pulumi-gcp-kotlin/com.pulumi.gcp.compute.kotlin/RouterNat

RouterNat

class RouterNat : KotlinCustomResource

A NAT service created in a router. To get more information about RouterNat, see:

Example Usage

Router Nat Basic

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Router;
import com.pulumi.gcp.compute.RouterArgs;
import com.pulumi.gcp.compute.inputs.RouterBgpArgs;
import com.pulumi.gcp.compute.RouterNat;
import com.pulumi.gcp.compute.RouterNatArgs;
import com.pulumi.gcp.compute.inputs.RouterNatLogConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var net = new Network("net");
        var subnet = new Subnetwork("subnet", SubnetworkArgs.builder()
            .network(net.id())
            .ipCidrRange("10.0.0.0/16")
            .region("us-central1")
            .build());
        var router = new Router("router", RouterArgs.builder()
            .region(subnet.region())
            .network(net.id())
            .bgp(RouterBgpArgs.builder()
                .asn(64514)
                .build())
            .build());
        var nat = new RouterNat("nat", RouterNatArgs.builder()
            .router(router.name())
            .region(router.region())
            .natIpAllocateOption("AUTO_ONLY")
            .sourceSubnetworkIpRangesToNat("ALL_SUBNETWORKS_ALL_IP_RANGES")
            .logConfig(RouterNatLogConfigArgs.builder()
                .enable(true)
                .filter("ERRORS_ONLY")
                .build())
            .build());
    }
}
Content copied to clipboard

Router Nat Manual Ips

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Router;
import com.pulumi.gcp.compute.RouterArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.RouterNat;
import com.pulumi.gcp.compute.RouterNatArgs;
import com.pulumi.gcp.compute.inputs.RouterNatSubnetworkArgs;
import com.pulumi.codegen.internal.KeyedValue;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var net = new Network("net");
        var subnet = new Subnetwork("subnet", SubnetworkArgs.builder()
            .network(net.id())
            .ipCidrRange("10.0.0.0/16")
            .region("us-central1")
            .build());
        var router = new Router("router", RouterArgs.builder()
            .region(subnet.region())
            .network(net.id())
            .build());
        for (var i = 0; i < 2; i++) {
            new Address("address-" + i, AddressArgs.builder()
                .region(subnet.region())
                .build());
}
        var natManual = new RouterNat("natManual", RouterNatArgs.builder()
            .router(router.name())
            .region(router.region())
            .natIpAllocateOption("MANUAL_ONLY")
            .natIps(address.stream().map(element -> element.selfLink()).collect(toList()))
            .sourceSubnetworkIpRangesToNat("LIST_OF_SUBNETWORKS")
            .subnetworks(RouterNatSubnetworkArgs.builder()
                .name(subnet.id())
                .sourceIpRangesToNats("ALL_IP_RANGES")
                .build())
            .build());
    }
}
Content copied to clipboard

Router Nat Rules

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Router;
import com.pulumi.gcp.compute.RouterArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.RouterNat;
import com.pulumi.gcp.compute.RouterNatArgs;
import com.pulumi.gcp.compute.inputs.RouterNatSubnetworkArgs;
import com.pulumi.gcp.compute.inputs.RouterNatRuleArgs;
import com.pulumi.gcp.compute.inputs.RouterNatRuleActionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var net = new Network("net", NetworkArgs.builder()
            .autoCreateSubnetworks(false)
            .build());
        var subnet = new Subnetwork("subnet", SubnetworkArgs.builder()
            .network(net.id())
            .ipCidrRange("10.0.0.0/16")
            .region("us-central1")
            .build());
        var router = new Router("router", RouterArgs.builder()
            .region(subnet.region())
            .network(net.id())
            .build());
        var addr1 = new Address("addr1", AddressArgs.builder()
            .region(subnet.region())
            .build());
        var addr2 = new Address("addr2", AddressArgs.builder()
            .region(subnet.region())
            .build());
        var addr3 = new Address("addr3", AddressArgs.builder()
            .region(subnet.region())
            .build());
        var natRules = new RouterNat("natRules", RouterNatArgs.builder()
            .router(router.name())
            .region(router.region())
            .natIpAllocateOption("MANUAL_ONLY")
            .natIps(addr1.selfLink())
            .sourceSubnetworkIpRangesToNat("LIST_OF_SUBNETWORKS")
            .subnetworks(RouterNatSubnetworkArgs.builder()
                .name(subnet.id())
                .sourceIpRangesToNats("ALL_IP_RANGES")
                .build())
            .rules(RouterNatRuleArgs.builder()
                .ruleNumber(100)
                .description("nat rules example")
                .match("inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')")
                .action(RouterNatRuleActionArgs.builder()
                    .sourceNatActiveIps(
                        addr2.selfLink(),
                        addr3.selfLink())
                    .build())
                .build())
            .enableEndpointIndependentMapping(false)
            .build());
    }
}
Content copied to clipboard

Import

RouterNat can be imported using any of these accepted formats

$ pulumi import gcp:compute/routerNat:RouterNat default projects/{{project}}/regions/{{region}}/routers/{{router}}/{{name}}
Content copied to clipboard
$ pulumi import gcp:compute/routerNat:RouterNat default {{project}}/{{region}}/{{router}}/{{name}}
Content copied to clipboard
$ pulumi import gcp:compute/routerNat:RouterNat default {{region}}/{{router}}/{{name}}
Content copied to clipboard
$ pulumi import gcp:compute/routerNat:RouterNat default {{router}}/{{name}}
Content copied to clipboard

Properties

Link copied to clipboard
val drainNatIps: Output<List<String>>?

A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.

Link copied to clipboard
val enableDynamicPortAllocation: Output<Boolean>

Enable Dynamic Port Allocation. If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm. If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. Mutually exclusive with enableEndpointIndependentMapping.

Link copied to clipboard
val enableEndpointIndependentMapping: Output<Boolean>?

Specifies if endpoint independent mapping is enabled. This is enabled by default. For more information see the official documentation.

Link copied to clipboard
val icmpIdleTimeoutSec: Output<Int>?

Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val logConfig: Output<RouterNatLogConfig>?

Configuration for logging on NAT Structure is documented below.

Link copied to clipboard
val maxPortsPerVm: Output<Int>?

Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.

Link copied to clipboard
val minPortsPerVm: Output<Int>?

Minimum number of ports allocated to a VM from this NAT.

Link copied to clipboard
val name: Output<String>

Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.

Link copied to clipboard
val natIpAllocateOption: Output<String>

How external IPs should be allocated for this NAT. Valid values are AUTO_ONLY for only allowing NAT IPs allocated by Google Cloud Platform, or MANUAL_ONLY for only user-allocated NAT IP addresses. Possible values are: MANUAL_ONLY, AUTO_ONLY.

Link copied to clipboard
val natIps: Output<List<String>>?

Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.

Link copied to clipboard
val project: Output<String>

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val region: Output<String>

Region where the router and NAT reside.

Link copied to clipboard
val router: Output<String>

The name of the Cloud Router in which this NAT will be configured.

Link copied to clipboard
val rules: Output<List<RouterNatRule>>?

A list of rules associated with this NAT. Structure is documented below.

Link copied to clipboard
val sourceSubnetworkIpRangesToNat: Output<String>

How NAT should be configured per Subnetwork. If ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. If ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat. LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region. Possible values are: ALL_SUBNETWORKS_ALL_IP_RANGES, ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, LIST_OF_SUBNETWORKS.

Link copied to clipboard
val subnetworks: Output<List<RouterNatSubnetwork>>?

One or more subnetwork NAT configurations. Only used if source_subnetwork_ip_ranges_to_nat is set to LIST_OF_SUBNETWORKS Structure is documented below.

Link copied to clipboard
val tcpEstablishedIdleTimeoutSec: Output<Int>?

Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.

Link copied to clipboard
val tcpTimeWaitTimeoutSec: Output<Int>?

Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.

Link copied to clipboard
val tcpTransitoryIdleTimeoutSec: Output<Int>?

Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.

Link copied to clipboard
val udpIdleTimeoutSec: Output<Int>?

Timeout (in seconds) for UDP connections. Defaults to 30s if not set.

Link copied to clipboard
val urn: Output<String>