This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

VPC

1: Overview

1.1: ServiceWatch Metrics

2: How-to guides

2.1: Subnet
2.2: Port
2.3: Internet Gateway
2.4: NAT Gateway
2.5: Public IP
2.6: Private NAT
2.7: VPC Endpoint
2.8: VPC Peering
2.9: Transit Gateway
2.10: PrivateLink Service
2.11: PrivateLink Endpoint
2.12: NAT Logging

3: API Reference

4: CLI Reference

5: Release Note

1 - Overview

Service Overview

Samsung Cloud Platform provides VPC services to support the use of a logically isolated, customer-dedicated private network space in the cloud environment.
VPC (Virtual Private Cloud) is a service that provides a logically isolated, customer-dedicated private network space in a cloud environment. Depending on the use case, you can create a General Subnet and a Local Subnet for communication between servers, and freely select NAT Gateway and Internet Gateway to configure various networks. You can create multiple VPCs and operate them independently. VPC Peering enables connectivity configuration between VPCs.

Service Architecture Diagram

Component

Subnet

A Subnet refers to the IP address range of a VPC. Depending on the purpose, use a General Subnet to create Subnets for Public or Private use. It is a service that lets users segment the network within a VPC to match their purpose and scale. Subnet provides a regular Subnet and a Local Subnet for communication between servers.

General Subnet Creation/Query/Deletion: When creating a VPC, a Subnet is created by default and can be used according to its purpose. For example, you can separate and use a Public Subnet that can access the Internet and a Private Subnet that cannot.
VPC Endpoint Subnet Create/Read/Delete: Access to the Samsung Cloud Platform is possible via a private connection from an external network linked to the VPC, enabling entry into the VPC.
Local Subnet Creation/Query/Deletion: It does not allow connections to other subnets or external access, and only permits direct connections between Virtual Server-Virtual Server or Bare Metal Server-Bare Metal Server, so it can be configured only for Virtual Server-Virtual Server communication within the VPC.

Subnet types

It denotes a Sub_network, an IP address space subdivided into smaller units for use in an IP network. Subnet types are divided based on how routing for the Subnet is configured.

type	Detailed description
Public Subnet	A Subnet that can access the internet can be configured using a General Subnet.
Private Subnet	A Subnet that cannot access the internet can be configured using a General Subnet.
VPC Endpoint Subnet	Subnet configuration that can be used for a VPC Endpoint
Local Subnet	Configure a subnet that cannot connect to other subnets or external networks.

Table. Subnet type

Internet Gateway

Create an Internet Gateway to connect it to a VPC, view its details, or delete an unused Internet Gateway. You can use an Internet Gateway to connect VPC resources to the Internet.
You can assign a Public IP to instances and load balancers that are connected to the internet, allowing external access.

NAT Gateway

You can create a NAT Gateway, connect it to a subnet, view its details, or delete an unused NAT Gateway.
To create a NAT Gateway for a subnet, you must first create an Internet Gateway and attach it to the VPC. When you create a NAT Gateway, internet access is allowed for all resources in the subnet. To restrict internet access, apply firewall rules.
A NAT Gateway can be created for the General type, and it is a service that maps a single representative public IP to a Virtual Server without a public IP NAT for outbound internet usage.

Public IP

If you want to use the same IP address each time you stop and start an instance, reserve a Public IP and use it.
This is a service that creates a desired public IP within the available Public IP Pool of Samsung Cloud Platform and assigns it to compute resources for use.
Compute resources assigned with the designated public IP will not have their IP changed even after reboot.

Port

Provides a connection point to attach a single device, such as a server’s NIC, to the network. This enables adding additional NICs beyond the default provision.

VPC Endpoint

Provides an entry point for the VPC that enables access to the Samsung Cloud Platform via a private connection from an external network connected to the VPC.

VPC Peering

You can communicate via IP through a 1:1 private route between VPCs. By default, peering is provided between VPCs in the same account, and only one connection is allowed between different accounts.

Private NAT

From compute resources within the VPC, you can use Direct Connect to map the customer’s IP and establish a connection.

Transit Gateway

Transit Gateway is a gateway service that easily connects the customer’s network with the Samsung Cloud Platform network and serves as a connection hub for multiple VPCs within the cloud environment.
Through the Transit Gateway, you can configure a variety of network topologies that meet customer requirements. Additionally, it provides independent firewall configurations and routing capabilities for each connected network segment, enabling thorough security management.

PrivateLink

It is a service that connects internal Samsung Cloud Platform data to a private path between the VPC and the SCP service without exposing it to the internet.

PrivateLink Service is for service providers, and PrivateLink Endpoint is for service users.

Constraints

Samsung Cloud Platform’s VPC limits the number of VPCs and subnets that can be created as follows.

Category	Default quota	Detailed description
VPC	5	Default VPC creation limit per account
VPC IP range	6	Number of IP range creation limits per VPC (default 1 + additional 5)
VPC Peering	5	VPC Peering creation limit per account
Subnet	3	Maximum number of default subnets per VPC
Private NAT	3	Default Private NAT creation limit per VPC
Transit Gateway	3	Maximum number of Transit Gateways per account
Transit Gateway connection from VPC	5	Maximum number of VPC connections per Transit Gateway (only the same account can be connected)

Table. VPC constraints

Prior Service

VPC has no prerequisite services.

1.1 - ServiceWatch Metrics

VPC - Internet Gateway sends metrics to ServiceWatch. The metrics provided by default monitoring are data collected at 5‑minute intervals.

Reference

For how to view metrics in ServiceWatch, refer to the ServiceWatch guide.

Basic Metrics

Internet Gateway

The following are the basic metrics for the Internet Gateway namespace.

The indicators whose names are shown in bold below are the indicators selected as major indicators among the basic indicators provided by Internet Gateway. Key metrics are used to configure service dashboards that are automatically built for each service in ServiceWatch.

Each metric provides guidance in the user guide on which statistical value is meaningful to query, and among the meaningful statistics, the values displayed in bold text are the primary statistics. In the service dashboard, primary metrics can be viewed using the primary statistical values.

Performance items	Detailed description	unit	Meaningful statistics
Network In Total Bytes_Internet	Cumulative traffic volume from Internet Gateway → VPC	Bytes	Total Average Maximum Minimum
Network Out Total Bytes _Internet	Cumulative traffic volume heading from VPC → Internet Gateway	Bytes	Total Average Maximum Minimum
Network In Total Bytes _Internet_Delta	Cumulative traffic volume over 5 minutes from Internet Gateway → VPC (Internet)	Bytes	Total Average Maximum
Network Out Total Bytes _Internet_Delta	Cumulative traffic volume over 5 minutes from VPC → Internet Gateway (Internet)	Bytes	Total Average Maximum Minimum

Table. VPC - Internet Gateway Basic Metrics

2 - How-to guides

Users can create the service by entering the required information for the VPC service and selecting detailed options through the Samsung Cloud Platform Console.

Create VPC

You can create and use a VPC service in the Samsung Cloud Platform Console.

To create a VPC, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.

On the Service Home page, click the Create VPC button. You will be taken to the Create VPC page.

In the Service Information Input area, enter or select the required information.

Category	Required	Detailed description
VPC name	Required	Name of the VPC to create Enter using English letters and numbers, 3 to 20 characters
IP range	Required	IP range to use in IP range format `/16 ~ /28` enter within the range Example: `192.168.0.0/24`
Explanation	Select	Enter description for VPC

Table. VPC Service Information Input Items

Enter or select the required information in the Additional Information Input area.
Category
Required status
Detailed description
tag Select Add Tag
Up to 50 can be added per resource
After clicking the Add Tag button, enter or select Key, Value values
Table. VPC additional information input fields

Summary Check the detailed information and estimated billing amount generated in the panel, and click the Create button.
- Once creation is complete, check the created resources on the VPC List page.

Category	Required status	Detailed description
tag	Select	Add Tag Up to 50 can be added per resource After clicking the Add Tag button, enter or select Key, Value values

Check VPC detailed information

The VPC service allows you to view and edit the full list of resources and detailed information. The VPC Details page consists of the Details, IP Range Management, Tags, Activity Log tabs.

To view detailed VPC information, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
On the Service Home page, click the VPC menu. You will be taken to the VPC List page.

VPC List page, click the resource to view its details. You will be taken to the VPC Detail page.

VPC Details page displays status information and additional feature information, and consists of the Details, IP Range Management, Tags, Activity History tabs.

Category	Detailed description
status	VPC status Active: operating normally Deleting: deletion in progress Creating: creation in progress Error: unable to determine current status If it persists, contact the registered administrator
Service termination	Cancel service button If you cancel the service, the running service may be terminated immediately, so consider the impact of service interruption thoroughly before proceeding with the cancellation

Category

Detailed description

status

VPC status

Active: operating normally

Deleting: deletion in progress

Creating: creation in progress

Error: unable to determine current status
- If it persists, contact the registered administrator

Service termination

Cancel service button

If you cancel the service, the running service may be terminated immediately, so consider the impact of service interruption thoroughly before proceeding with the cancellation

Table. VPC status information and additional features

Detailed Information

VPC List page lets you view detailed information of the selected resource and edit it if necessary.

Category	Detailed description
service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform In VPC, it refers to the VPC SRN
Resource Name	VPC name
Resource ID	VPC’s unique resource ID
constructor	User who created the VPC
Creation date	VPC creation timestamp
Editor	User who modified the VPC information
Modification date and time	Timestamp of VPC information modification
VPC name	VPC resource name
VPC ID	VPC unique ID
External connection	External resource information
IP range	VPC IP range
description	VPC description Edit Click the icon to edit the description

Table. VPC detailed information tab items

IP range management

On the VPC List page, you can view and add the IP range information associated with the selected resource.

Category	Detailed description
IP range	Added IP range information
Creation date and time	IP range addition timestamp
Add IP range	Add IP range Enter within the range 0.0.0.0/16 - 0.0.0.0/28 Example: 192.168.0.0/16

Category

Detailed description

IP range

Added IP range information

Creation date and time

IP range addition timestamp

Add IP range

Enter within the range 0.0.0.0/16 - 0.0.0.0/28

Example: 192.168.0.0/16

Table. VPC IP range management tab items

Reference

When adding an IP range to a VPC, you cannot add it in the following cases.

IP range currently used in the VPC
In the VPC peering rule associated with the current VPC, the destination is the address range added to the peer VPC.
The address range added as a remote destination in the Direct Connect rule linked to the current VPC.
The address range whose destination was added as remote in the Transit Gateway rule attached to the current VPC.
The NAT IP range currently used by the Private NAT attached to the VPC

Category	Detailed description
Tag list	Tag list You can view the Key, Value information of tags Up to 50 tags can be added per resource When entering tags, search and select from the list of previously created Keys and Values

Job History

You can view the operation history of the selected resource on the VPC List page.

Category	Detailed description
Task History List	Resource Change History Check operation date and time, resource name, operation details, operation result, and operator information

Table. VPC operation history tab detailed information items

Terminate VPC

You can terminate unused VPCs to reduce operating costs.

Caution

A VPC cannot be deleted if it has associated Subnet, Internet Gateway, or Direct Connect resources.
You can only terminate when the VPC service status is Acrive or Error.
If you cancel the service, the currently operating service may be stopped immediately. Proceed with the cancellation only after fully considering the impact of the service interruption.

