PlatformResourcesSign inSign Up

Ensure AWS NAT Gateways are utilized for the default route

Error: AWS NAT Gateways are not utilized for the default route

Bridgecrew Policy ID: BC_AWS_NETWORKING_77
Checkov Check ID: CKV2_AWS_35
Severity: LOW

Suggest Edits

AWS NAT Gateways are not utilized for the default route

Description

Using Amazon NAT Gateways (AWS NAT Gateways) for the default route can help improve the security and performance of your network. NAT Gateways allow you to route traffic from your Amazon Virtual Private Cloud (Amazon VPC) to the Internet, while also hiding the IP addresses of your instances from the Internet. This can help protect your instances from potential threats such as spoofing attacks and port scans.

Fix - Buildtime

Terraform

resource "aws_vpc" "example" {
  cidr_block = "10.0.0.0/16"
}

resource "aws_internet_gateway" "example" {
  vpc_id = aws_vpc.example.id
}

resource "aws_route_table" "aws_route_table_ok_1" {
  vpc_id = aws_vpc.example.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.example.id
  }
}

Updated 9 months ago