Cloud NAT

GCP-managed high-performance Network Address Translation.

AI at the edge

Controlled access to the internet, made simple

Just because an application is running in the cloud, doesn’t mean you want it to be accessible to the outside world. Cloud NAT, Google Cloud’s managed Network Address Translation service, enables you to provision your application instances without public IP addresses while also allowing them to access the internet — for updates, patching, config management, and more — in a controlled and efficient manner. Outside resources cannot directly access any of the private instances behind the Cloud NAT gateway, helping to keep your Google Cloud VPCs isolated and secure.

High performance NAT

As a software-defined solution with no managed middle proxy, Cloud NAT's chokepoint-free design delivers high reliability, performance, and scalability.

Works with all your workloads

At Google Cloud, we are committed to being the cloud of choice for all workloads, so we designed the Cloud NAT service to work with both Compute Engine and Google Kubernetes Engine (GKE).

Scalable by design

Designed specifically for highly scalable application deployments, a single Cloud NAT gateway can be configured to handle multiple NAT IP addresses and can scale based on the size of your network, without the need for multiple NAT gateways.

Regional high availability

We understand the importance of keeping your applications up and running at all times. That’s why we designed Cloud NAT with reliability in mind: even if a zone goes down, Cloud NAT stays available across the region.

Flexible IP address allocation

Choose your NAT IP allocation based on your specific requirements. Manual mode gives you full control when specifying IPs, while auto mode enables the NAT IPs to be allocated and scaled automatically, based on the number of instances.

Features

Managed NAT service

Delivers a GCP-managed Network Address Translation service. Cloud NAT allows you to get the benefits of Network Address Translation without having to deploy and maintain your own NAT Gateways.

Flexible

Supports both Compute Engine virtual machines (VMs) and Google Kubernetes Engine (containers).

Multiple NAT IPs per gateway

Support for configuring multiple NAT IP addresses per NAT gateway.

Timeout timers

Configurable NAT timeout timers. Timers for managing Network Address Translation entries are customizable and can be configured using both Console and through APIs.

NAT for all

Can provide NAT for all subnets in a VPC region with a single NAT gateway, irrespective of the number of instances in those subnets.

High availability

Regional high availability; if a zone is unavailable, the NAT gateway itself continues to be available.

Pricing

For pricing, see this page.

I configured Cloud NAT to see how it would handle our existing Google Cloud deployment, and everything worked out of the box, and exactly as specified.

Wietse Muizelaar, Lead System Engineer, bol.com

Resources

Try tutorials, launch quickstarts, and more.

Cloud NAT documentation

Cloud NAT resources

Cloud NAT overview

Cloud NAT Deep Dive

Google Cloud

Get started

Learn and build

New to GCP? Get started with any GCP product for free with a $300 credit.

Need more help?

Our experts will help you build the right solution or find the right partner for your needs.