aws:network:nat-gateway
NAT Gateway
What it is: A managed Network Address Translation service that lets instances in private subnets access the internet outbound.
What it’s for:
- Allow private instances to download updates, call external APIs, etc.
- Prevent inbound internet connections to those private instances.
Key ideas:
- NAT Gateway is placed in a public subnet.
- It uses an Elastic IP.
- Private subnet route table: `0.0.0.0/0 → NAT Gateway`.
Exam cues:
- “private subnet needs outbound internet only” → NAT Gateway.
- “managed NAT” → NAT Gateway (not NAT instance).
Hard words:
- *translation* /trænzˈleɪʃn/: dịch/chuyển đổi (ở đây là đổi địa chỉ)
- *outbound* /ˈaʊtbaʊnd/: đi ra
- *Elastic IP* /ɪˈlæstɪk aɪ piː/: IP tĩnh public của AWS
aws/network/nat-gateway.txt · Last modified: by phong2018