Associate a Custom Route Table with Private Subnets

After you create a NAT gateway, you need to create a custom route table for the NAT gateway and associate the NAT gateway with the private subnets.

Background information

To implement that servers reside in private subnets can send outbound traffic to the Internet, you need to complete the related settings:

  • Create a custom route table and add a route rule to direct the outbound traffic to the NAT gateway.
  • Associate the custom route table with the private subnets.

In this way, servers in the private subnets can initiate one-way communication to the Internet through the NAT gateway, but not receive inbound traffic sent from the Internet, thus improving the communication security of servers in the private subnets.

The following diagram shows the architecture of your VPC after you complete this step.

Procedure

  1. Create a custom route table for NAT gateway
  2. Add a route tule to NAT gateway
  3. Associate the route table with private subnets

Create a custom route table for NAT gateway

  1. Log in to Amazon VPC Console.
  2. On the left navigation bar, go to Route Tables, then click Create route table.

  3. In the Route table settings section, complete the following settings:

    • Name: Optional. Enter a name to help you identify the NAT route table. In this example, enter ycm-nat.
    • VPC: Select the VPC you've created for the Cloud PBX. In this example, select ycm-cloudpbx.
  4. Click Create route table.

    The custom route table for NAT gateway is displayed on the Route tables list.

Add a route rule to NAT gateway

  1. On the left navigation bar, click Route Tables, and select the route table created for NAT gateway.

    The details of the selected route table is displayed on the bottom of the page.

  2. Go to Routes tab, click Edit routes.

  3. In the Edit routes page, click Add route, complete the following settings.
    • Destination: Specify 0.0.0.0/0 for IPv4 traffic.
    • Target: Select NAT Gateway, then select the NAT gateway you've created under the VPC.
  4. Click Save Changes to apply the change.

Associate the route table with private subnets

  1. On the left navigation bar, click Route Tables, and select the route table created for NAT gateway.

    The details of the selected route table is displayed on the bottom of the page.

  2. Go to Subnet associations tab, click Edit subnet associations in the Explicit subnet associations section.

  3. From the Available subnets list, select the private subnets you've created under the VPC. In this example, select ycm-private-subnet1 and ycm-private-subnet2.

  4. Click Save associations.

    The private subnet ycm-private-subnet1 and ycm-private-subnet2 are associated with the NAT route table.