NAT Gateway is a highly available AWS managed service that makes it easy to connect to the Internet from instances within a private subnet in an Amazon Virtual Private Cloud (Amazon VPC). Previously, you needed to launch a NAT instance to enable NAT for instances in a private subnet.
A network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC.
- Login to aws portal.
- Click on Services.
- Under Networking & Content Delivery select VPC.
- Click on NAT Gateways.
- Click on Create NAT gateway.
- Provide NAT gateway tag name.
- Select existing subnet.
- Click on Allocate Elastic IP.Assign a elastic IP to nat gateway.
- Click on Create nat gateway.
- After sometime NAT gateway is ready.
- Click on Network ACLs.
- Provide Network ACL tag name.
- Select existing VPC.
- Click on Create Network ACL.
- After sometime Network ACL is ready.
Create NAT Gateway & Network ACL using Shell
- Setup aws-cli on your system so click on link https://www.hackerxone.com/blog/how-install-configure-aws-cli-ubuntu-1804
- Run the following command:
To create a NAT gateway
aws ec2 create-nat-gateway –subnet-id subnet-id –allocation-id elastic-ip-id
To create a network ACL
aws ec2 create-network-acl –vpc-id vpc-id