Sign In to the Console
AWS CloudFormation
User Guide (Version )

AWS Documentation » AWS CloudFormation » User Guide » EC2 Resource Type Reference » AWS::EC2::NatGateway

AWS::EC2::NatGateway

Specifies a network address translation (NAT) gateway in the specified public subnet. Use a NAT gateway to allow instances in a private subnet to connect to the Internet or to other AWS services, but prevent the Internet from initiating a connection with those instances. For more information and a sample architectural diagram, see NAT Gateways in the Amazon VPC User Guide.

If you add a default route (AWS::EC2::Route resource) that points to a NAT gateway, specify the NAT gateway ID for the route's NatGatewayId property.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::EC2::NatGateway",
  "Properties" : {
      "AllocationId" : String,
      "SubnetId" : String,
      "Tags" : [ Tag, ... ]
    }
}

YAML

Type: AWS::EC2::NatGateway
Properties: 
  AllocationId: String
  SubnetId: String
  Tags: 
    - Tag

Properties

AllocationId

The allocation ID of an Elastic IP address to associate with the NAT gateway. If the Elastic IP address is associated with another resource, you must first disassociate it.

Required: Yes

Type: String

Update requires: Replacement

SubnetId

The public subnet in which to create the NAT gateway.

Required: Yes

Type: String

Update requires: Replacement

Tags

The tags (key–value pairs) to associate with this resource.

Required: No

Type: List of Tag

Update requires: No interruption

Return Values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource name. For example, nat-0a12bc456789de0fg.

For more information about using the Ref function, see Ref.

Examples

NAT Gateway

The following example creates a NAT gateway and a route that associates the NAT gateway with a route table. The route table must be associated with an Internet gateway so that the NAT gateway can connect to the Internet.

JSON

"NAT" : {
   "Type" : "AWS::EC2::NatGateway",
   "Properties" : {
      "AllocationId" : { "Fn::GetAtt" : ["EIP", "AllocationId"]},
      "SubnetId" : { "Ref" : "Subnet"},
      "Tags" : [ {"Key" : "foo", "Value" : "bar" } ]
     }
},
"EIP" : {
   "DependsOn" : "VPCGatewayAttach",
   "Type" : "AWS::EC2::EIP",
   "Properties" : {
      "Domain" : "vpc"
   }
},
"Route" : {
   "Type" : "AWS::EC2::Route",
   "Properties" : {
      "RouteTableId" : { "Ref" : "RouteTable" },
      "DestinationCidrBlock" : "0.0.0.0/0",
      "NatGatewayId" : { "Ref" : "NAT" }
   }
}

YAML

NAT:
   Type: AWS::EC2::NatGateway
   Properties:
      AllocationId:
         Fn::GetAtt:
         - EIP
         - AllocationId
      SubnetId:
         Ref: Subnet
      Tags:
      - Key: foo
        Value: bar
EIP:
   DependsOn: VPCGatewayAttach
   Type: AWS::EC2::EIP
   Properties:
      Domain: vpc
Route:
   Type: AWS::EC2::Route
   Properties:
      RouteTableId:
         Ref: RouteTable
      DestinationCidrBlock: 0.0.0.0/0
      NatGatewayId:
         Ref: NAT