On this page
google_compute_router_nat resource
Syntax
A google_compute_router_nat is used to test a Google RouterNat resource
Beta Resource
This resource has beta fields available. To retrieve these fields, include beta: true in the constructor for the resource
Examples
describe google_compute_router_nat(project: 'chef-gcp-inspec', region: 'europe-west2', router: 'inspec-gcp-router', name: 'inspec-router-nat') do
  it { should exist }
  its('nat_ip_allocate_option') { should cmp 'AUTO_ONLY' }
  its('source_subnetwork_ip_ranges_to_nat') { should cmp 'ALL_SUBNETWORKS_ALL_IP_RANGES' }
  its('min_ports_per_vm') { should cmp '2' }
  its('log_config.enable') { should cmp 'true' }
  its('log_config.filter') { should cmp 'ERRORS_ONLY' }
end
describe google_compute_router(project: 'chef-gcp-inspec', region: 'europe-west2', router: 'nonexistent', name: 'nonexistent') do
  it { should_not exist }
end
Properties
Properties that can be accessed from the google_compute_router_nat resource:
- 
      name
- Name of the NAT service. The name must be 1-63 characters long and comply with RFC1035.
- 
      nat_ip_allocate_option
- 
      How external IPs should be allocated for this NAT. Valid values are AUTO_ONLYfor only allowing NAT IPs allocated by Google Cloud Platform, orMANUAL_ONLYfor only user-allocated NAT IP addresses.Possible values: - MANUAL_ONLY
- AUTO_ONLY
 
- 
      nat_ips
- Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.
- 
      drain_nat_ips
- A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.
- 
      source_subnetwork_ip_ranges_to_nat
- 
      How NAT should be configured per Subnetwork. If ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. IfALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat.LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region.Possible values: - ALL_SUBNETWORKS_ALL_IP_RANGES
- ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES
- LIST_OF_SUBNETWORKS
 
- 
      subnetwork
- 
      One or more subnetwork NAT configurations. Only used if source_subnetwork_ip_ranges_to_natis set toLIST_OF_SUBNETWORKS
- 
      name
- Self-link of subnetwork to NAT
- 
      source_ip_ranges_to_nat
- 
      List of options for which source IPs in the subnetwork should have NAT enabled.
      Supported values include: - ALL_IP_RANGES
- LIST_OF_SECONDARY_IP_RANGES
- PRIMARY_IP_RANGE
 
- 
      secondary_ip_range_names
- 
      List of the secondary ranges of the subnetwork that are allowed to use NAT. This can be populated only if LIST_OF_SECONDARY_IP_RANGESis one of the values in sourceIpRangesToNat
- 
      min_ports_per_vm
- Minimum number of ports allocated to a VM from this NAT.
- 
      udp_idle_timeout_sec
- Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
- 
      icmp_idle_timeout_sec
- Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
- 
      tcp_established_idle_timeout_sec
- Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
- 
      tcp_transitory_idle_timeout_sec
- Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
- 
      log_config
- Configuration for logging on NAT
- 
      enable
- Indicates whether or not to export logs.
- 
      filter
- 
      Specifies the desired filtering of logs on this NAT.
      Possible values: - ERRORS_ONLY
- TRANSLATIONS_ONLY
- ALL
 
- 
      router
- The name of the Cloud Router in which this NAT will be configured.
- 
      region
- Region where the router and NAT reside.
GCP Permissions
Ensure the Compute Engine API is enabled for the current project.
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
 https://docs.chef.io/inspec/resources/google_compute_router_nat/