added cloud nat options

gadiener · Jan 28, 2020 · 373b5c6 · 373b5c6
1 parent dcbbb14
commit 373b5c6
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 0 deletions.
diff --git a/nat/main.tf b/nat/main.tf
@@ -26,8 +26,18 @@ resource "google_compute_router_nat" "router-nat" {
   nat_ip_allocate_option             = "MANUAL_ONLY"
   nat_ips                            = google_compute_address.address.*.self_link
   source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
+
+  min_ports_per_vm = var.min_ports_per_vm
+  tcp_established_idle_timeout_sec = var.tcp_established_idle_timeout_sec
+  tcp_transitory_idle_timeout_sec = var.tcp_transitory_idle_timeout_sec
+
   subnetwork {
     name                    = var.subnetwork
     source_ip_ranges_to_nat = ["ALL_IP_RANGES"]
   }
+
+  log_config {
+    enable = var.enable_error_log
+    filter = "ERRORS_ONLY"
+  }
 }
diff --git a/nat/variables.tf b/nat/variables.tf
@@ -14,7 +14,27 @@ variable "subnetwork" {
   description = "Router subnetwork link"
 }
 
+variable "min_ports_per_vm" {
+  description = "Minimum number of ports allocated to a VM"
+  default = "64"
+}
+
+variable "tcp_established_idle_timeout_sec" {
+  description = "Timeout in seconds for TCP established connections"
+  default = 1200
+}
+
+variable "tcp_transitory_idle_timeout_sec" {
+  description = "Timeout in seconds for TCP transitory connections"
+  default = 30
+}
+
 variable "address_count" {
   description = "Address count"
   default     = 1
 }
+
+variable "enable_error_log" {
+  description = "Enable error log"
+  default     = true
+}