Why in this tutorial VPC creates NAT gateways

Question

Hi All!
Im following this tutorial - https://aws.amazon.com/blogs/containers/building-http-api-based-services-using-aws-fargate/

It creates NAT gateways which I don't need (the endpoints still work when NATs were deleted). How can I prevent AWS to spin them up when using CDK?

Thanks,

Accepted Answer

In the cdk vpc [constructor](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-ec2.Vpc.html) there are a lot of options to customise the default configuration. It is definitely possible to create without nat gateways you can supploy a [subnet configuration](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-ec2.SubnetConfiguration.html) so only private subnets are created.

eg - will create 1 private isolated subnet in each AZ and no nat gateways as there are no public subnets

new ec2.Vpc(this, 'VPC', {
       subnetConfiguration: [
      {
        cidrMask: 24,
        name: 'private',
        subnetType: ec2.SubnetType.PRIVATE_ISOLATED,
      }
    ]
    });
Keep in mind without nat gateways your vpc will not have default outbound internet access and therefore resources cannot reach Public AWS Service Endpoints ie the fargate tasks in this blog will not be able to post cloudwatch logs unless you additionally add a cloudwatch logs vpc endpoint to the vpc.

Why in this tutorial VPC creates NAT gateways

関連するコンテンツ