Create a NAT Gateway Rule

Create a NAT gateway rule to configure Source NAT (SNAT) behavior for your private network traffic using the POST request. The rules determine which private IP addresses can access the Internet through the NAT gateway.

Rule specifications: Define a name, protocol (TCP, UDP, ICMP, ESP, AH, or GRE), source subnet, and target subnet for each rule. You can also optionally specify a target port range.

Endpoint

https://api.ionos.com/cloudapi/v6/datacenters/{datacenterId}/natgateways/{natGatewayId}/rules

Request

curl --location \
--request POST 'https://api.ionos.com/cloudapi/v6/datacenters/15f67991-0f51-4efc-a8ad-ef1fb31a480c/natgateways/d8fbc490-3b3e-4f7a-b6e1-2c8d5f3e7a9b/rules' \
--header 'Authorization: Bearer $IONOS_TOKEN' \
--header 'Content-Type: application/json' \
--data-raw '{
  "properties": {
    "name": "Web Traffic Rule",
    "protocol": "TCP",
    "publicIp": "203.0.113.50",
    "sourceSubnet": "10.0.1.0/24",
    "targetSubnet": "0.0.0.0/0",
    "targetPortRange": {
      "start": 80,
      "end": 443
    },
    "type": "SNAT"
  }
}'

The following table lists the request body parameters:

Body Parameters

Required

Type

Description

Example

properties.name

yes

string

The name of the NAT gateway rule.

Web Traffic Rule

properties.protocol

string

The network protocol for the rule. If you do not specify a protocol, the system allows all supported protocols.

TCP

properties.publicIp

yes

string

The public IP address that the NAT gateway uses for the specific rule.

203.0.113.50

properties.sourceSubnet

yes

string

The source subnet in CIDR notation.

10.0.1.0/24

properties.targetSubnet

string

The target or destination subnet in CIDR notation.

0.0.0.0/0

properties.targetPortRange

object

The port range for the target subnet.

See nested properties.

properties.targetPortRange.start

integer

The starting port of the range.

80

properties.targetPortRange.end

integer

The ending port of the range.

443

properties.type

string

The type of NAT gateway rule.

SNAT

Response

A 202 Accepted response indicates that the NAT Gateway rule is successfully created. The id and other details are provided in the response.

Note: NAT Gateway rule creation is performed asynchronously. The resource maintains a BUSY status until provisioning completes. The response includes a Location header with a URL to poll the request status.

{
  "id": "a7f2e4d8-9c3b-4f6a-b5e8-1d2c3f4a5b6c",
  "type": "nat-gateway-rule",
  "href": "/cloudapi/v6/datacenters/15f67991-0f51-4efc-a8ad-ef1fb31a480c/natgateways/d8fbc490-3b3e-4f7a-b6e1-2c8d5f3e7a9b/rules/a7f2e4d8-9c3b-4f6a-b5e8-1d2c3f4a5b6c",
  "metadata": {
    "etag": "45480eb3fbfc31f1d916c1eaa4abdcc3",
    "createdDate": "2024-01-15T13:45:30+00:00",
    "createdBy": "ionos:identity:::users/87f9d82e-b28d-49ed-9d04-fba2c0459cd3",
    "createdByUserId": "87f9d82e-b28d-49ed-9d04-fba2c0459cd3",
    "lastModifiedDate": "2024-01-15T13:45:30+00:00",
    "lastModifiedBy": "ionos:identity:::users/87f9d82e-b28d-49ed-9d04-fba2c0459cd3",
    "lastModifiedByUserId": "87f9d82e-b28d-49ed-9d04-fba2c0459cd3",
    "state": "BUSY"
  },
  "properties": {
    "name": "Web Traffic Rule",
    "protocol": "TCP",
    "publicIp": "203.0.113.50",
    "sourceSubnet": "10.0.1.0/24",
    "targetSubnet": "0.0.0.0/0",
    "targetPortRange": {
      "start": 80,
      "end": 443
    },
    "type": "SNAT"
  }
}

PreviousDelete a Managed NAT Gateway NextList NAT Gateway Rules

Last updated 15 days ago

Was this helpful?

Good morning

hashtagEndpoint

hashtagRequest

hashtagResponse

Endpoint

Request

Response