# NAT Gateways

## List NAT Gateways

> List all NAT Gateways within the data center.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"NatGateways":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/NatGateway"}},"offset":{"$ref":"#/components/schemas/PaginationOffsetOptional"},"limit":{"$ref":"#/components/schemas/PaginationLimitOptional"},"_links":{"$ref":"#/components/schemas/PaginationLinks"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"NatGateway":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayProperties"},"entities":{"$ref":"#/components/schemas/NatGatewayEntities"}}},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"NatGatewayProperties":{"required":["name","publicIps"],"type":"object","properties":{"name":{"type":"string","description":"Name of the NAT Gateway."},"publicIps":{"type":"array","description":"Collection of public IP addresses of the NAT Gateway. Should be customer reserved IP addresses in that location.","items":{"type":"string"}},"lans":{"type":"array","description":"Collection of LANs connected to the NAT Gateway. IPs must contain a valid subnet mask. If no IP is provided, the system will generate an IP with /24 subnet.","items":{"$ref":"#/components/schemas/NatGatewayLanProperties"}}}},"NatGatewayLanProperties":{"required":["id"],"type":"object","properties":{"id":{"type":"integer","description":"Id for the LAN connected to the NAT Gateway","format":"int32"},"gatewayIps":{"type":"array","description":"Collection of gateway IP addresses of the NAT Gateway. Will be auto-generated if not provided. Should ideally be an IP belonging to the same subnet as the LAN","items":{"type":"string"}}}},"NatGatewayEntities":{"type":"object","properties":{"rules":{"$ref":"#/components/schemas/NatGatewayRules"},"flowlogs":{"$ref":"#/components/schemas/FlowLogs"}}},"NatGatewayRules":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/NatGatewayRule"}}}},"NatGatewayRule":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"NatGatewayRuleProperties":{"required":["name","publicIp","sourceSubnet"],"type":"object","properties":{"name":{"type":"string","description":"The name of the NAT Gateway rule."},"type":{"type":"string","description":"Type of the NAT Gateway rule.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleType"}]},"protocol":{"type":"string","description":"Protocol of the NAT Gateway rule. Defaults to ALL. If protocol is 'ICMP' then targetPortRange start and end cannot be set.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleProtocol"}]},"sourceSubnet":{"type":"string","description":"Source subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets source IP address."},"publicIp":{"type":"string","description":"Public IP address of the NAT Gateway rule. Specifies the address used for masking outgoing packets source address field. Should be one of the customer reserved IP address already configured on the NAT Gateway resource"},"targetSubnet":{"type":"string","description":"Target or destination subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets destination IP address. If none is provided, rule will match any address."},"targetPortRange":{"$ref":"#/components/schemas/TargetPortRange"}}},"NatGatewayRuleType":{"type":"string","enum":["SNAT"]},"NatGatewayRuleProtocol":{"type":"string","enum":["TCP","UDP","ICMP","ALL"]},"TargetPortRange":{"type":"object","properties":{"start":{"type":"integer","description":"Target port range start associated with the NAT Gateway rule.","format":"int32"},"end":{"type":"integer","description":"Target port range end associated with the NAT Gateway rule.","format":"int32"}}},"FlowLogs":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/FlowLog"}},"offset":{"$ref":"#/components/schemas/PaginationOffsetOptional"},"limit":{"$ref":"#/components/schemas/PaginationLimitOptional"},"_links":{"$ref":"#/components/schemas/PaginationLinks"}}},"FlowLog":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/FlowLogProperties"}}},"FlowLogProperties":{"required":["action","bucket","direction","name"],"type":"object","properties":{"name":{"type":"string","description":"The resource name."},"action":{"type":"string","description":"Specifies the traffic action pattern.","enum":["ACCEPTED","REJECTED","ALL"]},"direction":{"type":"string","description":"Specifies the traffic direction pattern.","enum":["INGRESS","EGRESS","BIDIRECTIONAL"]},"bucket":{"type":"string","description":"The bucket name of an existing IONOS Cloud Object storage bucket."}}},"PaginationOffsetOptional":{"type":"number","description":"The offset (if specified in the request)."},"PaginationLimitOptional":{"type":"number","description":"The limit (if specified in the request)."},"PaginationLinks":{"type":"object","properties":{"prev":{"type":"string","description":"URL (with offset and limit parameters) of the previous page; only present if offset is greater than 0.","format":"uri","readOnly":true},"self":{"type":"string","description":"URL (with offset and limit parameters) of the current page.","format":"uri","readOnly":true},"next":{"type":"string","description":"URL (with offset and limit parameters) of the next page; only present if offset + limit is less than the total number of elements.","format":"uri","readOnly":true}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways":{"get":{"tags":["NAT Gateways"],"summary":"List NAT Gateways","description":"List all NAT Gateways within the data center.","operationId":"datacentersNatgatewaysGet","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"responses":{"200":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGateways"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Create a NAT Gateway

