Docs
Packagesgcp.compute.RouterNat
Explore with Pulumi AI
A NAT service created in a router.
To get more information about RouterNat, see:
- API documentation
- How-to Guides
Example Usage
Router Nat Basic
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var net = new Gcp.Compute.Network("net");
var subnet = new Gcp.Compute.Subnetwork("subnet", new()
{
Network = net.Id,
IpCidrRange = "10.0.0.0/16",
Region = "us-central1",
});
var router = new Gcp.Compute.Router("router", new()
{
Region = subnet.Region,
Network = net.Id,
Bgp = new Gcp.Compute.Inputs.RouterBgpArgs
{
Asn = 64514,
},
});
var nat = new Gcp.Compute.RouterNat("nat", new()
{
Router = router.Name,
Region = router.Region,
NatIpAllocateOption = "AUTO_ONLY",
SourceSubnetworkIpRangesToNat = "ALL_SUBNETWORKS_ALL_IP_RANGES",
LogConfig = new Gcp.Compute.Inputs.RouterNatLogConfigArgs
{
Enable = true,
Filter = "ERRORS_ONLY",
},
});
});
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
net, err := compute.NewNetwork(ctx, "net", nil)
if err != nil {
return err
}
subnet, err := compute.NewSubnetwork(ctx, "subnet", &compute.SubnetworkArgs{
Network: net.ID(),
IpCidrRange: pulumi.String("10.0.0.0/16"),
Region: pulumi.String("us-central1"),
})
if err != nil {
return err
}
router, err := compute.NewRouter(ctx, "router", &compute.RouterArgs{
Region: subnet.Region,
Network: net.ID(),
Bgp: &compute.RouterBgpArgs{
Asn: pulumi.Int(64514),
},
})
if err != nil {
return err
}
_, err = compute.NewRouterNat(ctx, "nat", &compute.RouterNatArgs{
Router: router.Name,
Region: router.Region,
NatIpAllocateOption: pulumi.String("AUTO_ONLY"),
SourceSubnetworkIpRangesToNat: pulumi.String("ALL_SUBNETWORKS_ALL_IP_RANGES"),
LogConfig: &compute.RouterNatLogConfigArgs{
Enable: pulumi.Bool(true),
Filter: pulumi.String("ERRORS_ONLY"),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Router;
import com.pulumi.gcp.compute.RouterArgs;
import com.pulumi.gcp.compute.inputs.RouterBgpArgs;
import com.pulumi.gcp.compute.RouterNat;
import com.pulumi.gcp.compute.RouterNatArgs;
import com.pulumi.gcp.compute.inputs.RouterNatLogConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var net = new Network("net");
var subnet = new Subnetwork("subnet", SubnetworkArgs.builder()
.network(net.id())
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.build());
var router = new Router("router", RouterArgs.builder()
.region(subnet.region())
.network(net.id())
.bgp(RouterBgpArgs.builder()
.asn(64514)
.build())
.build());
var nat = new RouterNat("nat", RouterNatArgs.builder()
.router(router.name())
.region(router.region())
.natIpAllocateOption("AUTO_ONLY")
.sourceSubnetworkIpRangesToNat("ALL_SUBNETWORKS_ALL_IP_RANGES")
.logConfig(RouterNatLogConfigArgs.builder()
.enable(true)
.filter("ERRORS_ONLY")
.build())
.build());
}
}
import pulumi
import pulumi_gcp as gcp
net = gcp.compute.Network("net")
subnet = gcp.compute.Subnetwork("subnet",
network=net.id,
ip_cidr_range="10.0.0.0/16",
region="us-central1")
router = gcp.compute.Router("router",
region=subnet.region,
network=net.id,
bgp=gcp.compute.RouterBgpArgs(
asn=64514,
))
nat = gcp.compute.RouterNat("nat",
router=router.name,
region=router.region,
nat_ip_allocate_option="AUTO_ONLY",
source_subnetwork_ip_ranges_to_nat="ALL_SUBNETWORKS_ALL_IP_RANGES",
log_config=gcp.compute.RouterNatLogConfigArgs(
enable=True,
filter="ERRORS_ONLY",
))
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const net = new gcp.compute.Network("net", {});
const subnet = new gcp.compute.Subnetwork("subnet", {
network: net.id,
ipCidrRange: "10.0.0.0/16",
region: "us-central1",
});
const router = new gcp.compute.Router("router", {
region: subnet.region,
network: net.id,
bgp: {
asn: 64514,
},
});
const nat = new gcp.compute.RouterNat("nat", {
router: router.name,
region: router.region,
natIpAllocateOption: "AUTO_ONLY",
sourceSubnetworkIpRangesToNat: "ALL_SUBNETWORKS_ALL_IP_RANGES",
logConfig: {
enable: true,
filter: "ERRORS_ONLY",
},
});
resources:
net:
type: gcp:compute:Network
subnet:
type: gcp:compute:Subnetwork
properties:
network: ${net.id}
ipCidrRange: 10.0.0.0/16
region: us-central1
router:
type: gcp:compute:Router
properties:
region: ${subnet.region}
network: ${net.id}
bgp:
asn: 64514
nat:
type: gcp:compute:RouterNat
properties:
router: ${router.name}
region: ${router.region}
natIpAllocateOption: AUTO_ONLY
sourceSubnetworkIpRangesToNat: ALL_SUBNETWORKS_ALL_IP_RANGES
logConfig:
enable: true
filter: ERRORS_ONLY
Router Nat Manual Ips
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var net = new Gcp.Compute.Network("net");
var subnet = new Gcp.Compute.Subnetwork("subnet", new()
{
Network = net.Id,
IpCidrRange = "10.0.0.0/16",
Region = "us-central1",
});
var router = new Gcp.Compute.Router("router", new()
{
Region = subnet.Region,
Network = net.Id,
});
var address = new List<Gcp.Compute.Address>();
for (var rangeIndex = 0; rangeIndex < 2; rangeIndex++)
{
var range = new { Value = rangeIndex };
address.Add(new Gcp.Compute.Address($"address-{range.Value}", new()
{
Region = subnet.Region,
}));
}
var natManual = new Gcp.Compute.RouterNat("natManual", new()
{
Router = router.Name,
Region = router.Region,
NatIpAllocateOption = "MANUAL_ONLY",
NatIps = address.Select(__item => __item.SelfLink).ToList(),
SourceSubnetworkIpRangesToNat = "LIST_OF_SUBNETWORKS",
Subnetworks = new[]
{
new Gcp.Compute.Inputs.RouterNatSubnetworkArgs
{
Name = subnet.Id,
SourceIpRangesToNats = new[]
{
"ALL_IP_RANGES",
},
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
net, err := compute.NewNetwork(ctx, "net", nil)
if err != nil {
return err
}
subnet, err := compute.NewSubnetwork(ctx, "subnet", &compute.SubnetworkArgs{
Network: net.ID(),
IpCidrRange: pulumi.String("10.0.0.0/16"),
Region: pulumi.String("us-central1"),
})
if err != nil {
return err
}
router, err := compute.NewRouter(ctx, "router", &compute.RouterArgs{
Region: subnet.Region,
Network: net.ID(),
})
if err != nil {
return err
}
var address []*compute.Address
for index := 0; index < 2; index++ {
key0 := index
_ := index
__res, err := compute.NewAddress(ctx, fmt.Sprintf("address-%v", key0), &compute.AddressArgs{
Region: subnet.Region,
})
if err != nil {
return err
}
address = append(address, __res)
}
var splat0 pulumi.StringArray
for _, val0 := range address {
splat0 = append(splat0, val0.SelfLink)
}
_, err = compute.NewRouterNat(ctx, "natManual", &compute.RouterNatArgs{
