ALIYUN::VPC::NatGateway is used to create a NAT gateway.

Syntax

{
  "Type": "ALIYUN::VPC::NatGateway",
  "Properties": {
    "Description": String,
    "NatGatewayName": String,
    "InstanceChargeType": String,
    "PricingCycle": String,
    "VSwitchId": String,
    "Duration": Number,
    "DeletionProtection": Boolean,
    "InternetChargeType": String,
    "AutoPay": Boolean,
    "NatType": String,
    "DeletionForce": Boolean,
    "VpcId": String,
    "Tags": List,
    "NetworkType": String,
    "EipBindMode": String
  }
}

Properties

Property Type Required Editable Description Constraint
Description String No No The description of the NAT gateway. The description must be 2 to 256 characters in length, and cannot start with http:// or https://.
NatGatewayName String No No The name of the NAT gateway.

The name must be 2 to 128 characters in length, and can contain letters, digits, periods (.), underscores (_), and hyphens (-). The name must start with a letter but cannot start with http:// or https://.

If you do not specify this property, the gateway ID is used as the gateway name.

InstanceChargeType String No No The billing method of the NAT gateway. Default value: PostPaid. Valid values:
  • PostPaid: pay-as-you-go.
  • PrePaid: subscription.
PricingCycle String No No The billing cycle of the subscription NAT gateway. Default value: Month. Valid values:
  • Month
  • Year
This property is required when you set the InstanceChargeType property to PrePaid.
VSwitchId String Yes No The ID of the vSwitch that you specify for the NAT gateway. When you create an enhanced NAT gateway, you must specify a vSwitch for the NAT gateway. Then, the system assigns an idle private IP address from the vSwitch to the NAT gateway.
  • If you want to create an enhanced NAT gateway that is attached to an existing vSwitch, make sure that the zone to which the vSwitch belongs supports enhanced NAT gateways. In addition, the vSwitch must have idle private IP addresses.
  • If you want to create an enhanced NAT gateway when you do not have a vSwitch, create a vSwitch in a zone that supports enhanced NAT gateways. Then, you can specify the vSwitch for the enhanced NAT gateway.
You can call the ListEnhanhcedNatGatewayAvailableZones operation to query the zones that support enhanced NAT gateways and call the DescribeVSwitches operation to query the number of idle private IP addresses in a vSwitch.
Duration Number No No The subscription duration.
  • Valid values if you set the PricingCycle property to Month: 1 to 9.
  • Valid values if you set the PricingCycle property to Year: 1 to 3.

This property is required when you set the InstanceChargeType property to PrePaid.

DeletionProtection Boolean No No Specifies whether to enable deletion protection. Valid values:
  • true
  • false
InternetChargeType String No No The metering method of the NAT gateway. Set the value to PayByLcu, which specifies that the pay-by-CU metering method is used.
AutoPay Boolean No No Specifies whether to enable automatic payment. Valid values:
  • false: disables automatic payment. After an order is generated, you must go to the order center to complete the payment.
  • true: enables automatic payment. After an order is generated, the system automatically deducts the payment from your account balance to complete the payment.
This property is required when you set the InstanceChargeType property to PrePaid.
NatType String No No The type of the NAT gateway. Set the value to Enhanced, which specifies that an enhanced NAT gateway is created.
DeletionForce Boolean No No Specifies whether to forcefully delete the NAT gateway. Valid values:
  • true
  • false
VpcId String Yes No The ID of the virtual private cloud (VPC) in which you create the NAT gateway. If you want to create a standard NAT gateway in a VPC, make sure that the route table of the VPC does not contain a route entry whose destination CIDR block is set to 0.0.0.0/0. If a route entry whose destination CIDR block is set to 0.0.0.0/0 exists, delete the route entry before you create the standard NAT gateway.
Note The preceding limit does not apply when you create an enhanced NAT gateway in a VPC.
NetworkType String No No The network type of the NAT gateway. Default value: Internet. Valid values:
  • Internet: an Internet NAT gateway
  • Intranet: a VPC NAT gateway
Tags List No Yes The tags. You can add up to 20 tags to the NAT gateway.