To terminate the VPC, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
On the Service Home page, click the VPC menu. You will be taken to the VPC List page.
On the VPC List page, select the resource to terminate, and click the Terminate Service button.
After termination is complete, verify on the VPC List page that the resource has been terminated.

2.1 - Subnet

Create Subnet

You can create and use the VPC Subnet service in the Samsung Cloud Platform Console.

To create a Subnet, follow these steps.

All Services > Networking > VPC Click the menu. Go to the VPC’s Service Home page.

On the Service Home page, click the Create Subnet button. You will be taken to the Create Subnet page.

In the Service Information Input area, enter or select the required information.

Category	Required	Detailed description
Subnet type	Required	Select Subnet type General: Can configure as Public or Private Local: Can be assigned by selecting either Virtual Server or Bare Metal Server A Local Subnet is a Subnet for communication only between servers and cannot communicate with the outside VPC Endpoint: VPC Endpoint can be configured
VPC name	Required	Select the VPC to which the subnet will be attached from the list of existing VPCs Click + Create New to create a VPC and then select it
VPC IP range	Select	Automatically input the CIDR range of the selected VPC
Subnet name	Required	Subnet name to create Enter using English letters and numbers, within 3 to 20 characters
IP range	Required	IP range to use in IP range format `/16 ~ /28` Enter within the range Example: `192.168.0.0/24` IP ranges cannot overlap with IP ranges (other subnets) already in use within the VPC
Gateway IP	Required	Display the Gateway IP address of the Subnet The first IP of the entered IP range is automatically filled in Cannot be modified after service creation

Table. Subnet service information input fields

In the Additional Information Input area, enter or select the required information.

Category	Required status	Detailed description
description	Selection	Enter description for Subnet
IP allocation range	Selection	You can set the range within the IP range to be used Select either the entire IP range or an individual specification Subnet sub-resources receive IP assignments from the entered entire IP range or from the individually specified range set by the user When selecting individual specification, enter the starting IP address and the ending IP address
DNS Name Server	Selection	After selecting Use, enter DNS Name Server IP.
Host path	Select	Use after selection, enter the host path Enter the destination IP range and Next Hop IP address Destination IP ranges must not overlap each other
tag	Selection	Add Tag Up to 50 can be added per resource After clicking the Add Tag button, enter or select Key, Value values

Table. Subnet additional information input fields

Summary Check the detailed information and estimated billing amount generated in the panel, and click the Create button.
- After creation is complete, check the created resources on the Subnet List page.

Check Subnet detailed information

The Subnet service allows you to view and edit the full resource list and detailed information. Subnet Details page consists of Details, Virtual IP Management, Tags, Activity Log tabs.

To view detailed Subnet information, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
Click the Subnet button on the Service Home page. You will be taken to the Subnet List page.

On the Subnet List page, click the resource for which you want to view detailed information. You will be taken to the Subnet Details page.

Subnet Details page displays status information and additional feature information, and consists of Details, Virtual IP Management, Tags, Operation History tabs.

Category	Detailed description
status	Subnet status Creating: Creation in progress Active: Operating normally Editing: Modification in progress Deleting: Deletion in progress Failed: State where creation failed Error: Current status unknown If it occurs continuously, contact the registered administrator
Delete Subnet	Subnet Delete Button

Category

Detailed description

status

Subnet status

Creating: Creation in progress

Active: Operating normally

Editing: Modification in progress

Deleting: Deletion in progress

Failed: State where creation failed

Error: Current status unknown
- If it occurs continuously, contact the registered administrator

Delete Subnet

Subnet Delete Button

Table. Subnet status information and additional features

Detailed Information

On the Subnet List page, you can view the operation history of the selected resource.

Category	Detailed description
Service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform In Subnet, it refers to the Subnet SRN
Resource Name	Subnet resource name
Resource ID	Unique resource ID in the service
constructor	User who created the Subnet
Creation date	Subnet creation time
Editor	User who modified the Subnet information
Modification date and time	Subnet information modification timestamp
Subnet type	Subnet type
VPC name	The VPC to which the subnet belongs
Subnet name	Subnet name
Subnet ID	Subnet unique ID
IP range	Used IP range
Gateway IP	Gateway IP address of the Subnet
DHCP IP	the second IP address among the used IP ranges Edit click the icon to edit
description	Subnet additional description Edit Click the icon to edit
IP allocation range	IP allocation range
DNS Name Server	Use DNS Name Server
Host path	Host route (destination IP range, Next Hop IP address) information

Table. Subnet detailed information tab items

Virtual IP Management

Subnet List page lets you view the virtual IP information of the selected resource, and you can reserve or delete it.

Category	Detailed description
Virtual IP reservation	Virtual IP usage reservation
Virtual IP	Virtual IP information Click the IP to go to the Virtual IP detail page
Public Nat IP	Public NAT IP information
Number of connected ports	Number of ports connected to the IP
Reservation date and time	Virtual IP reservation date and time
Return	Virtual IP Return button Select multiple items and click the Return button at the top of the list to return them in bulk

Table. Subnet Virtual IP Management Tab Items

Caution

If a Port or NAT IP is attached to a Virtual IP, it cannot be returned. Delete the attached resources first.
You can return the Virtual IP only when the Subnet status is Active or Error.

Category	Detailed description
Tag list	Tag list You can view the Key, Value information of tags Up to 50 tags can be added per resource When entering tags, you can search and select from the existing list of created Keys and Values

Job History

On the Sunnet List page, you can view the operation history of the selected resource.

Category	Detailed description
Task History List	Resource Change History Check operation date/time, resource name, operation details, operation result, and operator information

Table. Subnet operation history tab detailed information items

Managing Virtual IP

You can reserve or manage Virtual IPs for use in a Subnet.

Reserve Virtual IP

You can reserve a Virtual IP for use in the Subnet.

To reserve a Virtual IP, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
Click the Subnet button on the Service Home page. You will be taken to the Subnet List page.
On the Subnet list page, click the resource to reserve a Virtual IP. You will be taken to the Subnet details page.
On the Subnet Details page, click the Virtual IP Management tab. You will be taken to the Virtual IP Management tab page.
On the Virtual IP Management tab page, click the Virtual IP Reservation button. The Virtual IP reservation window opens.
In the Virtual IP Reservation window, set the detailed items and click OK.
- Virtual IP: If you select Auto-Generated, an automatically generated IP will be reserved, and if you select Input, you can reserve an IP that you manually entered.
- Description: Enter additional description for Virtual IP.
When the reservation confirmation window appears, click Confirm.

Check Virtual IP detailed information

You can view detailed information about the Virtual IP.

To view detailed information about the Virtual IP, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Subnet button. You will be taken to the Subnet List page.
Subnet list page, click the resource to reserve a Virtual IP. Subnet details page will be displayed.
On the Subnet Details page, click the Virtual IP Management tab. You will be taken to the Virtual IP Management tab page.

Click the resource to view on the Virtual IP Management tab page. You will be taken to the Virtual IP Details page.

*Virtual IP Details The page displays the connected ports and detailed information.

Category	Detailed description
Virtual IP	Virtual IP address
Public NAT IP	Public NAT IP address and status Edit icon can be clicked to edit Enable after setting, you can select an existing IP or create one to add Public NAT IP cannot be modified after configuration; changes require reconfiguration
Connection Port	Port information connected to the Virtual IP Add button to click to add a connected port, you can add by connecting an existing port or creating a new one Delete button to click to remove the connected port
Explanation	Virtual IP description Click the Edit icon to modify
constructor	User who reserved a Virtual IP
Creation date	Virtual IP reservation date and time
Editor	User who modified the Virtual IP information
Modification date	Date and time the Virtual IP information was modified

Table. Virtual IP detailed information items

Terminate Subnet

You can delete an unused Subnet.

Caution

You cannot cancel the service if there are connected resources. Delete the connected resources first.
You can delete a service only when its status is Active or Error.
Because data cannot be recovered after a service is deleted, be sure to fully consider the impact before proceeding with a Subnet deletion.

To delete a Subnet, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Subnet menu. You will be taken to the Subnet List page.
On the Subnet List page, click the resource to delete. Navigate to the Subnet Details page.
On the Subnet Details page, click the Delete button.
After deletion is complete, check the Subnet list to confirm that the resource has been removed.

Preliminary Service

This is a list of services that must be pre-configured before creating the service. Please refer to the guide provided for each service for details and prepare in advance.

Service Category	Service	Detailed description
Networking	VPC	A service that provides an isolated virtual network in a cloud environment

Table. Subnet pre-service

2.2 - Port

Create Port

You can create and use a Port service in the Samsung Cloud Platform Console.

To create a port, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC Service Home page.

On the Service Home page, click the Create Port button. You will be taken to the Create Port page.

In the Service Information Input area, enter or select the required information.

Category	Required	Detailed description
VPC name	Required	Select the VPC to create the Port Click + Create New to create the VPC and then select it
Subnet name	Required	Select the Subnet to create the Port Click + Create New to create a Subnet and then select it
Port name	Required	Port name that is easy to identify Enter using English letters, numbers, `-` within 3 to 20 characters
IP allocation method	Required	Select IP allocation method Automatic allocation: IP is automatically assigned within the IP allocation range of the Subnet Manual entry: The entered IP is assigned within the Subnet’s range When Manual entry is selected, enter the IP address to use for the Port in Fixed IP address
Explanation	Selection	Enter description for Port
Security Group	Select	When Use is selected, you can select up to 5 Security Groups.

Table. Port service information input fields

Enter or select the required information in the Additional Information Input area.
Category
Required status
Detailed description
tag Select Add Tag
Up to 50 can be added per resource
After clicking the Add Tag button, enter or select Key and Value values
Table. Port additional information input fields

Summary Check the detailed information and estimated billing amount generated in the panel, and click the Create button.
- After creation is complete, check the created resources on the Port List page.

Category	Required status	Detailed description
tag	Select	Add Tag Up to 50 can be added per resource After clicking the Add Tag button, enter or select Key and Value values

Check detailed information of Port

The Port service allows you to view and edit the full resource list and detailed information. Port Details page consists of Details, Tags, Activity Log tabs.

To view detailed port information, follow these steps.

Click the All Services > Networking > VPC menu. Go to the VPC’s Service Home page.
On the Service Home page, click the Port menu. You will be taken to the Port List page.

Port List page, click the resource (Port name) to view detailed information. You will be taken to the Port Details page.

Port Details page displays status information and additional feature information, and consists of Details, Tags, Activity Log tabs.

Category	Detailed description
status	Port status Active: Operating normally Down: Not connected to the resource, or connected but not functioning Error: Current status cannot be determined If it occurs continuously, contact the registered administrator
Delete Port	Button to delete the port

Category

Detailed description

status

Port status

Active: Operating normally

Down: Not connected to the resource, or connected but not functioning

Error: Current status cannot be determined
- If it occurs continuously, contact the registered administrator

Delete Port

Button to delete the port

Table. Port status information and additional functions

Detailed Information

On the Port list page, you can view detailed information of the selected resource and edit the information if needed.