Router: router.Name,
Region: router.Region,
NatIpAllocateOption: pulumi.String("MANUAL_ONLY"),
NatIps: splat0,
SourceSubnetworkIpRangesToNat: pulumi.String("LIST_OF_SUBNETWORKS"),
Subnetworks: compute.RouterNatSubnetworkArray{
&compute.RouterNatSubnetworkArgs{
Name: subnet.ID(),
SourceIpRangesToNats: pulumi.StringArray{
pulumi.String("ALL_IP_RANGES"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Router;
import com.pulumi.gcp.compute.RouterArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.RouterNat;
import com.pulumi.gcp.compute.RouterNatArgs;
import com.pulumi.gcp.compute.inputs.RouterNatSubnetworkArgs;
import com.pulumi.codegen.internal.KeyedValue;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var net = new Network("net");
var subnet = new Subnetwork("subnet", SubnetworkArgs.builder()
.network(net.id())
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.build());
var router = new Router("router", RouterArgs.builder()
.region(subnet.region())
.network(net.id())
.build());
for (var i = 0; i < 2; i++) {
new Address("address-" + i, AddressArgs.builder()
.region(subnet.region())
.build());
}
var natManual = new RouterNat("natManual", RouterNatArgs.builder()
.router(router.name())
.region(router.region())
.natIpAllocateOption("MANUAL_ONLY")
.natIps(address.stream().map(element -> element.selfLink()).collect(toList()))
.sourceSubnetworkIpRangesToNat("LIST_OF_SUBNETWORKS")
.subnetworks(RouterNatSubnetworkArgs.builder()
.name(subnet.id())
.sourceIpRangesToNats("ALL_IP_RANGES")
.build())
.build());
}
}
import pulumi
import pulumi_gcp as gcp
net = gcp.compute.Network("net")
subnet = gcp.compute.Subnetwork("subnet",
network=net.id,
ip_cidr_range="10.0.0.0/16",
region="us-central1")
router = gcp.compute.Router("router",
region=subnet.region,
network=net.id)
address = []
for range in [{"value": i} for i in range(0, 2)]:
address.append(gcp.compute.Address(f"address-{range['value']}", region=subnet.region))
nat_manual = gcp.compute.RouterNat("natManual",
router=router.name,
region=router.region,
nat_ip_allocate_option="MANUAL_ONLY",
nat_ips=[__item.self_link for __item in address],
source_subnetwork_ip_ranges_to_nat="LIST_OF_SUBNETWORKS",
subnetworks=[gcp.compute.RouterNatSubnetworkArgs(
name=subnet.id,
source_ip_ranges_to_nats=["ALL_IP_RANGES"],
)])
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const net = new gcp.compute.Network("net", {});
const subnet = new gcp.compute.Subnetwork("subnet", {
network: net.id,
ipCidrRange: "10.0.0.0/16",
region: "us-central1",
});
const router = new gcp.compute.Router("router", {
region: subnet.region,
network: net.id,
});
const address: gcp.compute.Address[] = [];
for (const range = {value: 0}; range.value < 2; range.value++) {
address.push(new gcp.compute.Address(`address-${range.value}`, {region: subnet.region}));
}
const natManual = new gcp.compute.RouterNat("natManual", {
router: router.name,
region: router.region,
natIpAllocateOption: "MANUAL_ONLY",
natIps: address.map(__item => __item.selfLink),
sourceSubnetworkIpRangesToNat: "LIST_OF_SUBNETWORKS",
subnetworks: [{
name: subnet.id,
sourceIpRangesToNats: ["ALL_IP_RANGES"],
}],
});
Coming soon!
Router Nat Rules
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var net = new Gcp.Compute.Network("net", new()
{
AutoCreateSubnetworks = false,
});
var subnet = new Gcp.Compute.Subnetwork("subnet", new()
{
Network = net.Id,
IpCidrRange = "10.0.0.0/16",
Region = "us-central1",
});
var router = new Gcp.Compute.Router("router", new()
{
Region = subnet.Region,
Network = net.Id,
});
var addr1 = new Gcp.Compute.Address("addr1", new()
{
Region = subnet.Region,
});
var addr2 = new Gcp.Compute.Address("addr2", new()
{
Region = subnet.Region,
});
var addr3 = new Gcp.Compute.Address("addr3", new()
{
Region = subnet.Region,
});
var natRules = new Gcp.Compute.RouterNat("natRules", new()
{
Router = router.Name,
Region = router.Region,
NatIpAllocateOption = "MANUAL_ONLY",
NatIps = new[]
{
addr1.SelfLink,
},
SourceSubnetworkIpRangesToNat = "LIST_OF_SUBNETWORKS",
Subnetworks = new[]
{
new Gcp.Compute.Inputs.RouterNatSubnetworkArgs
{
Name = subnet.Id,
SourceIpRangesToNats = new[]
{
"ALL_IP_RANGES",
},
},
},
Rules = new[]
{
new Gcp.Compute.Inputs.RouterNatRuleArgs
{
RuleNumber = 100,
Description = "nat rules example",
Match = "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')",
Action = new Gcp.Compute.Inputs.RouterNatRuleActionArgs
{
SourceNatActiveIps = new[]
{
addr2.SelfLink,
addr3.SelfLink,
},
},
},
},
EnableEndpointIndependentMapping = false,
});
});
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
net, err := compute.NewNetwork(ctx, "net", &compute.NetworkArgs{
AutoCreateSubnetworks: pulumi.Bool(false),
})
if err != nil {
return err
}
subnet, err := compute.NewSubnetwork(ctx, "subnet", &compute.SubnetworkArgs{
Network: net.ID(),
IpCidrRange: pulumi.String("10.0.0.0/16"),
Region: pulumi.String("us-central1"),
})
if err != nil {
return err
}
router, err := compute.NewRouter(ctx, "router", &compute.RouterArgs{
Region: subnet.Region,
Network: net.ID(),
})
if err != nil {
return err
}
addr1, err := compute.NewAddress(ctx, "addr1", &compute.AddressArgs{
Region: subnet.Region,
})
if err != nil {
return err
}
addr2, err := compute.NewAddress(ctx, "addr2", &compute.AddressArgs{
Region: subnet.Region,
})
if err != nil {
return err
}
addr3, err := compute.NewAddress(ctx, "addr3", &compute.AddressArgs{
Region: subnet.Region,
})
if err != nil {
return err
}
_, err = compute.NewRouterNat(ctx, "natRules", &compute.RouterNatArgs{
Router: router.Name,
Region: router.Region,
NatIpAllocateOption: pulumi.String("MANUAL_ONLY"),
NatIps: pulumi.StringArray{
addr1.SelfLink,
},
SourceSubnetworkIpRangesToNat: pulumi.String("LIST_OF_SUBNETWORKS"),
Subnetworks: compute.RouterNatSubnetworkArray{
&compute.RouterNatSubnetworkArgs{
Name: subnet.ID(),
SourceIpRangesToNats: pulumi.StringArray{
pulumi.String("ALL_IP_RANGES"),
},
},
},
Rules: compute.RouterNatRuleArray{
&compute.RouterNatRuleArgs{
RuleNumber: pulumi.Int(100),
Description: pulumi.String("nat rules example"),
Match: pulumi.String("inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')"),
Action: &compute.RouterNatRuleActionArgs{
SourceNatActiveIps: pulumi.StringArray{
addr2.SelfLink,
addr3.SelfLink,
},
},
},
},
EnableEndpointIndependentMapping: pulumi.Bool(false),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Router;
