Help Center> Terraform> User Guide> NAT Gateway
Updated on 2023-12-21 GMT+08:00
View PDF

NAT Gateway

Application Scenario

If multiple cloud servers need to access the Internet without binding EIPs, you can use a NAT gateway to share EIPs and prevent the IP addresses of the servers from being exposed to the Internet.

Related Resources

huaweicloud_vpc_eip

huaweicloud_nat_gateway

huaweicloud_nat_snat_rule

Procedure

  1. Apply for an EIP.

    Create the main.tf file, enter the following information, and save the file:

    resource "huaweicloud_vpc_eip" "eip_1" {
  publicip {
    type = "5_bgp"
  }
  bandwidth {
    name        = "test"
    size        = 5
    share_type  = "PER"
    charge_mode = "traffic"
  }
}

  2. Apply for a NAT gateway and configure SNAT rules.

    Add the following information to the main.tf file: 
    data "huaweicloud_vpc" "vpc_1" {
  name = "vpc-default"
}

data "huaweicloud_vpc_subnet" "subnet_1" {
  name   = "subnet-default"
  vpc_id = data.huaweicloud_vpc.vpc_1.id
}

resource "huaweicloud_nat_gateway" "nat_1" {
  name        = "nat-gateway-basic"
  description = "test for terraform examples"
  spec        = "1"
  vpc_id      = data.huaweicloud_vpc.vpc_1.id
  subnet_id   = data.huaweicloud_vpc_subnet.subnet_1.id
}

resource "huaweicloud_nat_snat_rule" "snat_1" {
  floating_ip_id = huaweicloud_vpc_eip.eip_1.id
  nat_gateway_id = huaweicloud_nat_gateway.nat_1.id
  network_id     = data.huaweicloud_vpc_subnet.subnet_1.id
}
    Table 1 Parameter description

    Resource Name

    Parameter

    Description

    huaweicloud_nat_gateway

    name

    NAT gateway name, which can contain digits, letters, underscores (_), and hyphens (-).

    description

    Supplementary information about the NAT gateway.

    spec

    Type of the NAT gateway. The value can be:

    • 1: small type, which supports up to 10,000 SNAT connections.
    • 2: medium type, which supports up to 50,000 SNAT connections.
    • 3: large type, which supports up to 200,000 SNAT connections.
    • 4: extra-large type, which supports up to 1,000,000 SNAT connections.

    internal_network_id

    Network ID of the subnet.

    router_id

    VPC ID.

    huaweicloud_nat_snat_rule

    floating_ip_id

    EIP ID. Separate multiple EIPs with commas (,).

    • The number of EIP IDs cannot exceed 20.

    nat_gateway_id

    ID of the NAT gateway.

    network_id

    Network ID used by the SNAT rule.

  3. Create resources.

    1. Run terraform init to initialize the environment.
    2. Run terraform plan to view resources.
    3. After you confirm that the resource information is correct, run terraform apply to start resource creation.

Sample Code

https://github.com/huaweicloud/terraform-provider-huaweicloud/tree/master/examples/nat/snat-basic