██FR█████ █INTELL███████████

NAT Gateway Implementation


This content originally appeared on DEV Community and was authored by Clinton Ogechi

A NAT Gateway is a key component in AWS networking, that allows instances in a private subnet to connect to the internet or other AWS services while preventing inbound traffic from the internet. Below are steps on how to implement it;

1. Create a VPC

  1. Log in to the AWS Management Console.
  2. Navigate to the VPC Dashboard.
  3. Click on Your VPCs in the left-hand menu.
  4. Click on Create VPC.
  5. Fill in the following details: Name tag: MyVpc IPv4 CIDR block: 10.0.0.0/16
  6. Click on Create VPC.

Image description

2. Create Subnets

Create Public Subnet

  1. In the VPC Dashboard, click on Subnets.
  2. Click on Create subnet.
  3. Enter the following details: Name tag: PublicSubnet, VPC: Select MyVpc, Availability Zone: Choose one (e.g., af-south-1a ), IPv4 CIDR block: 10.0.1.0/24.
  4. Click on Create subnet.

Image description

Create Private Subnet

  1. In the VPC Dashboard, click on Subnets.
  2. Click on Create subnet again.
  3. Fill in the following details: Name tag: PrivateSubnet VPC: Select MyVpc Availability Zone: Choose one (e.g., af-south-1b ) IPv4 CIDR block: 10.0.2.0/24
  4. Click on Create subnet.

Image description

3. Create and Attach an Internet Gateway

  1. Go to the Internet Gateways section in the VPC Dashboard.
  2. Click on Create internet gateway.
  3. Fill in the following details: Name tag: MyInternetGateway
  4. Click Create internet gateway.
  5. Select the newly created Internet Gateway and click Actions > Attach to VPC.
  6. Select MyVpc and click Attach internet gateway.

Image description

Image description

4. Create a NAT Gateway

  1. Go to the NAT Gateways section in the VPC Dashboard.
  2. Click on Create NAT gateway.
  3. Fill in the following details: Name tag: MyNatGateway Subnet: Select PublicSubnet Elastic IP allocation ID: Click on Allocate Elastic IP and then Allocate.
  4. Click Create a NAT Gateway.

Image description

5. Create Route Tables

  1. Go to the Route Tables section in the VPC Dashboard.
  2. Click on Create route table.
  3. Fill in the details for the public route table: Name tag: PublicRouteTable VPC: Select MyVpc
  4. Click Create route table.
  5. Select the newly created route table PublicRouteTable and click on the Routes tab.
  6. Click Edit routes > Add route.
  7. Set the Destination to 0.0.0.0/0 and Target to the Internet Gateway ( MyInternetGateway ).
  8. Click Save routes.

Image description

Image description

  1. Go back to Route Tables and create another route table for the private subnet: Name tag: PrivateRouteTable VPC: Select MyVpc
  2. Click Create route table.
  3. Select the newly created route table PrivateRouteTable and click on the Routes tab.
  4. Click Edit routes > Add route.
  5. Set the Destination to 0.0.0.0/0 and Target to the NAT Gateway ( MyInternetGateway ).
  6. Click Save routes.

Image description

Image description

6. Associate Route Tables with Subnets

  1. Select the PublicRouteTable route table.
  2. Click on the Subnet associations tab.
  3. Click Edit subnet associations.
  4. Select the PrivateRouteTable and click Save.
  5. Select the PrivateRouteTable route table.
  6. Click on the Subnet associations tab.
  7. Click Edit subnet associations.
  8. Select the PrivateRouteTable and click Save.

Image description

Image description

7. Launch Instances

  1. Go to the EC2 Dashboard in the AWS Management Console.
  2. Click on Launch Instance.
  3. Fill in the following details: Name: public-instance AMI: Select an AMI, e.g., Amazon Linux 2 Instance type: t2.micro (or any other type you prefer) Key pair: Create a new key pair or select an existing one
  4. Network settings: VPC: Select MyVpc Subnet: Select PublicSubnet Auto-assign Public IP: Enable
  5. Click Launch instance.
  6. Repeat the steps to launch another instance in the private subnet: Name: private-instance AMI: Select an AMI, e.g., Amazon Linux 2 Instance type: t2.micro (or any other type you prefer) Key pair: Create a new key pair or select an existing one Network settings: VPC: Select MyVpc Subnet: Select PrivateSubnet Auto-assign Public IP: Disable

Verify the Configuration

Public Instance: Should have internet access directly.
Private Instance: Should have internet access through the NAT Gateway.**

By following these steps, you will have a VPC with one public subnet and one private subnet, each correctly configured with route tables and a NAT Gateway.


This content originally appeared on DEV Community and was authored by Clinton Ogechi