kubernetes_ip_demo/terraform/public_nat.tf

# This enables NAT to external IP addresses so our GKE nodes do not need public IP addresses because this demo is going to spin up a lot of nodes.

resource "google_compute_router" "router" {
  project = google_project.project.project_id
  name    = "snat-router"
  network = google_compute_network.default.id
  region  = google_compute_subnetwork.default.region
}

resource "google_compute_router_nat" "nat" {
  project                            = google_project.project.project_id
  name                               = "my-router-nat"
  router                             = google_compute_router.router.name
  region                             = google_compute_router.router.region
  nat_ip_allocate_option             = "AUTO_ONLY"
  source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"

  log_config {
    enable = true
    filter = "ERRORS_ONLY"
  }
}