Creating an SNAT Rule

Function

This API is used to create an SNAT rule.

Constraints

You can create an SNAT rule only when status of the NAT gateway is ACTIVE and admin_state_up of the NAT gateway administrator is True.

Calling Method

For details, see Calling APIs.

URI

POST /v2/{project_id}/snat_rules

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Specifies the project ID.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Specifies the user token. It is a response to the API for obtaining a user token. This API is the only one that does not require authentication. The value of X-Subject-Token in the response header is the token value.

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
snat_rule	Yes	CreateNatGatewaySnatRuleOption object	Specifies the request body for creating the SNAT rule.

**Table 4** CreateNatGatewaySnatRuleOption
Parameter	Mandatory	Type	Description
nat_gateway_id	Yes	String	Specifies the public NAT gateway ID.
cidr	No	String	Specifies a CIDR block or a host IP address. Configure either cidr or network_id. If you set source_type to 0, set cidr to a subset of the VPC subnet. If you set source_type to 1, set cidr to a CIDR block of your private networks connected to the VPC through Direct Connect or Cloud Connect.
network_id	No	String	Specifies the network ID used by the SNAT rule. Configure either network_id or cidr.
description	No	String	Provides supplementary information about the SNAT rule. The description can contain up to 255 characters and cannot contain angle brackets (<>).
source_type	No	Integer	0: VPC. Either network_id or cidr can be specified. 1: Direct Connect/Cloud Connect. Only cidr can be specified. If no value is entered, default value 0 (VPC) is used.
floating_ip_id	Yes	String	Specifies the EIP ID. Use commas (,) to separate multiple EIP IDs. Maximum number of EIP IDs: 20
global_eip_id	No	String	Specifies the global EIP ID.

Response Parameters

Status code: 201

**Table 5** Response body parameters
Parameter	Type	Description
snat_rule	CreateNatGatewaySnatRuleResponseBody object	Specifies the response body for creating the SNAT rule.

**Table 6** CreateNatGatewaySnatRuleResponseBody
Parameter	Type	Description
id	String	Specifies the SNAT rule ID.
tenant_id	String	Specifies the project ID.
nat_gateway_id	String	Specifies the public NAT gateway ID.
cidr	String	Specifies a CIDR block or a host IP address. Configure either cidr or network_id. If you set source_type to 0, set cidr to a subset of the VPC subnet. If you set source_type to 1, set cidr to a CIDR block of your private networks connected to the VPC through Direct Connect or Cloud Connect.
source_type	Integer	0: VPC. Either network_id or cidr can be specified. 1: Direct Connect/Cloud Connect. Only cidr can be specified. If no value is entered, default value 0 (VPC) is used.
floating_ip_id	String	Specifies the EIP ID. Use commas (,) to separate multiple EIP IDs.
global_eip_id	String	Specifies the global EIP ID. Use commas (,) to separate multiple global EIP IDs. Configure either the EIP ID or the global EIP ID. The maximum length is 4,096 bytes.
description	String	Provides supplementary information about the SNAT rule. The description can contain up to 255 characters and cannot contain angle brackets (<>).
status	String	Specifies the SNAT rule status. The value can be: ACTIVE: The SNAT rule is available. PENDING_CREATE: The SNAT rule is being created. PENDING_UPDATE: The SNAT rule is being updated. PENDING_DELETE: The SNAT rule is being deleted. EIP_FREEZED: The EIP is frozen. INACTIVE: The SNAT rule is unavailable.
created_at	String	Specifies when the SNAT rule was created. The time is in yyyy-mm-dd hh:mm:ss.SSSSSS format.
network_id	String	Specifies the network ID used by the SNAT rule. Configure either network_id or cidr.
admin_state_up	Boolean	Specifies whether the SNAT rule is frozen. The value can be: true: The SNAT rule is unfrozen. false: The SNAT rule is frozen.
floating_ip_address	String	Specifies the EIP. Use commas (,) to separate multiple EIPs.
global_eip_address	String	Specifies the global EIP.

