nsxt 3.9.0, Jun 20 25

nsxt 3.9.0 published on Friday, Jun 20, 2025 by vmware

nsxt.VpcNatRule

Explore with Pulumi AI

nsxt 3.9.0 published on Friday, Jun 20, 2025 by vmware

Create VpcNatRule Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new VpcNatRule(name: string, args: VpcNatRuleArgs, opts?: CustomResourceOptions);

@overload
def VpcNatRule(resource_name: str,
               args: VpcNatRuleArgs,
               opts: Optional[ResourceOptions] = None)

@overload
def VpcNatRule(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               display_name: Optional[str] = None,
               parent_path: Optional[str] = None,
               action: Optional[str] = None,
               logging: Optional[bool] = None,
               enabled: Optional[bool] = None,
               firewall_match: Optional[str] = None,
               destination_network: Optional[str] = None,
               nsx_id: Optional[str] = None,
               description: Optional[str] = None,
               sequence_number: Optional[float] = None,
               source_network: Optional[str] = None,
               tags: Optional[Sequence[VpcNatRuleTagArgs]] = None,
               translated_network: Optional[str] = None,
               vpc_nat_rule_id: Optional[str] = None)

func NewVpcNatRule(ctx *Context, name string, args VpcNatRuleArgs, opts ...ResourceOption) (*VpcNatRule, error)

public VpcNatRule(string name, VpcNatRuleArgs args, CustomResourceOptions? opts = null)

public VpcNatRule(String name, VpcNatRuleArgs args)
public VpcNatRule(String name, VpcNatRuleArgs args, CustomResourceOptions options)

type: nsxt:VpcNatRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args VpcNatRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args VpcNatRuleArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args VpcNatRuleArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args VpcNatRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args VpcNatRuleArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var vpcNatRuleResource = new Nsxt.VpcNatRule("vpcNatRuleResource", new()
{
    DisplayName = "string",
    ParentPath = "string",
    Action = "string",
    Logging = false,
    Enabled = false,
    FirewallMatch = "string",
    DestinationNetwork = "string",
    NsxId = "string",
    Description = "string",
    SequenceNumber = 0,
    SourceNetwork = "string",
    Tags = new[]
    {
        new Nsxt.Inputs.VpcNatRuleTagArgs
        {
            Scope = "string",
            Tag = "string",
        },
    },
    TranslatedNetwork = "string",
    VpcNatRuleId = "string",
});

example, err := nsxt.NewVpcNatRule(ctx, "vpcNatRuleResource", &nsxt.VpcNatRuleArgs{
	DisplayName:        pulumi.String("string"),
	ParentPath:         pulumi.String("string"),
	Action:             pulumi.String("string"),
	Logging:            pulumi.Bool(false),
	Enabled:            pulumi.Bool(false),
	FirewallMatch:      pulumi.String("string"),
	DestinationNetwork: pulumi.String("string"),
	NsxId:              pulumi.String("string"),
	Description:        pulumi.String("string"),
	SequenceNumber:     pulumi.Float64(0),
	SourceNetwork:      pulumi.String("string"),
	Tags: nsxt.VpcNatRuleTagArray{
		&nsxt.VpcNatRuleTagArgs{
			Scope: pulumi.String("string"),
			Tag:   pulumi.String("string"),
		},
	},
	TranslatedNetwork: pulumi.String("string"),
	VpcNatRuleId:      pulumi.String("string"),
})

var vpcNatRuleResource = new VpcNatRule("vpcNatRuleResource", VpcNatRuleArgs.builder()
    .displayName("string")
    .parentPath("string")
    .action("string")
    .logging(false)
    .enabled(false)
    .firewallMatch("string")
    .destinationNetwork("string")
    .nsxId("string")
    .description("string")
    .sequenceNumber(0.0)
    .sourceNetwork("string")
    .tags(VpcNatRuleTagArgs.builder()
        .scope("string")
        .tag("string")
        .build())
    .translatedNetwork("string")
    .vpcNatRuleId("string")
    .build());