> Creates a NAT Gateway within the data center.\
> \
> This operation is restricted to contract owner, admin, and users with 'createInternetAccess' privileges.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"NatGateway":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayProperties"},"entities":{"$ref":"#/components/schemas/NatGatewayEntities"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"NatGatewayProperties":{"required":["name","publicIps"],"type":"object","properties":{"name":{"type":"string","description":"Name of the NAT Gateway."},"publicIps":{"type":"array","description":"Collection of public IP addresses of the NAT Gateway. Should be customer reserved IP addresses in that location.","items":{"type":"string"}},"lans":{"type":"array","description":"Collection of LANs connected to the NAT Gateway. IPs must contain a valid subnet mask. If no IP is provided, the system will generate an IP with /24 subnet.","items":{"$ref":"#/components/schemas/NatGatewayLanProperties"}}}},"NatGatewayLanProperties":{"required":["id"],"type":"object","properties":{"id":{"type":"integer","description":"Id for the LAN connected to the NAT Gateway","format":"int32"},"gatewayIps":{"type":"array","description":"Collection of gateway IP addresses of the NAT Gateway. Will be auto-generated if not provided. Should ideally be an IP belonging to the same subnet as the LAN","items":{"type":"string"}}}},"NatGatewayEntities":{"type":"object","properties":{"rules":{"$ref":"#/components/schemas/NatGatewayRules"},"flowlogs":{"$ref":"#/components/schemas/FlowLogs"}}},"NatGatewayRules":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/NatGatewayRule"}}}},"NatGatewayRule":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"NatGatewayRuleProperties":{"required":["name","publicIp","sourceSubnet"],"type":"object","properties":{"name":{"type":"string","description":"The name of the NAT Gateway rule."},"type":{"type":"string","description":"Type of the NAT Gateway rule.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleType"}]},"protocol":{"type":"string","description":"Protocol of the NAT Gateway rule. Defaults to ALL. If protocol is 'ICMP' then targetPortRange start and end cannot be set.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleProtocol"}]},"sourceSubnet":{"type":"string","description":"Source subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets source IP address."},"publicIp":{"type":"string","description":"Public IP address of the NAT Gateway rule. Specifies the address used for masking outgoing packets source address field. Should be one of the customer reserved IP address already configured on the NAT Gateway resource"},"targetSubnet":{"type":"string","description":"Target or destination subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets destination IP address. If none is provided, rule will match any address."},"targetPortRange":{"$ref":"#/components/schemas/TargetPortRange"}}},"NatGatewayRuleType":{"type":"string","enum":["SNAT"]},"NatGatewayRuleProtocol":{"type":"string","enum":["TCP","UDP","ICMP","ALL"]},"TargetPortRange":{"type":"object","properties":{"start":{"type":"integer","description":"Target port range start associated with the NAT Gateway rule.","format":"int32"},"end":{"type":"integer","description":"Target port range end associated with the NAT Gateway rule.","format":"int32"}}},"FlowLogs":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/FlowLog"}},"offset":{"$ref":"#/components/schemas/PaginationOffsetOptional"},"limit":{"$ref":"#/components/schemas/PaginationLimitOptional"},"_links":{"$ref":"#/components/schemas/PaginationLinks"}}},"FlowLog":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/FlowLogProperties"}}},"FlowLogProperties":{"required":["action","bucket","direction","name"],"type":"object","properties":{"name":{"type":"string","description":"The resource name."},"action":{"type":"string","description":"Specifies the traffic action pattern.","enum":["ACCEPTED","REJECTED","ALL"]},"direction":{"type":"string","description":"Specifies the traffic direction pattern.","enum":["INGRESS","EGRESS","BIDIRECTIONAL"]},"bucket":{"type":"string","description":"The bucket name of an existing IONOS Cloud Object storage bucket."}}},"PaginationOffsetOptional":{"type":"number","description":"The offset (if specified in the request)."},"PaginationLimitOptional":{"type":"number","description":"The limit (if specified in the request)."},"PaginationLinks":{"type":"object","properties":{"prev":{"type":"string","description":"URL (with offset and limit parameters) of the previous page; only present if offset is greater than 0.","format":"uri","readOnly":true},"self":{"type":"string","description":"URL (with offset and limit parameters) of the current page.","format":"uri","readOnly":true},"next":{"type":"string","description":"URL (with offset and limit parameters) of the next page; only present if offset + limit is less than the total number of elements.","format":"uri","readOnly":true}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways":{"post":{"tags":["NAT Gateways"],"summary":"Create a NAT Gateway","description":"Creates a NAT Gateway within the data center.\n\nThis operation is restricted to contract owner, admin, and users with 'createInternetAccess' privileges.","operationId":"datacentersNatgatewaysPost","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"requestBody":{"description":"The NAT Gateway to create.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGateway"}}},"required":true},"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}},"Location":{"description":"Callback URL to poll async operation status.","schema":{"pattern":"https://[apiBaseUri]/requests/[requestId]/status","type":"string"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGateway"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Retrieve NAT Gateways

> Retrieve the properties of the specified NAT Gateway within the data center.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"NatGateway":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayProperties"},"entities":{"$ref":"#/components/schemas/NatGatewayEntities"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"NatGatewayProperties":{"required":["name","publicIps"],"type":"object","properties":{"name":{"type":"string","description":"Name of the NAT Gateway."},"publicIps":{"type":"array","description":"Collection of public IP addresses of the NAT Gateway. Should be customer reserved IP addresses in that location.","items":{"type":"string"}},"lans":{"type":"array","description":"Collection of LANs connected to the NAT Gateway. IPs must contain a valid subnet mask. If no IP is provided, the system will generate an IP with /24 subnet.","items":{"$ref":"#/components/schemas/NatGatewayLanProperties"}}}},"NatGatewayLanProperties":{"required":["id"],"type":"object","properties":{"id":{"type":"integer","description":"Id for the LAN connected to the NAT Gateway","format":"int32"},"gatewayIps":{"type":"array","description":"Collection of gateway IP addresses of the NAT Gateway. Will be auto-generated if not provided. Should ideally be an IP belonging to the same subnet as the LAN","items":{"type":"string"}}}},"NatGatewayEntities":{"type":"object","properties":{"rules":{"$ref":"#/components/schemas/NatGatewayRules"},"flowlogs":{"$ref":"#/components/schemas/FlowLogs"}}},"NatGatewayRules":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/NatGatewayRule"}}}},"NatGatewayRule":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"NatGatewayRuleProperties":{"required":["name","publicIp","sourceSubnet"],"type":"object","properties":{"name":{"type":"string","description":"The name of the NAT Gateway rule."},"type":{"type":"string","description":"Type of the NAT Gateway rule.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleType"}]},"protocol":{"type":"string","description":"Protocol of the NAT Gateway rule. Defaults to ALL. If protocol is 'ICMP' then targetPortRange start and end cannot be set.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleProtocol"}]},"sourceSubnet":{"type":"string","description":"Source subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets source IP address."},"publicIp":{"type":"string","description":"Public IP address of the NAT Gateway rule. Specifies the address used for masking outgoing packets source address field. Should be one of the customer reserved IP address already configured on the NAT Gateway resource"},"targetSubnet":{"type":"string","description":"Target or destination subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets destination IP address. If none is provided, rule will match any address."},"targetPortRange":{"$ref":"#/components/schemas/TargetPortRange"}}},"NatGatewayRuleType":{"type":"string","enum":["SNAT"]},"NatGatewayRuleProtocol":{"type":"string","enum":["TCP","UDP","ICMP","ALL"]},"TargetPortRange":{"type":"object","properties":{"start":{"type":"integer","description":"Target port range start associated with the NAT Gateway rule.","format":"int32"},"end":{"type":"integer","description":"Target port range end associated with the NAT Gateway rule.","format":"int32"}}},"FlowLogs":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/FlowLog"}},"offset":{"$ref":"#/components/schemas/PaginationOffsetOptional"},"limit":{"$ref":"#/components/schemas/PaginationLimitOptional"},"_links":{"$ref":"#/components/schemas/PaginationLinks"}}},"FlowLog":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/FlowLogProperties"}}},"FlowLogProperties":{"required":["action","bucket","direction","name"],"type":"object","properties":{"name":{"type":"string","description":"The resource name."},"action":{"type":"string","description":"Specifies the traffic action pattern.","enum":["ACCEPTED","REJECTED","ALL"]},"direction":{"type":"string","description":"Specifies the traffic direction pattern.","enum":["INGRESS","EGRESS","BIDIRECTIONAL"]},"bucket":{"type":"string","description":"The bucket name of an existing IONOS Cloud Object storage bucket."}}},"PaginationOffsetOptional":{"type":"number","description":"The offset (if specified in the request)."},"PaginationLimitOptional":{"type":"number","description":"The limit (if specified in the request)."},"PaginationLinks":{"type":"object","properties":{"prev":{"type":"string","description":"URL (with offset and limit parameters) of the previous page; only present if offset is greater than 0.","format":"uri","readOnly":true},"self":{"type":"string","description":"URL (with offset and limit parameters) of the current page.","format":"uri","readOnly":true},"next":{"type":"string","description":"URL (with offset and limit parameters) of the next page; only present if offset + limit is less than the total number of elements.","format":"uri","readOnly":true}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}":{"get":{"tags":["NAT Gateways"],"summary":"Retrieve NAT Gateways","description":"Retrieve the properties of the specified NAT Gateway within the data center.","operationId":"datacentersNatgatewaysFindByNatGatewayId","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"responses":{"200":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGateway"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Modify NAT Gateways