import com.pulumi.gcp.compute.RouterArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.RouterNat;
import com.pulumi.gcp.compute.RouterNatArgs;
import com.pulumi.gcp.compute.inputs.RouterNatSubnetworkArgs;
import com.pulumi.gcp.compute.inputs.RouterNatRuleArgs;
import com.pulumi.gcp.compute.inputs.RouterNatRuleActionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var net = new Network("net", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var subnet = new Subnetwork("subnet", SubnetworkArgs.builder()
.network(net.id())
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.build());
var router = new Router("router", RouterArgs.builder()
.region(subnet.region())
.network(net.id())
.build());
var addr1 = new Address("addr1", AddressArgs.builder()
.region(subnet.region())
.build());
var addr2 = new Address("addr2", AddressArgs.builder()
.region(subnet.region())
.build());
var addr3 = new Address("addr3", AddressArgs.builder()
.region(subnet.region())
.build());
var natRules = new RouterNat("natRules", RouterNatArgs.builder()
.router(router.name())
.region(router.region())
.natIpAllocateOption("MANUAL_ONLY")
.natIps(addr1.selfLink())
.sourceSubnetworkIpRangesToNat("LIST_OF_SUBNETWORKS")
.subnetworks(RouterNatSubnetworkArgs.builder()
.name(subnet.id())
.sourceIpRangesToNats("ALL_IP_RANGES")
.build())
.rules(RouterNatRuleArgs.builder()
.ruleNumber(100)
.description("nat rules example")
.match("inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')")
.action(RouterNatRuleActionArgs.builder()
.sourceNatActiveIps(
addr2.selfLink(),
addr3.selfLink())
.build())
.build())
.enableEndpointIndependentMapping(false)
.build());
}
}
import pulumi
import pulumi_gcp as gcp
net = gcp.compute.Network("net", auto_create_subnetworks=False)
subnet = gcp.compute.Subnetwork("subnet",
network=net.id,
ip_cidr_range="10.0.0.0/16",
region="us-central1")
router = gcp.compute.Router("router",
region=subnet.region,
network=net.id)
addr1 = gcp.compute.Address("addr1", region=subnet.region)
addr2 = gcp.compute.Address("addr2", region=subnet.region)
addr3 = gcp.compute.Address("addr3", region=subnet.region)
nat_rules = gcp.compute.RouterNat("natRules",
router=router.name,
region=router.region,
nat_ip_allocate_option="MANUAL_ONLY",
nat_ips=[addr1.self_link],
source_subnetwork_ip_ranges_to_nat="LIST_OF_SUBNETWORKS",
subnetworks=[gcp.compute.RouterNatSubnetworkArgs(
name=subnet.id,
source_ip_ranges_to_nats=["ALL_IP_RANGES"],
)],
rules=[gcp.compute.RouterNatRuleArgs(
rule_number=100,
description="nat rules example",
match="inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')",
action=gcp.compute.RouterNatRuleActionArgs(
source_nat_active_ips=[
addr2.self_link,
addr3.self_link,
],
),
)],
enable_endpoint_independent_mapping=False)
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const net = new gcp.compute.Network("net", {autoCreateSubnetworks: false});
const subnet = new gcp.compute.Subnetwork("subnet", {
network: net.id,
ipCidrRange: "10.0.0.0/16",
region: "us-central1",
});
const router = new gcp.compute.Router("router", {
region: subnet.region,
network: net.id,
});
const addr1 = new gcp.compute.Address("addr1", {region: subnet.region});
const addr2 = new gcp.compute.Address("addr2", {region: subnet.region});
const addr3 = new gcp.compute.Address("addr3", {region: subnet.region});
const natRules = new gcp.compute.RouterNat("natRules", {
router: router.name,
region: router.region,
natIpAllocateOption: "MANUAL_ONLY",
natIps: [addr1.selfLink],
sourceSubnetworkIpRangesToNat: "LIST_OF_SUBNETWORKS",
subnetworks: [{
name: subnet.id,
sourceIpRangesToNats: ["ALL_IP_RANGES"],
}],
rules: [{
ruleNumber: 100,
description: "nat rules example",
match: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')",
action: {
sourceNatActiveIps: [
addr2.selfLink,
addr3.selfLink,
],
},
}],
enableEndpointIndependentMapping: false,
});
resources:
net:
type: gcp:compute:Network
properties:
autoCreateSubnetworks: false
subnet:
type: gcp:compute:Subnetwork
properties:
network: ${net.id}
ipCidrRange: 10.0.0.0/16
region: us-central1
router:
type: gcp:compute:Router
properties:
region: ${subnet.region}
network: ${net.id}
addr1:
type: gcp:compute:Address
properties:
region: ${subnet.region}
addr2:
type: gcp:compute:Address
properties:
region: ${subnet.region}
addr3:
type: gcp:compute:Address
properties:
region: ${subnet.region}
natRules:
type: gcp:compute:RouterNat
properties:
router: ${router.name}
region: ${router.region}
natIpAllocateOption: MANUAL_ONLY
natIps:
- ${addr1.selfLink}
sourceSubnetworkIpRangesToNat: LIST_OF_SUBNETWORKS
subnetworks:
- name: ${subnet.id}
sourceIpRangesToNats:
- ALL_IP_RANGES
rules:
- ruleNumber: 100
description: nat rules example
match: inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')
action:
sourceNatActiveIps:
- ${addr2.selfLink}
- ${addr3.selfLink}
enableEndpointIndependentMapping: false
Router Nat Private
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var net = new Gcp.Compute.Network("net", new()
{
}, new CustomResourceOptions
{
Provider = google_beta,
});
var subnet = new Gcp.Compute.Subnetwork("subnet", new()
{
Network = net.Id,
IpCidrRange = "10.0.0.0/16",
Region = "us-central1",
Purpose = "PRIVATE_NAT",
}, new CustomResourceOptions
{
Provider = google_beta,
});
var router = new Gcp.Compute.Router("router", new()
{
Region = subnet.Region,
Network = net.Id,
}, new CustomResourceOptions
{
Provider = google_beta,
});
var hub = new Gcp.NetworkConnectivity.Hub("hub", new()
{
Description = "vpc hub for inter vpc nat",
}, new CustomResourceOptions
{
Provider = google_beta,
});
var spoke = new Gcp.NetworkConnectivity.Spoke("spoke", new()
{
Location = "global",
Description = "vpc spoke for inter vpc nat",
Hub = hub.Id,
LinkedVpcNetwork = new Gcp.NetworkConnectivity.Inputs.SpokeLinkedVpcNetworkArgs
{
ExcludeExportRanges = new[]
{
"198.51.100.0/24",
"10.10.0.0/16",
},
Uri = net.SelfLink,
},
}, new CustomResourceOptions
{
Provider = google_beta,
});
var natType = new Gcp.Compute.RouterNat("natType", new()
{
Router = router.Name,
Region = router.Region,
SourceSubnetworkIpRangesToNat = "LIST_OF_SUBNETWORKS",
EnableDynamicPortAllocation = false,
EnableEndpointIndependentMapping = false,
MinPortsPerVm = 32,
Type = "PRIVATE",
Subnetworks = new[]
{
new Gcp.Compute.Inputs.RouterNatSubnetworkArgs
{
Name = subnet.Id,
SourceIpRangesToNats = new[]
{
"ALL_IP_RANGES",
},
},
},
Rules = new[]
{
new Gcp.Compute.Inputs.RouterNatRuleArgs
{
RuleNumber = 100,
Description = "rule for private nat",
Match = "nexthop.hub == \"//networkconnectivity.googleapis.com/projects/acm-test-proj-123/locations/global/hubs/my-hub\"",
Action = new Gcp.Compute.Inputs.RouterNatRuleActionArgs
{
SourceNatActiveRanges = new[]
{
subnet.SelfLink,
},
},
},
},
}, new CustomResourceOptions
{
Provider = google_beta,
});
});
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networkconnectivity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
net, err := compute.NewNetwork(ctx, "net", nil, pulumi.Provider(google_beta))
if err != nil {
return err
}
subnet, err := compute.NewSubnetwork(ctx, "subnet", &compute.SubnetworkArgs{
Network: net.ID(),
IpCidrRange: pulumi.String("10.0.0.0/16"),
Region: pulumi.String("us-central1"),
Purpose: pulumi.String("PRIVATE_NAT"),
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
router, err := compute.NewRouter(ctx, "router", &compute.RouterArgs{
Region: subnet.Region,
Network: net.ID(),
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
hub, err := networkconnectivity.NewHub(ctx, "hub", &networkconnectivity.HubArgs{
Description: pulumi.String("vpc hub for inter vpc nat"),
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
_, err = networkconnectivity.NewSpoke(ctx, "spoke", &networkconnectivity.SpokeArgs{
Location: pulumi.String("global"),
Description: pulumi.String("vpc spoke for inter vpc nat"),
Hub: hub.ID(),
LinkedVpcNetwork: &networkconnectivity.SpokeLinkedVpcNetworkArgs{
ExcludeExportRanges: pulumi.StringArray{
pulumi.String("198.51.100.0/24"),
pulumi.String("10.10.0.0/16"),
},
Uri: net.SelfLink,
},
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
_, err = compute.NewRouterNat(ctx, "natType", &compute.RouterNatArgs{
Router: router.Name,
Region: router.Region,
SourceSubnetworkIpRangesToNat: pulumi.String("LIST_OF_SUBNETWORKS"),
EnableDynamicPortAllocation: pulumi.Bool(false),
EnableEndpointIndependentMapping: pulumi.Bool(false),
MinPortsPerVm: pulumi.Int(32),
Type: pulumi.String("PRIVATE"),
Subnetworks: compute.RouterNatSubnetworkArray{
&compute.RouterNatSubnetworkArgs{
Name: subnet.ID(),
SourceIpRangesToNats: pulumi.StringArray{
pulumi.String("ALL_IP_RANGES"),
},
},
},
Rules: compute.RouterNatRuleArray{
&compute.RouterNatRuleArgs{
RuleNumber: pulumi.Int(100),
Description: pulumi.String("rule for private nat"),
Match: pulumi.String("nexthop.hub == \"//networkconnectivity.googleapis.com/projects/acm-test-proj-123/locations/global/hubs/my-hub\""),
Action: &compute.RouterNatRuleActionArgs{
SourceNatActiveRanges: pulumi.StringArray{
subnet.SelfLink,
},
},
},
},
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Router;
import com.pulumi.gcp.compute.RouterArgs;
import com.pulumi.gcp.networkconnectivity.Hub;
import com.pulumi.gcp.networkconnectivity.HubArgs;
import com.pulumi.gcp.networkconnectivity.Spoke;
import com.pulumi.gcp.networkconnectivity.SpokeArgs;
import com.pulumi.gcp.networkconnectivity.inputs.SpokeLinkedVpcNetworkArgs;
import com.pulumi.gcp.compute.RouterNat;
import com.pulumi.gcp.compute.RouterNatArgs;
import com.pulumi.gcp.compute.inputs.RouterNatSubnetworkArgs;
import com.pulumi.gcp.compute.inputs.RouterNatRuleArgs;
import com.pulumi.gcp.compute.inputs.RouterNatRuleActionArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var net = new Network("net", NetworkArgs.Empty, CustomResourceOptions.builder()
.provider(google_beta)
.build());
var subnet = new Subnetwork("subnet", SubnetworkArgs.builder()
.network(net.id())
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.purpose("PRIVATE_NAT")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var router = new Router("router", RouterArgs.builder()
.region(subnet.region())
.network(net.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var hub = new Hub("hub", HubArgs.builder()
.description("vpc hub for inter vpc nat")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var spoke = new Spoke("spoke", SpokeArgs.builder()
.location("global")
.description("vpc spoke for inter vpc nat")
.hub(hub.id())
.linkedVpcNetwork(SpokeLinkedVpcNetworkArgs.builder()
.excludeExportRanges(
"198.51.100.0/24",
"10.10.0.0/16")
.uri(net.selfLink())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var natType = new RouterNat("natType", RouterNatArgs.builder()
.router(router.name())
.region(router.region())
.sourceSubnetworkIpRangesToNat("LIST_OF_SUBNETWORKS")
.enableDynamicPortAllocation(false)
.enableEndpointIndependentMapping(false)
.minPortsPerVm(32)
.type("PRIVATE")
.subnetworks(RouterNatSubnetworkArgs.builder()
.name(subnet.id())
.sourceIpRangesToNats("ALL_IP_RANGES")
.build())
.rules(RouterNatRuleArgs.builder()
.ruleNumber(100)
.description("rule for private nat")
.match("nexthop.hub == \"//networkconnectivity.googleapis.com/projects/acm-test-proj-123/locations/global/hubs/my-hub\"")
.action(RouterNatRuleActionArgs.builder()
.sourceNatActiveRanges(subnet.selfLink())
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
import pulumi
import pulumi_gcp as gcp
net = gcp.compute.Network("net", opts=pulumi.ResourceOptions(provider=google_beta))
subnet = gcp.compute.Subnetwork("subnet",
network=net.id,
ip_cidr_range="10.0.0.0/16",
region="us-central1",
purpose="PRIVATE_NAT",
opts=pulumi.ResourceOptions(provider=google_beta))
router = gcp.compute.Router("router",
region=subnet.region,
network=net.id,
opts=pulumi.ResourceOptions(provider=google_beta))
hub = gcp.networkconnectivity.Hub("hub", description="vpc hub for inter vpc nat",
opts=pulumi.ResourceOptions(provider=google_beta))
spoke = gcp.networkconnectivity.Spoke("spoke",
location="global",
description="vpc spoke for inter vpc nat",
hub=hub.id,
linked_vpc_network=gcp.networkconnectivity.SpokeLinkedVpcNetworkArgs(
exclude_export_ranges=[
"198.51.100.0/24",
"10.10.0.0/16",
],
uri=net.self_link,
),
opts=pulumi.ResourceOptions(provider=google_beta))
nat_type = gcp.compute.RouterNat("natType",
router=router.name,
region=router.region,
source_subnetwork_ip_ranges_to_nat="LIST_OF_SUBNETWORKS",
enable_dynamic_port_allocation=False,
enable_endpoint_independent_mapping=False,
min_ports_per_vm=32,
type="PRIVATE",
subnetworks=[gcp.compute.RouterNatSubnetworkArgs(
name=subnet.id,
source_ip_ranges_to_nats=["ALL_IP_RANGES"],
)],
rules=[gcp.compute.RouterNatRuleArgs(
