To create a NAT gateway, you must specify a subnet and an Elastic IP address.Ensure that the Elastic IP address is currently not associated with an instance or a network interface.For example, your private subnet’s route table has the following routes: internet-bound traffic ( is routed to a NAT gateway, Amazon S3 traffic (pl-xxxxxxxx; a specific IP address range for Amazon S3) is routed to a VPC endpoint, and traffic is routed to a VPC peering connection.

After you've created a NAT gateway, you must update the route table associated with one or more of your private subnets to point Internet-bound traffic to the NAT gateway.

We use the most specific route that matches the traffic to determine how to route the traffic (longest prefix match). To create a route for a NAT gateway To ensure that your NAT gateway can access the internet, the route table associated with the subnet in which your NAT gateway resides must include a route that points internet traffic to an internet gateway.

For more information, see Creating a Custom Route Table.

If you delete a NAT gateway, the NAT gateway routes remain in a status until you delete or update the routes.

For more information, see Adding and Removing Routes from a Route Table.