> Modify the properties of the specified NAT Gateway within the data center.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"NatGatewayPut":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"properties":{"$ref":"#/components/schemas/NatGatewayProperties"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"NatGatewayProperties":{"required":["name","publicIps"],"type":"object","properties":{"name":{"type":"string","description":"Name of the NAT Gateway."},"publicIps":{"type":"array","description":"Collection of public IP addresses of the NAT Gateway. Should be customer reserved IP addresses in that location.","items":{"type":"string"}},"lans":{"type":"array","description":"Collection of LANs connected to the NAT Gateway. IPs must contain a valid subnet mask. If no IP is provided, the system will generate an IP with /24 subnet.","items":{"$ref":"#/components/schemas/NatGatewayLanProperties"}}}},"NatGatewayLanProperties":{"required":["id"],"type":"object","properties":{"id":{"type":"integer","description":"Id for the LAN connected to the NAT Gateway","format":"int32"},"gatewayIps":{"type":"array","description":"Collection of gateway IP addresses of the NAT Gateway. Will be auto-generated if not provided. Should ideally be an IP belonging to the same subnet as the LAN","items":{"type":"string"}}}},"NatGateway":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayProperties"},"entities":{"$ref":"#/components/schemas/NatGatewayEntities"}}},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"NatGatewayEntities":{"type":"object","properties":{"rules":{"$ref":"#/components/schemas/NatGatewayRules"},"flowlogs":{"$ref":"#/components/schemas/FlowLogs"}}},"NatGatewayRules":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/NatGatewayRule"}}}},"NatGatewayRule":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"NatGatewayRuleProperties":{"required":["name","publicIp","sourceSubnet"],"type":"object","properties":{"name":{"type":"string","description":"The name of the NAT Gateway rule."},"type":{"type":"string","description":"Type of the NAT Gateway rule.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleType"}]},"protocol":{"type":"string","description":"Protocol of the NAT Gateway rule. Defaults to ALL. If protocol is 'ICMP' then targetPortRange start and end cannot be set.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleProtocol"}]},"sourceSubnet":{"type":"string","description":"Source subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets source IP address."},"publicIp":{"type":"string","description":"Public IP address of the NAT Gateway rule. Specifies the address used for masking outgoing packets source address field. Should be one of the customer reserved IP address already configured on the NAT Gateway resource"},"targetSubnet":{"type":"string","description":"Target or destination subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets destination IP address. If none is provided, rule will match any address."},"targetPortRange":{"$ref":"#/components/schemas/TargetPortRange"}}},"NatGatewayRuleType":{"type":"string","enum":["SNAT"]},"NatGatewayRuleProtocol":{"type":"string","enum":["TCP","UDP","ICMP","ALL"]},"TargetPortRange":{"type":"object","properties":{"start":{"type":"integer","description":"Target port range start associated with the NAT Gateway rule.","format":"int32"},"end":{"type":"integer","description":"Target port range end associated with the NAT Gateway rule.","format":"int32"}}},"FlowLogs":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/FlowLog"}},"offset":{"$ref":"#/components/schemas/PaginationOffsetOptional"},"limit":{"$ref":"#/components/schemas/PaginationLimitOptional"},"_links":{"$ref":"#/components/schemas/PaginationLinks"}}},"FlowLog":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/FlowLogProperties"}}},"FlowLogProperties":{"required":["action","bucket","direction","name"],"type":"object","properties":{"name":{"type":"string","description":"The resource name."},"action":{"type":"string","description":"Specifies the traffic action pattern.","enum":["ACCEPTED","REJECTED","ALL"]},"direction":{"type":"string","description":"Specifies the traffic direction pattern.","enum":["INGRESS","EGRESS","BIDIRECTIONAL"]},"bucket":{"type":"string","description":"The bucket name of an existing IONOS Cloud Object storage bucket."}}},"PaginationOffsetOptional":{"type":"number","description":"The offset (if specified in the request)."},"PaginationLimitOptional":{"type":"number","description":"The limit (if specified in the request)."},"PaginationLinks":{"type":"object","properties":{"prev":{"type":"string","description":"URL (with offset and limit parameters) of the previous page; only present if offset is greater than 0.","format":"uri","readOnly":true},"self":{"type":"string","description":"URL (with offset and limit parameters) of the current page.","format":"uri","readOnly":true},"next":{"type":"string","description":"URL (with offset and limit parameters) of the next page; only present if offset + limit is less than the total number of elements.","format":"uri","readOnly":true}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}":{"put":{"tags":["NAT Gateways"],"summary":"Modify NAT Gateways","description":"Modify the properties of the specified NAT Gateway within the data center.","operationId":"datacentersNatgatewaysPut","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"requestBody":{"description":"The modified NAT Gateway.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGatewayPut"}}},"required":true},"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGateway"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Delete NAT Gateways