rule_number=100,
description="rule for private nat",
match="nexthop.hub == \"//networkconnectivity.googleapis.com/projects/acm-test-proj-123/locations/global/hubs/my-hub\"",
action=gcp.compute.RouterNatRuleActionArgs(
source_nat_active_ranges=[subnet.self_link],
),
)],
opts=pulumi.ResourceOptions(provider=google_beta))
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const net = new gcp.compute.Network("net", {}, {
provider: google_beta,
});
const subnet = new gcp.compute.Subnetwork("subnet", {
network: net.id,
ipCidrRange: "10.0.0.0/16",
region: "us-central1",
purpose: "PRIVATE_NAT",
}, {
provider: google_beta,
});
const router = new gcp.compute.Router("router", {
region: subnet.region,
network: net.id,
}, {
provider: google_beta,
});
const hub = new gcp.networkconnectivity.Hub("hub", {description: "vpc hub for inter vpc nat"}, {
provider: google_beta,
});
const spoke = new gcp.networkconnectivity.Spoke("spoke", {
location: "global",
description: "vpc spoke for inter vpc nat",
hub: hub.id,
linkedVpcNetwork: {
excludeExportRanges: [
"198.51.100.0/24",
"10.10.0.0/16",
],
uri: net.selfLink,
},
}, {
provider: google_beta,
});
const natType = new gcp.compute.RouterNat("natType", {
router: router.name,
region: router.region,
sourceSubnetworkIpRangesToNat: "LIST_OF_SUBNETWORKS",
enableDynamicPortAllocation: false,
enableEndpointIndependentMapping: false,
minPortsPerVm: 32,
type: "PRIVATE",
subnetworks: [{
name: subnet.id,
sourceIpRangesToNats: ["ALL_IP_RANGES"],
}],
rules: [{
ruleNumber: 100,
description: "rule for private nat",
match: "nexthop.hub == \"//networkconnectivity.googleapis.com/projects/acm-test-proj-123/locations/global/hubs/my-hub\"",
action: {
sourceNatActiveRanges: [subnet.selfLink],
},
}],
}, {
provider: google_beta,
});
resources:
net:
type: gcp:compute:Network
options:
provider: ${["google-beta"]}
subnet:
type: gcp:compute:Subnetwork
properties:
network: ${net.id}
ipCidrRange: 10.0.0.0/16
region: us-central1
purpose: PRIVATE_NAT
options:
provider: ${["google-beta"]}
router:
type: gcp:compute:Router
properties:
region: ${subnet.region}
network: ${net.id}
options:
provider: ${["google-beta"]}
hub:
type: gcp:networkconnectivity:Hub
properties:
description: vpc hub for inter vpc nat
options:
provider: ${["google-beta"]}
spoke:
type: gcp:networkconnectivity:Spoke
properties:
location: global
description: vpc spoke for inter vpc nat
hub: ${hub.id}
linkedVpcNetwork:
excludeExportRanges:
- 198.51.100.0/24
- 10.10.0.0/16
uri: ${net.selfLink}
options:
provider: ${["google-beta"]}
natType:
type: gcp:compute:RouterNat
properties:
router: ${router.name}
region: ${router.region}
sourceSubnetworkIpRangesToNat: LIST_OF_SUBNETWORKS
enableDynamicPortAllocation: false
enableEndpointIndependentMapping: false
minPortsPerVm: 32
type: PRIVATE
subnetworks:
- name: ${subnet.id}
sourceIpRangesToNats:
- ALL_IP_RANGES
rules:
- ruleNumber: 100
description: rule for private nat
match: nexthop.hub == "//networkconnectivity.googleapis.com/projects/acm-test-proj-123/locations/global/hubs/my-hub"
action:
sourceNatActiveRanges:
- ${subnet.selfLink}
options:
provider: ${["google-beta"]}
Create RouterNat Resource
new RouterNat(name: string, args: RouterNatArgs, opts?: CustomResourceOptions);@overload
def RouterNat(resource_name: str,
opts: Optional[ResourceOptions] = None,
drain_nat_ips: Optional[Sequence[str]] = None,
enable_dynamic_port_allocation: Optional[bool] = None,
enable_endpoint_independent_mapping: Optional[bool] = None,
icmp_idle_timeout_sec: Optional[int] = None,
log_config: Optional[RouterNatLogConfigArgs] = None,
max_ports_per_vm: Optional[int] = None,
min_ports_per_vm: Optional[int] = None,
name: Optional[str] = None,
nat_ip_allocate_option: Optional[str] = None,
nat_ips: Optional[Sequence[str]] = None,
project: Optional[str] = None,
region: Optional[str] = None,
router: Optional[str] = None,
rules: Optional[Sequence[RouterNatRuleArgs]] = None,
source_subnetwork_ip_ranges_to_nat: Optional[str] = None,
subnetworks: Optional[Sequence[RouterNatSubnetworkArgs]] = None,
tcp_established_idle_timeout_sec: Optional[int] = None,
tcp_time_wait_timeout_sec: Optional[int] = None,
tcp_transitory_idle_timeout_sec: Optional[int] = None,
type: Optional[str] = None,
udp_idle_timeout_sec: Optional[int] = None)
@overload
def RouterNat(resource_name: str,
args: RouterNatArgs,
opts: Optional[ResourceOptions] = None)func NewRouterNat(ctx *Context, name string, args RouterNatArgs, opts ...ResourceOption) (*RouterNat, error)public RouterNat(string name, RouterNatArgs args, CustomResourceOptions? opts = null)
public RouterNat(String name, RouterNatArgs args)
public RouterNat(String name, RouterNatArgs args, CustomResourceOptions options)
type: gcp:compute:RouterNat
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RouterNatArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RouterNatArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RouterNatArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RouterNatArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RouterNatArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
RouterNat Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The RouterNat resource accepts the following input properties:
- Router string
The name of the Cloud Router in which this NAT will be configured.
- Source
Subnetwork stringIp Ranges To Nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- Drain
Nat List<string>Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- Enable
Dynamic boolPort Allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- Enable
Endpoint boolIndependent Mapping Enable endpoint independent mapping. For more information see the official documentation.
- Icmp
Idle intTimeout Sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- Log
Config RouterNat Log Config Configuration for logging on NAT Structure is documented below.
- Max
Ports intPer Vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- Min
Ports intPer Vm Minimum number of ports allocated to a VM from this NAT.
- Name string
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- Nat
Ip stringAllocate Option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- Nat
Ips List<string> Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- Project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Region string
Region where the router and NAT reside.
