I want to allow instances in a private subnet of my Amazon Virtual Private Cloud (Amazon VPC) to connect to the internet or other AWS services. How can I create and configure a network address translation (NAT) instance for this purpose?
Important: For common use cases, it's a best practice to use a NAT gateway instead of a NAT instance. Be sure to review the Comparison of NAT Instances and NAT Gateways to determine the best option for your use case.
You can configure a NAT instance to allow traffic to the internet or other AWS services from instances within your private VPC subnet.
AWS customers are responsible for maintenance of their NAT instances, including security updates, security groups, and instance failures. Be sure to review the AWS Shared Responsibility Model.