| NAT Instance | NAT Gateway |
|---|
| You manage the NAT instance. | The NAT gateway is managed by Amazon Web Services (AWS). |
| You can scale up the NAT instance manually as needed. | The NAT Gateway offers elastic scalability of up to 45 Gbps. |
| NAT instances do not provide high availability. | NAT Gateway provides high availability and can be deployed across multiple availability zones. |
| The NAT instance requires a security group. | A NAT Gateway does not require a security group. |
| A NAT instance can utilize a bastion host. | NAT Gateway is not accessible via SSH. |
| Port forwarding can be set up on a NAT instance to redirect traffic to internal network resources. | Port forwarding is not supported in a NAT Gateway. |