No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

I think the problem are the two nested loops, the outer loop iterates over the availability zones and the inner one over the range of 0 and 1.

Well, just the inner loop, as you create EIPs with distinct names NAT-Gateway-IP-0 and NAT-Gateway-IP-1 for each iteration of your availability zones and then you get the same named EIPs for each of them.

And I guess you'll get six of them, which will raise another problem, as the soft limit for EIPs per account is five.

Or, if you are using a region with more than three AZ you'll get even more EIPs

Yep, I didn’t realize those were nested - completely unintended. Was looking too far down in my code.

As I wrote in my problem-thread below, I have a rather similar setup. I suggest you skip the inner loop and just create one EIP/NATGW per AZ, this way you have no cross-az-traffic for reaching the NATGW

I iterate over the AZ and:
• create a private subnet
• create a public subnet
• allocate an EIP
• create a NATGW with this EIP
• create a routing table and associate it with the private network
• add a default route pointing to the NATGW

Outside this loop I have an Internet Gateway and an additional routing table which I associate the public subnets to, as they can have one global rt whereas the private-rt's in my setup have to have their az-natgw