Skip to content

Commit

Permalink
Add documentation for new resource_compute_router_nat to Terraform pr…
Browse files Browse the repository at this point in the history
…ovider (#2545)

<!-- This change is generated by MagicModules. -->
/cc @cornmander
  • Loading branch information
modular-magician authored and danawillow committed Nov 30, 2018
1 parent 69892ec commit 024a5d0
Show file tree
Hide file tree
Showing 4 changed files with 176 additions and 0 deletions.
3 changes: 3 additions & 0 deletions google/resource_compute_router_nat.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
package google

// Magic Modules doesn't let us remove files - blank out beta-only common-compile files for now.
3 changes: 3 additions & 0 deletions google/resource_compute_router_nat_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
package google

// Magic Modules doesn't let us remove files - blank out beta-only common-compile files for now.
166 changes: 166 additions & 0 deletions website/docs/r/compute_router_nat.html.markdown
Original file line number Diff line number Diff line change
@@ -0,0 +1,166 @@
---
layout: "google"
page_title: "Google: google_compute_router_nat"
sidebar_current: "docs-google-compute-router-nat"
description: |-
Manages a Cloud NAT.
---

# google\_compute\_router\_nat

Manages a Cloud NAT. For more information see
[the official documentation](https://cloud.google.com/nat/docs/overview)
and
[API](https://cloud.google.com/compute/docs/reference/rest/beta/routers).

## Example Usage

A simple NAT configuration: enable NAT for all Subnetworks associated with
the Network associated with the given Router.

```hcl
resource "google_compute_network" "network" {
name = "my-network"
}
resource "google_compute_subnetwork" "subnetwork" {
name = "my-subnet"
network = "${google_compute_network.network.self_link}"
ip_cidr_range = "10.0.0.0/16"
region = "us-central1"
}
resource "google_compute_router" "router" {
name = "router"
region = "${google_compute_subnetwork.foobar.region}"
network = "${google_compute_network.foobar.self_link}"
bgp {
asn = 64514
}
}
resource "google_compute_router_nat" "simple-nat" {
name = "nat-1"
router = "${google_compute_router.router.name}"
region = "us-central1"
nat_ip_allocate_option = "AUTO_ONLY"
source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
}
```

A production-like configuration: enable NAT for one Subnetwork and use a list of
static external IP address.

```hcl
resource "google_compute_network" "network" {
name = "my-network"
}
resource "google_compute_subnetwork" "subnetwork" {
name = "my-subnet"
network = "${google_compute_network.network.self_link}"
ip_cidr_range = "10.0.0.0/16"
region = "us-central1"
}
resource "google_compute_router" "router" {
name = "router"
region = "${google_compute_subnetwork.foobar.region}"
network = "${google_compute_network.foobar.self_link}"
bgp {
asn = 64514
}
}
resource "google_compute_address" "address" {
count = 2
name = "nat-external-address-${var.count}"
region = "us-central1"
}
resource "google_compute_router_nat" "advanced-nat" {
name = "nat-1"
router = "${google_compute_router.router.name}"
region = "us-central1"
nat_ip_allocate_option = "MANUAL_ONLY"
nat_ips = ["${google_compute_address.*.address.self_link}"]
source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
subnetwork {
name = "${google_compute_subnetwork.subnetwork.self_link}"
}
}
```

## Argument Reference

The following arguments are supported:

* `name` - (Required) A unique name for Cloud NAT, required by GCE. Changing
this forces a new NAT to be created.

* `router` - (Required) The name of the router in which this NAT will be configured.
Changing this forces a new NAT to be created.

* `nat_ip_allocate_option` - (Required) How external IPs should be allocated for
this NAT. Valid values are `AUTO_ONLY` or `MANUAL_ONLY`. Changing this forces
a new NAT to be created.

* `source_subnetwork_ip_ranges_to_nat` - (Required) How NAT should be configured
per Subnetwork. Valid values include: `ALL_SUBNETWORKS_ALL_IP_RANGES`,
`ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES`, `LIST_OF_SUBNETWORKS`. Changing
this forces a new NAT to be created.

- - -

* `nat_ips` - (Optional) List of `self_link`s of external IPs. Only valid if
`nat_ip_allocate_option` is set to `MANUAL_ONLY`. Changing this forces a
new NAT to be created.

* `subnetwork` - (Optional) One or more subnetwork NAT configurations. Only used
if `source_subnetwork_ip_ranges_to_nat` is set to `LIST_OF_SUBNETWORKS`. See
the section below for details on configuration.

* `min_ports_per_vm` - (Optional) Minimum number of ports allocated to a VM
from this NAT config. If not set, a default number of ports is allocated to a VM.
Changing this forces a new NAT to be created.

* `udp_idle_timeout_sec` - (Optional) Timeout (in seconds) for UDP connections.
Defaults to 30s if not set. Changing this forces a new NAT to be created.

* `icmp_idle_timeout_sec` - (Optional) Timeout (in seconds) for ICMP connections.
Defaults to 30s if not set. Changing this forces a new NAT to be created.

* `tcp_established_idle_timeout_sec` - (Optional) Timeout (in seconds) for TCP
established connections. Defaults to 1200s if not set. Changing this forces
a new NAT to be created.

* `tcp_transitory_idle_timeout_sec` - (Optional) Timeout (in seconds) for TCP
transitory connections. Defaults to 30s if not set. Changing this forces a
new NAT to be created.

* `project` - (Optional) The ID of the project in which this NAT's router belongs. If it
is not provided, the provider project is used. Changing this forces a new NAT to be created.

* `region` - (Optional) The region this NAT's router sits in. If not specified,
the project region will be used. Changing this forces a new NAT to be
created.

The `subnetwork` block supports:

* `name` - (Required) The `self_link` of the subnetwork to NAT.

* `source_ip_ranges_to_nat` - (Optional) List of options for which source IPs in the subnetwork
should have NAT enabled. Supported values include: `ALL_IP_RANGES`,
`LIST_OF_SECONDARY_IP_RANGES`, `PRIMARY_IP_RANGE`

* `secondary_ip_range_names` - (Optional) List of the secondary ranges of the subnetwork
that are allowed to use NAT. This can be populated only if
`LIST_OF_SECONDARY_IP_RANGES` is one of the values in `source_ip_ranges_to_nat`.

## Import

Router NATs can be imported using the `region`, `router`, and `name`, e.g.

```
$ terraform import google_compute_router_nat.my-nat us-central1/router-1/nat-1
```
4 changes: 4 additions & 0 deletions website/google.erb
Original file line number Diff line number Diff line change
Expand Up @@ -419,6 +419,10 @@
<a href="/docs/providers/google/r/compute_router_interface.html">google_compute_router_interface</a>
</li>

<li<%= sidebar_current("docs-google-compute-router-nat") %>>
<a href="/docs/providers/google/r/compute_router_nat.html">google_compute_router_nat</a>
</li>

<li<%= sidebar_current("docs-google-compute-router-peer") %>>
<a href="/docs/providers/google/r/compute_router_peer.html">google_compute_router_peer</a>
</li>
Expand Down

0 comments on commit 024a5d0

Please sign in to comment.