6941313c7d
* factories refactor doc * Adds file schema and filesystem organization * Update 20231106-factories.md * move factories out of blueprints and create new factories README * align factory in billing-account module * align factory in dataplex-datascan module * align factory in billing-account module * align factory in net-firewall-policy module * align factory in dns-response-policy module * align factory in net-vpc-firewall module * align factory in net-vpc module * align factory variable names in FAST * remove decentralized firewall blueprint * bump terraform version * bump module versions * update top-level READMEs * move project factory to modules * fix variable names and tests * tfdoc * remove changelog link * add project factory to top-level README * fix cludrun eventarc diff * fix README * fix cludrun eventarc diff --------- Co-authored-by: Simone Ruffilli <sruffilli@google.com> |
||
|---|---|---|
| .. | ||
| README.md | ||
| main.tf | ||
| outputs.tf | ||
| variables.tf | ||
| versions.tf | ||
README.md
Cloud NAT Module
Simple Cloud NAT management, with optional router creation.
Basic Example
module "nat" {
source = "./fabric/modules/net-cloudnat"
project_id = "my-project"
region = "europe-west1"
name = "default"
router_network = "my-vpc"
}
# tftest modules=1 resources=2
Reserved IPs and custom rules
module "addresses" {
source = "./fabric/modules/net-address"
project_id = "my-project"
external_addresses = {
a1 = { region = "europe-west1" }
a2 = { region = "europe-west1" }
a3 = { region = "europe-west1" }
}
}
module "nat" {
source = "./fabric/modules/net-cloudnat"
project_id = "my-project"
region = "europe-west1"
name = "nat"
router_network = "my-vpc"
addresses = [
module.addresses.external_addresses["a1"].self_link,
module.addresses.external_addresses["a3"].self_link
]
config_port_allocation = {
enable_endpoint_independent_mapping = false
}
rules = [
{
description = "rule1"
match = "destination.ip == '8.8.8.8'"
source_ips = [
module.addresses.external_addresses["a2"].self_link
]
}
]
}
# tftest modules=2 resources=5 inventory=rules.yaml
Variables
| name | description | type | required | default |
|---|---|---|---|---|
| name | Name of the Cloud NAT resource. | string |
✓ | |
| project_id | Project where resources will be created. | string |
✓ | |
| region | Region where resources will be created. | string |
✓ | |
| addresses | Optional list of external address self links. | list(string) |
[] |
|
| config_port_allocation | Configuration for how to assign ports to virtual machines. min_ports_per_vm and max_ports_per_vm have no effect unless enable_dynamic_port_allocation is set to 'true'. | object({…}) |
{} |
|
| config_source_subnets | Subnetwork configuration (ALL_SUBNETWORKS_ALL_IP_RANGES, ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, LIST_OF_SUBNETWORKS). | string |
"ALL_SUBNETWORKS_ALL_IP_RANGES" |
|
| config_timeouts | Timeout configurations. | object({…}) |
{} |
|
| logging_filter | Enables logging if not null, value is one of 'ERRORS_ONLY', 'TRANSLATIONS_ONLY', 'ALL'. | string |
null |
|
| router_asn | Router ASN used for auto-created router. | number |
null |
|
| router_create | Create router. | bool |
true |
|
| router_name | Router name, leave blank if router will be created to use auto generated name. | string |
null |
|
| router_network | Name of the VPC used for auto-created router. | string |
null |
|
| rules | List of rules associated with this NAT. | list(object({…})) |
[] |
|
| subnetworks | Subnetworks to NAT, only used when config_source_subnets equals LIST_OF_SUBNETWORKS. | list(object({…})) |
[] |
Outputs
| name | description | sensitive |
|---|---|---|
| id | Fully qualified NAT (router) id. | |
| name | Name of the Cloud NAT. | |
| nat_ip_allocate_option | NAT IP allocation mode. | |
| region | Cloud NAT region. | |
| router | Cloud NAT router resources (if auto created). | |
| router_name | Cloud NAT router name. |