检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Prerequisites A private NAT gateway is available. A transit IP address is available. Procedure Go to the private NAT gateway list page. On the Private NAT Gateways page, click the name of the private NAT gateway on which you need to add a DNAT rule.
Scenarios This section describes how to view NAT Gateway metrics. Procedure Log in to the management console. In the upper left corner, select the target region. Under Management & Governance, select Cloud Eye.
Viewing Traces Scenarios CTS records the operations performed on NAT Gateway and allows you to view the operation records of the last seven days on the CTS console. This topic describes how to query these records. Procedure Log in to the management console.
Procedure Go to the private NAT gateway list page. On the Private NAT Gateways page, click the name of the private NAT gateway. In the SNAT rule list, locate the row that contains the SNAT rule you want to delete and click Delete in the Operation column.
Procedure Go to the private NAT gateway list page. In the Transit IP Addresses tab, locate the transit IP address you want to release and click Release in the Operation column. Click OK.
In a public NAT gateway, DNAT enables servers in a VPC to share an EIP to provide services accessible from the Internet through IP address mapping or port mapping. For details, see Adding a DNAT Rule.
Constraints When you are creating a DNAT rule, status of the NAT gateway must be set to ACTIVE. Calling Method For details, see Calling APIs.
Step 4: Create a Route Table Scenarios Each public NAT gateway requires its unique route table. Create the second route table for the VPC. If the custom route table quota is insufficient, create a service ticket to increase the route table quota.
Return to the Public NAT Gateway page and check whether Billing Mode of the Public NAT gateway has changed to Yearly/Monthly. Parent topic: Billing Mode Changes
Identity Authentication and Access Control You can use Identity and Access Management (IAM) to control access to your NAT Gateway resources. IAM permissions define which actions on your cloud resources are allowed or denied.
Table 2 Common operations supported by each system-defined policy or role of NAT Gateway Operation NAT FullAccess NAT ReadOnlyAccess NAT Gateway Administrator Creating a NAT gateway √ x √ Querying NAT gateways √ √ √ Querying NAT gateway details √ √ √ Updating a NAT gateway √ x √ Deleting
If you change the billing mode of a public NAT gateway from pay-per-use to yearly/monthly, the new billing mode will take effect immediately. Private NAT gateway supports only the pay-per-use billing mode (hourly) and the billing mode cannot be changed.
Constraints When you are creating an SNAT rule, status of the NAT gateway must be set to ACTIVE. Calling Method For details, see Calling APIs.
NAT Gateway does not provide access control and can only forward traffic based on rules. To restrict access to some websites, you can configure security groups and ACL rules. For details, see Security Group Configuration Examples and Network ACL Configuration Examples.
For details, see NAT Gateway Pricing Details.
The NAT Gateway billing mode cannot be changed from yearly/monthly to pay-per-use on the NAT Gateway console. To do so, go to the Billing & Costs > Renewals page. Parent topic: Billing Mode Changes
PENDING_UPDATE: The public NAT gateway is being updated. PENDING_DELETE: The public NAT gateway is being deleted. INACTIVE: The public NAT gateway is unavailable. spec No Array of strings Specifies the public NAT gateway specifications.
Private NAT Gateways Querying Private NAT Gateways Updating a Private NAT Gateway Deleting a Private NAT Gateway Querying the List of NAT Gateway Specifications Supported by a Project Creating a Private NAT Gateway Querying Details About a Specified Private NAT Gateway Parent Topic
Public NAT Gateways Querying Public NAT Gateways Creating a Public NAT Gateway Deleting a Public NAT Gateway Updating a Public NAT Gateway Querying Details of a Public NAT Gateway Parent Topic: APIs of Public NAT Gateways
What Should I Do If I Fail to Access the Internet Through a Public NAT Gateway? Can I Change the VPC for a Public NAT Gateway? Does Public NAT Gateway Support IPv6 Addresses? What Security Policies Can I Configure to Implement Access Control If I Use a Public NAT Gateway?