> Remove the specified NAT Gateway from the data center.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}":{"delete":{"tags":["NAT Gateways"],"summary":"Delete NAT Gateways","description":"Remove the specified NAT Gateway from the data center.","operationId":"datacentersNatgatewaysDelete","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}},"Location":{"description":"Callback URL to poll async operation status.","schema":{"pattern":"https://[apiBaseUri]/requests/[requestId]/status","type":"string"}}},"content":{}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Partially modify NAT Gateways

> Update the properties of the specified NAT Gateway within the data center.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"NatGatewayProperties":{"required":["name","publicIps"],"type":"object","properties":{"name":{"type":"string","description":"Name of the NAT Gateway."},"publicIps":{"type":"array","description":"Collection of public IP addresses of the NAT Gateway. Should be customer reserved IP addresses in that location.","items":{"type":"string"}},"lans":{"type":"array","description":"Collection of LANs connected to the NAT Gateway. IPs must contain a valid subnet mask. If no IP is provided, the system will generate an IP with /24 subnet.","items":{"$ref":"#/components/schemas/NatGatewayLanProperties"}}}},"NatGatewayLanProperties":{"required":["id"],"type":"object","properties":{"id":{"type":"integer","description":"Id for the LAN connected to the NAT Gateway","format":"int32"},"gatewayIps":{"type":"array","description":"Collection of gateway IP addresses of the NAT Gateway. Will be auto-generated if not provided. Should ideally be an IP belonging to the same subnet as the LAN","items":{"type":"string"}}}},"NatGateway":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayProperties"},"entities":{"$ref":"#/components/schemas/NatGatewayEntities"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"NatGatewayEntities":{"type":"object","properties":{"rules":{"$ref":"#/components/schemas/NatGatewayRules"},"flowlogs":{"$ref":"#/components/schemas/FlowLogs"}}},"NatGatewayRules":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/NatGatewayRule"}}}},"NatGatewayRule":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"NatGatewayRuleProperties":{"required":["name","publicIp","sourceSubnet"],"type":"object","properties":{"name":{"type":"string","description":"The name of the NAT Gateway rule."},"type":{"type":"string","description":"Type of the NAT Gateway rule.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleType"}]},"protocol":{"type":"string","description":"Protocol of the NAT Gateway rule. Defaults to ALL. If protocol is 'ICMP' then targetPortRange start and end cannot be set.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleProtocol"}]},"sourceSubnet":{"type":"string","description":"Source subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets source IP address."},"publicIp":{"type":"string","description":"Public IP address of the NAT Gateway rule. Specifies the address used for masking outgoing packets source address field. Should be one of the customer reserved IP address already configured on the NAT Gateway resource"},"targetSubnet":{"type":"string","description":"Target or destination subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets destination IP address. If none is provided, rule will match any address."},"targetPortRange":{"$ref":"#/components/schemas/TargetPortRange"}}},"NatGatewayRuleType":{"type":"string","enum":["SNAT"]},"NatGatewayRuleProtocol":{"type":"string","enum":["TCP","UDP","ICMP","ALL"]},"TargetPortRange":{"type":"object","properties":{"start":{"type":"integer","description":"Target port range start associated with the NAT Gateway rule.","format":"int32"},"end":{"type":"integer","description":"Target port range end associated with the NAT Gateway rule.","format":"int32"}}},"FlowLogs":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/FlowLog"}},"offset":{"$ref":"#/components/schemas/PaginationOffsetOptional"},"limit":{"$ref":"#/components/schemas/PaginationLimitOptional"},"_links":{"$ref":"#/components/schemas/PaginationLinks"}}},"FlowLog":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/FlowLogProperties"}}},"FlowLogProperties":{"required":["action","bucket","direction","name"],"type":"object","properties":{"name":{"type":"string","description":"The resource name."},"action":{"type":"string","description":"Specifies the traffic action pattern.","enum":["ACCEPTED","REJECTED","ALL"]},"direction":{"type":"string","description":"Specifies the traffic direction pattern.","enum":["INGRESS","EGRESS","BIDIRECTIONAL"]},"bucket":{"type":"string","description":"The bucket name of an existing IONOS Cloud Object storage bucket."}}},"PaginationOffsetOptional":{"type":"number","description":"The offset (if specified in the request)."},"PaginationLimitOptional":{"type":"number","description":"The limit (if specified in the request)."},"PaginationLinks":{"type":"object","properties":{"prev":{"type":"string","description":"URL (with offset and limit parameters) of the previous page; only present if offset is greater than 0.","format":"uri","readOnly":true},"self":{"type":"string","description":"URL (with offset and limit parameters) of the current page.","format":"uri","readOnly":true},"next":{"type":"string","description":"URL (with offset and limit parameters) of the next page; only present if offset + limit is less than the total number of elements.","format":"uri","readOnly":true}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}":{"patch":{"tags":["NAT Gateways"],"summary":"Partially modify NAT Gateways","description":"Update the properties of the specified NAT Gateway within the data center.","operationId":"datacentersNatgatewaysPatch","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"requestBody":{"description":"The properties of the NAT Gateway to be updated.","content":{"*/*":{"schema":{"$ref":"#/components/schemas/NatGatewayProperties"}}},"required":true},"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGateway"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## List NAT Gateway rules

