nsxt 3.8.1, Apr 30 25

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

nsxt.NatRule

Explore with Pulumi AI

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

Create NatRule Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new NatRule(name: string, args: NatRuleArgs, opts?: CustomResourceOptions);

@overload
def NatRule(resource_name: str,
            args: NatRuleArgs,
            opts: Optional[ResourceOptions] = None)

@overload
def NatRule(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            logical_router_id: Optional[str] = None,
            action: Optional[str] = None,
            match_destination_network: Optional[str] = None,
            enabled: Optional[bool] = None,
            logging: Optional[bool] = None,
            display_name: Optional[str] = None,
            description: Optional[str] = None,
            match_source_network: Optional[str] = None,
            nat_pass: Optional[bool] = None,
            nat_rule_id: Optional[str] = None,
            rule_priority: Optional[float] = None,
            tags: Optional[Sequence[NatRuleTagArgs]] = None,
            translated_network: Optional[str] = None,
            translated_ports: Optional[str] = None)

func NewNatRule(ctx *Context, name string, args NatRuleArgs, opts ...ResourceOption) (*NatRule, error)

public NatRule(string name, NatRuleArgs args, CustomResourceOptions? opts = null)

public NatRule(String name, NatRuleArgs args)
public NatRule(String name, NatRuleArgs args, CustomResourceOptions options)

type: nsxt:NatRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args NatRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args NatRuleArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args NatRuleArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args NatRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args NatRuleArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var natRuleResource = new Nsxt.NatRule("natRuleResource", new()
{
    LogicalRouterId = "string",
    Action = "string",
    MatchDestinationNetwork = "string",
    Enabled = false,
    Logging = false,
    DisplayName = "string",
    Description = "string",
    MatchSourceNetwork = "string",
    NatPass = false,
    NatRuleId = "string",
    RulePriority = 0,
    Tags = new[]
    {
        new Nsxt.Inputs.NatRuleTagArgs
        {
            Scope = "string",
            Tag = "string",
        },
    },
    TranslatedNetwork = "string",
    TranslatedPorts = "string",
});

example, err := nsxt.NewNatRule(ctx, "natRuleResource", &nsxt.NatRuleArgs{
	LogicalRouterId:         pulumi.String("string"),
	Action:                  pulumi.String("string"),
	MatchDestinationNetwork: pulumi.String("string"),
	Enabled:                 pulumi.Bool(false),
	Logging:                 pulumi.Bool(false),
	DisplayName:             pulumi.String("string"),
	Description:             pulumi.String("string"),
	MatchSourceNetwork:      pulumi.String("string"),
	NatPass:                 pulumi.Bool(false),
	NatRuleId:               pulumi.String("string"),
	RulePriority:            pulumi.Float64(0),
	Tags: nsxt.NatRuleTagArray{
		&nsxt.NatRuleTagArgs{
			Scope: pulumi.String("string"),
			Tag:   pulumi.String("string"),
		},
	},
	TranslatedNetwork: pulumi.String("string"),
	TranslatedPorts:   pulumi.String("string"),
})

var natRuleResource = new NatRule("natRuleResource", NatRuleArgs.builder()
    .logicalRouterId("string")
    .action("string")
    .matchDestinationNetwork("string")
    .enabled(false)
    .logging(false)
    .displayName("string")
    .description("string")
    .matchSourceNetwork("string")
    .natPass(false)
    .natRuleId("string")
    .rulePriority(0)
    .tags(NatRuleTagArgs.builder()
        .scope("string")
        .tag("string")
        .build())
    .translatedNetwork("string")
    .translatedPorts("string")
    .build());

nat_rule_resource = nsxt.NatRule("natRuleResource",
    logical_router_id="string",
    action="string",
    match_destination_network="string",
    enabled=False,
    logging=False,
    display_name="string",
    description="string",
    match_source_network="string",
    nat_pass=False,
    nat_rule_id="string",
    rule_priority=0,
    tags=[{
        "scope": "string",
        "tag": "string",
    }],
    translated_network="string",
    translated_ports="string")

