Cette section explique comment gérer les adresses IP NAT pour les instances Apigee.
Apigee fournit des adresses IP éphémères et des adresses IP dédiées. Dans de nombreuses instances, les adresses IP éphémères sont suffisantes.
Si votre backend ne nécessite pas l'établissement de la liste d'adresses IP, vous n'avez pas besoin de gérer les adresses IP NAT et Apigee attribue automatiquement des adresses IP éphémères pour la sortie.
Si vous avez besoin d'établir la liste d'adresses IP, vous pouvez réserver et activer des adresses IP afin qu'Apigee utilise des adresses IP statiques pour le trafic de sortie.
Configurer le provisionnement des adresses IP NAT Apigee
Pour définir le provisionnement IP NAT pour votre instance Apigee, procédez comme suit :
Créez et remplissez les variables d'environnement suivantes :
YOUR_PROJECT_ID est l'ID de projet Cloud que vous avez créé dans le cadre des conditions préalables.
Si vous ne connaissez pas l'ID de votre projet, utilisez la console Cloud ou la commande gcloud projects list pour le trouver.
YOUR_ORG_ID est l'ID de votre organisation Apigee.
YOUR_INSTANCE_NAME est le nom de votre instance Apigee.
1st_NAT_IP_ID est le nom que vous attribuez à cette adresse IP NAT, par exemple : nat-1. La valeur de ce paramètre ne doit pas dépasser 20 caractères.
Réservez une adresse IP NAT avec les commandes suivantes :
Sur la ligne de commande, obtenez vos identifiants d'authentification gcloud, comme le montre l'exemple suivant :
TOKEN=$(gcloud auth print-access-token)
Pour vérifier que votre jeton a été renseigné, utilisez echo, comme le montre l'exemple suivant :
echo $TOKEN
Votre jeton doit s'afficher sous forme de chaîne encodée.
La commande permettant de réserver l'adresse IP NAT affiche l'opération de longue durée. Par conséquent, la commande indiquée ici attribue la sortie à une variable operation_name :
Sauf indication contraire, le contenu de cette page est régi par une licence Creative Commons Attribution 4.0, et les échantillons de code sont régis par une licence Apache 2.0. Pour en savoir plus, consultez les Règles du site Google Developers. Java est une marque déposée d'Oracle et/ou de ses sociétés affiliées.
Dernière mise à jour le 2025/09/04 (UTC).
[[["Facile à comprendre","easyToUnderstand","thumb-up"],["J'ai pu résoudre mon problème","solvedMyProblem","thumb-up"],["Autre","otherUp","thumb-up"]],[["Difficile à comprendre","hardToUnderstand","thumb-down"],["Informations ou exemple de code incorrects","incorrectInformationOrSampleCode","thumb-down"],["Il n'y a pas l'information/les exemples dont j'ai besoin","missingTheInformationSamplesINeed","thumb-down"],["Problème de traduction","translationIssue","thumb-down"],["Autre","otherDown","thumb-down"]],["Dernière mise à jour le 2025/09/04 (UTC)."],[[["\u003cp\u003eThis guide focuses on managing NAT IPs for Apigee, excluding Apigee hybrid, and directing users to the Apigee Edge documentation for further information.\u003c/p\u003e\n"],["\u003cp\u003eApigee uses ephemeral IPs by default, automatically managing them for egress traffic unless IP allow-listing is required.\u003c/p\u003e\n"],["\u003cp\u003eTo use static IPs for egress, users can reserve and activate dedicated NAT IPs by creating and populating specific environment variables like \u003ccode\u003ePROJECT_ID\u003c/code\u003e, \u003ccode\u003eORG_ID\u003c/code\u003e, \u003ccode\u003eINSTANCE_NAME\u003c/code\u003e, and \u003ccode\u003eNAT_ID\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eReserving and activating NAT IPs involve using \u003ccode\u003egcloud\u003c/code\u003e authentication credentials and running commands to create and activate them, which requires polling long-running operations to confirm completion.\u003c/p\u003e\n"],["\u003cp\u003eUsers can manage the lifecycle of NAT IPs, with states including \u003ccode\u003eCREATING\u003c/code\u003e, \u003ccode\u003eRESERVED\u003c/code\u003e, \u003ccode\u003eACTIVE\u003c/code\u003e, and \u003ccode\u003eDELETING\u003c/code\u003e, and list or delete them using provided commands.\u003c/p\u003e\n"]]],[],null,["# Provisioning NAT IPs\n\n*This page\napplies to **Apigee** , but not to **Apigee hybrid**.*\n\n\n*View [Apigee Edge](https://docs.apigee.com/api-platform/get-started/what-apigee-edge) documentation.*\n\nThis section describes how to manage the NAT IPs for Apigee instances.\n\nApigee provides ephemeral IPs and dedicated IPs. In many cases, ephemeral IPs are sufficient.\nIf your backend doesn't require IP allow-listing, you will not need to manage NAT IPs, and Apigee\nwill automatically allocate ephemeral IPs for egress.\n\nIf you require IP allow-listing, you can reserve and activate IPs so that Apigee uses static IPs\nfor egress traffic.\n\nSet up Apigee NAT IP provisioning\n---------------------------------\n\n**To set NAT IP provisioning for your Apigee instance:**\n\n1. Create and populate the following environment variables:\n\n ### Variables\n\n PROJECT_ID=YOUR_PROJECT_ID\n ORG_ID=\u003cvar translate=\"no\"\u003eYOUR_ORG_ID\u003c/var\u003e\n INSTANCE_NAME=\u003cvar translate=\"no\"\u003eYOUR_INSTANCE_NAME\u003c/var\u003e\n NAT_ID=\u003cvar translate=\"no\"\u003e1st_NAT_IP_ID\u003c/var\u003e\n\n ### Example\n\n PROJECT_ID=apigee-saas-prod\n ORG_ID=apigee-saas-prod\n INSTANCE_NAME=prod-us-west1-instance1\n NAT_ID=nat-1\n\n Where:\n - \u003cvar translate=\"no\"\u003eYOUR_PROJECT_ID\u003c/var\u003e is the Cloud project ID that you created as part of the [Prerequisites](/apigee/docs/api-platform/get-started/overview#prerequisites). If you're not sure what your project ID is, use Cloud console or the `gcloud projects list` command to find it.\n - \u003cvar translate=\"no\"\u003eYOUR_ORG_ID\u003c/var\u003e is your Apigee organization ID.\n - \u003cvar translate=\"no\"\u003eYOUR_INSTANCE_NAME\u003c/var\u003e is the name of your Apigee instance.\n - \u003cvar translate=\"no\"\u003e1st_NAT_IP_ID\u003c/var\u003e is the name you are assigning to this NAT IP address; for example, `nat-1`. The value of this parameter must not exceed 20 characters.\n2. Reserve a NAT IP with the following commands: **Note:** These commands can take several minutes to execute.\n 1. On the command line, get your `gcloud` authentication credentials, as the following example shows:\n\n ```\n TOKEN=$(gcloud auth print-access-token)\n ```\n\n To check that your token was populated, use `echo`, as the following example shows: \n\n ```\n echo $TOKEN\n ```\n\n This should display your token as an encoded string.\n\n For more information, see\n [gcloud command-line tool overview](https://cloud.google.com/sdk/gcloud/).\n 2. The command to reserve the NAT IP returns the long-running operation. Therefore the command as shown here assigns the output to a variable `operation_name`: \n\n ```\n operation_name=$(curl -H \"Authorization: Bearer $TOKEN\" \\\n \"https://apigee.googleapis.com/v1/organizations/${ORG_ID}/instances/${INSTANCE_NAME}/natAddresses\" \\\n -X POST -H \"content-type:application/json\" -d \"{\\\"name\\\":\\\"${NAT_ID}\\\"}\" | jq -r '.name')\n ```\n 3. Poll the long-running operation until it shows a status of `done: true` by executing the following request: \n\n ```\n curl -s -H \"Authorization: Bearer $TOKEN\" \"https://apigee.googleapis.com/v1/$operation_name\"\n ```\n3. After the operation is completed, activate the NAT IP with the following commands: **Note:** These commands can take several minutes to execute.\n 1. Activate the IP and assign the long-running operation name to `operation_name`: \n\n ```\n operation_name=$(curl -H \"Authorization: Bearer $TOKEN\" \\\n \"https://apigee.googleapis.com/v1/organizations/${ORG_ID}/instances/${INSTANCE_NAME}/natAddresses/${NAT_ID}:activate\" \\\n -X POST -H \"content-type:application/json\" -d \"{}\" | jq -r '.name')\n ```\n 2. Poll the long-running operation until it shows a status of `done: true`: \n\n ```\n curl -s -H \"Authorization: Bearer $TOKEN\" \"https://apigee.googleapis.com/v1/$operation_name\"\n ```\n4. Repeat this procedure with a new NAT IP name for each NAT IP you neet to set up.\n\nFetching NAT IPs\n----------------\n\nList the NAT IPs for an instance with the following command: \n\n```\ncurl -H \"Authorization: Bearer $TOKEN\" \\\n \"https://apigee.googleapis.com/v1/organizations/${ORG_ID}/instances/${INSTANCE_NAME}/natAddresses\"\n```\n\nAn example response would look like: \n\n```\n{\n \"natAddresses\": [\n {\n \"name\": \"nat-1\",\n \"ipAddress\": \"35.203.160.18\",\n \"state\": \"ACTIVE\"\n },\n {\n \"name\": \"nat-2\",\n \"ipAddress\": \"35.230.14.174\",\n \"state\": \"RESERVED\"\n },\n {\n \"name\": \"nat-3\",\n \"state\": \"CREATING\"\n }\n ]\n}\n```\n\n### States of a NAT IP\n\n- `CREATING `: The NAT IP creation is pending. Not ready to be used.\n- `RESERVED`: The NAT IP has been created but not used. This gives you the opportunity to allow-list this IP before activating it.\n- `ACTIVE`: The NAT IP is being used to send egress traffic.\n- `DELETING`: The NAT IP is being deleted.\n\nDeleting NAT IPs\n----------------\n\nYou can delete NAT IPs with the following command:\n\n1. Delete the IP and assign the output to \"`operation_name`.\" \n\n ```\n operation_name=$(curl -H \"Authorization: Bearer $TOKEN\" \\\n \"https://apigee.googleapis.com/v1/organizations/${ORG_ID}/instances/${INSTANCE_NAME}/natAddresses/${NAT_ID}\" \\\n -X DELETE | jq -r '.name')\n ```\n2. Poll the long-running operation until it shows a status of `done: true`. \n\n ```\n curl -s -H \"Authorization: Bearer $TOKEN\" \"https://apigee.googleapis.com/v1/$operation_name\"\n ```"]]