Terraform Module for creating several DNAT entries for Nat Gateway on Alibaba Cloud. terraform-alicloud-dnat

English | 简体中文

Terraform module used to create several DNAT entries for an existing Nat Gateway on Alibaba Cloud. The DNAT function which maps a public IP address to an ECS instance so that the ECS instance can provide Internet services.

These types of resources are supported:

• dnat_entry

Usage

// Create vpc and vswitches
module "vpc" {
  source = "alibaba/vpc/alicloud"
  
  # ... omitted
}
// Create ecs instance
module "ecs-instance" {
  source = "alibaba/ecs-instance/alicloud"

  # ... omitted
}
// create a new nat gateway
module "nat" {
  source = "terraform-alicloud-modules/nat-gateway/alicloud"

  # ... omitted
}

module "complete" {
  source = "terraform-alicloud-modules/dnat/alicloud"


  create        = true
  dnat_table_id = module.nat.this_dnat_table_id

  # Default public ip, which will be used for all dnat entries.
  external_ip = module.nat.this_eip_ips[0]

  # Open to CIDRs blocks
  entries = [
    {
      name         = "dnat-443-8443"
      ip_protocol = "tcp"
      external_port = "443"
      internal_port = "8443"
      internal_ip = module.ecs-instance.this_private_ip.0
      external_ip      = module.nat.this_eip_ips[1]
    },
    {
      name         = "dnat-80-80"
      ip_protocol = "tcp"
      external_port = "80"
      internal_ip = module.ecs-instance.this_private_ip.1
    }
  ]
}

Examples

• Complete example shows all available parameters to configure dnat entry.

Notes

From the version v1.1.0, the module has removed the following provider setting:

provider "alicloud" {
  profile                 = var.profile != "" ? var.profile : null
  shared_credentials_file = var.shared_credentials_file != "" ? var.shared_credentials_file : null
  region                  = var.region != "" ? var.region : null
  skip_region_validation  = var.skip_region_validation
  configuration_source    = "terraform-alicloud-modules/dnat"
}

If you still want to use the provider setting to apply this module, you can specify a supported version, like 1.0.0:

module "dnat" {
  source  = "terraform-alicloud-modules/dnat/alicloud"
  version = "1.0.0"
  region  = "cn-hangzhou"
  profile = "Your-Profile-Name"
  create  = true
  // ...
}

If you want to upgrade the module to 1.1.0 or higher in-place, you can define a provider which same region with previous region:

provider "alicloud" {
  region  = "cn-hangzhou"
  profile = "Your-Profile-Name"
}
module "dnat" {
  source  = "terraform-alicloud-modules/dnat/alicloud"
  create  = true
  // ...
}

or specify an alias provider with a defined region to the module using providers:

provider "alicloud" {
  region  = "cn-hangzhou"
  profile = "Your-Profile-Name"
  alias   = "hz"
}
module "dnat" {
  source    = "terraform-alicloud-modules/dnat/alicloud"
  providers = {
    alicloud = alicloud.hz
  }
  create    = true
  // ...
}

and then run terraform init and terraform apply to make the defined provider effect to the existing module state.

More details see How to use provider in the module

Terraform versions

Name	Version
terraform	>= 0.13.0
alicloud	>= 1.56.0

Submit Issues

If you have any problems when using this module, please opening a provider issue and let us know.

Note: There does not recommend to open an issue on this repo.

Authors

Created and maintained by Alibaba Cloud Terraform Team(terraform@alibabacloud.com).

Reference

• Terraform-Provider-Alicloud Github
• Terraform-Provider-Alicloud Release
• Terraform-Provider-Alicloud Docs