awscc_ec2_nat_gateway (Resource)

Specifies a network address translation (NAT) gateway in the specified subnet. You can create either a public NAT gateway or a private NAT gateway. The default is a public NAT gateway. If you create a public NAT gateway, you must specify an elastic IP address. With a NAT gateway, instances in a private subnet can connect to the internet, other AWS services, or an on-premises network using the IP address of the NAT gateway. For more information, see NAT gateways in the Amazon VPC User Guide. If you add a default route (AWS::EC2::Route resource) that points to a NAT gateway, specify the NAT gateway ID for the route's NatGatewayId property. When you associate an Elastic IP address or secondary Elastic IP address with a public NAT gateway, the network border group of the Elastic IP address must match the network border group of the Availability Zone (AZ) that the public NAT gateway is in. Otherwise, the NAT gateway fails to launch. You can see the network border group for the AZ by viewing the details of the subnet. Similarly, you can view the network border group for the Elastic IP address by viewing its details. For more information, see Allocate an Elastic IP address in the Amazon VPC User Guide.

Example Usage

Private NAT

To use awscc_ec2_nat_gateway to create private NAT gateway:

resource "awscc_ec2_nat_gateway" "main" {
  subnet_id         = awscc_ec2_subnet.main.subnet_id
  connectivity_type = "private"
  tags = [{
    key   = "Modified By"
    value = "AWSCC"
  }]
}

Public NAT

To use awscc_ec2_nat_gateway to create public NAT gateway:

resource "awscc_ec2_nat_gateway" "main" {
  subnet_id         = awscc_ec2_subnet.main.subnet_id
  allocation_id     = awscc_ec2_eip.main.allocation_id
  connectivity_type = "public"
  tags = [{
    key   = "Modified By"
    value = "AWSCC"
  }]
}

Schema

Required

Optional

Read-Only

Nested Schema for tags

Required:

Import

Import is supported using the following syntax:

$ terraform import awscc_ec2_nat_gateway.example <resource ID>