Skip to content
This repository was archived by the owner on Jul 20, 2024. It is now read-only.

Commit 2ea2e95

Browse files
int128int128
authored
Update README.md
1 parent 9b87e79 commit 2ea2e95

File tree

1 file changed

+14
-9
lines changed

1 file changed

+14
-9
lines changed

README.md

Lines changed: 14 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,16 @@ This is a Terraform module which provisions a NAT instance.
44

55
Features:
66

7-
- Providing NAT for one or more private subnets
8-
- Auto healing by the Auto Scaling Group
9-
- Saving cost by spot requests
10-
- Fixed public IP address using an Elastic IP and Elastic Network Interface
11-
- Login with Systems Manager Session Manager
7+
- Providing NAT for private subnet(s)
8+
- Auto healing using an auto scaling group
9+
- Saving cost using a spot instance
10+
- Fixed source IP address by reattaching ENI
11+
- Supporting Systems Manager Session Manager
1212

1313
Terraform 0.12 is required.
1414

15+
**Warning**: Generally you should use a NAT gateway. This module provides a very low cost solution for testing purpose.
16+
1517

1618
## Getting Started
1719

@@ -40,18 +42,19 @@ module "nat" {
4042
}
4143
```
4244

43-
You can log in to the NAT instance via [AWS Systems Manager Session Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html).
45+
Now create an EC2 instance in the private subnet to verify the NAT configuration.
46+
Open the [AWS Systems Manager Session Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html), log in to the instance and make sure you have external access from the instance.
4447

4548

4649
## How it works
4750

4851
This module provisions the following resources:
4952

50-
- Launch Template for the NAT instance
5153
- Auto Scaling Group with mixed instances policy
54+
- Launch Template
5255
- Elastic IP
5356
- Elastic Network Interface
54-
- Security Group for the NAT instance
57+
- Security Group
5558
- IAM Role for SSM and ENI attachment
5659
- VPC Route (optional)
5760

@@ -120,7 +123,9 @@ iptables -t nat -A PREROUTING -m tcp -p tcp --dst "${eni_private_ip}" --dport 80
120123

121124
### Allow SSH access
122125

123-
For example,
126+
You can log in to the NAT instance from [AWS Systems Manager Session Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html).
127+
128+
You can enable SSH access by setting `key_name` option and opening the security group. For example,
124129

125130
```tf
126131
module "nat" {

0 commit comments

Comments
 (0)