- Instances in private subnets cannot directly access the internet
- This is where a NAT (Network Address Translation) gateway comes into picture
Typical flow
- Private instances want to access the internet
- Traffic goes to NAT gateway (in public subnet)
- NAT gateway forwards request to internet via Internet gateway
- Response comes back through same path
NAT gateway is placed in the public subnet