Control: Unused NAT gateways should be deleted

Description

NAT gateway are charged on an hourly basis once they are provisioned and available, so unused gateways should be deleted.

Usage

Run the control in your terminal:

powerpipe control run aws_thrifty.control.vpc_nat_gateway_unused

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_thrifty.control.vpc_nat_gateway_unused --share

Steampipe Tables

aws_vpc_nat_gateway

aws_vpc_nat_gateway_metric_bytes_out_to_destination

SQL

select
  nat.arn as resource,
  case
    when nat.state <> 'available' then 'alarm'
    when sum(average) = 0 then 'alarm'
    else 'ok'
  end as status,
  case
    when nat.state <> 'available' then nat.title || ' in ' || nat.state || ' state.'
    when sum(average) = 0 then nat.title || ' not in-use.'
    else nat.title || ' in-use.'
  end as reason
  
  , nat.region, nat.account_id
from
  aws_vpc_nat_gateway as nat
  left join aws_vpc_nat_gateway_metric_bytes_out_to_destination as dest on nat.nat_gateway_id = dest.nat_gateway_id
group by
  nat.title,
  nat.arn,
  nat.state,
  nat.region,
  nat.account_id;

Control: Unused NAT gateways should be deleted

Description

Usage

Steampipe Tables

SQL

Tags