Category	Detailed description
Service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform In Port, it refers to the Port SRN
Resource Name	Port resource name
Resource ID	Unique resource ID in the service
Resource ID	Port’s unique resource ID
constructor	User who created the Port
Creation date and time	Port creation timestamp
Editor	User who modified the port information
Modification date and time	Date and time the port information was modified
Port name	Port resource name
Port ID	Port resource ID
Subnet name	Click the connected Subnet name or Subnet entry to go to the detail page.
Connected resources	Connected device information
Static IP	Static IP information
MAC address	MAC address information
Explanation	Description of the Port Edit icon can be clicked to edit
Security Group	Connected Security Group information Edit icon can be clicked to change the Security Group
Virtual IP	Connected Virtual IP information

Table. Port detailed information tab items

Category	Detailed description
Tag list	Tag list You can view the Key, Value information of the tag Up to 50 tags can be added per resource When entering a tag, you can search and select from the list of previously created Keys and Values

Job History

On the Port list page, you can view the operation history of the selected resource.

Category	Detailed description
Task History List	Resource Change History Check operation date/time, resource name, operation details, operation result, and operator information

Table. Port operation history tab detailed information items

Delete Port

You can release unused ports to reduce operating costs.

Caution

If there are connected resources such as Virtual Server or PrivateLink, you cannot delete the service. Delete the connected resources first.
After deleting a service, the running service may be stopped immediately. Consider the impact of deleting the service thoroughly before proceeding with the deletion.

To delete a Port, follow these steps.

Click the All Services > Networking > VPC menu. Go to the VPC’s Service Home page.
On the Service Home page, click the Port menu. You will be taken to the Port List page.
On the Port List page, click the resource (Port name) you want to delete. You will be taken to the Port Detail page.
On the Port Details page, click the Delete Port button.
After the deletion is complete, check whether the resource has been removed from the Port list.

Preliminary Service

This is a list of services that must be pre-configured before creating the service. Please refer to the guide provided for each service and prepare in advance.

Service Category	Service	Detailed description
Networking	VPC	A service that provides an isolated virtual network in a cloud environment

Table. Port pre-service

2.3 - Internet Gateway

Create Internet Gateway

You can create and use the Internet Gateway service in the Samsung Cloud Platform Console.

To create an Internet Gateway, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.

On the Service Home page, click the Internet Gateway Creation button. You will be taken to the Internet Gateway Creation page.

Enter or select the required information in the Service Information Input area.

Category	Required	Detailed description
VPC name	Required	Select the VPC that connects to the Internet Gateway Click + New to create a VPC and then select it
Category	Required	Select Internet Gateway type Choose from Dedicated Internet Gateway, Secured Internet Gateway, Group Gateway
Internet Gateway name	Selection	Automatically create IGW_{VPC name}
Explanation	Select	Enter a description of the Internet Gateway
Use firewall	Select	Select whether to use the firewall
Whether to save firewall logs	Select	Select whether to save Firewall logs When using the Firewall, save connection logs For more details, see Using Firewall Log Saving

Table. Internet Gateway Service Information Input Items

In the Additional Information Input area, enter or select the required information.
Category
Required status
Detailed description
Tag Select Add Tag
Up to 50 can be added per resource
After clicking the Add Tag button, enter or select Key, Value values
Table. Internet Gateway additional information input fields

Category	Required status	Detailed description
Tag	Select	Add Tag Up to 50 can be added per resource After clicking the Add Tag button, enter or select Key, Value values

Caution

You cannot attach an Internet Gateway and a Group Gateway to the same VPC simultaneously.

Summary Check the detailed information and estimated billing amount generated in the panel, and click the Create button.
- Once creation is complete, check the created resource on the Internet Gateway List page.

Internet Gateway Check detailed information

The Internet Gateway service allows you to view and edit the full resource list and detailed information. Internet Gateway Details page consists of Details, Tags, Activity Log tabs.

To view detailed information about the Internet Gateway, follow these steps.

Click the All Services > Networking > VPC menu. You will be taken to the VPC Service Home page.
On the Service Home page, click the Internet Gateway menu. Navigate to the Internet Gateway list page.

On the Internet Gateway List page, click the resource to view detailed information. You will be taken to the Internet Gateway Details page.

Internet Gateway Details page displays status information and additional feature information, and consists of Details, Tags, Activity History tabs.

Category	Detailed description
status	Internet Gateway status Creating: Creating resource Ative: Normal connection status Deleting: Deletion in progress Error: Unable to determine current status If it persists, contact the registered administrator
Delete Internet Gateway	Internet Gateway Delete Button

Category

Detailed description

status

Internet Gateway status

Creating: Creating resource

Ative: Normal connection status

Deleting: Deletion in progress

Error: Unable to determine current status
- If it persists, contact the registered administrator

Delete Internet Gateway

Internet Gateway Delete Button

Table. Internet Gateway status information and additional features

Detailed Information

On the Internet Gateway List page, you can view detailed information of the selected resource and edit the information if needed.

Category	Detailed description
Service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform In Internet Gateway, it refers to the Internet Gateway SRN
Resource Name	Internet Gateway resource name
Resource ID	Unique resource ID in the service
constructor	User who created the Internet Gateway
Creation date and time	Internet Gateway creation timestamp
Editor	User who modified the Internet Gateway information
Modification date and time	Date and time the Internet Gateway information was modified
Internet Gateway name	Internet Gateway name
Internet Gateway ID	Internet Gateway resource ID
VPC name	VPC name
VPC name	VPC ID
Category	Internet Gateway type
description	Description of Internet Gateway Edit Click the icon to edit
Firewall name	Clicking the Firewall takes you to the detail page.
Use Fireawall	Use firewall
NAT Gateway	Clicking NAT Gateway navigates to the detail page
Whether to save NAT logs	NAT log storage Edit icon can be clicked to modify Enabled: Store logs Disabled: Do not store logs

Table. Internet Gateway Detailed Information Tab Items

Category	Detailed description
Tag list	Tag list You can view the Key, Value information of the tag Up to 50 tags can be added per resource When entering a tag, you can search and select from the list of previously created Keys and Values

Job History

On the Internet Gateway List page, you can view the operation history of the selected resource.

Category	Detailed description
Task History List	Resource Change History Check operation date/time, resource name, operation details, operation result, and operator information

Table. Internet Gateway operation history tab detailed information items

Managing Internet Gateway Resources

You can manage resources, such as enabling Internet Gateway log storage.

Using NAT Log Storage

Reference

To store NAT logs, first create a bucket in Object Storage for log storage and configure that bucket in the NAT Logging log repository. Then, when you enable log storage in the NAT detail view, NAT logs will begin to be saved to the Object Storage bucket. The log repository settings can be verified in NAT Logging. For more information, see NAT Logging.

If you configure a log repository, Object Storage charges for log storage will be applied.

To use NAT log storage, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Internet Gateway menu. Navigate to the Internet Gateway List page.
On the Internet Gateway List page, click the resource to view detailed information. You will be taken to the Internet Gateway Details page.
Click the Modify NAT log storage setting button. You will be taken to the Modify NAT log storage setting popup.
Modify NAT Log Storage Setting In the popup window, select Use for the log repository, and click the Confirm button.

Caution

If the log repository is not configured in NAT Logging, the log repository use setting cannot be enabled.

Do not use NAT log storage

To use NAT log storage, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Internet Gateway menu. You will be taken to the Internet Gateway List page.
Internet Gateway List page, click the resource to view detailed information. You will be taken to the Internet Gateway Details page.
Click the Modify NAT log storage setting button. You will be taken to the Modify NAT log storage setting popup.
Modify NAT log storage setting In the popup window, deselect Use for the log storage, and click the Confirm button.
Notification Check the message in the popup window and click the Confirm button.

Caution

If log storage is disabled, the service’s log storage will be halted, and tracking and management through log analysis will be impossible in the event of a security incident.

Delete Internet Gateway

Caution

NAT Gateway, Firewall rules, VPN, etc. If there are connected resources, you cannot terminate the service. Delete the connected resources first.
After deleting the service, internet communication for resources under the VPC will be interrupted. Proceed with the deletion only after fully considering the impact of deleting the Internet Gateway.

To delete an Internet Gateway, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Internet Gateway menu. You will be taken to the Internet Gateway List page.
On the Internet Gateway List page, click the resource you want to delete. Navigate to the Internet Gateway Details page.
On the Internet Gateway Details page, click the Delete button.
After the deletion is complete, verify that the resource has been removed from the Internet Gateway list.

Pre-service

This is a list of services that must be pre-configured before creating the service. Please refer to the guide provided for each service for details and prepare in advance.

Service Category	Service	Detailed description
Networking	VPC	A service that provides an isolated virtual network in a cloud environment

Table. Internet Gateway preliminary service

2.4 - NAT Gateway

Creating NAT Gateway

You can create and use the NAT Gateway service in the Samsung Cloud Platform Console.

To create a NAT Gateway, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.

On the Service Home page, click the Create NAT Gateway button. You will be taken to the Create NAT Gateway page.

In the Service Information Input area, enter or select the required information.

Category	Required	Detailed description
VPC name	Required	Select the VPC to connect + Create new to create a VPC and then select it
Subnet name	Required	Select the connected Subnet Click + Create New to create a Subnet and then select it
NAT Gateway name	Select	Create NAT_GW_{subnet name}
IP for NAT Gateway	Required	Select a Public IP for NAT Gateway + New Click to create an IP and then select it
description	Select	Enter a description for the NAT Gateway

Table. NAT Gateway Service Information Input Items

Enter or select the required information in the Additional Information Input area.
Category
Whether required
Detailed description
Tag Select Add Tag
Up to 50 can be added per resource
After clicking the Add Tag button, enter or select Key and Value values
Table. NAT Gateway additional information input fields

In the Summary panel, review the detailed information and estimated billing amount, then click the Create button.
- When creation is complete, verify the created resource on the NAT Gateway list page.

Category	Whether required	Detailed description
Tag	Select	Add Tag Up to 50 can be added per resource After clicking the Add Tag button, enter or select Key and Value values

Check NAT Gateway detailed information

The NAT Gateway service allows you to view and edit the full resource list and detailed information. NAT Gateway Details page consists of Details, Tags, Activity Log tabs.

Click the All Services > Networking > VPC menu. Go to the VPC’s Service Home page.
On the Service Home page, click the NAT Gateway menu. You will be taken to the NAT Gateway List page.

On the NAT Gateway List page, click the resource whose details you want to view. You will be taken to the NAT Gateway Details page.

NAT Gateway Details page displays status information and additional feature information, and consists of Details, Tags, Activity History tabs.

Category	Detailed description
status	NAT Gateway status Creating: Creation in progress Active: Operating normally Deleting: Deletion in progress
Delete NAT Gateway	Button to terminate the service Terminate the NAT Gateway when there are no connected services Since terminating the service may cause the running service to stop immediately, proceed with the termination only after fully considering the impact of service interruption

Category

Detailed description

status

NAT Gateway status

Creating: Creation in progress

Active: Operating normally

Deleting: Deletion in progress

Delete NAT Gateway

Button to terminate the service

Terminate the NAT Gateway when there are no connected services

Since terminating the service may cause the running service to stop immediately, proceed with the termination only after fully considering the impact of service interruption

Table. NAT Gateway status information and additional features

Detailed Information

NAT Gateway List page lets you view detailed information of the selected resource and modify it if necessary.