vpc_nat_rule_resource = nsxt.VpcNatRule("vpcNatRuleResource",
    display_name="string",
    parent_path="string",
    action="string",
    logging=False,
    enabled=False,
    firewall_match="string",
    destination_network="string",
    nsx_id="string",
    description="string",
    sequence_number=0,
    source_network="string",
    tags=[{
        "scope": "string",
        "tag": "string",
    }],
    translated_network="string",
    vpc_nat_rule_id="string")

const vpcNatRuleResource = new nsxt.VpcNatRule("vpcNatRuleResource", {
    displayName: "string",
    parentPath: "string",
    action: "string",
    logging: false,
    enabled: false,
    firewallMatch: "string",
    destinationNetwork: "string",
    nsxId: "string",
    description: "string",
    sequenceNumber: 0,
    sourceNetwork: "string",
    tags: [{
        scope: "string",
        tag: "string",
    }],
    translatedNetwork: "string",
    vpcNatRuleId: "string",
});

type: nsxt:VpcNatRule
properties:
    action: string
    description: string
    destinationNetwork: string
    displayName: string
    enabled: false
    firewallMatch: string
    logging: false
    nsxId: string
    parentPath: string
    sequenceNumber: 0
    sourceNetwork: string
    tags:
        - scope: string
          tag: string
    translatedNetwork: string
    vpcNatRuleId: string

VpcNatRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The VpcNatRule resource accepts the following input properties:

Action string: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
DisplayName string: Display name of the resource.
ParentPath string: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
Description string: Description of the resource.
DestinationNetwork string: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
Enabled bool: Flag for enabling the NAT rule, default is true.
FirewallMatch string: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
Logging bool: Boolean flag to indicate whether logging is enabled. The default is false.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
SequenceNumber double: The sequence_number decides the rule_priority of a NAT rule.
SourceNetwork string: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
Tags List<VpcNatRuleTag>: A list of scope + tag pairs to associate with this resource.
TranslatedNetwork string: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
VpcNatRuleId string: ID of the resource.

Action string: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
DisplayName string: Display name of the resource.
ParentPath string: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
Description string: Description of the resource.
DestinationNetwork string: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
Enabled bool: Flag for enabling the NAT rule, default is true.
FirewallMatch string: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
Logging bool: Boolean flag to indicate whether logging is enabled. The default is false.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
SequenceNumber float64: The sequence_number decides the rule_priority of a NAT rule.
SourceNetwork string: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
Tags []VpcNatRuleTagArgs: A list of scope + tag pairs to associate with this resource.
TranslatedNetwork string: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
VpcNatRuleId string: ID of the resource.

action String: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
displayName String: Display name of the resource.
parentPath String: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
description String: Description of the resource.
destinationNetwork String: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
enabled Boolean: Flag for enabling the NAT rule, default is true.
firewallMatch String: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
logging Boolean: Boolean flag to indicate whether logging is enabled. The default is false.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
sequenceNumber Double: The sequence_number decides the rule_priority of a NAT rule.
sourceNetwork String: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
tags List<VpcNatRuleTag>: A list of scope + tag pairs to associate with this resource.
translatedNetwork String: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
vpcNatRuleId String: ID of the resource.

action string: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
displayName string: Display name of the resource.
parentPath string: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
description string: Description of the resource.
destinationNetwork string: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
enabled boolean: Flag for enabling the NAT rule, default is true.
firewallMatch string: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
logging boolean: Boolean flag to indicate whether logging is enabled. The default is false.
nsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
sequenceNumber number: The sequence_number decides the rule_priority of a NAT rule.
sourceNetwork string: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
tags VpcNatRuleTag[]: A list of scope + tag pairs to associate with this resource.
translatedNetwork string: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
vpcNatRuleId string: ID of the resource.

action str: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
display_name str: Display name of the resource.
parent_path str: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
description str: Description of the resource.
destination_network str: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
enabled bool: Flag for enabling the NAT rule, default is true.
firewall_match str: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
logging bool: Boolean flag to indicate whether logging is enabled. The default is false.
nsx_id str: The NSX ID of this resource. If set, this ID will be used to create the resource.
sequence_number float: The sequence_number decides the rule_priority of a NAT rule.
source_network str: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
tags Sequence[VpcNatRuleTagArgs]: A list of scope + tag pairs to associate with this resource.
translated_network str: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
vpc_nat_rule_id str: ID of the resource.

