Skip to content
This repository was archived by the owner on Jul 20, 2024. It is now read-only.

Commit 7859faa

Browse files
int128int128
authored
Update README.md
1 parent 35815d7 commit 7859faa

File tree

1 file changed

+22
-29
lines changed

1 file changed

+22
-29
lines changed

README.md

Lines changed: 22 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,22 @@
11
# terraform-aws-nat-instance [![CircleCI](https://circleci.com/gh/int128/terraform-aws-nat-instance.svg?style=shield)](https://circleci.com/gh/int128/terraform-aws-nat-instance)
22

3-
This is a Terraform module to provision a NAT instance for private subnet(s).
4-
It provides the following features:
3+
This is a Terraform module which provisions a NAT instance.
54

6-
- Auto healing using the ASG
7-
- Lower cost using a spot instance
8-
- Fixed public IP address using an EIP and ENI
9-
- SSM session manager support
5+
Features:
6+
7+
- Providing NAT for one or more private subnets
8+
- Auto healing by the Auto Scaling Group
9+
- Saving cost by spot requests
10+
- Fixed public IP address using an Elastic IP and Elastic Network Interface
11+
- Login with Systems Manager Session Manager
12+
13+
Terraform 0.12 is required.
1014

1115

1216
## Getting Started
1317

18+
You can use this module with [terraform-aws-modules/vpc/aws](https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws) module as follows:
19+
1420
```tf
1521
module "vpc" {
1622
source = "terraform-aws-modules/vpc/aws"
@@ -29,49 +35,36 @@ module "nat" {
2935
vpc_id = module.vpc.vpc_id
3036
public_subnet = module.vpc.public_subnets[0]
3137
private_subnets_cidr_blocks = module.vpc.private_subnets_cidr_blocks
32-
33-
# (Optional)
34-
# you can specify this to set the default route to the ENI in the route tables
35-
private_route_table_ids = module.vpc.private_route_table_ids
38+
private_route_table_ids = module.vpc.private_route_table_ids
3639
}
3740
```
3841

3942

4043
## How it works
4144

42-
Take a look at the diagram:
43-
44-
![diagram](diagram.svg)
45-
46-
This module provisions the following resources:
45+
This module will create the following resources:
4746

48-
- Launch Template
49-
- Auto Scaling Group with miexed instances policy
47+
- Launch Template for the NAT instance
48+
- Auto Scaling Group with mixed instances policy
5049
- Elastic IP
5150
- Elastic Network Interface
52-
- Security Group (allow from private subnets and to Internet)
51+
- Security Group for the NAT instance
5352
- IAM Role for SSM and ENI attachment
5453
- VPC Route (optional)
5554

56-
The auto scaling group will create an instance.
55+
Take a look at the diagram:
56+
57+
![diagram](diagram.svg)
5758

58-
The instance does the following things on startup:
59+
The NAT instance will do the following tasks on startup:
5960

6061
1. Attach the ENI to `eth1`.
6162
1. Enable IP forwarding.
6263
1. Set to ignore ICMP redirect packets.
6364
1. Enable IP masquerade.
6465
1. Switch the default route to `eth1`.
6566

66-
See [init.sh](data/init.sh) for more.
67-
68-
69-
## TODOs
70-
71-
- [ ] Outputs
72-
- [x] Variables descriptions
73-
- [ ] CI
74-
- [x] Parameters list in README.md
67+
See [init.sh](data/init.sh) for details.
7568

7669

7770
## Contributions

0 commit comments

Comments
 (0)