I am trying to enable my VPC lambda function for ElasticCache to access DynamoDB. I know for this, I need to setup a NAT gateway. However, I am not able to make it work. My private subnet is in 172.31.. range.
These are the steps I am following:
- Create a public subnet with ip range in 10.0.0.0.
- Create a public VPC in the same IP range mentioned above.
- Create a public Internet gateway in the public VPC.
- Create a public route table, which is not the main route table and attach the public subnet to it. Then, add a route for 0.0.0.0/0 to the public Internet gateway created above.
- Create a NAT gateway in the public subnet. This NAT gets an Elastic IP and a Private IP in 10...* range.
Now I have 3 route table, two for my public subnets(10.0.0.0) and one existing for my private subnet(172.31.0.0) which is part of my private VPC.
My private route table has a route for 0.0.0.0/0 to my private Internet gateway.
I think I need to change this route to point to my public NAT gateway, however I am unable to do so as the private IP of my NAT lies in 10.0.0.0 range I guess. I am confused at this point on how to proceed. I tried creating a NAT gateway in private subnet and forwarding the route to it but it doesn't work too. What as I missing out?