cfn-natgateway
Advanced tools
AWS CloudFormation does not support AWS Managed nat. This is a Lambda-backed custom resource to add support for AWS Managed nat to CloudFormation.
This package on NPM
This package on GitHub
This Lambda makes use of the Lambda-Backed CloudFormation Custom Resource flow module, cfn-lambda (GitHub / NPM).
"MyNatgateway": {
"Type": "Custom::Natgateway",
"DependsOn": "MyEIP",
"Properties": {
"ServiceToken": {
"Fn::Join": [
":",
[
"arn",
"aws",
"lambda",
{
"Ref": "AWS::Region"
},
{
"Ref": "AWS::AccountId"
},
"function",
"cfn-natgateway-0-1-1"
]
]
},
"SubnetId": {
"Ref": "PublicSubnet"
},
"AllocationId": {
"Fn::GetAtt": [ "MyEIP", "AllocationId"]
}
}
},
"PrivateRouteTable": {
"Type": "AWS::EC2::RouteTable",
"DependsOn": "MyNatgateway2",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [{
"Key": "Application",
"Value": {
"Ref": "AWS::StackId"
}
}, {
"Key": "Network",
"Value": "Private"
}]
}
},
"PrivateRoute": {
"Type": "Custom::Natroute",
"DependsOn": "MyNatgateway",
"Properties": {
"ServiceToken": {
"Fn::Join": [
":",
[
"arn",
"aws",
"lambda",
{
"Ref": "AWS::Region"
},
{
"Ref": "AWS::AccountId"
},
"function",
"cfn-natroute-0-1-1"
]
]
},
"RouteTableId": {
"Ref": "PrivateRouteTable"
},
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "MyNatgateway"
}
}
},
The way that takes 10 seconds...
# Have aws CLI installed + permissions for IAM and Lamdba
$ npm install cfn-lambda cfn-natgateway cfn-natroute
$ node -e "var r='us-east-1';var c=require('cfn-lambda');c.deploy('cfn-natgateway', r, [r], null);c.deploy('cfn-natroute', r, [r], null);"
You will have this resource installed in the us-east-1 region!
... And the way more difficult way.
IMPORTANT: With this method, you must install this custom service Lambda in each AWS Region in which you want CloudFormation to be able to access the Natgateway custom resource!
Zip this repository into /tmp/Natgateway.zip
$ cd $REPO_ROOT && zip -r /tmp/Natgateway.zip;
Enter a name in the Name blank. I suggest: CfnLambdaResouce-Natgateway
Enter a Description (optional).
Toggle Code Entry Type to "Upload a .ZIP file"
Click "Upload", navigate to and select /tmp/Natgateway.zip
Set the Timeout under Advanced Settings to 10 sec
Click the Role dropdown then click "Basic Execution Role". This will pop out a new window.
Select IAM Role, then select option "Create a new IAM Role"
Name the role lambda_cfn_natgateway (or something descriptive)
Click "View Policy Document", click "Edit" on the right, then hit "OK"
Copy and paste the ./execution-policy.json document.
Hit "Allow". The window will close. Go back to the first window if you are not already there.
Click "Create Function". Finally, done! Now go to Usage. Next time, stick to the instant deploy script.
FAQs
AWS CloudFormation Custom Lambda Resource | AWS Natgateway
We found that cfn-natgateway demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.