Console
    Start free

    gcloud beta compute routers nats rules create

    NAME
    gcloud beta compute routers nats rules create - add a Rule to a Compute Engine NAT
    SYNOPSIS
    gcloud beta compute routers nats rules create RULE_NUMBER --match = MATCH --nat = NAT --router = ROUTER [ --async ] [ --region = REGION ] [ --source-nat-active-ips = IP_ADDRESS , [ IP_ADDRESS , …]] [ --source-nat-active-ranges = SUBNETWORK , [ SUBNETWORK , …]] [ GCLOUD_WIDE_FLAG ]
    DESCRIPTION
    (BETA) gcloud beta compute routers nats rules create is used to create a Rule on a Compute Engine NAT.
    EXAMPLES
    Create a rule to use the IP Address address-1 to talk to destination IPs in the CIDR Range "203.0.113.0/24". 
     gcloud  
beta  
compute  
routers  
nats  
rules  
create  
 1 
  
 --nat 
 = 
my-nat  
 --router 
 = 
my-router  
 --region 
 = 
us-central1  
 --match 
 = 
 'inIpRange(destination.ip, "203.0.113.0/24")' 
  
 --source-nat-active-ips 
 = 
a1
    POSITIONAL ARGUMENTS
    RULE_NUMBER
    Number that uniquely identifies the Rule to create
    REQUIRED FLAGS
    --match = MATCH
    CEL Expression used to identify traffic to which this rule applies.
    • Supported attributes (Public NAT): destination.ip
    • Supported attributes (Private NAT): nexthop.hub
    • Supported methods (Public Nat): inIpRange
    • Supported operators (Public NAT): ||, ==
    • Supported operators (Private NAT): ==

    Examples of allowed Match expressions (Public NAT):

    • 'inIpRange(destination.ip, "203.0.113.0/24")''
    • 'destination.ip == "203.0.113.7"'
    • 'destination.ip == "203.0.113.7" || inIpRange(destination.ip, "203.0.113.16/25")'

    Example of allowed Match expression (Private NAT):

    • nexthop.hub == "//networkconnectivity.googleapis.com/projects/p1/locations/global/hubs/h1"
    --nat = NAT
    Name of the NAT that contains the Rule
    --router = ROUTER
    Router to use for NAT.
    OPTIONAL FLAGS
    --async
    Return immediately, without waiting for the operation in progress to complete.
    --region = REGION
    Region of the NAT to create. If not specified, you might be prompted to select a region (interactive mode only).

    To avoid prompting when this flag is omitted, you can set the compute/region property:

      gcloud  
config  
 set 
 
  
compute/region  
REGION

    A list of regions can be fetched by running:

      gcloud  
compute  
regions  
list

    To unset the property, run:

      gcloud  
config  
 unset 
 
  
compute/region

    Alternatively, the region can be stored in the environment variable CLOUDSDK_COMPUTE_REGION .

    --source-nat-active-ips = IP_ADDRESS ,[ IP_ADDRESS ,…]
    External IP Addresses to use for connections matching this rule. This flag is supported only for Public NAT and is required when creating a Public NAT gateway.

    These must be valid reserved external IP addresses in the same region.

    --source-nat-active-ranges = SUBNETWORK ,[ SUBNETWORK ,…]
    Subnetworks from which addresses are used for connections matching this rule. This flag is supported only for Private NAT and is required when creating a Private NAT gateway.

    These must be subnetwork resources in the same region, with purpose set to PRIVATE_NAT.

    GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file , --account , --billing-project , --configuration , --flags-file , --flatten , --format , --help , --impersonate-service-account , --log-http , --project , --quiet , --trace-token , --user-output-enabled , --verbosity .

    Run $ gcloud help for details.

    NOTES
    This command is currently in beta and might change without notice. These variants are also available: 
      gcloud  
compute  
routers  
nats  
rules  
create 
 

      gcloud  
alpha  
compute  
routers  
nats  
rules  
create 
 

      gcloud  
preview  
compute  
routers  
nats  
rules  
create
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: