I'm building an AWS VPC network lab via Terraform.
I want to add a NAT Gateway in order that my private network instances could access the internet for software updates.
From the Terraform spec you can see the an "allocation_id" is a required attribute:
allocation_id – (Required) The Allocation ID of the Elastic IP address
for the gateway.
Checked also in AWS spec – In step 1:
A NAT gateway requires an Elastic IP address in your public subnet…
My question is: Why can't the NAT Gateway use a simple non static IPv4 address?
What is the logic reason for that? (technically, it is the only option to configure).
Note: The question is in the scope of AWS, not Terraform.
Short Example for Nat Gateway config in Terraform:
resource "aws_nat_gateway" "natgw" {
allocation_id = "${(aws_eip.nateip.id)}"
subnet_id = "${(aws_subnet.public.id)}"
depends_on = ["aws_internet_gateway.igw"]
}
Best Answer
There is no way around having an Elastic IP for those NAT Gateways, it is probably because the Gateways can be restarted and recreated automatically (and therefore reduce the interruption by hanging onto the same IP)
An EIP does not cost extra when attached, so you only need to make sure to release them once your NAT Gateway is removed.
In some situations going with a NAT Instance instead of a NAT gateway would be an option, In this case a dynamic public IP would work. A NAT instance can also be used as a jump host or a caching proxy (for your package repository). But you have to manage itself.
IPv6 outgoing NAT gateway also does not require a EIP defined.