> List all rules for the specified NAT Gateway.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"NatGatewayRules":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/NatGatewayRule"}}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"NatGatewayRule":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"NatGatewayRuleProperties":{"required":["name","publicIp","sourceSubnet"],"type":"object","properties":{"name":{"type":"string","description":"The name of the NAT Gateway rule."},"type":{"type":"string","description":"Type of the NAT Gateway rule.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleType"}]},"protocol":{"type":"string","description":"Protocol of the NAT Gateway rule. Defaults to ALL. If protocol is 'ICMP' then targetPortRange start and end cannot be set.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleProtocol"}]},"sourceSubnet":{"type":"string","description":"Source subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets source IP address."},"publicIp":{"type":"string","description":"Public IP address of the NAT Gateway rule. Specifies the address used for masking outgoing packets source address field. Should be one of the customer reserved IP address already configured on the NAT Gateway resource"},"targetSubnet":{"type":"string","description":"Target or destination subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets destination IP address. If none is provided, rule will match any address."},"targetPortRange":{"$ref":"#/components/schemas/TargetPortRange"}}},"NatGatewayRuleType":{"type":"string","enum":["SNAT"]},"NatGatewayRuleProtocol":{"type":"string","enum":["TCP","UDP","ICMP","ALL"]},"TargetPortRange":{"type":"object","properties":{"start":{"type":"integer","description":"Target port range start associated with the NAT Gateway rule.","format":"int32"},"end":{"type":"integer","description":"Target port range end associated with the NAT Gateway rule.","format":"int32"}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/rules":{"get":{"tags":["NAT Gateways"],"summary":"List NAT Gateway rules","description":"List all rules for the specified NAT Gateway.","operationId":"datacentersNatgatewaysRulesGet","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"responses":{"200":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGatewayRules"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Create a NAT Gateway Rule

> Creates a rule for the specified NAT Gateway.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"NatGatewayRule":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"NatGatewayRuleProperties":{"required":["name","publicIp","sourceSubnet"],"type":"object","properties":{"name":{"type":"string","description":"The name of the NAT Gateway rule."},"type":{"type":"string","description":"Type of the NAT Gateway rule.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleType"}]},"protocol":{"type":"string","description":"Protocol of the NAT Gateway rule. Defaults to ALL. If protocol is 'ICMP' then targetPortRange start and end cannot be set.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleProtocol"}]},"sourceSubnet":{"type":"string","description":"Source subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets source IP address."},"publicIp":{"type":"string","description":"Public IP address of the NAT Gateway rule. Specifies the address used for masking outgoing packets source address field. Should be one of the customer reserved IP address already configured on the NAT Gateway resource"},"targetSubnet":{"type":"string","description":"Target or destination subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets destination IP address. If none is provided, rule will match any address."},"targetPortRange":{"$ref":"#/components/schemas/TargetPortRange"}}},"NatGatewayRuleType":{"type":"string","enum":["SNAT"]},"NatGatewayRuleProtocol":{"type":"string","enum":["TCP","UDP","ICMP","ALL"]},"TargetPortRange":{"type":"object","properties":{"start":{"type":"integer","description":"Target port range start associated with the NAT Gateway rule.","format":"int32"},"end":{"type":"integer","description":"Target port range end associated with the NAT Gateway rule.","format":"int32"}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/rules":{"post":{"tags":["NAT Gateways"],"summary":"Create a NAT Gateway Rule","description":"Creates a rule for the specified NAT Gateway.","operationId":"datacentersNatgatewaysRulesPost","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"requestBody":{"description":"The NAT Gateway rule to create.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGatewayRule"}}},"required":true},"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}},"Location":{"description":"Callback URL to poll async operation status.","schema":{"pattern":"https://[apiBaseUri]/requests/[requestId]/status","type":"string"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGatewayRule"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Retrieve NAT Gateway rules

> Retrieve the properties of the specified NAT Gateway rule.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"NatGatewayRule":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"NatGatewayRuleProperties":{"required":["name","publicIp","sourceSubnet"],"type":"object","properties":{"name":{"type":"string","description":"The name of the NAT Gateway rule."},"type":{"type":"string","description":"Type of the NAT Gateway rule.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleType"}]},"protocol":{"type":"string","description":"Protocol of the NAT Gateway rule. Defaults to ALL. If protocol is 'ICMP' then targetPortRange start and end cannot be set.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleProtocol"}]},"sourceSubnet":{"type":"string","description":"Source subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets source IP address."},"publicIp":{"type":"string","description":"Public IP address of the NAT Gateway rule. Specifies the address used for masking outgoing packets source address field. Should be one of the customer reserved IP address already configured on the NAT Gateway resource"},"targetSubnet":{"type":"string","description":"Target or destination subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets destination IP address. If none is provided, rule will match any address."},"targetPortRange":{"$ref":"#/components/schemas/TargetPortRange"}}},"NatGatewayRuleType":{"type":"string","enum":["SNAT"]},"NatGatewayRuleProtocol":{"type":"string","enum":["TCP","UDP","ICMP","ALL"]},"TargetPortRange":{"type":"object","properties":{"start":{"type":"integer","description":"Target port range start associated with the NAT Gateway rule.","format":"int32"},"end":{"type":"integer","description":"Target port range end associated with the NAT Gateway rule.","format":"int32"}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/rules/{natGatewayRuleId}":{"get":{"tags":["NAT Gateways"],"summary":"Retrieve NAT Gateway rules","description":"Retrieve the properties of the specified NAT Gateway rule.","operationId":"datacentersNatgatewaysRulesFindByNatGatewayRuleId","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"natGatewayRuleId","in":"path","description":"The unique ID of the NAT Gateway rule.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"responses":{"200":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGatewayRule"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Modify a NAT Gateway Rule by ID

