Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Enable the creation of private NAT gateways #1072

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

feat: Enable the creation of private NAT gateways #1072

wants to merge 3 commits into from

Conversation

laserpedro
Copy link

@laserpedro laserpedro commented Apr 25, 2024
edited

fixes #1060

Description

Enable the setup of private NAT Gateways by exposing the native resource argument connectivity_type and the related arguments.

Motivation and Context

If the module is used in the context of corporate network setup, a private nat gateway can be required since we are not created and internet gateway in the vpc.

How Has This Been Tested?

  • I have updated at least one of the examples/* to demonstrate and validate my change(s)
  • I have tested and validated these changes using one or more of the provided examples/* projects
  • I have executed pre-commit run -a on my pull request

@laserpedro laserpedro force-pushed the feature-enable-private-nat-gateway branch from fa0da22 to c0a7184 Compare April 25, 2024 10:10
bryantbiggs
bryantbiggs reviewed Apr 26, 2024
View reviewed changes
examples/fully-private-nat-gateways/main.tf
vpc_peering_connection_id = resource.aws_ec2_transit_gateway_vpc_attachment.tgw_attach.id
}

module "vpc" {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

how has this been tested? does this example deploy without issue?

@laserpedro laserpedro force-pushed the feature-enable-private-nat-gateway branch 3 times, most recently from 4ddf0cb to 8f62e62 Compare April 27, 2024 11:44
@laserpedro laserpedro force-pushed the feature-enable-private-nat-gateway branch 2 times, most recently from 0666d56 to 1e86081 Compare April 27, 2024 11:57
@laserpedro laserpedro force-pushed the feature-enable-private-nat-gateway branch from 1e86081 to 71218ff Compare April 27, 2024 13:04
@laserpedro laserpedro force-pushed the feature-enable-private-nat-gateway branch from 883377c to 8566664 Compare April 27, 2024 16:57
@laserpedro
Copy link
Author

Hello @bryantbiggs ! Did you have the time to have a look at my PR ? Thank you !

@andre-lx
Copy link

Hi @laserpedro

Nice job.

Just one question, I was checking and the support for private nat gw is something I am looking forward in the module, unfortunately this does not take in account some scenarios where you can have public nat gw on your public subnets and private nat gw on you private subnets right?

Thanks

@laserpedro
Copy link
Author

Hi @andre-lx ,

Thank you for your comment, much appreciated.
So in this fully private NAT Gateway configuration, we would not create an IGW so you could not have a mix of public and private nat.
If I am correct, you would like to have some nat created in subnets with a route to the igw (the public ones) and others created in the subnets in subnet with a route with the tgw (the private ones) ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bryantbiggs bryantbiggs bryantbiggs left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Enable the setup of fully private NAT Gateways
3 participants
@laserpedro @andre-lx @bryantbiggs