Back to glossary

NAT Gateway

A Network Address Translation (NAT) service that allows instances in a private subnet to connect to the internet while preventing the internet from initiating connections with those instances.

Categorycloud

Overview

A NAT Gateway is used to provide outbound internet access for resources in a private subnet (e.g., for software updates or connecting to external APIs). It translates the private IP addresses of the instances into a single public IP address.

Key Characteristics

  • Unidirectional: Only allows outbound traffic; the internet cannot initiate a connection to an instance behind a NAT Gateway.
  • Managed Service: Highly available and scales automatically to meet demand.
  • Cost: Typically charged based on an hourly rate and the amount of data processed.

Use Case

Essential for securing backend servers, databases, and other private resources that need occasional internet access but must remain hidden from the public web.

Related Terms

Internet GatewaySubnetEgress