const natRuleResource = new nsxt.NatRule("natRuleResource", {
    logicalRouterId: "string",
    action: "string",
    matchDestinationNetwork: "string",
    enabled: false,
    logging: false,
    displayName: "string",
    description: "string",
    matchSourceNetwork: "string",
    natPass: false,
    natRuleId: "string",
    rulePriority: 0,
    tags: [{
        scope: "string",
        tag: "string",
    }],
    translatedNetwork: "string",
    translatedPorts: "string",
});

type: nsxt:NatRule
properties:
    action: string
    description: string
    displayName: string
    enabled: false
    logging: false
    logicalRouterId: string
    matchDestinationNetwork: string
    matchSourceNetwork: string
    natPass: false
    natRuleId: string
    rulePriority: 0
    tags:
        - scope: string
          tag: string
    translatedNetwork: string
    translatedPorts: string

NatRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The NatRule resource accepts the following input properties:

Action string: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
LogicalRouterId string: ID of the logical router.
Description string: Description of this resource.
DisplayName string: The display name of this resource. Defaults to ID if not set.
Enabled bool: enable/disable the rule.
Logging bool: enable/disable the logging of rule.
MatchDestinationNetwork string: IP Address | CIDR. Omitting this field implies Any.
MatchSourceNetwork string: IP Address | CIDR. Omitting this field implies Any.
NatPass bool: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
NatRuleId string: ID of the NAT rule.
RulePriority double: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
Tags List<NatRuleTag>: A list of scope + tag pairs to associate with this NAT rule.
TranslatedNetwork string: IP Address | IP Range | CIDR.
TranslatedPorts string: port number or port range. Allowed only when action=DNAT.

Action string: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
LogicalRouterId string: ID of the logical router.
Description string: Description of this resource.
DisplayName string: The display name of this resource. Defaults to ID if not set.
Enabled bool: enable/disable the rule.
Logging bool: enable/disable the logging of rule.
MatchDestinationNetwork string: IP Address | CIDR. Omitting this field implies Any.
MatchSourceNetwork string: IP Address | CIDR. Omitting this field implies Any.
NatPass bool: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
NatRuleId string: ID of the NAT rule.
RulePriority float64: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
Tags []NatRuleTagArgs: A list of scope + tag pairs to associate with this NAT rule.
TranslatedNetwork string: IP Address | IP Range | CIDR.
TranslatedPorts string: port number or port range. Allowed only when action=DNAT.

action String: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
logicalRouterId String: ID of the logical router.
description String: Description of this resource.
displayName String: The display name of this resource. Defaults to ID if not set.
enabled Boolean: enable/disable the rule.
logging Boolean: enable/disable the logging of rule.
matchDestinationNetwork String: IP Address | CIDR. Omitting this field implies Any.
matchSourceNetwork String: IP Address | CIDR. Omitting this field implies Any.
natPass Boolean: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
natRuleId String: ID of the NAT rule.
rulePriority Double: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
tags List<NatRuleTag>: A list of scope + tag pairs to associate with this NAT rule.
translatedNetwork String: IP Address | IP Range | CIDR.
translatedPorts String: port number or port range. Allowed only when action=DNAT.

action string: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
logicalRouterId string: ID of the logical router.
description string: Description of this resource.
displayName string: The display name of this resource. Defaults to ID if not set.
enabled boolean: enable/disable the rule.
logging boolean: enable/disable the logging of rule.
matchDestinationNetwork string: IP Address | CIDR. Omitting this field implies Any.
matchSourceNetwork string: IP Address | CIDR. Omitting this field implies Any.
natPass boolean: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
natRuleId string: ID of the NAT rule.
rulePriority number: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
tags NatRuleTag[]: A list of scope + tag pairs to associate with this NAT rule.
translatedNetwork string: IP Address | IP Range | CIDR.
translatedPorts string: port number or port range. Allowed only when action=DNAT.

action str: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
logical_router_id str: ID of the logical router.
description str: Description of this resource.
display_name str: The display name of this resource. Defaults to ID if not set.
enabled bool: enable/disable the rule.
logging bool: enable/disable the logging of rule.
match_destination_network str: IP Address | CIDR. Omitting this field implies Any.
match_source_network str: IP Address | CIDR. Omitting this field implies Any.
nat_pass bool: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
nat_rule_id str: ID of the NAT rule.
rule_priority float: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
tags Sequence[NatRuleTagArgs]: A list of scope + tag pairs to associate with this NAT rule.
translated_network str: IP Address | IP Range | CIDR.
translated_ports str: port number or port range. Allowed only when action=DNAT.

