azurermLbNatRule

Manages a Load Balancer NAT Rule.

-> NOTE: This resource cannot be used with with virtual machine scale sets, instead use the azurermLbNatPool resource.

\~> NOTE When using this resource, the Load Balancer needs to have a FrontEnd IP Configuration Attached

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "LoadBalancerRG",
  }
);
const azurermPublicIpExample = new azurerm.publicIp.PublicIp(
  this,
  "example_1",
  {
    allocation_method: "Static",
    location: "West US",
    name: "PublicIPForLB",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermPublicIpExample.overrideLogicalId("example");
const azurermLbExample = new azurerm.lb.Lb(this, "example_2", {
  frontend_ip_configuration: [
    {
      name: "PublicIPAddress",
      public_ip_address_id: azurermPublicIpExample.id,
    },
  ],
  location: "West US",
  name: "TestLoadBalancer",
  resource_group_name: azurermResourceGroupExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermLbExample.overrideLogicalId("example");
const azurermLbBackendAddressPoolExample =
  new azurerm.lbBackendAddressPool.LbBackendAddressPool(this, "example_3", {
    loadbalancer_id: azurermLbExample.id,
    name: "be",
    resource_group_name: azurermResourceGroupExample.name,
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermLbBackendAddressPoolExample.overrideLogicalId("example");
const azurermLbNatRuleExample = new azurerm.lbNatRule.LbNatRule(
  this,
  "example_4",
  {
    backend_port: 3389,
    frontend_ip_configuration_name: "PublicIPAddress",
    frontend_port: 3389,
    loadbalancer_id: azurermLbExample.id,
    name: "RDPAccess",
    protocol: "Tcp",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermLbNatRuleExample.overrideLogicalId("example");
new azurerm.lbNatRule.LbNatRule(this, "example1", {
  backend_address_pool_id: azurermLbBackendAddressPoolExample.id,
  backend_port: 3389,
  frontend_ip_configuration_name: "PublicIPAddress",
  frontend_port_end: 3389,
  frontend_port_start: 3000,
  loadbalancer_id: azurermLbExample.id,
  name: "RDPAccess",
  protocol: "Tcp",
  resource_group_name: azurermResourceGroupExample.name,
});

Argument Reference

The following arguments are supported:

name - (Required) Specifies the name of the NAT Rule. Changing this forces a new resource to be created.
resourceGroupName - (Required) The name of the resource group in which to create the resource. Changing this forces a new resource to be created.
loadbalancerId - (Required) The ID of the Load Balancer in which to create the NAT Rule. Changing this forces a new resource to be created.
frontendIpConfigurationName - (Required) The name of the frontend IP configuration exposing this rule.
protocol - (Required) The transport protocol for the external endpoint. Possible values are udp, tcp or all.
frontendPort - (Optional) The port for the external endpoint. Port numbers for each Rule must be unique within the Load Balancer. Possible values range between 1 and 65534, inclusive.
backendPort - (Required) The port used for internal connections on the endpoint. Possible values range between 1 and 65535, inclusive.
frontendPortStart - (Optional) The port range start for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeEnd. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. Acceptable values range from 1 to 65534, inclusive.
frontendPortEnd - (Optional) The port range end for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeStart. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. Acceptable values range from 1 to 65534, inclusive.
backendAddressPoolId - (Optional) Specifies a reference to backendAddressPool resource.
idleTimeoutInMinutes - (Optional) Specifies the idle timeout in minutes for TCP connections. Valid values are between 4 and 30 minutes. Defaults to 4 minutes.
enableFloatingIp - (Optional) Are the Floating IPs enabled for this Load Balancer Rule? A "floating” IP is reassigned to a secondary server in case the primary server fails. Required to configure a SQL AlwaysOn Availability Group. Defaults to false.
enableTcpReset - (Optional) Is TCP Reset enabled for this Load Balancer Rule?

Attributes Reference

The following attributes are exported:

id - The ID of the Load Balancer NAT Rule.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

create - (Defaults to 30 minutes) Used when creating the Load Balancer NAT Rule.
update - (Defaults to 30 minutes) Used when updating the Load Balancer NAT Rule.
read - (Defaults to 5 minutes) Used when retrieving the Load Balancer NAT Rule.
delete - (Defaults to 30 minutes) Used when deleting the Load Balancer NAT Rule.

Import

Load Balancer NAT Rules can be imported using the resourceId, e.g.

terraform import azurerm_lb_nat_rule.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Network/loadBalancers/lb1/inboundNatRules/rule1