com.pulumi.gcp.compute.kotlin.GlobalForwardingRule.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.compute.kotlin
import com.pulumi.core.Output
import com.pulumi.gcp.compute.kotlin.outputs.GlobalForwardingRuleMetadataFilter
import com.pulumi.gcp.compute.kotlin.outputs.GlobalForwardingRuleServiceDirectoryRegistrations
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.collections.Map
import com.pulumi.gcp.compute.kotlin.outputs.GlobalForwardingRuleMetadataFilter.Companion.toKotlin as globalForwardingRuleMetadataFilterToKotlin
import com.pulumi.gcp.compute.kotlin.outputs.GlobalForwardingRuleServiceDirectoryRegistrations.Companion.toKotlin as globalForwardingRuleServiceDirectoryRegistrationsToKotlin
/**
* Builder for [GlobalForwardingRule].
*/
@PulumiTagMarker
public class GlobalForwardingRuleResourceBuilder internal constructor() {
public var name: String? = null
public var args: GlobalForwardingRuleArgs = GlobalForwardingRuleArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend GlobalForwardingRuleArgsBuilder.() -> Unit) {
val builder = GlobalForwardingRuleArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): GlobalForwardingRule {
val builtJavaResource = com.pulumi.gcp.compute.GlobalForwardingRule(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return GlobalForwardingRule(builtJavaResource)
}
}
/**
* Represents a GlobalForwardingRule resource. Global forwarding rules are
* used to forward traffic to the correct load balancer for HTTP load
* balancing. Global forwarding rules can only be used for HTTP load
* balancing.
* For more information, see
* https://cloud.google.com/compute/docs/load-balancing/http/
* ## Example Usage
* ### External Ssl Proxy Lb Mig Backend
*
* ```yaml
* resources:
* # External SSL proxy load balancer with managed instance group backend
* # VPC
* default:
* type: gcp:compute:Network
* properties:
* name: ssl-proxy-xlb-network
* autoCreateSubnetworks: false
* # backend subnet
* defaultSubnetwork:
* type: gcp:compute:Subnetwork
* name: default
* properties:
* name: ssl-proxy-xlb-subnet
* ipCidrRange: 10.0.1.0/24
* region: us-central1
* network: ${default.id}
* # reserved IP address
* defaultGlobalAddress:
* type: gcp:compute:GlobalAddress
* name: default
* properties:
* name: ssl-proxy-xlb-ip
* # Self-signed regional SSL certificate for testing
* defaultPrivateKey:
* type: tls:PrivateKey
* name: default
* properties:
* algorithm: RSA
* rsaBits: 2048
* defaultSelfSignedCert:
* type: tls:SelfSignedCert
* name: default
* properties:
* keyAlgorithm: ${defaultPrivateKey.algorithm}
* privateKeyPem: ${defaultPrivateKey.privateKeyPem}
* validityPeriodHours: 12 # Generate a new certificate if Terraform is run within three
* # # hours of the certificate's expiration time.
* earlyRenewalHours: 3 # Reasonable set of uses for a server SSL certificate.
* allowedUses:
* - key_encipherment
* - digital_signature
* - server_auth
* dnsNames:
* - example.com
* subject:
* commonName: example.com
* organization: ACME Examples, Inc
* defaultSSLCertificate:
* type: gcp:compute:SSLCertificate
* name: default
* properties:
* name: default-cert
* privateKey: ${defaultPrivateKey.privateKeyPem}
* certificate: ${defaultSelfSignedCert.certPem}
* defaultTargetSSLProxy:
* type: gcp:compute:TargetSSLProxy
* name: default
* properties:
* name: test-proxy
* backendService: ${defaultBackendService.id}
* sslCertificates:
* - ${defaultSSLCertificate.id}
* # forwarding rule
* defaultGlobalForwardingRule:
* type: gcp:compute:GlobalForwardingRule
* name: default
* properties:
* name: ssl-proxy-xlb-forwarding-rule
* ipProtocol: TCP
* loadBalancingScheme: EXTERNAL
* portRange: '443'
* target: ${defaultTargetSSLProxy.id}
* ipAddress: ${defaultGlobalAddress.id}
* # backend service
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: ssl-proxy-xlb-backend-service
* protocol: SSL
* portName: tcp
* loadBalancingScheme: EXTERNAL
* timeoutSec: 10
* healthChecks: ${defaultHealthCheck.id}
* backends:
* - group: ${defaultInstanceGroupManager.instanceGroup}
* balancingMode: UTILIZATION
* maxUtilization: 1
* capacityScaler: 1
* defaultHealthCheck:
* type: gcp:compute:HealthCheck
* name: default
* properties:
* name: ssl-proxy-health-check
* timeoutSec: 1
* checkIntervalSec: 1
* tcpHealthCheck:
* port: '443'
* # instance template
* defaultInstanceTemplate:
* type: gcp:compute:InstanceTemplate
* name: default
* properties:
* networkInterfaces:
* - accessConfigs:
* - {}
* network: ${default.id}
* subnetwork: ${defaultSubnetwork.id}
* name: ssl-proxy-xlb-mig-template
* machineType: e2-small
* tags:
* - allow-health-check
* disks:
* - sourceImage: debian-cloud/debian-10
* autoDelete: true
* boot: true
* metadata:
* startup-script: |
* #! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* sudo apt-get update
* sudo apt-get install -y apache2 jq
* sudo a2ensite default-ssl
* sudo a2enmod ssl
* sudo service apache2 restart
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
* SSL Load Balancer
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* # MIG
* defaultInstanceGroupManager:
* type: gcp:compute:InstanceGroupManager
* name: default
* properties:
* name: ssl-proxy-xlb-mig1
* zone: us-central1-c
* namedPorts:
* - name: tcp
* port: 443
* versions:
* - instanceTemplate: ${defaultInstanceTemplate.id}
* name: primary
* baseInstanceName: vm
* targetSize: 2
* # allow access from health check ranges
* defaultFirewall:
* type: gcp:compute:Firewall
* name: default
* properties:
* name: ssl-proxy-xlb-fw-allow-hc
* direction: INGRESS
* network: ${default.id}
* sourceRanges:
* - 130.211.0.0/22
* - 35.191.0.0/16
* allows:
* - protocol: tcp
* targetTags:
* - allow-health-check
* ```
*
* ### External Tcp Proxy Lb Mig Backend
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* // External TCP proxy load balancer with managed instance group backend
* // VPC
* const _default = new gcp.compute.Network("default", {
* name: "tcp-proxy-xlb-network",
* autoCreateSubnetworks: false,
* });
* // backend subnet
* const defaultSubnetwork = new gcp.compute.Subnetwork("default", {
* name: "tcp-proxy-xlb-subnet",
* ipCidrRange: "10.0.1.0/24",
* region: "us-central1",
* network: _default.id,
* });
* // reserved IP address
* const defaultGlobalAddress = new gcp.compute.GlobalAddress("default", {name: "tcp-proxy-xlb-ip"});
* const defaultHealthCheck = new gcp.compute.HealthCheck("default", {
* name: "tcp-proxy-health-check",
* timeoutSec: 1,
* checkIntervalSec: 1,
* tcpHealthCheck: {
* port: 80,
* },
* });
* // instance template
* const defaultInstanceTemplate = new gcp.compute.InstanceTemplate("default", {
* networkInterfaces: [{
* accessConfigs: [{}],
* network: _default.id,
* subnetwork: defaultSubnetwork.id,
* }],
* name: "tcp-proxy-xlb-mig-template",
* machineType: "e2-small",
* tags: ["allow-health-check"],
* disks: [{
* sourceImage: "debian-cloud/debian-10",
* autoDelete: true,
* boot: true,
* }],
* metadata: {
* "startup-script": `#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: NAME
* IP: IP
* Metadata: METADATA
*
* EOF
* `,
* },
* });
* // MIG
* const defaultInstanceGroupManager = new gcp.compute.InstanceGroupManager("default", {
* name: "tcp-proxy-xlb-mig1",
* zone: "us-central1-c",
* namedPorts: [{
* name: "tcp",
* port: 80,
* }],
* versions: [{
* instanceTemplate: defaultInstanceTemplate.id,
* name: "primary",
* }],
* baseInstanceName: "vm",
* targetSize: 2,
* });
* // backend service
* const defaultBackendService = new gcp.compute.BackendService("default", {
* name: "tcp-proxy-xlb-backend-service",
* protocol: "TCP",
* portName: "tcp",
* loadBalancingScheme: "EXTERNAL",
* timeoutSec: 10,
* healthChecks: defaultHealthCheck.id,
* backends: [{
* group: defaultInstanceGroupManager.instanceGroup,
* balancingMode: "UTILIZATION",
* maxUtilization: 1,
* capacityScaler: 1,
* }],
* });
* const defaultTargetTCPProxy = new gcp.compute.TargetTCPProxy("default", {
* name: "test-proxy-health-check",
* backendService: defaultBackendService.id,
* });
* // forwarding rule
* const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("default", {
* name: "tcp-proxy-xlb-forwarding-rule",
* ipProtocol: "TCP",
* loadBalancingScheme: "EXTERNAL",
* portRange: "110",
* target: defaultTargetTCPProxy.id,
* ipAddress: defaultGlobalAddress.id,
* });
* // allow access from health check ranges
* const defaultFirewall = new gcp.compute.Firewall("default", {
* name: "tcp-proxy-xlb-fw-allow-hc",
* direction: "INGRESS",
* network: _default.id,
* sourceRanges: [
* "130.211.0.0/22",
* "35.191.0.0/16",
* ],
* allows: [{
* protocol: "tcp",
* }],
* targetTags: ["allow-health-check"],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* # External TCP proxy load balancer with managed instance group backend
* # VPC
* default = gcp.compute.Network("default",
* name="tcp-proxy-xlb-network",
* auto_create_subnetworks=False)
* # backend subnet
* default_subnetwork = gcp.compute.Subnetwork("default",
* name="tcp-proxy-xlb-subnet",
* ip_cidr_range="10.0.1.0/24",
* region="us-central1",
* network=default.id)
* # reserved IP address
* default_global_address = gcp.compute.GlobalAddress("default", name="tcp-proxy-xlb-ip")
* default_health_check = gcp.compute.HealthCheck("default",
* name="tcp-proxy-health-check",
* timeout_sec=1,
* check_interval_sec=1,
* tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
* port=80,
* ))
* # instance template
* default_instance_template = gcp.compute.InstanceTemplate("default",
* network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
* access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
* network=default.id,
* subnetwork=default_subnetwork.id,
* )],
* name="tcp-proxy-xlb-mig-template",
* machine_type="e2-small",
* tags=["allow-health-check"],
* disks=[gcp.compute.InstanceTemplateDiskArgs(
* source_image="debian-cloud/debian-10",
* auto_delete=True,
* boot=True,
* )],
* metadata={
* "startup-script": """#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* """,
* })
* # MIG
* default_instance_group_manager = gcp.compute.InstanceGroupManager("default",
* name="tcp-proxy-xlb-mig1",
* zone="us-central1-c",
* named_ports=[gcp.compute.InstanceGroupManagerNamedPortArgs(
* name="tcp",
* port=80,
* )],
* versions=[gcp.compute.InstanceGroupManagerVersionArgs(
* instance_template=default_instance_template.id,
* name="primary",
* )],
* base_instance_name="vm",
* target_size=2)
* # backend service
* default_backend_service = gcp.compute.BackendService("default",
* name="tcp-proxy-xlb-backend-service",
* protocol="TCP",
* port_name="tcp",
* load_balancing_scheme="EXTERNAL",
* timeout_sec=10,
* health_checks=default_health_check.id,
* backends=[gcp.compute.BackendServiceBackendArgs(
* group=default_instance_group_manager.instance_group,
* balancing_mode="UTILIZATION",
* max_utilization=1,
* capacity_scaler=1,
* )])
* default_target_tcp_proxy = gcp.compute.TargetTCPProxy("default",
* name="test-proxy-health-check",
* backend_service=default_backend_service.id)
* # forwarding rule
* default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
* name="tcp-proxy-xlb-forwarding-rule",
* ip_protocol="TCP",
* load_balancing_scheme="EXTERNAL",
* port_range="110",
* target=default_target_tcp_proxy.id,
* ip_address=default_global_address.id)
* # allow access from health check ranges
* default_firewall = gcp.compute.Firewall("default",
* name="tcp-proxy-xlb-fw-allow-hc",
* direction="INGRESS",
* network=default.id,
* source_ranges=[
* "130.211.0.0/22",
* "35.191.0.0/16",
* ],
* allows=[gcp.compute.FirewallAllowArgs(
* protocol="tcp",
* )],
* target_tags=["allow-health-check"])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* // External TCP proxy load balancer with managed instance group backend
* // VPC
* var @default = new Gcp.Compute.Network("default", new()
* {
* Name = "tcp-proxy-xlb-network",
* AutoCreateSubnetworks = false,
* });
* // backend subnet
* var defaultSubnetwork = new Gcp.Compute.Subnetwork("default", new()
* {
* Name = "tcp-proxy-xlb-subnet",
* IpCidrRange = "10.0.1.0/24",
* Region = "us-central1",
* Network = @default.Id,
* });
* // reserved IP address
* var defaultGlobalAddress = new Gcp.Compute.GlobalAddress("default", new()
* {
* Name = "tcp-proxy-xlb-ip",
* });
* var defaultHealthCheck = new Gcp.Compute.HealthCheck("default", new()
* {
* Name = "tcp-proxy-health-check",
* TimeoutSec = 1,
* CheckIntervalSec = 1,
* TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
* {
* Port = 80,
* },
* });
* // instance template
* var defaultInstanceTemplate = new Gcp.Compute.InstanceTemplate("default", new()
* {
* NetworkInterfaces = new[]
* {
* new Gcp.Compute.Inputs.InstanceTemplateNetworkInterfaceArgs
* {
* AccessConfigs = new[]
* {
* null,
* },
* Network = @default.Id,
* Subnetwork = defaultSubnetwork.Id,
* },
* },
* Name = "tcp-proxy-xlb-mig-template",
* MachineType = "e2-small",
* Tags = new[]
* {
* "allow-health-check",
* },
* Disks = new[]
* {
* new Gcp.Compute.Inputs.InstanceTemplateDiskArgs
* {
* SourceImage = "debian-cloud/debian-10",
* AutoDelete = true,
* Boot = true,
* },
* },
* Metadata =
* {
* { "startup-script", @"#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/hostname"")
* IP=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip"")
* METADATA=$(curl -f -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True"" | jq 'del(.[""startup-script""])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* " },
* },
* });
* // MIG
* var defaultInstanceGroupManager = new Gcp.Compute.InstanceGroupManager("default", new()
* {
* Name = "tcp-proxy-xlb-mig1",
* Zone = "us-central1-c",
* NamedPorts = new[]
* {
* new Gcp.Compute.Inputs.InstanceGroupManagerNamedPortArgs
* {
* Name = "tcp",
* Port = 80,
* },
* },
* Versions = new[]
* {
* new Gcp.Compute.Inputs.InstanceGroupManagerVersionArgs
* {
* InstanceTemplate = defaultInstanceTemplate.Id,
* Name = "primary",
* },
* },
* BaseInstanceName = "vm",
* TargetSize = 2,
* });
* // backend service
* var defaultBackendService = new Gcp.Compute.BackendService("default", new()
* {
* Name = "tcp-proxy-xlb-backend-service",
* Protocol = "TCP",
* PortName = "tcp",
* LoadBalancingScheme = "EXTERNAL",
* TimeoutSec = 10,
* HealthChecks = defaultHealthCheck.Id,
* Backends = new[]
* {
* new Gcp.Compute.Inputs.BackendServiceBackendArgs
* {
* Group = defaultInstanceGroupManager.InstanceGroup,
* BalancingMode = "UTILIZATION",
* MaxUtilization = 1,
* CapacityScaler = 1,
* },
* },
* });
* var defaultTargetTCPProxy = new Gcp.Compute.TargetTCPProxy("default", new()
* {
* Name = "test-proxy-health-check",
* BackendService = defaultBackendService.Id,
* });
* // forwarding rule
* var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("default", new()
* {
* Name = "tcp-proxy-xlb-forwarding-rule",
* IpProtocol = "TCP",
* LoadBalancingScheme = "EXTERNAL",
* PortRange = "110",
* Target = defaultTargetTCPProxy.Id,
* IpAddress = defaultGlobalAddress.Id,
* });
* // allow access from health check ranges
* var defaultFirewall = new Gcp.Compute.Firewall("default", new()
* {
* Name = "tcp-proxy-xlb-fw-allow-hc",
* Direction = "INGRESS",
* Network = @default.Id,
* SourceRanges = new[]
* {
* "130.211.0.0/22",
* "35.191.0.0/16",
* },
* Allows = new[]
* {
* new Gcp.Compute.Inputs.FirewallAllowArgs
* {
* Protocol = "tcp",
* },
* },
* TargetTags = new[]
* {
* "allow-health-check",
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* // External TCP proxy load balancer with managed instance group backend
* // VPC
* _, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
* Name: pulumi.String("tcp-proxy-xlb-network"),
* AutoCreateSubnetworks: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* // backend subnet
* defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{
* Name: pulumi.String("tcp-proxy-xlb-subnet"),
* IpCidrRange: pulumi.String("10.0.1.0/24"),
* Region: pulumi.String("us-central1"),
* Network: _default.ID(),
* })
* if err != nil {
* return err
* }
* // reserved IP address
* defaultGlobalAddress, err := compute.NewGlobalAddress(ctx, "default", &compute.GlobalAddressArgs{
* Name: pulumi.String("tcp-proxy-xlb-ip"),
* })
* if err != nil {
* return err
* }
* defaultHealthCheck, err := compute.NewHealthCheck(ctx, "default", &compute.HealthCheckArgs{
* Name: pulumi.String("tcp-proxy-health-check"),
* TimeoutSec: pulumi.Int(1),
* CheckIntervalSec: pulumi.Int(1),
* TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
* Port: pulumi.Int(80),
* },
* })
* if err != nil {
* return err
* }
* // instance template
* defaultInstanceTemplate, err := compute.NewInstanceTemplate(ctx, "default", &compute.InstanceTemplateArgs{
* NetworkInterfaces: compute.InstanceTemplateNetworkInterfaceArray{
* &compute.InstanceTemplateNetworkInterfaceArgs{
* AccessConfigs: compute.InstanceTemplateNetworkInterfaceAccessConfigArray{
* nil,
* },
* Network: _default.ID(),
* Subnetwork: defaultSubnetwork.ID(),
* },
* },
* Name: pulumi.String("tcp-proxy-xlb-mig-template"),
* MachineType: pulumi.String("e2-small"),
* Tags: pulumi.StringArray{
* pulumi.String("allow-health-check"),
* },
* Disks: compute.InstanceTemplateDiskArray{
* &compute.InstanceTemplateDiskArgs{
* SourceImage: pulumi.String("debian-cloud/debian-10"),
* AutoDelete: pulumi.Bool(true),
* Boot: pulumi.Bool(true),
* },
* },
* Metadata: pulumi.Map{
* "startup-script": pulumi.Any(`#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* `),
* },
* })
* if err != nil {
* return err
* }
* // MIG
* defaultInstanceGroupManager, err := compute.NewInstanceGroupManager(ctx, "default", &compute.InstanceGroupManagerArgs{
* Name: pulumi.String("tcp-proxy-xlb-mig1"),
* Zone: pulumi.String("us-central1-c"),
* NamedPorts: compute.InstanceGroupManagerNamedPortArray{
* &compute.InstanceGroupManagerNamedPortArgs{
* Name: pulumi.String("tcp"),
* Port: pulumi.Int(80),
* },
* },
* Versions: compute.InstanceGroupManagerVersionArray{
* &compute.InstanceGroupManagerVersionArgs{
* InstanceTemplate: defaultInstanceTemplate.ID(),
* Name: pulumi.String("primary"),
* },
* },
* BaseInstanceName: pulumi.String("vm"),
* TargetSize: pulumi.Int(2),
* })
* if err != nil {
* return err
* }
* // backend service
* defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
* Name: pulumi.String("tcp-proxy-xlb-backend-service"),
* Protocol: pulumi.String("TCP"),
* PortName: pulumi.String("tcp"),
* LoadBalancingScheme: pulumi.String("EXTERNAL"),
* TimeoutSec: pulumi.Int(10),
* HealthChecks: defaultHealthCheck.ID(),
* Backends: compute.BackendServiceBackendArray{
* &compute.BackendServiceBackendArgs{
* Group: defaultInstanceGroupManager.InstanceGroup,
* BalancingMode: pulumi.String("UTILIZATION"),
* MaxUtilization: pulumi.Float64(1),
* CapacityScaler: pulumi.Float64(1),
* },
* },
* })
* if err != nil {
* return err
* }
* defaultTargetTCPProxy, err := compute.NewTargetTCPProxy(ctx, "default", &compute.TargetTCPProxyArgs{
* Name: pulumi.String("test-proxy-health-check"),
* BackendService: defaultBackendService.ID(),
* })
* if err != nil {
* return err
* }
* // forwarding rule
* _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{
* Name: pulumi.String("tcp-proxy-xlb-forwarding-rule"),
* IpProtocol: pulumi.String("TCP"),
* LoadBalancingScheme: pulumi.String("EXTERNAL"),
* PortRange: pulumi.String("110"),
* Target: defaultTargetTCPProxy.ID(),
* IpAddress: defaultGlobalAddress.ID(),
* })
* if err != nil {
* return err
* }
* // allow access from health check ranges
* _, err = compute.NewFirewall(ctx, "default", &compute.FirewallArgs{
* Name: pulumi.String("tcp-proxy-xlb-fw-allow-hc"),
* Direction: pulumi.String("INGRESS"),
* Network: _default.ID(),
* SourceRanges: pulumi.StringArray{
* pulumi.String("130.211.0.0/22"),
* pulumi.String("35.191.0.0/16"),
* },
* Allows: compute.FirewallAllowArray{
* &compute.FirewallAllowArgs{
* Protocol: pulumi.String("tcp"),
* },
* },
* TargetTags: pulumi.StringArray{
* pulumi.String("allow-health-check"),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.Network;
* import com.pulumi.gcp.compute.NetworkArgs;
* import com.pulumi.gcp.compute.Subnetwork;
* import com.pulumi.gcp.compute.SubnetworkArgs;
* import com.pulumi.gcp.compute.GlobalAddress;
* import com.pulumi.gcp.compute.GlobalAddressArgs;
