NatGateway

AWS v7.28.0, Apr 30 26

Viewing docs for AWS v7.28.0
published on Thursday, Apr 30, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-aws

Viewing docs for AWS v7.28.0
published on Thursday, Apr 30, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-aws

Example Usage

Public NAT

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2.NatGateway("example", {
    allocationId: exampleAwsEip.id,
    subnetId: exampleAwsSubnet.id,
    tags: {
        Name: "gw NAT",
    },
}, {
    dependsOn: [exampleAwsInternetGateway],
});

import pulumi
import pulumi_aws as aws

example = aws.ec2.NatGateway("example",
    allocation_id=example_aws_eip["id"],
    subnet_id=example_aws_subnet["id"],
    tags={
        "Name": "gw NAT",
    },
    opts = pulumi.ResourceOptions(depends_on=[example_aws_internet_gateway]))

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ec2.NewNatGateway(ctx, "example", &ec2.NatGatewayArgs{
			AllocationId: pulumi.Any(exampleAwsEip.Id),
			SubnetId:     pulumi.Any(exampleAwsSubnet.Id),
			Tags: pulumi.StringMap{
				"Name": pulumi.String("gw NAT"),
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			exampleAwsInternetGateway,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.Ec2.NatGateway("example", new()
    {
        AllocationId = exampleAwsEip.Id,
        SubnetId = exampleAwsSubnet.Id,
        Tags = 
        {
            { "Name", "gw NAT" },
        },
    }, new CustomResourceOptions
    {
        DependsOn =
        {
            exampleAwsInternetGateway,
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.NatGateway;
import com.pulumi.aws.ec2.NatGatewayArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new NatGateway("example", NatGatewayArgs.builder()
            .allocationId(exampleAwsEip.id())
            .subnetId(exampleAwsSubnet.id())
            .tags(Map.of("Name", "gw NAT"))
            .build(), CustomResourceOptions.builder()
                .dependsOn(exampleAwsInternetGateway)
                .build());

    }
}

resources:
  example:
    type: aws:ec2:NatGateway
    properties:
      allocationId: ${exampleAwsEip.id}
      subnetId: ${exampleAwsSubnet.id}
      tags:
        Name: gw NAT
    options:
      dependsOn:
        - ${exampleAwsInternetGateway}

Public NAT with Secondary Private IP Addresses

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2.NatGateway("example", {
    allocationId: exampleAwsEip.id,
    subnetId: exampleAwsSubnet.id,
    secondaryAllocationIds: [secondary.id],
    secondaryPrivateIpAddresses: ["10.0.1.5"],
});

import pulumi
import pulumi_aws as aws

example = aws.ec2.NatGateway("example",
    allocation_id=example_aws_eip["id"],
    subnet_id=example_aws_subnet["id"],
    secondary_allocation_ids=[secondary["id"]],
    secondary_private_ip_addresses=["10.0.1.5"])

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ec2.NewNatGateway(ctx, "example", &ec2.NatGatewayArgs{
			AllocationId: pulumi.Any(exampleAwsEip.Id),
			SubnetId:     pulumi.Any(exampleAwsSubnet.Id),
			SecondaryAllocationIds: pulumi.StringArray{
				secondary.Id,
			},
			SecondaryPrivateIpAddresses: pulumi.StringArray{
				pulumi.String("10.0.1.5"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.Ec2.NatGateway("example", new()
    {
        AllocationId = exampleAwsEip.Id,
        SubnetId = exampleAwsSubnet.Id,
        SecondaryAllocationIds = new[]
        {
            secondary.Id,
        },
        SecondaryPrivateIpAddresses = new[]
        {
            "10.0.1.5",
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.NatGateway;
import com.pulumi.aws.ec2.NatGatewayArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new NatGateway("example", NatGatewayArgs.builder()
            .allocationId(exampleAwsEip.id())
            .subnetId(exampleAwsSubnet.id())
            .secondaryAllocationIds(secondary.id())
            .secondaryPrivateIpAddresses("10.0.1.5")
            .build());

    }
}

resources:
  example:
    type: aws:ec2:NatGateway
    properties:
      allocationId: ${exampleAwsEip.id}
      subnetId: ${exampleAwsSubnet.id}
      secondaryAllocationIds:
        - ${secondary.id}
      secondaryPrivateIpAddresses:
        - 10.0.1.5

Private NAT

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2.NatGateway("example", {
    connectivityType: "private",
    subnetId: exampleAwsSubnet.id,
});

import pulumi
import pulumi_aws as aws

example = aws.ec2.NatGateway("example",
    connectivity_type="private",
    subnet_id=example_aws_subnet["id"])

