Creating a NAT Gateway

You can create a NAT gateway in a public subnet of a Virtual Private Cloud (VPC) to enable instances in this subnet to indirectly connect to the Internet. You can create one NAT gateway for each public subnet of the VPC.

To do so, you also need to:

  • Add a rule allowing outbound flows to the Internet to the security group used for the instances you want to connect to the Internet.

  • Add a route with the 0.0.0.0/0 CIDR block (or a smaller range of IPs) as destination and the ID of the newly created NAT gateway as target to the route table of the subnet containing your instances.

Creating a NAT Gateway Using Cockpit

Before you begin: Allocate an External IP (EIP) to your account. For more information, see Allocating an EIP to Your Account.

  1. Click VPC > NAT Gateways.

  2. Click Create .
    The CREATE NAT GATEWAY dialog box appears.

  3. Specify the following information for the NAT gateway to create:

    • (optional) In the Name field, type a name for the NAT gateway.

      This action adds a Name tag of 255 characters maximum. You can use any character, including accented letters.

    • From the VPC list, select the VPC for which you want to create the NAT gateway.

    • From the Subnet list, select the subnet in which you want to create the NAT gateway.

    • From the External IP list, select the EIP you want to associate with the NAT gateway.

  4. Click Create to validate.
    The NAT gateway is created and appears in the NAT Gateways tab.

Creating a NAT Gateway Using AWS CLI

Before you begin: Allocate an External IP (EIP) to your account. For more information, see Allocating an EIP to Your Account.

To create a NAT gateway, use the create-nat-gateway command following this syntax:

Request sample
$ aws ec2 create-nat-gateway \
    --profile YOUR_PROFILE \
    --subnet-id "subnet-12345678" \
    --allocation-id "eipalloc-87654321" \
    --endpoint "https://fcu.eu-west-2.outscale.com"

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • subnet-id: The subnet in which you want to create the NAT gateway.

  • allocation-id: The allocation ID of the EIP you want to associate with the NAT gateway.

  • endpoint: The endpoint corresponding to the Region you want to send the request to.

The create-nat-gateway command returns the following elements:

  • NatGateway: Information about the newly created NAT gateway. This element contains the following information:

    • NatGatewayAddresses: Information about the EIP associated with the NAT gateway. This element contains the following information:

      • AllocationId: The ID of the allocation of the EIP.

      • PublicIp: The EIP associated with the NAT gateway.

  • VpcId: The ID of the VPC in which the NAT gateway is.

  • State: The state of the NAT gateway. For more information, see About NAT Gateways.

  • NatGatewayId: The ID of the NAT gateway.

  • SubnetId: The ID of the subnet in which the NAT gateway is.

  • CreateTime: The date and time of creation of the NAT gateway.

Result sample
 {
  "NatGateway": {
    "NatGatewayAddresses": [
      {
        "AllocationId": "eipalloc-87654321",
        "PublicIp": IP_ADDRESS
      }
    ],
    "VpcId": "vpc-1234abcd",
    "State": "pending",
    "NatGatewayId": "nat-4321dcba",
    "SubnetId": "subnet-12345678",
    "CreateTime": "2016-10-17T11:18:12.423Z"
  }
}

The NAT gateway is created.

Related Pages

Corresponding API Method

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.