- Rules
List<Router
Nat Rule> A list of rules associated with this NAT. Structure is documented below.
- Subnetworks
List<Router
Nat Subnetwork> One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- Tcp
Established intIdle Timeout Sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- Tcp
Time intWait Timeout Sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- Tcp
Transitory intIdle Timeout Sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- Type string
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- Udp
Idle intTimeout Sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
- Router string
The name of the Cloud Router in which this NAT will be configured.
- Source
Subnetwork stringIp Ranges To Nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- Drain
Nat []stringIps A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- Enable
Dynamic boolPort Allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- Enable
Endpoint boolIndependent Mapping Enable endpoint independent mapping. For more information see the official documentation.
- Icmp
Idle intTimeout Sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- Log
Config RouterNat Log Config Args Configuration for logging on NAT Structure is documented below.
- Max
Ports intPer Vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- Min
Ports intPer Vm Minimum number of ports allocated to a VM from this NAT.
- Name string
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- Nat
Ip stringAllocate Option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- Nat
Ips []string Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- Project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Region string
Region where the router and NAT reside.
- Rules
[]Router
Nat Rule Args A list of rules associated with this NAT. Structure is documented below.
- Subnetworks
[]Router
Nat Subnetwork Args One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- Tcp
Established intIdle Timeout Sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- Tcp
Time intWait Timeout Sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- Tcp
Transitory intIdle Timeout Sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- Type string
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- Udp
Idle intTimeout Sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
- router String
The name of the Cloud Router in which this NAT will be configured.
- source
Subnetwork StringIp Ranges To Nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- drain
Nat List<String>Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- enable
Dynamic BooleanPort Allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- enable
Endpoint BooleanIndependent Mapping Enable endpoint independent mapping. For more information see the official documentation.
- icmp
Idle IntegerTimeout Sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- log
Config RouterNat Log Config Configuration for logging on NAT Structure is documented below.
- max
Ports IntegerPer Vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- min
Ports IntegerPer Vm Minimum number of ports allocated to a VM from this NAT.
- name String
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- nat
Ip StringAllocate Option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- nat
Ips List<String> Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- project String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region String
Region where the router and NAT reside.
- rules
List<Router
Nat Rule> A list of rules associated with this NAT. Structure is documented below.
- subnetworks
List<Router
Nat Subnetwork> One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- tcp
Established IntegerIdle Timeout Sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- tcp
Time IntegerWait Timeout Sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- tcp
Transitory IntegerIdle Timeout Sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- type String
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- udp
Idle IntegerTimeout Sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
- router string
The name of the Cloud Router in which this NAT will be configured.
- source
Subnetwork stringIp Ranges To Nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- drain
Nat string[]Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- enable
Dynamic booleanPort Allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- enable
Endpoint booleanIndependent Mapping Enable endpoint independent mapping. For more information see the official documentation.
- icmp
Idle numberTimeout Sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- log
Config RouterNat Log Config Configuration for logging on NAT Structure is documented below.
- max
Ports numberPer Vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- min
Ports numberPer Vm Minimum number of ports allocated to a VM from this NAT.
- name string
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- nat
Ip stringAllocate Option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- nat
Ips string[] Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region string
Region where the router and NAT reside.
- rules
Router
Nat Rule[] A list of rules associated with this NAT. Structure is documented below.
- subnetworks
Router
Nat Subnetwork[] One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- tcp
Established numberIdle Timeout Sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- tcp
Time numberWait Timeout Sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- tcp
Transitory numberIdle Timeout Sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- type string
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- udp
Idle numberTimeout Sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
- router str
The name of the Cloud Router in which this NAT will be configured.
- source_
subnetwork_ strip_ ranges_ to_ nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- drain_
nat_ Sequence[str]ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- enable_
dynamic_ boolport_ allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- enable_
endpoint_ boolindependent_ mapping Enable endpoint independent mapping. For more information see the official documentation.
- icmp_
idle_ inttimeout_ sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- log_
config RouterNat Log Config Args Configuration for logging on NAT Structure is documented below.
- max_
ports_ intper_ vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- min_
ports_ intper_ vm Minimum number of ports allocated to a VM from this NAT.
- name str
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- nat_
ip_ strallocate_ option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- nat_
ips Sequence[str] Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- project str
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region str
Region where the router and NAT reside.
- rules
Sequence[Router
Nat Rule Args] A list of rules associated with this NAT. Structure is documented below.
- subnetworks
Sequence[Router
Nat Subnetwork Args] One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- tcp_
established_ intidle_ timeout_ sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- tcp_
time_ intwait_ timeout_ sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- tcp_
transitory_ intidle_ timeout_ sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- type str
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- udp_
idle_ inttimeout_ sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
- router String
The name of the Cloud Router in which this NAT will be configured.
- source
Subnetwork StringIp Ranges To Nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- drain
Nat List<String>Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- enable
Dynamic BooleanPort Allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- enable
Endpoint BooleanIndependent Mapping Enable endpoint independent mapping. For more information see the official documentation.
- icmp
Idle NumberTimeout Sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- log
Config Property Map Configuration for logging on NAT Structure is documented below.
- max
Ports NumberPer Vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- min
Ports NumberPer Vm Minimum number of ports allocated to a VM from this NAT.
- name String
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- nat
Ip StringAllocate Option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- nat
Ips List<String> Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- project String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region String
Region where the router and NAT reside.
- rules List<Property Map>
A list of rules associated with this NAT. Structure is documented below.
- subnetworks List<Property Map>
One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- tcp
Established NumberIdle Timeout Sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- tcp
Time NumberWait Timeout Sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- tcp
Transitory NumberIdle Timeout Sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- type String
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- udp
Idle NumberTimeout Sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
Outputs
All input properties are implicitly available as output properties. Additionally, the RouterNat resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing RouterNat Resource
Get an existing RouterNat resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RouterNatState, opts?: CustomResourceOptions): RouterNat@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
drain_nat_ips: Optional[Sequence[str]] = None,
enable_dynamic_port_allocation: Optional[bool] = None,
enable_endpoint_independent_mapping: Optional[bool] = None,
icmp_idle_timeout_sec: Optional[int] = None,
log_config: Optional[RouterNatLogConfigArgs] = None,
max_ports_per_vm: Optional[int] = None,
min_ports_per_vm: Optional[int] = None,
name: Optional[str] = None,
nat_ip_allocate_option: Optional[str] = None,
nat_ips: Optional[Sequence[str]] = None,
project: Optional[str] = None,
region: Optional[str] = None,
router: Optional[str] = None,
rules: Optional[Sequence[RouterNatRuleArgs]] = None,
source_subnetwork_ip_ranges_to_nat: Optional[str] = None,
subnetworks: Optional[Sequence[RouterNatSubnetworkArgs]] = None,
tcp_established_idle_timeout_sec: Optional[int] = None,
tcp_time_wait_timeout_sec: Optional[int] = None,
tcp_transitory_idle_timeout_sec: Optional[int] = None,
type: Optional[str] = None,
udp_idle_timeout_sec: Optional[int] = None) -> RouterNatfunc GetRouterNat(ctx *Context, name string, id IDInput, state *RouterNatState, opts ...ResourceOption) (*RouterNat, error)public static RouterNat Get(string name, Input<string> id, RouterNatState? state, CustomResourceOptions? opts = null)public static RouterNat get(String name, Output<String> id, RouterNatState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Drain
Nat List<string>Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- Enable
Dynamic boolPort Allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- Enable
Endpoint boolIndependent Mapping Enable endpoint independent mapping. For more information see the official documentation.
