aws
[Feature request] Option to reduce the number of NAT Gateway to only one when using placement='private'
The request makes sense to me. Thank you!
In the mean time, would you consider the option to import your own VPC? You can create a NAT Gateway in your VPC and place it in a private subnet, and then route traffic from your private subnets to go through that one NAT Gateway. Please let me know if this works for you!
I already did the workaround with CDK and It worked. But I want to do with copilot for future maintenance.
const vpc = new ec2.Vpc(this, 'VPC', {
cidr: '10.0.0.0/16',
natGateways: 1, // reduce the number of NAT
subnetConfiguration: [
{ cidrMask: 24, name: 'public', subnetType: ec2.SubnetType.PUBLIC },
{ cidrMask: 24, name: 'private', subnetType: ec2.SubnetType.PRIVATE_WITH_NAT },
]
})
Hi @MasaGon ! From the CDK snippet that you posted, it looks like there is only one public subnet and one private subnet in your VPC. However, Copilot requires 2 public subnets and/or 2 private subnets when running copilot env init. Would you mind sharing how you used this VPC with Copilot env? This is just a follow-up question for me to understand your use case. Thank you!
This is a good request. I've never had a NAT gateway fail, so I'd even say that 1 could be the default.
This would be a useful feature for non production environments. We're looking to migrate an estate with 50+ apps, > 150 environments (vpcs) and the NAT gateway bill will be sizeable.
Ideally we'd like:
3 AZ VPCs with 1 NAT gateway for non production environments and 3 NAT gateways for production.
Hey,
Here is a workaround with YAML Patch Overrides. It needs to be added using copilot env override.
- op: replace
path: /Resources/PrivateRoute2/Properties/NatGatewayId
value: !Ref NatGateway1
- op: remove
path: /Resources/NatGateway2Attachment
- op: remove
path: /Resources/NatGateway2
