Skip to content

[DTOSS-12318] - feat(iac): add nat-gateway module#284

Merged
josielsouzanordcloud merged 1 commit intomainfrom
DTOSS-12318-nat-gateway
Mar 2, 2026
Merged

[DTOSS-12318] - feat(iac): add nat-gateway module#284
josielsouzanordcloud merged 1 commit intomainfrom
DTOSS-12318-nat-gateway

Conversation

@josielsouzanordcloud
Copy link
Contributor

@josielsouzanordcloud josielsouzanordcloud commented Mar 2, 2026

Description

This PR introduces a new nat-gateway module to deploy an Azure NAT gateway with a dedicated public IP address. The NAT gateway provides explicit outbound connectivity for subnets without public IP addresses, addressing the retirement of default outbound access by Microsoft.

Type of change

  • Bug fix
  • New feature
  • Breaking change
  • Infrastructure change
  • Pipeline / CI
  • Documentation update
  • Refactor

Jira link

DTOSS-12318

Review notes

  • README.md: Added comprehensive documentation for the NAT gateway module, including usage examples, prerequisites, and configuration options.
  • main.tf: Defined resources for the NAT gateway, public IP, and associations with subnets. Utilised a submodule for creating the public IP address.
  • outputs.tf: Exported outputs for the NAT gateway's ID, name, and associated public IP address.
  • tfdocs.md: Generated Terraform documentation detailing required and optional inputs, resources used, and module outputs.
  • variables.tf: Defined input variables with validations to ensure correct configuration.

Breaking changes

None

Impact

  • Infrastructure: Adds support for deploying NAT gateways, enabling outbound connectivity for subnets without public IPs.
  • Security: Enhances security by providing controlled outbound access through NAT gateways.
  • Cost: Increases infrastructure costs due to the addition of NAT gateway and associated resources.

Review checklist

  • No hardcoded secrets, credentials, or tokens
  • PR title follows correct format (with ticket prefix if ticket provided, without if not)
  • terraform plan reviewed — no unintended resource destruction
  • Mandatory tags on all new resources
  • Resource locks on critical resources
  • Variable changes propagated to all environment .tfvars files
  • State file impact assessed

Checklist

  • I am familiar with the contributing guidelines
  • I have followed the code style of the project
  • I have added tests to cover my changes
  • I have updated the documentation accordingly
  • This PR is a result of pair or mob programming

Sensitive Information Declaration

To ensure the utmost confidentiality and protect your and others privacy, we kindly ask you to NOT including PII (Personal Identifiable Information) / PID (Personal Identifiable Data) or any other sensitive data in this PR (Pull Request) and the codebase changes. We will remove any PR that do contain any sensitive information. We really appreciate your cooperation in this matter.

  • I confirm that neither PII/PID nor sensitive data are included in this PR and the codebase changes.

@josielsouzanordcloud
feat(iac): add nat-gateway module
0095998 
This commit adds a new Terraform module for deploying an Azure NAT gateway with a dedicated public IP address. The module includes comprehensive documentation, input validation, and outputs.

Refs: DTOSS-12318
@josielsouzanordcloud josielsouzanordcloud added this pull request to the merge queue Mar 2, 2026
Merged via the queue into main with commit 25275d9 Mar 2, 2026
26 checks passed
@josielsouzanordcloud josielsouzanordcloud deleted the DTOSS-12318-nat-gateway branch March 2, 2026 13:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rfk-nc rfk-nc rfk-nc approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@josielsouzanordcloud @rfk-nc