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ec2.NewNatGateway(ctx, "example", &ec2.NatGatewayArgs{
			ConnectivityType: pulumi.String("private"),
			SubnetId:         pulumi.Any(exampleAwsSubnet.Id),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.Ec2.NatGateway("example", new()
    {
        ConnectivityType = "private",
        SubnetId = exampleAwsSubnet.Id,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.NatGateway;
import com.pulumi.aws.ec2.NatGatewayArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new NatGateway("example", NatGatewayArgs.builder()
            .connectivityType("private")
            .subnetId(exampleAwsSubnet.id())
            .build());

    }
}

resources:
  example:
    type: aws:ec2:NatGateway
    properties:
      connectivityType: private
      subnetId: ${exampleAwsSubnet.id}

Private NAT with Secondary Private IP Addresses

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2.NatGateway("example", {
    connectivityType: "private",
    subnetId: exampleAwsSubnet.id,
    secondaryPrivateIpAddressCount: 7,
});

import pulumi
import pulumi_aws as aws

example = aws.ec2.NatGateway("example",
    connectivity_type="private",
    subnet_id=example_aws_subnet["id"],
    secondary_private_ip_address_count=7)

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ec2.NewNatGateway(ctx, "example", &ec2.NatGatewayArgs{
			ConnectivityType:               pulumi.String("private"),
			SubnetId:                       pulumi.Any(exampleAwsSubnet.Id),
			SecondaryPrivateIpAddressCount: pulumi.Int(7),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.Ec2.NatGateway("example", new()
    {
        ConnectivityType = "private",
        SubnetId = exampleAwsSubnet.Id,
        SecondaryPrivateIpAddressCount = 7,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.NatGateway;
import com.pulumi.aws.ec2.NatGatewayArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new NatGateway("example", NatGatewayArgs.builder()
            .connectivityType("private")
            .subnetId(exampleAwsSubnet.id())
            .secondaryPrivateIpAddressCount(7)
            .build());

    }
}

resources:
  example:
    type: aws:ec2:NatGateway
    properties:
      connectivityType: private
      subnetId: ${exampleAwsSubnet.id}
      secondaryPrivateIpAddressCount: 7

Regional NAT Gateway with auto mode

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const available = aws.getAvailabilityZones({});
const example = new aws.ec2.Vpc("example", {cidrBlock: "10.0.0.0/16"});
const exampleInternetGateway = new aws.ec2.InternetGateway("example", {vpcId: example.id});
const exampleNatGateway = new aws.ec2.NatGateway("example", {
    vpcId: example.id,
    availabilityMode: "regional",
});

import pulumi
import pulumi_aws as aws

available = aws.get_availability_zones()
example = aws.ec2.Vpc("example", cidr_block="10.0.0.0/16")
example_internet_gateway = aws.ec2.InternetGateway("example", vpc_id=example.id)
example_nat_gateway = aws.ec2.NatGateway("example",
    vpc_id=example.id,
    availability_mode="regional")

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v7/go/aws"
	"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := aws.GetAvailabilityZones(ctx, &aws.GetAvailabilityZonesArgs{}, nil)
		if err != nil {
			return err
		}
		example, err := ec2.NewVpc(ctx, "example", &ec2.VpcArgs{
			CidrBlock: pulumi.String("10.0.0.0/16"),
		})
		if err != nil {
			return err
		}
		_, err = ec2.NewInternetGateway(ctx, "example", &ec2.InternetGatewayArgs{
			VpcId: example.ID(),
		})
		if err != nil {
			return err
		}
		_, err = ec2.NewNatGateway(ctx, "example", &ec2.NatGatewayArgs{
			VpcId:            example.ID(),
			AvailabilityMode: pulumi.String("regional"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var available = Aws.Index.GetAvailabilityZones.Invoke();

    var example = new Aws.Ec2.Vpc("example", new()
    {
        CidrBlock = "10.0.0.0/16",
    });

    var exampleInternetGateway = new Aws.Ec2.InternetGateway("example", new()
    {
        VpcId = example.Id,
    });

    var exampleNatGateway = new Aws.Ec2.NatGateway("example", new()
    {
        VpcId = example.Id,
        AvailabilityMode = "regional",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.inputs.GetAvailabilityZonesArgs;
import com.pulumi.aws.ec2.Vpc;
import com.pulumi.aws.ec2.VpcArgs;
import com.pulumi.aws.ec2.InternetGateway;
import com.pulumi.aws.ec2.InternetGatewayArgs;
import com.pulumi.aws.ec2.NatGateway;
import com.pulumi.aws.ec2.NatGatewayArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()
            .build());

        var example = new Vpc("example", VpcArgs.builder()
            .cidrBlock("10.0.0.0/16")
            .build());

        var exampleInternetGateway = new InternetGateway("exampleInternetGateway", InternetGatewayArgs.builder()
            .vpcId(example.id())
            .build());

        var exampleNatGateway = new NatGateway("exampleNatGateway", NatGatewayArgs.builder()
            .vpcId(example.id())
            .availabilityMode("regional")
            .build());

