Configuring Networks
This page explains how to configure networks according to CSP-specific parameters.
AWS Configuration
Region
Select the Region that you want your network to be deployed in. For more information about Regions, see the AWS documentation.
CIDR Block
Enter a CIDR block for the network in the selected region. CIDR blocks must be valid and cannot overlap with other regions in the same network.
Networking Mode
ACTIVATE provides different networking modes for compute nodes on a cluster. The networking mode determines how compute nodes connect to the internet.
| Networking Mode | Description | Tracks Egress Cost? | Notes |
|---|---|---|---|
| Private Subnets | This networking mode will provision a NAT gateway. The NAT gateway will be used for outbound internet connectivity for all compute nodes in the region. | No | The NAT Gateway will incur a charge for every hour it is running. |
| Controller as NAT Gateway | All compute nodes will route their outbound internet traffic through the controller node. Compute nodes will have the same IP address as the controller node. | Yes | Partitions must be in the same availability zone as the controller. |
| Nodes With Public IPs | This networking mode will assign a public IP address to each compute node. The nodes' public IPs will not be accessible from the internet. | Yes | Each node will have its own IP address rather than having the same one as other nodes. |
| Private | This networking mode creates a fully private network with no direct internet access. Requires a Transit Gateway for connectivity when peered to the platform. | No | A Transit Gateway ID is required when peering to the platform. |
Transit Gateway Peering (Private Mode)
When using the Private networking mode on AWS, you can peer the network to the ACTIVATE platform via a Transit Gateway. If you enable peering, you must provide a Transit Gateway ID.
Enable NAT Gateway (Private Mode)
When using the Private networking mode on AWS without peering to the platform, an Enable NAT Gateway toggle becomes available. When enabled, ACTIVATE provisions a NAT gateway that allows resources in the private network to make outbound internet connections (for example, downloading packages or accessing external APIs) while remaining unreachable from the internet.
This option is not available when using Transit Gateway peering, as traffic is expected to route through a central networking account.
NAT Gateway Costs
The NAT gateway incurs a charge for every hour it is running. For more information, see the AWS documentation on NAT gateway pricing.