Terraform module which creates cheapest nat instance on aws.
module "nat_instance" {
source = "saba-ch/cheapest-nat-instance/aws"
public_subnet_id = module.vpc.public_subnets[0]
private_subnets = local.private_subnets
private_route_tables = module.vpc.private_route_table_ids
prefix = var.prefix
vpc_id = module.vpc.vpc_id
create_nat = true
putin_khuylo = true
}Even though this module creates highly available self healing nat instance, in production we don't want any kind of downtime. When we are using spot instances we are accepting the risk that AWS might want to reclaim the instance for any reason. To eliminate this risk we can use on demand instances instead which guarantees 99.99% SLA.
module "nat_instance" {
source = "saba-ch/cheapest-nat-instance/aws"
public_subnet_id = module.vpc.public_subnets[0]
private_subnets = local.private_subnets
private_route_tables = module.vpc.private_route_table_ids
prefix = var.prefix
vpc_id = module.vpc.vpc_id
create_nat = true
on_demand = true
putin_khuylo = true
}| solution | network | cost/GB | cost/hour** | cost/month** |
|---|---|---|---|---|
| NAT Gateway | 5-45 Gbps | 0.052 | 0.052 | 37.44 without network charges |
| NAT Instance (t3a.nano) | 0-5 Gbps | 0-0.09 (out) | 0.0047 | 3.384 without network charges |
| NAT Instance (t3a.nano) (spot) | 0-5 Gbps | 0-0.09 (out) | 0.0017* | 1.22* without network charges |
* variable costs.
** region eu-central-1.
| Name | Version |
|---|---|
| aws | ~> 4.4.0 |
| Name | Type |
|---|---|
| aws_autoscaling_group.main | resource |
| aws_eip.main | resource |
| aws_eip_association.main | resource |
| aws_iam_instance_profile.main | resource |
| aws_iam_role.main | resource |
| aws_iam_role_policy.main | resource |
| aws_launch_template.main | resource |
| aws_network_interface.main | resource |
| aws_route.main | resource |
| aws_security_group.main | resource |
| aws_ami.main | data source |
| aws_iam_policy_document.assume_role_policy | data source |
| aws_iam_policy_document.role_policy | data source |
| aws_region.main | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| create_nat | Whether to create NAT instance | bool |
n/a | yes |
| on_demand | Whether to create on-demand NAT instance instead of spot | bool |
false |
no |
| prefix | Project or/and environment prefix | string |
n/a | yes |
| private_route_tables | List of private route table ids to update | list(string) |
n/a | yes |
| private_subnets | Current VPC's private subnet cidrs | list(string) |
n/a | yes |
| public_subnet_id | Current VPC's public subnet id | string |
n/a | yes |
| putin_khuylo | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | bool |
n/a | yes |
| tags | A map of tags to add to all resources | map(string) |
{} |
no |
| vpc_id | Current VPC's id | string |
n/a | yes |
| Name | Description |
|---|---|
| eni_id | ID of the ENI for the NAT instance |
| eni_private_ip | Private IP of the ENI for the NAT instance |
| iam_role_name | Name of the IAM role for the NAT instance |
| sg_id | ID of the security group of the NAT instance |
Module is created and maintained by Saba Tchikhinashvili
Apache 2 Licensed. See LICENSE for full details.