NAT Gateway in AWS can provide your private instances with access to the Internet for essential software updates while blocking incoming traffic from the outside world.
The private subnets in your VPC should have access to the Internet only through an AWS feature called NAT Gateway. The NAT Gateway configuration is optional and you can skip it if you want your instances in the private subnets to be completely restricted from accessing the Internet.
You can use a network address translation (NAT) gateway to enable instances in a private subnet to connect to the Internet or other AWS services, but prevent the internet from initiating a connection with those instances.
To create a NAT gateway, you must specify a subnet and an Elastic IP address. Make sure that the Elastic IP address is currently not associated with an instance or a network interface.
In AWS you can design your own network using VPC (Virtual Private Cloud). You can assign your own IP address ranges and split your network into Public and Private Subnets. In simple words, Public Subnet is like Green Zone where traffic from the internet is allowed while Private Subnet is DMZ where no direct internet access is allowed.
No comments:
Post a Comment