Querying SNAT Rules

Function

This API is used to query SNAT rules.

Constraints

You can type the question mark (?) and ampersand (&) at the end of the URI to define multiple search criteria. All optional parameters can be filtered. For details, see the example request.

Calling Method

For details, see Calling APIs.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
If you are using identity policy-based authorization, the following identity policy-based permissions are required.
Action
Access Level
Resource Type (*: required)
Condition Key
Alias
Dependencies
nat:snatRules:list
List
snatRule *
g:EnterpriseProjectId
-
-

Action	Access Level	Resource Type (*: required)	Condition Key	Alias	Dependencies
nat:snatRules:list	List	snatRule *	g:EnterpriseProjectId	-	-

URI

GET /v2/{project_id}/snat_rules

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Specifies the project ID.

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
admin_state_up	No	Boolean	Specifies whether the instance is unfrozen or frozen. The value can be: true: unfrozen false: frozen
cidr	No	String	Specifies a CIDR block or a host IP address. Configure either cidr or network_id. If you set source_type to 0, set cidr to a subset of the VPC subnet. If you set source_type to 1, set cidr to a CIDR block of your private networks connected to the VPC through Direct Connect or Cloud Connect.
limit	No	Integer	Specifies the number of records displayed on each page. Value range: 1 to 2000 Default value: 2000
floating_ip_address	No	String	Specifies the EIP. Use commas (,) to separate multiple EIPs. The maximum length is 1,024 bytes.
global_eip_address	No	String	Specifies the global EIP. Use commas (,) to separate multiple global EIPs. The maximum length is 1,024 bytes.
floating_ip_id	No	String	Specifies the EIP ID. Use commas (,) to separate multiple EIP IDs. The maximum length is 4,096 bytes.
global_eip_id	No	String	Specifies the global EIP ID. Use commas (,) to separate multiple global EIP IDs. The maximum length is 4,096 bytes.
id	No	String	Specifies the SNAT rule ID.
description	No	String	Provides supplementary information about the SNAT rule. The description can contain up to 255 characters and cannot contain angle brackets (<>).
created_at	No	String	Specifies when the SNAT rule was created. The time is in yyyy-mm-dd hh:mm:ss.SSSSSS format.
nat_gateway_id	No	Array of strings	Specifies the public NAT gateway ID.
network_id	No	String	Specifies the network ID used by the SNAT rule. Configure either network_id or cidr.
source_type	No	Integer	Specifies the resource type. The value can be: 0: VPC. Either network_id or cidr can be specified. 1: Direct Connect/Cloud Connect. Only cidr can be specified. If no value is entered, default value 0 (VPC) is used.
status	No	String	Specifies the SNAT rule status. The value can be: ACTIVE: The SNAT rule is available. PENDING_CREATE: The SNAT rule is being created. PENDING_UPDATE: The SNAT rule is being updated. PENDING_DELETE: The SNAT rule is being deleted. EIP_FREEZED: The EIP is frozen. INACTIVE: The SNAT rule is unavailable.
marker	No	String	Specifies a resource ID for pagination query, indicating that the query starts from the next record of the specified resource ID. If parameters marker and limit are not specified, all resource records (2,000 by default) on the first page will be returned. If marker is not specified and limit is set to 10, the first to tenth resource records will be returned. If marker is set to the resource ID of the tenth record and limit is set to 10, the 11th to 20th resource records will be returned. If marker is set to the resource ID of the tenth record and limit is not specified, the 11th and subsequent resource records (2,000 by default) will be returned.

Request Parameters

**Table 3** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Specifies the user token. It is a response to the API for obtaining a user token. This API is the only one that does not require authentication. The value of X-Subject-Token in the response header is the token value.

Response Parameters

Status code: 200

**Table 4** Response body parameters
Parameter	Type	Description
snat_rules	Array of NatGatewaySnatRuleResponseBody objects	Specifies the response body for querying SNAT rules.