action String: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
logicalRouterId String: ID of the logical router.
description String: Description of this resource.
displayName String: The display name of this resource. Defaults to ID if not set.
enabled Boolean: enable/disable the rule.
logging Boolean: enable/disable the logging of rule.
matchDestinationNetwork String: IP Address | CIDR. Omitting this field implies Any.
matchSourceNetwork String: IP Address | CIDR. Omitting this field implies Any.
natPass Boolean: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
natRuleId String: ID of the NAT rule.
rulePriority Number: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
tags List<Property Map>: A list of scope + tag pairs to associate with this NAT rule.
translatedNetwork String: IP Address | IP Range | CIDR.
translatedPorts String: port number or port range. Allowed only when action=DNAT.

Outputs

All input properties are implicitly available as output properties. Additionally, the NatRule resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Revision double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

Id string: The provider-assigned unique ID for this managed resource.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
revision Double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id string: The provider-assigned unique ID for this managed resource.
revision number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id str: The provider-assigned unique ID for this managed resource.
revision float: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
revision Number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

Look up Existing NatRule Resource

Get an existing NatRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: NatRuleState, opts?: CustomResourceOptions): NatRule

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        action: Optional[str] = None,
        description: Optional[str] = None,
        display_name: Optional[str] = None,
        enabled: Optional[bool] = None,
        logging: Optional[bool] = None,
        logical_router_id: Optional[str] = None,
        match_destination_network: Optional[str] = None,
        match_source_network: Optional[str] = None,
        nat_pass: Optional[bool] = None,
        nat_rule_id: Optional[str] = None,
        revision: Optional[float] = None,
        rule_priority: Optional[float] = None,
        tags: Optional[Sequence[NatRuleTagArgs]] = None,
        translated_network: Optional[str] = None,
        translated_ports: Optional[str] = None) -> NatRule

func GetNatRule(ctx *Context, name string, id IDInput, state *NatRuleState, opts ...ResourceOption) (*NatRule, error)

public static NatRule Get(string name, Input<string> id, NatRuleState? state, CustomResourceOptions? opts = null)

public static NatRule get(String name, Output<String> id, NatRuleState state, CustomResourceOptions options)

resources:  _:    type: nsxt:NatRule    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Action string: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
Description string: Description of this resource.
DisplayName string: The display name of this resource. Defaults to ID if not set.
Enabled bool: enable/disable the rule.
Logging bool: enable/disable the logging of rule.
LogicalRouterId string: ID of the logical router.
MatchDestinationNetwork string: IP Address | CIDR. Omitting this field implies Any.
MatchSourceNetwork string: IP Address | CIDR. Omitting this field implies Any.
NatPass bool: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
NatRuleId string: ID of the NAT rule.
Revision double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
RulePriority double: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
Tags List<NatRuleTag>: A list of scope + tag pairs to associate with this NAT rule.
TranslatedNetwork string: IP Address | IP Range | CIDR.
TranslatedPorts string: port number or port range. Allowed only when action=DNAT.

Action string: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
Description string: Description of this resource.
DisplayName string: The display name of this resource. Defaults to ID if not set.
Enabled bool: enable/disable the rule.
Logging bool: enable/disable the logging of rule.
LogicalRouterId string: ID of the logical router.
MatchDestinationNetwork string: IP Address | CIDR. Omitting this field implies Any.
MatchSourceNetwork string: IP Address | CIDR. Omitting this field implies Any.
NatPass bool: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
NatRuleId string: ID of the NAT rule.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
RulePriority float64: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
Tags []NatRuleTagArgs: A list of scope + tag pairs to associate with this NAT rule.
TranslatedNetwork string: IP Address | IP Range | CIDR.
TranslatedPorts string: port number or port range. Allowed only when action=DNAT.