    }
}

resources:
  example:
    type: aws:ec2:Vpc
    properties:
      cidrBlock: 10.0.0.0/16
  exampleInternetGateway:
    type: aws:ec2:InternetGateway
    name: example
    properties:
      vpcId: ${example.id}
  exampleNatGateway:
    type: aws:ec2:NatGateway
    name: example
    properties:
      vpcId: ${example.id}
      availabilityMode: regional
variables:
  available:
    fn::invoke:
      function: aws:getAvailabilityZones
      arguments: {}

Regional NAT Gateway with manual mode

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const available = aws.getAvailabilityZones({});
const example = new aws.ec2.Vpc("example", {cidrBlock: "10.0.0.0/16"});
const exampleInternetGateway = new aws.ec2.InternetGateway("example", {vpcId: example.id});
const exampleEip: aws.ec2.Eip[] = [];
for (const range = {value: 0}; range.value < 3; range.value++) {
    exampleEip.push(new aws.ec2.Eip(`example-${range.value}`, {domain: "vpc"}));
}
const exampleNatGateway = new aws.ec2.NatGateway("example", {
    vpcId: example.id,
    availabilityMode: "regional",
    availabilityZoneAddresses: [
        {
            allocationIds: [exampleEip[0].id],
            availabilityZone: available.then(available => available.names?.[0]),
        },
        {
            allocationIds: [
                exampleEip[1].id,
                exampleEip[2].id,
            ],
            availabilityZone: available.then(available => available.names?.[1]),
        },
    ],
});

import pulumi
import pulumi_aws as aws

available = aws.get_availability_zones()
example = aws.ec2.Vpc("example", cidr_block="10.0.0.0/16")
example_internet_gateway = aws.ec2.InternetGateway("example", vpc_id=example.id)
example_eip = []
for range in [{"value": i} for i in range(0, 3)]:
    example_eip.append(aws.ec2.Eip(f"example-{range['value']}", domain="vpc"))
example_nat_gateway = aws.ec2.NatGateway("example",
    vpc_id=example.id,
    availability_mode="regional",
    availability_zone_addresses=[
        {
            "allocation_ids": [example_eip[0].id],
            "availability_zone": available.names[0],
        },
        {
            "allocation_ids": [
                example_eip[1].id,
                example_eip[2].id,
            ],
            "availability_zone": available.names[1],
        },
    ])

package main

import (
	"fmt"

	"github.com/pulumi/pulumi-aws/sdk/v7/go/aws"
	"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		available, err := aws.GetAvailabilityZones(ctx, &aws.GetAvailabilityZonesArgs{}, nil)
		if err != nil {
			return err
		}
		example, err := ec2.NewVpc(ctx, "example", &ec2.VpcArgs{
			CidrBlock: pulumi.String("10.0.0.0/16"),
		})
		if err != nil {
			return err
		}
		_, err = ec2.NewInternetGateway(ctx, "example", &ec2.InternetGatewayArgs{
			VpcId: example.ID(),
		})
		if err != nil {
			return err
		}
		var exampleEip []*ec2.Eip
		for index := 0; index < 3; index++ {
			key0 := index
			_ := index
			__res, err := ec2.NewEip(ctx, fmt.Sprintf("example-%v", key0), &ec2.EipArgs{
				Domain: pulumi.String("vpc"),
			})
			if err != nil {
				return err
			}
			exampleEip = append(exampleEip, __res)
		}
		_, err = ec2.NewNatGateway(ctx, "example", &ec2.NatGatewayArgs{
			VpcId:            example.ID(),
			AvailabilityMode: pulumi.String("regional"),
			AvailabilityZoneAddresses: ec2.NatGatewayAvailabilityZoneAddressArray{
				&ec2.NatGatewayAvailabilityZoneAddressArgs{
					AllocationIds: pulumi.StringArray{
						exampleEip[0].ID(),
					},
					AvailabilityZone: pulumi.String(available.Names[0]),
				},
				&ec2.NatGatewayAvailabilityZoneAddressArgs{
					AllocationIds: pulumi.StringArray{
						exampleEip[1].ID(),
						exampleEip[2].ID(),
					},
					AvailabilityZone: pulumi.String(available.Names[1]),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var available = Aws.Index.GetAvailabilityZones.Invoke();

    var example = new Aws.Ec2.Vpc("example", new()
    {
        CidrBlock = "10.0.0.0/16",
    });

    var exampleInternetGateway = new Aws.Ec2.InternetGateway("example", new()
    {
        VpcId = example.Id,
    });

    var exampleEip = new List<Aws.Ec2.Eip>();
    for (var rangeIndex = 0; rangeIndex < 3; rangeIndex++)
    {
        var range = new { Value = rangeIndex };
        exampleEip.Add(new Aws.Ec2.Eip($"example-{range.Value}", new()
        {
            Domain = "vpc",
        }));
    }
    var exampleNatGateway = new Aws.Ec2.NatGateway("example", new()
    {
        VpcId = example.Id,
        AvailabilityMode = "regional",
        AvailabilityZoneAddresses = new[]
        {
            new Aws.Ec2.Inputs.NatGatewayAvailabilityZoneAddressArgs
            {
                AllocationIds = new[]
                {
                    exampleEip[0].Id,
                },
                AvailabilityZone = available.Apply(getAvailabilityZonesResult => getAvailabilityZonesResult.Names[0]),
            },
            new Aws.Ec2.Inputs.NatGatewayAvailabilityZoneAddressArgs
            {
                AllocationIds = new[]
                {
                    exampleEip[1].Id,
                    exampleEip[2].Id,
                },
                AvailabilityZone = available.Apply(getAvailabilityZonesResult => getAvailabilityZonesResult.Names[1]),
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.inputs.GetAvailabilityZonesArgs;
import com.pulumi.aws.ec2.Vpc;
import com.pulumi.aws.ec2.VpcArgs;
import com.pulumi.aws.ec2.InternetGateway;
import com.pulumi.aws.ec2.InternetGatewayArgs;
import com.pulumi.aws.ec2.Eip;
import com.pulumi.aws.ec2.EipArgs;
import com.pulumi.aws.ec2.NatGateway;
import com.pulumi.aws.ec2.NatGatewayArgs;
import com.pulumi.aws.ec2.inputs.NatGatewayAvailabilityZoneAddressArgs;
import com.pulumi.codegen.internal.KeyedValue;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()
            .build());

        var example = new Vpc("example", VpcArgs.builder()
            .cidrBlock("10.0.0.0/16")
            .build());

        var exampleInternetGateway = new InternetGateway("exampleInternetGateway", InternetGatewayArgs.builder()
            .vpcId(example.id())
            .build());

        for (var i = 0; i < 3; i++) {
            new Eip("exampleEip-" + i, EipArgs.builder()
                .domain("vpc")
                .build());

        
}
        var exampleNatGateway = new NatGateway("exampleNatGateway", NatGatewayArgs.builder()
            .vpcId(example.id())
            .availabilityMode("regional")
            .availabilityZoneAddresses(            
                NatGatewayAvailabilityZoneAddressArgs.builder()
                    .allocationIds(exampleEip[0].id())
                    .availabilityZone(available.names()[0])
                    .build(),
                NatGatewayAvailabilityZoneAddressArgs.builder()
                    .allocationIds(                    
                        exampleEip[1].id(),
                        exampleEip[2].id())
                    .availabilityZone(available.names()[1])
                    .build())
            .build());

    }
}

resources:
  example:
    type: aws:ec2:Vpc
    properties:
      cidrBlock: 10.0.0.0/16
  exampleInternetGateway:
    type: aws:ec2:InternetGateway
    name: example
    properties:
      vpcId: ${example.id}
  exampleEip:
    type: aws:ec2:Eip
    name: example
    properties:
      domain: vpc
    options: {}
  exampleNatGateway:
    type: aws:ec2:NatGateway
    name: example
    properties:
      vpcId: ${example.id}
      availabilityMode: regional
      availabilityZoneAddresses:
        - allocationIds:
            - ${exampleEip[0].id}
          availabilityZone: ${available.names[0]}
        - allocationIds:
            - ${exampleEip[1].id}
            - ${exampleEip[2].id}
          availabilityZone: ${available.names[1]}
variables:
  available:
    fn::invoke:
      function: aws:getAvailabilityZones
      arguments: {}

Create NatGateway Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new NatGateway(name: string, args?: NatGatewayArgs, opts?: CustomResourceOptions);

@overload
def NatGateway(resource_name: str,
               args: Optional[NatGatewayArgs] = None,
               opts: Optional[ResourceOptions] = None)

@overload
def NatGateway(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               allocation_id: Optional[str] = None,
               availability_mode: Optional[str] = None,
               availability_zone_addresses: Optional[Sequence[NatGatewayAvailabilityZoneAddressArgs]] = None,
               connectivity_type: Optional[str] = None,
               private_ip: Optional[str] = None,
               region: Optional[str] = None,
               secondary_allocation_ids: Optional[Sequence[str]] = None,
               secondary_private_ip_address_count: Optional[int] = None,
               secondary_private_ip_addresses: Optional[Sequence[str]] = None,
               subnet_id: Optional[str] = None,
               tags: Optional[Mapping[str, str]] = None,
               vpc_id: Optional[str] = None)

func NewNatGateway(ctx *Context, name string, args *NatGatewayArgs, opts ...ResourceOption) (*NatGateway, error)

public NatGateway(string name, NatGatewayArgs? args = null, CustomResourceOptions? opts = null)

public NatGateway(String name, NatGatewayArgs args)
public NatGateway(String name, NatGatewayArgs args, CustomResourceOptions options)

type: aws:ec2:NatGateway
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args NatGatewayArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args NatGatewayArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args NatGatewayArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args NatGatewayArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args NatGatewayArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

NatGateway Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The NatGateway resource accepts the following input properties:

