0
0
GCPcloud~10 mins

Cloud NAT for private instances in GCP - Interactive Code Practice

Choose your learning style9 modes available
Practice - 5 Tasks
Answer the questions below
1fill in blank
easy

Complete the code to create a Cloud NAT configuration for a private instance.

GCP
resource "google_compute_router_nat" "nat_config" {
  name   = "nat-config"
  router = "[1]"
  region = "us-central1"
  nat_ip_allocate_option = "AUTO_ONLY"
  source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
}
Drag options to blanks, or click blank then click option'
Aprivate-router
Bmy-router
Cnat-router
Ddefault-router
Attempts:
3 left
💡 Hint
Common Mistakes
Using a router name that does not exist in the region.
Leaving the router field empty.
2fill in blank
medium

Complete the code to specify the source IP ranges that Cloud NAT should cover.

GCP
resource "google_compute_router_nat" "nat_config" {
  name   = "nat-config"
  router = "default-router"
  region = "us-central1"
  nat_ip_allocate_option = "AUTO_ONLY"
  source_subnetwork_ip_ranges_to_nat = "[1]"
}
Drag options to blanks, or click blank then click option'
AALL_SUBNETWORKS_ALL_IP_RANGES
BNO_SUBNETWORKS
CPRIMARY_IP_RANGE_ONLY
DLIST_OF_SUBNETWORKS
Attempts:
3 left
💡 Hint
Common Mistakes
Choosing an option that only covers primary IP ranges, missing secondary ranges.
Selecting NO_SUBNETWORKS which disables NAT.
3fill in blank
hard

Fix the error in the Cloud NAT configuration by selecting the correct NAT IP allocation option.

GCP
resource "google_compute_router_nat" "nat_config" {
  name   = "nat-config"
  router = "default-router"
  region = "us-central1"
  nat_ip_allocate_option = "[1]"
  source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
}
Drag options to blanks, or click blank then click option'
AMANUAL_ONLY
BNONE
CAUTO_ONLY
DSTATIC_ONLY
Attempts:
3 left
💡 Hint
Common Mistakes
Using "NONE" disables NAT IP allocation causing errors.
Choosing "MANUAL_ONLY" without assigning static IPs.
4fill in blank
hard

Fill both blanks to configure Cloud NAT to log all NAT traffic and enable TCP established connections.

GCP
resource "google_compute_router_nat" "nat_config" {
  name   = "nat-config"
  router = "default-router"
  region = "us-central1"
  nat_ip_allocate_option = "AUTO_ONLY"
  source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
  log_config {
    enable = [1]
    filter = "[2]"
  }
}
Drag options to blanks, or click blank then click option'
Atrue
BALL
Cfalse
DERRORS_ONLY
Attempts:
3 left
💡 Hint
Common Mistakes
Setting enable to false disables logging.
Using filter "ERRORS_ONLY" logs only errors, missing full traffic.
5fill in blank
hard

Fill all three blanks to create a Cloud NAT configuration that uses a specific static IP, covers primary IP ranges only, and disables logging.

GCP
resource "google_compute_router_nat" "nat_config" {
  name   = "nat-config"
  router = "default-router"
  region = "us-central1"
  nat_ip_allocate_option = "[1]"
  nat_ips = ["[2]"]
  source_subnetwork_ip_ranges_to_nat = "[3]"
  log_config {
    enable = false
  }
}
Drag options to blanks, or click blank then click option'
AMANUAL_ONLY
B34.123.45.67
CPRIMARY_IP_RANGE_ONLY
DAUTO_ONLY
Attempts:
3 left
💡 Hint
Common Mistakes
Using AUTO_ONLY with nat_ips causes conflicts.
Setting source_subnetwork_ip_ranges_to_nat to ALL_SUBNETWORKS_ALL_IP_RANGES when only primary ranges are needed.