Catch up on the latest product launches, demos, and trainings from Next '23. Let's go.

Cloud NAT

Google Cloud-managed high-performance network address translation.

View documentation for this product.

Two people on laptops and a device try to access the internet. A secure cloud denies access to one laptop user and approves the other laptop user and the device

Controlled access to the internet, made simple

Just because an application is running in the cloud, doesn't mean you want it to be accessible to the outside world. Cloud NAT, Google Cloud's managed network address translation service, enables you to provision your application instances without public IP addresses while also allowing them to access the internet—for updates, patching, config management, and more—in a controlled and efficient manner. Outside resources cannot directly access any of the private instances behind the Cloud NAT gateway, helping to keep your Google Cloud VPCs isolated and secure.

What's new

icon

High performance NAT

As a software-defined solution with no managed middle proxy, Cloud NAT's chokepoint-free design delivers high reliability, performance, and scalability.

icon

Works with all your workloads

At Google Cloud, we are committed to being the cloud of choice for all workloads, so we designed the Cloud NAT service to work with both Compute Engine and Google Kubernetes Engine (GKE).

icon

Scalable by design

Designed specifically for highly scalable application deployments, a single Cloud NAT gateway can be configured to handle multiple NAT IP addresses and can scale based on the size of your network, without the need for multiple NAT gateways.

icon

Regional high availability

We understand the importance of keeping your applications up and running at all times. That’s why we designed Cloud NAT with reliability in mind: even if a zone goes down, Cloud NAT stays available across the region.

icon

Flexible IP address allocation

Choose your NAT IP allocation based on your specific requirements. Manual mode gives you full control when specifying IPs, while auto mode enables the NAT IPs to be allocated and scaled automatically, based on the number of instances.

Features

Managed NAT service

Delivers a Google Cloud-managed network address translation service. Cloud NAT allows you to get the benefits of network address translation without having to deploy and maintain your own NAT gateways.

Flexible

Supports both Compute Engine virtual machines (VMs) and Google Kubernetes Engine (containers).

Multiple NAT IPs per gateway

Support for configuring multiple NAT IP addresses per NAT gateway.

Timeout timers

Configurable NAT timeout timers. Timers for managing network address translation entries are customizable and can be configured using both Console and through APIs.

NAT for all

Can provide NAT for all subnets in a VPC region with a single NAT gateway, irrespective of the number of instances in those subnets.

High availability

Regional high availability; if a zone is unavailable, the NAT gateway itself continues to be available.

Macy's logo

"We needed a way to securely fetch updates for our internal workloads. Cloud NAT was able to prevent inbound public internet access while enabling selective outbound communication. Scalability and performance issues have become things of the past, and best of all, we didn’t need to compromise on security."

Mark Delapenha, Staff, Security Engineer, Macy's

Read story

Pricing

Please visit our pricing page for details.

Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products.

Need help getting started?
Work with a trusted partner
Continue browsing

Take the next step

Start your next project, explore interactive tutorials, and manage your account.

Need help getting started?
Work with a trusted partner
Get tips & best practices