Hello William
NAT, by default on most modern Cisco platforms, is VRF-aware. This means that NAT is able to translate between local addresses in multiple VRFs and global address spaces. When this is done, you must specify VRF that your particular NAT translation is taking place in. Because IP addresses of the inside hosts may overlap with each other, when they are translated using VRF-aware NAT, communication between these hosts can take place because overlapped inside IP addresses are translated to globally unique addresses. That describes how NAT operates simply with the vrf keyword.
Now what match-in-vrf does is it extends VRF-aware NAT by supporting intra-VPN NAT, which means NAT translations can take place between two hosts within the same VRF instance. So essentially, when you use the match-in-vrf keyword, you are translating between two address spaces within the same VRF.
Based on what you described in your post, you want to NAT translate between two different VRFs, therefore you won’t need the match-in-vrf keyword.
More info about this feature can be found here:
Note also that all NAT commands that support VRF support the match-in-vrf keyword. Because NAT outside rules such as the ip nat outside source command support the match-in-VRF functionality by default, the match-in-vrf keyword is not supported by NAT outside rules.
I hope this has been helpful!
Laz