Creating an SNAT Rule

Function

This API is used to create an SNAT rule.

Constraints

When you are creating an SNAT rule, status of the NAT gateway must be set to ACTIVE.

Calling Method

For details, see Calling APIs.

URI

POST /v3/{project_id}/private-nat/snat-rules

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Specifies the project ID. Minimum: 1 Maximum: 36

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Specifies the user token. It is a response to the API used to obtain a user token. This API is the only one that does not require authentication. The value of X-Subject-Token in the response header is the token value. Minimum: 1 Maximum: 10240

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
snat_rule	Yes	CreatePrivateSnatOption object	Specifies the request body for creating an SNAT rule.

**Table 4** CreatePrivateSnatOption
Parameter	Mandatory	Type	Description
gateway_id	Yes	String	Specifies the private NAT gateway ID. Minimum: 36 Maximum: 36
cidr	No	String	Specifies the CIDR block that matches the SNAT rule. Constraint: Either this parameter or virsubnet_id must be specified. Minimum: 9 Maximum: 18
virsubnet_id	No	String	Specifies the ID of the subnet that matches the SNAT rule. Constraint: Either this parameter or cidr must be specified. Minimum: 36 Maximum: 36
description	No	String	Provides supplementary information about the SNAT rule. The description can contain up to 255 characters and cannot contain angle brackets (<>). Minimum: 0 Maximum: 255
transit_ip_ids	Yes	Array of strings	Specifies the ID list of transit IP addresses. Minimum: 36 Maximum: 36 Array Length: 1 - 1

Response Parameters

Status code: 201

**Table 5** Response body parameters
Parameter	Type	Description
snat_rule	PrivateSnat object	Specifies the response body of the SNAT rule.
request_id	String	Specifies the request ID. Minimum: 1 Maximum: 36

**Table 6** PrivateSnat
Parameter	Type	Description
id	String	Specifies the SNAT rule ID. Minimum: 36 Maximum: 36
project_id	String	Specifies the project ID. Minimum: 36 Maximum: 36
gateway_id	String	Specifies the private NAT gateway ID. Minimum: 36 Maximum: 36
cidr	String	Specifies the CIDR block that matches the SNAT rule. Constraints: Either this parameter or virsubnet_id must be specified. The CIDR block cannot be the same as that of an existing SNAT rule. Minimum: 9 Maximum: 18
virsubnet_id	String	Specifies the ID of the subnet that matches the SNAT rule. Constraint: Either this parameter or cidr must be specified. Minimum: 36 Maximum: 36
description	String	Provides supplementary information about the SNAT rule. The description can contain up to 255 characters and cannot contain angle brackets (<>). Minimum: 1 Maximum: 36
transit_ip_associations	Array of AssociatedTransitIp objects	Specifies the list of details of associated transit IP addresses. Array Length: 1 - 1
created_at	String	Specifies when the SNAT rule was created. It is a UTC time in the yyyy-mm-ddThh:mm:ssZ format. Minimum: 1 Maximum: 36
updated_at	String	Specifies when the SNAT rule was updated. It is a UTC time in the yyyy-mm-ddThh:mm:ssZ format. Minimum: 1 Maximum: 36
enterprise_project_id	String	Specifies the enterprise project ID. Minimum: 1 Maximum: 36

**Table 7** AssociatedTransitIp
Parameter	Type	Description
transit_ip_id	String	Specifies the ID of the transit IP address. Minimum: 36 Maximum: 36
transit_ip_address	String	Specifies the transit IP address. Minimum: 7 Maximum: 35

Example Requests

Creating an SNAT rule (Setting description to my_snat_rule01, gateway_id to 80da6f26-94eb-4537-97f0-5a56f4d04cfb, and virsubnet_id to 5b9ea497-727d-4ad0-a99e-3984b3f5aaed)

POST https://{Endpoint}/v3/cfa563efb77d4b6d9960781d82530fd8/private-nat/snat-rules

{
  "snat_rule" : {
    "description" : "my_snat_rule01",
    "gateway_id" : "80da6f26-94eb-4537-97f0-5a56f4d04cfb",
    "virsubnet_id" : "5b9ea497-727d-4ad0-a99e-3984b3f5aaed",
    "transit_ip_ids" : [ "36a3049a-1682-48b3-b1cf-cb986a3350ef" ]
  }
}

Example Responses

Status code: 201

SNAT rule created.