action String: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
displayName String: Display name of the resource.
parentPath String: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
description String: Description of the resource.
destinationNetwork String: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
enabled Boolean: Flag for enabling the NAT rule, default is true.
firewallMatch String: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
logging Boolean: Boolean flag to indicate whether logging is enabled. The default is false.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
sequenceNumber Number: The sequence_number decides the rule_priority of a NAT rule.
sourceNetwork String: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
tags List<Property Map>: A list of scope + tag pairs to associate with this resource.
translatedNetwork String: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
vpcNatRuleId String: ID of the resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the VpcNatRule resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Path string: The NSX path of the policy resource.
Revision double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

Id string: The provider-assigned unique ID for this managed resource.
Path string: The NSX path of the policy resource.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
path String: The NSX path of the policy resource.
revision Double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id string: The provider-assigned unique ID for this managed resource.
path string: The NSX path of the policy resource.
revision number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id str: The provider-assigned unique ID for this managed resource.
path str: The NSX path of the policy resource.
revision float: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
path String: The NSX path of the policy resource.
revision Number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

Look up Existing VpcNatRule Resource

Get an existing VpcNatRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: VpcNatRuleState, opts?: CustomResourceOptions): VpcNatRule

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        action: Optional[str] = None,
        description: Optional[str] = None,
        destination_network: Optional[str] = None,
        display_name: Optional[str] = None,
        enabled: Optional[bool] = None,
        firewall_match: Optional[str] = None,
        logging: Optional[bool] = None,
        nsx_id: Optional[str] = None,
        parent_path: Optional[str] = None,
        path: Optional[str] = None,
        revision: Optional[float] = None,
        sequence_number: Optional[float] = None,
        source_network: Optional[str] = None,
        tags: Optional[Sequence[VpcNatRuleTagArgs]] = None,
        translated_network: Optional[str] = None,
        vpc_nat_rule_id: Optional[str] = None) -> VpcNatRule

func GetVpcNatRule(ctx *Context, name string, id IDInput, state *VpcNatRuleState, opts ...ResourceOption) (*VpcNatRule, error)

public static VpcNatRule Get(string name, Input<string> id, VpcNatRuleState? state, CustomResourceOptions? opts = null)

public static VpcNatRule get(String name, Output<String> id, VpcNatRuleState state, CustomResourceOptions options)

resources:  _:    type: nsxt:VpcNatRule    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Action string: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
Description string: Description of the resource.
DestinationNetwork string: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
DisplayName string: Display name of the resource.
Enabled bool: Flag for enabling the NAT rule, default is true.
FirewallMatch string: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
Logging bool: Boolean flag to indicate whether logging is enabled. The default is false.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
ParentPath string: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
Path string: The NSX path of the policy resource.
Revision double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
SequenceNumber double: The sequence_number decides the rule_priority of a NAT rule.
SourceNetwork string: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
Tags List<VpcNatRuleTag>: A list of scope + tag pairs to associate with this resource.
TranslatedNetwork string: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
VpcNatRuleId string: ID of the resource.

Action string: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
Description string: Description of the resource.
DestinationNetwork string: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
DisplayName string: Display name of the resource.
Enabled bool: Flag for enabling the NAT rule, default is true.
FirewallMatch string: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
Logging bool: Boolean flag to indicate whether logging is enabled. The default is false.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
ParentPath string: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
Path string: The NSX path of the policy resource.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
SequenceNumber float64: The sequence_number decides the rule_priority of a NAT rule.
SourceNetwork string: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
Tags []VpcNatRuleTagArgs: A list of scope + tag pairs to associate with this resource.
TranslatedNetwork string: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
VpcNatRuleId string: ID of the resource.

action String: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
description String: Description of the resource.
destinationNetwork String: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
displayName String: Display name of the resource.
enabled Boolean: Flag for enabling the NAT rule, default is true.
firewallMatch String: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
logging Boolean: Boolean flag to indicate whether logging is enabled. The default is false.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
parentPath String: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
path String: The NSX path of the policy resource.
revision Double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
sequenceNumber Double: The sequence_number decides the rule_priority of a NAT rule.
sourceNetwork String: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
tags List<VpcNatRuleTag>: A list of scope + tag pairs to associate with this resource.
translatedNetwork String: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
vpcNatRuleId String: ID of the resource.

