Lab Information
The Nautilus DevOps team is tasked with enabling internet access for an EC2 instance running in a private subnet. This instance should be able to upload a test file to a public S3 bucket once it can access the internet. To achieve this, the team must set up a NAT Gateway in a public subnet within the same VPC.
1) A VPC named nautilus-priv-vpc and a private subnet nautilus-priv-subnet have already been created.
2) An EC2 instance named nautilus-priv-ec2 is already running in the private subnet.
3) The EC2 instance is configured with a cron job that uploads a test file to a bucket nautilus-nat-22701 once internet is accessible.
Your task is to:
Create a public subnet named nautilus-pub-subnet in the same VPC.
Create an Internet Gateway and attach it to the VPC.
Create a route table nautilus-pub-rt and associate it with the public subnet.
Allocate an Elastic IP and create a NAT Gateway named nautilus-natgw.
Update the private route table to route 0.0.0.0/0 traffic via the NAT Gateway.
Once complete, verify that the EC2 instance can reach the internet by confirming the presence of the test file in the S3 bucket nautilus-nat-22701. After completing all the configuration, please wait a few minutes for the test file to appear in the bucket, as it may take 2–3 minutes.
Lab Solutions
Step 1: Create a Public Subnet
Go to VPC → Subnets → Create subnet
Configure:
VPC: nautilus-priv-vpc
Subnet name: nautilus-pub-subnet
Availability Zone: Any (same region)
IPv4 CIDR block: Example
10.1.2.0/24
Click Create subnet
Enable Auto-Assign Public IP
Select nautilus-pub-subnet
Click Edit subnet settings
Enable:
Auto-assign public IPv4 address ✔
Save changes
Step 2: Create and Attach Internet Gateway
Go to VPC → Internet Gateways
Click Create internet gateway
Name:
nautilus-igw
Click Create
Select the IGW → Actions → Attach to VPC
Choose:
nautilus-priv-vpc
Attach
Step 3: Create Public Route Table
Go to VPC → Route Tables → Create route table
Configure:
Name: nautilus-pub-rt
VPC: nautilus-priv-vpc
Click Create
Add Internet Route
Select nautilus-pub-rt
Go to Routes → Edit routes
Add route:
Destination: 0.0.0.0/0
Target: Internet Gateway (nautilus-igw)
Save changes
Associate with Public Subnet
Go to Subnet associations → Edit
Select:
nautilus-pub-subnet
Save
Step 4: Create NAT Gateway
Allocate Elastic IP
Go to EC2 → Elastic IPs
Click Allocate Elastic IP
Allocate
Create NAT Gateway
Go to VPC → NAT Gateways → Create NAT Gateway
Configure:
Name: nautilus-natgw
VPC: nautilus-priv-vpc
Elastic IP: Select allocated EIP
Click Create NAT Gateway
Wait until status becomes:
Available
Step 5: Update Private Route Table
Go to VPC → Route Tables
Select the route table associated with:
nautilus-priv-subnet
Go to Routes → Edit routes
Add route:
Destination: 0.0.0.0/0
Target: NAT Gateway (nautilus-natgw)
Save changes
Associate with Public Subnet
Go to Subnet associations → Edit
Select:
nautilus-priv-subnet
Save
Step 6: Verify Internet Access via S3 Upload
What Happens Automatically
nautilus-priv-ec2 already has a cron job
Once internet access works, it uploads a file to:
s3://nautilus-nat-22701
⏳ Wait 2–3 minutes
Verify in S3
Go to S3 → Buckets → nautilus-nat-22701
Check Objects
✅ You should see a new test file uploaded
Top comments (0)