diff --git a/locals.tf b/locals.tf
index e3127da..7ec7314 100644
--- a/locals.tf
+++ b/locals.tf
@@ -4,4 +4,6 @@ locals {
   private_cidrs = tomap({
     for i, zone in var.private_subnet_zones : zone => cidrsubnet(var.vpc_cidr, 3, length(local.public_cidrs) + i)
   })
+
+  create_private_subnets = length(var.private_subnet_zones) > 0
 }
diff --git a/main.tf b/main.tf
index c78fbce..48f0919 100644
--- a/main.tf
+++ b/main.tf
@@ -58,7 +58,7 @@ resource "aws_internet_gateway" "igw" {
 }
 
 resource "aws_nat_gateway" "nat_gw" {
-  for_each      = aws_subnet.public
+  for_each      = local.create_private_subnets ? aws_subnet.public : {}
   allocation_id = aws_eip.elastic_ips[each.key].id
   subnet_id     = each.value.id
   tags = {
@@ -87,14 +87,13 @@ resource "aws_route_table_association" "private" {
   route_table_id = aws_route_table.private[each.key].id
 }
 
-resource "aws_route_table_association" "utility" {
+resource "aws_route_table_association" "public" {
   for_each       = aws_subnet.public
   subnet_id      = each.value.id
   route_table_id = aws_route_table.public.id
 }
 
-resource "aws_route" "igw_route_private" {
-  count                  = length(local.private_cidrs) > 0 ? 1 : 0
+resource "aws_route" "igw_route" {
   route_table_id         = aws_route_table.public.id
   destination_cidr_block = "0.0.0.0/0"
   gateway_id             = aws_internet_gateway.igw.id