What are you trying to achieve?
If your only goal is to download content from the internet to your EC2 instance running in your private subnet, you have everything setup and ready to go.
For example, if you are on amazon Linux and you type 'sudo yum -y install httpd', you would see all the packages getting downloaded from the internet.
If that is not your intent then please go into more details on your requirements.
"icanhazip.com" is a server on the public Internet that returns the IP address of the calling client. You are invoking from your EC2 instance in your Private Subnet utilizing the NAT Gateway to get to the Internet. Why you run 'curl icanhazip.com' it is correctly returning the public EIP that is assigned to your NAT Gateway - which means that your NAT Gateway is properly setup.
The purpose of the NAT Gateway is to expose ONLY the public EIP address and route all traffic originating from the Private subnet(s) attached to the NAT Gateway by handling the Network Address Translation from private/public IP. Your private address space is "private". It never routes to the public Internet.
Hope this helps,
It helps, thanks. Is there a solution to deploy in AWS that is similar to a 1-to-1 NAT?
I need an instance in my private subnet to be able to transmit data to a server somewhere else and then receive data back to the EC2 instances address where my software is running.
If I am understanding correctly, that is what you currently have setup. the NAT basically will restrict Internet originating connections into your EC2 instance which protects it from general attacks from the Internet. However, with a NAT Gateway in place, your EC2 can initiate, for example, a REST API call to any server on the Internet, and the data from that REST API call will be auto-routed back to your EC2 instance in your private subnet through the NAT Gateway without the server on the Internet needing to know what the private IP address is for that EC2 instance.
Are you saying that you need to send something asynchronously to the public Internet. And then in a different connection session sometime in the future, the server on the public Internet will need to establish a connection directly back to your EC2 instance in your private subnet so that it can send back to the EC2 instance? If yes, that is not possible. The definition of a private subnet is that the public Internet has no direct route (ingress) into your private subnet. If this is your use case, your EC2 has to be in a public subnet with a direct route to an Internet Gateway which will allow you to establish connections both outbound to Internet and Inbound from the Internet.
How can Ec2 Instance in private subnet access internet via vpc endpoint?Accepted Answerasked 3 months ago
AWS Nitro Enclave instance does not have public ipv4 addressasked 5 months ago
What are the guarantees of custom and automatic primary private IPv4 address assignments in EC2?asked 2 months ago
How do you get the private IP address of the eth1 network interface on an Amazon EC2 instance?Accepted Answerasked 2 years ago
How Instances in Private subnet can connect to Internet with NAT InstanceAccepted Answerasked 2 months ago
EC2 instance in private subnet shows IPv4 address of NAT instanceasked 3 years ago
Unable to connect to EC2 instance in private Subnetasked a year ago
Unable to connect to EC2 instance in private Subnetasked 2 years ago
Is it possible Private EC2 Instance send outbound traffic to Public ELB?asked 7 days ago
EC2 instance doesn't have access to internetasked 3 years ago