AWS VPC NAT Not Working

Question

I've setup a VPC on AWS and I'm trying to make one of my subnets private. I have:

1. Created my private subnet.
2. Created my NAT Gateway and associated my subnet to it.
3. Created a Route Table dest: 0.0.0.0/0 target: NAT Gateway
4. Created an Instance in my private subnet.

I can get to the instance in #4 by going to a different instance with a public IP then SSHing to its private IP. Once on the instance it has no internet connectivity.

Am I expected to update the route tables on the instance anything?

Answer 1

Turns out I was creating my NAT Gateway in my private subnet; should have been done in my public subnet. When I was creating it I assumed the subnet I was providing was the one I wanted to be NATed not where to create it.

Re-reading the docs here helped discover my error:

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html#nat-gateway-creating

thx.