Unable To Use Google Compute Address For Cloud NAT

[brianpham]

TL;DR

When trying to specify the nat_ips, there is a 404 error saying the resource is not found. I am able to manually create the cloud NAT with the same IP that was created without the error.

Expected behavior

NAT should be created without any issues

Observed behavior

Error: Error creating RouterNat: googleapi: Error 404: The resource 'projects/<projectname>/regions/us-west1/addresses/34.83.95.163' was not found, notFound

Terraform Configuration

locals {
  address      = var.create_address ? join("", google_compute_address.default.*.address) : var.address
}

resource "google_compute_router" "router" {
  name        = var.name
  network     = var.network
#   region      = var.region
#   project     = var.project
  description = var.description
  dynamic "bgp" {
    for_each = var.bgp != null ? [var.bgp] : []
    content {
      asn = var.bgp.asn

      # advertise_mode is intentionally set to CUSTOM to not allow "DEFAULT".
      # This forces the config to explicitly state what subnets and ip ranges
      # to advertise. To advertise the same range as DEFAULT, set
      # `advertise_groups = ["ALL_SUBNETS"]`.
      advertise_mode     = lookup(var.bgp, "advertise_mode", null)
      advertised_groups  = lookup(var.bgp, "advertised_groups", null)
      keepalive_interval = lookup(var.bgp, "keepalive_interval", null)

      dynamic "advertised_ip_ranges" {
        for_each = lookup(var.bgp, "advertised_ip_ranges", [])
        content {
          range       = advertised_ip_ranges.value.range
          description = lookup(advertised_ip_ranges.value, "description", null)
        }
      }
    }
  }
}

# Reserve regional ip address for cloud nat
resource "google_compute_address" "default" {
  count      = var.create_address ? 1 : 0
  # project    = var.project
  name       = "${var.name}-address"
}

resource "google_compute_router_nat" "nats" {
  for_each = {
    for n in var.nats :
    n.name => n
  }

  name                               = each.value.name
#   project                            = google_compute_router.router.project
  router                             = google_compute_router.router.name
#   region                             = google_compute_router.router.region
  nat_ip_allocate_option             = lookup(each.value, "nat_ip_allocate_option", length(lookup(each.value, "nat_ips", [])) > 0 ? "MANUAL_ONLY" : "AUTO_ONLY")
  source_subnetwork_ip_ranges_to_nat = lookup(each.value, "source_subnetwork_ip_ranges_to_nat", "ALL_SUBNETWORKS_ALL_IP_RANGES")

#   nat_ips                             = lookup(each.value, "nat_ips", null)
  nat_ips             = [local.address]
  min_ports_per_vm                    = lookup(each.value, "min_ports_per_vm", null)
  udp_idle_timeout_sec                = lookup(each.value, "udp_idle_timeout_sec", null)
  icmp_idle_timeout_sec               = lookup(each.value, "icmp_idle_timeout_sec", null)
  tcp_established_idle_timeout_sec    = lookup(each.value, "tcp_established_idle_timeout_sec", null)
  tcp_transitory_idle_timeout_sec     = lookup(each.value, "tcp_transitory_idle_timeout_sec", null)
  enable_endpoint_independent_mapping = lookup(each.value, "enable_endpoint_independent_mapping", null)

  log_config {
    enable = false
    filter = lookup(lookup(each.value, "log_config", {}), "filter", "ALL")
  }

  dynamic "subnetwork" {
    for_each = lookup(each.value, "subnetworks", [])
    content {
      name                     = subnetwork.value.name
      source_ip_ranges_to_nat  = subnetwork.value.source_ip_ranges_to_nat
      secondary_ip_range_names = lookup(subnetwork.value, "secondary_ip_range_names", null)
    }
  }
}

### Terraform Version

```sh
Terraform v1.2.3
on darwin_arm64
+ provider registry.terraform.io/hashicorp/google v4.27.0

Additional information

No response

[brianpham]

Closing this issue. Looks like the nats_ip should resolve to a self link and not an actual ip address.