Complete the code to create a Cloud NAT configuration for a private instance.
resource "google_compute_router_nat" "nat_config" { name = "nat-config" router = "[1]" region = "us-central1" nat_ip_allocate_option = "AUTO_ONLY" source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES" }
The Cloud NAT configuration must specify the router to attach to. Here, "default-router" is the correct router name.
Complete the code to specify the source IP ranges that Cloud NAT should cover.
resource "google_compute_router_nat" "nat_config" { name = "nat-config" router = "default-router" region = "us-central1" nat_ip_allocate_option = "AUTO_ONLY" source_subnetwork_ip_ranges_to_nat = "[1]" }
To allow Cloud NAT to cover all private instances, use "ALL_SUBNETWORKS_ALL_IP_RANGES" to include all subnetworks and IP ranges.
Fix the error in the Cloud NAT configuration by selecting the correct NAT IP allocation option.
resource "google_compute_router_nat" "nat_config" { name = "nat-config" router = "default-router" region = "us-central1" nat_ip_allocate_option = "[1]" source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES" }
"AUTO_ONLY" lets Cloud NAT automatically allocate IP addresses for NAT, which is the recommended setting for most cases.
Fill both blanks to configure Cloud NAT to log all NAT traffic and enable TCP established connections.
resource "google_compute_router_nat" "nat_config" { name = "nat-config" router = "default-router" region = "us-central1" nat_ip_allocate_option = "AUTO_ONLY" source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES" log_config { enable = [1] filter = "[2]" } }
Setting enable = true turns on logging, and filter = "ALL" logs all NAT traffic.
Fill all three blanks to create a Cloud NAT configuration that uses a specific static IP, covers primary IP ranges only, and disables logging.
resource "google_compute_router_nat" "nat_config" { name = "nat-config" router = "default-router" region = "us-central1" nat_ip_allocate_option = "[1]" nat_ips = ["[2]"] source_subnetwork_ip_ranges_to_nat = "[3]" log_config { enable = false } }
Use MANUAL_ONLY to specify static IPs manually, provide the static IP address, and set source IP ranges to PRIMARY_IP_RANGE_ONLY to cover only primary ranges. Logging is disabled by setting enable to false.