**Table 5** NatGatewaySnatRuleResponseBody
Parameter	Type	Description
id	String	Specifies the SNAT rule ID.
tenant_id	String	Specifies the project ID.
nat_gateway_id	String	Specifies the public NAT gateway ID.
cidr	String	Specifies a CIDR block or a host IP address. Configure either cidr or network_id. If you set source_type to 0, set cidr to a subset of the VPC subnet. If you set source_type to 1, set cidr to a CIDR block of your private networks connected to the VPC through Direct Connect or Cloud Connect.
source_type	Integer	Specifies the resource type. The value can be: 0: VPC. Either network_id or cidr can be specified. 1: Direct Connect/Cloud Connect. Only cidr can be specified. If no value is entered, default value 0 (VPC) is used.
floating_ip_id	String	Specifies the EIP ID. Use commas (,) to separate multiple EIP IDs.
description	String	Provides supplementary information about the SNAT rule. The description can contain up to 255 characters and cannot contain angle brackets (<>).
status	String	Specifies the SNAT rule status. The value can be: ACTIVE: The SNAT rule is available. PENDING_CREATE: The SNAT rule is being created. PENDING_UPDATE: The SNAT rule is being updated. PENDING_DELETE: The SNAT rule is being deleted. EIP_FREEZED: The EIP is frozen. INACTIVE: The SNAT rule is unavailable.
created_at	String	Specifies when the SNAT rule was created. The time is in yyyy-mm-dd hh:mm:ss.SSSSSS format.
network_id	String	Specifies the network ID used by the SNAT rule. Configure either network_id or cidr.
admin_state_up	Boolean	Specifies whether the SNAT rule is frozen. The value can be: true: The SNAT rule is unfrozen. false: The SNAT rule is frozen.
floating_ip_address	String	Specifies the EIP. Use commas (,) to separate multiple EIPs.
freezed_ip_address	String	Specifies the frozen EIP. Use commas (,) to separate frozen EIPs.
global_eip_id	String	Specifies the global EIP ID.
global_eip_address	String	Specifies the global EIP.

Example Requests

GET https://{NAT_endpoint}/v2/d199ba7e0ba64899b2e81518104b1526/snat_rules?limit=2

Example Responses

Status code: 200

SNAT rules queried.

{
  "snat_rules" : [ {
    "floating_ip_id" : "bf99c679-9f41-4dac-8513-9c9228e713e1",
    "status" : "ACTIVE",
    "nat_gateway_id" : "cda3a125-2406-456c-a11f-598e10578541",
    "admin_state_up" : true,
    "network_id" : "9a469561-daac-4c94-88f5-39366e5ea193",
    "source_type" : 0,
    "tenant_id" : "d199ba7e0ba64899b2e81518104b1526",
    "created_at" : "2017-11-15 15:44:42.595173",
    "id" : "79195d50-0271-41f1-bded-4c089b2502ff",
    "floating_ip_address" : "5.21.11.242",
    "freezed_ip_address" : "",
    "description" : "my snat rule 01"
  }, {
    "floating_ip_id" : "6e496fba-abe9-4f5e-9406-2ad8c809ac8c",
    "status" : "ACTIVE",
    "nat_gateway_id" : "e824f1b4-4290-4ebc-8322-cfff370dbd1e",
    "admin_state_up" : true,
    "network_id" : "97e89905-f9c8-4ae3-9856-392b0b2fbe7f",
    "source_type" : 0,
    "tenant_id" : "d199ba7e0ba64899b2e81518104b1526",
    "created_at" : "2017-11-17 07:43:44.830845",
    "id" : "4a1a10d7-0d9f-4846-8cda-24cffeffef5c",
    "floating_ip_address" : "5.21.11.142,5.21.11.143",
    "freezed_ip_address" : "5.21.11.142",
    "description" : "my snat rule 01"
  } ]
}

SDK Sample Code

The SDK sample code is as follows.

Java

 package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.nat.v2.region.NatRegion;
import com.huaweicloud.sdk.nat.v2.*;
import com.huaweicloud.sdk.nat.v2.model.*;


public class ListNatGatewaySnatRulesSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        NatClient client = NatClient.newBuilder()
                .withCredential(auth)
                .withRegion(NatRegion.valueOf("<YOUR REGION>"))
                .build();
        ListNatGatewaySnatRulesRequest request = new ListNatGatewaySnatRulesRequest();
        try {
            ListNatGatewaySnatRulesResponse response = client.listNatGatewaySnatRules(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}
 

Python

 # coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdknat.v2.region.nat_region import NatRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdknat.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = NatClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(NatRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ListNatGatewaySnatRulesRequest()
        response = client.list_nat_gateway_snat_rules(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)
 

Go

 package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    nat "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := nat.NewNatClient(
        nat.NatClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ListNatGatewaySnatRulesRequest{}
	response, err := client.ListNatGatewaySnatRules(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}
 