AllocationId string: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
AvailabilityMode string: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
AvailabilityZoneAddresses List<NatGatewayAvailabilityZoneAddress>: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
ConnectivityType string: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
PrivateIp string: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
Region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
SecondaryAllocationIds List<string>: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
SecondaryPrivateIpAddressCount int: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
SecondaryPrivateIpAddresses List<string>: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
SubnetId string: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
Tags Dictionary<string, string>: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
VpcId string: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

AllocationId string: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
AvailabilityMode string: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
AvailabilityZoneAddresses []NatGatewayAvailabilityZoneAddressArgs: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
ConnectivityType string: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
PrivateIp string: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
Region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
SecondaryAllocationIds []string: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
SecondaryPrivateIpAddressCount int: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
SecondaryPrivateIpAddresses []string: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
SubnetId string: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
Tags map[string]string: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
VpcId string: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

allocationId String: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
availabilityMode String: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
availabilityZoneAddresses List<NatGatewayAvailabilityZoneAddress>: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
connectivityType String: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
privateIp String: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
region String: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
secondaryAllocationIds List<String>: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
secondaryPrivateIpAddressCount Integer: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
secondaryPrivateIpAddresses List<String>: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
subnetId String: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
tags Map<String,String>: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcId String: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

allocationId string: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
availabilityMode string: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
availabilityZoneAddresses NatGatewayAvailabilityZoneAddress[]: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
connectivityType string: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
privateIp string: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
secondaryAllocationIds string[]: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
secondaryPrivateIpAddressCount number: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
secondaryPrivateIpAddresses string[]: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
subnetId string: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
tags {[key: string]: string}: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcId string: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

allocation_id str: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
availability_mode str: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
availability_zone_addresses Sequence[NatGatewayAvailabilityZoneAddressArgs]: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
connectivity_type str: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
private_ip str: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
region str: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
secondary_allocation_ids Sequence[str]: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
secondary_private_ip_address_count int: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
secondary_private_ip_addresses Sequence[str]: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
subnet_id str: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
tags Mapping[str, str]: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpc_id str: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

allocationId String: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
availabilityMode String: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
availabilityZoneAddresses List<Property Map>: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
connectivityType String: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
privateIp String: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
region String: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
secondaryAllocationIds List<String>: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
secondaryPrivateIpAddressCount Number: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
secondaryPrivateIpAddresses List<String>: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
subnetId String: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
tags Map<String>: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcId String: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

Outputs

All input properties are implicitly available as output properties. Additionally, the NatGateway resource produces the following output properties:

AssociationId string: Association ID of the Elastic IP address.
AutoProvisionZones string: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
AutoScalingIps string: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
Id string: The provider-assigned unique ID for this managed resource.
NetworkInterfaceId string: ID of the network interface.
PublicIp string: Public IP address.
RegionalNatGatewayAddresses List<NatGatewayRegionalNatGatewayAddress>: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
RegionalNatGatewayAutoMode string
RouteTableId string: (regional NAT gateways only) ID of the automatically created route table.
TagsAll Dictionary<string, string>: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

AssociationId string: Association ID of the Elastic IP address.
AutoProvisionZones string: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
AutoScalingIps string: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
Id string: The provider-assigned unique ID for this managed resource.
NetworkInterfaceId string: ID of the network interface.
PublicIp string: Public IP address.
RegionalNatGatewayAddresses []NatGatewayRegionalNatGatewayAddress: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
RegionalNatGatewayAutoMode string
RouteTableId string: (regional NAT gateways only) ID of the automatically created route table.
TagsAll map[string]string: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

associationId String: Association ID of the Elastic IP address.
autoProvisionZones String: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
autoScalingIps String: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
id String: The provider-assigned unique ID for this managed resource.
networkInterfaceId String: ID of the network interface.
publicIp String: Public IP address.
regionalNatGatewayAddresses List<NatGatewayRegionalNatGatewayAddress>: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
regionalNatGatewayAutoMode String
routeTableId String: (regional NAT gateways only) ID of the automatically created route table.
tagsAll Map<String,String>: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

associationId string: Association ID of the Elastic IP address.
autoProvisionZones string: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
autoScalingIps string: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
id string: The provider-assigned unique ID for this managed resource.
networkInterfaceId string: ID of the network interface.
publicIp string: Public IP address.
regionalNatGatewayAddresses NatGatewayRegionalNatGatewayAddress[]: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
regionalNatGatewayAutoMode string
routeTableId string: (regional NAT gateways only) ID of the automatically created route table.
tagsAll {[key: string]: string}: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

association_id str: Association ID of the Elastic IP address.
auto_provision_zones str: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
auto_scaling_ips str: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
id str: The provider-assigned unique ID for this managed resource.
network_interface_id str: ID of the network interface.
public_ip str: Public IP address.
regional_nat_gateway_addresses Sequence[NatGatewayRegionalNatGatewayAddress]: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
regional_nat_gateway_auto_mode str
route_table_id str: (regional NAT gateways only) ID of the automatically created route table.
tags_all Mapping[str, str]: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

associationId String: Association ID of the Elastic IP address.
autoProvisionZones String: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
autoScalingIps String: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
id String: The provider-assigned unique ID for this managed resource.
networkInterfaceId String: ID of the network interface.
publicIp String: Public IP address.
regionalNatGatewayAddresses List<Property Map>: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
regionalNatGatewayAutoMode String
routeTableId String: (regional NAT gateways only) ID of the automatically created route table.
tagsAll Map<String>: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