> Modify the specified NAT Gateway rule.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"NatGatewayRulePut":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"properties":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"NatGatewayRuleProperties":{"required":["name","publicIp","sourceSubnet"],"type":"object","properties":{"name":{"type":"string","description":"The name of the NAT Gateway rule."},"type":{"type":"string","description":"Type of the NAT Gateway rule.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleType"}]},"protocol":{"type":"string","description":"Protocol of the NAT Gateway rule. Defaults to ALL. If protocol is 'ICMP' then targetPortRange start and end cannot be set.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleProtocol"}]},"sourceSubnet":{"type":"string","description":"Source subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets source IP address."},"publicIp":{"type":"string","description":"Public IP address of the NAT Gateway rule. Specifies the address used for masking outgoing packets source address field. Should be one of the customer reserved IP address already configured on the NAT Gateway resource"},"targetSubnet":{"type":"string","description":"Target or destination subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets destination IP address. If none is provided, rule will match any address."},"targetPortRange":{"$ref":"#/components/schemas/TargetPortRange"}}},"NatGatewayRuleType":{"type":"string","enum":["SNAT"]},"NatGatewayRuleProtocol":{"type":"string","enum":["TCP","UDP","ICMP","ALL"]},"TargetPortRange":{"type":"object","properties":{"start":{"type":"integer","description":"Target port range start associated with the NAT Gateway rule.","format":"int32"},"end":{"type":"integer","description":"Target port range end associated with the NAT Gateway rule.","format":"int32"}}},"NatGatewayRule":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/rules/{natGatewayRuleId}":{"put":{"tags":["NAT Gateways"],"summary":"Modify a NAT Gateway Rule by ID","description":"Modify the specified NAT Gateway rule.","operationId":"datacentersNatgatewaysRulesPut","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"natGatewayRuleId","in":"path","description":"The unique ID of the NAT Gateway rule.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"requestBody":{"description":"The modified NAT Gateway rule.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGatewayRulePut"}}},"required":true},"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGatewayRule"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Delete NAT Gateway rules

> Delete the specified NAT Gateway rule.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/rules/{natGatewayRuleId}":{"delete":{"tags":["NAT Gateways"],"summary":"Delete NAT Gateway rules","description":"Delete the specified NAT Gateway rule.","operationId":"datacentersNatgatewaysRulesDelete","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"natGatewayRuleId","in":"path","description":"The unique ID of the NAT Gateway rule.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}},"Location":{"description":"Callback URL to poll async operation status.","schema":{"pattern":"https://[apiBaseUri]/requests/[requestId]/status","type":"string"}}},"content":{}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Partially Modify a NAT Gateway Rule by ID

> Updates the properties of the specified NAT Gateway rule.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"NatGatewayRuleProperties":{"required":["name","publicIp","sourceSubnet"],"type":"object","properties":{"name":{"type":"string","description":"The name of the NAT Gateway rule."},"type":{"type":"string","description":"Type of the NAT Gateway rule.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleType"}]},"protocol":{"type":"string","description":"Protocol of the NAT Gateway rule. Defaults to ALL. If protocol is 'ICMP' then targetPortRange start and end cannot be set.","allOf":[{"$ref":"#/components/schemas/NatGatewayRuleProtocol"}]},"sourceSubnet":{"type":"string","description":"Source subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets source IP address."},"publicIp":{"type":"string","description":"Public IP address of the NAT Gateway rule. Specifies the address used for masking outgoing packets source address field. Should be one of the customer reserved IP address already configured on the NAT Gateway resource"},"targetSubnet":{"type":"string","description":"Target or destination subnet of the NAT Gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets destination IP address. If none is provided, rule will match any address."},"targetPortRange":{"$ref":"#/components/schemas/TargetPortRange"}}},"NatGatewayRuleType":{"type":"string","enum":["SNAT"]},"NatGatewayRuleProtocol":{"type":"string","enum":["TCP","UDP","ICMP","ALL"]},"TargetPortRange":{"type":"object","properties":{"start":{"type":"integer","description":"Target port range start associated with the NAT Gateway rule.","format":"int32"},"end":{"type":"integer","description":"Target port range end associated with the NAT Gateway rule.","format":"int32"}}},"NatGatewayRule":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/rules/{natGatewayRuleId}":{"patch":{"tags":["NAT Gateways"],"summary":"Partially Modify a NAT Gateway Rule by ID","description":"Updates the properties of the specified NAT Gateway rule.","operationId":"datacentersNatgatewaysRulesPatch","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"natGatewayRuleId","in":"path","description":"The unique ID of the NAT Gateway rule.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"X-Contract-Number","in":"header","description":"Users with multiple contracts must provide the contract number, for which all API requests are to be executed.","schema":{"type":"integer","format":"int32"}}],"requestBody":{"description":"The properties of the NAT Gateway rule to be updated.","content":{"*/*":{"schema":{"$ref":"#/components/schemas/NatGatewayRuleProperties"}}},"required":true},"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/NatGatewayRule"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## List NAT Gateway Flow Logs

> List all the Flow Logs for the specified NAT Gateway.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"FlowLogs":{"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"items":{"type":"array","description":"Array of items in the collection.","readOnly":true,"items":{"$ref":"#/components/schemas/FlowLog"}},"offset":{"$ref":"#/components/schemas/PaginationOffsetOptional"},"limit":{"$ref":"#/components/schemas/PaginationLimitOptional"},"_links":{"$ref":"#/components/schemas/PaginationLinks"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"FlowLog":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/FlowLogProperties"}}},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"FlowLogProperties":{"required":["action","bucket","direction","name"],"type":"object","properties":{"name":{"type":"string","description":"The resource name."},"action":{"type":"string","description":"Specifies the traffic action pattern.","enum":["ACCEPTED","REJECTED","ALL"]},"direction":{"type":"string","description":"Specifies the traffic direction pattern.","enum":["INGRESS","EGRESS","BIDIRECTIONAL"]},"bucket":{"type":"string","description":"The bucket name of an existing IONOS Cloud Object storage bucket."}}},"PaginationOffsetOptional":{"type":"number","description":"The offset (if specified in the request)."},"PaginationLimitOptional":{"type":"number","description":"The limit (if specified in the request)."},"PaginationLinks":{"type":"object","properties":{"prev":{"type":"string","description":"URL (with offset and limit parameters) of the previous page; only present if offset is greater than 0.","format":"uri","readOnly":true},"self":{"type":"string","description":"URL (with offset and limit parameters) of the current page.","format":"uri","readOnly":true},"next":{"type":"string","description":"URL (with offset and limit parameters) of the next page; only present if offset + limit is less than the total number of elements.","format":"uri","readOnly":true}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/flowlogs":{"get":{"tags":["NAT Gateways"],"summary":"List NAT Gateway Flow Logs","description":"List all the Flow Logs for the specified NAT Gateway.","operationId":"datacentersNatgatewaysFlowlogsGet","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"offset","in":"query","description":"The first element (from the complete list of the elements) to include in the response (used together with <b><i>limit</i></b> for pagination).","schema":{"minimum":0,"type":"integer","format":"int32","default":0}},{"name":"limit","in":"query","description":"The maximum number of elements to return (use together with offset for pagination).","schema":{"maximum":10000,"minimum":1,"type":"integer","format":"int32","default":1000}}],"responses":{"200":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/FlowLogs"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Create a NAT Gateway Flow Log

> Adds a new Flow Log to the specified NAT Gateway.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"FlowLog":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/FlowLogProperties"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"FlowLogProperties":{"required":["action","bucket","direction","name"],"type":"object","properties":{"name":{"type":"string","description":"The resource name."},"action":{"type":"string","description":"Specifies the traffic action pattern.","enum":["ACCEPTED","REJECTED","ALL"]},"direction":{"type":"string","description":"Specifies the traffic direction pattern.","enum":["INGRESS","EGRESS","BIDIRECTIONAL"]},"bucket":{"type":"string","description":"The bucket name of an existing IONOS Cloud Object storage bucket."}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/flowlogs":{"post":{"tags":["NAT Gateways"],"summary":"Create a NAT Gateway Flow Log","description":"Adds a new Flow Log to the specified NAT Gateway.","operationId":"datacentersNatgatewaysFlowlogsPost","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}}],"requestBody":{"description":"The Flow Log to create.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/FlowLog"}}},"required":true},"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}},"Location":{"description":"Callback URL to poll async operation status.","schema":{"pattern":"https://[apiBaseUri]/requests/[requestId]/status","type":"string"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/FlowLog"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Retrieve NAT Gateway Flow Logs

> Retrieve the specified NAT Gateway Flow Log.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"FlowLog":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/FlowLogProperties"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"FlowLogProperties":{"required":["action","bucket","direction","name"],"type":"object","properties":{"name":{"type":"string","description":"The resource name."},"action":{"type":"string","description":"Specifies the traffic action pattern.","enum":["ACCEPTED","REJECTED","ALL"]},"direction":{"type":"string","description":"Specifies the traffic direction pattern.","enum":["INGRESS","EGRESS","BIDIRECTIONAL"]},"bucket":{"type":"string","description":"The bucket name of an existing IONOS Cloud Object storage bucket."}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/flowlogs/{flowLogId}":{"get":{"tags":["NAT Gateways"],"summary":"Retrieve NAT Gateway Flow Logs","description":"Retrieve the specified NAT Gateway Flow Log.","operationId":"datacentersNatgatewaysFlowlogsFindByFlowLogId","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"flowLogId","in":"path","description":"The unique ID of the Flow Log.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}}],"responses":{"200":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/FlowLog"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Modify NAT Gateway Flow Logs

> Modify the specified NAT Gateway Flow Log.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"FlowLogPut":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"URL to the object representation (absolute path).","format":"uri","readOnly":true},"properties":{"$ref":"#/components/schemas/FlowLogProperties"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"FlowLogProperties":{"required":["action","bucket","direction","name"],"type":"object","properties":{"name":{"type":"string","description":"The resource name."},"action":{"type":"string","description":"Specifies the traffic action pattern.","enum":["ACCEPTED","REJECTED","ALL"]},"direction":{"type":"string","description":"Specifies the traffic direction pattern.","enum":["INGRESS","EGRESS","BIDIRECTIONAL"]},"bucket":{"type":"string","description":"The bucket name of an existing IONOS Cloud Object storage bucket."}}},"FlowLog":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/FlowLogProperties"}}},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/flowlogs/{flowLogId}":{"put":{"tags":["NAT Gateways"],"summary":"Modify NAT Gateway Flow Logs","description":"Modify the specified NAT Gateway Flow Log.","operationId":"datacentersNatgatewaysFlowlogsPut","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"flowLogId","in":"path","description":"The unique ID of the Flow Log.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}}],"requestBody":{"description":"The modified NAT Gateway Flow Log.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/FlowLogPut"}}},"required":true},"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/FlowLog"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Delete NAT Gateway Flow Logs

> Delete the specified NAT Gateway Flow Log.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/flowlogs/{flowLogId}":{"delete":{"tags":["NAT Gateways"],"summary":"Delete NAT Gateway Flow Logs","description":"Delete the specified NAT Gateway Flow Log.","operationId":"datacentersNatgatewaysFlowlogsDelete","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"flowLogId","in":"path","description":"The unique ID of the Flow Log.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}}],"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}},"Location":{"description":"Callback URL to poll async operation status.","schema":{"pattern":"https://[apiBaseUri]/requests/[requestId]/status","type":"string"}}},"content":{}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```

