---
title: Amazon Nat Gateway
description: >-
  NAT enables instances in a private subnet to access the internet while
  blocking internet-initiated connections.
breadcrumbs: Docs > Integrations > Amazon Nat Gateway
---

# Amazon Nat Gateway
Integration version1.0.0
## Overview{% #overview %}

Use AWS NAT Gateway to enable instances in a private subnet to connect to the internet, but prevent the internet from initiating connections with the instances.

Enable this integration to see all your NAT Gateway metrics in Datadog.

## Setup{% #setup %}

### Installation{% #installation %}

If you haven't already, set up the [Amazon Web Services integration](https://docs.datadoghq.com/integrations/amazon_web_services/) first.

### Metric collection{% #metric-collection %}

1. In the [AWS integration page](https://app.datadoghq.com/integrations/amazon-web-services), ensure that `NATGateway` is enabled under the `Metric Collection` tab.
1. Install the [Datadog - AWS NAT Gateway integration](https://app.datadoghq.com/integrations/amazon-nat-gateway).

### Log collection{% #log-collection %}

#### Enable logging{% #enable-logging %}

Configure AWS NAT Gateway to send logs either to a S3 bucket or to CloudWatch.

**Note**: If you log to a S3 bucket, make sure that `amazon_nat_gateway` is set as *Target prefix*.

#### Send logs to Datadog{% #send-logs-to-datadog %}

1. If you haven't already, set up the [Datadog Forwarder Lambda function](https://docs.datadoghq.com/logs/guide/forwarder/).

1. Once the Lambda function is installed, manually add a trigger on the S3 bucket or CloudWatch log group that contains your AWS NAT Gateway logs in the AWS console:

   - [Add a manual trigger on the S3 bucket](https://docs.datadoghq.com/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function/#collecting-logs-from-s3-buckets)
   - [Add a manual trigger on the CloudWatch Log Group](https://docs.datadoghq.com/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function/#collecting-logs-from-cloudwatch-log-group)

## Data Collected{% #data-collected %}

### Metrics{% #metrics %}

|  |
|  |
| **aws.natgateway.active\_connection\_count**(count)          | The total number of concurrent active TCP connections through the NAT gateway.*Shown as connection*   |
| **aws.natgateway.active\_connection\_count.maximum**(count)  | The maximum number of concurrent active TCP connections through the NAT gateway.*Shown as connection* |
| **aws.natgateway.active\_connection\_count.minimum**(count)  | The minimum number of concurrent active TCP connections through the NAT gateway.*Shown as connection* |
| **aws.natgateway.bytes\_in\_from\_destination**(gauge)       | The number of bytes received by the NAT Gateway from the destination.*Shown as byte*                  |
| **aws.natgateway.bytes\_in\_from\_destination.sum**(gauge)   | The sum of bytes received by the NAT Gateway from the destination.*Shown as byte*                     |
| **aws.natgateway.bytes\_in\_from\_source**(gauge)            | The number of bytes received by the NAT Gateway from the VPC clients.*Shown as byte*                  |
| **aws.natgateway.bytes\_in\_from\_source.sum**(gauge)        | The sum of bytes received by the NAT Gateway from the VPC clients.*Shown as byte*                     |
| **aws.natgateway.bytes\_out\_to\_destination**(gauge)        | The number of bytes sent through the NAT Gateway to the destination.*Shown as byte*                   |
| **aws.natgateway.bytes\_out\_to\_destination.sum**(gauge)    | The sum of bytes sent through the NAT Gateway to the destination.*Shown as byte*                      |
| **aws.natgateway.bytes\_out\_to\_source**(gauge)             | The number of bytes sent through the NAT Gateway to the VPC clients.*Shown as byte*                   |
| **aws.natgateway.bytes\_out\_to\_source.sum**(gauge)         | The sum of bytes sent through the NAT Gateway to the VPC clients.*Shown as byte*                      |
| **aws.natgateway.connection\_attempt\_count**(count)         | The number of connection attempts made through the NAT gateway.*Shown as attempt*                     |
| **aws.natgateway.connection\_attempt\_count.sum**(count)     | The sum of connection attempts made through the NAT gateway.*Shown as attempt*                        |
| **aws.natgateway.connection\_established\_count**(count)     | The number of connections established through the NAT gateway.*Shown as connection*                   |
| **aws.natgateway.connection\_established\_count.sum**(count) | The sum of connections established through the NAT gateway.                                           |
| **aws.natgateway.error\_port\_allocation**(count)            | The number of times the NAT gateway could not allocate a source port.*Shown as error*                 |
| **aws.natgateway.error\_port\_allocation.sum**(count)        | The sum of times the NAT gateway could not allocate a source port.*Shown as error*                    |
| **aws.natgateway.idle\_timeout\_count**(count)               | The number of timeouts caused by connections going from active to idle state.*Shown as timeout*       |
| **aws.natgateway.idle\_timeout\_count.sum**(count)           | The sum of timeouts caused by connections going from active to idle state.*Shown as timeout*          |
| **aws.natgateway.packets\_drop\_count**(count)               | The number of packets dropped by the NAT Gateway.*Shown as packet*                                    |
| **aws.natgateway.packets\_drop\_count.sum**(count)           | The sum of packets dropped by the NAT Gateway.*Shown as packet*                                       |
| **aws.natgateway.packets\_in\_from\_destination**(count)     | The number of packets received by the NAT Gateway from the destination.*Shown as packet*              |
| **aws.natgateway.packets\_in\_from\_destination.sum**(count) | The sum of packets received by the NAT Gateway from the destination.*Shown as packet*                 |
| **aws.natgateway.packets\_in\_from\_source**(count)          | The number of packets received by the NAT Gateway from the VPC clients.*Shown as packet*              |
| **aws.natgateway.packets\_in\_from\_source.sum**(count)      | The sum of packets received by the NAT Gateway from the VPC clients.*Shown as packet*                 |
| **aws.natgateway.packets\_out\_to\_destination**(count)      | The number of packets sent through the NAT Gateway to the destination.*Shown as packet*               |
| **aws.natgateway.packets\_out\_to\_destination.sum**(count)  | The sum of packets sent through the NAT Gateway to the destination.*Shown as packet*                  |
| **aws.natgateway.packets\_out\_to\_source**(count)           | The number of packets sent through the NAT Gateway to the VPC clients.*Shown as packet*               |
| **aws.natgateway.packets\_out\_to\_source.sum**(count)       | The sum of packets sent through the NAT Gateway to the VPC clients.*Shown as packet*                  |

### Events{% #events %}

The AWS NAT Gateway integration does not include any events.

### Service Checks{% #service-checks %}

The AWS NAT Gateway integration does not include any service checks.

## Troubleshooting{% #troubleshooting %}

Need help? Contact [Datadog support](https://docs.datadoghq.com/help/).