chore: enable dynamic port allocation on workflows NAT

aspect-build · Nov 22, 2023 · e968606 · e968606
1 parent 4727dbd
commit e968606
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 0 deletions.
diff --git a/.aspect/workflows/terraform/.terraform.lock.hcl b/.aspect/workflows/terraform/.terraform.lock.hcl
diff --git a/.aspect/workflows/terraform/vpc.tf b/.aspect/workflows/terraform/vpc.tf
@@ -45,4 +45,13 @@ resource "google_compute_router_nat" "nat" {
   router                             = google_compute_router.router.name
   nat_ip_allocate_option             = "AUTO_ONLY"
   source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
+
+  # Allow the ports assigned to each VM scale up and down as needed
+  # https://cloud.google.com/nat/docs/ports-and-addresses#dynamic-port
+  enable_dynamic_port_allocation = true
+  # Must be disabled when dynamic port allocation is enabled (default is true)
+  enable_endpoint_independent_mapping = false
+  # The min number of ports can be tuned by monitoring port usage:
+  # https://cloud.google.com/nat/docs/tune-nat-configuration#choose-minimum
+  min_ports_per_vm = 32
 }