Support Max ports per VM setting

Question

Support Max ports per VM setting

jeheyer opened this issue 2 years ago · 1 comments

TL;DR

There can be scenarios where it's desirable to set a reasonable limit on the number of sessions that a single VM can create, for example to prevent a load test from exhausting all NAT ports or contain a denial of service condition.

Terraform Resources

https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_router_nat#max_ports_per_vm

Detailed design

This setting can only be used when **enable_dynamic_port_allocation = true**

variable "enable_dpa" {
  type = bool
  description = Specifies to enable Dynamic Port Allocation"
  default = true
}
variable "max_ports_per_vm" {
  type        = string
  description = "Max ports per VM (only relevant if DPA is enabled)"
  default     = "32768"
}
resource "google_compute_router_nat" "default" {
  enable_dynamic_port_allocation      = var.enable_dpa
  min_ports_per_vm                    = var.min_ports_per_vm
  max_ports_per_vm                    = var.enable_dpa ? var.max_ports_per_vm : null
}

Additional information

No response

Answer 1 · 2023-02-01T23:09:54.000Z

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days