action String: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
description String: Description of this resource.
displayName String: The display name of this resource. Defaults to ID if not set.
enabled Boolean: enable/disable the rule.
logging Boolean: enable/disable the logging of rule.
logicalRouterId String: ID of the logical router.
matchDestinationNetwork String: IP Address | CIDR. Omitting this field implies Any.
matchSourceNetwork String: IP Address | CIDR. Omitting this field implies Any.
natPass Boolean: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
natRuleId String: ID of the NAT rule.
revision Double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
rulePriority Double: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
tags List<NatRuleTag>: A list of scope + tag pairs to associate with this NAT rule.
translatedNetwork String: IP Address | IP Range | CIDR.
translatedPorts String: port number or port range. Allowed only when action=DNAT.

action string: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
description string: Description of this resource.
displayName string: The display name of this resource. Defaults to ID if not set.
enabled boolean: enable/disable the rule.
logging boolean: enable/disable the logging of rule.
logicalRouterId string: ID of the logical router.
matchDestinationNetwork string: IP Address | CIDR. Omitting this field implies Any.
matchSourceNetwork string: IP Address | CIDR. Omitting this field implies Any.
natPass boolean: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
natRuleId string: ID of the NAT rule.
revision number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
rulePriority number: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
tags NatRuleTag[]: A list of scope + tag pairs to associate with this NAT rule.
translatedNetwork string: IP Address | IP Range | CIDR.
translatedPorts string: port number or port range. Allowed only when action=DNAT.

action str: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
description str: Description of this resource.
display_name str: The display name of this resource. Defaults to ID if not set.
enabled bool: enable/disable the rule.
logging bool: enable/disable the logging of rule.
logical_router_id str: ID of the logical router.
match_destination_network str: IP Address | CIDR. Omitting this field implies Any.
match_source_network str: IP Address | CIDR. Omitting this field implies Any.
nat_pass bool: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
nat_rule_id str: ID of the NAT rule.
revision float: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
rule_priority float: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
tags Sequence[NatRuleTagArgs]: A list of scope + tag pairs to associate with this NAT rule.
translated_network str: IP Address | IP Range | CIDR.
translated_ports str: port number or port range. Allowed only when action=DNAT.

action String: NAT rule action type. Valid actions are: SNAT, DNAT, NO_NAT and REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, and can NOT be supported when the logical router is running at active-active HA mode. The REFLEXIVE action is stateless. The NO_NAT action has no translated_fields, only match fields.
description String: Description of this resource.
displayName String: The display name of this resource. Defaults to ID if not set.
enabled Boolean: enable/disable the rule.
logging Boolean: enable/disable the logging of rule.
logicalRouterId String: ID of the logical router.
matchDestinationNetwork String: IP Address | CIDR. Omitting this field implies Any.
matchSourceNetwork String: IP Address | CIDR. Omitting this field implies Any.
natPass Boolean: Enable/disable to bypass following firewall stage. The default is true, meaning that the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
natRuleId String: ID of the NAT rule.
revision Number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
rulePriority Number: The priority of the rule which is ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
tags List<Property Map>: A list of scope + tag pairs to associate with this NAT rule.
translatedNetwork String: IP Address | IP Range | CIDR.
translatedPorts String: port number or port range. Allowed only when action=DNAT.

Supporting Types

NatRuleTag, NatRuleTagArgs

Scope string
Tag string: A list of scope + tag pairs to associate with this NAT rule.

Scope string
Tag string: A list of scope + tag pairs to associate with this NAT rule.

scope String
tag String: A list of scope + tag pairs to associate with this NAT rule.

scope string
tag string: A list of scope + tag pairs to associate with this NAT rule.

scope str
tag str: A list of scope + tag pairs to associate with this NAT rule.

scope String
tag String: A list of scope + tag pairs to associate with this NAT rule.

Package Details

Repository: nsxt vmware/terraform-provider-nsxt
License
Notes: This Pulumi package is based on the nsxt Terraform Provider.

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

vmware/terraform-provider-nsxt

nsxt.NatRule

On this page

On this page

Create NatRule Resource

Constructor syntax

Parameters

Constructor example

NatRule Resource Properties

Inputs

Outputs

Look up Existing NatRule Resource

Supporting Types

NatRuleTag, NatRuleTagArgs

Package Details

On this page

On this page