Syntax Properties Return values Examples

AWS::EC2::NatGateway

Specifies a network address translation (NAT) gateway in the specified subnet. You can create either a public NAT gateway or a private NAT gateway. The default is a public NAT gateway. If you create a public NAT gateway, you must specify an elastic IP address.

With a NAT gateway, instances in a private subnet can connect to the internet, other AWS services, or an on-premises network using the IP address of the NAT gateway.

If you add a default route (AWS::EC2::Route resource) that points to a NAT gateway, specify the NAT gateway ID for the route's NatGatewayId property.

For more information, see NAT Gateways in the Amazon VPC User Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::EC2::NatGateway",
  "Properties" : {
      "AllocationId" : String,
      "ConnectivityType" : String,
      "SubnetId" : String,
      "Tags" : [ Tag, ... ]
    }
}

YAML


Type: AWS::EC2::NatGateway
Properties: 
  AllocationId: String
  ConnectivityType: String
  SubnetId: String
  Tags: 
    - Tag

Properties

AllocationId

[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway.

Required: Conditional

Type: String

Update requires: Replacement

ConnectivityType

Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.

Required: No

Type: String

Allowed values: private | public

Update requires: Replacement

SubnetId

The ID of the subnet in which the NAT gateway is located.

Required: Yes

Type: String

Update requires: Replacement

Tags

The tags for the NAT gateway.

Required: No

Type: List of Tag

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource name. For example, nat-0a12bc456789de0fg.

For more information about using the Ref function, see Ref.

Fn::GetAtt

NatGatewayId: Not currently supported by AWS CloudFormation.

Examples

NAT gateway

The following example creates a NAT gateway and a route that associates the NAT gateway with a route table. The route table must be associated with an Internet gateway so that the NAT gateway can connect to the Internet.

JSON


"NAT" : {
   "Type" : "AWS::EC2::NatGateway",
   "Properties" : {
      "AllocationId" : { "Fn::GetAtt" : ["EIP", "AllocationId"]},
      "SubnetId" : { "Ref" : "Subnet"},
      "Tags" : [ {"Key" : "stack", "Value" : "production" } ]
     }
},
"EIP" : {
   "DependsOn" : "VPCGatewayAttach",
   "Type" : "AWS::EC2::EIP",
   "Properties" : {
      "Domain" : "vpc"
   }
},
"Route" : {
   "Type" : "AWS::EC2::Route",
   "Properties" : {
      "RouteTableId" : { "Ref" : "RouteTable" },
      "DestinationCidrBlock" : "0.0.0.0/0",
      "NatGatewayId" : { "Ref" : "NAT" }
   }
}

YAML


NAT:
   Type: AWS::EC2::NatGateway
   Properties:
      AllocationId:
         Fn::GetAtt:
         - EIP
         - AllocationId
      SubnetId:
         Ref: Subnet
      Tags:
      - Key: stack
        Value: production
EIP:
   DependsOn: VPCGatewayAttach
   Type: AWS::EC2::EIP
   Properties:
      Domain: vpc
Route:
   Type: AWS::EC2::Route
   Properties:
      RouteTableId:
         Ref: RouteTable
      DestinationCidrBlock: 0.0.0.0/0
      NatGatewayId:
         Ref: NAT

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS::EC2::LocalGatewayRouteTableVPCAssociation

AWS::EC2::NetworkAcl