Look up Existing NatGateway Resource

Get an existing NatGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: NatGatewayState, opts?: CustomResourceOptions): NatGateway

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        allocation_id: Optional[str] = None,
        association_id: Optional[str] = None,
        auto_provision_zones: Optional[str] = None,
        auto_scaling_ips: Optional[str] = None,
        availability_mode: Optional[str] = None,
        availability_zone_addresses: Optional[Sequence[NatGatewayAvailabilityZoneAddressArgs]] = None,
        connectivity_type: Optional[str] = None,
        network_interface_id: Optional[str] = None,
        private_ip: Optional[str] = None,
        public_ip: Optional[str] = None,
        region: Optional[str] = None,
        regional_nat_gateway_addresses: Optional[Sequence[NatGatewayRegionalNatGatewayAddressArgs]] = None,
        regional_nat_gateway_auto_mode: Optional[str] = None,
        route_table_id: Optional[str] = None,
        secondary_allocation_ids: Optional[Sequence[str]] = None,
        secondary_private_ip_address_count: Optional[int] = None,
        secondary_private_ip_addresses: Optional[Sequence[str]] = None,
        subnet_id: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        tags_all: Optional[Mapping[str, str]] = None,
        vpc_id: Optional[str] = None) -> NatGateway

func GetNatGateway(ctx *Context, name string, id IDInput, state *NatGatewayState, opts ...ResourceOption) (*NatGateway, error)

public static NatGateway Get(string name, Input<string> id, NatGatewayState? state, CustomResourceOptions? opts = null)

public static NatGateway get(String name, Output<String> id, NatGatewayState state, CustomResourceOptions options)

resources:  _:    type: aws:ec2:NatGateway    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AllocationId string: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
AssociationId string: Association ID of the Elastic IP address.
AutoProvisionZones string: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
AutoScalingIps string: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
AvailabilityMode string: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
AvailabilityZoneAddresses List<NatGatewayAvailabilityZoneAddress>: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
ConnectivityType string: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
NetworkInterfaceId string: ID of the network interface.
PrivateIp string: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
PublicIp string: Public IP address.
Region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
RegionalNatGatewayAddresses List<NatGatewayRegionalNatGatewayAddress>: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
RegionalNatGatewayAutoMode string
RouteTableId string: (regional NAT gateways only) ID of the automatically created route table.
SecondaryAllocationIds List<string>: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
SecondaryPrivateIpAddressCount int: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
SecondaryPrivateIpAddresses List<string>: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
SubnetId string: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
Tags Dictionary<string, string>: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
TagsAll Dictionary<string, string>: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.
VpcId string: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

AllocationId string: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
AssociationId string: Association ID of the Elastic IP address.
AutoProvisionZones string: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
AutoScalingIps string: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
AvailabilityMode string: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
AvailabilityZoneAddresses []NatGatewayAvailabilityZoneAddressArgs: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
ConnectivityType string: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
NetworkInterfaceId string: ID of the network interface.
PrivateIp string: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
PublicIp string: Public IP address.
Region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
RegionalNatGatewayAddresses []NatGatewayRegionalNatGatewayAddressArgs: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
RegionalNatGatewayAutoMode string
RouteTableId string: (regional NAT gateways only) ID of the automatically created route table.
SecondaryAllocationIds []string: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
SecondaryPrivateIpAddressCount int: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
SecondaryPrivateIpAddresses []string: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
SubnetId string: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
Tags map[string]string: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
TagsAll map[string]string: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.
VpcId string: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

allocationId String: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
associationId String: Association ID of the Elastic IP address.
autoProvisionZones String: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
autoScalingIps String: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
availabilityMode String: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
availabilityZoneAddresses List<NatGatewayAvailabilityZoneAddress>: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
connectivityType String: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
networkInterfaceId String: ID of the network interface.
privateIp String: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
publicIp String: Public IP address.
region String: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
regionalNatGatewayAddresses List<NatGatewayRegionalNatGatewayAddress>: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
regionalNatGatewayAutoMode String
routeTableId String: (regional NAT gateways only) ID of the automatically created route table.
secondaryAllocationIds List<String>: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
secondaryPrivateIpAddressCount Integer: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
secondaryPrivateIpAddresses List<String>: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
subnetId String: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
tags Map<String,String>: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
tagsAll Map<String,String>: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.
vpcId String: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

