Updated on 2025-07-04 GMT+08:00

Creating a Private NAT Gateway

Function

This API is used to create a private NAT gateway.

Calling Method

For details, see Calling APIs.

URI

POST /v3/{project_id}/private-nat/gateways

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Specifies the project ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Specifies the user token.

It is a response to the API used to obtain a user token. This API is the only one that does not require authentication.

The value of X-Subject-Token in the response header is the token value.

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

gateway

Yes

CreatePrivateNatOption object

Specifies the request body for creating the private NAT gateway.

Table 4 CreatePrivateNatOption

Parameter

Mandatory

Type

Description

name

Yes

String

Specifies the private NAT gateway name.

Only digits, letters, underscores (_), and hyphens (-) are allowed.

description

No

String

Provides supplementary information about the private NAT gateway. The description can contain up to 255 characters and cannot contain angle brackets (<>).

spec

No

String

Specifies the private NAT gateway specifications.

The value can be:

  • Small

  • Medium

  • Large

  • Extra-large

downlink_vpcs

Yes

Array of DownlinkVpcOption objects

Specifies the VPC where the private NAT gateway works.

tags

No

Array of Tag objects

Specifies the tag list.

enterprise_project_id

No

String

Specifies the ID of the enterprise project that is associated with the private NAT gateway when the private NAT gateway is created.

For more information about enterprise projects and how to obtain enterprise project IDs, see Enterprise Management User Guide.

Table 5 DownlinkVpcOption

Parameter

Mandatory

Type

Description

virsubnet_id

Yes

String

Specifies the ID of the subnet where the private NAT gateway works.

ngport_ip_address

No

String

Specifies the private IP address of the private NAT gateway.

Table 6 Tag

Parameter

Mandatory

Type

Description

key

Yes

String

Specifies the tag key. A key can contain up to 128 Unicode characters. key cannot be left blank.

value

Yes

String

Specifies the tag value. Each value can contain up to 255 Unicode characters.

Response Parameters

Status code: 201

Table 7 Response body parameters

Parameter

Type

Description

gateway

PrivateNat object

Specifies the response body for the private NAT gateway.

request_id

String

Specifies the request ID.

Table 8 PrivateNat

Parameter

Type

Description

id

String

Specifies the private NAT gateway ID.

project_id

String

Specifies the project ID.

name

String

Specifies the private NAT gateway name.

description

String

Provides supplementary information about the private NAT gateway. The description can contain up to 255 characters and cannot contain angle brackets (<>).

spec

String

Specifies the private NAT gateway specifications.

The value can be:

  • Small

  • Medium

  • Large

  • Extra-large

status

String

Specifies the private NAT gateway status.

The value can be:

  • ACTIVE: The private NAT gateway is running properly.

  • FROZEN: The private NAT gateway is frozen.

created_at

DateTime

Specifies the time when the private NAT gateway was created. It is a UTC time in yyyy-mm-ddThh:mm:ssZ format.

updated_at

DateTime

Specifies the time when the private NAT gateway was updated. It is a UTC time in yyyy-mm-ddThh:mm:ssZ format.

downlink_vpcs

Array of DownlinkVpc objects

Specifies the VPC where the private NAT gateway works.

tags

Array of Tag objects

Specifies the list of tags.

enterprise_project_id

String

Specifies the ID of the enterprise project that is associated with the private NAT gateway when the private NAT gateway is created.

rule_max

Integer

Specifies the maximum number of rules.

transit_ip_pool_size_max

Integer

Specifies the maximum number of transit IP addresses in a transit IP address pool.

Table 9 DownlinkVpc

Parameter

Type

Description

vpc_id

String

Specifies the ID of the VPC where the private NAT gateway works.

virsubnet_id

String

Specifies the ID of the subnet where the private NAT gateway works.

ngport_ip_address

String

Specifies the private IP address of the private NAT gateway.

Table 10 Tag

Parameter

Type

Description

key

String

Specifies the tag key. A key can contain up to 128 Unicode characters. key cannot be left blank.

value

String

Specifies the tag value. Each value can contain up to 255 Unicode characters.

Example Requests

Creating a private NAT gateway (Setting name to private-nat-gateway-name, spec to Small, and virsubnet_id to 373979ee-f4f0-46c5-80e3-0fbf72646b70)

POST https://{Endpoint}/v3/70505c941b9b4dfd82fd351932328a2f/private-nat/gateways

{
  "gateway" : {
    "name" : "private-nat-gateway-name",
    "spec" : "Small",
    "enterprise_project_id" : "2759da7b-8015-404c-ae0a-a389007b0e2a",
    "description" : "create private nat",
    "downlink_vpcs" : [ {
      "virsubnet_id" : "373979ee-f4f0-46c5-80e3-0fbf72646b70"
    } ],
    "tags" : [ {
      "key" : "key1",
      "value" : "value1"
    } ]
  }
}

Example Responses

Status code: 201

Private NAT gateway created.

{
  "request_id" : "9882046a9b96f1405472e36d797e33dc",
  "gateway" : {
    "id" : "14338426-6afe-4019-996b-3a9525296e11",
    "name" : "private-nat-gateway-name",
    "description" : "private-nat-gateway-description",
    "spec" : "Small",
    "project_id" : "70505c941b9b4dfd82fd351932328a2f",
    "enterprise_project_id" : "2759da7b-8015-404c-ae0a-a389007b0e2a",
    "status" : "ACTIVE",
    "created_at" : "2019-04-22T08:47:13",
    "updated_at" : "2019-04-22T08:47:13",
    "tags" : [ {
      "key" : "key1",
      "value" : "value1"
    } ],
    "downlink_vpcs" : [ {
      "vpc_id" : "3cb66d44-9f75-4237-bfff-e37b14d23ad2",
      "virsubnet_id" : "373979ee-f4f0-46c5-80e3-0fbf72646b70",
      "ngport_ip_address" : "192.168.10.190"
    } ],
    "transit_ip_pool_size_max" : 1,
    "rule_max" : 20
  }
}

SDK Sample Code

The SDK sample code is as follows.

Creating a private NAT gateway (Setting name to private-nat-gateway-name, spec to Small, and virsubnet_id to 373979ee-f4f0-46c5-80e3-0fbf72646b70)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.nat.v2.region.NatRegion;
import com.huaweicloud.sdk.nat.v2.*;
import com.huaweicloud.sdk.nat.v2.model.*;

import java.util.List;
import java.util.ArrayList;

public class CreatePrivateNatSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        NatClient client = NatClient.newBuilder()
                .withCredential(auth)
                .withRegion(NatRegion.valueOf("<YOUR REGION>"))
                .build();
        CreatePrivateNatRequest request = new CreatePrivateNatRequest();
        CreatePrivateNatRequestBody body = new CreatePrivateNatRequestBody();
        List<PrivateTag> listGatewayTags = new ArrayList<>();
        listGatewayTags.add(
            new PrivateTag()
                .withKey("key1")
                .withValue("value1")
        );
        List<DownlinkVpcOption> listGatewayDownlinkVpcs = new ArrayList<>();
        listGatewayDownlinkVpcs.add(
            new DownlinkVpcOption()
                .withVirsubnetId("373979ee-f4f0-46c5-80e3-0fbf72646b70")
        );
        CreatePrivateNatOption gatewaybody = new CreatePrivateNatOption();
        gatewaybody.withName("private-nat-gateway-name")
            .withDescription("create private nat")
            .withSpec(CreatePrivateNatOption.SpecEnum.fromValue("Small"))
            .withDownlinkVpcs(listGatewayDownlinkVpcs)
            .withTags(listGatewayTags)
            .withEnterpriseProjectId("2759da7b-8015-404c-ae0a-a389007b0e2a");
        body.withGateway(gatewaybody);
        request.withBody(body);
        try {
            CreatePrivateNatResponse response = client.createPrivateNat(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Creating a private NAT gateway (Setting name to private-nat-gateway-name, spec to Small, and virsubnet_id to 373979ee-f4f0-46c5-80e3-0fbf72646b70)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdknat.v2.region.nat_region import NatRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdknat.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = NatClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(NatRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CreatePrivateNatRequest()
        listTagsGateway = [
            PrivateTag(
                key="key1",
                value="value1"
            )
        ]
        listDownlinkVpcsGateway = [
            DownlinkVpcOption(
                virsubnet_id="373979ee-f4f0-46c5-80e3-0fbf72646b70"
            )
        ]
        gatewaybody = CreatePrivateNatOption(
            name="private-nat-gateway-name",
            description="create private nat",
            spec="Small",
            downlink_vpcs=listDownlinkVpcsGateway,
            tags=listTagsGateway,
            enterprise_project_id="2759da7b-8015-404c-ae0a-a389007b0e2a"
        )
        request.body = CreatePrivateNatRequestBody(
            gateway=gatewaybody
        )
        response = client.create_private_nat(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Creating a private NAT gateway (Setting name to private-nat-gateway-name, spec to Small, and virsubnet_id to 373979ee-f4f0-46c5-80e3-0fbf72646b70)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    nat "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := nat.NewNatClient(
        nat.NatClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CreatePrivateNatRequest{}
	var listTagsGateway = []model.PrivateTag{
        {
            Key: "key1",
            Value: "value1",
        },
    }
	var listDownlinkVpcsGateway = []model.DownlinkVpcOption{
        {
            VirsubnetId: "373979ee-f4f0-46c5-80e3-0fbf72646b70",
        },
    }
	descriptionGateway:= "create private nat"
	specGateway:= model.GetCreatePrivateNatOptionSpecEnum().SMALL
	enterpriseProjectIdGateway:= "2759da7b-8015-404c-ae0a-a389007b0e2a"
	gatewaybody := &model.CreatePrivateNatOption{
		Name: "private-nat-gateway-name",
		Description: &descriptionGateway,
		Spec: &specGateway,
		DownlinkVpcs: listDownlinkVpcsGateway,
		Tags: &listTagsGateway,
		EnterpriseProjectId: &enterpriseProjectIdGateway,
	}
	request.Body = &model.CreatePrivateNatRequestBody{
		Gateway: gatewaybody,
	}
	response, err := client.CreatePrivateNat(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

201

Private NAT gateway created.

Error Codes

See Error Codes.