am I way off-base here? this just seems like a hug...
# randoms
Sam Hulick
08/18/2021, 4:33 PMam I way off-base here? this just seems like a huge flaw in CDK. https://github.com/aws/aws-cdk/issues/15929
a
Ashishkumar Pandey
08/18/2021, 6:14 PMI thought I was confused before regarding this, I am using PrivateLink to connect to external APIs, seems like that can be avoided.
Ashishkumar Pandey
08/18/2021, 6:15 PMGood catch, it’s a team issue, cdk and aws core teams are conflicted lol. 😂
s
Sam Hulick
08/18/2021, 6:16 PMI didn’t want to outright say it in the issue, but at worst, it seems unethical to lead people to believe private subnets require NAT Gateways ($90/mo to cover 3 AZs).. and at the very least, it seems careless
t
thdxr
08/18/2021, 6:17 PMNAT gateways are so expensive
thdxr
08/18/2021, 6:18 PMIt's what lead me to shift to a no-vpc setup
s
Sam Hulick
08/18/2021, 6:19 PMthey are. and you don’t really need them, is the thing! unless you want your private resources accessing the outside Internet.
I’ve set up RDS before with private subnets and no NAT.
r
Ross Coundon
08/18/2021, 7:21 PMVery naughty
c
Christopher Fraser
08/19/2021, 8:42 AMI'm actually trying to figure out right now why our application which isnt even live yet counted 70TB of data through NAT gateways, and racked up a $1k bill
Christopher Fraser
08/19/2021, 8:43 AMand then only after that learned the NAT gateways didnt even need to exist
s
Sam Hulick
08/19/2021, 1:52 PM@Christopher Fraser do you mind if I quote you in that GitHub issue? (I’ll censor your name) AWS needs to know this kind of stuff
c
Christopher Fraser
09/07/2021, 4:12 AMGo for it
3 Views