* import com.pulumi.gcp.compute.HealthCheck;
* import com.pulumi.gcp.compute.HealthCheckArgs;
* import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
* import com.pulumi.gcp.compute.InstanceTemplate;
* import com.pulumi.gcp.compute.InstanceTemplateArgs;
* import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
* import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
* import com.pulumi.gcp.compute.InstanceGroupManager;
* import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
* import com.pulumi.gcp.compute.inputs.InstanceGroupManagerNamedPortArgs;
* import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
* import com.pulumi.gcp.compute.BackendService;
* import com.pulumi.gcp.compute.BackendServiceArgs;
* import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
* import com.pulumi.gcp.compute.TargetTCPProxy;
* import com.pulumi.gcp.compute.TargetTCPProxyArgs;
* import com.pulumi.gcp.compute.GlobalForwardingRule;
* import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
* import com.pulumi.gcp.compute.Firewall;
* import com.pulumi.gcp.compute.FirewallArgs;
* import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* // External TCP proxy load balancer with managed instance group backend
* // VPC
* var default_ = new Network("default", NetworkArgs.builder()
* .name("tcp-proxy-xlb-network")
* .autoCreateSubnetworks(false)
* .build());
* // backend subnet
* var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
* .name("tcp-proxy-xlb-subnet")
* .ipCidrRange("10.0.1.0/24")
* .region("us-central1")
* .network(default_.id())
* .build());
* // reserved IP address
* var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress", GlobalAddressArgs.builder()
* .name("tcp-proxy-xlb-ip")
* .build());
* var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()
* .name("tcp-proxy-health-check")
* .timeoutSec(1)
* .checkIntervalSec(1)
* .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
* .port("80")
* .build())
* .build());
* // instance template
* var defaultInstanceTemplate = new InstanceTemplate("defaultInstanceTemplate", InstanceTemplateArgs.builder()
* .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
* .accessConfigs()
* .network(default_.id())
* .subnetwork(defaultSubnetwork.id())
* .build())
* .name("tcp-proxy-xlb-mig-template")
* .machineType("e2-small")
* .tags("allow-health-check")
* .disks(InstanceTemplateDiskArgs.builder()
* .sourceImage("debian-cloud/debian-10")
* .autoDelete(true)
* .boot(true)
* .build())
* .metadata(Map.of("startup-script", """
* #! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* """))
* .build());
* // MIG
* var defaultInstanceGroupManager = new InstanceGroupManager("defaultInstanceGroupManager", InstanceGroupManagerArgs.builder()
* .name("tcp-proxy-xlb-mig1")
* .zone("us-central1-c")
* .namedPorts(InstanceGroupManagerNamedPortArgs.builder()
* .name("tcp")
* .port(80)
* .build())
* .versions(InstanceGroupManagerVersionArgs.builder()
* .instanceTemplate(defaultInstanceTemplate.id())
* .name("primary")
* .build())
* .baseInstanceName("vm")
* .targetSize(2)
* .build());
* // backend service
* var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
* .name("tcp-proxy-xlb-backend-service")
* .protocol("TCP")
* .portName("tcp")
* .loadBalancingScheme("EXTERNAL")
* .timeoutSec(10)
* .healthChecks(defaultHealthCheck.id())
* .backends(BackendServiceBackendArgs.builder()
* .group(defaultInstanceGroupManager.instanceGroup())
* .balancingMode("UTILIZATION")
* .maxUtilization(1)
* .capacityScaler(1)
* .build())
* .build());
* var defaultTargetTCPProxy = new TargetTCPProxy("defaultTargetTCPProxy", TargetTCPProxyArgs.builder()
* .name("test-proxy-health-check")
* .backendService(defaultBackendService.id())
* .build());
* // forwarding rule
* var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
* .name("tcp-proxy-xlb-forwarding-rule")
* .ipProtocol("TCP")
* .loadBalancingScheme("EXTERNAL")
* .portRange("110")
* .target(defaultTargetTCPProxy.id())
* .ipAddress(defaultGlobalAddress.id())
* .build());
* // allow access from health check ranges
* var defaultFirewall = new Firewall("defaultFirewall", FirewallArgs.builder()
* .name("tcp-proxy-xlb-fw-allow-hc")
* .direction("INGRESS")
* .network(default_.id())
* .sourceRanges(
* "130.211.0.0/22",
* "35.191.0.0/16")
* .allows(FirewallAllowArgs.builder()
* .protocol("tcp")
* .build())
* .targetTags("allow-health-check")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* # External TCP proxy load balancer with managed instance group backend
* # VPC
* default:
* type: gcp:compute:Network
* properties:
* name: tcp-proxy-xlb-network
* autoCreateSubnetworks: false
* # backend subnet
* defaultSubnetwork:
* type: gcp:compute:Subnetwork
* name: default
* properties:
* name: tcp-proxy-xlb-subnet
* ipCidrRange: 10.0.1.0/24
* region: us-central1
* network: ${default.id}
* # reserved IP address
* defaultGlobalAddress:
* type: gcp:compute:GlobalAddress
* name: default
* properties:
* name: tcp-proxy-xlb-ip
* # forwarding rule
* defaultGlobalForwardingRule:
* type: gcp:compute:GlobalForwardingRule
* name: default
* properties:
* name: tcp-proxy-xlb-forwarding-rule
* ipProtocol: TCP
* loadBalancingScheme: EXTERNAL
* portRange: '110'
* target: ${defaultTargetTCPProxy.id}
* ipAddress: ${defaultGlobalAddress.id}
* defaultTargetTCPProxy:
* type: gcp:compute:TargetTCPProxy
* name: default
* properties:
* name: test-proxy-health-check
* backendService: ${defaultBackendService.id}
* # backend service
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: tcp-proxy-xlb-backend-service
* protocol: TCP
* portName: tcp
* loadBalancingScheme: EXTERNAL
* timeoutSec: 10
* healthChecks: ${defaultHealthCheck.id}
* backends:
* - group: ${defaultInstanceGroupManager.instanceGroup}
* balancingMode: UTILIZATION
* maxUtilization: 1
* capacityScaler: 1
* defaultHealthCheck:
* type: gcp:compute:HealthCheck
* name: default
* properties:
* name: tcp-proxy-health-check
* timeoutSec: 1
* checkIntervalSec: 1
* tcpHealthCheck:
* port: '80'
* # instance template
* defaultInstanceTemplate:
* type: gcp:compute:InstanceTemplate
* name: default
* properties:
* networkInterfaces:
* - accessConfigs:
* - {}
* network: ${default.id}
* subnetwork: ${defaultSubnetwork.id}
* name: tcp-proxy-xlb-mig-template
* machineType: e2-small
* tags:
* - allow-health-check
* disks:
* - sourceImage: debian-cloud/debian-10
* autoDelete: true
* boot: true
* metadata:
* startup-script: |
* #! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* # MIG
* defaultInstanceGroupManager:
* type: gcp:compute:InstanceGroupManager
* name: default
* properties:
* name: tcp-proxy-xlb-mig1
* zone: us-central1-c
* namedPorts:
* - name: tcp
* port: 80
* versions:
* - instanceTemplate: ${defaultInstanceTemplate.id}
* name: primary
* baseInstanceName: vm
* targetSize: 2
* # allow access from health check ranges
* defaultFirewall:
* type: gcp:compute:Firewall
* name: default
* properties:
* name: tcp-proxy-xlb-fw-allow-hc
* direction: INGRESS
* network: ${default.id}
* sourceRanges:
* - 130.211.0.0/22
* - 35.191.0.0/16
* allows:
* - protocol: tcp
* targetTags:
* - allow-health-check
* ```
*
* ### External Http Lb Mig Backend Custom Header
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* // External HTTP load balancer with a CDN-enabled managed instance group backend
* // and custom request and response headers
* // VPC
* const _default = new gcp.compute.Network("default", {
* name: "l7-xlb-network",
* autoCreateSubnetworks: false,
* });
* // backend subnet
* const defaultSubnetwork = new gcp.compute.Subnetwork("default", {
* name: "l7-xlb-subnet",
* ipCidrRange: "10.0.1.0/24",
* region: "us-central1",
* network: _default.id,
* });
* // reserved IP address
* const defaultGlobalAddress = new gcp.compute.GlobalAddress("default", {name: "l7-xlb-static-ip"});
* // health check
* const defaultHealthCheck = new gcp.compute.HealthCheck("default", {
* name: "l7-xlb-hc",
* httpHealthCheck: {
* portSpecification: "USE_SERVING_PORT",
* },
* });
* // instance template
* const defaultInstanceTemplate = new gcp.compute.InstanceTemplate("default", {
* networkInterfaces: [{
* accessConfigs: [{}],
* network: _default.id,
* subnetwork: defaultSubnetwork.id,
* }],
* name: "l7-xlb-mig-template",
* machineType: "e2-small",
* tags: ["allow-health-check"],
* disks: [{
* sourceImage: "debian-cloud/debian-10",
* autoDelete: true,
* boot: true,
* }],
* metadata: {
* "startup-script": `#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: NAME
* IP: IP
* Metadata: METADATA
*
* EOF
* `,
* },
* });
* // MIG
* const defaultInstanceGroupManager = new gcp.compute.InstanceGroupManager("default", {
* name: "l7-xlb-mig1",
* zone: "us-central1-c",
* namedPorts: [{
* name: "http",
* port: 8080,
* }],
* versions: [{
* instanceTemplate: defaultInstanceTemplate.id,
* name: "primary",
* }],
* baseInstanceName: "vm",
* targetSize: 2,
* });
* // backend service with custom request and response headers
* const defaultBackendService = new gcp.compute.BackendService("default", {
* name: "l7-xlb-backend-service",
* protocol: "HTTP",
* portName: "my-port",
* loadBalancingScheme: "EXTERNAL",
* timeoutSec: 10,
* enableCdn: true,
* customRequestHeaders: ["X-Client-Geo-Location: {client_region_subdivision}, {client_city}"],
* customResponseHeaders: ["X-Cache-Hit: {cdn_cache_status}"],
* healthChecks: defaultHealthCheck.id,
* backends: [{
* group: defaultInstanceGroupManager.instanceGroup,
* balancingMode: "UTILIZATION",
* capacityScaler: 1,
* }],
* });
* // url map
* const defaultURLMap = new gcp.compute.URLMap("default", {
* name: "l7-xlb-url-map",
* defaultService: defaultBackendService.id,
* });
* // http proxy
* const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("default", {
* name: "l7-xlb-target-http-proxy",
* urlMap: defaultURLMap.id,
* });
* // forwarding rule
* const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("default", {
* name: "l7-xlb-forwarding-rule",
* ipProtocol: "TCP",
* loadBalancingScheme: "EXTERNAL",
* portRange: "80",
* target: defaultTargetHttpProxy.id,
* ipAddress: defaultGlobalAddress.id,
* });
* // allow access from health check ranges
* const defaultFirewall = new gcp.compute.Firewall("default", {
* name: "l7-xlb-fw-allow-hc",
* direction: "INGRESS",
* network: _default.id,
* sourceRanges: [
* "130.211.0.0/22",
* "35.191.0.0/16",
* ],
* allows: [{
* protocol: "tcp",
* }],
* targetTags: ["allow-health-check"],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* # External HTTP load balancer with a CDN-enabled managed instance group backend
* # and custom request and response headers
* # VPC
* default = gcp.compute.Network("default",
* name="l7-xlb-network",
* auto_create_subnetworks=False)
* # backend subnet
* default_subnetwork = gcp.compute.Subnetwork("default",
* name="l7-xlb-subnet",
* ip_cidr_range="10.0.1.0/24",
* region="us-central1",
* network=default.id)
* # reserved IP address
* default_global_address = gcp.compute.GlobalAddress("default", name="l7-xlb-static-ip")
* # health check
* default_health_check = gcp.compute.HealthCheck("default",
* name="l7-xlb-hc",
* http_health_check=gcp.compute.HealthCheckHttpHealthCheckArgs(
* port_specification="USE_SERVING_PORT",
* ))
* # instance template
* default_instance_template = gcp.compute.InstanceTemplate("default",
* network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
* access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
* network=default.id,
* subnetwork=default_subnetwork.id,
* )],
* name="l7-xlb-mig-template",
* machine_type="e2-small",
* tags=["allow-health-check"],
* disks=[gcp.compute.InstanceTemplateDiskArgs(
* source_image="debian-cloud/debian-10",
* auto_delete=True,
* boot=True,
* )],
* metadata={
* "startup-script": """#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* """,
* })
* # MIG
* default_instance_group_manager = gcp.compute.InstanceGroupManager("default",
* name="l7-xlb-mig1",
* zone="us-central1-c",
* named_ports=[gcp.compute.InstanceGroupManagerNamedPortArgs(
* name="http",
* port=8080,
* )],
* versions=[gcp.compute.InstanceGroupManagerVersionArgs(
* instance_template=default_instance_template.id,
* name="primary",
* )],
* base_instance_name="vm",
* target_size=2)
* # backend service with custom request and response headers
* default_backend_service = gcp.compute.BackendService("default",
* name="l7-xlb-backend-service",
* protocol="HTTP",
* port_name="my-port",
* load_balancing_scheme="EXTERNAL",
* timeout_sec=10,
* enable_cdn=True,
* custom_request_headers=["X-Client-Geo-Location: {client_region_subdivision}, {client_city}"],
* custom_response_headers=["X-Cache-Hit: {cdn_cache_status}"],
* health_checks=default_health_check.id,
* backends=[gcp.compute.BackendServiceBackendArgs(
* group=default_instance_group_manager.instance_group,
* balancing_mode="UTILIZATION",
* capacity_scaler=1,
* )])
* # url map
* default_url_map = gcp.compute.URLMap("default",
* name="l7-xlb-url-map",
* default_service=default_backend_service.id)
* # http proxy
* default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
* name="l7-xlb-target-http-proxy",
* url_map=default_url_map.id)
* # forwarding rule
* default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
* name="l7-xlb-forwarding-rule",
* ip_protocol="TCP",
* load_balancing_scheme="EXTERNAL",
* port_range="80",
* target=default_target_http_proxy.id,
* ip_address=default_global_address.id)
* # allow access from health check ranges
* default_firewall = gcp.compute.Firewall("default",
* name="l7-xlb-fw-allow-hc",
* direction="INGRESS",
* network=default.id,
* source_ranges=[
* "130.211.0.0/22",
* "35.191.0.0/16",
* ],
* allows=[gcp.compute.FirewallAllowArgs(
* protocol="tcp",
* )],
* target_tags=["allow-health-check"])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* // External HTTP load balancer with a CDN-enabled managed instance group backend
* // and custom request and response headers
* // VPC
* var @default = new Gcp.Compute.Network("default", new()
* {
* Name = "l7-xlb-network",
* AutoCreateSubnetworks = false,
* });
* // backend subnet
* var defaultSubnetwork = new Gcp.Compute.Subnetwork("default", new()
* {
* Name = "l7-xlb-subnet",
* IpCidrRange = "10.0.1.0/24",
* Region = "us-central1",
* Network = @default.Id,
* });
* // reserved IP address
* var defaultGlobalAddress = new Gcp.Compute.GlobalAddress("default", new()
* {
* Name = "l7-xlb-static-ip",
* });
* // health check
* var defaultHealthCheck = new Gcp.Compute.HealthCheck("default", new()
* {
* Name = "l7-xlb-hc",
* HttpHealthCheck = new Gcp.Compute.Inputs.HealthCheckHttpHealthCheckArgs
* {
* PortSpecification = "USE_SERVING_PORT",
* },
* });
* // instance template
* var defaultInstanceTemplate = new Gcp.Compute.InstanceTemplate("default", new()
* {
* NetworkInterfaces = new[]
* {
* new Gcp.Compute.Inputs.InstanceTemplateNetworkInterfaceArgs
* {
* AccessConfigs = new[]
* {
* null,
* },
* Network = @default.Id,
* Subnetwork = defaultSubnetwork.Id,
* },
* },
* Name = "l7-xlb-mig-template",
* MachineType = "e2-small",
* Tags = new[]
* {
* "allow-health-check",
* },
* Disks = new[]
* {
* new Gcp.Compute.Inputs.InstanceTemplateDiskArgs
* {
* SourceImage = "debian-cloud/debian-10",
* AutoDelete = true,
* Boot = true,
* },
* },
* Metadata =
* {
* { "startup-script", @"#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/hostname"")
* IP=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip"")
* METADATA=$(curl -f -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True"" | jq 'del(.[""startup-script""])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* " },
* },
* });
* // MIG
* var defaultInstanceGroupManager = new Gcp.Compute.InstanceGroupManager("default", new()
* {
* Name = "l7-xlb-mig1",
* Zone = "us-central1-c",
* NamedPorts = new[]
* {
* new Gcp.Compute.Inputs.InstanceGroupManagerNamedPortArgs
* {
* Name = "http",
* Port = 8080,
* },
* },
* Versions = new[]
* {
* new Gcp.Compute.Inputs.InstanceGroupManagerVersionArgs
* {
* InstanceTemplate = defaultInstanceTemplate.Id,
* Name = "primary",
* },
* },
* BaseInstanceName = "vm",
* TargetSize = 2,
* });
* // backend service with custom request and response headers
* var defaultBackendService = new Gcp.Compute.BackendService("default", new()
* {
* Name = "l7-xlb-backend-service",
* Protocol = "HTTP",
* PortName = "my-port",
* LoadBalancingScheme = "EXTERNAL",
* TimeoutSec = 10,
* EnableCdn = true,
* CustomRequestHeaders = new[]
* {
* "X-Client-Geo-Location: {client_region_subdivision}, {client_city}",
* },
* CustomResponseHeaders = new[]
* {
* "X-Cache-Hit: {cdn_cache_status}",
* },
* HealthChecks = defaultHealthCheck.Id,
* Backends = new[]
* {
* new Gcp.Compute.Inputs.BackendServiceBackendArgs
* {
* Group = defaultInstanceGroupManager.InstanceGroup,
* BalancingMode = "UTILIZATION",
* CapacityScaler = 1,
* },
* },
* });
* // url map
* var defaultURLMap = new Gcp.Compute.URLMap("default", new()
* {
* Name = "l7-xlb-url-map",
* DefaultService = defaultBackendService.Id,
* });
* // http proxy
* var defaultTargetHttpProxy = new Gcp.Compute.TargetHttpProxy("default", new()
* {
* Name = "l7-xlb-target-http-proxy",
* UrlMap = defaultURLMap.Id,
* });
* // forwarding rule
* var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("default", new()
* {
* Name = "l7-xlb-forwarding-rule",
* IpProtocol = "TCP",
* LoadBalancingScheme = "EXTERNAL",
* PortRange = "80",
* Target = defaultTargetHttpProxy.Id,
* IpAddress = defaultGlobalAddress.Id,
* });
* // allow access from health check ranges
* var defaultFirewall = new Gcp.Compute.Firewall("default", new()
* {
* Name = "l7-xlb-fw-allow-hc",
* Direction = "INGRESS",
* Network = @default.Id,
* SourceRanges = new[]
* {
* "130.211.0.0/22",
* "35.191.0.0/16",
* },
* Allows = new[]
* {
* new Gcp.Compute.Inputs.FirewallAllowArgs
* {
* Protocol = "tcp",
* },
* },
* TargetTags = new[]
* {
* "allow-health-check",
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* // External HTTP load balancer with a CDN-enabled managed instance group backend
* // and custom request and response headers
* // VPC
* _, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
* Name: pulumi.String("l7-xlb-network"),
* AutoCreateSubnetworks: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* // backend subnet
* defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{
* Name: pulumi.String("l7-xlb-subnet"),
* IpCidrRange: pulumi.String("10.0.1.0/24"),
* Region: pulumi.String("us-central1"),
* Network: _default.ID(),
* })
* if err != nil {
* return err
* }
* // reserved IP address
* defaultGlobalAddress, err := compute.NewGlobalAddress(ctx, "default", &compute.GlobalAddressArgs{
* Name: pulumi.String("l7-xlb-static-ip"),
* })
* if err != nil {
* return err
* }
* // health check
* defaultHealthCheck, err := compute.NewHealthCheck(ctx, "default", &compute.HealthCheckArgs{
* Name: pulumi.String("l7-xlb-hc"),
* HttpHealthCheck: &compute.HealthCheckHttpHealthCheckArgs{
* PortSpecification: pulumi.String("USE_SERVING_PORT"),
* },
* })
* if err != nil {
* return err
* }
* // instance template
* defaultInstanceTemplate, err := compute.NewInstanceTemplate(ctx, "default", &compute.InstanceTemplateArgs{
* NetworkInterfaces: compute.InstanceTemplateNetworkInterfaceArray{
* &compute.InstanceTemplateNetworkInterfaceArgs{
* AccessConfigs: compute.InstanceTemplateNetworkInterfaceAccessConfigArray{
* nil,
* },
* Network: _default.ID(),
* Subnetwork: defaultSubnetwork.ID(),
* },
* },
* Name: pulumi.String("l7-xlb-mig-template"),
* MachineType: pulumi.String("e2-small"),
* Tags: pulumi.StringArray{
* pulumi.String("allow-health-check"),
* },
* Disks: compute.InstanceTemplateDiskArray{
* &compute.InstanceTemplateDiskArgs{
* SourceImage: pulumi.String("debian-cloud/debian-10"),
* AutoDelete: pulumi.Bool(true),
* Boot: pulumi.Bool(true),
* },
* },
* Metadata: pulumi.Map{
* "startup-script": pulumi.Any(`#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* `),
* },
* })
* if err != nil {
* return err
* }
* // MIG
* defaultInstanceGroupManager, err := compute.NewInstanceGroupManager(ctx, "default", &compute.InstanceGroupManagerArgs{
* Name: pulumi.String("l7-xlb-mig1"),
* Zone: pulumi.String("us-central1-c"),