- Icmp
Idle intTimeout Sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- Log
Config RouterNat Log Config Configuration for logging on NAT Structure is documented below.
- Max
Ports intPer Vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- Min
Ports intPer Vm Minimum number of ports allocated to a VM from this NAT.
- Name string
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- Nat
Ip stringAllocate Option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- Nat
Ips List<string> Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- Project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Region string
Region where the router and NAT reside.
- Router string
The name of the Cloud Router in which this NAT will be configured.
- Rules
List<Router
Nat Rule> A list of rules associated with this NAT. Structure is documented below.
- Source
Subnetwork stringIp Ranges To Nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- Subnetworks
List<Router
Nat Subnetwork> One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- Tcp
Established intIdle Timeout Sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- Tcp
Time intWait Timeout Sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- Tcp
Transitory intIdle Timeout Sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- Type string
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- Udp
Idle intTimeout Sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
- Drain
Nat []stringIps A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- Enable
Dynamic boolPort Allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- Enable
Endpoint boolIndependent Mapping Enable endpoint independent mapping. For more information see the official documentation.
- Icmp
Idle intTimeout Sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- Log
Config RouterNat Log Config Args Configuration for logging on NAT Structure is documented below.
- Max
Ports intPer Vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- Min
Ports intPer Vm Minimum number of ports allocated to a VM from this NAT.
- Name string
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- Nat
Ip stringAllocate Option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- Nat
Ips []string Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- Project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Region string
Region where the router and NAT reside.
- Router string
The name of the Cloud Router in which this NAT will be configured.
- Rules
[]Router
Nat Rule Args A list of rules associated with this NAT. Structure is documented below.
- Source
Subnetwork stringIp Ranges To Nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- Subnetworks
[]Router
Nat Subnetwork Args One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- Tcp
Established intIdle Timeout Sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- Tcp
Time intWait Timeout Sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- Tcp
Transitory intIdle Timeout Sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- Type string
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- Udp
Idle intTimeout Sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
- drain
Nat List<String>Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- enable
Dynamic BooleanPort Allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- enable
Endpoint BooleanIndependent Mapping Enable endpoint independent mapping. For more information see the official documentation.
- icmp
Idle IntegerTimeout Sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- log
Config RouterNat Log Config Configuration for logging on NAT Structure is documented below.
- max
Ports IntegerPer Vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- min
Ports IntegerPer Vm Minimum number of ports allocated to a VM from this NAT.
- name String
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- nat
Ip StringAllocate Option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- nat
Ips List<String> Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- project String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region String
Region where the router and NAT reside.
- router String
The name of the Cloud Router in which this NAT will be configured.
- rules
List<Router
Nat Rule> A list of rules associated with this NAT. Structure is documented below.
- source
Subnetwork StringIp Ranges To Nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- subnetworks
List<Router
Nat Subnetwork> One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- tcp
Established IntegerIdle Timeout Sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- tcp
Time IntegerWait Timeout Sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- tcp
Transitory IntegerIdle Timeout Sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- type String
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- udp
Idle IntegerTimeout Sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
- drain
Nat string[]Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- enable
Dynamic booleanPort Allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- enable
Endpoint booleanIndependent Mapping Enable endpoint independent mapping. For more information see the official documentation.
- icmp
Idle numberTimeout Sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- log
Config RouterNat Log Config Configuration for logging on NAT Structure is documented below.
- max
Ports numberPer Vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- min
Ports numberPer Vm Minimum number of ports allocated to a VM from this NAT.
- name string
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- nat
Ip stringAllocate Option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- nat
Ips string[] Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region string
Region where the router and NAT reside.
- router string
The name of the Cloud Router in which this NAT will be configured.
- rules
Router
Nat Rule[] A list of rules associated with this NAT. Structure is documented below.
- source
Subnetwork stringIp Ranges To Nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- subnetworks
Router
Nat Subnetwork[] One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- tcp
Established numberIdle Timeout Sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- tcp
Time numberWait Timeout Sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- tcp
Transitory numberIdle Timeout Sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- type string
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- udp
Idle numberTimeout Sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
- drain_
nat_ Sequence[str]ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- enable_
dynamic_ boolport_ allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- enable_
endpoint_ boolindependent_ mapping Enable endpoint independent mapping. For more information see the official documentation.
- icmp_
idle_ inttimeout_ sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- log_
config RouterNat Log Config Args Configuration for logging on NAT Structure is documented below.
- max_
ports_ intper_ vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- min_
ports_ intper_ vm Minimum number of ports allocated to a VM from this NAT.
- name str
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- nat_
ip_ strallocate_ option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- nat_
ips Sequence[str] Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- project str
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region str
Region where the router and NAT reside.
- router str
The name of the Cloud Router in which this NAT will be configured.
- rules
Sequence[Router
Nat Rule Args] A list of rules associated with this NAT. Structure is documented below.
- source_
subnetwork_ strip_ ranges_ to_ nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- subnetworks
Sequence[Router
Nat Subnetwork Args] One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- tcp_
established_ intidle_ timeout_ sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- tcp_
time_ intwait_ timeout_ sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- tcp_
transitory_ intidle_ timeout_ sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- type str
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- udp_
idle_ inttimeout_ sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
- drain
Nat List<String>Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- enable
Dynamic BooleanPort Allocation Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
- enable
Endpoint BooleanIndependent Mapping Enable endpoint independent mapping. For more information see the official documentation.
- icmp
Idle NumberTimeout Sec Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- log
Config Property Map Configuration for logging on NAT Structure is documented below.
- max
Ports NumberPer Vm Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
- min
Ports NumberPer Vm Minimum number of ports allocated to a VM from this NAT.
- name String
Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- nat
Ip StringAllocate Option How external IPs should be allocated for this NAT. Valid values are
AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses. Possible values are:MANUAL_ONLY,AUTO_ONLY.- nat
Ips List<String> Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- project String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region String
Region where the router and NAT reside.
- router String
The name of the Cloud Router in which this NAT will be configured.
- rules List<Property Map>
A list of rules associated with this NAT. Structure is documented below.
- source
Subnetwork StringIp Ranges To Nat How NAT should be configured per Subnetwork. If
ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are:ALL_SUBNETWORKS_ALL_IP_RANGES,ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES,LIST_OF_SUBNETWORKS.- subnetworks List<Property Map>
One or more subnetwork NAT configurations. Only used if
source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKSStructure is documented below.- tcp
Established NumberIdle Timeout Sec Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- tcp
Time NumberWait Timeout Sec Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
- tcp
Transitory NumberIdle Timeout Sec Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- type String
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. If 'PUBLIC' NAT used for public IP translation. If 'PRIVATE' NAT used for private IP translation. Default value: "PUBLIC" Possible values: ["PUBLIC", "PRIVATE"]
- udp
Idle NumberTimeout Sec Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
Supporting Types
RouterNatLogConfig, RouterNatLogConfigArgs
RouterNatRule, RouterNatRuleArgs
- Match string
CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding action is enforced. The following examples are valid match expressions for public NAT: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'" The following example is a valid match expression for private NAT: "nexthop.hub == 'https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/global/hub/hub-1'"
- Rule
Number int An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
- Action
Router
Nat Rule Action The action to be enforced for traffic that matches this rule. Structure is documented below.
- Description string
An optional description of this rule.
