I recently bumped into my own post of some time ago in which I describe how to add a NAT instance to your private subnet to have access to the internet to install packages etc. Although this still works some time ago AWS introduced the NAT Gateway which in most cases makes life much easier.
In this post I show you how to set up the NAT Gateway instead of using the NAT instance. To get the same start situation as the original post I created this CloudFormation script that creates a VPC with two private and public subnets. When these are in place I can create an EC2 instance in both the private subnet and in the public one, as I also described in the original post.
What we see is that the ‘sudo yum update’ in the ‘PrivateInstance’ fails as expected because the private instance isn’t allowed to access the internet to install packages. So that is where the NAT Gateway comes in place. To install one I simply use the wizard in the Management Console that will guide you through.
Select the ‘NAT Gateways’ option in the left menu to start the wizard:
In the next screen select a public subnet in which the NAT Gateway has to reside and select an Elastic IP address to it (most likely you will need to create one as you won’t normally have these available):
Then the NAT Gateway is created (yes, it has become that easy) and we need to modify the Route Table for the private subnet so it will make use of the NAT Gateway. Just click the button in the screen that is show after the creation:
In the private route table add a rule that connects our private subnet to the Destination ‘0.0.0.0/0’ (which means any machine) via the NAT Gateway by selecting the NAT as target:
That’s it. Now we can access the internet from our ‘private’ instances as we could with the NAT Instance in place. So the question might be when to use one over the other. To answer that question AWS has made the following comparison so you can check what is your use case and see what fits best,
Tag CloudActiveMQ amazon Artifactory AWS AWS Beanstalk AWS DynamoDB AWS EMR AWS Glacier AWS IAM AWS RDS AWS Route 53 AWS S3 AWS SDK Java AWS SQS AWS VPC Axis2 Boxfuse BPEL BPMN Citrus Cloud CloudCheckr Continuous Build CruiseControl CXF DataMining DZone EJB3 Git GitLab GlassFish Hadoop Hibernate IntelliJ IDEA iOS Jasper Reports Java JavaCodeGeeks JAX-WS JAXB JBoss AS JMS Linux MapForce MapReduce maven MongoDB Mule Mule ESB Mule iON Netbeans OpenEJB Oracle BPEL Oracle iAS Oracle WSM Oracle XE Quartz Red Hat REST SAML Security Smooks SOA/Web Services SoapUI Spring Boot Spring Framework Spring Integration Spring WS SqlDeveloper Swift TOGAF9 Tomcat WSO2 ESB XCode XML/XSD/XSLT
Top Posts & Pages
- Validating JWT with Spring Boot and Spring Security
- Assign a fixed IP to AWS EC2 instance
- Run your Spring Boot application on AWS using Elastic Beanstalk
- Using Amazon RDS with your WordPress installation
- Using a WAR module as dependency in Maven
- Writing a Hadoop MapReduce task in Java
- Making Spring Boot application run serverless with AWS
- Starting developing in Swift: Using GitLab with XCode
- Running the Maven Release Plugin with Jenkins
- Using AWS SQS as JMS provider with Spring
Pascal is a senior IT consultant and has been working in IT since 1997. He is monitoring the latest development in new technologies (Mobile, Cloud, Big Data) closely and particularly interested in Java open source tool stacks, cloud related technologies like AWS and mobile development like building iOS apps with Swift. Specialties: Java/JEE/Spring Amazon AWS API/REST Big Data Continuous Delivery Swift/iOS