* NamedPorts: compute.InstanceGroupManagerNamedPortArray{
* &compute.InstanceGroupManagerNamedPortArgs{
* Name: pulumi.String("http"),
* Port: pulumi.Int(8080),
* },
* },
* Versions: compute.InstanceGroupManagerVersionArray{
* &compute.InstanceGroupManagerVersionArgs{
* InstanceTemplate: defaultInstanceTemplate.ID(),
* Name: pulumi.String("primary"),
* },
* },
* BaseInstanceName: pulumi.String("vm"),
* TargetSize: pulumi.Int(2),
* })
* if err != nil {
* return err
* }
* // backend service with custom request and response headers
* defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
* Name: pulumi.String("l7-xlb-backend-service"),
* Protocol: pulumi.String("HTTP"),
* PortName: pulumi.String("my-port"),
* LoadBalancingScheme: pulumi.String("EXTERNAL"),
* TimeoutSec: pulumi.Int(10),
* EnableCdn: pulumi.Bool(true),
* CustomRequestHeaders: pulumi.StringArray{
* pulumi.String("X-Client-Geo-Location: {client_region_subdivision}, {client_city}"),
* },
* CustomResponseHeaders: pulumi.StringArray{
* pulumi.String("X-Cache-Hit: {cdn_cache_status}"),
* },
* HealthChecks: defaultHealthCheck.ID(),
* Backends: compute.BackendServiceBackendArray{
* &compute.BackendServiceBackendArgs{
* Group: defaultInstanceGroupManager.InstanceGroup,
* BalancingMode: pulumi.String("UTILIZATION"),
* CapacityScaler: pulumi.Float64(1),
* },
* },
* })
* if err != nil {
* return err
* }
* // url map
* defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
* Name: pulumi.String("l7-xlb-url-map"),
* DefaultService: defaultBackendService.ID(),
* })
* if err != nil {
* return err
* }
* // http proxy
* defaultTargetHttpProxy, err := compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{
* Name: pulumi.String("l7-xlb-target-http-proxy"),
* UrlMap: defaultURLMap.ID(),
* })
* if err != nil {
* return err
* }
* // forwarding rule
* _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{
* Name: pulumi.String("l7-xlb-forwarding-rule"),
* IpProtocol: pulumi.String("TCP"),
* LoadBalancingScheme: pulumi.String("EXTERNAL"),
* PortRange: pulumi.String("80"),
* Target: defaultTargetHttpProxy.ID(),
* IpAddress: defaultGlobalAddress.ID(),
* })
* if err != nil {
* return err
* }
* // allow access from health check ranges
* _, err = compute.NewFirewall(ctx, "default", &compute.FirewallArgs{
* Name: pulumi.String("l7-xlb-fw-allow-hc"),
* Direction: pulumi.String("INGRESS"),
* Network: _default.ID(),
* SourceRanges: pulumi.StringArray{
* pulumi.String("130.211.0.0/22"),
* pulumi.String("35.191.0.0/16"),
* },
* Allows: compute.FirewallAllowArray{
* &compute.FirewallAllowArgs{
* Protocol: pulumi.String("tcp"),
* },
* },
* TargetTags: pulumi.StringArray{
* pulumi.String("allow-health-check"),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.Network;
* import com.pulumi.gcp.compute.NetworkArgs;
* import com.pulumi.gcp.compute.Subnetwork;
* import com.pulumi.gcp.compute.SubnetworkArgs;
* import com.pulumi.gcp.compute.GlobalAddress;
* import com.pulumi.gcp.compute.GlobalAddressArgs;
* import com.pulumi.gcp.compute.HealthCheck;
* import com.pulumi.gcp.compute.HealthCheckArgs;
* import com.pulumi.gcp.compute.inputs.HealthCheckHttpHealthCheckArgs;
* import com.pulumi.gcp.compute.InstanceTemplate;
* import com.pulumi.gcp.compute.InstanceTemplateArgs;
* import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
* import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
* import com.pulumi.gcp.compute.InstanceGroupManager;
* import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
* import com.pulumi.gcp.compute.inputs.InstanceGroupManagerNamedPortArgs;
* import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
* import com.pulumi.gcp.compute.BackendService;
* import com.pulumi.gcp.compute.BackendServiceArgs;
* import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
* import com.pulumi.gcp.compute.URLMap;
* import com.pulumi.gcp.compute.URLMapArgs;
* import com.pulumi.gcp.compute.TargetHttpProxy;
* import com.pulumi.gcp.compute.TargetHttpProxyArgs;
* import com.pulumi.gcp.compute.GlobalForwardingRule;
* import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
* import com.pulumi.gcp.compute.Firewall;
* import com.pulumi.gcp.compute.FirewallArgs;
* import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* // External HTTP load balancer with a CDN-enabled managed instance group backend
* // and custom request and response headers
* // VPC
* var default_ = new Network("default", NetworkArgs.builder()
* .name("l7-xlb-network")
* .autoCreateSubnetworks(false)
* .build());
* // backend subnet
* var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
* .name("l7-xlb-subnet")
* .ipCidrRange("10.0.1.0/24")
* .region("us-central1")
* .network(default_.id())
* .build());
* // reserved IP address
* var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress", GlobalAddressArgs.builder()
* .name("l7-xlb-static-ip")
* .build());
* // health check
* var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()
* .name("l7-xlb-hc")
* .httpHealthCheck(HealthCheckHttpHealthCheckArgs.builder()
* .portSpecification("USE_SERVING_PORT")
* .build())
* .build());
* // instance template
* var defaultInstanceTemplate = new InstanceTemplate("defaultInstanceTemplate", InstanceTemplateArgs.builder()
* .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
* .accessConfigs()
* .network(default_.id())
* .subnetwork(defaultSubnetwork.id())
* .build())
* .name("l7-xlb-mig-template")
* .machineType("e2-small")
* .tags("allow-health-check")
* .disks(InstanceTemplateDiskArgs.builder()
* .sourceImage("debian-cloud/debian-10")
* .autoDelete(true)
* .boot(true)
* .build())
* .metadata(Map.of("startup-script", """
* #! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* """))
* .build());
* // MIG
* var defaultInstanceGroupManager = new InstanceGroupManager("defaultInstanceGroupManager", InstanceGroupManagerArgs.builder()
* .name("l7-xlb-mig1")
* .zone("us-central1-c")
* .namedPorts(InstanceGroupManagerNamedPortArgs.builder()
* .name("http")
* .port(8080)
* .build())
* .versions(InstanceGroupManagerVersionArgs.builder()
* .instanceTemplate(defaultInstanceTemplate.id())
* .name("primary")
* .build())
* .baseInstanceName("vm")
* .targetSize(2)
* .build());
* // backend service with custom request and response headers
* var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
* .name("l7-xlb-backend-service")
* .protocol("HTTP")
* .portName("my-port")
* .loadBalancingScheme("EXTERNAL")
* .timeoutSec(10)
* .enableCdn(true)
* .customRequestHeaders("X-Client-Geo-Location: {client_region_subdivision}, {client_city}")
* .customResponseHeaders("X-Cache-Hit: {cdn_cache_status}")
* .healthChecks(defaultHealthCheck.id())
* .backends(BackendServiceBackendArgs.builder()
* .group(defaultInstanceGroupManager.instanceGroup())
* .balancingMode("UTILIZATION")
* .capacityScaler(1)
* .build())
* .build());
* // url map
* var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
* .name("l7-xlb-url-map")
* .defaultService(defaultBackendService.id())
* .build());
* // http proxy
* var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()
* .name("l7-xlb-target-http-proxy")
* .urlMap(defaultURLMap.id())
* .build());
* // forwarding rule
* var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
* .name("l7-xlb-forwarding-rule")
* .ipProtocol("TCP")
* .loadBalancingScheme("EXTERNAL")
* .portRange("80")
* .target(defaultTargetHttpProxy.id())
* .ipAddress(defaultGlobalAddress.id())
* .build());
* // allow access from health check ranges
* var defaultFirewall = new Firewall("defaultFirewall", FirewallArgs.builder()
* .name("l7-xlb-fw-allow-hc")
* .direction("INGRESS")
* .network(default_.id())
* .sourceRanges(
* "130.211.0.0/22",
* "35.191.0.0/16")
* .allows(FirewallAllowArgs.builder()
* .protocol("tcp")
* .build())
* .targetTags("allow-health-check")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* # External HTTP load balancer with a CDN-enabled managed instance group backend
* # and custom request and response headers
* # VPC
* default:
* type: gcp:compute:Network
* properties:
* name: l7-xlb-network
* autoCreateSubnetworks: false
* # backend subnet
* defaultSubnetwork:
* type: gcp:compute:Subnetwork
* name: default
* properties:
* name: l7-xlb-subnet
* ipCidrRange: 10.0.1.0/24
* region: us-central1
* network: ${default.id}
* # reserved IP address
* defaultGlobalAddress:
* type: gcp:compute:GlobalAddress
* name: default
* properties:
* name: l7-xlb-static-ip
* # forwarding rule
* defaultGlobalForwardingRule:
* type: gcp:compute:GlobalForwardingRule
* name: default
* properties:
* name: l7-xlb-forwarding-rule
* ipProtocol: TCP
* loadBalancingScheme: EXTERNAL
* portRange: '80'
* target: ${defaultTargetHttpProxy.id}
* ipAddress: ${defaultGlobalAddress.id}
* # http proxy
* defaultTargetHttpProxy:
* type: gcp:compute:TargetHttpProxy
* name: default
* properties:
* name: l7-xlb-target-http-proxy
* urlMap: ${defaultURLMap.id}
* # url map
* defaultURLMap:
* type: gcp:compute:URLMap
* name: default
* properties:
* name: l7-xlb-url-map
* defaultService: ${defaultBackendService.id}
* # backend service with custom request and response headers
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: l7-xlb-backend-service
* protocol: HTTP
* portName: my-port
* loadBalancingScheme: EXTERNAL
* timeoutSec: 10
* enableCdn: true
* customRequestHeaders:
* - 'X-Client-Geo-Location: {client_region_subdivision}, {client_city}'
* customResponseHeaders:
* - 'X-Cache-Hit: {cdn_cache_status}'
* healthChecks: ${defaultHealthCheck.id}
* backends:
* - group: ${defaultInstanceGroupManager.instanceGroup}
* balancingMode: UTILIZATION
* capacityScaler: 1
* # instance template
* defaultInstanceTemplate:
* type: gcp:compute:InstanceTemplate
* name: default
* properties:
* networkInterfaces:
* - accessConfigs:
* - {}
* network: ${default.id}
* subnetwork: ${defaultSubnetwork.id}
* name: l7-xlb-mig-template
* machineType: e2-small
* tags:
* - allow-health-check
* disks:
* - sourceImage: debian-cloud/debian-10
* autoDelete: true
* boot: true
* metadata:
* startup-script: |
* #! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* # health check
* defaultHealthCheck:
* type: gcp:compute:HealthCheck
* name: default
* properties:
* name: l7-xlb-hc
* httpHealthCheck:
* portSpecification: USE_SERVING_PORT
* # MIG
* defaultInstanceGroupManager:
* type: gcp:compute:InstanceGroupManager
* name: default
* properties:
* name: l7-xlb-mig1
* zone: us-central1-c
* namedPorts:
* - name: http
* port: 8080
* versions:
* - instanceTemplate: ${defaultInstanceTemplate.id}
* name: primary
* baseInstanceName: vm
* targetSize: 2
* # allow access from health check ranges
* defaultFirewall:
* type: gcp:compute:Firewall
* name: default
* properties:
* name: l7-xlb-fw-allow-hc
* direction: INGRESS
* network: ${default.id}
* sourceRanges:
* - 130.211.0.0/22
* - 35.191.0.0/16
* allows:
* - protocol: tcp
* targetTags:
* - allow-health-check
* ```
*
* ### Global Forwarding Rule Http
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
* name: "check-backend",
* requestPath: "/",
* checkIntervalSec: 1,
* timeoutSec: 1,
* });
* const defaultBackendService = new gcp.compute.BackendService("default", {
* name: "backend",
* portName: "http",
* protocol: "HTTP",
* timeoutSec: 10,
* healthChecks: defaultHttpHealthCheck.id,
* });
* const defaultURLMap = new gcp.compute.URLMap("default", {
* name: "url-map-target-proxy",
* description: "a description",
* defaultService: defaultBackendService.id,
* hostRules: [{
* hosts: ["mysite.com"],
* pathMatcher: "allpaths",
* }],
* pathMatchers: [{
* name: "allpaths",
* defaultService: defaultBackendService.id,
* pathRules: [{
* paths: ["/*"],
* service: defaultBackendService.id,
* }],
* }],
* });
* const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("default", {
* name: "target-proxy",
* description: "a description",
* urlMap: defaultURLMap.id,
* });
* const _default = new gcp.compute.GlobalForwardingRule("default", {
* name: "global-rule",
* target: defaultTargetHttpProxy.id,
* portRange: "80",
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* default_http_health_check = gcp.compute.HttpHealthCheck("default",
* name="check-backend",
* request_path="/",
* check_interval_sec=1,
* timeout_sec=1)
* default_backend_service = gcp.compute.BackendService("default",
* name="backend",
* port_name="http",
* protocol="HTTP",
* timeout_sec=10,
* health_checks=default_http_health_check.id)
* default_url_map = gcp.compute.URLMap("default",
* name="url-map-target-proxy",
* description="a description",
* default_service=default_backend_service.id,
* host_rules=[gcp.compute.URLMapHostRuleArgs(
* hosts=["mysite.com"],
* path_matcher="allpaths",
* )],
* path_matchers=[gcp.compute.URLMapPathMatcherArgs(
* name="allpaths",
* default_service=default_backend_service.id,
* path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs(
* paths=["/*"],
* service=default_backend_service.id,
* )],
* )])
* default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
* name="target-proxy",
* description="a description",
* url_map=default_url_map.id)
* default = gcp.compute.GlobalForwardingRule("default",
* name="global-rule",
* target=default_target_http_proxy.id,
* port_range="80")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
* {
* Name = "check-backend",
* RequestPath = "/",
* CheckIntervalSec = 1,
* TimeoutSec = 1,
* });
* var defaultBackendService = new Gcp.Compute.BackendService("default", new()
* {
* Name = "backend",
* PortName = "http",
* Protocol = "HTTP",
* TimeoutSec = 10,
* HealthChecks = defaultHttpHealthCheck.Id,
* });
* var defaultURLMap = new Gcp.Compute.URLMap("default", new()
* {
* Name = "url-map-target-proxy",
* Description = "a description",
* DefaultService = defaultBackendService.Id,
* HostRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapHostRuleArgs
* {
* Hosts = new[]
* {
* "mysite.com",
* },
* PathMatcher = "allpaths",
* },
* },
* PathMatchers = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherArgs
* {
* Name = "allpaths",
* DefaultService = defaultBackendService.Id,
* PathRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
* {
* Paths = new[]
* {
* "/*",
* },
* Service = defaultBackendService.Id,
* },
* },
* },
* },
* });
* var defaultTargetHttpProxy = new Gcp.Compute.TargetHttpProxy("default", new()
* {
* Name = "target-proxy",
* Description = "a description",
* UrlMap = defaultURLMap.Id,
* });
* var @default = new Gcp.Compute.GlobalForwardingRule("default", new()
* {
* Name = "global-rule",
* Target = defaultTargetHttpProxy.Id,
* PortRange = "80",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
* Name: pulumi.String("check-backend"),
* RequestPath: pulumi.String("/"),
* CheckIntervalSec: pulumi.Int(1),
* TimeoutSec: pulumi.Int(1),
* })
* if err != nil {
* return err
* }
* defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
* Name: pulumi.String("backend"),
* PortName: pulumi.String("http"),
* Protocol: pulumi.String("HTTP"),
* TimeoutSec: pulumi.Int(10),
* HealthChecks: defaultHttpHealthCheck.ID(),
* })
* if err != nil {
* return err
* }
* defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
* Name: pulumi.String("url-map-target-proxy"),
* Description: pulumi.String("a description"),
* DefaultService: defaultBackendService.ID(),
* HostRules: compute.URLMapHostRuleArray{
* &compute.URLMapHostRuleArgs{
* Hosts: pulumi.StringArray{
* pulumi.String("mysite.com"),
* },
* PathMatcher: pulumi.String("allpaths"),
* },
* },
* PathMatchers: compute.URLMapPathMatcherArray{
* &compute.URLMapPathMatcherArgs{
* Name: pulumi.String("allpaths"),
* DefaultService: defaultBackendService.ID(),
* PathRules: compute.URLMapPathMatcherPathRuleArray{
* &compute.URLMapPathMatcherPathRuleArgs{
* Paths: pulumi.StringArray{
* pulumi.String("/*"),
* },
* Service: defaultBackendService.ID(),
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* defaultTargetHttpProxy, err := compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{
* Name: pulumi.String("target-proxy"),
* Description: pulumi.String("a description"),
* UrlMap: defaultURLMap.ID(),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{
* Name: pulumi.String("global-rule"),
* Target: defaultTargetHttpProxy.ID(),
* PortRange: pulumi.String("80"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.HttpHealthCheck;
* import com.pulumi.gcp.compute.HttpHealthCheckArgs;
* import com.pulumi.gcp.compute.BackendService;
* import com.pulumi.gcp.compute.BackendServiceArgs;
* import com.pulumi.gcp.compute.URLMap;
* import com.pulumi.gcp.compute.URLMapArgs;
* import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
* import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
* import com.pulumi.gcp.compute.TargetHttpProxy;
* import com.pulumi.gcp.compute.TargetHttpProxyArgs;
* import com.pulumi.gcp.compute.GlobalForwardingRule;
* import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
* .name("check-backend")
* .requestPath("/")
* .checkIntervalSec(1)
* .timeoutSec(1)
* .build());
* var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
* .name("backend")
* .portName("http")
* .protocol("HTTP")
* .timeoutSec(10)
* .healthChecks(defaultHttpHealthCheck.id())
* .build());
* var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
* .name("url-map-target-proxy")
* .description("a description")
* .defaultService(defaultBackendService.id())
* .hostRules(URLMapHostRuleArgs.builder()
* .hosts("mysite.com")
* .pathMatcher("allpaths")
* .build())
* .pathMatchers(URLMapPathMatcherArgs.builder()
* .name("allpaths")
* .defaultService(defaultBackendService.id())
* .pathRules(URLMapPathMatcherPathRuleArgs.builder()
* .paths("/*")
* .service(defaultBackendService.id())
* .build())
* .build())
* .build());
* var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()
* .name("target-proxy")
* .description("a description")
* .urlMap(defaultURLMap.id())
* .build());
* var default_ = new GlobalForwardingRule("default", GlobalForwardingRuleArgs.builder()
* .name("global-rule")
* .target(defaultTargetHttpProxy.id())
* .portRange("80")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:compute:GlobalForwardingRule
* properties:
* name: global-rule
* target: ${defaultTargetHttpProxy.id}
* portRange: '80'
* defaultTargetHttpProxy:
* type: gcp:compute:TargetHttpProxy
* name: default
* properties:
* name: target-proxy
* description: a description
* urlMap: ${defaultURLMap.id}
* defaultURLMap:
* type: gcp:compute:URLMap
* name: default
* properties:
* name: url-map-target-proxy
* description: a description
* defaultService: ${defaultBackendService.id}
* hostRules:
* - hosts:
* - mysite.com
* pathMatcher: allpaths
* pathMatchers:
* - name: allpaths
* defaultService: ${defaultBackendService.id}
* pathRules:
* - paths:
* - /*
* service: ${defaultBackendService.id}
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: backend
* portName: http
* protocol: HTTP
* timeoutSec: 10
* healthChecks: ${defaultHttpHealthCheck.id}
* defaultHttpHealthCheck:
* type: gcp:compute:HttpHealthCheck
* name: default
* properties:
* name: check-backend
* requestPath: /
* checkIntervalSec: 1
* timeoutSec: 1
* ```
*
* ### Global Forwarding Rule Internal
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const debianImage = gcp.compute.getImage({
* family: "debian-11",
* project: "debian-cloud",
* });
* const instanceTemplate = new gcp.compute.InstanceTemplate("instance_template", {
* name: "template-backend",
* machineType: "e2-medium",
* networkInterfaces: [{
* network: "default",
* }],
* disks: [{
* sourceImage: debianImage.then(debianImage => debianImage.selfLink),
* autoDelete: true,
* boot: true,
* }],
* });
* const igm = new gcp.compute.InstanceGroupManager("igm", {
* name: "igm-internal",
* versions: [{
* instanceTemplate: instanceTemplate.id,
* name: "primary",
* }],
* baseInstanceName: "internal-glb",
* zone: "us-central1-f",
* targetSize: 1,
* });
* const defaultHealthCheck = new gcp.compute.HealthCheck("default", {
* name: "check-backend",
* checkIntervalSec: 1,
* timeoutSec: 1,
* tcpHealthCheck: {
* port: 80,
* },
* });
* const defaultBackendService = new gcp.compute.BackendService("default", {
* name: "backend",
