Since we configured VPC endpoint and removed NAT gateway, how is yum update going to work on the private instances? We still need the NAT gateway for it right?
I haven’t watched this lecture in awhile, but if I remember correctly, an S3 endpoint was put in place. The AWS yum repo you’re hitting is actually stored in S3, so that’s why it works without traversing out to the public internet through the NAT gateway.
In general, you won’t be able to access the internet. Endpoints go to specific AWS services. If you want to be able to run yum updates, then you will need a NAT gateway, a proxy or a local repo server.