allocationId string: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
associationId string: Association ID of the Elastic IP address.
autoProvisionZones string: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
autoScalingIps string: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
availabilityMode string: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
availabilityZoneAddresses NatGatewayAvailabilityZoneAddress[]: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
connectivityType string: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
networkInterfaceId string: ID of the network interface.
privateIp string: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
publicIp string: Public IP address.
region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
regionalNatGatewayAddresses NatGatewayRegionalNatGatewayAddress[]: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
regionalNatGatewayAutoMode string
routeTableId string: (regional NAT gateways only) ID of the automatically created route table.
secondaryAllocationIds string[]: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
secondaryPrivateIpAddressCount number: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
secondaryPrivateIpAddresses string[]: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
subnetId string: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
tags {[key: string]: string}: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
tagsAll {[key: string]: string}: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.
vpcId string: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

allocation_id str: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
association_id str: Association ID of the Elastic IP address.
auto_provision_zones str: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
auto_scaling_ips str: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
availability_mode str: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
availability_zone_addresses Sequence[NatGatewayAvailabilityZoneAddressArgs]: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
connectivity_type str: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
network_interface_id str: ID of the network interface.
private_ip str: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
public_ip str: Public IP address.
region str: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
regional_nat_gateway_addresses Sequence[NatGatewayRegionalNatGatewayAddressArgs]: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
regional_nat_gateway_auto_mode str
route_table_id str: (regional NAT gateways only) ID of the automatically created route table.
secondary_allocation_ids Sequence[str]: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
secondary_private_ip_address_count int: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
secondary_private_ip_addresses Sequence[str]: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
subnet_id str: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
tags Mapping[str, str]: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
tags_all Mapping[str, str]: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.
vpc_id str: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

allocationId String: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
associationId String: Association ID of the Elastic IP address.
autoProvisionZones String: (regional NAT gateways only) Indicates whether AWS automatically manages AZ coverage.
autoScalingIps String: (regional NAT gateways only) Indicates whether AWS automatically allocates additional Elastic IP addresses (EIPs) in an AZ when the NAT gateway needs more ports due to increased concurrent connections to a single destination from that AZ.
availabilityMode String: Specifies whether to create a zonal (single-AZ) or regional (multi-AZ) NAT gateway. Valid values are zonal and regional. Defaults to zonal.
availabilityZoneAddresses List<Property Map>: Repeatable configuration block for the Elastic IP addresses (EIPs) and availability zones for the regional NAT gateway. When not specified, the regional NAT gateway will automatically expand to new AZs and associate EIPs upon detection of an elastic network interface (auto mode). When specified, auto-expansion is disabled (manual mode). See availabilityZoneAddress below for details.
connectivityType String: Connectivity type for the NAT Gateway. Valid values are private and public. When availabilityMode is set to regional, this must be set to public. Defaults to public.
networkInterfaceId String: ID of the network interface.
privateIp String: The private IPv4 address to assign to the NAT Gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
publicIp String: Public IP address.
region String: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
regionalNatGatewayAddresses List<Property Map>: (regional NAT gateways only) Repeatable blocks for information about the IP addresses and network interface associated with the regional NAT gateway.
regionalNatGatewayAutoMode String
routeTableId String: (regional NAT gateways only) ID of the automatically created route table.
secondaryAllocationIds List<String>: A list of secondary allocation EIP IDs for this NAT Gateway. To remove all secondary allocations an empty list should be specified.
secondaryPrivateIpAddressCount Number: The number of secondary private IPv4 addresses you want to assign to the NAT Gateway.
secondaryPrivateIpAddresses List<String>: A list of secondary private IPv4 addresses to assign to the NAT Gateway. To remove all secondary private addresses an empty list should be specified.
subnetId String: The Subnet ID of the subnet in which to place the NAT Gateway. Required when availabilityMode is set to zonal. Must not be set when availabilityMode is set to regional.
tags Map<String>: A map of tags to assign to the resource. .If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
tagsAll Map<String>: A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.
vpcId String: VPC ID where this NAT Gateway will be created. Required when availabilityMode is set to regional.

Supporting Types

NatGatewayAvailabilityZoneAddress, NatGatewayAvailabilityZoneAddressArgs

AllocationIds List<string>: List of allocation IDs of the Elastic IP addresses (EIPs) to be used for handling outbound NAT traffic in this specific Availability Zone.
AvailabilityZone string: Availability Zone (e.g. us-west-2a) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.
AvailabilityZoneId string: Availability Zone ID (e.g. usw2-az2) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.

