Associate a Custom Route Table with Private Subnet

After you create a NAT gateway, you need to create a custom route table for the NAT gateway and associate the NAT gateway with the private subnet.

Background information

To implement that servers reside in private subnet can send outbound traffic to the Internet, you need to complete the related settings:

  • Create a custom route table and add a route rule to direct the outbound traffic to the NAT gateway.
  • Associate the custom route table with private subnet.

In this way, servers in the private subnet can initiate one-way communication to the Internet through the NAT gateway, but not receive inbound traffic sent from the Internet, thus improving the communication security of servers in the private subnet.

The following diagram shows the architecture of your VPC after you complete this step.

Procedure

  1. Create a custom route table for NAT gateway
  2. Add a route rule to NAT gateway
  3. Associate the route table with private subnet

Create a custom route table for NAT gateway

  1. Log in to Amazon VPC Console.
  2. On the left navigation bar, go to Route Tables, then click Create route table.

  3. In the Route table settings section, complete the following settings:

    • Name: Optional. Enter a name to help you identify the NAT route table. In this example, enter ycm-nat.
    • VPC: Select the VPC you've created for the Cloud PBX. In this example, select ycm-cloudpbx.
  4. Click Create route table.

    The custom route table for NAT gateway is displayed on the Route tables list.

Add a route rule to NAT gateway

  1. On the left navigation bar, click Route Tables, and select the route table created for NAT gateway.

    The details of the selected route table is displayed on the bottom of the page.

  2. Go to Routes tab, click Edit routes.

  3. In the Edit routes page, click Add route, complete the following settings.
    • Destination: Specify 0.0.0.0/0 for IPv4 traffic.
    • Target: Select NAT Gateway, then select the NAT gateway you've created under the VPC.
  4. Click Save Changes to apply the change.

Associate the route table with private subnet

  1. On the left navigation bar, click Route Tables, and select the route table created for NAT gateway.

    The details of the selected route table is displayed on the bottom of the page.

  2. Go to Subnet associations tab, click Edit subnet associations in the Explicit subnet associations section.

  3. From the Available subnets list, select the private subnet you've created under the VPC. In this example, select ycm-private-subnet.

  4. Click Save associations.

    The private subnet ycm-private-subnet is associated with the NAT route table.