* portName: "http",
* protocol: "HTTP",
* timeoutSec: 10,
* loadBalancingScheme: "INTERNAL_SELF_MANAGED",
* backends: [{
* group: igm.instanceGroup,
* balancingMode: "RATE",
* capacityScaler: 0.4,
* maxRatePerInstance: 50,
* }],
* healthChecks: defaultHealthCheck.id,
* });
* const defaultURLMap = new gcp.compute.URLMap("default", {
* name: "url-map-target-proxy",
* description: "a description",
* defaultService: defaultBackendService.id,
* hostRules: [{
* hosts: ["mysite.com"],
* pathMatcher: "allpaths",
* }],
* pathMatchers: [{
* name: "allpaths",
* defaultService: defaultBackendService.id,
* pathRules: [{
* paths: ["/*"],
* service: defaultBackendService.id,
* }],
* }],
* });
* const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("default", {
* name: "target-proxy",
* description: "a description",
* urlMap: defaultURLMap.id,
* });
* const _default = new gcp.compute.GlobalForwardingRule("default", {
* name: "global-rule",
* target: defaultTargetHttpProxy.id,
* portRange: "80",
* loadBalancingScheme: "INTERNAL_SELF_MANAGED",
* ipAddress: "0.0.0.0",
* metadataFilters: [{
* filterMatchCriteria: "MATCH_ANY",
* filterLabels: [{
* name: "PLANET",
* value: "MARS",
* }],
* }],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* debian_image = gcp.compute.get_image(family="debian-11",
* project="debian-cloud")
* instance_template = gcp.compute.InstanceTemplate("instance_template",
* name="template-backend",
* machine_type="e2-medium",
* network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
* network="default",
* )],
* disks=[gcp.compute.InstanceTemplateDiskArgs(
* source_image=debian_image.self_link,
* auto_delete=True,
* boot=True,
* )])
* igm = gcp.compute.InstanceGroupManager("igm",
* name="igm-internal",
* versions=[gcp.compute.InstanceGroupManagerVersionArgs(
* instance_template=instance_template.id,
* name="primary",
* )],
* base_instance_name="internal-glb",
* zone="us-central1-f",
* target_size=1)
* default_health_check = gcp.compute.HealthCheck("default",
* name="check-backend",
* check_interval_sec=1,
* timeout_sec=1,
* tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
* port=80,
* ))
* default_backend_service = gcp.compute.BackendService("default",
* name="backend",
* port_name="http",
* protocol="HTTP",
* timeout_sec=10,
* load_balancing_scheme="INTERNAL_SELF_MANAGED",
* backends=[gcp.compute.BackendServiceBackendArgs(
* group=igm.instance_group,
* balancing_mode="RATE",
* capacity_scaler=0.4,
* max_rate_per_instance=50,
* )],
* health_checks=default_health_check.id)
* default_url_map = gcp.compute.URLMap("default",
* name="url-map-target-proxy",
* description="a description",
* default_service=default_backend_service.id,
* host_rules=[gcp.compute.URLMapHostRuleArgs(
* hosts=["mysite.com"],
* path_matcher="allpaths",
* )],
* path_matchers=[gcp.compute.URLMapPathMatcherArgs(
* name="allpaths",
* default_service=default_backend_service.id,
* path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs(
* paths=["/*"],
* service=default_backend_service.id,
* )],
* )])
* default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
* name="target-proxy",
* description="a description",
* url_map=default_url_map.id)
* default = gcp.compute.GlobalForwardingRule("default",
* name="global-rule",
* target=default_target_http_proxy.id,
* port_range="80",
* load_balancing_scheme="INTERNAL_SELF_MANAGED",
* ip_address="0.0.0.0",
* metadata_filters=[gcp.compute.GlobalForwardingRuleMetadataFilterArgs(
* filter_match_criteria="MATCH_ANY",
* filter_labels=[gcp.compute.GlobalForwardingRuleMetadataFilterFilterLabelArgs(
* name="PLANET",
* value="MARS",
* )],
* )])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var debianImage = Gcp.Compute.GetImage.Invoke(new()
* {
* Family = "debian-11",
* Project = "debian-cloud",
* });
* var instanceTemplate = new Gcp.Compute.InstanceTemplate("instance_template", new()
* {
* Name = "template-backend",
* MachineType = "e2-medium",
* NetworkInterfaces = new[]
* {
* new Gcp.Compute.Inputs.InstanceTemplateNetworkInterfaceArgs
* {
* Network = "default",
* },
* },
* Disks = new[]
* {
* new Gcp.Compute.Inputs.InstanceTemplateDiskArgs
* {
* SourceImage = debianImage.Apply(getImageResult => getImageResult.SelfLink),
* AutoDelete = true,
* Boot = true,
* },
* },
* });
* var igm = new Gcp.Compute.InstanceGroupManager("igm", new()
* {
* Name = "igm-internal",
* Versions = new[]
* {
* new Gcp.Compute.Inputs.InstanceGroupManagerVersionArgs
* {
* InstanceTemplate = instanceTemplate.Id,
* Name = "primary",
* },
* },
* BaseInstanceName = "internal-glb",
* Zone = "us-central1-f",
* TargetSize = 1,
* });
* var defaultHealthCheck = new Gcp.Compute.HealthCheck("default", new()
* {
* Name = "check-backend",
* CheckIntervalSec = 1,
* TimeoutSec = 1,
* TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
* {
* Port = 80,
* },
* });
* var defaultBackendService = new Gcp.Compute.BackendService("default", new()
* {
* Name = "backend",
* PortName = "http",
* Protocol = "HTTP",
* TimeoutSec = 10,
* LoadBalancingScheme = "INTERNAL_SELF_MANAGED",
* Backends = new[]
* {
* new Gcp.Compute.Inputs.BackendServiceBackendArgs
* {
* Group = igm.InstanceGroup,
* BalancingMode = "RATE",
* CapacityScaler = 0.4,
* MaxRatePerInstance = 50,
* },
* },
* HealthChecks = defaultHealthCheck.Id,
* });
* var defaultURLMap = new Gcp.Compute.URLMap("default", new()
* {
* Name = "url-map-target-proxy",
* Description = "a description",
* DefaultService = defaultBackendService.Id,
* HostRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapHostRuleArgs
* {
* Hosts = new[]
* {
* "mysite.com",
* },
* PathMatcher = "allpaths",
* },
* },
* PathMatchers = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherArgs
* {
* Name = "allpaths",
* DefaultService = defaultBackendService.Id,
* PathRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
* {
* Paths = new[]
* {
* "/*",
* },
* Service = defaultBackendService.Id,
* },
* },
* },
* },
* });
* var defaultTargetHttpProxy = new Gcp.Compute.TargetHttpProxy("default", new()
* {
* Name = "target-proxy",
* Description = "a description",
* UrlMap = defaultURLMap.Id,
* });
* var @default = new Gcp.Compute.GlobalForwardingRule("default", new()
* {
* Name = "global-rule",
* Target = defaultTargetHttpProxy.Id,
* PortRange = "80",
* LoadBalancingScheme = "INTERNAL_SELF_MANAGED",
* IpAddress = "0.0.0.0",
* MetadataFilters = new[]
* {
* new Gcp.Compute.Inputs.GlobalForwardingRuleMetadataFilterArgs
* {
* FilterMatchCriteria = "MATCH_ANY",
* FilterLabels = new[]
* {
* new Gcp.Compute.Inputs.GlobalForwardingRuleMetadataFilterFilterLabelArgs
* {
* Name = "PLANET",
* Value = "MARS",
* },
* },
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* debianImage, err := compute.LookupImage(ctx, &compute.LookupImageArgs{
* Family: pulumi.StringRef("debian-11"),
* Project: pulumi.StringRef("debian-cloud"),
* }, nil)
* if err != nil {
* return err
* }
* instanceTemplate, err := compute.NewInstanceTemplate(ctx, "instance_template", &compute.InstanceTemplateArgs{
* Name: pulumi.String("template-backend"),
* MachineType: pulumi.String("e2-medium"),
* NetworkInterfaces: compute.InstanceTemplateNetworkInterfaceArray{
* &compute.InstanceTemplateNetworkInterfaceArgs{
* Network: pulumi.String("default"),
* },
* },
* Disks: compute.InstanceTemplateDiskArray{
* &compute.InstanceTemplateDiskArgs{
* SourceImage: pulumi.String(debianImage.SelfLink),
* AutoDelete: pulumi.Bool(true),
* Boot: pulumi.Bool(true),
* },
* },
* })
* if err != nil {
* return err
* }
* igm, err := compute.NewInstanceGroupManager(ctx, "igm", &compute.InstanceGroupManagerArgs{
* Name: pulumi.String("igm-internal"),
* Versions: compute.InstanceGroupManagerVersionArray{
* &compute.InstanceGroupManagerVersionArgs{
* InstanceTemplate: instanceTemplate.ID(),
* Name: pulumi.String("primary"),
* },
* },
* BaseInstanceName: pulumi.String("internal-glb"),
* Zone: pulumi.String("us-central1-f"),
* TargetSize: pulumi.Int(1),
* })
* if err != nil {
* return err
* }
* defaultHealthCheck, err := compute.NewHealthCheck(ctx, "default", &compute.HealthCheckArgs{
* Name: pulumi.String("check-backend"),
* CheckIntervalSec: pulumi.Int(1),
* TimeoutSec: pulumi.Int(1),
* TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
* Port: pulumi.Int(80),
* },
* })
* if err != nil {
* return err
* }
* defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
* Name: pulumi.String("backend"),
* PortName: pulumi.String("http"),
* Protocol: pulumi.String("HTTP"),
* TimeoutSec: pulumi.Int(10),
* LoadBalancingScheme: pulumi.String("INTERNAL_SELF_MANAGED"),
* Backends: compute.BackendServiceBackendArray{
* &compute.BackendServiceBackendArgs{
* Group: igm.InstanceGroup,
* BalancingMode: pulumi.String("RATE"),
* CapacityScaler: pulumi.Float64(0.4),
* MaxRatePerInstance: pulumi.Float64(50),
* },
* },
* HealthChecks: defaultHealthCheck.ID(),
* })
* if err != nil {
* return err
* }
* defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
* Name: pulumi.String("url-map-target-proxy"),
* Description: pulumi.String("a description"),
* DefaultService: defaultBackendService.ID(),
* HostRules: compute.URLMapHostRuleArray{
* &compute.URLMapHostRuleArgs{
* Hosts: pulumi.StringArray{
* pulumi.String("mysite.com"),
* },
* PathMatcher: pulumi.String("allpaths"),
* },
* },
* PathMatchers: compute.URLMapPathMatcherArray{
* &compute.URLMapPathMatcherArgs{
* Name: pulumi.String("allpaths"),
* DefaultService: defaultBackendService.ID(),
* PathRules: compute.URLMapPathMatcherPathRuleArray{
* &compute.URLMapPathMatcherPathRuleArgs{
* Paths: pulumi.StringArray{
* pulumi.String("/*"),
* },
* Service: defaultBackendService.ID(),
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* defaultTargetHttpProxy, err := compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{
* Name: pulumi.String("target-proxy"),
* Description: pulumi.String("a description"),
* UrlMap: defaultURLMap.ID(),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{
* Name: pulumi.String("global-rule"),
* Target: defaultTargetHttpProxy.ID(),
* PortRange: pulumi.String("80"),
* LoadBalancingScheme: pulumi.String("INTERNAL_SELF_MANAGED"),
* IpAddress: pulumi.String("0.0.0.0"),
* MetadataFilters: compute.GlobalForwardingRuleMetadataFilterArray{
* &compute.GlobalForwardingRuleMetadataFilterArgs{
* FilterMatchCriteria: pulumi.String("MATCH_ANY"),
* FilterLabels: compute.GlobalForwardingRuleMetadataFilterFilterLabelArray{
* &compute.GlobalForwardingRuleMetadataFilterFilterLabelArgs{
* Name: pulumi.String("PLANET"),
* Value: pulumi.String("MARS"),
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.ComputeFunctions;
* import com.pulumi.gcp.compute.inputs.GetImageArgs;
* import com.pulumi.gcp.compute.InstanceTemplate;
* import com.pulumi.gcp.compute.InstanceTemplateArgs;
* import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
* import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
* import com.pulumi.gcp.compute.InstanceGroupManager;
* import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
* import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
* import com.pulumi.gcp.compute.HealthCheck;
* import com.pulumi.gcp.compute.HealthCheckArgs;
* import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
* import com.pulumi.gcp.compute.BackendService;
* import com.pulumi.gcp.compute.BackendServiceArgs;
* import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
* import com.pulumi.gcp.compute.URLMap;
* import com.pulumi.gcp.compute.URLMapArgs;
* import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
* import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
* import com.pulumi.gcp.compute.TargetHttpProxy;
* import com.pulumi.gcp.compute.TargetHttpProxyArgs;
* import com.pulumi.gcp.compute.GlobalForwardingRule;
* import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
* import com.pulumi.gcp.compute.inputs.GlobalForwardingRuleMetadataFilterArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var debianImage = ComputeFunctions.getImage(GetImageArgs.builder()
* .family("debian-11")
* .project("debian-cloud")
* .build());
* var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
* .name("template-backend")
* .machineType("e2-medium")
* .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
* .network("default")
* .build())
* .disks(InstanceTemplateDiskArgs.builder()
* .sourceImage(debianImage.applyValue(getImageResult -> getImageResult.selfLink()))
* .autoDelete(true)
* .boot(true)
* .build())
* .build());
* var igm = new InstanceGroupManager("igm", InstanceGroupManagerArgs.builder()
* .name("igm-internal")
* .versions(InstanceGroupManagerVersionArgs.builder()
* .instanceTemplate(instanceTemplate.id())
* .name("primary")
* .build())
* .baseInstanceName("internal-glb")
* .zone("us-central1-f")
* .targetSize(1)
* .build());
* var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()
* .name("check-backend")
* .checkIntervalSec(1)
* .timeoutSec(1)
* .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
* .port("80")
* .build())
* .build());
* var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
* .name("backend")
* .portName("http")
* .protocol("HTTP")
* .timeoutSec(10)
* .loadBalancingScheme("INTERNAL_SELF_MANAGED")
* .backends(BackendServiceBackendArgs.builder()
* .group(igm.instanceGroup())
* .balancingMode("RATE")
* .capacityScaler(0.4)
* .maxRatePerInstance(50)
* .build())
* .healthChecks(defaultHealthCheck.id())
* .build());
* var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
* .name("url-map-target-proxy")
* .description("a description")
* .defaultService(defaultBackendService.id())
* .hostRules(URLMapHostRuleArgs.builder()
* .hosts("mysite.com")
* .pathMatcher("allpaths")
* .build())
* .pathMatchers(URLMapPathMatcherArgs.builder()
* .name("allpaths")
* .defaultService(defaultBackendService.id())
* .pathRules(URLMapPathMatcherPathRuleArgs.builder()
* .paths("/*")
* .service(defaultBackendService.id())
* .build())
* .build())
* .build());
* var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()
* .name("target-proxy")
* .description("a description")
* .urlMap(defaultURLMap.id())
* .build());
* var default_ = new GlobalForwardingRule("default", GlobalForwardingRuleArgs.builder()
* .name("global-rule")
* .target(defaultTargetHttpProxy.id())
* .portRange("80")
* .loadBalancingScheme("INTERNAL_SELF_MANAGED")
* .ipAddress("0.0.0.0")
* .metadataFilters(GlobalForwardingRuleMetadataFilterArgs.builder()
* .filterMatchCriteria("MATCH_ANY")
* .filterLabels(GlobalForwardingRuleMetadataFilterFilterLabelArgs.builder()
* .name("PLANET")
* .value("MARS")
* .build())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:compute:GlobalForwardingRule
* properties:
* name: global-rule
* target: ${defaultTargetHttpProxy.id}
* portRange: '80'
* loadBalancingScheme: INTERNAL_SELF_MANAGED
* ipAddress: 0.0.0.0
* metadataFilters:
* - filterMatchCriteria: MATCH_ANY
* filterLabels:
* - name: PLANET
* value: MARS
* defaultTargetHttpProxy:
* type: gcp:compute:TargetHttpProxy
* name: default
* properties:
* name: target-proxy
* description: a description
* urlMap: ${defaultURLMap.id}
* defaultURLMap:
* type: gcp:compute:URLMap
* name: default
* properties:
* name: url-map-target-proxy
* description: a description
* defaultService: ${defaultBackendService.id}
* hostRules:
* - hosts:
* - mysite.com
* pathMatcher: allpaths
* pathMatchers:
* - name: allpaths
* defaultService: ${defaultBackendService.id}
* pathRules:
* - paths:
* - /*
* service: ${defaultBackendService.id}
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: backend
* portName: http
* protocol: HTTP
* timeoutSec: 10
* loadBalancingScheme: INTERNAL_SELF_MANAGED
* backends:
* - group: ${igm.instanceGroup}
* balancingMode: RATE
* capacityScaler: 0.4
* maxRatePerInstance: 50
* healthChecks: ${defaultHealthCheck.id}
* igm:
* type: gcp:compute:InstanceGroupManager
* properties:
* name: igm-internal
* versions:
* - instanceTemplate: ${instanceTemplate.id}
* name: primary
* baseInstanceName: internal-glb
* zone: us-central1-f
* targetSize: 1
* instanceTemplate:
* type: gcp:compute:InstanceTemplate
* name: instance_template
* properties:
* name: template-backend
* machineType: e2-medium
* networkInterfaces:
* - network: default
* disks:
* - sourceImage: ${debianImage.selfLink}
* autoDelete: true
* boot: true
* defaultHealthCheck:
* type: gcp:compute:HealthCheck
* name: default
* properties:
* name: check-backend
* checkIntervalSec: 1
* timeoutSec: 1
* tcpHealthCheck:
* port: '80'
* variables:
* debianImage:
* fn::invoke:
* Function: gcp:compute:getImage
* Arguments:
* family: debian-11
* project: debian-cloud
* ```
*
* ### Global Forwarding Rule External Managed
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const defaultBackendService = new gcp.compute.BackendService("default", {
* name: "backend",
* portName: "http",
* protocol: "HTTP",
* timeoutSec: 10,
* loadBalancingScheme: "EXTERNAL_MANAGED",
* });
* const defaultURLMap = new gcp.compute.URLMap("default", {
* name: "url-map-target-proxy",
* description: "a description",
* defaultService: defaultBackendService.id,
* hostRules: [{
* hosts: ["mysite.com"],
* pathMatcher: "allpaths",
* }],
* pathMatchers: [{
* name: "allpaths",
* defaultService: defaultBackendService.id,
* pathRules: [{
* paths: ["/*"],
* service: defaultBackendService.id,
* }],
* }],
* });
* const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("default", {
* name: "target-proxy",
* description: "a description",
* urlMap: defaultURLMap.id,
* });
* const _default = new gcp.compute.GlobalForwardingRule("default", {
* name: "global-rule",
* target: defaultTargetHttpProxy.id,
* portRange: "80",
* loadBalancingScheme: "EXTERNAL_MANAGED",
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* default_backend_service = gcp.compute.BackendService("default",
* name="backend",
* port_name="http",
* protocol="HTTP",
* timeout_sec=10,
* load_balancing_scheme="EXTERNAL_MANAGED")
* default_url_map = gcp.compute.URLMap("default",
* name="url-map-target-proxy",
* description="a description",
* default_service=default_backend_service.id,
* host_rules=[gcp.compute.URLMapHostRuleArgs(
* hosts=["mysite.com"],
* path_matcher="allpaths",
* )],
* path_matchers=[gcp.compute.URLMapPathMatcherArgs(
* name="allpaths",
* default_service=default_backend_service.id,
* path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs(
* paths=["/*"],
* service=default_backend_service.id,
* )],
* )])
* default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
* name="target-proxy",
* description="a description",
* url_map=default_url_map.id)
* default = gcp.compute.GlobalForwardingRule("default",
* name="global-rule",
* target=default_target_http_proxy.id,
* port_range="80",
* load_balancing_scheme="EXTERNAL_MANAGED")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var defaultBackendService = new Gcp.Compute.BackendService("default", new()
* {
* Name = "backend",
* PortName = "http",
* Protocol = "HTTP",
* TimeoutSec = 10,
* LoadBalancingScheme = "EXTERNAL_MANAGED",
* });
* var defaultURLMap = new Gcp.Compute.URLMap("default", new()
* {
* Name = "url-map-target-proxy",
* Description = "a description",
* DefaultService = defaultBackendService.Id,
* HostRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapHostRuleArgs
* {
* Hosts = new[]
* {
* "mysite.com",
* },
* PathMatcher = "allpaths",
* },
* },
* PathMatchers = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherArgs
* {
* Name = "allpaths",
* DefaultService = defaultBackendService.Id,
* PathRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
* {
* Paths = new[]
* {
* "/*",
* },
* Service = defaultBackendService.Id,
* },
* },
* },
* },
* });
* var defaultTargetHttpProxy = new Gcp.Compute.TargetHttpProxy("default", new()
* {
* Name = "target-proxy",
* Description = "a description",
* UrlMap = defaultURLMap.Id,
* });
* var @default = new Gcp.Compute.GlobalForwardingRule("default", new()
* {
* Name = "global-rule",
* Target = defaultTargetHttpProxy.Id,
* PortRange = "80",
* LoadBalancingScheme = "EXTERNAL_MANAGED",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
* Name: pulumi.String("backend"),
* PortName: pulumi.String("http"),
