Closed cguertin14 closed 1 year ago
Hi @cguertin14, we can certainly consider adding any outputs that make sense. However, I don't yet fully understand your use case. Could you elaborate?
we'd like to have our 0.0.0.0/0 routes set to the corresponding EC2 instances+Network interface IDs directly in our codebase, rather than have these routes set to the managed NAT gateways
Typically you should not have any route to 0.0.0.0/0 in your Terraform configuration. Alternat will manage the 0.0.0.0/0 route. It will point at the NAT instance almost all of the time, except (a) if there is a connectionproblem with the NAT instance, or (b) when the NAT instance is automatically replace with a new instance when the max instance lifetime expires. When a new NAT instance boots, it will reclaim the route.
Point being, I'd advise that you do not manage the 0.0.0.0/0 route at all and just let alternat do the thing.
thanks! yeah i guess that makes sense. the challenge here will be to remove the 0.0.0.0/0 routes from terraform as they are currently routed within aws_route_table
resources 😅 but yes, in this case, no need for a new output.
What I'd suggest is to just remove the route
block from the aws_route_table
resource. Manually set the route on each route table to the NAT Gateway, then allow alterNAT to manage it. It works quite well in our environment.
Hi, first off I'd like to say that this repository is awesome and I love the savings it offers! Just started deploying this project today and we can already see the benefits of this solution.
One thing I was wondering about is wether we could add outputs to the Terraform module such as:
Here's an example of what it would look like as an output:
This would particularly be helpful since we have our route tables created by Terraform per-az, so we'd like to have our 0.0.0.0/0 routes set to the corresponding EC2 instances+Network interface IDs directly in our codebase, rather than have these routes set to the managed NAT gateways and risk having someone overriding the 0.0.0.0/0 routes by mistake and our costs going through the roof because of managed NATs usage.
We are totally open to contributing to this repository, just looking for thoughts first and then we could open a PR. Thank you :)