Gateways

Internet Gateway and NAT Solutions

Internet Gateway

Provides internet access to VPC resources in public subnets.

Horizontally scaled and redundant
No bandwidth constraints
One per VPC

NAT Gateway

Managed NAT service for outbound internet access from private subnets.

Fully managed by AWS
High availability within AZ
Bandwidth up to 45 Gbps

NAT Instance

EC2 instance configured to provide NAT functionality.

Customer managed
Lower cost option
Can be used as bastion host

Gateways Exam Tips

  • • Internet Gateway is required for public subnet internet access
  • • NAT Gateway is managed service, NAT Instance is customer managed
  • • NAT Gateway provides higher availability and bandwidth than NAT Instance
  • • Deploy NAT Gateway in each AZ for high availability
Previous: Subnets Next: Security