action string: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
description string: Description of the resource.
destinationNetwork string: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
displayName string: Display name of the resource.
enabled boolean: Flag for enabling the NAT rule, default is true.
firewallMatch string: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
logging boolean: Boolean flag to indicate whether logging is enabled. The default is false.
nsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
parentPath string: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
path string: The NSX path of the policy resource.
revision number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
sequenceNumber number: The sequence_number decides the rule_priority of a NAT rule.
sourceNetwork string: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
tags VpcNatRuleTag[]: A list of scope + tag pairs to associate with this resource.
translatedNetwork string: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
vpcNatRuleId string: ID of the resource.

action str: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
description str: Description of the resource.
destination_network str: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
display_name str: Display name of the resource.
enabled bool: Flag for enabling the NAT rule, default is true.
firewall_match str: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
logging bool: Boolean flag to indicate whether logging is enabled. The default is false.
nsx_id str: The NSX ID of this resource. If set, this ID will be used to create the resource.
parent_path str: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
path str: The NSX path of the policy resource.
revision float: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
sequence_number float: The sequence_number decides the rule_priority of a NAT rule.
source_network str: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
tags Sequence[VpcNatRuleTagArgs]: A list of scope + tag pairs to associate with this resource.
translated_network str: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
vpc_nat_rule_id str: ID of the resource.

action String: NAT action, one of SNAT (translates a source IP address into an outbound packet so that the packet appears to originate from a different network), DNAT (translates the destination IP address of inbound packets so that packets are delivered to a target address into another network), and REFLEXIVE (one-to-one mapping of source and destination IP addresses).
description String: Description of the resource.
destinationNetwork String: For DNAT rules, this is a required field, and represents the destination network for the incoming packets. For other type of rules, it may contain destination network of outgoing packets. In case of DNAT rule, destination network address should be IPv4 address allocated from External Block associated with VPC.
displayName String: Display name of the resource.
enabled Boolean: Flag for enabling the NAT rule, default is true.
firewallMatch String: Indicates how the firewall matches the address after NATing if firewall stage is not skipped, one of MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS or BYPASS. Default is MATCH_INTERNAL_ADDRESS.
logging Boolean: Boolean flag to indicate whether logging is enabled. The default is false.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
parentPath String: Policy path of parent NAT object, typically reference to path in nsxt.getVpcNat data source.
path String: The NSX path of the policy resource.
revision Number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
sequenceNumber Number: The sequence_number decides the rule_priority of a NAT rule.
sourceNetwork String: Source network. For SNAT and REFLEXIVE rules, this is a required field. For DNAT rules, it may contain source network for incoming packets.
tags List<Property Map>: A list of scope + tag pairs to associate with this resource.
translatedNetwork String: For SNAT, DNAT and REFLEXIVE rules, this ia a required field, which represents the translated network address. In case of SNAT and REFLEXIVE rule, translated network address should be single IPv4 address allocated from External Block associated with VPC.
vpcNatRuleId String: ID of the resource.

Supporting Types

VpcNatRuleTag, VpcNatRuleTagArgs

Scope string
Tag string: A list of scope + tag pairs to associate with this resource.

Scope string
Tag string: A list of scope + tag pairs to associate with this resource.

scope String
tag String: A list of scope + tag pairs to associate with this resource.

scope string
tag string: A list of scope + tag pairs to associate with this resource.

scope str
tag str: A list of scope + tag pairs to associate with this resource.

scope String
tag String: A list of scope + tag pairs to associate with this resource.

Package Details

Repository: nsxt vmware/terraform-provider-nsxt
License
Notes: This Pulumi package is based on the nsxt Terraform Provider.

nsxt 3.9.0 published on Friday, Jun 20, 2025 by vmware

vmware/terraform-provider-nsxt

nsxt.VpcNatRule

On this page

On this page

Create VpcNatRule Resource

Constructor syntax

Parameters

Constructor example

VpcNatRule Resource Properties

Inputs

Outputs

Look up Existing VpcNatRule Resource

Supporting Types

VpcNatRuleTag, VpcNatRuleTagArgs

Package Details

On this page

On this page