AWS Certified Solutions Architect - Associate (SAA-C02)

Sign Up Free or Log In to participate!

Provisioning NAT Gateway

From Lesson 9.4 – Using NAT Gateways for Internet Access
Probably a bit of a silly question, but I’m trying to wrap my head around the SIMPLICITY of bringing the NAT gateway up in this lesson. I would have thought that we need to do something with routing inside the Private Subnet. How is it that our instance in private subnet immediately has access to the NAT gateway in the Public subnet. I thought subnets were isolated network wise until we provided networking rules to allow for cross subnet communication. From what I can see we provision two different def routs in the public subnet only so I can’t wrap my head around why the private immediately has access. 
I’m sure it makes sense, but if anyone has the "explain it to me like I’m ten" kind of explanation, I’d love to hear it :p

1 Answers

When a VPC is created a main route table is created with it. This route table controls the routing for all subnets that are not explicitly associated with any other route table

In this example the VPC network was, and the main route table has only one route target local.

Any Subnet created in the VPC uses the main route table, in this case it has route to all other subnets in the VPC

After the creation of the NAT Gateway. He added a new route to the main route to the internet target NAT gateway

Because the new route was created in the main route table, it will be used by all subnets including the private subnet

Evan Walsh

Thanks Ben! Well answered. I completely forgot about main route table. I’ll re watch the lesson with this in mind. Cheers!

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?