NAT Gateway
Network Address Translation gateway: allows instances in a private subnet to access the internet while preventing inbound connections. Keeps your backend servers invisible to the public.
What is NAT Gateway?
Network Address Translation gateway: allows instances in a private subnet to access the internet while preventing inbound connections. Keeps your backend servers invisible to the public.
NAT Gateway is a intermediate-level concept that sits in the Cloud Infrastructure area of system design. Engineers reach for it whenever they need to reason about real-world trade-offs in that space — not just for textbook correctness, but because real production systems at companies like Netflix, Amazon, and Google make these decisions every day.
If you want to go deeper than this definition — with diagrams, code, and a quiz to lock it in — work through the "NAT Gateway" lesson linked below. It walks through the why, the mechanism, the trade-offs, and how the giants actually use it in production.
Learn NAT Gateway in depth
Full interactive lesson with diagrams, code examples, real-world references, and a quiz.
Open the NAT Gateway lessonSee also
Related glossary terms you might want to look up next.
VPC
Virtual Private Cloud: a logically isolated section of the cloud where you launch resources in a virtual network you define. Controls IP ranges, subnets, route tables, and gateways.
IP
Internet Protocol: the addressing scheme that routes packets across the internet. Every device gets an IP address (IPv4 or IPv6) so packets know where to go.
Reverse Proxy
A server that sits in front of your backend servers and forwards client requests to them. Handles SSL termination, caching, and load balancing.