* Protocol: pulumi.String("HTTP"),
* TimeoutSec: pulumi.Int(10),
* LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"),
* })
* if err != nil {
* return err
* }
* defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
* Name: pulumi.String("url-map-target-proxy"),
* Description: pulumi.String("a description"),
* DefaultService: defaultBackendService.ID(),
* HostRules: compute.URLMapHostRuleArray{
* &compute.URLMapHostRuleArgs{
* Hosts: pulumi.StringArray{
* pulumi.String("mysite.com"),
* },
* PathMatcher: pulumi.String("allpaths"),
* },
* },
* PathMatchers: compute.URLMapPathMatcherArray{
* &compute.URLMapPathMatcherArgs{
* Name: pulumi.String("allpaths"),
* DefaultService: defaultBackendService.ID(),
* PathRules: compute.URLMapPathMatcherPathRuleArray{
* &compute.URLMapPathMatcherPathRuleArgs{
* Paths: pulumi.StringArray{
* pulumi.String("/*"),
* },
* Service: defaultBackendService.ID(),
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* defaultTargetHttpProxy, err := compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{
* Name: pulumi.String("target-proxy"),
* Description: pulumi.String("a description"),
* UrlMap: defaultURLMap.ID(),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{
* Name: pulumi.String("global-rule"),
* Target: defaultTargetHttpProxy.ID(),
* PortRange: pulumi.String("80"),
* LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.BackendService;
* import com.pulumi.gcp.compute.BackendServiceArgs;
* import com.pulumi.gcp.compute.URLMap;
* import com.pulumi.gcp.compute.URLMapArgs;
* import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
* import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
* import com.pulumi.gcp.compute.TargetHttpProxy;
* import com.pulumi.gcp.compute.TargetHttpProxyArgs;
* import com.pulumi.gcp.compute.GlobalForwardingRule;
* import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
* .name("backend")
* .portName("http")
* .protocol("HTTP")
* .timeoutSec(10)
* .loadBalancingScheme("EXTERNAL_MANAGED")
* .build());
* var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
* .name("url-map-target-proxy")
* .description("a description")
* .defaultService(defaultBackendService.id())
* .hostRules(URLMapHostRuleArgs.builder()
* .hosts("mysite.com")
* .pathMatcher("allpaths")
* .build())
* .pathMatchers(URLMapPathMatcherArgs.builder()
* .name("allpaths")
* .defaultService(defaultBackendService.id())
* .pathRules(URLMapPathMatcherPathRuleArgs.builder()
* .paths("/*")
* .service(defaultBackendService.id())
* .build())
* .build())
* .build());
* var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()
* .name("target-proxy")
* .description("a description")
* .urlMap(defaultURLMap.id())
* .build());
* var default_ = new GlobalForwardingRule("default", GlobalForwardingRuleArgs.builder()
* .name("global-rule")
* .target(defaultTargetHttpProxy.id())
* .portRange("80")
* .loadBalancingScheme("EXTERNAL_MANAGED")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:compute:GlobalForwardingRule
* properties:
* name: global-rule
* target: ${defaultTargetHttpProxy.id}
* portRange: '80'
* loadBalancingScheme: EXTERNAL_MANAGED
* defaultTargetHttpProxy:
* type: gcp:compute:TargetHttpProxy
* name: default
* properties:
* name: target-proxy
* description: a description
* urlMap: ${defaultURLMap.id}
* defaultURLMap:
* type: gcp:compute:URLMap
* name: default
* properties:
* name: url-map-target-proxy
* description: a description
* defaultService: ${defaultBackendService.id}
* hostRules:
* - hosts:
* - mysite.com
* pathMatcher: allpaths
* pathMatchers:
* - name: allpaths
* defaultService: ${defaultBackendService.id}
* pathRules:
* - paths:
* - /*
* service: ${defaultBackendService.id}
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: backend
* portName: http
* protocol: HTTP
* timeoutSec: 10
* loadBalancingScheme: EXTERNAL_MANAGED
* ```
*
* ### Global Forwarding Rule Hybrid
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const config = new pulumi.Config();
* const subnetworkCidr = config.get("subnetworkCidr") || "10.0.0.0/24";
* const _default = new gcp.compute.Network("default", {name: "my-network"});
* const internal = new gcp.compute.Network("internal", {
* name: "my-internal-network",
* autoCreateSubnetworks: false,
* });
* const internalSubnetwork = new gcp.compute.Subnetwork("internal", {
* name: "my-subnetwork",
* network: internal.id,
* ipCidrRange: subnetworkCidr,
* region: "us-central1",
* privateIpGoogleAccess: true,
* });
* // Zonal NEG with GCE_VM_IP_PORT
* const defaultNetworkEndpointGroup = new gcp.compute.NetworkEndpointGroup("default", {
* name: "default-neg",
* network: _default.id,
* defaultPort: 90,
* zone: "us-central1-a",
* networkEndpointType: "GCE_VM_IP_PORT",
* });
* // Zonal NEG with GCE_VM_IP
* const internalNetworkEndpointGroup = new gcp.compute.NetworkEndpointGroup("internal", {
* name: "internal-neg",
* network: internal.id,
* subnetwork: internalSubnetwork.id,
* zone: "us-central1-a",
* networkEndpointType: "GCE_VM_IP",
* });
* // Hybrid connectivity NEG
* const hybrid = new gcp.compute.NetworkEndpointGroup("hybrid", {
* name: "hybrid-neg",
* network: _default.id,
* defaultPort: 90,
* zone: "us-central1-a",
* networkEndpointType: "NON_GCP_PRIVATE_IP_PORT",
* });
* const hybrid_endpoint = new gcp.compute.NetworkEndpoint("hybrid-endpoint", {
* networkEndpointGroup: hybrid.name,
* port: hybrid.defaultPort,
* ipAddress: "127.0.0.1",
* });
* const defaultHealthCheck = new gcp.compute.HealthCheck("default", {
* name: "health-check",
* timeoutSec: 1,
* checkIntervalSec: 1,
* tcpHealthCheck: {
* port: 80,
* },
* });
* // Backend service for Zonal NEG
* const defaultBackendService = new gcp.compute.BackendService("default", {
* name: "backend-default",
* portName: "http",
* protocol: "HTTP",
* timeoutSec: 10,
* backends: [{
* group: defaultNetworkEndpointGroup.id,
* balancingMode: "RATE",
* maxRatePerEndpoint: 10,
* }],
* healthChecks: defaultHealthCheck.id,
* });
* // Backgend service for Hybrid NEG
* const hybridBackendService = new gcp.compute.BackendService("hybrid", {
* name: "backend-hybrid",
* portName: "http",
* protocol: "HTTP",
* timeoutSec: 10,
* backends: [{
* group: hybrid.id,
* balancingMode: "RATE",
* maxRatePerEndpoint: 10,
* }],
* healthChecks: defaultHealthCheck.id,
* });
* const defaultURLMap = new gcp.compute.URLMap("default", {
* name: "url-map-target-proxy",
* description: "a description",
* defaultService: defaultBackendService.id,
* hostRules: [{
* hosts: ["mysite.com"],
* pathMatcher: "allpaths",
* }],
* pathMatchers: [{
* name: "allpaths",
* defaultService: defaultBackendService.id,
* pathRules: [
* {
* paths: ["/*"],
* service: defaultBackendService.id,
* },
* {
* paths: ["/hybrid"],
* service: hybridBackendService.id,
* },
* ],
* }],
* });
* const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("default", {
* name: "target-proxy",
* description: "a description",
* urlMap: defaultURLMap.id,
* });
* const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("default", {
* name: "global-rule",
* target: defaultTargetHttpProxy.id,
* portRange: "80",
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* config = pulumi.Config()
* subnetwork_cidr = config.get("subnetworkCidr")
* if subnetwork_cidr is None:
* subnetwork_cidr = "10.0.0.0/24"
* default = gcp.compute.Network("default", name="my-network")
* internal = gcp.compute.Network("internal",
* name="my-internal-network",
* auto_create_subnetworks=False)
* internal_subnetwork = gcp.compute.Subnetwork("internal",
* name="my-subnetwork",
* network=internal.id,
* ip_cidr_range=subnetwork_cidr,
* region="us-central1",
* private_ip_google_access=True)
* # Zonal NEG with GCE_VM_IP_PORT
* default_network_endpoint_group = gcp.compute.NetworkEndpointGroup("default",
* name="default-neg",
* network=default.id,
* default_port=90,
* zone="us-central1-a",
* network_endpoint_type="GCE_VM_IP_PORT")
* # Zonal NEG with GCE_VM_IP
* internal_network_endpoint_group = gcp.compute.NetworkEndpointGroup("internal",
* name="internal-neg",
* network=internal.id,
* subnetwork=internal_subnetwork.id,
* zone="us-central1-a",
* network_endpoint_type="GCE_VM_IP")
* # Hybrid connectivity NEG
* hybrid = gcp.compute.NetworkEndpointGroup("hybrid",
* name="hybrid-neg",
* network=default.id,
* default_port=90,
* zone="us-central1-a",
* network_endpoint_type="NON_GCP_PRIVATE_IP_PORT")
* hybrid_endpoint = gcp.compute.NetworkEndpoint("hybrid-endpoint",
* network_endpoint_group=hybrid.name,
* port=hybrid.default_port,
* ip_address="127.0.0.1")
* default_health_check = gcp.compute.HealthCheck("default",
* name="health-check",
* timeout_sec=1,
* check_interval_sec=1,
* tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
* port=80,
* ))
* # Backend service for Zonal NEG
* default_backend_service = gcp.compute.BackendService("default",
* name="backend-default",
* port_name="http",
* protocol="HTTP",
* timeout_sec=10,
* backends=[gcp.compute.BackendServiceBackendArgs(
* group=default_network_endpoint_group.id,
* balancing_mode="RATE",
* max_rate_per_endpoint=10,
* )],
* health_checks=default_health_check.id)
* # Backgend service for Hybrid NEG
* hybrid_backend_service = gcp.compute.BackendService("hybrid",
* name="backend-hybrid",
* port_name="http",
* protocol="HTTP",
* timeout_sec=10,
* backends=[gcp.compute.BackendServiceBackendArgs(
* group=hybrid.id,
* balancing_mode="RATE",
* max_rate_per_endpoint=10,
* )],
* health_checks=default_health_check.id)
* default_url_map = gcp.compute.URLMap("default",
* name="url-map-target-proxy",
* description="a description",
* default_service=default_backend_service.id,
* host_rules=[gcp.compute.URLMapHostRuleArgs(
* hosts=["mysite.com"],
* path_matcher="allpaths",
* )],
* path_matchers=[gcp.compute.URLMapPathMatcherArgs(
* name="allpaths",
* default_service=default_backend_service.id,
* path_rules=[
* gcp.compute.URLMapPathMatcherPathRuleArgs(
* paths=["/*"],
* service=default_backend_service.id,
* ),
* gcp.compute.URLMapPathMatcherPathRuleArgs(
* paths=["/hybrid"],
* service=hybrid_backend_service.id,
* ),
* ],
* )])
* default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
* name="target-proxy",
* description="a description",
* url_map=default_url_map.id)
* default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
* name="global-rule",
* target=default_target_http_proxy.id,
* port_range="80")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var config = new Config();
* var subnetworkCidr = config.Get("subnetworkCidr") ?? "10.0.0.0/24";
* var @default = new Gcp.Compute.Network("default", new()
* {
* Name = "my-network",
* });
* var @internal = new Gcp.Compute.Network("internal", new()
* {
* Name = "my-internal-network",
* AutoCreateSubnetworks = false,
* });
* var internalSubnetwork = new Gcp.Compute.Subnetwork("internal", new()
* {
* Name = "my-subnetwork",
* Network = @internal.Id,
* IpCidrRange = subnetworkCidr,
* Region = "us-central1",
* PrivateIpGoogleAccess = true,
* });
* // Zonal NEG with GCE_VM_IP_PORT
* var defaultNetworkEndpointGroup = new Gcp.Compute.NetworkEndpointGroup("default", new()
* {
* Name = "default-neg",
* Network = @default.Id,
* DefaultPort = 90,
* Zone = "us-central1-a",
* NetworkEndpointType = "GCE_VM_IP_PORT",
* });
* // Zonal NEG with GCE_VM_IP
* var internalNetworkEndpointGroup = new Gcp.Compute.NetworkEndpointGroup("internal", new()
* {
* Name = "internal-neg",
* Network = @internal.Id,
* Subnetwork = internalSubnetwork.Id,
* Zone = "us-central1-a",
* NetworkEndpointType = "GCE_VM_IP",
* });
* // Hybrid connectivity NEG
* var hybrid = new Gcp.Compute.NetworkEndpointGroup("hybrid", new()
* {
* Name = "hybrid-neg",
* Network = @default.Id,
* DefaultPort = 90,
* Zone = "us-central1-a",
* NetworkEndpointType = "NON_GCP_PRIVATE_IP_PORT",
* });
* var hybrid_endpoint = new Gcp.Compute.NetworkEndpoint("hybrid-endpoint", new()
* {
* NetworkEndpointGroup = hybrid.Name,
* Port = hybrid.DefaultPort,
* IpAddress = "127.0.0.1",
* });
* var defaultHealthCheck = new Gcp.Compute.HealthCheck("default", new()
* {
* Name = "health-check",
* TimeoutSec = 1,
* CheckIntervalSec = 1,
* TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
* {
* Port = 80,
* },
* });
* // Backend service for Zonal NEG
* var defaultBackendService = new Gcp.Compute.BackendService("default", new()
* {
* Name = "backend-default",
* PortName = "http",
* Protocol = "HTTP",
* TimeoutSec = 10,
* Backends = new[]
* {
* new Gcp.Compute.Inputs.BackendServiceBackendArgs
* {
* Group = defaultNetworkEndpointGroup.Id,
* BalancingMode = "RATE",
* MaxRatePerEndpoint = 10,
* },
* },
* HealthChecks = defaultHealthCheck.Id,
* });
* // Backgend service for Hybrid NEG
* var hybridBackendService = new Gcp.Compute.BackendService("hybrid", new()
* {
* Name = "backend-hybrid",
* PortName = "http",
* Protocol = "HTTP",
* TimeoutSec = 10,
* Backends = new[]
* {
* new Gcp.Compute.Inputs.BackendServiceBackendArgs
* {
* Group = hybrid.Id,
* BalancingMode = "RATE",
* MaxRatePerEndpoint = 10,
* },
* },
* HealthChecks = defaultHealthCheck.Id,
* });
* var defaultURLMap = new Gcp.Compute.URLMap("default", new()
* {
* Name = "url-map-target-proxy",
* Description = "a description",
* DefaultService = defaultBackendService.Id,
* HostRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapHostRuleArgs
* {
* Hosts = new[]
* {
* "mysite.com",
* },
* PathMatcher = "allpaths",
* },
* },
* PathMatchers = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherArgs
* {
* Name = "allpaths",
* DefaultService = defaultBackendService.Id,
* PathRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
* {
* Paths = new[]
* {
* "/*",
* },
* Service = defaultBackendService.Id,
* },
* new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
* {
* Paths = new[]
* {
* "/hybrid",
* },
* Service = hybridBackendService.Id,
* },
* },
* },
* },
* });
* var defaultTargetHttpProxy = new Gcp.Compute.TargetHttpProxy("default", new()
* {
* Name = "target-proxy",
* Description = "a description",
* UrlMap = defaultURLMap.Id,
* });
* var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("default", new()
* {
* Name = "global-rule",
* Target = defaultTargetHttpProxy.Id,
* PortRange = "80",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* cfg := config.New(ctx, "")
* subnetworkCidr := "10.0.0.0/24"
* if param := cfg.Get("subnetworkCidr"); param != "" {
* subnetworkCidr = param
* }
* _, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
* Name: pulumi.String("my-network"),
* })
* if err != nil {
* return err
* }
* internal, err := compute.NewNetwork(ctx, "internal", &compute.NetworkArgs{
* Name: pulumi.String("my-internal-network"),
* AutoCreateSubnetworks: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* internalSubnetwork, err := compute.NewSubnetwork(ctx, "internal", &compute.SubnetworkArgs{
* Name: pulumi.String("my-subnetwork"),
* Network: internal.ID(),
* IpCidrRange: pulumi.String(subnetworkCidr),
* Region: pulumi.String("us-central1"),
* PrivateIpGoogleAccess: pulumi.Bool(true),
* })
* if err != nil {
* return err
* }
* // Zonal NEG with GCE_VM_IP_PORT
* defaultNetworkEndpointGroup, err := compute.NewNetworkEndpointGroup(ctx, "default", &compute.NetworkEndpointGroupArgs{
* Name: pulumi.String("default-neg"),
* Network: _default.ID(),
* DefaultPort: pulumi.Int(90),
* Zone: pulumi.String("us-central1-a"),
* NetworkEndpointType: pulumi.String("GCE_VM_IP_PORT"),
* })
* if err != nil {
* return err
* }
* // Zonal NEG with GCE_VM_IP
* _, err = compute.NewNetworkEndpointGroup(ctx, "internal", &compute.NetworkEndpointGroupArgs{
* Name: pulumi.String("internal-neg"),
* Network: internal.ID(),
* Subnetwork: internalSubnetwork.ID(),
* Zone: pulumi.String("us-central1-a"),
* NetworkEndpointType: pulumi.String("GCE_VM_IP"),
* })
* if err != nil {
* return err
* }
* // Hybrid connectivity NEG
* hybrid, err := compute.NewNetworkEndpointGroup(ctx, "hybrid", &compute.NetworkEndpointGroupArgs{
* Name: pulumi.String("hybrid-neg"),
* Network: _default.ID(),
* DefaultPort: pulumi.Int(90),
* Zone: pulumi.String("us-central1-a"),
* NetworkEndpointType: pulumi.String("NON_GCP_PRIVATE_IP_PORT"),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewNetworkEndpoint(ctx, "hybrid-endpoint", &compute.NetworkEndpointArgs{
* NetworkEndpointGroup: hybrid.Name,
* Port: hybrid.DefaultPort,
* IpAddress: pulumi.String("127.0.0.1"),
* })
* if err != nil {
* return err
* }
* defaultHealthCheck, err := compute.NewHealthCheck(ctx, "default", &compute.HealthCheckArgs{
* Name: pulumi.String("health-check"),
* TimeoutSec: pulumi.Int(1),
* CheckIntervalSec: pulumi.Int(1),
* TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
* Port: pulumi.Int(80),
* },
* })
* if err != nil {
* return err
* }
* // Backend service for Zonal NEG
* defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
* Name: pulumi.String("backend-default"),
* PortName: pulumi.String("http"),
* Protocol: pulumi.String("HTTP"),
* TimeoutSec: pulumi.Int(10),
* Backends: compute.BackendServiceBackendArray{
* &compute.BackendServiceBackendArgs{
* Group: defaultNetworkEndpointGroup.ID(),
* BalancingMode: pulumi.String("RATE"),
* MaxRatePerEndpoint: pulumi.Float64(10),
* },
* },
* HealthChecks: defaultHealthCheck.ID(),
* })
* if err != nil {
* return err
* }
* // Backgend service for Hybrid NEG
* hybridBackendService, err := compute.NewBackendService(ctx, "hybrid", &compute.BackendServiceArgs{
* Name: pulumi.String("backend-hybrid"),
* PortName: pulumi.String("http"),
* Protocol: pulumi.String("HTTP"),
* TimeoutSec: pulumi.Int(10),
* Backends: compute.BackendServiceBackendArray{
* &compute.BackendServiceBackendArgs{
* Group: hybrid.ID(),
* BalancingMode: pulumi.String("RATE"),
* MaxRatePerEndpoint: pulumi.Float64(10),
* },
* },
* HealthChecks: defaultHealthCheck.ID(),
* })
* if err != nil {
* return err
* }
* defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
* Name: pulumi.String("url-map-target-proxy"),
* Description: pulumi.String("a description"),
* DefaultService: defaultBackendService.ID(),
* HostRules: compute.URLMapHostRuleArray{
* &compute.URLMapHostRuleArgs{
* Hosts: pulumi.StringArray{
* pulumi.String("mysite.com"),
* },
* PathMatcher: pulumi.String("allpaths"),
* },
* },
* PathMatchers: compute.URLMapPathMatcherArray{
* &compute.URLMapPathMatcherArgs{
* Name: pulumi.String("allpaths"),
* DefaultService: defaultBackendService.ID(),
* PathRules: compute.URLMapPathMatcherPathRuleArray{
* &compute.URLMapPathMatcherPathRuleArgs{
* Paths: pulumi.StringArray{
* pulumi.String("/*"),
* },
* Service: defaultBackendService.ID(),
* },
* &compute.URLMapPathMatcherPathRuleArgs{
* Paths: pulumi.StringArray{
* pulumi.String("/hybrid"),
* },
* Service: hybridBackendService.ID(),
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* defaultTargetHttpProxy, err := compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{
* Name: pulumi.String("target-proxy"),
* Description: pulumi.String("a description"),
* UrlMap: defaultURLMap.ID(),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{
* Name: pulumi.String("global-rule"),
* Target: defaultTargetHttpProxy.ID(),
* PortRange: pulumi.String("80"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.Network;
* import com.pulumi.gcp.compute.NetworkArgs;
* import com.pulumi.gcp.compute.Subnetwork;
* import com.pulumi.gcp.compute.SubnetworkArgs;
* import com.pulumi.gcp.compute.NetworkEndpointGroup;
* import com.pulumi.gcp.compute.NetworkEndpointGroupArgs;
* import com.pulumi.gcp.compute.NetworkEndpoint;
* import com.pulumi.gcp.compute.NetworkEndpointArgs;
* import com.pulumi.gcp.compute.HealthCheck;
* import com.pulumi.gcp.compute.HealthCheckArgs;
* import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
* import com.pulumi.gcp.compute.BackendService;
* import com.pulumi.gcp.compute.BackendServiceArgs;
* import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
* import com.pulumi.gcp.compute.URLMap;
* import com.pulumi.gcp.compute.URLMapArgs;
* import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
* import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
* import com.pulumi.gcp.compute.TargetHttpProxy;
* import com.pulumi.gcp.compute.TargetHttpProxyArgs;
