I am new in AWS with CDK and trying to reduce cost in NAT-Gateway and ALB. I have a stack for every client within NAT-Gateway, ALB, EC2, EFS and so on. If I have 3 clients I will end with 3 NAT-Gateways, 3 ALBs, ... The questions is; How can I share the Nat-Gateway and ALB with all my clients to reduce cost? Is it possible? Can I have one VPC-public with NAT-Gateway, ALB and one VPC-private for every client? Does it make sense? Thank you.
I am trying: One VPC for all my stacks. VPC-public with NAT-Gateway and ALB. VPC-private for every client.
You could choose to only use one NAT Gateway per VPC. All private subnets can route traffic through that NAT Gateway. However, it is not redundant in that the Availability Zone running the NAT Gateway could fail and the private instances would not be able to reach the Internet. Thus, some people choose to have one NAT Gateway per AZ they are using.
Your ultimate best design would be to have a 'multi-tenant' application where all of your clients use the same application on the same EC2 instance(s). However, you appear to need separate EC2 instances for each of your clients, which makes things more expensive.
You can certainly re-use the Application Load Balancer if everything is running in the one VPC. You can configure a slightly different path so that the Load Balancer knows to send the traffic to specific EC2 instances based on the client indicated in the path in the URL.
So, the simplest design is:
If you are dividing resources between VPCs, then it is much harder to share resources. You'd need to use VPC Peering or Transit Gateways that are more complex.