NAT Devices is the device to allow resources in the private subnet to connect to public internet, other VPCs, or on-premise networks
2 Types
- NAT Gateway: Managed NAT device provided by AWS
- NAT Instance: Self-managed NAT device
Comparisions
| NAT Gateway | NAT Device |
|---|---|
| Managed by AWS | Self managed |
| Optimized by AWS | Standard AMI, optimization |
| HA | None |
| Has public IP at creation | Public IP can be changed anytime |
| No SG | SG supported |
| No port forwarding | Port forwarding |
| Can be used as bastion server | Used as bastion server |
Migration to NAT Gateway
- Create NAT Gateway in the same subnet with NAT instance
- Update route table to replace to NAT Gateway
- Use the same public IP with NAT Instance, must disassociate Elastic IP from NAT Instance then creating NAT Gateway with the IP
- Make sure there is no critical service running because the connection will be dropped.