Category	Detailed description
service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform In NAT Gateway, it refers to the NAT Gateway SRN
Resource name	NAT Gateway resource name
Resource ID	Unique resource ID in the service
constructor	User who created the NAT Gateway
Creation Timestamp	NAT Gateway creation timestamp
Editor	User who modified NAT Gateway information
Modification date and time	Date and time the NAT Gateway information was modified
NAT Gateway name	NAT Gateway name
NAT Gateway ID	NAT Gateway resource ID
VPC name	VPC name connected to NAT Gateway Click the VPC to go to the detail page
VPC ID	VPC resource ID connected to the NAT Gateway
Subnet name	Subnet name connected to NAT Gateway Click the Subnet to go to the detail page
Subnet ID	Subnet resource ID connected to the NAT Gateway
Subnet IP range	Subnet IP range information
IP for NAT Gateway	NAT Gateway IP information
description	Description of NAT Gateway Edit icon can be clicked to modify

Table. NAT Gateway Detailed Information Tab Items

Category	Detailed description
Tag list	Tag list You can view the Key, Value information of the tag Up to 50 tags can be added per resource When entering a tag, you can search and select from the list of previously created Keys and Values

Job History

You can view the operation history of the selected resource on the NAT Gateway List page.

Category	Detailed description
Task History List	Resource Change History Check operation date and time, resource name, operation details, operation result, and operator information

Table. NAT Gateway operation history tab detailed information items

Delete NAT Gateway

Caution

If you delete the NAT Gateway, all resources in that subnet cannot communicate with the internet, except for resources that have 1:1 NAT configured.

To delete a NAT Gateway, follow these steps.

Click the All Services > Networking > VPC menu. Go to the VPC’s Service Home page.
On the Service Home page, click the NAT Gateway menu. Navigate to the NAT Gateway List page.
Click the resource to view detailed information on the NAT Gateway List page. You will be taken to the NAT Gateway Details page.
On the NAT Gateway Details page, click the Delete button.
After deletion is complete, verify that the resource has been removed from the NAT Gateway list.

Pre-service

This is a list of services that must be pre-configured before creating the service. Please refer to the guide provided for each service and prepare in advance.

Service Category	Service	Detailed description
Networking	VPC	A service that provides an isolated virtual network in a cloud environment

Table. NAT Gateway prerequisite services

2.5 - Public IP

Create Public IP

You can create and use a Public IP service in the Samsung Cloud Platform Console.

To create a Public IP, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Public IP reservation button. You will be taken to the Public IP reservation page.
- Enter or select the required information in the Service Information Input area.
  Category
  Required status
  Detailed description
  Category Required Select the gateway to reserve the Public IP
  Default: Internet Gateway
  description Select Enter description for Public IP
  Table. Public IP Service Information Input Items
- In the Additional Information Input area, enter or select the required information.
  Category
  Required status
  Detailed description
  Tag Select Add Tag
  Up to 50 can be added per resource
  After clicking the Add Tag button, enter or select Key and Value values
  Table. Public IP additional information input fields
Summary Check the detailed information and estimated billing amount generated in the panel, and click the Create button.
- Once creation is complete, check the created resources on the Public IP List page.

Category	Required status	Detailed description
Category	Required	Select the gateway to reserve the Public IP Default: Internet Gateway
description	Select	Enter description for Public IP

Category	Required status	Detailed description
Tag	Select	Add Tag Up to 50 can be added per resource After clicking the Add Tag button, enter or select Key and Value values

View detailed information of Public IP

The Public IP service allows you to view and edit the full resource list and detailed information. Public IP Details page consists of Details, Tags, Activity Log tabs.

To view detailed information about the public IP, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Public IP menu. You will be taken to the Public IP List page.

On the Public IP List page, click the resource to view detailed information. You will be taken to the Public IP Detail page.

Public IP Details page displays status information and additional feature information, and consists of Details, Tags, Activity Log tabs.

Category	Detailed description
status	Public IP status Attached: attached state Reserved: reserved state Error: cannot determine current state If it occurs continuously, contact the registered administrator
Return Public IP	Public IP Return Button

Category

Detailed description

status

Public IP status

Attached: attached state

Reserved: reserved state

Error: cannot determine current state
- If it occurs continuously, contact the registered administrator

Return Public IP

Public IP Return Button

Table. Public IP status information and additional features

Detailed Information

Public IP List page lets you view detailed information of the selected resource and edit the information if needed.

Category	Detailed description
Service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform In Public IP, it refers to the Public IP SRN
Resource name	Public IP resource name
Resource ID	Unique resource ID in the service
constructor	User who created the Public IP
Creation date	Public IP creation timestamp
Editor	User who modified the Public IP information
Modification date and time	Date and time the public IP information was modified
IP address	Designated (reserved) IP address
Category	Gateway information with reserved Public IP
Public IP ID	Public IP resource ID
description	Description of Public IP Edit Click the icon to edit the description
Connection resource type	Resource information associated with the designated (reserved) IP address
Connection resource name	Resource name associated with the designated (reserved) IP address

Table. Public IP detailed information tab items

Category	Detailed description
Tag list	Tag list You can view the Key, Value information of the tag Up to 50 tags can be added per resource When entering a tag, you can search and select from the list of previously created Keys and Values

Job History

On the Public IP List page, you can view the operation history of the selected resource.

Category	Detailed description
Task History List	Resource Change History Check operation date/time, resource name, operation details, operation result, and operator information

Table. Detailed information items for the Port operation history tab

Return Public IP

Caution

You can only return the Public IP service when its status is Reserved. Verify the service status before submitting a return request.

To delete a Public IP, follow these steps.

Click the All Services > Networking > VPC menu. Go to the VPC’s Service Home page.
On the Service Home page, click the Public IP button. You will be taken to the Public IP List page.
On the Public IP List page, click the resource to view detailed information. You will be taken to the Public IP Details page.
On the Public IP Details page, click the Public IP Release button.
After the return is completed, check whether the resource has been deleted from the Public IP list.

Pre-service

This is a service that must be installed in advance before creating this service. Please refer to the provided user guide and prepare accordingly.

Service Category	Service	Detailed description
Networking	VPC	It is a service that provides an isolated virtual network in a cloud environment.

Table. Public IP pre-service

2.6 - Private NAT

Users can create the Private NAT service by entering the required information and selecting detailed options through the Samsung Cloud Platform Console.

Creating Private NAT

You can create a Private NAT service in the Samsung Cloud Platform Console and use it.

To create a Private NAT, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.

On the Service Home page, click the Create Private NAT button. 2. Navigate to the Create Private NAT page.

In the Service Information Input area, enter or select the required information.

Category	required status	Detailed description
Private NAT name	Required	Enter the Private NAT name Enter using letters and numbers, 3 to 20 characters
Connection resource type	Required	Select the connection resource to connect the Private NAT You can choose between Direct Connect and Transit Gateway Transit Gateway can be selected after connecting the uplink line
Connection resource name	Essential	Display entries of the selected connection resource Click + New Creation in the list to create a connection resource
NAT IP range	Essential	Enter the NAT IP range to use Enter in CIDR format, e.g., 192.168.2.0/23 Cannot overlap with the connected VPC IP or other Private NAT IP ranges
Explanation	Selection	Enter description for Private NAT

Table. Private NAT Service Information Input Items

Reference

It must not overlap with the IP range of the VPC connected to the selected Direct Connect or Transit Gateway.
It must not overlap with other Private NAT ranges that are connected to the selected Direct Connect or Transit Gateway.
It must not overlap with the IP range of the on‑premise network connected to the selected Direct Connect or Transit Gateway.
Some IP ranges are reserved for management and cannot be used.

Additional Information Input area, enter or select the required information.
Category
Required status
Detailed description
Tag Selection Add Tag
Up to 50 per resource can be added
After clicking the Add Tag button, enter or select Key, Value values
Table. Private NAT additional information input fields

Summary Check the detailed information and estimated charges generated in the panel, and click the Create button.
- When creation is complete, verify the created resources on the Private NAT List page.

Category	Required status	Detailed description
Tag	Selection	Add Tag Up to 50 per resource can be added After clicking the Add Tag button, enter or select Key, Value values

Check Private NAT detailed information

The Private NAT service allows you to view and edit the complete resource list and detailed information. On the Private NAT Details page, it consists of Detail Information, IP Management, Tags, Operation History tabs.

To view detailed information about Private NAT, follow these steps.

All Services > Networking > VPC menu, click it. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Private NAT menu. 2. Go to the Private NAT List page.
Private NAT List page, click the resource to view detailed information. 3. Navigate to the Private NAT Details page.
- Private NAT Details page displays status information and additional feature information, and consists of Details, IP Management, Tags, Activity Log tabs.
  Category Detailed description
  status Private NAT status
  Active: Running
  Creating: In progress
  Deleting: In progress
  Error: An error occurred
  Delete Private NAT Button to delete Private NAT
  Table. Private NAT status information and additional features

Category	Detailed description
status	Private NAT status Active: Running Creating: In progress Deleting: In progress Error: An error occurred
Delete Private NAT	Button to delete Private NAT

Detailed Information

Private NAT List page allows you to view detailed information of the selected resource and edit the information if necessary.

Category	Detailed description
service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform
Resource Name	Private NAT resource name
Resource ID	Unique resource ID in the service
Constructor	User who created a Private NAT
Creation date and time	Date and time the Private NAT was created
Modifier	User who modified the Private NAT information
Modification date	Date and time the Private NAT information was modified
Private NAT name	Private NAT resource name
Connection resource type	Information about resources connected to Private NAT
NAT IP range	NAT IP range information in use
Connection resource name	Clicking the resource information or resource name linked to the Private NAT navigates to the detailed information page.
Explanation	Description of Private NAT Edit icon can be clicked to edit the description

Table. Private NAT detailed information tab items

IP Management

Private NAT List page allows you to view the Private NAT IP, and you can reserve or release it.

Category

Detailed description

Private NAT IP List

Active Private NAT list

Private NAT IP, associated resources, and status can be viewed

Click the Private NAT IP Reservation button to add an IP

Click the Release button to delete the selected IP

Table. Private NAT IP Management Tab Items

Job History

On the Private NAT List page, you can view the operation history of the selected resource.

Category	Detailed description
Task History List	Resource Change History Operation Timestamp, Resource Name, Operation Details, Operation Result, Operator Information Check

Table. Private NAT operation history tab detailed information items

Managing Private NAT IP

You can reserve or release a Private NAT IP.

Reserve Private NAT IP

To reserve a Private NAT IP, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Private NAT menu. 2. Private NAT List Go to the page.
Private NAT List page, click the resource to reserve an IP. 3. Go to the Private NAT Details page.
On the Private NAT Details page, click the IP Management tab. 4. Navigate to the IP Management tab page.
Click the IP Management tab page’s Private NAT IP Reservation button. 5. The Private NAT IP reservation window appears.
Enter the Private NAT IP to be used in the Private NAT IP reservation window and click the Confirm button. 6. A notification confirmation dialog appears.
In the alert dialog, click the Confirm button. 7. Check whether a resource entry has been added to the IP list.

Return Private NAT IP

Caution

You can only return a Private NAT IP when its status is Reserved.

To return the Private NAT IP, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Private NAT menu. 2. Navigate to the Private NAT List page.
On the Private NAT List page, click the resource to reserve an IP. 3. Go to the Private NAT Details page.
On the Private NAT Details page, click the IP Management tab. 4. Navigate to the IP Management tab page.
On the IP Management tab page, click the Return button for the IP item you want to return. 5. A notification confirmation dialog appears.
Verify that the selected resource has been deleted from the IP list.

Delete Private NAT

You can cancel unused Private NAT to reduce operating costs.

Caution

If the Private NAT service status is Creating, Editing, or Deleting, the service cannot be terminated.