* import com.pulumi.gcp.compute.GlobalForwardingRule;
* import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var config = ctx.config();
* final var subnetworkCidr = config.get("subnetworkCidr").orElse("10.0.0.0/24");
* var default_ = new Network("default", NetworkArgs.builder()
* .name("my-network")
* .build());
* var internal = new Network("internal", NetworkArgs.builder()
* .name("my-internal-network")
* .autoCreateSubnetworks(false)
* .build());
* var internalSubnetwork = new Subnetwork("internalSubnetwork", SubnetworkArgs.builder()
* .name("my-subnetwork")
* .network(internal.id())
* .ipCidrRange(subnetworkCidr)
* .region("us-central1")
* .privateIpGoogleAccess(true)
* .build());
* // Zonal NEG with GCE_VM_IP_PORT
* var defaultNetworkEndpointGroup = new NetworkEndpointGroup("defaultNetworkEndpointGroup", NetworkEndpointGroupArgs.builder()
* .name("default-neg")
* .network(default_.id())
* .defaultPort("90")
* .zone("us-central1-a")
* .networkEndpointType("GCE_VM_IP_PORT")
* .build());
* // Zonal NEG with GCE_VM_IP
* var internalNetworkEndpointGroup = new NetworkEndpointGroup("internalNetworkEndpointGroup", NetworkEndpointGroupArgs.builder()
* .name("internal-neg")
* .network(internal.id())
* .subnetwork(internalSubnetwork.id())
* .zone("us-central1-a")
* .networkEndpointType("GCE_VM_IP")
* .build());
* // Hybrid connectivity NEG
* var hybrid = new NetworkEndpointGroup("hybrid", NetworkEndpointGroupArgs.builder()
* .name("hybrid-neg")
* .network(default_.id())
* .defaultPort("90")
* .zone("us-central1-a")
* .networkEndpointType("NON_GCP_PRIVATE_IP_PORT")
* .build());
* var hybrid_endpoint = new NetworkEndpoint("hybrid-endpoint", NetworkEndpointArgs.builder()
* .networkEndpointGroup(hybrid.name())
* .port(hybrid.defaultPort())
* .ipAddress("127.0.0.1")
* .build());
* var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()
* .name("health-check")
* .timeoutSec(1)
* .checkIntervalSec(1)
* .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
* .port("80")
* .build())
* .build());
* // Backend service for Zonal NEG
* var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
* .name("backend-default")
* .portName("http")
* .protocol("HTTP")
* .timeoutSec(10)
* .backends(BackendServiceBackendArgs.builder()
* .group(defaultNetworkEndpointGroup.id())
* .balancingMode("RATE")
* .maxRatePerEndpoint(10)
* .build())
* .healthChecks(defaultHealthCheck.id())
* .build());
* // Backgend service for Hybrid NEG
* var hybridBackendService = new BackendService("hybridBackendService", BackendServiceArgs.builder()
* .name("backend-hybrid")
* .portName("http")
* .protocol("HTTP")
* .timeoutSec(10)
* .backends(BackendServiceBackendArgs.builder()
* .group(hybrid.id())
* .balancingMode("RATE")
* .maxRatePerEndpoint(10)
* .build())
* .healthChecks(defaultHealthCheck.id())
* .build());
* var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
* .name("url-map-target-proxy")
* .description("a description")
* .defaultService(defaultBackendService.id())
* .hostRules(URLMapHostRuleArgs.builder()
* .hosts("mysite.com")
* .pathMatcher("allpaths")
* .build())
* .pathMatchers(URLMapPathMatcherArgs.builder()
* .name("allpaths")
* .defaultService(defaultBackendService.id())
* .pathRules(
* URLMapPathMatcherPathRuleArgs.builder()
* .paths("/*")
* .service(defaultBackendService.id())
* .build(),
* URLMapPathMatcherPathRuleArgs.builder()
* .paths("/hybrid")
* .service(hybridBackendService.id())
* .build())
* .build())
* .build());
* var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()
* .name("target-proxy")
* .description("a description")
* .urlMap(defaultURLMap.id())
* .build());
* var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
* .name("global-rule")
* .target(defaultTargetHttpProxy.id())
* .portRange("80")
* .build());
* }
* }
* ```
* ```yaml
* configuration:
* # Roughly mirrors https://cloud.google.com/load-balancing/docs/https/setting-up-ext-https-hybrid
* subnetworkCidr:
* type: string
* default: 10.0.0.0/24
* resources:
* default:
* type: gcp:compute:Network
* properties:
* name: my-network
* internal:
* type: gcp:compute:Network
* properties:
* name: my-internal-network
* autoCreateSubnetworks: false
* internalSubnetwork:
* type: gcp:compute:Subnetwork
* name: internal
* properties:
* name: my-subnetwork
* network: ${internal.id}
* ipCidrRange: ${subnetworkCidr}
* region: us-central1
* privateIpGoogleAccess: true
* # Zonal NEG with GCE_VM_IP_PORT
* defaultNetworkEndpointGroup:
* type: gcp:compute:NetworkEndpointGroup
* name: default
* properties:
* name: default-neg
* network: ${default.id}
* defaultPort: '90'
* zone: us-central1-a
* networkEndpointType: GCE_VM_IP_PORT
* # Zonal NEG with GCE_VM_IP
* internalNetworkEndpointGroup:
* type: gcp:compute:NetworkEndpointGroup
* name: internal
* properties:
* name: internal-neg
* network: ${internal.id}
* subnetwork: ${internalSubnetwork.id}
* zone: us-central1-a
* networkEndpointType: GCE_VM_IP
* # Hybrid connectivity NEG
* hybrid:
* type: gcp:compute:NetworkEndpointGroup
* properties:
* name: hybrid-neg
* network: ${default.id}
* defaultPort: '90'
* zone: us-central1-a
* networkEndpointType: NON_GCP_PRIVATE_IP_PORT
* hybrid-endpoint:
* type: gcp:compute:NetworkEndpoint
* properties:
* networkEndpointGroup: ${hybrid.name}
* port: ${hybrid.defaultPort}
* ipAddress: 127.0.0.1
* # Backend service for Zonal NEG
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: backend-default
* portName: http
* protocol: HTTP
* timeoutSec: 10
* backends:
* - group: ${defaultNetworkEndpointGroup.id}
* balancingMode: RATE
* maxRatePerEndpoint: 10
* healthChecks: ${defaultHealthCheck.id}
* # Backgend service for Hybrid NEG
* hybridBackendService:
* type: gcp:compute:BackendService
* name: hybrid
* properties:
* name: backend-hybrid
* portName: http
* protocol: HTTP
* timeoutSec: 10
* backends:
* - group: ${hybrid.id}
* balancingMode: RATE
* maxRatePerEndpoint: 10
* healthChecks: ${defaultHealthCheck.id}
* defaultHealthCheck:
* type: gcp:compute:HealthCheck
* name: default
* properties:
* name: health-check
* timeoutSec: 1
* checkIntervalSec: 1
* tcpHealthCheck:
* port: '80'
* defaultURLMap:
* type: gcp:compute:URLMap
* name: default
* properties:
* name: url-map-target-proxy
* description: a description
* defaultService: ${defaultBackendService.id}
* hostRules:
* - hosts:
* - mysite.com
* pathMatcher: allpaths
* pathMatchers:
* - name: allpaths
* defaultService: ${defaultBackendService.id}
* pathRules:
* - paths:
* - /*
* service: ${defaultBackendService.id}
* - paths:
* - /hybrid
* service: ${hybridBackendService.id}
* defaultTargetHttpProxy:
* type: gcp:compute:TargetHttpProxy
* name: default
* properties:
* name: target-proxy
* description: a description
* urlMap: ${defaultURLMap.id}
* defaultGlobalForwardingRule:
* type: gcp:compute:GlobalForwardingRule
* name: default
* properties:
* name: global-rule
* target: ${defaultTargetHttpProxy.id}
* portRange: '80'
* ```
*
* ### Global Internal Http Lb With Mig Backend
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* // Global Internal HTTP load balancer with a managed instance group backend
* // VPC network
* const gilbNetwork = new gcp.compute.Network("gilb_network", {
* name: "l7-gilb-network",
* autoCreateSubnetworks: false,
* });
* // proxy-only subnet
* const proxySubnet = new gcp.compute.Subnetwork("proxy_subnet", {
* name: "l7-gilb-proxy-subnet",
* ipCidrRange: "10.0.0.0/24",
* region: "europe-west1",
* purpose: "GLOBAL_MANAGED_PROXY",
* role: "ACTIVE",
* network: gilbNetwork.id,
* });
* // backend subnet
* const gilbSubnet = new gcp.compute.Subnetwork("gilb_subnet", {
* name: "l7-gilb-subnet",
* ipCidrRange: "10.0.1.0/24",
* region: "europe-west1",
* network: gilbNetwork.id,
* });
* // health check
* const defaultHealthCheck = new gcp.compute.HealthCheck("default", {
* name: "l7-gilb-hc",
* httpHealthCheck: {
* portSpecification: "USE_SERVING_PORT",
* },
* });
* // instance template
* const instanceTemplate = new gcp.compute.InstanceTemplate("instance_template", {
* networkInterfaces: [{
* accessConfigs: [{}],
* network: gilbNetwork.id,
* subnetwork: gilbSubnet.id,
* }],
* name: "l7-gilb-mig-template",
* machineType: "e2-small",
* tags: ["http-server"],
* disks: [{
* sourceImage: "debian-cloud/debian-10",
* autoDelete: true,
* boot: true,
* }],
* metadata: {
* "startup-script": `#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: NAME
* IP: IP
* Metadata: METADATA
*
* EOF
* `,
* },
* });
* // MIG
* const mig = new gcp.compute.InstanceGroupManager("mig", {
* name: "l7-gilb-mig1",
* zone: "europe-west1-b",
* versions: [{
* instanceTemplate: instanceTemplate.id,
* name: "primary",
* }],
* baseInstanceName: "vm",
* targetSize: 2,
* });
* // backend service
* const defaultBackendService = new gcp.compute.BackendService("default", {
* name: "l7-gilb-backend-subnet",
* protocol: "HTTP",
* loadBalancingScheme: "INTERNAL_MANAGED",
* timeoutSec: 10,
* healthChecks: defaultHealthCheck.id,
* backends: [{
* group: mig.instanceGroup,
* balancingMode: "UTILIZATION",
* capacityScaler: 1,
* }],
* });
* // URL map
* const defaultURLMap = new gcp.compute.URLMap("default", {
* name: "l7-gilb-url-map",
* defaultService: defaultBackendService.id,
* });
* // HTTP target proxy
* const _default = new gcp.compute.TargetHttpProxy("default", {
* name: "l7-gilb-target-http-proxy",
* urlMap: defaultURLMap.id,
* });
* // forwarding rule
* const googleComputeForwardingRule = new gcp.compute.GlobalForwardingRule("google_compute_forwarding_rule", {
* name: "l7-gilb-forwarding-rule",
* ipProtocol: "TCP",
* loadBalancingScheme: "INTERNAL_MANAGED",
* portRange: "80",
* target: _default.id,
* network: gilbNetwork.id,
* subnetwork: gilbSubnet.id,
* });
* // allow all access from IAP and health check ranges
* const fw_iap = new gcp.compute.Firewall("fw-iap", {
* name: "l7-gilb-fw-allow-iap-hc",
* direction: "INGRESS",
* network: gilbNetwork.id,
* sourceRanges: [
* "130.211.0.0/22",
* "35.191.0.0/16",
* "35.235.240.0/20",
* ],
* allows: [{
* protocol: "tcp",
* }],
* });
* // allow http from proxy subnet to backends
* const fw_gilb_to_backends = new gcp.compute.Firewall("fw-gilb-to-backends", {
* name: "l7-gilb-fw-allow-gilb-to-backends",
* direction: "INGRESS",
* network: gilbNetwork.id,
* sourceRanges: ["10.0.0.0/24"],
* targetTags: ["http-server"],
* allows: [{
* protocol: "tcp",
* ports: [
* "80",
* "443",
* "8080",
* ],
* }],
* });
* // test instance
* const vm_test = new gcp.compute.Instance("vm-test", {
* name: "l7-gilb-test-vm",
* zone: "europe-west1-b",
* machineType: "e2-small",
* networkInterfaces: [{
* network: gilbNetwork.id,
* subnetwork: gilbSubnet.id,
* }],
* bootDisk: {
* initializeParams: {
* image: "debian-cloud/debian-10",
* },
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* # Global Internal HTTP load balancer with a managed instance group backend
* # VPC network
* gilb_network = gcp.compute.Network("gilb_network",
* name="l7-gilb-network",
* auto_create_subnetworks=False)
* # proxy-only subnet
* proxy_subnet = gcp.compute.Subnetwork("proxy_subnet",
* name="l7-gilb-proxy-subnet",
* ip_cidr_range="10.0.0.0/24",
* region="europe-west1",
* purpose="GLOBAL_MANAGED_PROXY",
* role="ACTIVE",
* network=gilb_network.id)
* # backend subnet
* gilb_subnet = gcp.compute.Subnetwork("gilb_subnet",
* name="l7-gilb-subnet",
* ip_cidr_range="10.0.1.0/24",
* region="europe-west1",
* network=gilb_network.id)
* # health check
* default_health_check = gcp.compute.HealthCheck("default",
* name="l7-gilb-hc",
* http_health_check=gcp.compute.HealthCheckHttpHealthCheckArgs(
* port_specification="USE_SERVING_PORT",
* ))
* # instance template
* instance_template = gcp.compute.InstanceTemplate("instance_template",
* network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
* access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
* network=gilb_network.id,
* subnetwork=gilb_subnet.id,
* )],
* name="l7-gilb-mig-template",
* machine_type="e2-small",
* tags=["http-server"],
* disks=[gcp.compute.InstanceTemplateDiskArgs(
* source_image="debian-cloud/debian-10",
* auto_delete=True,
* boot=True,
* )],
* metadata={
* "startup-script": """#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* """,
* })
* # MIG
* mig = gcp.compute.InstanceGroupManager("mig",
* name="l7-gilb-mig1",
* zone="europe-west1-b",
* versions=[gcp.compute.InstanceGroupManagerVersionArgs(
* instance_template=instance_template.id,
* name="primary",
* )],
* base_instance_name="vm",
* target_size=2)
* # backend service
* default_backend_service = gcp.compute.BackendService("default",
* name="l7-gilb-backend-subnet",
* protocol="HTTP",
* load_balancing_scheme="INTERNAL_MANAGED",
* timeout_sec=10,
* health_checks=default_health_check.id,
* backends=[gcp.compute.BackendServiceBackendArgs(
* group=mig.instance_group,
* balancing_mode="UTILIZATION",
* capacity_scaler=1,
* )])
* # URL map
* default_url_map = gcp.compute.URLMap("default",
* name="l7-gilb-url-map",
* default_service=default_backend_service.id)
* # HTTP target proxy
* default = gcp.compute.TargetHttpProxy("default",
* name="l7-gilb-target-http-proxy",
* url_map=default_url_map.id)
* # forwarding rule
* google_compute_forwarding_rule = gcp.compute.GlobalForwardingRule("google_compute_forwarding_rule",
* name="l7-gilb-forwarding-rule",
* ip_protocol="TCP",
* load_balancing_scheme="INTERNAL_MANAGED",
* port_range="80",
* target=default.id,
* network=gilb_network.id,
* subnetwork=gilb_subnet.id)
* # allow all access from IAP and health check ranges
* fw_iap = gcp.compute.Firewall("fw-iap",
* name="l7-gilb-fw-allow-iap-hc",
* direction="INGRESS",
* network=gilb_network.id,
* source_ranges=[
* "130.211.0.0/22",
* "35.191.0.0/16",
* "35.235.240.0/20",
* ],
* allows=[gcp.compute.FirewallAllowArgs(
* protocol="tcp",
* )])
* # allow http from proxy subnet to backends
* fw_gilb_to_backends = gcp.compute.Firewall("fw-gilb-to-backends",
* name="l7-gilb-fw-allow-gilb-to-backends",
* direction="INGRESS",
* network=gilb_network.id,
* source_ranges=["10.0.0.0/24"],
* target_tags=["http-server"],
* allows=[gcp.compute.FirewallAllowArgs(
* protocol="tcp",
* ports=[
* "80",
* "443",
* "8080",
* ],
* )])
* # test instance
* vm_test = gcp.compute.Instance("vm-test",
* name="l7-gilb-test-vm",
* zone="europe-west1-b",
* machine_type="e2-small",
* network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(
* network=gilb_network.id,
* subnetwork=gilb_subnet.id,
* )],
* boot_disk=gcp.compute.InstanceBootDiskArgs(
* initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(
* image="debian-cloud/debian-10",
* ),
* ))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* // Global Internal HTTP load balancer with a managed instance group backend
* // VPC network
* var gilbNetwork = new Gcp.Compute.Network("gilb_network", new()
* {
* Name = "l7-gilb-network",
* AutoCreateSubnetworks = false,
* });
* // proxy-only subnet
* var proxySubnet = new Gcp.Compute.Subnetwork("proxy_subnet", new()
* {
* Name = "l7-gilb-proxy-subnet",
* IpCidrRange = "10.0.0.0/24",
* Region = "europe-west1",
* Purpose = "GLOBAL_MANAGED_PROXY",
* Role = "ACTIVE",
* Network = gilbNetwork.Id,
* });
* // backend subnet
* var gilbSubnet = new Gcp.Compute.Subnetwork("gilb_subnet", new()
* {
* Name = "l7-gilb-subnet",
* IpCidrRange = "10.0.1.0/24",
* Region = "europe-west1",
* Network = gilbNetwork.Id,
* });
* // health check
* var defaultHealthCheck = new Gcp.Compute.HealthCheck("default", new()
* {
* Name = "l7-gilb-hc",
* HttpHealthCheck = new Gcp.Compute.Inputs.HealthCheckHttpHealthCheckArgs
* {
* PortSpecification = "USE_SERVING_PORT",
* },
* });
* // instance template
* var instanceTemplate = new Gcp.Compute.InstanceTemplate("instance_template", new()
* {
* NetworkInterfaces = new[]
* {
* new Gcp.Compute.Inputs.InstanceTemplateNetworkInterfaceArgs
* {
* AccessConfigs = new[]
* {
* null,
* },
* Network = gilbNetwork.Id,
* Subnetwork = gilbSubnet.Id,
* },
* },
* Name = "l7-gilb-mig-template",
* MachineType = "e2-small",
* Tags = new[]
* {
* "http-server",
* },
* Disks = new[]
* {
* new Gcp.Compute.Inputs.InstanceTemplateDiskArgs
* {
* SourceImage = "debian-cloud/debian-10",
* AutoDelete = true,
* Boot = true,
* },
* },
* Metadata =
* {
* { "startup-script", @"#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/hostname"")
* IP=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip"")
* METADATA=$(curl -f -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True"" | jq 'del(.[""startup-script""])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* " },
* },
* });
* // MIG
* var mig = new Gcp.Compute.InstanceGroupManager("mig", new()
* {
* Name = "l7-gilb-mig1",
* Zone = "europe-west1-b",
* Versions = new[]
* {
* new Gcp.Compute.Inputs.InstanceGroupManagerVersionArgs
* {
* InstanceTemplate = instanceTemplate.Id,
* Name = "primary",
* },
* },
* BaseInstanceName = "vm",
* TargetSize = 2,
* });
* // backend service
* var defaultBackendService = new Gcp.Compute.BackendService("default", new()
* {
* Name = "l7-gilb-backend-subnet",
* Protocol = "HTTP",
* LoadBalancingScheme = "INTERNAL_MANAGED",
* TimeoutSec = 10,
* HealthChecks = defaultHealthCheck.Id,
* Backends = new[]
* {
* new Gcp.Compute.Inputs.BackendServiceBackendArgs
* {
* Group = mig.InstanceGroup,
* BalancingMode = "UTILIZATION",
* CapacityScaler = 1,
* },
* },
* });
* // URL map
* var defaultURLMap = new Gcp.Compute.URLMap("default", new()
* {
* Name = "l7-gilb-url-map",
* DefaultService = defaultBackendService.Id,
* });
* // HTTP target proxy
* var @default = new Gcp.Compute.TargetHttpProxy("default", new()
* {
* Name = "l7-gilb-target-http-proxy",
* UrlMap = defaultURLMap.Id,
* });
* // forwarding rule
* var googleComputeForwardingRule = new Gcp.Compute.GlobalForwardingRule("google_compute_forwarding_rule", new()
* {
* Name = "l7-gilb-forwarding-rule",
* IpProtocol = "TCP",
* LoadBalancingScheme = "INTERNAL_MANAGED",
* PortRange = "80",
* Target = @default.Id,
* Network = gilbNetwork.Id,
* Subnetwork = gilbSubnet.Id,
* });
* // allow all access from IAP and health check ranges
* var fw_iap = new Gcp.Compute.Firewall("fw-iap", new()
* {
* Name = "l7-gilb-fw-allow-iap-hc",
* Direction = "INGRESS",
* Network = gilbNetwork.Id,
* SourceRanges = new[]
* {
* "130.211.0.0/22",
* "35.191.0.0/16",
* "35.235.240.0/20",
* },
* Allows = new[]
* {
* new Gcp.Compute.Inputs.FirewallAllowArgs
* {
* Protocol = "tcp",
* },
* },
* });
* // allow http from proxy subnet to backends
* var fw_gilb_to_backends = new Gcp.Compute.Firewall("fw-gilb-to-backends", new()
* {
* Name = "l7-gilb-fw-allow-gilb-to-backends",
* Direction = "INGRESS",
* Network = gilbNetwork.Id,
* SourceRanges = new[]
* {
* "10.0.0.0/24",
* },
* TargetTags = new[]
* {
* "http-server",
* },
* Allows = new[]
* {
* new Gcp.Compute.Inputs.FirewallAllowArgs
* {
* Protocol = "tcp",
* Ports = new[]
* {
* "80",
* "443",
* "8080",
* },
* },
* },
* });
* // test instance
* var vm_test = new Gcp.Compute.Instance("vm-test", new()
* {
* Name = "l7-gilb-test-vm",
* Zone = "europe-west1-b",
* MachineType = "e2-small",
* NetworkInterfaces = new[]
* {
* new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs
* {
* Network = gilbNetwork.Id,
* Subnetwork = gilbSubnet.Id,
* },
* },
* BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs
* {
* InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs
* {
* Image = "debian-cloud/debian-10",
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* // Global Internal HTTP load balancer with a managed instance group backend
* // VPC network
* gilbNetwork, err := compute.NewNetwork(ctx, "gilb_network", &compute.NetworkArgs{
* Name: pulumi.String("l7-gilb-network"),
* AutoCreateSubnetworks: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* // proxy-only subnet
* _, err = compute.NewSubnetwork(ctx, "proxy_subnet", &compute.SubnetworkArgs{
* Name: pulumi.String("l7-gilb-proxy-subnet"),
* IpCidrRange: pulumi.String("10.0.0.0/24"),
* Region: pulumi.String("europe-west1"),
* Purpose: pulumi.String("GLOBAL_MANAGED_PROXY"),
* Role: pulumi.String("ACTIVE"),
* Network: gilbNetwork.ID(),
* })
* if err != nil {
* return err
* }
* // backend subnet
