All Products
Search

This Product

    Resource Orchestration Service:ALIYUN::VPC::NatIpCidr

    Document Center

    Resource Orchestration Service:ALIYUN::VPC::NatIpCidr

    Last Updated:Apr 28, 2024

    ALIYUN::VPC::NatIpCidr is used to create a NAT CIDR block.

    Syntax

    {
  "Type": "ALIYUN::VPC::NatIpCidr",
  "Properties": {
    "NatIpCidr": String,
    "NatIpCidrDescription": String,
    "NatIpCidrName": String,
    "NatGatewayId": String
  }
}

    Properties

    Property

    Type

    Required

    Editable

    Description

    Constraint

    NatIpCidr

    String

    Yes

    No

    The NAT CIDR block that you want to create.

    The NAT CIDR block must meet the following conditions:

    • The NAT CIDR block must fall within one of the following CIDR blocks or their subnets: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16.

    • The subnet mask of the NAT CIDR block must be 16 to 32 bits in length.

    • The NAT CIDR block cannot overlap with the private CIDR block of the virtual private cloud (VPC) to which the VPC NAT gateway belongs. If you want to use other IP addresses from the private CIDR block of the VPC to provide NAT services, create a vSwitch within the VPC CIDR block and attach the vSwitch to another VPC NAT gateway.

    • If you want to use public IP addresses to provide NAT services, make sure that the public IP addresses fall within a customer CIDR block of the VPC to which the VPC NAT gateway belongs. For more information about customer CIDR blocks, see VPC FAQ.

    NatIpCidrDescription

    String

    Yes

    Yes

    The description of the NAT CIDR block.

    The description must be 2 to 256 characters in length. It must start with a letter and cannot start with http:// or https://.

    NatIpCidrName

    String

    Yes

    Yes

    The name of the NAT CIDR block.

    The name must be 2 to 128 characters in length, and can contain letters, digits, periods (.), underscores (_), and hyphens (-). It must start with a letter and cannot start with http:// or https://.

    NatGatewayId

    String

    Yes

    No

    The ID of the VPC NAT gateway with which you want to associate the NAT CIDR block.

    None.

    Return values

    Fn::GetAtt

    NatIpCidrId: the ID of the created NAT CIDR block.

    Examples

    • YAML format 

      ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  NatGatewayId:
    Description:
      en: The ID of the Virtual Private Cloud (VPC) NAT gateway with which you want
        to associate the CIDR block.
    Required: true
    Type: String
  NatIpCidr:
    Description:
      en: 'The NAT CIDR block that you want to associate with the NAT gateway.

        The new CIDR block must meet the following conditions:

        The NAT CIDR block must fall within 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16,
        or their subnets.

        The subnet mask must be 16 to 32 bits in length.

        The NAT CIDR block cannot overlap with the private CIDR block of the VPC to
        which the NAT gateway belongs. If you want to use other IP addresses from
        the private CIDR block of the VPC to provide NAT services, create a vSwitch
        and attach the vSwitch to another VPC NAT gateway.

        If you want to use public IP addresses to provide NAT services, make sure
        that the public IP addresses fall within a customer CIDR block of the VPC
        to which the VPC NAT gateway belongs. For more information, see What is customer
        CIDR block?.'
    Required: true
    Type: String
  NatIpCidrDescription:
    Description:
      en: 'The description of the NAT CIDR block.

        The description must be 2 to 256 characters in length and start with a letter.
        The description cannot start with http:// or https://.'
    Required: true
    Type: String
  NatIpCidrName:
    Description:
      en: 'The name of the CIDR block.

        The name must be 2 to 128 characters in length, and can contain letters, digits,
        periods (.), underscores (_), and hyphens (-). It must start with a letter.
        The name must start with a letter and cannot start with http:// or https://.'
    Required: true
    Type: String
Resources:
  VPCNatIpCidr:
    Properties:
      NatGatewayId:
        Ref: NatGatewayId
      NatIpCidr:
        Ref: NatIpCidr
      NatIpCidrDescription:
        Ref: NatIpCidrDescription
      NatIpCidrName:
        Ref: NatIpCidrName
    Type: ALIYUN::VPC::NatIpCidr
Outputs:
  NatIpCidrId:
    Description: The ID of the NAT CIDR block.
    Value:
      Fn::GetAtt:
      - VPCNatIpCidr
      - NatIpCidrId

    • JSON format 

      {
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "NatIpCidr": {
      "Type": "String",
      "Description": {
        "en": "The NAT CIDR block that you want to associate with the NAT gateway.\nThe new CIDR block must meet the following conditions:\nThe NAT CIDR block must fall within 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, or their subnets.\nThe subnet mask must be 16 to 32 bits in length.\nThe NAT CIDR block cannot overlap with the private CIDR block of the VPC to which the NAT gateway belongs. If you want to use other IP addresses from the private CIDR block of the VPC to provide NAT services, create a vSwitch and attach the vSwitch to another VPC NAT gateway.\nIf you want to use public IP addresses to provide NAT services, make sure that the public IP addresses fall within a customer CIDR block of the VPC to which the VPC NAT gateway belongs. For more information, see What is customer CIDR block?."
      },
      "Required": true
    },
    "NatIpCidrDescription": {
      "Type": "String",
      "Description": {
        "en": "The description of the NAT CIDR block.\nThe description must be 2 to 256 characters in length and start with a letter. The description cannot start with http:// or https://."
      },
      "Required": true
    },
    "NatIpCidrName": {
      "Type": "String",
      "Description": {
        "en": "The name of the CIDR block.\nThe name must be 2 to 128 characters in length, and can contain letters, digits, periods (.), underscores (_), and hyphens (-). It must start with a letter. The name must start with a letter and cannot start with http:// or https://."
      },
      "Required": true
    },
    "NatGatewayId": {
      "Type": "String",
      "Description": {
        "en": "The ID of the Virtual Private Cloud (VPC) NAT gateway with which you want to associate the CIDR block."
      },
      "Required": true
    }
  },
  "Resources": {
    "VPCNatIpCidr": {
      "Type": "ALIYUN::VPC::NatIpCidr",
      "Properties": {
        "NatIpCidr": {
          "Ref": "NatIpCidr"
        },
        "NatIpCidrDescription": {
          "Ref": "NatIpCidrDescription"
        },
        "NatIpCidrName": {
          "Ref": "NatIpCidrName"
        },
        "NatGatewayId": {
          "Ref": "NatGatewayId"
        }
      }
    }
  },
  "Outputs": {
    "NatIpCidrId": {
      "Description": "The ID of the NAT CIDR block.",
      "Value": {
        "Fn::GetAtt": [
          "VPCNatIpCidr",
          "NatIpCidrId"
        ]
      }
    }
  }
}