To cancel Private NAT, follow the steps below.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Private NAT menu. 2. Go to the Private NAT List page.
On the Private NAT List page, click the resource to delete. 3. Go to the Private NAT Details page.
On the Private NAT Details page, click the Delete Private NAT button.
After termination is complete, check whether the resource has been deleted from the Private NAT list.

Preliminary service

This service must be installed in advance before creating this service. Please prepare by referring to the user guide provided in advance.

Service Category	service	Detailed description
Networking	VPC	A service that provides an isolated virtual network in a cloud environment
Networking	Direct Connect	A service that securely and quickly connects the customer’s network with the Samsung Cloud Platform environment.

Table. Private NAT Preliminary Service

2.7 - VPC Endpoint

Create VPC Endpoint

You can create and use a VPC Endpoint service in the Samsung Cloud Platform Console.

To create a VPC Endpoint, follow these steps.

Click the All Services > Networking > VPC menu. Go to the VPC’s Service Home page.

On the Service Home page, click the Create VPC Endpoint button. You will be taken to the Create VPC Endpoint page.

In the Service Information Input area, enter or select the required information.

Category	Required status	Detailed description
VPC name	Required	Select the VPC to create the Endpoint Click + Create new to create a VPC and then select it
Usage > Target Service	Required	Select the target service for which to create the VPC Endpoint
Purpose > Connected Resources	Required	Select the resource to create a VPC Endpoint
VPC Endpoint name	Required	Enter the VPC Endpoint name Enter using letters and numbers, 3 ~ 20 characters
VPC Endpoint IP > Subnet name	Required	Select VPC Endpoint Subnet + Create New Click to create a Subnet and then select it
VPC Endpoint IP > IP	Required	Enter the IP to be used for the VPC Endpoint Example: `192.168.x.x`
description	Select	Enter a description for the VPC Endpoint

Table. VPC Endpoint Service Information Input Items

Enter or select the required information in the Additional Information Input area.

Category

Whether required

Detailed description

tag

Select

Add Tag

Up to 50 can be added per resource

Add Tag button after clicking, input or select Key, Value values

Table. VPC Endpoint additional information input fields

Reference

After registering the VPC Endpoint, you need to configure the Direct Connect firewall to integrate internal services of the Samsung Cloud Platform. Refer to the port information for each service and register the firewall rules.

Service	Port information
DNS	TCP 53, UDP 53
Object Storage	TCP 8080, 8443, 80, 443, 4430
File Storage	(NFS) TCP/UDP common 111, 300, 302, 304, 2049, 635, 4045, 4046, 4049 (CIFS) UDP 135, 137, 138, 389 / TCP 135, 139, 445, 40001
Container Registry (authentication server, Registry)	TCP 443

Table: Allowed ports per target service

Summary Verify the detailed information and estimated billing amount generated in the panel, then click the Create button.
- When creation is complete, check the created resources on the VPC Endpoint List page.

Check VPC Endpoint details

The VPC Endpoint service allows you to view and edit the full list of resources and detailed information. VPC Endpoint Details page consists of Details, Tags, Activity Log tabs.

Endpoint To view detailed information, follow these steps.

Click the All Services > Networking > VPC menu. Go to the VPC’s Service Home page.
Click the VPC Endpoint menu on the Service Home page. You will be taken to the VPC Endpoint List page.

On the VPC Endpoint List page, click the resource for which you want to view detailed information. You will be taken to the VPC Endpoint Details page.

VPC Endpoint Details page displays status information and additional feature information, and consists of Details, Tags, Activity History tabs.

Category

Detailed description

status

VPC Endpoint status

Active: operating normally

Creating: creation in progress

Deleting: deleting resource connection

Deleted: resource connection deleted

Delete VPC Endpoint

Button to delete the VPC Endpoint connection resource

Table. VPC Endpoint status information and additional features

Detailed Information

VPC Endpoint List page lets you view detailed information of the selected resource and edit the information if needed.

Category	Detailed description
Service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform In VPC Endpoint, it refers to the VPC Endpoint SRN
Resource name	VPC Endpoint resource name
Resource ID	Unique resource ID in the service
constructor	User who created the VPC Endpoint
Creation date and time	VPC Endpoint creation timestamp
Editor	User who modified the VPC Endpoint information
Modification date	Date and time the VPC Endpoint information was modified
VPC Endpoint name	VPC Endpoint name
VPC name	Click the connected VPC name or VPC item to go to the detail page.
VPC ID	Connected VPC ID
Target Service	Connected target information
Connection resource information	Connected resource information
Subnet name	Endpoint subnet information; click the subnet item to navigate to the detail page.
VPC Endpoint IP	VPC Endpoint IP information
description	Description of VPC Endpoint Edit icon can be clicked to edit

Table. VPC Endpoint detailed information tab items

Job History

VPC Endpoint List page allows you to view the operation history of the selected resource.

Category	Detailed description
Task History List	Resource Change History Check operation date and time, resource name, operation details, operation result, and operator information

Table. VPC Endpoint operation history tab detailed information items

Delete VPC Endpoint

You can cancel unused Endpoints to reduce operating costs.

Caution

If there are connected resources such as Object Storage, Container Registry, you cannot cancel the service. Delete the connected resources first.
Deleting a VPC Endpoint can cause the running service to stop immediately. Carefully consider the impact of deleting the service before proceeding with the deletion.

To terminate a VPC Endpoint, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
Click the VPC Endpoint menu on the Service Home page. You will be taken to the VPC Endpoint List page.
On the VPC Endpoint List page, click the resource you want to delete. You will be taken to the VPC Endpoint Details page.
On the VPC Endpoint Details page, click the Delete Endpoint button.
When the termination is complete, check whether the resource has been deleted from the VPC Endpoint list.

Pre-service

This is a list of services that must be pre-configured before creating the service. Please refer to the guide provided for each service for details and prepare in advance.

Service Category	Service	Detailed description
Networking	VPC	A service that provides an isolated virtual network in a cloud environment
Networking	Direct Connect	A service that securely and quickly connects the customer’s network to the Samsung Cloud Platform

Table. VPC Endpoint prerequisite services

2.8 - VPC Peering

Users can create the service by entering the required information for the VPC Peering service and selecting detailed options through the Samsung Cloud Platform Console.

Create VPC Peering

You can create and use the VPC Peering service in the Samsung Cloud Platform Console.

To create a VPC Peering, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.

On the Service Home page, click the Create VPC Peering button. You will be taken to the Create VPC Peering page.

Enter or select the required information in the Service Information Input area.

Category	Required status	Detailed description
VPC Peering name	Required	Enter VPC Peering name Enter using letters and numbers, 3~20 characters
Requested VPC name	Required	Select the VPC to request VPC Peering Click + New in the list to create a VPC
Approved Account	Required	Select the account of the VPC to approve VPC peering, then select that VPC or enter its information Same account: select the approved VPC name Click + New creation in the list to create a VPC Different account: enter the approved Account ID and approved VPC ID
description	Select	Enter a description of VPC Peering

Table. VPC Peering service information input items

In the Additional Information Input area, enter or select the required information.
Category
Whether required
Detailed description
Tag Select Add Tag
Up to 50 can be added per resource
After clicking the Add Tag button, enter or select Key and Value values
Table. VPC Peering additional information input fields

Check the detailed information and estimated billing amount generated in the Summary panel, and click the Create button.
- When connecting a VPC from another Account, the peering proceeds after an approval process, so the connection may take some time.
- When creation is complete, check the created resource on the VPC Peering List page.

Check VPC Peering details

The VPC Peering service allows you to view and edit the full list of resources and detailed information. VPC Peering Details page consists of Details, Rules, Tags, Activity Log tabs.

To view detailed VPC Peering information, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
On the Service Home page, click the VPC Peering menu. You will be taken to the VPC Peering List page.

VPC Peering List Click the resource to view detailed information on the page. You will be taken to the VPC Peering Details page.

VPC Peering Details page displays status information and additional feature information, and consists of Details, Rules, Tags, Activity History tabs.

Category

Detailed description

status

VPC Peering status

Active: operational

Requesting: connection or deletion request in progress

Creating: connecting

Creating Requesting: connection request in progress

Deleting Requesting: deletion request in progress

Editing: editing

Rejected: rejected

Canceled: canceled

Error: error occurred
- If it persists, contact the registered administrator

VPC Peering deletion/VPC Peering deletion request

Button to request deletion of VPC Peering resources

Cancel Connection Request: Can cancel if a VPC Peering connection was requested

Approve Connection: Can approve when a VPC Peering connection request is received
- Reject Connection: Click to reject the connection

Cancel Deletion Request: Can cancel if a VPC Peering deletion was requested

Approve Deletion: Can approve when a VPC Peering deletion request is received
- Reject Deletion: Click to reject the deletion

Reapproval Request: Request reapproval when VPC approval was denied

Table. VPC Peering status information and additional features

Detailed Information

VPC Peering List page lets you view detailed information of the selected resource and edit it if needed.

Category	Detailed description
Service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform
Resource name	VPC Peering resource name
Resource ID	Unique resource ID in the service
constructor	User who created the VPC Peering
Creation date	Timestamp of VPC Peering creation
Editor	User who modified the VPC Peering information
Modification date and time	Timestamp of VPC Peering information modification
VPC Peering name	VPC Peering name
Request information	The VPC name and VPC ID information of the VPC that requested VPC Peering, clicking the VPC name navigates to the detail information page When connecting to a VPC in another account, the VPC name is not displayed
Approval information	The VPC name and VPC ID of the VPC that approved the VPC peering; clicking the VPC name takes you to the detail page When connecting to a VPC in another account, the VPC name is not displayed
Explanation	Description of VPC Peering Edit icon can be clicked to modify the description

Table. VPC Peering detailed information items

rule

VPC Peering List page lets you view the rules associated with the selected resource, and add or remove them.

Category

Detailed description

List of rules

Connected Rules List

You can view the source, destination, destination IP range, and status of connected rules

Click the Add Rule button to add a rule

Click the Delete button to delete the selected rule

Table. VPC Peering rule tab items

Job History

You can view the operation history of the selected resource on the VPC Peering List page.

Category	Detailed description
Task History List	Resource Change History Check operation date and time, resource name, operation details, operation result, and operator information

Table. VPC Peering operation history tab detailed information items

Managing VPC Peering Rules

You can add or delete rules for VPC Peering.

Add Rule

Caution

You can add rules only when the VPC peering status is Active.
If you enter the destination IP incorrectly in the routing configuration, communication failures may occur. Verify the destination IP information once more before creating the rule.

To add a rule to VPC Peering, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
Click the VPC Peering menu on the Service Home page. You will be taken to the VPC Peering List page.
On the VPC Peering List page, click the resource to delete. Navigate to the VPC Peering Details page.
On the VPC Peering Details page, click the Rules tab. You will be taken to the Rules tab page.
On the Rule tab page, click the Add Rule button. The Add Rule dialog appears.
Enter the origin and destination in the rule addition window and click the Confirm button. A notification confirmation window will appear.
- It must not duplicate an already entered rule.
- You can enter within the IP address range of the destination VPC.
- It should be entered the same as the subnet range.
- The destination IP range 0.0.0.0/0 cannot be used.
Click the Confirm button in the notification dialog. Verify that the resource entry has been added to the rule list.

Delete Rule

Caution

You can delete the connected rules only when the VPC Peering service status is ACtive or Error.
If the status of the linked rule is Creating or Deleting, it cannot be deleted.

To delete a VPC Peering rule, follow these steps.