* gilbSubnet, err := compute.NewSubnetwork(ctx, "gilb_subnet", &compute.SubnetworkArgs{
* Name: pulumi.String("l7-gilb-subnet"),
* IpCidrRange: pulumi.String("10.0.1.0/24"),
* Region: pulumi.String("europe-west1"),
* Network: gilbNetwork.ID(),
* })
* if err != nil {
* return err
* }
* // health check
* defaultHealthCheck, err := compute.NewHealthCheck(ctx, "default", &compute.HealthCheckArgs{
* Name: pulumi.String("l7-gilb-hc"),
* HttpHealthCheck: &compute.HealthCheckHttpHealthCheckArgs{
* PortSpecification: pulumi.String("USE_SERVING_PORT"),
* },
* })
* if err != nil {
* return err
* }
* // instance template
* instanceTemplate, err := compute.NewInstanceTemplate(ctx, "instance_template", &compute.InstanceTemplateArgs{
* NetworkInterfaces: compute.InstanceTemplateNetworkInterfaceArray{
* &compute.InstanceTemplateNetworkInterfaceArgs{
* AccessConfigs: compute.InstanceTemplateNetworkInterfaceAccessConfigArray{
* nil,
* },
* Network: gilbNetwork.ID(),
* Subnetwork: gilbSubnet.ID(),
* },
* },
* Name: pulumi.String("l7-gilb-mig-template"),
* MachineType: pulumi.String("e2-small"),
* Tags: pulumi.StringArray{
* pulumi.String("http-server"),
* },
* Disks: compute.InstanceTemplateDiskArray{
* &compute.InstanceTemplateDiskArgs{
* SourceImage: pulumi.String("debian-cloud/debian-10"),
* AutoDelete: pulumi.Bool(true),
* Boot: pulumi.Bool(true),
* },
* },
* Metadata: pulumi.Map{
* "startup-script": pulumi.Any(`#! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* `),
* },
* })
* if err != nil {
* return err
* }
* // MIG
* mig, err := compute.NewInstanceGroupManager(ctx, "mig", &compute.InstanceGroupManagerArgs{
* Name: pulumi.String("l7-gilb-mig1"),
* Zone: pulumi.String("europe-west1-b"),
* Versions: compute.InstanceGroupManagerVersionArray{
* &compute.InstanceGroupManagerVersionArgs{
* InstanceTemplate: instanceTemplate.ID(),
* Name: pulumi.String("primary"),
* },
* },
* BaseInstanceName: pulumi.String("vm"),
* TargetSize: pulumi.Int(2),
* })
* if err != nil {
* return err
* }
* // backend service
* defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
* Name: pulumi.String("l7-gilb-backend-subnet"),
* Protocol: pulumi.String("HTTP"),
* LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
* TimeoutSec: pulumi.Int(10),
* HealthChecks: defaultHealthCheck.ID(),
* Backends: compute.BackendServiceBackendArray{
* &compute.BackendServiceBackendArgs{
* Group: mig.InstanceGroup,
* BalancingMode: pulumi.String("UTILIZATION"),
* CapacityScaler: pulumi.Float64(1),
* },
* },
* })
* if err != nil {
* return err
* }
* // URL map
* defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
* Name: pulumi.String("l7-gilb-url-map"),
* DefaultService: defaultBackendService.ID(),
* })
* if err != nil {
* return err
* }
* // HTTP target proxy
* _, err = compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{
* Name: pulumi.String("l7-gilb-target-http-proxy"),
* UrlMap: defaultURLMap.ID(),
* })
* if err != nil {
* return err
* }
* // forwarding rule
* _, err = compute.NewGlobalForwardingRule(ctx, "google_compute_forwarding_rule", &compute.GlobalForwardingRuleArgs{
* Name: pulumi.String("l7-gilb-forwarding-rule"),
* IpProtocol: pulumi.String("TCP"),
* LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
* PortRange: pulumi.String("80"),
* Target: _default.ID(),
* Network: gilbNetwork.ID(),
* Subnetwork: gilbSubnet.ID(),
* })
* if err != nil {
* return err
* }
* // allow all access from IAP and health check ranges
* _, err = compute.NewFirewall(ctx, "fw-iap", &compute.FirewallArgs{
* Name: pulumi.String("l7-gilb-fw-allow-iap-hc"),
* Direction: pulumi.String("INGRESS"),
* Network: gilbNetwork.ID(),
* SourceRanges: pulumi.StringArray{
* pulumi.String("130.211.0.0/22"),
* pulumi.String("35.191.0.0/16"),
* pulumi.String("35.235.240.0/20"),
* },
* Allows: compute.FirewallAllowArray{
* &compute.FirewallAllowArgs{
* Protocol: pulumi.String("tcp"),
* },
* },
* })
* if err != nil {
* return err
* }
* // allow http from proxy subnet to backends
* _, err = compute.NewFirewall(ctx, "fw-gilb-to-backends", &compute.FirewallArgs{
* Name: pulumi.String("l7-gilb-fw-allow-gilb-to-backends"),
* Direction: pulumi.String("INGRESS"),
* Network: gilbNetwork.ID(),
* SourceRanges: pulumi.StringArray{
* pulumi.String("10.0.0.0/24"),
* },
* TargetTags: pulumi.StringArray{
* pulumi.String("http-server"),
* },
* Allows: compute.FirewallAllowArray{
* &compute.FirewallAllowArgs{
* Protocol: pulumi.String("tcp"),
* Ports: pulumi.StringArray{
* pulumi.String("80"),
* pulumi.String("443"),
* pulumi.String("8080"),
* },
* },
* },
* })
* if err != nil {
* return err
* }
* // test instance
* _, err = compute.NewInstance(ctx, "vm-test", &compute.InstanceArgs{
* Name: pulumi.String("l7-gilb-test-vm"),
* Zone: pulumi.String("europe-west1-b"),
* MachineType: pulumi.String("e2-small"),
* NetworkInterfaces: compute.InstanceNetworkInterfaceArray{
* &compute.InstanceNetworkInterfaceArgs{
* Network: gilbNetwork.ID(),
* Subnetwork: gilbSubnet.ID(),
* },
* },
* BootDisk: &compute.InstanceBootDiskArgs{
* InitializeParams: &compute.InstanceBootDiskInitializeParamsArgs{
* Image: pulumi.String("debian-cloud/debian-10"),
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.Network;
* import com.pulumi.gcp.compute.NetworkArgs;
* import com.pulumi.gcp.compute.Subnetwork;
* import com.pulumi.gcp.compute.SubnetworkArgs;
* import com.pulumi.gcp.compute.HealthCheck;
* import com.pulumi.gcp.compute.HealthCheckArgs;
* import com.pulumi.gcp.compute.inputs.HealthCheckHttpHealthCheckArgs;
* import com.pulumi.gcp.compute.InstanceTemplate;
* import com.pulumi.gcp.compute.InstanceTemplateArgs;
* import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
* import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
* import com.pulumi.gcp.compute.InstanceGroupManager;
* import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
* import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
* import com.pulumi.gcp.compute.BackendService;
* import com.pulumi.gcp.compute.BackendServiceArgs;
* import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
* import com.pulumi.gcp.compute.URLMap;
* import com.pulumi.gcp.compute.URLMapArgs;
* import com.pulumi.gcp.compute.TargetHttpProxy;
* import com.pulumi.gcp.compute.TargetHttpProxyArgs;
* import com.pulumi.gcp.compute.GlobalForwardingRule;
* import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
* import com.pulumi.gcp.compute.Firewall;
* import com.pulumi.gcp.compute.FirewallArgs;
* import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
* import com.pulumi.gcp.compute.Instance;
* import com.pulumi.gcp.compute.InstanceArgs;
* import com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;
* import com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;
* import com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* // Global Internal HTTP load balancer with a managed instance group backend
* // VPC network
* var gilbNetwork = new Network("gilbNetwork", NetworkArgs.builder()
* .name("l7-gilb-network")
* .autoCreateSubnetworks(false)
* .build());
* // proxy-only subnet
* var proxySubnet = new Subnetwork("proxySubnet", SubnetworkArgs.builder()
* .name("l7-gilb-proxy-subnet")
* .ipCidrRange("10.0.0.0/24")
* .region("europe-west1")
* .purpose("GLOBAL_MANAGED_PROXY")
* .role("ACTIVE")
* .network(gilbNetwork.id())
* .build());
* // backend subnet
* var gilbSubnet = new Subnetwork("gilbSubnet", SubnetworkArgs.builder()
* .name("l7-gilb-subnet")
* .ipCidrRange("10.0.1.0/24")
* .region("europe-west1")
* .network(gilbNetwork.id())
* .build());
* // health check
* var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()
* .name("l7-gilb-hc")
* .httpHealthCheck(HealthCheckHttpHealthCheckArgs.builder()
* .portSpecification("USE_SERVING_PORT")
* .build())
* .build());
* // instance template
* var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
* .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
* .accessConfigs()
* .network(gilbNetwork.id())
* .subnetwork(gilbSubnet.id())
* .build())
* .name("l7-gilb-mig-template")
* .machineType("e2-small")
* .tags("http-server")
* .disks(InstanceTemplateDiskArgs.builder()
* .sourceImage("debian-cloud/debian-10")
* .autoDelete(true)
* .boot(true)
* .build())
* .metadata(Map.of("startup-script", """
* #! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* """))
* .build());
* // MIG
* var mig = new InstanceGroupManager("mig", InstanceGroupManagerArgs.builder()
* .name("l7-gilb-mig1")
* .zone("europe-west1-b")
* .versions(InstanceGroupManagerVersionArgs.builder()
* .instanceTemplate(instanceTemplate.id())
* .name("primary")
* .build())
* .baseInstanceName("vm")
* .targetSize(2)
* .build());
* // backend service
* var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
* .name("l7-gilb-backend-subnet")
* .protocol("HTTP")
* .loadBalancingScheme("INTERNAL_MANAGED")
* .timeoutSec(10)
* .healthChecks(defaultHealthCheck.id())
* .backends(BackendServiceBackendArgs.builder()
* .group(mig.instanceGroup())
* .balancingMode("UTILIZATION")
* .capacityScaler(1)
* .build())
* .build());
* // URL map
* var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
* .name("l7-gilb-url-map")
* .defaultService(defaultBackendService.id())
* .build());
* // HTTP target proxy
* var default_ = new TargetHttpProxy("default", TargetHttpProxyArgs.builder()
* .name("l7-gilb-target-http-proxy")
* .urlMap(defaultURLMap.id())
* .build());
* // forwarding rule
* var googleComputeForwardingRule = new GlobalForwardingRule("googleComputeForwardingRule", GlobalForwardingRuleArgs.builder()
* .name("l7-gilb-forwarding-rule")
* .ipProtocol("TCP")
* .loadBalancingScheme("INTERNAL_MANAGED")
* .portRange("80")
* .target(default_.id())
* .network(gilbNetwork.id())
* .subnetwork(gilbSubnet.id())
* .build());
* // allow all access from IAP and health check ranges
* var fw_iap = new Firewall("fw-iap", FirewallArgs.builder()
* .name("l7-gilb-fw-allow-iap-hc")
* .direction("INGRESS")
* .network(gilbNetwork.id())
* .sourceRanges(
* "130.211.0.0/22",
* "35.191.0.0/16",
* "35.235.240.0/20")
* .allows(FirewallAllowArgs.builder()
* .protocol("tcp")
* .build())
* .build());
* // allow http from proxy subnet to backends
* var fw_gilb_to_backends = new Firewall("fw-gilb-to-backends", FirewallArgs.builder()
* .name("l7-gilb-fw-allow-gilb-to-backends")
* .direction("INGRESS")
* .network(gilbNetwork.id())
* .sourceRanges("10.0.0.0/24")
* .targetTags("http-server")
* .allows(FirewallAllowArgs.builder()
* .protocol("tcp")
* .ports(
* "80",
* "443",
* "8080")
* .build())
* .build());
* // test instance
* var vm_test = new Instance("vm-test", InstanceArgs.builder()
* .name("l7-gilb-test-vm")
* .zone("europe-west1-b")
* .machineType("e2-small")
* .networkInterfaces(InstanceNetworkInterfaceArgs.builder()
* .network(gilbNetwork.id())
* .subnetwork(gilbSubnet.id())
* .build())
* .bootDisk(InstanceBootDiskArgs.builder()
* .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()
* .image("debian-cloud/debian-10")
* .build())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* # Global Internal HTTP load balancer with a managed instance group backend
* # VPC network
* gilbNetwork:
* type: gcp:compute:Network
* name: gilb_network
* properties:
* name: l7-gilb-network
* autoCreateSubnetworks: false
* # proxy-only subnet
* proxySubnet:
* type: gcp:compute:Subnetwork
* name: proxy_subnet
* properties:
* name: l7-gilb-proxy-subnet
* ipCidrRange: 10.0.0.0/24
* region: europe-west1
* purpose: GLOBAL_MANAGED_PROXY
* role: ACTIVE
* network: ${gilbNetwork.id}
* # backend subnet
* gilbSubnet:
* type: gcp:compute:Subnetwork
* name: gilb_subnet
* properties:
* name: l7-gilb-subnet
* ipCidrRange: 10.0.1.0/24
* region: europe-west1
* network: ${gilbNetwork.id}
* # forwarding rule
* googleComputeForwardingRule:
* type: gcp:compute:GlobalForwardingRule
* name: google_compute_forwarding_rule
* properties:
* name: l7-gilb-forwarding-rule
* ipProtocol: TCP
* loadBalancingScheme: INTERNAL_MANAGED
* portRange: '80'
* target: ${default.id}
* network: ${gilbNetwork.id}
* subnetwork: ${gilbSubnet.id}
* # HTTP target proxy
* default:
* type: gcp:compute:TargetHttpProxy
* properties:
* name: l7-gilb-target-http-proxy
* urlMap: ${defaultURLMap.id}
* # URL map
* defaultURLMap:
* type: gcp:compute:URLMap
* name: default
* properties:
* name: l7-gilb-url-map
* defaultService: ${defaultBackendService.id}
* # backend service
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: l7-gilb-backend-subnet
* protocol: HTTP
* loadBalancingScheme: INTERNAL_MANAGED
* timeoutSec: 10
* healthChecks: ${defaultHealthCheck.id}
* backends:
* - group: ${mig.instanceGroup}
* balancingMode: UTILIZATION
* capacityScaler: 1
* # instance template
* instanceTemplate:
* type: gcp:compute:InstanceTemplate
* name: instance_template
* properties:
* networkInterfaces:
* - accessConfigs:
* - {}
* network: ${gilbNetwork.id}
* subnetwork: ${gilbSubnet.id}
* name: l7-gilb-mig-template
* machineType: e2-small
* tags:
* - http-server
* disks:
* - sourceImage: debian-cloud/debian-10
* autoDelete: true
* boot: true
* metadata:
* startup-script: |
* #! /bin/bash
* set -euo pipefail
* export DEBIAN_FRONTEND=noninteractive
* apt-get update
* apt-get install -y nginx-light jq
* NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
* IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
* METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
* cat < /var/www/html/index.html
*
* Name: $NAME
* IP: $IP
* Metadata: $METADATA
*
* EOF
* # health check
* defaultHealthCheck:
* type: gcp:compute:HealthCheck
* name: default
* properties:
* name: l7-gilb-hc
* httpHealthCheck:
* portSpecification: USE_SERVING_PORT
* # MIG
* mig:
* type: gcp:compute:InstanceGroupManager
* properties:
* name: l7-gilb-mig1
* zone: europe-west1-b
* versions:
* - instanceTemplate: ${instanceTemplate.id}
* name: primary
* baseInstanceName: vm
* targetSize: 2
* # allow all access from IAP and health check ranges
* fw-iap:
* type: gcp:compute:Firewall
* properties:
* name: l7-gilb-fw-allow-iap-hc
* direction: INGRESS
* network: ${gilbNetwork.id}
* sourceRanges:
* - 130.211.0.0/22
* - 35.191.0.0/16
* - 35.235.240.0/20
* allows:
* - protocol: tcp
* # allow http from proxy subnet to backends
* fw-gilb-to-backends:
* type: gcp:compute:Firewall
* properties:
* name: l7-gilb-fw-allow-gilb-to-backends
* direction: INGRESS
* network: ${gilbNetwork.id}
* sourceRanges:
* - 10.0.0.0/24
* targetTags:
* - http-server
* allows:
* - protocol: tcp
* ports:
* - '80'
* - '443'
* - '8080'
* # test instance
* vm-test:
* type: gcp:compute:Instance
* properties:
* name: l7-gilb-test-vm
* zone: europe-west1-b
* machineType: e2-small
* networkInterfaces:
* - network: ${gilbNetwork.id}
* subnetwork: ${gilbSubnet.id}
* bootDisk:
* initializeParams:
* image: debian-cloud/debian-10
* ```
*
* ### Private Service Connect Google Apis
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const network = new gcp.compute.Network("network", {
* project: "my-project-name",
* name: "my-network",
* autoCreateSubnetworks: false,
* });
* const vpcSubnetwork = new gcp.compute.Subnetwork("vpc_subnetwork", {
* project: network.project,
* name: "my-subnetwork",
* ipCidrRange: "10.2.0.0/16",
* region: "us-central1",
* network: network.id,
* privateIpGoogleAccess: true,
* });
* const _default = new gcp.compute.GlobalAddress("default", {
* project: network.project,
* name: "global-psconnect-ip",
* addressType: "INTERNAL",
* purpose: "PRIVATE_SERVICE_CONNECT",
* network: network.id,
* address: "100.100.100.106",
* });
* const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("default", {
* project: network.project,
* name: "globalrule",
* target: "all-apis",
* network: network.id,
* ipAddress: _default.id,
* loadBalancingScheme: "",
* serviceDirectoryRegistrations: {
* namespace: "sd-namespace",
* serviceDirectoryRegion: "europe-west3",
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* network = gcp.compute.Network("network",
* project="my-project-name",
* name="my-network",
* auto_create_subnetworks=False)
* vpc_subnetwork = gcp.compute.Subnetwork("vpc_subnetwork",
* project=network.project,
* name="my-subnetwork",
* ip_cidr_range="10.2.0.0/16",
* region="us-central1",
* network=network.id,
* private_ip_google_access=True)
* default = gcp.compute.GlobalAddress("default",
* project=network.project,
* name="global-psconnect-ip",
* address_type="INTERNAL",
* purpose="PRIVATE_SERVICE_CONNECT",
* network=network.id,
* address="100.100.100.106")
* default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
* project=network.project,
* name="globalrule",
* target="all-apis",
* network=network.id,
* ip_address=default.id,
* load_balancing_scheme="",
* service_directory_registrations=gcp.compute.GlobalForwardingRuleServiceDirectoryRegistrationsArgs(
* namespace="sd-namespace",
* service_directory_region="europe-west3",
* ))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var network = new Gcp.Compute.Network("network", new()
* {
* Project = "my-project-name",
* Name = "my-network",
* AutoCreateSubnetworks = false,
* });
* var vpcSubnetwork = new Gcp.Compute.Subnetwork("vpc_subnetwork", new()
* {
* Project = network.Project,
* Name = "my-subnetwork",
* IpCidrRange = "10.2.0.0/16",
* Region = "us-central1",
* Network = network.Id,
* PrivateIpGoogleAccess = true,
* });
* var @default = new Gcp.Compute.GlobalAddress("default", new()
* {
* Project = network.Project,
* Name = "global-psconnect-ip",
* AddressType = "INTERNAL",
* Purpose = "PRIVATE_SERVICE_CONNECT",
* Network = network.Id,
* Address = "100.100.100.106",
* });
* var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("default", new()
* {
* Project = network.Project,
* Name = "globalrule",
* Target = "all-apis",
* Network = network.Id,
* IpAddress = @default.Id,
* LoadBalancingScheme = "",
* ServiceDirectoryRegistrations = new Gcp.Compute.Inputs.GlobalForwardingRuleServiceDirectoryRegistrationsArgs
* {
* Namespace = "sd-namespace",
* ServiceDirectoryRegion = "europe-west3",
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{
* Project: pulumi.String("my-project-name"),
* Name: pulumi.String("my-network"),
* AutoCreateSubnetworks: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewSubnetwork(ctx, "vpc_subnetwork", &compute.SubnetworkArgs{
* Project: network.Project,
* Name: pulumi.String("my-subnetwork"),
* IpCidrRange: pulumi.String("10.2.0.0/16"),
* Region: pulumi.String("us-central1"),
* Network: network.ID(),
* PrivateIpGoogleAccess: pulumi.Bool(true),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewGlobalAddress(ctx, "default", &compute.GlobalAddressArgs{
* Project: network.Project,
* Name: pulumi.String("global-psconnect-ip"),
* AddressType: pulumi.String("INTERNAL"),
* Purpose: pulumi.String("PRIVATE_SERVICE_CONNECT"),
* Network: network.ID(),
* Address: pulumi.String("100.100.100.106"),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{
* Project: network.Project,
* Name: pulumi.String("globalrule"),
* Target: pulumi.String("all-apis"),
* Network: network.ID(),
* IpAddress: _default.ID(),
* LoadBalancingScheme: pulumi.String(""),
* ServiceDirectoryRegistrations: &compute.GlobalForwardingRuleServiceDirectoryRegistrationsArgs{
* Namespace: pulumi.String("sd-namespace"),
* ServiceDirectoryRegion: pulumi.String("europe-west3"),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.Network;
* import com.pulumi.gcp.compute.NetworkArgs;
* import com.pulumi.gcp.compute.Subnetwork;
* import com.pulumi.gcp.compute.SubnetworkArgs;
* import com.pulumi.gcp.compute.GlobalAddress;
* import com.pulumi.gcp.compute.GlobalAddressArgs;
* import com.pulumi.gcp.compute.GlobalForwardingRule;
* import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
* import com.pulumi.gcp.compute.inputs.GlobalForwardingRuleServiceDirectoryRegistrationsArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var network = new Network("network", NetworkArgs.builder()
* .project("my-project-name")
* .name("my-network")
* .autoCreateSubnetworks(false)
* .build());
* var vpcSubnetwork = new Subnetwork("vpcSubnetwork", SubnetworkArgs.builder()
* .project(network.project())
* .name("my-subnetwork")
* .ipCidrRange("10.2.0.0/16")
* .region("us-central1")
