I am deploying an application where I am using a NAT gateway with a lambda inside a private subnet to talk to other AWS services outside the vpc. Everything is working fine but the NAT gateway adds alot of extra costs to the billing. I am assuming if I can replace the NAT gateway and use and interface vpc endpoint instead?
Asked
Active
Viewed 421 times
1 Answers
1
I am assuming if I can replace the NAT gateway and use and interface vpc endpoint instead?
Yes, you can do this. But please note that not all services have VPC interface endpoints. The list of such services is here.
Marcin
- 215,873
- 14
- 235
- 294
-
Hi Marcin, thanks for the reply. Can you please tell me one more thing? I want to access the services from within the lambda in a private subnet and it is compatible with VPC endpoints. The service that I am trying to access is Amazon Connect which is outside the VPC. Do I need to check the vpc endpoint compatibility with other Aws services as well? – Hamza J Mar 16 '21 at 13:04
-
@HamzaJ It seems that `Amazon Connect` does not have interface endpoint. So you can't access it without NAT. You can check NAT instance, rather then gateway. Small NAT instance could be cheaper then NAT gateway. But in general often to access one service over VPC interface endpoint, you need other endpoints as well. – Marcin Mar 16 '21 at 23:12