How To Provide Private Subnets Servers To Internet Access
In our previous article, we launch a server in private subnets and there was no internet connectivity on the servers. you need to configure nat instance for private subnets and attach it to with security group in AWS then it will provide internet to the private subnet.
We will need to create the private subnet in the VPC network then we will connect private subnet to the internet on AWS.
Now we need to test the internet connectivity on private servers and right now the internet not working because you need to create and attach the NAT gateway to get the internet connectivity on the private subnets.
NAT gateway will act as a router that provides you the internet connection through IGW. This NAT gateway should always be launched in public subnets because it has the internet gateway connected to the internet.
In the free tier, I will launch it as a NAT server using the community AMI. You can also use the NAT gateway but it’s chargeable.
Click on launch -> launch instance and choose NAT AMI
Choose your VPN network, public subnets, and enable public IP.
Give it any name.
Create a new security group, allow all traffic that will come from outside to your private servers and specify the network you want to whitelist. It depends on your requirement here I’m allowing all the traffic.
Once your NAT instance ready and you need to make a small change. You will have to disable source/destination otherwise your private subnets will not communicate to the internet.
Nat instance – > action -> Networking -> Change Source/Dest. Check
Click on “yes, Disable”
Now you will have to add routes in VPC private route tables.
Go to -> VPC -> Route Tables -> select routes -> edit routes
Add routes 0.0.0.0/0 and choose your nat instance in “target” and save routes.
Log in to your private server through public server and check the internet should be working.
You’re done private subnet security group aws nat instance give internet private subnet nat configure aws