- Match string
CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding action is enforced. The following examples are valid match expressions for public NAT: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'" The following example is a valid match expression for private NAT: "nexthop.hub == 'https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/global/hub/hub-1'"
- Rule
Number int An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
- Action
Router
Nat Rule Action The action to be enforced for traffic that matches this rule. Structure is documented below.
- Description string
An optional description of this rule.
- match String
CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding action is enforced. The following examples are valid match expressions for public NAT: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'" The following example is a valid match expression for private NAT: "nexthop.hub == 'https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/global/hub/hub-1'"
- rule
Number Integer An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
- action
Router
Nat Rule Action The action to be enforced for traffic that matches this rule. Structure is documented below.
- description String
An optional description of this rule.
- match string
CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding action is enforced. The following examples are valid match expressions for public NAT: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'" The following example is a valid match expression for private NAT: "nexthop.hub == 'https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/global/hub/hub-1'"
- rule
Number number An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
- action
Router
Nat Rule Action The action to be enforced for traffic that matches this rule. Structure is documented below.
- description string
An optional description of this rule.
- match str
CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding action is enforced. The following examples are valid match expressions for public NAT: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'" The following example is a valid match expression for private NAT: "nexthop.hub == 'https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/global/hub/hub-1'"
- rule_
number int An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
- action
Router
Nat Rule Action The action to be enforced for traffic that matches this rule. Structure is documented below.
- description str
An optional description of this rule.
- match String
CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding action is enforced. The following examples are valid match expressions for public NAT: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'" The following example is a valid match expression for private NAT: "nexthop.hub == 'https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/global/hub/hub-1'"
- rule
Number Number An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
- action Property Map
The action to be enforced for traffic that matches this rule. Structure is documented below.
- description String
An optional description of this rule.
RouterNatRuleAction, RouterNatRuleActionArgs
- Source
Nat List<string>Active Ips A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT.
- Source
Nat List<string>Active Ranges - Source
Nat List<string>Drain Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT.
- Source
Nat List<string>Drain Ranges
- Source
Nat []stringActive Ips A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT.
- Source
Nat []stringActive Ranges - Source
Nat []stringDrain Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT.
- Source
Nat []stringDrain Ranges
- source
Nat List<String>Active Ips A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT.
- source
Nat List<String>Active Ranges - source
Nat List<String>Drain Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT.
- source
Nat List<String>Drain Ranges
- source
Nat string[]Active Ips A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT.
- source
Nat string[]Active Ranges - source
Nat string[]Drain Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT.
- source
Nat string[]Drain Ranges
- source_
nat_ Sequence[str]active_ ips A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT.
- source_
nat_ Sequence[str]active_ ranges - source_
nat_ Sequence[str]drain_ ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT.
- source_
nat_ Sequence[str]drain_ ranges
- source
Nat List<String>Active Ips A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT.
- source
Nat List<String>Active Ranges - source
Nat List<String>Drain Ips A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT.
- source
Nat List<String>Drain Ranges
RouterNatSubnetwork, RouterNatSubnetworkArgs
- Name string
Self-link of subnetwork to NAT
- Source
Ip List<string>Ranges To Nats List of options for which source IPs in the subnetwork should have NAT enabled. Supported values include:
ALL_IP_RANGES,LIST_OF_SECONDARY_IP_RANGES,PRIMARY_IP_RANGE.- Secondary
Ip List<string>Range Names List of the secondary ranges of the subnetwork that are allowed to use NAT. This can be populated only if
LIST_OF_SECONDARY_IP_RANGESis one of the values in sourceIpRangesToNat
- Name string
Self-link of subnetwork to NAT
- Source
Ip []stringRanges To Nats List of options for which source IPs in the subnetwork should have NAT enabled. Supported values include:
ALL_IP_RANGES,LIST_OF_SECONDARY_IP_RANGES,PRIMARY_IP_RANGE.- Secondary
Ip []stringRange Names List of the secondary ranges of the subnetwork that are allowed to use NAT. This can be populated only if
LIST_OF_SECONDARY_IP_RANGESis one of the values in sourceIpRangesToNat
- name String
Self-link of subnetwork to NAT
- source
Ip List<String>Ranges To Nats List of options for which source IPs in the subnetwork should have NAT enabled. Supported values include:
ALL_IP_RANGES,LIST_OF_SECONDARY_IP_RANGES,PRIMARY_IP_RANGE.- secondary
Ip List<String>Range Names List of the secondary ranges of the subnetwork that are allowed to use NAT. This can be populated only if
LIST_OF_SECONDARY_IP_RANGESis one of the values in sourceIpRangesToNat
- name string
Self-link of subnetwork to NAT
- source
Ip string[]Ranges To Nats List of options for which source IPs in the subnetwork should have NAT enabled. Supported values include:
ALL_IP_RANGES,LIST_OF_SECONDARY_IP_RANGES,PRIMARY_IP_RANGE.- secondary
Ip string[]Range Names List of the secondary ranges of the subnetwork that are allowed to use NAT. This can be populated only if
LIST_OF_SECONDARY_IP_RANGESis one of the values in sourceIpRangesToNat
- name str
Self-link of subnetwork to NAT
- source_
ip_ Sequence[str]ranges_ to_ nats List of options for which source IPs in the subnetwork should have NAT enabled. Supported values include:
ALL_IP_RANGES,LIST_OF_SECONDARY_IP_RANGES,PRIMARY_IP_RANGE.- secondary_
ip_ Sequence[str]range_ names List of the secondary ranges of the subnetwork that are allowed to use NAT. This can be populated only if
LIST_OF_SECONDARY_IP_RANGESis one of the values in sourceIpRangesToNat
- name String
Self-link of subnetwork to NAT
- source
Ip List<String>Ranges To Nats List of options for which source IPs in the subnetwork should have NAT enabled. Supported values include:
ALL_IP_RANGES,LIST_OF_SECONDARY_IP_RANGES,PRIMARY_IP_RANGE.- secondary
Ip List<String>Range Names List of the secondary ranges of the subnetwork that are allowed to use NAT. This can be populated only if
LIST_OF_SECONDARY_IP_RANGESis one of the values in sourceIpRangesToNat
Import
RouterNat can be imported using any of these accepted formats* projects/{{project}}/regions/{{region}}/routers/{{router}}/{{name}} * {{project}}/{{region}}/{{router}}/{{name}} * {{region}}/{{router}}/{{name}} * {{router}}/{{name}} In Terraform v1.5.0 and later, use an import block to import RouterNat using one of the formats above. For exampletf import {
id = “projects/{{project}}/regions/{{region}}/routers/{{router}}/{{name}}”
to = google_compute_router_nat.default }
$ pulumi import gcp:compute/routerNat:RouterNat When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), RouterNat can be imported using one of the formats above. For example
$ pulumi import gcp:compute/routerNat:RouterNat default projects/{{project}}/regions/{{region}}/routers/{{router}}/{{name}}
$ pulumi import gcp:compute/routerNat:RouterNat default {{project}}/{{region}}/{{router}}/{{name}}
$ pulumi import gcp:compute/routerNat:RouterNat default {{region}}/{{router}}/{{name}}
$ pulumi import gcp:compute/routerNat:RouterNat default {{router}}/{{name}}
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
google-betaTerraform Provider.