Is setting up a NAT supported (but undocumented) or do we need to manually launch instances(s) via the normal ec2 module to act as a NAT for private sub-domains?
*subnets. Yes, that’s right. the ec2_vpc module doesn’t do NAT related things. you’ll have to launch another EC2 instance for that.
take a look here: https://github.com/dfederlein/ansible-aws/blob/master/vpc/ec2_vpc.yml
it requires having the aws cli tools set up on your local host.