AllocationIds []string: List of allocation IDs of the Elastic IP addresses (EIPs) to be used for handling outbound NAT traffic in this specific Availability Zone.
AvailabilityZone string: Availability Zone (e.g. us-west-2a) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.
AvailabilityZoneId string: Availability Zone ID (e.g. usw2-az2) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.

allocationIds List<String>: List of allocation IDs of the Elastic IP addresses (EIPs) to be used for handling outbound NAT traffic in this specific Availability Zone.
availabilityZone String: Availability Zone (e.g. us-west-2a) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.
availabilityZoneId String: Availability Zone ID (e.g. usw2-az2) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.

allocationIds string[]: List of allocation IDs of the Elastic IP addresses (EIPs) to be used for handling outbound NAT traffic in this specific Availability Zone.
availabilityZone string: Availability Zone (e.g. us-west-2a) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.
availabilityZoneId string: Availability Zone ID (e.g. usw2-az2) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.

allocation_ids Sequence[str]: List of allocation IDs of the Elastic IP addresses (EIPs) to be used for handling outbound NAT traffic in this specific Availability Zone.
availability_zone str: Availability Zone (e.g. us-west-2a) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.
availability_zone_id str: Availability Zone ID (e.g. usw2-az2) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.

allocationIds List<String>: List of allocation IDs of the Elastic IP addresses (EIPs) to be used for handling outbound NAT traffic in this specific Availability Zone.
availabilityZone String: Availability Zone (e.g. us-west-2a) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.
availabilityZoneId String: Availability Zone ID (e.g. usw2-az2) where this specific NAT gateway configuration will be active. Exactly one of availabilityZone or availabilityZoneId must be specified.

NatGatewayRegionalNatGatewayAddress, NatGatewayRegionalNatGatewayAddressArgs

AllocationId string: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
AssociationId string: Association ID of the Elastic IP address.
AvailabilityZone string: Availability Zone where this specific NAT gateway configuration is active.
AvailabilityZoneId string: Availability Zone ID where this specific NAT gateway configuration is active
NetworkInterfaceId string: ID of the network interface.
PublicIp string: Public IP address.
Status string: Status of the NAT gateway address.

AllocationId string: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
AssociationId string: Association ID of the Elastic IP address.
AvailabilityZone string: Availability Zone where this specific NAT gateway configuration is active.
AvailabilityZoneId string: Availability Zone ID where this specific NAT gateway configuration is active
NetworkInterfaceId string: ID of the network interface.
PublicIp string: Public IP address.
Status string: Status of the NAT gateway address.

allocationId String: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
associationId String: Association ID of the Elastic IP address.
availabilityZone String: Availability Zone where this specific NAT gateway configuration is active.
availabilityZoneId String: Availability Zone ID where this specific NAT gateway configuration is active
networkInterfaceId String: ID of the network interface.
publicIp String: Public IP address.
status String: Status of the NAT gateway address.

allocationId string: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
associationId string: Association ID of the Elastic IP address.
availabilityZone string: Availability Zone where this specific NAT gateway configuration is active.
availabilityZoneId string: Availability Zone ID where this specific NAT gateway configuration is active
networkInterfaceId string: ID of the network interface.
publicIp string: Public IP address.
status string: Status of the NAT gateway address.

allocation_id str: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
association_id str: Association ID of the Elastic IP address.
availability_zone str: Availability Zone where this specific NAT gateway configuration is active.
availability_zone_id str: Availability Zone ID where this specific NAT gateway configuration is active
network_interface_id str: ID of the network interface.
public_ip str: Public IP address.
status str: Status of the NAT gateway address.

allocationId String: The Allocation ID of the Elastic IP address for the NAT Gateway. Required when connectivityType is set to public and availabilityMode is set to zonal. When availabilityMode is set to regional, this must not be set; instead, use the availabilityZoneAddress block to specify EIPs for each AZ.
associationId String: Association ID of the Elastic IP address.
availabilityZone String: Availability Zone where this specific NAT gateway configuration is active.
availabilityZoneId String: Availability Zone ID where this specific NAT gateway configuration is active
networkInterfaceId String: ID of the network interface.
publicIp String: Public IP address.
status String: Status of the NAT gateway address.

Import

Identity Schema

Required

id (String) ID of the NAT Gateway.

Optional

accountId (String) AWS Account where this resource is managed.
region (String) Region where this resource is managed.

Using pulumi import, import NAT Gateways using the id. For example:

$ pulumi import aws:ec2/natGateway:NatGateway private_gw nat-05dba92075d71c408

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

Viewing docs for AWS v7.28.0
published on Thursday, Apr 30, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-aws

aws.ec2.NatGateway

On this page

On this page

Example Usage

Public NAT

Public NAT with Secondary Private IP Addresses

Private NAT

Private NAT with Secondary Private IP Addresses

Regional NAT Gateway with auto mode

Regional NAT Gateway with manual mode

Create NatGateway Resource

Constructor syntax

Parameters

NatGateway Resource Properties

Inputs

Outputs

Look up Existing NatGateway Resource

Supporting Types

NatGatewayAvailabilityZoneAddress, NatGatewayAvailabilityZoneAddressArgs

NatGatewayRegionalNatGatewayAddress, NatGatewayRegionalNatGatewayAddressArgs

Import

Identity Schema

Required

Optional

Package Details

On this page

On this page