Example Requests

Creating an SNAT rule

POST https://{NAT_endpoint}/v2/d199ba7e0ba64899b2e81518104b1526/snat_rules

{
  "snat_rule" : {
    "nat_gateway_id" : "a78fb3eb-1654-4710-8742-3fc49d5f04f8",
    "cidr" : "172.30.0.0/24",
    "source_type" : 1,
    "floating_ip_id" : "bdc10a4c-d81a-41ec-adf7-de857f7c812a",
    "description" : "my snat rule 01"
  }
}

Example Responses

Status code: 201

SNAT rule created.

{
  "snat_rule" : {
    "floating_ip_id" : "bdc10a4c-d81a-41ec-adf7-de857f7c812a",
    "status" : "PENDING_CREATE",
    "nat_gateway_id" : "a78fb3eb-1654-4710-8742-3fc49d5f04f8",
    "admin_state_up" : true,
    "cidr" : "172.30.0.0/24",
    "description" : "",
    "source_type" : 1,
    "tenant_id" : "27e25061336f4af590faeabeb7fcd9a3",
    "created_at" : "2017-11-18 07:54:21.665430",
    "id" : "5b95c675-69c2-4656-ba06-58ff72e1d338",
    "floating_ip_address" : "5.21.11.226"
  }
}

SDK Sample Code

The SDK sample code is as follows.

Creating an SNAT rule

      
       
         
         
           package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.nat.v2.region.NatRegion;
import com.huaweicloud.sdk.nat.v2.*;
import com.huaweicloud.sdk.nat.v2.model.*;


public class CreateNatGatewaySnatRuleSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        NatClient client = NatClient.newBuilder()
                .withCredential(auth)
                .withRegion(NatRegion.valueOf("<YOUR REGION>"))
                .build();
        CreateNatGatewaySnatRuleRequest request = new CreateNatGatewaySnatRuleRequest();
        CreateNatGatewaySnatRuleRequestOption body = new CreateNatGatewaySnatRuleRequestOption();
        CreateNatGatewaySnatRuleOption snatRulebody = new CreateNatGatewaySnatRuleOption();
        snatRulebody.withNatGatewayId("a78fb3eb-1654-4710-8742-3fc49d5f04f8")
            .withCidr("172.30.0.0/24")
            .withDescription("my snat rule 01")
            .withSourceType(1)
            .withFloatingIpId("bdc10a4c-d81a-41ec-adf7-de857f7c812a");
        body.withSnatRule(snatRulebody);
        request.withBody(body);
        try {
            CreateNatGatewaySnatRuleResponse response = client.createNatGatewaySnatRule(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

          

        

      
     

Creating an SNAT rule

      
       
         
         
           # coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdknat.v2.region.nat_region import NatRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdknat.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = NatClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(NatRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CreateNatGatewaySnatRuleRequest()
        snatRulebody = CreateNatGatewaySnatRuleOption(
            nat_gateway_id="a78fb3eb-1654-4710-8742-3fc49d5f04f8",
            cidr="172.30.0.0/24",
            description="my snat rule 01",
            source_type=1,
            floating_ip_id="bdc10a4c-d81a-41ec-adf7-de857f7c812a"
        )
        request.body = CreateNatGatewaySnatRuleRequestOption(
            snat_rule=snatRulebody
        )
        response = client.create_nat_gateway_snat_rule(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

          

        

      
     

Creating an SNAT rule

      
       
         
         
           package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    nat "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := nat.NewNatClient(
        nat.NatClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CreateNatGatewaySnatRuleRequest{}
	cidrSnatRule:= "172.30.0.0/24"
	descriptionSnatRule:= "my snat rule 01"
	sourceTypeSnatRule:= int32(1)
	snatRulebody := &model.CreateNatGatewaySnatRuleOption{
		NatGatewayId: "a78fb3eb-1654-4710-8742-3fc49d5f04f8",
		Cidr: &cidrSnatRule,
		Description: &descriptionSnatRule,
		SourceType: &sourceTypeSnatRule,
		FloatingIpId: "bdc10a4c-d81a-41ec-adf7-de857f7c812a",
	}
	request.Body = &model.CreateNatGatewaySnatRuleRequestOption{
		SnatRule: snatRulebody,
	}
	response, err := client.CreateNatGatewaySnatRule(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

          

        

      
     