I recently bumped into my own post of some time ago in which I describe how to add a NAT instance to your private subnet to have access to the internet to install packages etc. Although this still works some time ago AWS introduced the NAT Gateway which in most cases makes life much easier.
In this post I show you how to set up the NAT Gateway instead of using the NAT instance. To get the same start situation as the original post I created this CloudFormation script that creates a VPC with two private and public subnets. When these are in place I can create an EC2 instance in both the private subnet and in the public one, as I also described in the original post.
What we see is that the ‘sudo yum update’ in the ‘PrivateInstance’ fails as expected because the private instance isn’t allowed to access the internet to install packages. So that is where the NAT Gateway comes in place. To install one I simply use the wizard in the Management Console that will guide you through.
Select the ‘NAT Gateways’ option in the left menu to start the wizard:
In the next screen select a public subnet in which the NAT Gateway has to reside and select an Elastic IP address to it (most likely you will need to create one as you won’t normally have these available):
Then the NAT Gateway is created (yes, it has become that easy) and we need to modify the Route Table for the private subnet so it will make use of the NAT Gateway. Just click the button in the screen that is show after the creation:
In the private route table add a rule that connects our private subnet to the Destination ‘0.0.0.0/0’ (which means any machine) via the NAT Gateway by selecting the NAT as target:
That’s it. Now we can access the internet from our ‘private’ instances as we could with the NAT Instance in place. So the question might be when to use one over the other. To answer that question AWS has made the following comparison so you can check what is your use case and see what fits best,
Tag Cloud
- ActiveMQ
- Artifactory
- AWS
- AWS Beanstalk
- AWS DynamoDB
- AWS EMR
- AWS Glacier
- AWS IAM
- AWS RDS
- AWS Route 53
- AWS S3
- AWS SDK Java
- AWS SQS
- AWS VPC
- Axis2
- blockchain
- Boxfuse
- BPEL
- BPMN
- Citrus
- Cloud
- CloudCheckr
- Continuous Build
- Continuous Delivery
- CruiseControl
- CXF
- DataMining
- Docker
- EJB3
- ethereum
- Git
- GitLab
- GlassFish
- Hadoop
- Hibernate
- IntelliJ IDEA
- iOS
- Jasper Reports
- JAX-WS
- JAXB
- JBoss AS
- Jenkins
- JMS
- Linux
- MapForce
- MapReduce
- maven
- MongoDB
- Mule
- Mule ESB
- Mule iON
- Netbeans
- Nexus
- OpenEJB
- Oracle BPEL
- Oracle iAS
- Oracle WSM
- Oracle XE
- Quartz
- Red Hat
- REST
- Security
- Smooks
- SOA/Web Services
- SoapUI
- Spring Boot
- Spring Framework
- Spring Integration
- Spring WS
- Swift
- TOGAF9
- Tomcat
- WSO2 ESB
- XCode
- XML/XSD/XSLT
Archives
Categories
Top Posts & Pages
- Use Spring and Hibernate with MongoDB
- Small hack to avoid SSL validation in Spring RestTemplate
- Using a WAR module as dependency in Maven
- Run your Spring Boot application on AWS using Elastic Beanstalk
- Generate JAXB classes with Maven based on multiple schema’s
- Assigning a subdomain to a Beanstalk application with AWS Route 53
- Transforming XML to CSV via XSLT
- Signing and Validating Soap requests with Mule ESB
- Running Oracle XE on Amazon EC2
- Scheduling with Spring and Quartz
About me
The Pragmatic Integrator 