Router
A NAT service created in a router. To get more information about RouterNat, see:
How-to Guides
Example Usage
Router Nat Basic
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Router;
import com.pulumi.gcp.compute.RouterArgs;
import com.pulumi.gcp.compute.inputs.RouterBgpArgs;
import com.pulumi.gcp.compute.RouterNat;
import com.pulumi.gcp.compute.RouterNatArgs;
import com.pulumi.gcp.compute.inputs.RouterNatLogConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var net = new Network("net");
var subnet = new Subnetwork("subnet", SubnetworkArgs.builder()
.network(net.id())
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.build());
var router = new Router("router", RouterArgs.builder()
.region(subnet.region())
.network(net.id())
.bgp(RouterBgpArgs.builder()
.asn(64514)
.build())
.build());
var nat = new RouterNat("nat", RouterNatArgs.builder()
.router(router.name())
.region(router.region())
.natIpAllocateOption("AUTO_ONLY")
.sourceSubnetworkIpRangesToNat("ALL_SUBNETWORKS_ALL_IP_RANGES")
.logConfig(RouterNatLogConfigArgs.builder()
.enable(true)
.filter("ERRORS_ONLY")
.build())
.build());
}
}Router Nat Manual Ips
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Router;
import com.pulumi.gcp.compute.RouterArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.RouterNat;
import com.pulumi.gcp.compute.RouterNatArgs;
import com.pulumi.gcp.compute.inputs.RouterNatSubnetworkArgs;
import com.pulumi.codegen.internal.KeyedValue;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var net = new Network("net");
var subnet = new Subnetwork("subnet", SubnetworkArgs.builder()
.network(net.id())
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.build());
var router = new Router("router", RouterArgs.builder()
.region(subnet.region())
.network(net.id())
.build());
for (var i = 0; i < 2; i++) {
new Address("address-" + i, AddressArgs.builder()
.region(subnet.region())
.build());
}
var natManual = new RouterNat("natManual", RouterNatArgs.builder()
.router(router.name())
.region(router.region())
.natIpAllocateOption("MANUAL_ONLY")
.natIps(address.stream().map(element -> element.selfLink()).collect(toList()))
.sourceSubnetworkIpRangesToNat("LIST_OF_SUBNETWORKS")
.subnetworks(RouterNatSubnetworkArgs.builder()
.name(subnet.id())
.sourceIpRangesToNats("ALL_IP_RANGES")
.build())
.build());
}
}Router Nat Rules
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Router;
import com.pulumi.gcp.compute.RouterArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.RouterNat;
import com.pulumi.gcp.compute.RouterNatArgs;
import com.pulumi.gcp.compute.inputs.RouterNatSubnetworkArgs;
import com.pulumi.gcp.compute.inputs.RouterNatRuleArgs;
import com.pulumi.gcp.compute.inputs.RouterNatRuleActionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var net = new Network("net", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var subnet = new Subnetwork("subnet", SubnetworkArgs.builder()
.network(net.id())
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.build());
var router = new Router("router", RouterArgs.builder()
.region(subnet.region())
.network(net.id())
.build());
var addr1 = new Address("addr1", AddressArgs.builder()
.region(subnet.region())
.build());
var addr2 = new Address("addr2", AddressArgs.builder()
.region(subnet.region())
.build());
var addr3 = new Address("addr3", AddressArgs.builder()
.region(subnet.region())
.build());
var natRules = new RouterNat("natRules", RouterNatArgs.builder()
.router(router.name())
.region(router.region())
.natIpAllocateOption("MANUAL_ONLY")
.natIps(addr1.selfLink())
.sourceSubnetworkIpRangesToNat("LIST_OF_SUBNETWORKS")
.subnetworks(RouterNatSubnetworkArgs.builder()
.name(subnet.id())
.sourceIpRangesToNats("ALL_IP_RANGES")
.build())
.rules(RouterNatRuleArgs.builder()
.ruleNumber(100)
.description("nat rules example")
.match("inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')")
.action(RouterNatRuleActionArgs.builder()
.sourceNatActiveIps(
addr2.selfLink(),
addr3.selfLink())
.build())
.build())
.enableEndpointIndependentMapping(false)
.build());
}
}Import
RouterNat can be imported using any of these accepted formats
$ pulumi import gcp:compute/routerNat:RouterNat default projects/{{project}}/regions/{{region}}/routers/{{router}}/{{name}}$ pulumi import gcp:compute/routerNat:RouterNat default {{project}}/{{region}}/{{router}}/{{name}}$ pulumi import gcp:compute/routerNat:RouterNat default {{region}}/{{router}}/{{name}}$ pulumi import gcp:compute/routerNat:RouterNat default {{router}}/{{name}}Constructors
Properties
A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.
Specifies if endpoint independent mapping is enabled. This is enabled by default. For more information see the official documentation.
Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
Configuration for logging on NAT Structure is documented below.
Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
Minimum number of ports allocated to a VM from this NAT.
How external IPs should be allocated for this NAT. Valid values are AUTO_ONLY for only allowing NAT IPs allocated by Google Cloud Platform, or MANUAL_ONLY for only user-allocated NAT IP addresses. Possible values are: MANUAL_ONLY, AUTO_ONLY.
A list of rules associated with this NAT. Structure is documented below.
How NAT should be configured per Subnetwork. If ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. If ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat. LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are: ALL_SUBNETWORKS_ALL_IP_RANGES, ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, LIST_OF_SUBNETWORKS.
One or more subnetwork NAT configurations. Only used if source_subnetwork_ip_ranges_to_nat is set to LIST_OF_SUBNETWORKS Structure is documented below.
Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
Timeout (in seconds) for UDP connections. Defaults to 30s if not set.