Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Solutions Architect Professional Route Private Subnet to Internet? Reply To: Route Private Subnet to Internet?

  • Amiel-Palacol-TutorialsDojo

    Member
    July 19, 2023 at 6:36 pm

    Hi WThankachan,

    Thank you for the feedback.

    A private subnet is not directly routed to the internet. Primarily, resources within a private subnet do not have direct outbound access to the internet. On the other hand, if resources in the private subnet require access to the internet, they can do so through a NAT Gateway.

    A NAT Gateway acts as an intermediary between the private subnet and the internet. It allows resources within the private subnet to initiate outbound connections to the internet while hiding their private IP Addresses.

    It is important to note that the NAT Gateway is deployed in a public subnet and needs an internet gateway to function properly. The public subnet, associated with the NAT Gateway, has a route to the internet gateway, enabling the NAT Gateway to establish the necessary connectivity for internet access.

    Hence, The correct answer is:
    Update the AWS Fargate task definition and set the auto-assign public IP option to DISABLED. Launch a NAT gateway on the public subnet of the VPC and update the route table of the private subnet to route requests to the internet, as the NAT gateway in the public subnet should have a public IP address and a route to the Intenet Gateway. The tasks in the private subnet will send Internet traffic to the NAT gateway to be able to pull the images on Amazon Elastic Container Registry.

    Hope this helps.

    Let us know if you need further assistance. The Tutorials Dojo team is dedicated to helping you pass your AWS exam!

    Regards,

    Amiel Palacol @ Tutorials Dojo