Click the All Services > Networking > VPC menu. Go to the VPC’s Service Home page.
On the Service Home page, click the VPC Peering menu. You will be taken to the VPC Peering List page.
On the VPC Peering List page, click the resource you want to delete. Navigate to the VPC Peering Details page.
VPC Peering Details page, click the Rules tab. You will be taken to the Rules tab page.
Rule tab page, click the Delete button of the item to delete. A notification confirmation dialog appears.
Click the Confirm button in the alert dialog. Verify that the selected resource in the rule list has been deleted.

Terminate VPC Peering

You can terminate unused VPC Peering to reduce operating costs.

Caution

If a rule is attached to the VPC Peering, you cannot terminate the service. Delete all attached rules before terminating the service.
You can only terminate the VPC Peering service when its status is Active, Rejected, Canceled, or Error.

Terminate VPC Peering of the same Account

To terminate a VPC peering within the same account, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
Click the VPC Peering menu on the Service Home page. You will be taken to the VPC Peering List page.
On the VPC Peering List page, click the resource to delete. Navigate to the VPC Peering Details page.
On the VPC Peering Details page, click the VPC Peering Delete button.
After termination is complete, verify that the resource has been deleted from the VPC Peering list.

Terminate VPC Peering connected to another account

To terminate a VPC peering connected to another account, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
Click the VPC Peering menu on the Service Home page. You will be taken to the VPC Peering List page.
On the VPC Peering List page, click the resource you want to delete. You will be taken to the VPC Peering Details page.
On the VPC Peering Details page, click the VPC Peering Delete Request button.
Once the cancellation is complete, verify that the resource has been removed from the VPC Peering list.
- The deletion request must be approved by the counterpart account for the termination to be processed correctly.

Pre-service

This is a service that must be installed in advance before creating this service. Please refer to the provided user guide and prepare accordingly.

Service Category	Service	Detailed description
Networking	VPC	A service that provides an isolated virtual network in a cloud environment

Table. VPC Peering prerequisite service

2.9 - Transit Gateway

Users can create the service by entering the required information for the Transit Gateway service and selecting detailed options through the Samsung Cloud Platform Console.

Create Transit Gateway

You can create and use the Transit Gateway service in the Samsung Cloud Platform Console.

To create a Transit Gateway, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.

On the Service Home page, click the Create Transit Gateway button. 2. Go to the Transit Gateway creation page.

In the Service Information Input area, enter or select the required information.

Category	Required status	Detailed description
Transit Gateway name	Required	Enter the Transit Gateway name Enter using letters and numbers, 3 to 20 characters
Explanation	Selection	Enter description for Transit Gateway

Table: Transit Gateway service information input fields

Additional Information Input area, please enter or select the required information.
Category
required status
Detailed description
tag Select Add Tag
Up to 50 per resource can be added
After clicking the Add Tag button, enter or select Key, Value values
Table. Transit Gateway additional information input fields

Summary Check the detailed information and estimated charges generated in the panel, and click the Create button.
- Once creation is complete, check the created resources on the Transit Gateway List page.

Check Transit Gateway Details

The Transit Gateway service lets you view and modify the complete resource list and detailed information. In the Transit Gateway Details page, it is composed of Details, Connected VPC Management, Rules, Tags, Activity History tabs.

To view the detailed information of the Transit Gateway, follow these steps.

Click the All Services > Networking > VPC menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Transit Gateway menu. 2. Go to the Transit Gateway List page.

On the Transit Gateway List page, click the resource to view its detailed information. 3. Go to the Transit Gateway Details page.

Transit Gateway Details page displays status information and additional feature information, and consists of the Details, Connected VPC Management, Rules, Tags, Activity History tabs.

Category

Detailed description

status

Transit Gateway status

Active: Running

Creating: In progress

Editing: In progress

Deleting: In progress

Error: An error occurred

Delete Transit Gateway

Button to delete Transit Gateway resources

Table. Transit Gateway status information and additional features

Detailed Information

On the Transit Gateway list page, you can view detailed information of the selected resource and, if necessary, edit the information.

Category	Detailed description
service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform
Resource name	Transit Gateway resource name
Resource ID	Unique resource ID in the service
Constructor	User who created the Transit Gateway
Creation date and time	Transit Gateway creation time
Modifier	User who modified the Transit Gateway information
Modification date	Date and time the Transit Gateway information was modified
Transit Gateway name	Transit Gateway resource name
Use Uplink	Uplink information connected to the Transit Gateway Click Linked services (IGW, BM VPC), quick access to line request/modify/termination to go to the service request page
Explanation	Description of the Transit Gateway Edit Click the icon to edit the description
Firewall connection status	Firewall connection management and status display Firewall connection When you click the button, a connection request After connecting, you can add or delete Firewalls in the list

Table. Transit Gateway detailed information tab items

Connected VPC Management

Transit Gateway list page allows you to view the VPCs connected to the selected resource, and to add or delete them.

Category

Detailed description

VPC list

Connected VPC list

You can view connected VPC information and status

Click the Add VPC Connection button to add a VPC

Click the Delete button to delete the selected VPC

Table. Transit Gateway connection VPC management tab items

Rule

On the Transit Gateway list page, you can view the rules attached to the selected resource, and add or delete them.

Category

Detailed description

Rule List

Connected Rules List

You can view the source, destination, destination IP range, and status of connected rules

Click the Add Rule button to add a rule

Click the Delete button to delete the selected rule

Table. Transit Gateway rule tab items

Job History

Transit Gateway list page allows you to view the operation history of the selected resource.

Category	Detailed description
Task History List	Resource Change History Work Timestamp, Resource Name, Work Details, Work Result, Operator Information

Table. Detailed information items for the Transit Gateway operation history tab

Manage Transit Gateway integration services

You can request, modify, and cancel the Uplink and Firewall connection services required to use the Transit Gateway service.

To request the Transit Gateway integration service, follow the steps below.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Transit Gateway menu. 2. Go to the Transit Gateway List page.
On the Transit Gateway List page, click the resource you want to delete. 3. Go to the Transit Gateway Details page.
On the Transit Gateway Details page, click Linked Services (IGW, BM VPC), Quick Access to Line Request/Modification/Termination. 4. Navigate to the service request page.

On the Service Request page, enter or select the required information in the mandatory input fields.

Input field	Detailed description
Title	Enter the title of the service request Example: TGW Uplink circuit request
Region	Select the location of Samsung Cloud Platform Automatically filled with the region corresponding to the Account
service	Select service category and service Service Category: Networking Service: Transit Gateway
Task classification	Select the type you want to request TGW Uplink line request/modification/termination: After selecting the work type, enter detailed information in the service request category field
content	Fill in the detailed items of the service request form Service request type: manually enter one of Apply / Modify / Terminate Account name/ID: Enter the account name and ID Transit Gateway name/ID: Enter the created Transit Gateway name and ID Applicant information: Enter applicant’s email, phone number, etc. Service request task type: Choose and enter either Uplink line connection or BM VPC Firewall connection Firewall usage: Enter whether the firewall is used
Attachment	If you have additional files you want to share, proceed with the upload Attached files can be up to 5 files, each within 5 MB Only doc, docx, xls, xlsx, ppt, ppts, hwp, txt, pdf, jpg, jpeg, png, gif, tif files can be attached

Table. Linked Service Creation Request Items

On the service request page, click the Request button.
- After the request is completed, check the submitted details on the Support Center > Service Request List page.
- When the service request operation is completed, you can view the requested resources on the Transit Gateway Details page.

Reference

VPC connection for BareMetal

VPC Peering does not support firewalls.
When you cannot use a Security Group, such as with BareMetal, you can configure VPC Peering using a Transit Gateway firewall.
- However, in a peered BM VPC, communication via UpLink (external) is not possible, and it cannot be connected to a Transit Gateway together with other VM VPCs.

Managing VPC connections of the Transit Gateway

You can add or remove VPCs on a Transit Gateway.

Add VPC connection

To add a VPC attachment to a Transit Gateway, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Transit Gateway menu. 2. Go to the Transit Gateway List page.
Transit Gateway List page, click the resource you want to delete. 3. Navigate to the Transit Gateway Details page.
On the Transit Gateway Details page, click the Connected VPC Management tab. 4. Navigate to the Connected VPC Management tab page.
On the Connected VPC Management tab page, click the Add VPC Connection button. 5. The VPC connection addition window appears.
In the Add VPC Connection window, select the VPC and click the Confirm button. 6. A notification confirmation window appears.
- Click +New in the list to create a VPC and select it.
In the alert confirmation dialog, click the Confirm button. 7. Check whether a resource entry has been added in the VPC connection list.

Delete VPC connection

To delete a Transit Gateway’s VPC attachment, follow these steps.

Click the All Services > Networking > VPC menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Transit Gateway menu. 2. Go to the Transit Gateway List page.
On the Transit Gateway List page, click the resource you want to delete. 3. Go to the Transit Gateway Details page.
On the Transit Gateway Details page, click the Connected VPC Management tab. 4. Navigate to the Connected VPC Management tab page.
On the Connected VPC Management tab page, click the Delete button for the item you want to delete. 5. A notification confirmation window appears.
In the alert dialog, click the Confirm button. 6. Verify whether the selected resource has been deleted from the VPC connection list.

Managing Transit Gateway rules

You can add or delete rules in the Transit Gateway.

Add rule

Caution

You can add rules only when the Transit Gateway service status is Active.
If the destination IP is entered incorrectly in the routing configuration, communication failures may occur. * Please double-check the destination IP information before creating the rule.

Reference

Transit Gateway must complete both routing rule registration and firewall rule registration to operate correctly.

Register routing rule
- Rule 1: Register VPC - Transit Gateway rule
- Rule 2: VPC - Uplink rule registration (when connecting Uplink line)
Register firewall rule
- Add a Transit Gateway firewall and add the firewall purpose (e.g., TGW Uplink, TGW BM VPC, etc.).
  Next, select the firewall from the firewall product list and register the rule. (When adding a firewall purpose, default set to All/deny)

To add a rule to the Transit Gateway, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Transit Gateway menu. 2. Go to the Transit Gateway List page.
Transit Gateway List page, click the resource you want to delete. 3. Transit Gateway Details Navigate to the page.
On the Transit Gateway Details page, click the Rules tab. 4. Go to the Rules tab page.
On the Rule tab page, click the Add Rule button. 5. The rule addition window appears.

In the rule addition window, enter the origin and destination, and click the Confirm button. 6. A notification confirmation dialog appears.

Category	Detailed description
Rule type	Select type for adding Transit Gateway rule Select from VPC-TGW rule, TGW-Uplink rule
Connected VPC name	Select the connected VPC when choosing a VPC‑TGW rule
origin	When selecting a VPC‑TGW rule, the destination is automatically selected when configured.
Destination	Select rule destination When selecting a VPC‑TGW rule, set to either VPC or TGW When selecting a TGW‑Uplink rule, set to either TGW or remote Cannot register if it duplicates an existing rule; can input up to the x.x.x.x/28 range
Destination IP range	Enter the destination IP range to use

Table. Rule addition input items

Caution

VPC-TGW rule When entering, check the following items.
- When the destination is a VPC.
  - It can be entered within the VPC IP range.
  - It should be entered the same as the subnet range.
  - 0.0.0.0/0 cannot be used as the destination IP range.
- When the destination is a Transit Gateway.
  - Some IP ranges are reserved for management and cannot be used.
  - The VPC IP address range cannot be entered.
  - The destination IP range 0.0.0.0/0 can be entered only when the VPC’s Internet Gateway is not attached.
TGW-Uplink Rule When entering, check the following items.
- When the destination is a Transit Gateway.
  - You can enter values within the VPC IP address range connected to the Transit Gateway.
  - 0.0.0.0/0 cannot be used as the destination IP range.
- When the destination is remote
  - You cannot enter the VPC IP address range connected to the Transit Gateway.
  - The destination IP range 0.0.0.0/0 can be entered only when the Transit Gateway does not have an Internet Gateway attached.
  - D, E class IP ranges cannot be entered.

In the alert dialog, click the Confirm button. 7. Check whether a resource entry has been added in the rule list.

Delete rule

Caution

You can delete the rule only when the Transit Gateway service status is Active.
If the rule status is Creating or Deleting, the rule cannot be deleted.

To delete a Transit Gateway rule, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Transit Gateway menu. 2. Navigate to the Transit Gateway List page.
On the Transit Gateway List page, click the resource you want to delete. 3. Go to the Transit Gateway Details page.
On the Transit Gateway Details page, click the Rules tab. 4. Navigate to the Rules tab page.
On the Rules tab page, click the Delete button of the item you want to delete. 5. A notification confirmation window appears.
In the alert dialog, click the Confirm button. 6. Verify that the selected resource has been deleted from the rule list.

Managing Firewall Connections

You can attach or detach a firewall for use with the Transit Gateway.

Connect to Firewall

To add a Firewall connection to the Transit Gateway, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Transit Gateway menu. 2. Go to the Transit Gateway List page.
Transit Gateway List page, click the resource to which you will connect the Firewall. 3. Go to the Transit Gateway Details page.
On the Transit Gateway Details page, click the Details tab. 4. Go to the Detailed Information tab page.
On the Detailed Information tab page, click the Connect Firewall button. 5. A firewall connection confirmation window appears.
In the Firewall connection confirmation window, click the Confirm button. 6. Check the connection status in the Firewall connection status item.

Add Firewall

After the Firwall connection is completed, you can add a Firewall.

To add a Firewall to a Transit Gateway, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Transit Gateway menu. 2. Go to the Transit Gateway List page.
Transit Gateway List page, click the resource where you want to add a Firewall. 3. Navigate to the Transit Gateway Details page.
On the Transit Gateway Details page, click the Detailed Information tab. 4. Go to the Detailed Information tab page.
On the Detailed Information tab page, click the Add button in the Firewall list. 5. The Firewall addition window appears.
In the Firewall add dialog, select the purpose and click the Confirm button. 6. Check whether a resource item has been added to the Firewall list.

Delete Firewall

You can delete the firewall after the firewall connection is completed.

To delete a firewall from a Transit Gateway, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Transit Gateway menu. 2. Go to the Transit Gateway List page.
On the Transit Gateway List page, click the resource to delete the firewall. 3. Go to the Transit Gateway Details page.
On the Transit Gateway Details page, click the Details tab. 4. Go to the Detailed Information tab page.
Click the Delete button on the Detailed Information tab page of the Firewall list. 5. A notification confirmation window appears.
In the alert dialog, click the Confirm button. 6. Check whether the resource entry has been removed from the Firewall list.

Disconnect Firewall

You can disconnect unused Firewall connections.

Caution

You can only disconnect when the Firewall service status is Active or Error.

To detach the firewall from the Transit Gateway, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Transit Gateway menu. 2. Go to the Transit Gateway List page.
Transit Gateway list page, click the resource to detach the Firewall connection. 3. Navigate to the Transit Gateway Details page.
On the Transit Gateway Details page, click the Details tab. 4. Navigate to the Detailed Information tab page.
On the Detailed Information tab page, click the Disconnect Firewall button. 5. A notification confirmation window appears.
In the alert dialog, click the Confirm button. 6. Check the disconnected status in the Firewall connection status item.

Terminate Transit Gateway

You can terminate unused Transit Gateways to reduce operating costs.

Caution

You cannot terminate the service if the uplink connected to the Transit Gateway is in use or if a firewall is connected. * After completing the termination request for the connected resource, cancel the service.
If VPC resources or rules are attached to the Transit Gateway, the service cannot be terminated. * Delete all linked resources and rules, then terminate the service.
If the Transit Gateway service status is Creating or Deleting, the service cannot be terminated.

To terminate the Transit Gateway, follow these steps.

All Services > Networking > VPC Click the menu. 1. Navigate to the VPC’s Service Home page.
On the Service Home page, click the Transit Gateway menu. 2. Go to the Transit Gateway List page.
On the Transit Gateway List page, click the resource you want to delete. 3. Go to the Transit Gateway Details page.
On the Transit Gateway Detail page, click the Transit Gateway Delete button.
After termination is complete, check whether the resource has been deleted from the Transit Gateway list.

Preliminary service

This is a service that must be installed in advance before creating this service. Please prepare by referring to the user guide provided in advance.

Service Category	service	Detailed description
Networking	VPC	It is a service that provides an isolated virtual network in a cloud environment.

Table. Transit Gateway prerequisite service

2.10 - PrivateLink Service

Users can create the service by entering the required information for the PrivateLink Service and selecting detailed options through the Samsung Cloud Platform Console.

Creating a PrivateLink Service

You can create and use a PrivateLink Service in the Samsung Cloud Platform Console.

To create a PrivateLink Service, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.

On the Service Home page, click the PrivateLink Service Create button. You will be taken to the PrivateLink Service Create page.

Enter or select the required information in the Service Information Input area.

Category	Required status	Detailed description
PrivateLink Service name	Required	Enter the PrivateLink service name
Approval method	Required	Select approval method for PrivateLink Service input Automatic: Automatically approve when a PrivateLink Service connection request is received Manual: Manually approve after verification when a PrivateLink Service connection request is received The approval method cannot be changed after creation
High-speed data transfer	Selection	The default setting is disabled and not displayed in the Samsung Cloud Platform Console To use high-speed data transfer, submit a service usage request via Support Center > Contact, and once processing is complete, it can be selected on the screen
VPC name	Required	Select the VPC to connect Click + New to create a VPC and then select it
Subnet name	Required	Select the Subnet of the VPC to connect Click + New to create a Subnet and then select it
PrivateLink Service IP	Required	Select the Subnet to connect and enter the PrivateLink Service IP IP addresses already in use within the Subnet cannot be entered; the first and last IPs of the Subnet IP range cannot be used
Connection resource	Required	Select resources to connect to the chosen VPC Load Balancer: Select the Load Balancer to connect (cannot select LB when using a Local subnet) IP: Enter the Compute resource IP of the selected VPC
Security Group	Select	Click the Select button to choose the Security Group to connect Select up to 5 If you do not select a Security Group, all connections will be blocked
explanation	Select	Enter description for PrivateLink Service

Table. PrivateLink Service service information input items

In the Additional Information Input area, enter or select the required information.
Category
Required status
Detailed description
tag Select Add Tag
Up to 50 per resource can be added
Add Tag button after clicking, input or select Key, Value values
Table. PrivateLink Service additional information input fields

Summary Check the detailed information and estimated billing amount generated in the panel, and click the Create button.
- When creation is complete, check the created resource on the PrivateLink Service list page.

Reference

PrivateLink product is a service that provides an unidirectional private path (a type of tunnel). The PrivateLink product is used by creating a PrivateLink Service (exit) in the service provider account, creating a PrivateLink Endpoint (entry) in the user account, and then connecting to the PrivateLink Service.

The connection requirements for the PrivateLink product are as follows.

When creating a PrivateLink Endpoint, you can connect only to the single specified PrivateLink Service per endpoint. (Only one pair of ingress and egress exists)
Cannot attempt to establish a session to the PrivateLink Endpoint via the PrivateLink Service. (unidirectional)
In the provider account, when creating a PrivateLink Service, a connection to a single IP is provided by selecting a single LB or by manual entry.
In a user account, any client that the user account has permitted to access the PrivateLink Endpoint can use the PrivateLink Endpoint.
- It can be used in both General and Local Subnet.

View PrivateLink Service details

The PrivateLink Service allows you to view and edit the full list of resources and detailed information. PrivateLink Service Details page consists of Details, Connection Management, Tags, Activity Log tabs.

To view detailed information about the PrivateLink Service, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
From the Service Home page, click the PrivateLink Service menu. You will be taken to the PrivateLink Service list page.

On the PrivateLink Service List page, click the resource for which you want to view details. You will be taken to the PrivateLink Service Details page.

PrivateLink Service Details page displays status information and additional feature information, and consists of Details, Connection Management, Tags, Activity Log tabs.

Category

Detailed description

status

PrivateLink Service status

Active: Running

Creating: In progress

Deleting: In progress

Error: Error occurred

Delete PrivateLink Service

Button to delete PrivateLink Service resources

Table. PrivateLink Service status information and additional features

Detailed Information

On the PrivateLink Service List page, you can view detailed information of the selected resource and edit the information if needed.

Category	Detailed description
Service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform
Resource Name	PrivateLink Service resource name
Resource ID	Unique resource ID in the service
constructor	User who created the PrivateLink Service
Creation date and time	PrivateLink Service creation timestamp
Editor	User who modified the PrivateLink Service information
Modification date and time	Date and time the PrivateLink Service information was modified
PrivateLink Service name	PrivateLink Service resource name
PrivateLink Service ID	PrivateLink Service ID information
connected resource	Connected resources of PrivateLink Service Click the resource name to go to the detail page
PrivateLink Service IP	PrivateLink Service IP address
VPC name	Connected VPC Information Click the VPC name to go to the detail page
Subnet name	Connected Subnet information Click the Subnet name to go to the detail page
Port name	Port information of PrivateLink Service Click the port name to navigate to the detail page
Security Group	Configured Security Group information Click the Security Group name to go to the detail page
Approval method	Approval method for the configured PrivateLink Service
High-speed data transmission	Whether to use high-speed data transfer for the configured PrivateLink Service
Explanation	Description of the PrivateLink Service Edit icon can be clicked to modify the description

Table. PrivateLink Service detailed information tab items

Connection Management

On the PrivateLink Service List page, you can view the connection information of the selected resource. You can review connection requests and approve or reject them.

Category

Detailed description

PrivateLink Service List

PrivateLink Service connection list

View connection information and status, and manage connections

Approve: Approve the connection request

Reject: Reject the connection request

Block: Block the connected PrivateLink Endpoint

Reconnect: Reconnect a blocked PrivateLink Endpoint

If the connection status is Rejected or Error, actions such as approve/reject cannot be performed

Table. PrivateLink Service connection management tab items

Job History

PrivateLink Service List page allows you to view the operation history of the selected resource.

Category	Detailed description
Task History List	Resource Change History Check operation date and time, resource name, operation details, operation result, and operator information

Table. PrivateLink Service operation history tab detailed information items

Terminate PrivateLink Service

You can cancel unused PrivateLink Service to reduce operating costs.

Caution

If the Private Endpoint connected to the PrivateLink Service is in the Active, Requesting, Creating, Deleting, or Error state, the service cannot be terminated.
After configuring the Private Endpoint to block or reject connections, delete the PrivateLink Service.

To cancel the PrivateLink Service, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
From the Service Home page, click the PrivateLink Service menu. You will be taken to the PrivateLink Service List page.
On the PrivateLink Service List page, click the resource to delete. Go to the PrivateLink Service Details page.
On the PrivateLink Service Details page, click the Delete PrivateLink Service button.
When the termination is complete, check that the resource has been deleted from the PrivateLink Service list.

