Cloud Horizon Get the free audit

AWS · Free tool

AWS NAT Gateway cost calculator

The line item nobody budgets for. Plug in your NAT Gateway count and monthly data processed, and see the real monthly bill plus a checklist of the most common NAT cost drivers we catch in audits.

Estimated monthly NAT cost

$0

$0 per year

Hourly cost

$0

3 NATs × 730 hours × $0.045/hr

Data-processing cost

$0

8,000 GB × $0.045/GB

If your monthly NAT bill is unusually high, check these first

  • S3 traffic without a Gateway VPC Endpoint, paying $0.045/GB to reach S3 in the same region.
  • ECR image pulls without an Interface VPC Endpoint, charged for every container start.
  • Cross-AZ chatty workloads routed through NAT instead of staying internal.
  • Misconfigured route table sending VPC-internal traffic to NAT (the $4,318/mo anomaly we caught last quarter).

Why NAT shows up in audits so often

NAT Gateway is the AWS service teams budget least and overspend most. The hourly fee is small. The per-GB processing fee is what gets you. Every byte your private subnets push through NAT, regardless of destination, is metered.

The fix is rarely a single change. It is a route-table audit, a VPC endpoint rollout, and a small Terraform diff that nobody scheduled. We do it as part of the 14-day audit and hand the engineer a one-page playbook.

Run this on your real account

Free 14-day audit, read-only IAM role, one-page CFO summary.

We pull your actual NAT spend, identify the routes and endpoints driving the bill, and hand the engineer the exact Terraform diff. The audit is free, the report is yours, and we do not chase you for an upsell call.

Get the free audit More free FinOps tools

Frequently asked

Why is NAT Gateway often a top-three line item?

Two reasons. First, every workload in a private subnet that touches the internet routes through NAT, including container image pulls, package updates, and SaaS API calls. Second, the data-processing fee charges per GB regardless of destination, so a single misconfigured route can ship internal traffic through NAT and double the bill overnight.

What is the typical regional rate?

In most US regions the NAT Gateway hourly rate is around $0.045 per hour and the data-processing rate is $0.045 per GB. Europe and Asia regions sit slightly higher at $0.05 per hour and $0.05 per GB. Override the defaults if you have a Private Pricing Agreement with different rates.

How do I reduce NAT cost without breaking workloads?

Three high-leverage moves. One, use VPC endpoints for AWS-native traffic so S3, DynamoDB, ECR, and SSM bypass NAT entirely. Two, route same-region traffic through internal endpoints rather than public DNS. Three, audit egress patterns for cross-AZ chatty workloads that should run in a single AZ. Cloud Horizon runs this audit automatically as part of the 14-day free pass.