-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add documentation for new resource_compute_router_nat to Terraform pr…
…ovider (#2545) <!-- This change is generated by MagicModules. --> /cc @cornmander
- Loading branch information
1 parent
69892ec
commit 024a5d0
Showing
4 changed files
with
176 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
package google | ||
|
||
// Magic Modules doesn't let us remove files - blank out beta-only common-compile files for now. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
package google | ||
|
||
// Magic Modules doesn't let us remove files - blank out beta-only common-compile files for now. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,166 @@ | ||
--- | ||
layout: "google" | ||
page_title: "Google: google_compute_router_nat" | ||
sidebar_current: "docs-google-compute-router-nat" | ||
description: |- | ||
Manages a Cloud NAT. | ||
--- | ||
|
||
# google\_compute\_router\_nat | ||
|
||
Manages a Cloud NAT. For more information see | ||
[the official documentation](https://cloud.google.com/nat/docs/overview) | ||
and | ||
[API](https://cloud.google.com/compute/docs/reference/rest/beta/routers). | ||
|
||
## Example Usage | ||
|
||
A simple NAT configuration: enable NAT for all Subnetworks associated with | ||
the Network associated with the given Router. | ||
|
||
```hcl | ||
resource "google_compute_network" "network" { | ||
name = "my-network" | ||
} | ||
resource "google_compute_subnetwork" "subnetwork" { | ||
name = "my-subnet" | ||
network = "${google_compute_network.network.self_link}" | ||
ip_cidr_range = "10.0.0.0/16" | ||
region = "us-central1" | ||
} | ||
resource "google_compute_router" "router" { | ||
name = "router" | ||
region = "${google_compute_subnetwork.foobar.region}" | ||
network = "${google_compute_network.foobar.self_link}" | ||
bgp { | ||
asn = 64514 | ||
} | ||
} | ||
resource "google_compute_router_nat" "simple-nat" { | ||
name = "nat-1" | ||
router = "${google_compute_router.router.name}" | ||
region = "us-central1" | ||
nat_ip_allocate_option = "AUTO_ONLY" | ||
source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES" | ||
} | ||
``` | ||
|
||
A production-like configuration: enable NAT for one Subnetwork and use a list of | ||
static external IP address. | ||
|
||
```hcl | ||
resource "google_compute_network" "network" { | ||
name = "my-network" | ||
} | ||
resource "google_compute_subnetwork" "subnetwork" { | ||
name = "my-subnet" | ||
network = "${google_compute_network.network.self_link}" | ||
ip_cidr_range = "10.0.0.0/16" | ||
region = "us-central1" | ||
} | ||
resource "google_compute_router" "router" { | ||
name = "router" | ||
region = "${google_compute_subnetwork.foobar.region}" | ||
network = "${google_compute_network.foobar.self_link}" | ||
bgp { | ||
asn = 64514 | ||
} | ||
} | ||
resource "google_compute_address" "address" { | ||
count = 2 | ||
name = "nat-external-address-${var.count}" | ||
region = "us-central1" | ||
} | ||
resource "google_compute_router_nat" "advanced-nat" { | ||
name = "nat-1" | ||
router = "${google_compute_router.router.name}" | ||
region = "us-central1" | ||
nat_ip_allocate_option = "MANUAL_ONLY" | ||
nat_ips = ["${google_compute_address.*.address.self_link}"] | ||
source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS" | ||
subnetwork { | ||
name = "${google_compute_subnetwork.subnetwork.self_link}" | ||
} | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
The following arguments are supported: | ||
|
||
* `name` - (Required) A unique name for Cloud NAT, required by GCE. Changing | ||
this forces a new NAT to be created. | ||
|
||
* `router` - (Required) The name of the router in which this NAT will be configured. | ||
Changing this forces a new NAT to be created. | ||
|
||
* `nat_ip_allocate_option` - (Required) How external IPs should be allocated for | ||
this NAT. Valid values are `AUTO_ONLY` or `MANUAL_ONLY`. Changing this forces | ||
a new NAT to be created. | ||
|
||
* `source_subnetwork_ip_ranges_to_nat` - (Required) How NAT should be configured | ||
per Subnetwork. Valid values include: `ALL_SUBNETWORKS_ALL_IP_RANGES`, | ||
`ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES`, `LIST_OF_SUBNETWORKS`. Changing | ||
this forces a new NAT to be created. | ||
|
||
- - - | ||
|
||
* `nat_ips` - (Optional) List of `self_link`s of external IPs. Only valid if | ||
`nat_ip_allocate_option` is set to `MANUAL_ONLY`. Changing this forces a | ||
new NAT to be created. | ||
|
||
* `subnetwork` - (Optional) One or more subnetwork NAT configurations. Only used | ||
if `source_subnetwork_ip_ranges_to_nat` is set to `LIST_OF_SUBNETWORKS`. See | ||
the section below for details on configuration. | ||
|
||
* `min_ports_per_vm` - (Optional) Minimum number of ports allocated to a VM | ||
from this NAT config. If not set, a default number of ports is allocated to a VM. | ||
Changing this forces a new NAT to be created. | ||
|
||
* `udp_idle_timeout_sec` - (Optional) Timeout (in seconds) for UDP connections. | ||
Defaults to 30s if not set. Changing this forces a new NAT to be created. | ||
|
||
* `icmp_idle_timeout_sec` - (Optional) Timeout (in seconds) for ICMP connections. | ||
Defaults to 30s if not set. Changing this forces a new NAT to be created. | ||
|
||
* `tcp_established_idle_timeout_sec` - (Optional) Timeout (in seconds) for TCP | ||
established connections. Defaults to 1200s if not set. Changing this forces | ||
a new NAT to be created. | ||
|
||
* `tcp_transitory_idle_timeout_sec` - (Optional) Timeout (in seconds) for TCP | ||
transitory connections. Defaults to 30s if not set. Changing this forces a | ||
new NAT to be created. | ||
|
||
* `project` - (Optional) The ID of the project in which this NAT's router belongs. If it | ||
is not provided, the provider project is used. Changing this forces a new NAT to be created. | ||
|
||
* `region` - (Optional) The region this NAT's router sits in. If not specified, | ||
the project region will be used. Changing this forces a new NAT to be | ||
created. | ||
|
||
The `subnetwork` block supports: | ||
|
||
* `name` - (Required) The `self_link` of the subnetwork to NAT. | ||
|
||
* `source_ip_ranges_to_nat` - (Optional) List of options for which source IPs in the subnetwork | ||
should have NAT enabled. Supported values include: `ALL_IP_RANGES`, | ||
`LIST_OF_SECONDARY_IP_RANGES`, `PRIMARY_IP_RANGE` | ||
|
||
* `secondary_ip_range_names` - (Optional) List of the secondary ranges of the subnetwork | ||
that are allowed to use NAT. This can be populated only if | ||
`LIST_OF_SECONDARY_IP_RANGES` is one of the values in `source_ip_ranges_to_nat`. | ||
|
||
## Import | ||
|
||
Router NATs can be imported using the `region`, `router`, and `name`, e.g. | ||
|
||
``` | ||
$ terraform import google_compute_router_nat.my-nat us-central1/router-1/nat-1 | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters