This guide explains how to migrate from an instance-based NAT gateway to the managed Cloud NAT resource. For more information see the following documentation.
In the same region your instance-based NAT gateway is located, configure a Cloud NAT resource.
Use these instructions to configure a Cloud NAT in the same region as your instance-based NAT gateway.
The instructions below are intended for Terraform 0.12. We recommend upgrading your resources to Terraform 0.12, but if you need a Terraform 0.11.x-compatible version of Cloud NAT, use version 0.1.0 of terraform-google-cloud-nat.
Create a Cloud NAT resource in your region. If you do not have a Cloud Router, create one using the google_compute_router resource.
resource "google_compute_router" "router" {
name = "load-balancer-module-router"
region = var.region
network = var.network
}
module "cloud_nat" {
source = "terraform-google-modules/cloud-nat/google"
version = "~> 1.0.0"
project_id = var.project_id
region = var.region
name = "load-balancer-module-nat"
router = google_compute_router.router.name
}Delete the static routes that are sending traffic to the instanced-based NAT gateway.
- If created via NAT gateway module, routes will be named
[prefix]nat-[zone] - If created via console or API, routes may be called:
no-ip-internet-route,natroute1,natroute2,natroute3
Once removed, confirm that traffic is flowing through Cloud NAT from an instance in your network.
Delete your NAT gateway instance(s).
- If created via NAT gateway module, remove the instance of the module from Terraform and re-apply
- If created via console or API, delete your instance-based NAT gateways
Cloud NAT does not support squid or network proxy functionality. To use a squid proxy, see the following documentation.