Complete the code to create a NAT Gateway in a public subnet.
resource "aws_nat_gateway" "example" { allocation_id = aws_eip.example.[1] subnet_id = aws_subnet.public.[1] }
The NAT Gateway requires the Elastic IP allocation ID and the subnet ID where it will be created. Both use the id attribute.
Complete the route table entry to direct private subnet traffic to the NAT Gateway.
resource "aws_route" "private_nat" { route_table_id = aws_route_table.private.[1] destination_cidr_block = "0.0.0.0/0" [1] = aws_nat_gateway.example.id }
To route internet-bound traffic from a private subnet through a NAT Gateway, the route must specify nat_gateway_id pointing to the NAT Gateway resource.
Fix the error in the private subnet route table to enable internet access via NAT Gateway.
resource "aws_route" "private_route" { route_table_id = aws_route_table.private.id destination_cidr_block = "0.0.0.0/0" [1] = aws_nat_gateway.example.id }
The route to a NAT Gateway must use nat_gateway_id instead of gateway_id. The latter is for Internet Gateways.
Fill both blanks to create a private subnet route table that sends internet traffic through the NAT Gateway.
resource "aws_route_table" "private" { vpc_id = aws_vpc.main.[1] } resource "aws_route" "private_internet_access" { route_table_id = aws_route_table.private.[2] destination_cidr_block = "0.0.0.0/0" nat_gateway_id = aws_nat_gateway.example.id }
The VPC and route table resources are referenced by their id attributes to correctly link resources.
Fill all three blanks to associate the private subnet with the private route table and enable NAT Gateway internet access.
resource "aws_route_table_association" "private_assoc" { subnet_id = aws_subnet.private.[1] route_table_id = aws_route_table.private.[2] } resource "aws_route" "private_default_route" { route_table_id = aws_route_table.private.[3] destination_cidr_block = "0.0.0.0/0" nat_gateway_id = aws_nat_gateway.example.id }
Subnet and route table references require the id attribute to correctly associate and route traffic.