Expand description
A NAT service created in a router.
Note: Recreating a
gcp.compute.Addressthat is being used bygcp.compute.RouterNatwill give aresourceInUseByAnotherResourceerror. Uselifecycle.create_before_destroyon this address resource to avoid this type of error as shown in the Manual Ips example.
To get more information about RouterNat, see:
- API documentation
- How-to Guides
§Example Usage
§Router Nat Basic
ⓘ
use pulumi_wasm_rust::Output;
use pulumi_wasm_rust::{add_export, pulumi_main};
#[pulumi_main]
fn test_main() -> Result<(), Error> {
let nat = router_nat::create(
"nat",
RouterNatArgs::builder()
.log_config(
RouterNatLogConfig::builder()
.enable(true)
.filter("ERRORS_ONLY")
.build_struct(),
)
.name("my-router-nat")
.nat_ip_allocate_option("AUTO_ONLY")
.region("${router.region}")
.router("${router.name}")
.source_subnetwork_ip_ranges_to_nat("ALL_SUBNETWORKS_ALL_IP_RANGES")
.build_struct(),
);
let net = network::create(
"net",
NetworkArgs::builder().name("my-network").build_struct(),
);
let router = router::create(
"router",
RouterArgs::builder()
.bgp(RouterBgp::builder().asn(64514).build_struct())
.name("my-router")
.network("${net.id}")
.region("${subnet.region}")
.build_struct(),
);
let subnet = subnetwork::create(
"subnet",
SubnetworkArgs::builder()
.ip_cidr_range("10.0.0.0/16")
.name("my-subnetwork")
.network("${net.id}")
.region("us-central1")
.build_struct(),
);
}§Router Nat Rules
ⓘ
use pulumi_wasm_rust::Output;
use pulumi_wasm_rust::{add_export, pulumi_main};
#[pulumi_main]
fn test_main() -> Result<(), Error> {
let addr1 = address::create(
"addr1",
AddressArgs::builder()
.name("nat-address1")
.region("${subnet.region}")
.build_struct(),
);
let addr2 = address::create(
"addr2",
AddressArgs::builder()
.name("nat-address2")
.region("${subnet.region}")
.build_struct(),
);
let addr3 = address::create(
"addr3",
AddressArgs::builder()
.name("nat-address3")
.region("${subnet.region}")
.build_struct(),
);
let natRules = router_nat::create(
"natRules",
RouterNatArgs::builder()
.enable_endpoint_independent_mapping(false)
.name("my-router-nat")
.nat_ip_allocate_option("MANUAL_ONLY")
.nat_ips(vec!["${addr1.selfLink}",])
.region("${router.region}")
.router("${router.name}")
.rules(
vec![
RouterNatRule::builder().action(RouterNatRuleAction::builder()
.sourceNatActiveIps(vec!["${addr2.selfLink}", "${addr3.selfLink}",])
.build_struct()).description("nat rules example"). match
("inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')")
.ruleNumber(100).build_struct(),
],
)
.source_subnetwork_ip_ranges_to_nat("LIST_OF_SUBNETWORKS")
.subnetworks(
vec![
RouterNatSubnetwork::builder().name("${subnet.id}")
.sourceIpRangesToNats(vec!["ALL_IP_RANGES",]).build_struct(),
],
)
.build_struct(),
);
let net = network::create(
"net",
NetworkArgs::builder()
.auto_create_subnetworks(false)
.name("my-network")
.build_struct(),
);
let router = router::create(
"router",
RouterArgs::builder()
.name("my-router")
.network("${net.id}")
.region("${subnet.region}")
.build_struct(),
);
let subnet = subnetwork::create(
"subnet",
SubnetworkArgs::builder()
.ip_cidr_range("10.0.0.0/16")
.name("my-subnetwork")
.network("${net.id}")
.region("us-central1")
.build_struct(),
);
}§Router Nat Private
ⓘ
use pulumi_wasm_rust::Output;
use pulumi_wasm_rust::{add_export, pulumi_main};
#[pulumi_main]
fn test_main() -> Result<(), Error> {
let hub = hub::create(
"hub",
HubArgs::builder()
.description("vpc hub for inter vpc nat")
.name("my-hub")
.build_struct(),
);
let natType = router_nat::create(
"natType",
RouterNatArgs::builder()
.enable_dynamic_port_allocation(false)
.enable_endpoint_independent_mapping(false)
.min_ports_per_vm(32)
.name("my-router-nat")
.region("${router.region}")
.router("${router.name}")
.rules(
vec![
RouterNatRule::builder().action(RouterNatRuleAction::builder()
.sourceNatActiveRanges(vec!["${subnet.selfLink}",]).build_struct())
.description("rule for private nat"). match
("nexthop.hub == \"//networkconnectivity.googleapis.com/projects/acm-test-proj-123/locations/global/hubs/my-hub\"")
.ruleNumber(100).build_struct(),
],
)
.source_subnetwork_ip_ranges_to_nat("LIST_OF_SUBNETWORKS")
.subnetworks(
vec![
RouterNatSubnetwork::builder().name("${subnet.id}")
.sourceIpRangesToNats(vec!["ALL_IP_RANGES",]).build_struct(),
],
)
.type_("PRIVATE")
.build_struct(),
);
let net = network::create(
"net",
NetworkArgs::builder().name("my-network").build_struct(),
);
let router = router::create(
"router",
RouterArgs::builder()
.name("my-router")
.network("${net.id}")
.region("${subnet.region}")
.build_struct(),
);
let spoke = spoke::create(
"spoke",
SpokeArgs::builder()
.description("vpc spoke for inter vpc nat")
.hub("${hub.id}")
.linked_vpc_network(
SpokeLinkedVpcNetwork::builder()
.excludeExportRanges(vec!["198.51.100.0/24", "10.10.0.0/16",])
.uri("${net.selfLink}")
.build_struct(),
)
.location("global")
.name("my-spoke")
.build_struct(),
);
let subnet = subnetwork::create(
"subnet",
SubnetworkArgs::builder()
.ip_cidr_range("10.0.0.0/16")
.name("my-subnetwork")
.network("${net.id}")
.purpose("PRIVATE_NAT")
.region("us-central1")
.build_struct(),
);
}§Import
RouterNat can be imported using any of these accepted formats:
-
projects/{{project}}/regions/{{region}}/routers/{{router}}/{{name}} -
{{project}}/{{region}}/{{router}}/{{name}} -
{{region}}/{{router}}/{{name}} -
{{router}}/{{name}}
When using the pulumi import command, RouterNat can be imported using one of the formats above. For example:
$ pulumi import gcp:compute/routerNat:RouterNat default projects/{{project}}/regions/{{region}}/routers/{{router}}/{{name}}$ pulumi import gcp:compute/routerNat:RouterNat default {{project}}/{{region}}/{{router}}/{{name}}$ pulumi import gcp:compute/routerNat:RouterNat default {{region}}/{{router}}/{{name}}$ pulumi import gcp:compute/routerNat:RouterNat default {{router}}/{{name}}Structs§
- Use builder syntax to set the inputs and finish with
build_struct().
Functions§
- Registers a new resource with the given unique name and arguments