## Partially modify NAT Gateway Flow Logs

> Update the properties of the specified NAT Gateway Flow Log.

```json
{"openapi":"3.0.3","info":{"title":"CLOUD API","version":"6.0"},"tags":[{"name":"NAT Gateways"}],"servers":[{"url":"https://api.ionos.com/cloudapi/v6"}],"security":[{"BasicAuthentication":[]},{"TokenAuthentication":[]}],"components":{"securitySchemes":{"BasicAuthentication":{"type":"http","description":"You will need to base64 encode the string containing your credentials. <div style=\"padding: 15px; border: 1px solid #d1ecf1; background-color: #d1ecf1; color: #0c5460; margin-bottom: 15px;\">\n  <strong>Note:</strong><br/><br/>\n  <ul><li><b>Basic Authentication</b> is supported only when <b>2-Factor \n  Authentication</b> is not configured.</li>\n  <li>Users with <b>2-Factor \n  Authentication</b> activated must generate new 2FA-secured tokens in the DCD using [Token Manager](https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager). \n  These tokens do not inherit the <b>2FA-secured</b> property by default.</li><li>Token deletion is only possible using the <b>Token Manager</b>.</li>\n</div> Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication","scheme":"basic"},"TokenAuthentication":{"type":"apiKey","description":"Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.","name":"Authorization","in":"header"}},"schemas":{"FlowLogProperties":{"required":["action","bucket","direction","name"],"type":"object","properties":{"name":{"type":"string","description":"The resource name."},"action":{"type":"string","description":"Specifies the traffic action pattern.","enum":["ACCEPTED","REJECTED","ALL"]},"direction":{"type":"string","description":"Specifies the traffic direction pattern.","enum":["INGRESS","EGRESS","BIDIRECTIONAL"]},"bucket":{"type":"string","description":"The bucket name of an existing IONOS Cloud Object storage bucket."}}},"FlowLog":{"required":["properties"],"type":"object","properties":{"id":{"type":"string","description":"The resource's unique identifier.","readOnly":true},"type":{"type":"string","description":"The type of object that has been created.","allOf":[{"$ref":"#/components/schemas/Type"}]},"href":{"type":"string","description":"The URL to the object representation (absolute path).","format":"uri","readOnly":true},"metadata":{"$ref":"#/components/schemas/DatacenterElementMetadata"},"properties":{"$ref":"#/components/schemas/FlowLogProperties"}}},"Type":{"type":"string","enum":["datacenter","server","volume","nic","loadbalancer","location","firewall-rule","flow-log","image","snapshot","lan","ipblock","pcc","contract","user","group","collection","resource","request","request-status","s3key","backupunit","label","k8s","nodepool","template","networkloadbalancer","forwarding-rule","natgateway","natgateway-rule","node","applicationloadbalancer","target-group","security-group","gpu"]},"DatacenterElementMetadata":{"type":"object","properties":{"etag":{"type":"string","description":"Resource's Entity Tag as defined in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11  Entity Tag is also added as an 'ETag response header to requests which don't use 'depth' parameter.","readOnly":true},"createdDate":{"type":"string","description":"The last time the resource was created.","format":"date-time","readOnly":true},"createdBy":{"type":"string","description":"The user who created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"The unique ID of the user who created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","description":"The last time the resource was modified.","format":"date-time","readOnly":true},"lastModifiedBy":{"type":"string","description":"The user who last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"The unique ID of the user who last modified the resource.","readOnly":true},"state":{"type":"string","description":"State of the resource. *AVAILABLE* There are no pending modification requests for this item; *BUSY* There is at least one modification request pending and all following requests will be queued; *INACTIVE* Resource has been de-provisioned; *DEPLOYING* Resource state DEPLOYING - relevant for Kubernetes cluster/nodepool; *ACTIVE* Resource state ACTIVE - relevant for Kubernetes cluster/nodepool; *FAILED* Resource state FAILED - relevant for Kubernetes cluster/nodepool; *SUSPENDED* Resource state SUSPENDED - relevant for Kubernetes cluster/nodepool; *FAILED_SUSPENDED* Resource state FAILED_SUSPENDED - relevant for Kubernetes cluster; *UPDATING* Resource state UPDATING - relevant for Kubernetes cluster/nodepool; *FAILED_UPDATING* Resource state FAILED_UPDATING - relevant for Kubernetes cluster/nodepool; *DESTROYING* Resource state DESTROYING - relevant for Kubernetes cluster; *FAILED_DESTROYING* Resource state FAILED_DESTROYING - relevant for Kubernetes cluster/nodepool; *TERMINATED* Resource state TERMINATED - relevant for Kubernetes cluster/nodepool; *HIBERNATING* Resource state HIBERNATING - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool; *MAINTENANCE* Resource state MAINTENANCE - relevant for Kubernetes cluster/nodepool; *FAILED_HIBERNATING* Resource state FAILED_HIBERNATING - relevant for Kubernetes cluster/nodepool.","readOnly":true,"enum":["AVAILABLE","INACTIVE","BUSY","DEPLOYING","ACTIVE","FAILED","SUSPENDED","FAILED_SUSPENDED","UPDATING","FAILED_UPDATING","DESTROYING","FAILED_DESTROYING","TERMINATED","HIBERNATING","FAILED_HIBERNATING","MAINTENANCE","FAILED_MAINTENANCE","UNKNOWN"]}}},"Error":{"type":"object","properties":{"httpStatus":{"type":"integer","description":"HTTP status code of the operation.","format":"int32","readOnly":true},"messages":{"type":"array","items":{"$ref":"#/components/schemas/ErrorMessage"}}}},"ErrorMessage":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code.","readOnly":true},"message":{"type":"string","description":"A human-readable message.","readOnly":true}}}}},"paths":{"/datacenters/{datacenterId}/natgateways/{natGatewayId}/flowlogs/{flowLogId}":{"patch":{"tags":["NAT Gateways"],"summary":"Partially modify NAT Gateway Flow Logs","description":"Update the properties of the specified NAT Gateway Flow Log.","operationId":"datacentersNatgatewaysFlowlogsPatch","parameters":[{"name":"datacenterId","in":"path","description":"The unique ID of the data center.","required":true,"schema":{"type":"string"}},{"name":"natGatewayId","in":"path","description":"The unique ID of the NAT Gateway.","required":true,"schema":{"type":"string"}},{"name":"flowLogId","in":"path","description":"The unique ID of the Flow Log.","required":true,"schema":{"type":"string"}},{"name":"pretty","in":"query","description":"Controls whether the response is pretty-printed (with indentations and new lines).","schema":{"type":"boolean","default":true}},{"name":"depth","in":"query","description":"Controls the detail depth of the response objects. \nGET /datacenters/[ID]\n\t- depth=0: Only direct properties are included; children (servers and other elements) are not included.\n\t- depth=1: Direct properties and children references are included.\n\t- depth=2: Direct properties and children properties are included.\n\t- depth=3: Direct properties and children properties and children's children are included.\n\t- depth=... and so on","schema":{"maximum":10,"minimum":0,"type":"integer","format":"int32","default":0}}],"requestBody":{"description":"The properties of the Flow Log to be updated.","content":{"*/*":{"schema":{"$ref":"#/components/schemas/FlowLogProperties"}}},"required":true},"responses":{"202":{"description":"Successful operation","headers":{"X-RateLimit-Remaining":{"description":"The number of requests that can still be made without triggering a failure response.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Limit":{"description":"The average number of requests per minute allowed.","schema":{"type":"integer","format":"int32"}},"X-RateLimit-Burst":{"description":"The maximum number of concurrent API requests allowed.","schema":{"type":"integer","format":"int32"}}},"content":{"application/json":{"schema":{"$ref":"#/components/schemas/FlowLog"}}}},"default":{"description":"Any erroneous status code: 400 (parse error), 401 (auth error), 402 (trial access), 403 (insufficient privileges), 404 (not found), 405 (unsupported HTTP method), 415 (unsupported content type, 422 (validation error), 429 (request rate limit exceeded), 500 (server error), or 503 (maintenance).","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}}}
```