Azure NAT Gateway enables Azure VMs to access internet without assigning Public IP
I guess some folks are not familiar with Azure NAT Gateway because this feature is quite useful but it's a little bit hard to recognize use cases. Here are my idea for Azure NAT Gateway use cases.
- Azure VMs, attached with Standard Internal Load Balancer, are required to assign PIP(Public IP) to access internet. Now, your Azure VMs are possible to access internet with Azure NAT Gateway without PIPs
- Azure VMs access Global IPs are identified as PIPs but this forces lots of effort to allow accesses from Azure to environments. Now, you can simplify Azure VMs access Global IPs by using Azure NAT Gateway
Of course, there should be much more use cases for Azure NAT Gateway. Please let me such use cases with comments of this blog. Here are architecture diagram for #1 and #2 scenarios.
You can find each Azure VMs will access to internet via Azure NAT Gateway and their global IPs will be identified as PIP assigned to Azure NAT Gateway.
Create and attach Azure NAT Gateway to subnets
Go to Azure Portal and start to create like below. You need to put your Azure NAT Gateway name and choose region here.
Next, choose your PIP to assign Azure NAT Gateway.
Finally, you need to associate this Azure NAT Gateway to your subnets like below.
PIP access via Azure NAT Gateway
Login to WildFlyVM0 having no PIP but 10.3.0.6 as private IP. Next, run "curl 'https://api.ipify.org?format=json'" to confirm global ip like below.