For more information, see Tags syntax and Tags properties.

EipBindMode String No No The mode in which the NAT gateway is associated with an elastic IP address (EIP). Default value: MULTI_BINDED. Valid values:
  • MULTI_BINDED: Multi-EIP-to-ENI mode.
  • NAT: NAT mode, which is compatible with IPv4 addresses.

    In NAT mode, you can associate a NAT gateway with up to 50 EIPs. The EIP occupies one private IP address in the vSwitch of the NAT gateway.

    Note Make sure that the vSwitch has sufficient private IP addresses. Otherwise, the NAT gateway fails to be associated with the EIP.

Tags syntax

"Tags": [
  {
    "Key": String,
    "Value": String
  }
]

Tags properties

Property Type Required Editable Description Constraint
Key String Yes No The key of the tag. The tag key must be 1 to 64 characters in length, and can contain letters, digits, periods (.), underscores (_), and hyphens (-). The key cannot contain http:// or https://. The key cannot start with acs: or aliyun.
Value String No No The value of the tag. The tag value must be 0 to 128 characters in length, and can contain letters, digits, periods (.), underscores (_), and hyphens (-). The value cannot contain http:// or https://. The value cannot start with acs: or aliyun.

Return values

Fn::GetAtt

  • NatGatewayId: the ID of the NAT gateway.
  • SNatTableId: the ID of the SNAT entry.
  • ForwardTableId: the ID of the DNAT entry.

Examples

  • YAMLformat

    ROSTemplateFormatVersion: '2015-09-01'
Description: Test ECS NatGateway
Parameters:
  VPC:
    AssociationProperty: ALIYUN::ECS::VPC::VPCId
    Type: String
    Label:
      en: Existing VPC Instance ID
  VSwitch:
    AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
    Type: String
    Label:
      en: VSwitch ID
    AssociationPropertyMetadata:
      VpcId: VPC
Resources:
  NatGateway:
    Type: ALIYUN::VPC::NatGateway
    Properties:
      NatGatewayName: mytest
      VpcId:
        Ref: VPC
      VSwitchId:
        Ref: VSwitch
Outputs:
  NatGatewayId:
    Value:
      Fn::GetAtt:
        - NatGateway
        - NatGatewayId
  BandwidthPackageId:
    Value:
      Fn::GetAtt:
        - BandwidthPackage
        - BandwidthPackageId
  BandwidthPackageIps:
    Value:
      Fn::GetAtt:
        - CommonBandwidthPackageIp
        - IpAddresses

  • JSONformat

    {
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Test ECS NatGateway",
  "Parameters": {
    "VPC": {
      "AssociationProperty": "ALIYUN::ECS::VPC::VPCId",
      "Type": "String",
      "Label": {
        "en": "Existing VPC Instance ID"
      }
    },
    "VSwitch": {
      "AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
      "Type": "String",
      "Label": {
        "en": "VSwitch ID"
      },
      "AssociationPropertyMetadata": {
        "VpcId": "VPC"
      }
    }
  },
  "Resources": {
    "NatGateway": {
      "Type": "ALIYUN::VPC::NatGateway",
      "Properties": {
        "NatGatewayName": "mytest",
        "VpcId": {
          "Ref": "VPC"
        },
        "VSwitchId": {
          "Ref": "VSwitch"
        }
      }
    }
  },
  "Outputs": {
    "NatGatewayId": {
      "Value": {
        "Fn::GetAtt": [
          "NatGateway",
          "NatGatewayId"
        ]
      }
    },
    "BandwidthPackageId": {
      "Value": {
        "Fn::GetAtt": [
          "BandwidthPackage",
          "BandwidthPackageId"
        ]
      }
    },
    "BandwidthPackageIps": {
      "Value": {
        "Fn::GetAtt": [
          "CommonBandwidthPackageIp",
          "IpAddresses"
        ]
      }
    }
  }
}

For more examples, visit NatGateway.json and NatGateway.yml.