Preliminary Service

This is a service that must be installed in advance before creating this service. Please refer to the provided user guide and prepare accordingly.

Service Category	Service	Detailed description
Networking	VPC	It is a service that provides an isolated virtual network in a cloud environment.
Networking	Load Balancer	It is a service that distributes server traffic load in a cloud environment.

Table. PrivateLink Service prerequisite service

2.11 - PrivateLink Endpoint

Users can create the service by entering the required information for the PrivateLink Endpoint service and selecting detailed options through the Samsung Cloud Platform Console.

Creating a PrivateLink Endpoint

You can create and use a PrivateLink Endpoint service from the Samsung Cloud Platform Console.

To create a PrivateLink Endpoint, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.

On the Service Home page, click the Create PrivateLink Endpoint button. You will be taken to the Create PrivateLink Endpoint page.

Enter or select the required information in the Service Information Input area.

Category	Required	Detailed description
PrivateLink Endpoint name	Required	Enter the PrivateLink Endpoint name
VPC name	Required	Select VPC to connect Click + Create new to create a VPC and then select it
Subnet name	Required	Select the Subnet of the VPC to connect Click + New to create a Subnet and then select it
PrivateLink Endpoint IP	Required	Select the Subnet to connect, then enter the PrivateLink Endpoint IP IP addresses currently in use within the Subnet cannot be entered, and the first and last IPs of the Subnet IP range cannot be used
PrivateLink Endpoint ID	Required	Enter the PrivateLink Service ID to connect Enter using letters and numbers, within 3 to 60 characters Before applying for the service, you need to verify the Service ID of the PrivateLink Service to connect; after creating the Endpoint, you must provide the Endpoint ID to the service provider
Security Group	Select	Click the Select button to choose the Security Group to connect Select up to 5 If no Security Group is selected, all connections are blocked
description	Select	Enter description for PrivateLink Endpoint

Table. PrivateLink Endpoint service information input fields

Enter or select the required information in the Additional Information Input area.
Category
Required
Detailed description
tag Selection Add Tag
Up to 50 per resource can be added
After clicking the Add Tag button, enter or select Key and Value values
Table. PrivateLink Endpoint additional information input fields

Summary Check the detailed information and estimated billing amount generated in the panel, and click the Create button.
- Once creation is complete, check the created resource on the PrivateLink Endpoint List page.

Reference

To request a connection to a service provider via PrivateLink, you must go through an approval process.
When applying for a service connection, you must verify the PrivateLink Service ID of the target in advance.
- Before applying for the service, an agreement on usage with the service provider must be completed.
After the user creates a PrivateLink Endpoint, they must provide the Endpoint ID to the service provider. The service provider can verify the user’s Endpoint ID and promptly approve its use.

Check PrivateLink Endpoint details

PrivateLink Endpoint service allows you to view and edit the full list of resources and detailed information. PrivateLink Endpoint Details page consists of Details, Tags, Activity Log tabs.

To view detailed information about the PrivateLink Endpoint, follow these steps.

Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
Click the PrivateLink Endpoint menu on the Service Home page. You will be taken to the PrivateLink Endpoint List page.

On the PrivateLink Endpoint List page, click the resource to view detailed information. You will be taken to the PrivateLink Endpoint Details page.

PrivateLink Endpoint Details page displays status information and additional feature information, and consists of Details, Connection Management, Tags, Activity Log tabs.

Category

Detailed description

status

PrivateLink Endpoint status

Requesting: connection request/awaiting approval, Cancel request button displayed

Active: creation completed, operating

Creating: in progress

Deleting: in progress

Disconnected: connection blocked

Rejected: connection denied, Request approval again button displayed

Error: error occurred

Canceled: connection request canceled, Request approval again button displayed

Delete PrivateLink Endpoint

Button to delete PrivateLink Endpoint resource

Table. PrivateLink Endpoint status information and additional features

Detailed Information

On the PrivateLink Endpoint List page, you can view detailed information of the selected resource and edit the information if needed.

Category	Detailed description
Service	Service name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform
Resource Name	PrivateLink Endpoint resource name
Resource ID	Unique resource ID in the service
constructor	User who created the PrivateLink Endpoint
Creation date and time	PrivateLink Endpoint creation timestamp
Editor	User who modified the PrivateLink Endpoint information
Modification date and time	Date and time the PrivateLink Endpoint information was modified
PrivateLink Endpoint name	PrivateLink Endpoint resource name
PrivateLink Endpoint ID	PrivateLink Endpoint ID information
PrivateLink Service ID	Connected PrivateLink Service ID information
PrivateLink Endpoint IP	PrivateLink Endpoint IP address
VPC name	Information about the connected VPC
Subnet name	Connected Subnet information
Port name	Port information of the PrivateLink Endpoint Click the port name to view detailed information
Security Group	Configured Security Group information Click the Security Group name to view detailed information
Explanation	Description of PrivateLink Endpoint Edit icon can be clicked to modify the description

Table. PrivateLink Endpoint detailed information tab items

Job History

On the PrivateLink Endpoint List page, you can view the operation history of the selected resource.

Category	Detailed description
Task History List	Resource Change History Check operation date and time, resource name, operation details, operation result, and operator information

Table. PrivateLink Endpoint operation history tab detailed information items

Terminate PrivateLink Endpoint

You can terminate unused PrivateLink Endpoints to reduce operating costs.

Caution

If the PrivateLink Endpoint service status is Requesting, Creating, or Deleting, the service cannot be terminated.

To terminate a PrivateLink Endpoint, follow these steps.

All Services > Networking > VPC Click the menu. Go to the VPC’s Service Home page.
Click the PrivateLink Endpoint menu on the Service Home page. You will be taken to the PrivateLink Endpoint List page.
On the PrivateLink Endpoint List page, click the resource you want to delete. Go to the PrivateLink Endpoint Details page.
On the PrivateLink Endpoint Details page, click the PrivateLink Endpoint Delete button.
After termination is complete, check whether the resource has been deleted from the PrivateLink Endpoint list.

Pre-service

This service must be installed in advance before creating it. Please refer to the provided user guide and prepare accordingly.

Service Category	Service	Detailed description
Networking	VPC	It is a service that provides an isolated virtual network in a cloud environment.

Table. PrivateLink Endpoint prerequisite service

2.12 - NAT Logging

To store NAT logs, first create a bucket in Object Storage for the logs and configure that bucket in the NAT Logging repository. Then, when you enable log storage in the NAT detail view, NAT logs will begin to be saved to the Object Storage bucket.

To store NAT logs, you need to configure the following steps in order.

To store NAT logs, you can create a bucket in Object Storage or use an existing bucket. To create a bucket, refer to Object Storage 생성하기.
To set the bucket for NAT Logging’s log repository, refer to NAT Logging 로그 저장소 사용하기.
To set the log storage option to Enabled in the NAT detailed view, refer to Using NAT Log Storage.

Using NAT Logging Log Repository

To set NAT log storage to enabled, you must first configure the log repository in NAT Logging.

Reference

To set up the NAT Logging log repository, you need an Object Storage bucket for log storage. Please create a bucket in the Object Storage service first. For detailed information, refer to Create Object Storage.

Click the All Services > Management > Network Logging > NAT Logging menu. You will be taken to the NAT Logging List page.
NAT Logging List page, click the top Log Storage Settings button. You will be taken to the Log Storage Settings popup.
Log storage settings In the popup window, select the log storage bucket. When you select a bucket, the log storage path is displayed.
Log storage settings In the popup window, after checking Log storage bucket and Log storage path, click the Confirm button.
Notification After reviewing the message in the popup window, click the Confirm button.

Information

After configuring the NAT Logging log repository, you must set the log storage option to Enabled in the NAT detail view for logging to begin. For more details, refer to Using NAT Log Storage.

NAT Logging list

If you configure the NAT Logging log storage bucket, the NAT Logging list will be displayed.

Click the All Services > Management > Network Logging > NAT Logging menu. You will be taken to the NAT Logging List page.
Category
required
Detailed description
Resource ID Required NAT resource ID
Save target Required NAT resource name
Save registration date and time Required NAT log repository registration timestamp
Table. NAT Logging list items

Reference

After configuring the NAT Logging log repository, you must set the log storage option to Enabled in the NAT detail view for logging to begin. For more details, see Using NAT Log Storage.

Check NAT Logging content

Refer to the information below to check the saved Log.

Stored log example: 2024-10-11T11:19:03,accept,259,17,192.168.2.173,46937,192.168.0.53,53,100.100.14.52,26937

Category	Explanation
2024-10-11T11:19:03	Log date and time (2024-10-11, 11:19:03)
accept	Action (deny / accept)
259	Firewall Rule ID (Policy ID) that generated the log
17	IP Protocol ID 1: ICMP 6: TCP 17: UDP
192.168.2.173	Source IP
46937	Departure Port
192.168.0.53	Destination IP
53	Destination Port
100.100.14.52	NAT-translated IP
26937	NAT-translated Port

NAT Logging Do not use log storage

In NAT Logging, you can set the log repository to be unused.

All Services > Management > Network Logging > NAT Logging Click the menu. You will be taken to the NAT Logging List page.
On the NAT Logging List page, click the top Log Storage Settings button. It will open the Log Storage Settings popup.
In the Log storage settings popup, select Log storage bucket as Not used, and click the Confirm button.

Reference

Log storage settings can be changed when no log storage target is configured. You can change the log storage bucket by selecting it as unused, confirming, and then reconfiguring it.

3 - API Reference

API Reference

4 - CLI Reference

CLI Reference

5 - Release Note

VPC

2026.03.19

FEATURE Add new VPC feature

Provide VPC IP range addition feature
- You can add a new IP range to the VPC for use.
Provides Virtual IP functionality
- You can reserve a Virtual IP in a Subnet for use.
Private NAT feature improvement
- You can also use Private NAT with Transit Gateway.

2025.10.23

FEATURE Add PrivateLink feature

You can connect internal Samsung Cloud Platform data to the SCP service via a private path between the VPC and the SCP service without exposing it to the internet.

2025.07.01

FEATURE Add new services besides Transit Gateway

Add Transit Gateway feature
- Easily connect the customer’s network with the Samsung Cloud Platform network and serve as a connection hub for multiple VPCs within the cloud environment.
Add VPC Peering feature
- You can perform IP communication over a 1:1 private route between VPCs.
Add Private NAT feature
- You can use Direct Connect from compute resources within the VPC to map the customer’s IP and establish a connection.

2025.02.27

FEATURE VPC Endpoint service addition

Add VPC functionality
- Provides an Endpoint (entry point) that allows access to the Samsung Cloud Platform via a private connection from external networks connected to the VPC.
Samsung Cloud Platform Common Feature Changes
- Account, IAM, Service Home, tags, and other common CX changes have been reflected.

2024.12.23

FEATURE Add NAT log storage feature

A feature to save NAT logs has been added.
You can determine whether to retain NAT logs and store them in Object Storage.

2024.10.01

NEW Official release of VPC service

The VPC service that provides an isolated virtual network space has been launched.

2024.07.02

NEW Beta version release

The VPC service that provides an isolated virtual network space has been launched.

Category	required	Detailed description
Resource ID	Required	NAT resource ID
Save target	Required	NAT resource name
Save registration date and time	Required	NAT log repository registration timestamp