{
  "snat_rule" : {
    "id" : "af4dbb83-7ca0-4ed1-b28b-668c1f9c6b81",
    "project_id" : "cfa563efb77d4b6d9960781d82530fd8",
    "description" : "snat rule description",
    "gateway_id" : "80da6f26-94eb-4537-97f0-5a56f4d04cfb",
    "cidr" : "",
    "virsubnet_id" : "5b9ea497-727d-4ad0-a99e-3984b3f5aaed",
    "transit_ip_associations" : [ {
      "transit_ip_id" : "36a3049a-1682-48b3-b1cf-cb986a3350ef",
      "transit_ip_address" : "172.20.1.10"
    } ],
    "created_at" : "2019-10-22T03:31:19",
    "updated_at" : "2019-10-22T03:31:19"
  },
  "request_id" : "2937502e-73f9-4ba5-ae75-2293a0b35fb8"
}

SDK Sample Code

The SDK sample code is as follows.

Creating an SNAT rule (Setting description to my_snat_rule01, gateway_id to 80da6f26-94eb-4537-97f0-5a56f4d04cfb, and virsubnet_id to 5b9ea497-727d-4ad0-a99e-3984b3f5aaed)

      
       
         
         
           package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.nat.v2.region.NatRegion;
import com.huaweicloud.sdk.nat.v2.*;
import com.huaweicloud.sdk.nat.v2.model.*;

import java.util.List;
import java.util.ArrayList;

public class CreatePrivateSnatSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        NatClient client = NatClient.newBuilder()
                .withCredential(auth)
                .withRegion(NatRegion.valueOf("<YOUR REGION>"))
                .build();
        CreatePrivateSnatRequest request = new CreatePrivateSnatRequest();
        CreatePrivateSnatOptionBody body = new CreatePrivateSnatOptionBody();
        List<String> listSnatRuleTransitIpIds = new ArrayList<>();
        listSnatRuleTransitIpIds.add("36a3049a-1682-48b3-b1cf-cb986a3350ef");
        CreatePrivateSnatOption snatRulebody = new CreatePrivateSnatOption();
        snatRulebody.withGatewayId("80da6f26-94eb-4537-97f0-5a56f4d04cfb")
            .withVirsubnetId("5b9ea497-727d-4ad0-a99e-3984b3f5aaed")
            .withDescription("my_snat_rule01")
            .withTransitIpIds(listSnatRuleTransitIpIds);
        body.withSnatRule(snatRulebody);
        request.withBody(body);
        try {
            CreatePrivateSnatResponse response = client.createPrivateSnat(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

          

        

      
     

Creating an SNAT rule (Setting description to my_snat_rule01, gateway_id to 80da6f26-94eb-4537-97f0-5a56f4d04cfb, and virsubnet_id to 5b9ea497-727d-4ad0-a99e-3984b3f5aaed)

      
       
         
         
           # coding: utf-8

from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdknat.v2.region.nat_region import NatRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdknat.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = __import__('os').getenv("CLOUD_SDK_AK")
    sk = __import__('os').getenv("CLOUD_SDK_SK")

    credentials = BasicCredentials(ak, sk) \

    client = NatClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(NatRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CreatePrivateSnatRequest()
        listTransitIpIdsSnatRule = [
            "36a3049a-1682-48b3-b1cf-cb986a3350ef"
        ]
        snatRulebody = CreatePrivateSnatOption(
            gateway_id="80da6f26-94eb-4537-97f0-5a56f4d04cfb",
            virsubnet_id="5b9ea497-727d-4ad0-a99e-3984b3f5aaed",
            description="my_snat_rule01",
            transit_ip_ids=listTransitIpIdsSnatRule
        )
        request.body = CreatePrivateSnatOptionBody(
            snat_rule=snatRulebody
        )
        response = client.create_private_snat(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

          

        

      
     

Creating an SNAT rule (Setting description to my_snat_rule01, gateway_id to 80da6f26-94eb-4537-97f0-5a56f4d04cfb, and virsubnet_id to 5b9ea497-727d-4ad0-a99e-3984b3f5aaed)

      
       
         
         
           package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    nat "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := nat.NewNatClient(
        nat.NatClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CreatePrivateSnatRequest{}
	var listTransitIpIdsSnatRule = []string{
        "36a3049a-1682-48b3-b1cf-cb986a3350ef",
    }
	virsubnetIdSnatRule:= "5b9ea497-727d-4ad0-a99e-3984b3f5aaed"
	descriptionSnatRule:= "my_snat_rule01"
	snatRulebody := &model.CreatePrivateSnatOption{
		GatewayId: "80da6f26-94eb-4537-97f0-5a56f4d04cfb",
		VirsubnetId: &virsubnetIdSnatRule,
		Description: &descriptionSnatRule,
		TransitIpIds: listTransitIpIdsSnatRule,
	}
	request.Body = &model.CreatePrivateSnatOptionBody{
		SnatRule: snatRulebody,
	}
	response, err := client.CreatePrivateSnat(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

          

        

      
     