0

Can private fargate instances (containers with private ip in private subnets) get access to public sites via internet gateway instead of a NAT?

Topics
Networking & Content DeliveryServerlessContainers
Tags
Amazon VPCAWS FargateNetworking & Content Delivery
Language
English
quldude
asked 6 months ago231 views
2 Answers
1
Accepted Answer

Hello.

A NAT gateway is required if your containers are running in a private subnet.
If you can start a container in a public subnet, you can use an internet gateway to communicate.
I think this document is easy to understand.
https://docs.aws.amazon.com/AmazonECS/latest/bestpracticesguide/networking-outbound.html

profile picture
EXPERT
Riku_Kobayashi
answered 6 months ago
profile picture
EXPERT
Gary Mclean
reviewed 6 months ago
profile pictureAWS
EXPERT
Didier_Durand
reviewed 6 months ago
1

Once the private subnet have a default route to the Internet Gateway, the subnet will become a Public subnet under AWS terminology for Subnets. The other piece of this is that your container should be assigned with a Public IP for its traffic to route the internet. Thus you either assign a public IP to your containers to access the Internet directly behind the Internet Gateway or use a NAT gateway to do the translation behind the scene (Private IP <> Public IP) in case your containers are only assigned with Private IP.

profile pictureAWS
AmerO
answered 6 months ago
profile picture
EXPERT
Giovanni Lauria
reviewed a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content