terraform-aws-dynamic-subnets icon indicating copy to clipboard operation
terraform-aws-dynamic-subnets copied to clipboard

Published 20 hours ago verified publisher icon cloudposse

AWS NAT Instance AMI no longer supported

Open dleber opened this issue 1 year ago • 1 comments

Describe the Bug

It seems AWS no longer offers a NAT instance AMI.

When nat_instance_enabled=true, it causes

Error: Your query returned no results. Please change your search criteria and try again.

which comes from data "aws_ami" "nat_instance" in nat-instance.tf.

According to this page, maintenance support ended 2023-12-01. They recommend using NAT gateways, or creating your own NAT instance AMI.

The nat_instance_ami_id parameter in the docs notes the phasing out of the AWS AMI.

Expected Behavior

Given this stems from AWS, the solution is probably to provide a clear error to the user if nat_instance_enabled = true and nat_instance_ami_id not specified. In other words, if users want to use NAT instances, they must provide their own AMIs.

Steps to Reproduce

module "subnets" {
  source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=0.39.8"

  namespace = var.default_namespace
  stage     = var.default_stage
  name      = var.default_name

  availability_zones  = slice(data.aws_availability_zones.available.names, 0, var.max_availability_zones)
  vpc_id              = module.vpc.vpc_id
  igw_id              = module.vpc.igw_id
  cidr_block          = module.vpc.vpc_cidr_block

  nat_gateway_enabled = false
  nat_instance_enabled = true
  nat_instance_type = "t3a.nano"
}

Screenshots

No response

Environment

No response

Additional Context

I'm using v 0.39.8 of the module. I've checked the latest code in data "aws_ami" "nat_instance" in nat-instance.tf and it appears it would have the same problem.

dleber avatar Jan 11 '24 05:01 dleber