* .network(network.id())
* .privateIpGoogleAccess(true)
* .build());
* var default_ = new GlobalAddress("default", GlobalAddressArgs.builder()
* .project(network.project())
* .name("global-psconnect-ip")
* .addressType("INTERNAL")
* .purpose("PRIVATE_SERVICE_CONNECT")
* .network(network.id())
* .address("100.100.100.106")
* .build());
* var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
* .project(network.project())
* .name("globalrule")
* .target("all-apis")
* .network(network.id())
* .ipAddress(default_.id())
* .loadBalancingScheme("")
* .serviceDirectoryRegistrations(GlobalForwardingRuleServiceDirectoryRegistrationsArgs.builder()
* .namespace("sd-namespace")
* .serviceDirectoryRegion("europe-west3")
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* network:
* type: gcp:compute:Network
* properties:
* project: my-project-name
* name: my-network
* autoCreateSubnetworks: false
* vpcSubnetwork:
* type: gcp:compute:Subnetwork
* name: vpc_subnetwork
* properties:
* project: ${network.project}
* name: my-subnetwork
* ipCidrRange: 10.2.0.0/16
* region: us-central1
* network: ${network.id}
* privateIpGoogleAccess: true
* default:
* type: gcp:compute:GlobalAddress
* properties:
* project: ${network.project}
* name: global-psconnect-ip
* addressType: INTERNAL
* purpose: PRIVATE_SERVICE_CONNECT
* network: ${network.id}
* address: 100.100.100.106
* defaultGlobalForwardingRule:
* type: gcp:compute:GlobalForwardingRule
* name: default
* properties:
* project: ${network.project}
* name: globalrule
* target: all-apis
* network: ${network.id}
* ipAddress: ${default.id}
* loadBalancingScheme:
* serviceDirectoryRegistrations:
* namespace: sd-namespace
* serviceDirectoryRegion: europe-west3
* ```
*
* ### Private Service Connect Google Apis No Automate Dns
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const network = new gcp.compute.Network("network", {
* project: "my-project-name",
* name: "my-network",
* autoCreateSubnetworks: false,
* });
* const vpcSubnetwork = new gcp.compute.Subnetwork("vpc_subnetwork", {
* project: network.project,
* name: "my-subnetwork",
* ipCidrRange: "10.2.0.0/16",
* region: "us-central1",
* network: network.id,
* privateIpGoogleAccess: true,
* });
* const _default = new gcp.compute.GlobalAddress("default", {
* project: network.project,
* name: "global-psconnect-ip",
* addressType: "INTERNAL",
* purpose: "PRIVATE_SERVICE_CONNECT",
* network: network.id,
* address: "100.100.100.106",
* });
* const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("default", {
* project: network.project,
* name: "globalrule",
* target: "all-apis",
* network: network.id,
* ipAddress: _default.id,
* loadBalancingScheme: "",
* noAutomateDnsZone: false,
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* network = gcp.compute.Network("network",
* project="my-project-name",
* name="my-network",
* auto_create_subnetworks=False)
* vpc_subnetwork = gcp.compute.Subnetwork("vpc_subnetwork",
* project=network.project,
* name="my-subnetwork",
* ip_cidr_range="10.2.0.0/16",
* region="us-central1",
* network=network.id,
* private_ip_google_access=True)
* default = gcp.compute.GlobalAddress("default",
* project=network.project,
* name="global-psconnect-ip",
* address_type="INTERNAL",
* purpose="PRIVATE_SERVICE_CONNECT",
* network=network.id,
* address="100.100.100.106")
* default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
* project=network.project,
* name="globalrule",
* target="all-apis",
* network=network.id,
* ip_address=default.id,
* load_balancing_scheme="",
* no_automate_dns_zone=False)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var network = new Gcp.Compute.Network("network", new()
* {
* Project = "my-project-name",
* Name = "my-network",
* AutoCreateSubnetworks = false,
* });
* var vpcSubnetwork = new Gcp.Compute.Subnetwork("vpc_subnetwork", new()
* {
* Project = network.Project,
* Name = "my-subnetwork",
* IpCidrRange = "10.2.0.0/16",
* Region = "us-central1",
* Network = network.Id,
* PrivateIpGoogleAccess = true,
* });
* var @default = new Gcp.Compute.GlobalAddress("default", new()
* {
* Project = network.Project,
* Name = "global-psconnect-ip",
* AddressType = "INTERNAL",
* Purpose = "PRIVATE_SERVICE_CONNECT",
* Network = network.Id,
* Address = "100.100.100.106",
* });
* var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("default", new()
* {
* Project = network.Project,
* Name = "globalrule",
* Target = "all-apis",
* Network = network.Id,
* IpAddress = @default.Id,
* LoadBalancingScheme = "",
* NoAutomateDnsZone = false,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{
* Project: pulumi.String("my-project-name"),
* Name: pulumi.String("my-network"),
* AutoCreateSubnetworks: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewSubnetwork(ctx, "vpc_subnetwork", &compute.SubnetworkArgs{
* Project: network.Project,
* Name: pulumi.String("my-subnetwork"),
* IpCidrRange: pulumi.String("10.2.0.0/16"),
* Region: pulumi.String("us-central1"),
* Network: network.ID(),
* PrivateIpGoogleAccess: pulumi.Bool(true),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewGlobalAddress(ctx, "default", &compute.GlobalAddressArgs{
* Project: network.Project,
* Name: pulumi.String("global-psconnect-ip"),
* AddressType: pulumi.String("INTERNAL"),
* Purpose: pulumi.String("PRIVATE_SERVICE_CONNECT"),
* Network: network.ID(),
* Address: pulumi.String("100.100.100.106"),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{
* Project: network.Project,
* Name: pulumi.String("globalrule"),
* Target: pulumi.String("all-apis"),
* Network: network.ID(),
* IpAddress: _default.ID(),
* LoadBalancingScheme: pulumi.String(""),
* NoAutomateDnsZone: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.Network;
* import com.pulumi.gcp.compute.NetworkArgs;
* import com.pulumi.gcp.compute.Subnetwork;
* import com.pulumi.gcp.compute.SubnetworkArgs;
* import com.pulumi.gcp.compute.GlobalAddress;
* import com.pulumi.gcp.compute.GlobalAddressArgs;
* import com.pulumi.gcp.compute.GlobalForwardingRule;
* import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var network = new Network("network", NetworkArgs.builder()
* .project("my-project-name")
* .name("my-network")
* .autoCreateSubnetworks(false)
* .build());
* var vpcSubnetwork = new Subnetwork("vpcSubnetwork", SubnetworkArgs.builder()
* .project(network.project())
* .name("my-subnetwork")
* .ipCidrRange("10.2.0.0/16")
* .region("us-central1")
* .network(network.id())
* .privateIpGoogleAccess(true)
* .build());
* var default_ = new GlobalAddress("default", GlobalAddressArgs.builder()
* .project(network.project())
* .name("global-psconnect-ip")
* .addressType("INTERNAL")
* .purpose("PRIVATE_SERVICE_CONNECT")
* .network(network.id())
* .address("100.100.100.106")
* .build());
* var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
* .project(network.project())
* .name("globalrule")
* .target("all-apis")
* .network(network.id())
* .ipAddress(default_.id())
* .loadBalancingScheme("")
* .noAutomateDnsZone(false)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* network:
* type: gcp:compute:Network
* properties:
* project: my-project-name
* name: my-network
* autoCreateSubnetworks: false
* vpcSubnetwork:
* type: gcp:compute:Subnetwork
* name: vpc_subnetwork
* properties:
* project: ${network.project}
* name: my-subnetwork
* ipCidrRange: 10.2.0.0/16
* region: us-central1
* network: ${network.id}
* privateIpGoogleAccess: true
* default:
* type: gcp:compute:GlobalAddress
* properties:
* project: ${network.project}
* name: global-psconnect-ip
* addressType: INTERNAL
* purpose: PRIVATE_SERVICE_CONNECT
* network: ${network.id}
* address: 100.100.100.106
* defaultGlobalForwardingRule:
* type: gcp:compute:GlobalForwardingRule
* name: default
* properties:
* project: ${network.project}
* name: globalrule
* target: all-apis
* network: ${network.id}
* ipAddress: ${default.id}
* loadBalancingScheme:
* noAutomateDnsZone: false
* ```
*
* ## Import
* GlobalForwardingRule can be imported using any of these accepted formats:
* * `projects/{{project}}/global/forwardingRules/{{name}}`
* * `{{project}}/{{name}}`
* * `{{name}}`
* When using the `pulumi import` command, GlobalForwardingRule can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default projects/{{project}}/global/forwardingRules/{{name}}
* ```
* ```sh
* $ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default {{project}}/{{name}}
* ```
* ```sh
* $ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default {{name}}
* ```
* */*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/
*/
public class GlobalForwardingRule internal constructor(
override val javaResource: com.pulumi.gcp.compute.GlobalForwardingRule,
) : KotlinCustomResource(javaResource, GlobalForwardingRuleMapper) {
/**
* This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.
*/
public val allowPscGlobalAccess: Output?
get() = javaResource.allowPscGlobalAccess().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.
*/
public val baseForwardingRule: Output
get() = javaResource.baseForwardingRule().applyValue({ args0 -> args0 })
/**
* An optional description of this resource. Provide this property when
* you create the resource.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
*/
public val effectiveLabels: Output>
get() = javaResource.effectiveLabels().applyValue({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
})
/**
* IP address for which this forwarding rule accepts traffic. When a client
* sends traffic to this IP address, the forwarding rule directs the traffic
* to the referenced `target`.
* While creating a forwarding rule, specifying an `IPAddress` is
* required under the following circumstances:
* * When the `target` is set to `targetGrpcProxy` and
* `validateForProxyless` is set to `true`, the
* `IPAddress` should be set to `0.0.0.0`.
* * When the `target` is a Private Service Connect Google APIs
* bundle, you must specify an `IPAddress`.
* Otherwise, you can optionally specify an IP address that references an
* existing static (reserved) IP address resource. When omitted, Google Cloud
* assigns an ephemeral IP address.
* Use one of the following formats to specify an IP address while creating a
* forwarding rule:
* * IP address number, as in `100.1.2.3`
* * IPv6 address range, as in `2600:1234::/96`
* * Full resource URL, as in
* `https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name`
* * Partial URL or by name, as in:
* * `projects/project_id/regions/region/addresses/address-name`
* * `regions/region/addresses/address-name`
* * `global/addresses/address-name`
* * `address-name`
* The forwarding rule's `target`,
* and in most cases, also the `loadBalancingScheme`, determine the
* type of IP address that you can use. For detailed information, see
* [IP address
* specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
* When reading an `IPAddress`, the API always returns the IP
* address number.
*/
public val ipAddress: Output
get() = javaResource.ipAddress().applyValue({ args0 -> args0 })
/**
* The IP protocol to which this rule applies.
* For protocol forwarding, valid
* options are `TCP`, `UDP`, `ESP`,
* `AH`, `SCTP`, `ICMP` and
* `L3_DEFAULT`.
* The valid IP protocols are different for different load balancing products
* as described in [Load balancing
* features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends).
* Possible values are: `TCP`, `UDP`, `ESP`, `AH`, `SCTP`, `ICMP`.
*/
public val ipProtocol: Output
get() = javaResource.ipProtocol().applyValue({ args0 -> args0 })
/**
* The IP Version that will be used by this global forwarding rule.
* Possible values are: `IPV4`, `IPV6`.
*/
public val ipVersion: Output?
get() = javaResource.ipVersion().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* The fingerprint used for optimistic locking of this resource. Used
* internally during updates.
*/
public val labelFingerprint: Output
get() = javaResource.labelFingerprint().applyValue({ args0 -> args0 })
/**
* Labels to apply to this forwarding rule. A list of key->value pairs.
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effective_labels` for all of the labels present on the resource.
*/
public val labels: Output>?
get() = javaResource.labels().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}).orElse(null)
})
/**
* Specifies the forwarding rule type.
* For more information about forwarding rules, refer to
* [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts).
* Default value is `EXTERNAL`.
* Possible values are: `EXTERNAL`, `EXTERNAL_MANAGED`, `INTERNAL_MANAGED`, `INTERNAL_SELF_MANAGED`.
*/
public val loadBalancingScheme: Output?
get() = javaResource.loadBalancingScheme().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Opaque filter criteria used by Loadbalancer to restrict routing
* configuration to a limited set xDS compliant clients. In their xDS
* requests to Loadbalancer, xDS clients present node metadata. If a
* match takes place, the relevant routing configuration is made available
* to those proxies.
* For each metadataFilter in this list, if its filterMatchCriteria is set
* to MATCH_ANY, at least one of the filterLabels must match the
* corresponding label provided in the metadata. If its filterMatchCriteria
* is set to MATCH_ALL, then all of its filterLabels must match with
* corresponding labels in the provided metadata.
* metadataFilters specified here can be overridden by those specified in
* the UrlMap that this ForwardingRule references.
* metadataFilters only applies to Loadbalancers that have their
* loadBalancingScheme set to INTERNAL_SELF_MANAGED.
* Structure is documented below.
*/
public val metadataFilters: Output>?
get() = javaResource.metadataFilters().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
globalForwardingRuleMetadataFilterToKotlin(args0)
})
})
}).orElse(null)
})
/**
* Name of the resource; provided by the client when the resource is created.
* The name must be 1-63 characters long, and comply with
* [RFC1035](https://www.ietf.org/rfc/rfc1035.txt).
* Specifically, the name must be 1-63 characters long and match the regular
* expression `a-z?` which means the first
* character must be a lowercase letter, and all following characters must
* be a dash, lowercase letter, or digit, except the last character, which
* cannot be a dash.
* For Private Service Connect forwarding rules that forward traffic to Google
* APIs, the forwarding rule name must be a 1-20 characters string with
* lowercase letters and numbers and must start with a letter.
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
/**
* This field is not used for external load balancing.
* For Internal TCP/UDP Load Balancing, this field identifies the network that
* the load balanced IP should belong to for this Forwarding Rule.
* If the subnetwork is specified, the network of the subnetwork will be used.
* If neither subnetwork nor this field is specified, the default network will
* be used.
* For Private Service Connect forwarding rules that forward traffic to Google
* APIs, a network must be provided.
*/
public val network: Output
get() = javaResource.network().applyValue({ args0 -> args0 })
/**
* This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.
*/
public val noAutomateDnsZone: Output?
get() = javaResource.noAutomateDnsZone().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The `portRange` field has the following limitations:
* * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP,
* and
* * It's applicable only to the following products: external passthrough
* Network Load Balancers, internal and external proxy Network Load
* Balancers, internal and external Application Load Balancers, external
* protocol forwarding, and Classic VPN.
* * Some products have restrictions on what ports can be used. See
* [port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#port_specifications)
* for details.
* For external forwarding rules, two or more forwarding rules cannot use the
* same `[IPAddress, IPProtocol]` pair, and cannot have overlapping
* `portRange`s.
* For internal forwarding rules within the same VPC network, two or more
* forwarding rules cannot use the same `[IPAddress, IPProtocol]` pair, and
* cannot have overlapping `portRange`s.
*/
public val portRange: Output?
get() = javaResource.portRange().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
public val project: Output
get() = javaResource.project().applyValue({ args0 -> args0 })
/**
* The PSC connection id of the PSC Forwarding Rule.
*/
public val pscConnectionId: Output
get() = javaResource.pscConnectionId().applyValue({ args0 -> args0 })
/**
* The PSC connection status of the PSC Forwarding Rule. Possible values: `STATUS_UNSPECIFIED`, `PENDING`, `ACCEPTED`, `REJECTED`, `CLOSED`
*/
public val pscConnectionStatus: Output
get() = javaResource.pscConnectionStatus().applyValue({ args0 -> args0 })
/**
* The combination of labels configured directly on the resource
* and default labels configured on the provider.
*/
public val pulumiLabels: Output>
get() = javaResource.pulumiLabels().applyValue({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
})
/**
* The URI of the created resource.
*/
public val selfLink: Output
get() = javaResource.selfLink().applyValue({ args0 -> args0 })
/**
* Service Directory resources to register this forwarding rule with.
* Currently, only supports a single Service Directory resource.
* Structure is documented below.
*/
public val serviceDirectoryRegistrations:
Output
get() = javaResource.serviceDirectoryRegistrations().applyValue({ args0 ->
args0.let({ args0 ->
globalForwardingRuleServiceDirectoryRegistrationsToKotlin(args0)
})
})
/**
* If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
*/
public val sourceIpRanges: Output>?
get() = javaResource.sourceIpRanges().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* This field identifies the subnetwork that the load balanced IP should
* belong to for this Forwarding Rule, used in internal load balancing and
* network load balancing with IPv6.
* If the network specified is in auto subnet mode, this field is optional.
* However, a subnetwork must be specified if the network is in custom subnet
* mode or when creating external forwarding rule with IPv6.
*/
public val subnetwork: Output
get() = javaResource.subnetwork().applyValue({ args0 -> args0 })
/**
* The URL of the target resource to receive the matched traffic. For
* regional forwarding rules, this target must be in the same region as the
* forwarding rule. For global forwarding rules, this target must be a global
* load balancing resource.
* The forwarded traffic must be of a type appropriate to the target object.
* * For load balancers, see the "Target" column in [Port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
* * For Private Service Connect forwarding rules that forward traffic to Google APIs, provide the name of a supported Google API bundle:
* * `vpc-sc` - [ APIs that support VPC Service Controls](https://cloud.google.com/vpc-service-controls/docs/supported-products).
* * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis).
* For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.
* - - -
*/
public val target: Output
get() = javaResource.target().applyValue({ args0 -> args0 })
}
public object GlobalForwardingRuleMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.gcp.compute.GlobalForwardingRule::class == javaResource::class
override fun map(javaResource: Resource): GlobalForwardingRule = GlobalForwardingRule(
javaResource
as com.pulumi.gcp.compute.GlobalForwardingRule,
)
}
/**
* @see [GlobalForwardingRule].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [GlobalForwardingRule].
*/
public suspend fun globalForwardingRule(
name: String,
block: suspend GlobalForwardingRuleResourceBuilder.() -> Unit,
): GlobalForwardingRule {
val builder = GlobalForwardingRuleResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [GlobalForwardingRule].
* @param name The _unique_ name of the resulting resource.
*/
public fun globalForwardingRule(name: String): GlobalForwardingRule {
val builder = GlobalForwardingRuleResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy