更新时间:2024-03-28 GMT+08:00

创建SNAT规则

功能介绍

创建SNAT规则。

接口约束

创建规则时,要求网关状态status = "ACTIVE"。

调用方法

请参见如何调用API

URI

POST /v3/{project_id}/private-nat/snat-rules

表1 路径参数

参数

是否必选

参数类型

描述

project_id

String

项目的ID。

最小长度:1

最大长度:36

请求参数

表2 请求Header参数

参数

是否必选

参数类型

描述

X-Auth-Token

String

用户Token。 用户Token也就是调用获取用户Token获取请求认证接口的响应值,该接口是唯一不需要认证的接口。 请求响应成功后在响应消息头中包含的“X-Subject-Token”的值即为Token值。

最小长度:1

最大长度:10240

表3 请求Body参数

参数

是否必选

参数类型

描述

snat_rule

CreatePrivateSnatOption object

创建SNAT规则的请求体。

表4 CreatePrivateSnatOption

参数

是否必选

参数类型

描述

gateway_id

String

私网NAT网关实例的ID。

最小长度:36

最大长度:36

cidr

String

功能说明:规则匹配的CIDR。取值约束:与virsubnet_id参数二选一。

最小长度:9

最大长度:18

virsubnet_id

String

功能说明:规则匹配的子网的ID。 取值约束:与cidr参数二选一。

最小长度:36

最大长度:36

description

String

SNAT规则的描述。长度范围小于等于255个字符,不能包含“<”和“>”。

最小长度:0

最大长度:255

transit_ip_ids

Array of strings

功能说明:中转IP的ID的列表。 取值约束:中转IP的ID个数不能超过1个。

最小长度:36

最大长度:36

数组长度:1 - 1

响应参数

状态码: 201

表5 响应Body参数

参数

参数类型

描述

snat_rule

PrivateSnat object

SNAT规则的响应体。

request_id

String

请求ID。

最小长度:1

最大长度:36

表6 PrivateSnat

参数

参数类型

描述

id

String

SNAT规则的ID。

最小长度:36

最大长度:36

project_id

String

项目的ID。

最小长度:36

最大长度:36

gateway_id

String

私网NAT网关实例的ID。

最小长度:36

最大长度:36

cidr

String

功能说明:规则匹配的CIDR。 取值约束:

  • 与virsubnet_id参数二选一。

  • cidr不能与已有snat规则的网段相同。

最小长度:9

最大长度:18

virsubnet_id

String

功能说明:规则匹配的子网的ID。 取值约束:与cidr参数二选一。

最小长度:36

最大长度:36

description

String

SNAT规则的描述。长度范围小于等于255个字符,不能包含“<”和“>”。

最小长度:1

最大长度:36

transit_ip_associations

Array of AssociatedTransitIp objects

关联的中转IP详情列表。

数组长度:1 - 1

created_at

String

SNAT规则的创建时间,遵循UTC时间,格式是yyyy-mm-ddThh:mm:ssZ。

最小长度:1

最大长度:36

updated_at

String

SNAT规则的更新时间,遵循UTC时间,格式是yyyy-mm-ddThh:mm:ssZ。

最小长度:1

最大长度:36

enterprise_project_id

String

企业项目id

最小长度:1

最大长度:36

表7 AssociatedTransitIp

参数

参数类型

描述

transit_ip_id

String

中转IP的ID。

最小长度:36

最大长度:36

transit_ip_address

String

中转IP地址。

最小长度:7

最大长度:35

请求示例

创建SNAT规则,其中,SNAT规则的描述为my_snat_rule01,私网NAT网关实例的id为80da6f26-94eb-4537-97f0-5a56f4d04cfb,规则匹配的子网的id为5b9ea497-727d-4ad0-a99e-3984b3f5aaed。

POST https://{Endpoint}/v3/cfa563efb77d4b6d9960781d82530fd8/private-nat/snat-rules

{
  "snat_rule" : {
    "description" : "my_snat_rule01",
    "gateway_id" : "80da6f26-94eb-4537-97f0-5a56f4d04cfb",
    "virsubnet_id" : "5b9ea497-727d-4ad0-a99e-3984b3f5aaed",
    "transit_ip_ids" : [ "36a3049a-1682-48b3-b1cf-cb986a3350ef" ]
  }
}

响应示例

状态码: 201

创建SNAT规则成功。

{
  "snat_rule" : {
    "id" : "af4dbb83-7ca0-4ed1-b28b-668c1f9c6b81",
    "project_id" : "cfa563efb77d4b6d9960781d82530fd8",
    "description" : "snat rule description",
    "gateway_id" : "80da6f26-94eb-4537-97f0-5a56f4d04cfb",
    "cidr" : "",
    "virsubnet_id" : "5b9ea497-727d-4ad0-a99e-3984b3f5aaed",
    "transit_ip_associations" : [ {
      "transit_ip_id" : "36a3049a-1682-48b3-b1cf-cb986a3350ef",
      "transit_ip_address" : "172.20.1.10"
    } ],
    "created_at" : "2019-10-22T03:31:19",
    "updated_at" : "2019-10-22T03:31:19"
  },
  "request_id" : "2937502e-73f9-4ba5-ae75-2293a0b35fb8"
}

SDK代码示例

SDK代码示例如下。

创建SNAT规则,其中,SNAT规则的描述为my_snat_rule01,私网NAT网关实例的id为80da6f26-94eb-4537-97f0-5a56f4d04cfb,规则匹配的子网的id为5b9ea497-727d-4ad0-a99e-3984b3f5aaed。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.nat.v2.region.NatRegion;
import com.huaweicloud.sdk.nat.v2.*;
import com.huaweicloud.sdk.nat.v2.model.*;

import java.util.List;
import java.util.ArrayList;

public class CreatePrivateSnatSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        NatClient client = NatClient.newBuilder()
                .withCredential(auth)
                .withRegion(NatRegion.valueOf("<YOUR REGION>"))
                .build();
        CreatePrivateSnatRequest request = new CreatePrivateSnatRequest();
        CreatePrivateSnatOptionBody body = new CreatePrivateSnatOptionBody();
        List<String> listSnatRuleTransitIpIds = new ArrayList<>();
        listSnatRuleTransitIpIds.add("36a3049a-1682-48b3-b1cf-cb986a3350ef");
        CreatePrivateSnatOption snatRulebody = new CreatePrivateSnatOption();
        snatRulebody.withGatewayId("80da6f26-94eb-4537-97f0-5a56f4d04cfb")
            .withVirsubnetId("5b9ea497-727d-4ad0-a99e-3984b3f5aaed")
            .withDescription("my_snat_rule01")
            .withTransitIpIds(listSnatRuleTransitIpIds);
        body.withSnatRule(snatRulebody);
        request.withBody(body);
        try {
            CreatePrivateSnatResponse response = client.createPrivateSnat(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

创建SNAT规则,其中,SNAT规则的描述为my_snat_rule01,私网NAT网关实例的id为80da6f26-94eb-4537-97f0-5a56f4d04cfb,规则匹配的子网的id为5b9ea497-727d-4ad0-a99e-3984b3f5aaed。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# coding: utf-8

from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdknat.v2.region.nat_region import NatRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdknat.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = __import__('os').getenv("CLOUD_SDK_AK")
    sk = __import__('os').getenv("CLOUD_SDK_SK")

    credentials = BasicCredentials(ak, sk) \

    client = NatClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(NatRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CreatePrivateSnatRequest()
        listTransitIpIdsSnatRule = [
            "36a3049a-1682-48b3-b1cf-cb986a3350ef"
        ]
        snatRulebody = CreatePrivateSnatOption(
            gateway_id="80da6f26-94eb-4537-97f0-5a56f4d04cfb",
            virsubnet_id="5b9ea497-727d-4ad0-a99e-3984b3f5aaed",
            description="my_snat_rule01",
            transit_ip_ids=listTransitIpIdsSnatRule
        )
        request.body = CreatePrivateSnatOptionBody(
            snat_rule=snatRulebody
        )
        response = client.create_private_snat(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

创建SNAT规则,其中,SNAT规则的描述为my_snat_rule01,私网NAT网关实例的id为80da6f26-94eb-4537-97f0-5a56f4d04cfb,规则匹配的子网的id为5b9ea497-727d-4ad0-a99e-3984b3f5aaed。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    nat "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := nat.NewNatClient(
        nat.NatClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CreatePrivateSnatRequest{}
	var listTransitIpIdsSnatRule = []string{
        "36a3049a-1682-48b3-b1cf-cb986a3350ef",
    }
	virsubnetIdSnatRule:= "5b9ea497-727d-4ad0-a99e-3984b3f5aaed"
	descriptionSnatRule:= "my_snat_rule01"
	snatRulebody := &model.CreatePrivateSnatOption{
		GatewayId: "80da6f26-94eb-4537-97f0-5a56f4d04cfb",
		VirsubnetId: &virsubnetIdSnatRule,
		Description: &descriptionSnatRule,
		TransitIpIds: listTransitIpIdsSnatRule,
	}
	request.Body = &model.CreatePrivateSnatOptionBody{
		SnatRule: snatRulebody,
	}
	response, err := client.CreatePrivateSnat(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。

状态码

状态码

描述

201

创建SNAT规则成功。

错误码

请参见错误码