NAT processing on the downlinks is usually avoided, however the exception to this is that when any DNAT rule is configured on the logical route. The DNAT has to be processed on the incoming direction, i.e. coming from outside to into the logical router, even when it is downlink. The code checks to see that if there is any DNAT rule configured on that logical router, it will enforce NAT (SNAT or DNAT) on the downlink.
As a result, any generic SNAT rule that is configured on the logical_router scope will get applied.
But if this SNAT rule is applied on an interface level, then the SNAT rule will be applied only on that specified interface.
However, if you configure NAT rules from vCloud Director, you won't be able to select a specific interface and the only option available is to apply rule on logical router rather than specific interface.