AWScloud~30 mins

NAT Gateway for private subnet internet in AWS - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

NAT Gateway for Private Subnet Internet Access

📖 Scenario: You are setting up a simple cloud network for a small company. The company wants to keep some servers private, so they are in a private subnet. These servers need to access the internet to download updates, but no one from the internet should connect directly to them.To do this, you will create a NAT Gateway in a public subnet. The private subnet will use this NAT Gateway to reach the internet safely.

🎯 Goal: Build a basic AWS VPC with one public subnet and one private subnet. Create a NAT Gateway in the public subnet. Configure the private subnet's route table to send internet traffic through the NAT Gateway.

📋 What You'll Learn

Create a VPC with CIDR block 10.0.0.0/16

Create a public subnet with CIDR block 10.0.1.0/24

Create a private subnet with CIDR block 10.0.2.0/24

Create an Internet Gateway and attach it to the VPC

Create a NAT Gateway in the public subnet

Create route tables for public and private subnets

Configure the public route table to route 0.0.0.0/0 to the Internet Gateway

Configure the private route table to route 0.0.0.0/0 to the NAT Gateway

Associate the public subnet with the public route table

Associate the private subnet with the private route table

💡 Why This Matters

🌍 Real World

Many companies use private subnets to protect sensitive servers while still allowing them to access the internet safely through a NAT Gateway.

💼 Career

Understanding how to set up NAT Gateways and route tables is essential for cloud network engineers and architects to design secure and functional cloud networks.

Progress0 / 4 steps

Create VPC and Subnets

Create a VPC with CIDR block 10.0.0.0/16. Then create a public subnet with CIDR block 10.0.1.0/24 and a private subnet with CIDR block 10.0.2.0/24 inside this VPC. Use resource names MyVPC, PublicSubnet, and PrivateSubnet respectively.

AWS

# Your code here to create VPC and subnets

Need a hint?

Start by defining the VPC resource with the correct CIDR block. Then add two subnet resources inside this VPC with the specified CIDR blocks.

Create Internet Gateway and NAT Gateway

Create an Internet Gateway named MyIGW and attach it to the VPC MyVPC. Then create an Elastic IP named NatEIP and a NAT Gateway named MyNAT in the public subnet PublicSubnet using this Elastic IP.

AWS

# Your code here to create Internet Gateway, Elastic IP, and NAT Gateway

Need a hint?

Attach the Internet Gateway to the VPC. Create an Elastic IP for the NAT Gateway. Then create the NAT Gateway in the public subnet using the Elastic IP.

Create Route Tables and Routes

Create a public route table named PublicRT for the VPC MyVPC. Add a route to 0.0.0.0/0 that points to the Internet Gateway MyIGW. Create a private route table named PrivateRT for the same VPC. Add a route to 0.0.0.0/0 that points to the NAT Gateway MyNAT.

AWS

# Your code here to create route tables and routes

Need a hint?

Create two route tables for the VPC. Add a default route to the Internet Gateway in the public route table. Add a default route to the NAT Gateway in the private route table.

Associate Subnets with Route Tables

Associate the public subnet PublicSubnet with the public route table PublicRT. Associate the private subnet PrivateSubnet with the private route table PrivateRT.

AWS

# Your code here to associate subnets with route tables

Need a hint?

Use route table association resources to link each subnet to its route table.