检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
You can use NAT Gateway to let all instances in a private subnet connect outbound to the Internet or other private networks while remaining fully private.
You can use NAT Gateway to let all instances in a private subnet connect outbound to the Internet or other private networks while remaining fully private.
Public NAT Gateway: All regions Adding an SNAT Rule (Public NAT Gateway) Adding a DNAT Rule (Public NAT Gateway) Enterprise Project NAT Gateway resources can be managed by enterprise project.
What Is NAT Gateway? NAT Gateway is a network address translation (NAT) service. It can be a public NAT gateway or a private NAT gateway. Video Tutorial This video introduces what NAT Gateway is.
Parent Topic: Public NAT gateway
You are advised to use the latest version of NAT Gateway SDKs to better protect your data. You can download the latest SDKs in your desired language from NAT Gateway SDKs. Do not use high-risk ports for DNAT rules.
NAT Gateway Infographics
NAT Gateway and Other Services Figure 1 shows the relationship between NAT Gateway and other services.
The following section contains examples of common NAT Gateway custom policies.
Public NAT gateway NAT gateway types that can be created Parent Topic: APIs of Public NAT Gateways
Step 3: Create a Private NAT Gateway Go to the Buy Private NAT Gateway page. On the Buy Private NAT Gateway page, configure required parameters.
Public NAT Gateway Tags Querying Public NAT Gateways by Tag Adding Tags to or Deleting Tags of a Public NAT Gateway Adding Tags to a Public NAT Gateway Deleting a Tag from a Public NAT Gateway Querying Tags of a Public NAT Gateway Querying Tags of All Public NAT Gateways in a Project
NAT Gateway Advantages Advantages of Public NAT Gateways Flexible deployment A NAT gateway can be shared across subnets and AZs, so that even if an AZ fails, the public NAT gateway can still run normally in another AZ.
Select a public NAT gateway based on your service requirements. Table 1 lists the public NAT gateway specifications.
Private NAT Gateway Tags Querying Private NAT Gateways Querying Tags of All Private NAT Gateways in a Project Querying Tags of a Private NAT Gateway Adding a Tag to a Private NAT Gateway Batch Adding or Deleting Tags to or from a Private NAT Gateway Deleting a Tag from a Private NAT
Private NAT Gateway Tags Permission API Action IAM Project Enterprise Project Adding a Tag to a Private NAT Gateway POST /v3/{project_id}/private-nat-gateways/{resource_id}/tags nat:privateNatGatewayTags:create √ √ Batch Adding or Deleting Tags to or from a Private NAT Gateway POST
When Will NAT Gateway Operations Be Restricted? If any of the following conditions arise, you are not allowed to create a NAT gateway or change the specifications of a NAT gateway.
Querying the NAT Gateway Quota of a Tenant Function This API is used to query the NAT gateway quota of a tenant.
Creating a User and Granting NAT Gateway Permissions This section describes how to use IAM to implement fine-grained permissions control for your NAT Gateway resources. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
Auto-renewing a NAT Gateway Auto-renewal can prevent NAT gateways from being automatically deleted if you forget to manually renew them. The auto-renewal rules are as follows: The first auto-renewal date is based on when a NAT gateway expires and the billing cycle.
Parent Topic: Private NAT Gateway Tags
To allow traffic to pass through the public NAT gateway, a route to the public NAT gateway in the VPC is required. When you buy a public NAT gateway, a default route 0.0.0.0/0 to the public NAT gateway is automatically added to the default route table of the VPC.
The value can be: ACTIVE: The public NAT gateway is available. PENDING_CREATE: The public NAT gateway is being created. PENDING_UPDATE: The public NAT gateway is being updated. PENDING_DELETE: The public NAT gateway is being deleted.
