All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.gcp.compute.kotlin.GlobalForwardingRuleArgs.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 8.10.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.compute.kotlin

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.compute.GlobalForwardingRuleArgs.builder
import com.pulumi.gcp.compute.kotlin.inputs.GlobalForwardingRuleMetadataFilterArgs
import com.pulumi.gcp.compute.kotlin.inputs.GlobalForwardingRuleMetadataFilterArgsBuilder
import com.pulumi.gcp.compute.kotlin.inputs.GlobalForwardingRuleServiceDirectoryRegistrationsArgs
import com.pulumi.gcp.compute.kotlin.inputs.GlobalForwardingRuleServiceDirectoryRegistrationsArgsBuilder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Boolean
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.collections.Map
import kotlin.jvm.JvmName

/**
 * Represents a GlobalForwardingRule resource. Global forwarding rules are
 * used to forward traffic to the correct load balancer for HTTP load
 * balancing. Global forwarding rules can only be used for HTTP load
 * balancing.
 * For more information, see
 * https://cloud.google.com/compute/docs/load-balancing/http/
 * ## Example Usage
 * ### External Ssl Proxy Lb Mig Backend
 * 
 * ```yaml
 * resources:
 *   # External SSL proxy load balancer with managed instance group backend
 *   # VPC
 *   default:
 *     type: gcp:compute:Network
 *     properties:
 *       name: ssl-proxy-xlb-network
 *       autoCreateSubnetworks: false
 *   # backend subnet
 *   defaultSubnetwork:
 *     type: gcp:compute:Subnetwork
 *     name: default
 *     properties:
 *       name: ssl-proxy-xlb-subnet
 *       ipCidrRange: 10.0.1.0/24
 *       region: us-central1
 *       network: ${default.id}
 *   # reserved IP address
 *   defaultGlobalAddress:
 *     type: gcp:compute:GlobalAddress
 *     name: default
 *     properties:
 *       name: ssl-proxy-xlb-ip
 *   # Self-signed regional SSL certificate for testing
 *   defaultPrivateKey:
 *     type: tls:PrivateKey
 *     name: default
 *     properties:
 *       algorithm: RSA
 *       rsaBits: 2048
 *   defaultSelfSignedCert:
 *     type: tls:SelfSignedCert
 *     name: default
 *     properties:
 *       keyAlgorithm: ${defaultPrivateKey.algorithm}
 *       privateKeyPem: ${defaultPrivateKey.privateKeyPem}
 *       validityPeriodHours: 12 # Generate a new certificate if Terraform is run within three
 *       #   # hours of the certificate's expiration time.
 *       earlyRenewalHours: 3 # Reasonable set of uses for a server SSL certificate.
 *       allowedUses:
 *         - key_encipherment
 *         - digital_signature
 *         - server_auth
 *       dnsNames:
 *         - example.com
 *       subject:
 *         commonName: example.com
 *         organization: ACME Examples, Inc
 *   defaultSSLCertificate:
 *     type: gcp:compute:SSLCertificate
 *     name: default
 *     properties:
 *       name: default-cert
 *       privateKey: ${defaultPrivateKey.privateKeyPem}
 *       certificate: ${defaultSelfSignedCert.certPem}
 *   defaultTargetSSLProxy:
 *     type: gcp:compute:TargetSSLProxy
 *     name: default
 *     properties:
 *       name: test-proxy
 *       backendService: ${defaultBackendService.id}
 *       sslCertificates:
 *         - ${defaultSSLCertificate.id}
 *   # forwarding rule
 *   defaultGlobalForwardingRule:
 *     type: gcp:compute:GlobalForwardingRule
 *     name: default
 *     properties:
 *       name: ssl-proxy-xlb-forwarding-rule
 *       ipProtocol: TCP
 *       loadBalancingScheme: EXTERNAL
 *       portRange: '443'
 *       target: ${defaultTargetSSLProxy.id}
 *       ipAddress: ${defaultGlobalAddress.id}
 *   # backend service
 *   defaultBackendService:
 *     type: gcp:compute:BackendService
 *     name: default
 *     properties:
 *       name: ssl-proxy-xlb-backend-service
 *       protocol: SSL
 *       portName: tcp
 *       loadBalancingScheme: EXTERNAL
 *       timeoutSec: 10
 *       healthChecks: ${defaultHealthCheck.id}
 *       backends:
 *         - group: ${defaultInstanceGroupManager.instanceGroup}
 *           balancingMode: UTILIZATION
 *           maxUtilization: 1
 *           capacityScaler: 1
 *   defaultHealthCheck:
 *     type: gcp:compute:HealthCheck
 *     name: default
 *     properties:
 *       name: ssl-proxy-health-check
 *       timeoutSec: 1
 *       checkIntervalSec: 1
 *       tcpHealthCheck:
 *         port: '443'
 *   # instance template
 *   defaultInstanceTemplate:
 *     type: gcp:compute:InstanceTemplate
 *     name: default
 *     properties:
 *       networkInterfaces:
 *         - accessConfigs:
 *             - {}
 *           network: ${default.id}
 *           subnetwork: ${defaultSubnetwork.id}
 *       name: ssl-proxy-xlb-mig-template
 *       machineType: e2-small
 *       tags:
 *         - allow-health-check
 *       disks:
 *         - sourceImage: debian-cloud/debian-10
 *           autoDelete: true
 *           boot: true
 *       metadata:
 *         startup-script: |
 *           #! /bin/bash
 *           set -euo pipefail
 *           export DEBIAN_FRONTEND=noninteractive
 *           sudo apt-get update
 *           sudo apt-get install  -y apache2 jq
 *           sudo a2ensite default-ssl
 *           sudo a2enmod ssl
 *           sudo service apache2 restart
 *           NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
 *           IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
 *           METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
 *           cat < /var/www/html/index.html
 *           

SSL Load Balancer

*
 *           Name: $NAME
 *           IP: $IP
 *           Metadata: $METADATA
 *           
* EOF * # MIG * defaultInstanceGroupManager: * type: gcp:compute:InstanceGroupManager * name: default * properties: * name: ssl-proxy-xlb-mig1 * zone: us-central1-c * namedPorts: * - name: tcp * port: 443 * versions: * - instanceTemplate: ${defaultInstanceTemplate.id} * name: primary * baseInstanceName: vm * targetSize: 2 * # allow access from health check ranges * defaultFirewall: * type: gcp:compute:Firewall * name: default * properties: * name: ssl-proxy-xlb-fw-allow-hc * direction: INGRESS * network: ${default.id} * sourceRanges: * - 130.211.0.0/22 * - 35.191.0.0/16 * allows: * - protocol: tcp * targetTags: * - allow-health-check * ``` * * ### External Tcp Proxy Lb Mig Backend * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * // External TCP proxy load balancer with managed instance group backend * // VPC * const _default = new gcp.compute.Network("default", { * name: "tcp-proxy-xlb-network", * autoCreateSubnetworks: false, * }); * // backend subnet * const defaultSubnetwork = new gcp.compute.Subnetwork("default", { * name: "tcp-proxy-xlb-subnet", * ipCidrRange: "10.0.1.0/24", * region: "us-central1", * network: _default.id, * }); * // reserved IP address * const defaultGlobalAddress = new gcp.compute.GlobalAddress("default", {name: "tcp-proxy-xlb-ip"}); * const defaultHealthCheck = new gcp.compute.HealthCheck("default", { * name: "tcp-proxy-health-check", * timeoutSec: 1, * checkIntervalSec: 1, * tcpHealthCheck: { * port: 80, * }, * }); * // instance template * const defaultInstanceTemplate = new gcp.compute.InstanceTemplate("default", { * networkInterfaces: [{ * accessConfigs: [{}], * network: _default.id, * subnetwork: defaultSubnetwork.id, * }], * name: "tcp-proxy-xlb-mig-template", * machineType: "e2-small", * tags: ["allow-health-check"], * disks: [{ * sourceImage: "debian-cloud/debian-10", * autoDelete: true, * boot: true, * }], * metadata: { * "startup-script": `#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: NAME
 * IP: IP
 * Metadata: METADATA
 * 
* EOF * `, * }, * }); * // MIG * const defaultInstanceGroupManager = new gcp.compute.InstanceGroupManager("default", { * name: "tcp-proxy-xlb-mig1", * zone: "us-central1-c", * namedPorts: [{ * name: "tcp", * port: 80, * }], * versions: [{ * instanceTemplate: defaultInstanceTemplate.id, * name: "primary", * }], * baseInstanceName: "vm", * targetSize: 2, * }); * // backend service * const defaultBackendService = new gcp.compute.BackendService("default", { * name: "tcp-proxy-xlb-backend-service", * protocol: "TCP", * portName: "tcp", * loadBalancingScheme: "EXTERNAL", * timeoutSec: 10, * healthChecks: defaultHealthCheck.id, * backends: [{ * group: defaultInstanceGroupManager.instanceGroup, * balancingMode: "UTILIZATION", * maxUtilization: 1, * capacityScaler: 1, * }], * }); * const defaultTargetTCPProxy = new gcp.compute.TargetTCPProxy("default", { * name: "test-proxy-health-check", * backendService: defaultBackendService.id, * }); * // forwarding rule * const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("default", { * name: "tcp-proxy-xlb-forwarding-rule", * ipProtocol: "TCP", * loadBalancingScheme: "EXTERNAL", * portRange: "110", * target: defaultTargetTCPProxy.id, * ipAddress: defaultGlobalAddress.id, * }); * // allow access from health check ranges * const defaultFirewall = new gcp.compute.Firewall("default", { * name: "tcp-proxy-xlb-fw-allow-hc", * direction: "INGRESS", * network: _default.id, * sourceRanges: [ * "130.211.0.0/22", * "35.191.0.0/16", * ], * allows: [{ * protocol: "tcp", * }], * targetTags: ["allow-health-check"], * }); * ``` * ```python * import pulumi * import pulumi_gcp as gcp * # External TCP proxy load balancer with managed instance group backend * # VPC * default = gcp.compute.Network("default", * name="tcp-proxy-xlb-network", * auto_create_subnetworks=False) * # backend subnet * default_subnetwork = gcp.compute.Subnetwork("default", * name="tcp-proxy-xlb-subnet", * ip_cidr_range="10.0.1.0/24", * region="us-central1", * network=default.id) * # reserved IP address * default_global_address = gcp.compute.GlobalAddress("default", name="tcp-proxy-xlb-ip") * default_health_check = gcp.compute.HealthCheck("default", * name="tcp-proxy-health-check", * timeout_sec=1, * check_interval_sec=1, * tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs( * port=80, * )) * # instance template * default_instance_template = gcp.compute.InstanceTemplate("default", * network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs( * access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()], * network=default.id, * subnetwork=default_subnetwork.id, * )], * name="tcp-proxy-xlb-mig-template", * machine_type="e2-small", * tags=["allow-health-check"], * disks=[gcp.compute.InstanceTemplateDiskArgs( * source_image="debian-cloud/debian-10", * auto_delete=True, * boot=True, * )], * metadata={ * "startup-script": """#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * """, * }) * # MIG * default_instance_group_manager = gcp.compute.InstanceGroupManager("default", * name="tcp-proxy-xlb-mig1", * zone="us-central1-c", * named_ports=[gcp.compute.InstanceGroupManagerNamedPortArgs( * name="tcp", * port=80, * )], * versions=[gcp.compute.InstanceGroupManagerVersionArgs( * instance_template=default_instance_template.id, * name="primary", * )], * base_instance_name="vm", * target_size=2) * # backend service * default_backend_service = gcp.compute.BackendService("default", * name="tcp-proxy-xlb-backend-service", * protocol="TCP", * port_name="tcp", * load_balancing_scheme="EXTERNAL", * timeout_sec=10, * health_checks=default_health_check.id, * backends=[gcp.compute.BackendServiceBackendArgs( * group=default_instance_group_manager.instance_group, * balancing_mode="UTILIZATION", * max_utilization=1, * capacity_scaler=1, * )]) * default_target_tcp_proxy = gcp.compute.TargetTCPProxy("default", * name="test-proxy-health-check", * backend_service=default_backend_service.id) * # forwarding rule * default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default", * name="tcp-proxy-xlb-forwarding-rule", * ip_protocol="TCP", * load_balancing_scheme="EXTERNAL", * port_range="110", * target=default_target_tcp_proxy.id, * ip_address=default_global_address.id) * # allow access from health check ranges * default_firewall = gcp.compute.Firewall("default", * name="tcp-proxy-xlb-fw-allow-hc", * direction="INGRESS", * network=default.id, * source_ranges=[ * "130.211.0.0/22", * "35.191.0.0/16", * ], * allows=[gcp.compute.FirewallAllowArgs( * protocol="tcp", * )], * target_tags=["allow-health-check"]) * ``` * ```csharp * using System.Collections.Generic; * using System.Linq; * using Pulumi; * using Gcp = Pulumi.Gcp; * return await Deployment.RunAsync(() => * { * // External TCP proxy load balancer with managed instance group backend * // VPC * var @default = new Gcp.Compute.Network("default", new() * { * Name = "tcp-proxy-xlb-network", * AutoCreateSubnetworks = false, * }); * // backend subnet * var defaultSubnetwork = new Gcp.Compute.Subnetwork("default", new() * { * Name = "tcp-proxy-xlb-subnet", * IpCidrRange = "10.0.1.0/24", * Region = "us-central1", * Network = @default.Id, * }); * // reserved IP address * var defaultGlobalAddress = new Gcp.Compute.GlobalAddress("default", new() * { * Name = "tcp-proxy-xlb-ip", * }); * var defaultHealthCheck = new Gcp.Compute.HealthCheck("default", new() * { * Name = "tcp-proxy-health-check", * TimeoutSec = 1, * CheckIntervalSec = 1, * TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs * { * Port = 80, * }, * }); * // instance template * var defaultInstanceTemplate = new Gcp.Compute.InstanceTemplate("default", new() * { * NetworkInterfaces = new[] * { * new Gcp.Compute.Inputs.InstanceTemplateNetworkInterfaceArgs * { * AccessConfigs = new[] * { * null, * }, * Network = @default.Id, * Subnetwork = defaultSubnetwork.Id, * }, * }, * Name = "tcp-proxy-xlb-mig-template", * MachineType = "e2-small", * Tags = new[] * { * "allow-health-check", * }, * Disks = new[] * { * new Gcp.Compute.Inputs.InstanceTemplateDiskArgs * { * SourceImage = "debian-cloud/debian-10", * AutoDelete = true, * Boot = true, * }, * }, * Metadata = * { * { "startup-script", @"#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/hostname"") * IP=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip"") * METADATA=$(curl -f -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True"" | jq 'del(.[""startup-script""])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * " }, * }, * }); * // MIG * var defaultInstanceGroupManager = new Gcp.Compute.InstanceGroupManager("default", new() * { * Name = "tcp-proxy-xlb-mig1", * Zone = "us-central1-c", * NamedPorts = new[] * { * new Gcp.Compute.Inputs.InstanceGroupManagerNamedPortArgs * { * Name = "tcp", * Port = 80, * }, * }, * Versions = new[] * { * new Gcp.Compute.Inputs.InstanceGroupManagerVersionArgs * { * InstanceTemplate = defaultInstanceTemplate.Id, * Name = "primary", * }, * }, * BaseInstanceName = "vm", * TargetSize = 2, * }); * // backend service * var defaultBackendService = new Gcp.Compute.BackendService("default", new() * { * Name = "tcp-proxy-xlb-backend-service", * Protocol = "TCP", * PortName = "tcp", * LoadBalancingScheme = "EXTERNAL", * TimeoutSec = 10, * HealthChecks = defaultHealthCheck.Id, * Backends = new[] * { * new Gcp.Compute.Inputs.BackendServiceBackendArgs * { * Group = defaultInstanceGroupManager.InstanceGroup, * BalancingMode = "UTILIZATION", * MaxUtilization = 1, * CapacityScaler = 1, * }, * }, * }); * var defaultTargetTCPProxy = new Gcp.Compute.TargetTCPProxy("default", new() * { * Name = "test-proxy-health-check", * BackendService = defaultBackendService.Id, * }); * // forwarding rule * var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("default", new() * { * Name = "tcp-proxy-xlb-forwarding-rule", * IpProtocol = "TCP", * LoadBalancingScheme = "EXTERNAL", * PortRange = "110", * Target = defaultTargetTCPProxy.Id, * IpAddress = defaultGlobalAddress.Id, * }); * // allow access from health check ranges * var defaultFirewall = new Gcp.Compute.Firewall("default", new() * { * Name = "tcp-proxy-xlb-fw-allow-hc", * Direction = "INGRESS", * Network = @default.Id, * SourceRanges = new[] * { * "130.211.0.0/22", * "35.191.0.0/16", * }, * Allows = new[] * { * new Gcp.Compute.Inputs.FirewallAllowArgs * { * Protocol = "tcp", * }, * }, * TargetTags = new[] * { * "allow-health-check", * }, * }); * }); * ``` * ```go * package main * import ( * "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute" * "github.com/pulumi/pulumi/sdk/v3/go/pulumi" * ) * func main() { * pulumi.Run(func(ctx *pulumi.Context) error { * // External TCP proxy load balancer with managed instance group backend * // VPC * _, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{ * Name: pulumi.String("tcp-proxy-xlb-network"), * AutoCreateSubnetworks: pulumi.Bool(false), * }) * if err != nil { * return err * } * // backend subnet * defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{ * Name: pulumi.String("tcp-proxy-xlb-subnet"), * IpCidrRange: pulumi.String("10.0.1.0/24"), * Region: pulumi.String("us-central1"), * Network: _default.ID(), * }) * if err != nil { * return err * } * // reserved IP address * defaultGlobalAddress, err := compute.NewGlobalAddress(ctx, "default", &compute.GlobalAddressArgs{ * Name: pulumi.String("tcp-proxy-xlb-ip"), * }) * if err != nil { * return err * } * defaultHealthCheck, err := compute.NewHealthCheck(ctx, "default", &compute.HealthCheckArgs{ * Name: pulumi.String("tcp-proxy-health-check"), * TimeoutSec: pulumi.Int(1), * CheckIntervalSec: pulumi.Int(1), * TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{ * Port: pulumi.Int(80), * }, * }) * if err != nil { * return err * } * // instance template * defaultInstanceTemplate, err := compute.NewInstanceTemplate(ctx, "default", &compute.InstanceTemplateArgs{ * NetworkInterfaces: compute.InstanceTemplateNetworkInterfaceArray{ * &compute.InstanceTemplateNetworkInterfaceArgs{ * AccessConfigs: compute.InstanceTemplateNetworkInterfaceAccessConfigArray{ * nil, * }, * Network: _default.ID(), * Subnetwork: defaultSubnetwork.ID(), * }, * }, * Name: pulumi.String("tcp-proxy-xlb-mig-template"), * MachineType: pulumi.String("e2-small"), * Tags: pulumi.StringArray{ * pulumi.String("allow-health-check"), * }, * Disks: compute.InstanceTemplateDiskArray{ * &compute.InstanceTemplateDiskArgs{ * SourceImage: pulumi.String("debian-cloud/debian-10"), * AutoDelete: pulumi.Bool(true), * Boot: pulumi.Bool(true), * }, * }, * Metadata: pulumi.Map{ * "startup-script": pulumi.Any(`#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * `), * }, * }) * if err != nil { * return err * } * // MIG * defaultInstanceGroupManager, err := compute.NewInstanceGroupManager(ctx, "default", &compute.InstanceGroupManagerArgs{ * Name: pulumi.String("tcp-proxy-xlb-mig1"), * Zone: pulumi.String("us-central1-c"), * NamedPorts: compute.InstanceGroupManagerNamedPortArray{ * &compute.InstanceGroupManagerNamedPortArgs{ * Name: pulumi.String("tcp"), * Port: pulumi.Int(80), * }, * }, * Versions: compute.InstanceGroupManagerVersionArray{ * &compute.InstanceGroupManagerVersionArgs{ * InstanceTemplate: defaultInstanceTemplate.ID(), * Name: pulumi.String("primary"), * }, * }, * BaseInstanceName: pulumi.String("vm"), * TargetSize: pulumi.Int(2), * }) * if err != nil { * return err * } * // backend service * defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{ * Name: pulumi.String("tcp-proxy-xlb-backend-service"), * Protocol: pulumi.String("TCP"), * PortName: pulumi.String("tcp"), * LoadBalancingScheme: pulumi.String("EXTERNAL"), * TimeoutSec: pulumi.Int(10), * HealthChecks: defaultHealthCheck.ID(), * Backends: compute.BackendServiceBackendArray{ * &compute.BackendServiceBackendArgs{ * Group: defaultInstanceGroupManager.InstanceGroup, * BalancingMode: pulumi.String("UTILIZATION"), * MaxUtilization: pulumi.Float64(1), * CapacityScaler: pulumi.Float64(1), * }, * }, * }) * if err != nil { * return err * } * defaultTargetTCPProxy, err := compute.NewTargetTCPProxy(ctx, "default", &compute.TargetTCPProxyArgs{ * Name: pulumi.String("test-proxy-health-check"), * BackendService: defaultBackendService.ID(), * }) * if err != nil { * return err * } * // forwarding rule * _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{ * Name: pulumi.String("tcp-proxy-xlb-forwarding-rule"), * IpProtocol: pulumi.String("TCP"), * LoadBalancingScheme: pulumi.String("EXTERNAL"), * PortRange: pulumi.String("110"), * Target: defaultTargetTCPProxy.ID(), * IpAddress: defaultGlobalAddress.ID(), * }) * if err != nil { * return err * } * // allow access from health check ranges * _, err = compute.NewFirewall(ctx, "default", &compute.FirewallArgs{ * Name: pulumi.String("tcp-proxy-xlb-fw-allow-hc"), * Direction: pulumi.String("INGRESS"), * Network: _default.ID(), * SourceRanges: pulumi.StringArray{ * pulumi.String("130.211.0.0/22"), * pulumi.String("35.191.0.0/16"), * }, * Allows: compute.FirewallAllowArray{ * &compute.FirewallAllowArgs{ * Protocol: pulumi.String("tcp"), * }, * }, * TargetTags: pulumi.StringArray{ * pulumi.String("allow-health-check"), * }, * }) * if err != nil { * return err * } * return nil * }) * } * ``` * ```java * package generated_program; * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.gcp.compute.Network; * import com.pulumi.gcp.compute.NetworkArgs; * import com.pulumi.gcp.compute.Subnetwork; * import com.pulumi.gcp.compute.SubnetworkArgs; * import com.pulumi.gcp.compute.GlobalAddress; * import com.pulumi.gcp.compute.GlobalAddressArgs; * import com.pulumi.gcp.compute.HealthCheck; * import com.pulumi.gcp.compute.HealthCheckArgs; * import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs; * import com.pulumi.gcp.compute.InstanceTemplate; * import com.pulumi.gcp.compute.InstanceTemplateArgs; * import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs; * import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs; * import com.pulumi.gcp.compute.InstanceGroupManager; * import com.pulumi.gcp.compute.InstanceGroupManagerArgs; * import com.pulumi.gcp.compute.inputs.InstanceGroupManagerNamedPortArgs; * import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs; * import com.pulumi.gcp.compute.BackendService; * import com.pulumi.gcp.compute.BackendServiceArgs; * import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs; * import com.pulumi.gcp.compute.TargetTCPProxy; * import com.pulumi.gcp.compute.TargetTCPProxyArgs; * import com.pulumi.gcp.compute.GlobalForwardingRule; * import com.pulumi.gcp.compute.GlobalForwardingRuleArgs; * import com.pulumi.gcp.compute.Firewall; * import com.pulumi.gcp.compute.FirewallArgs; * import com.pulumi.gcp.compute.inputs.FirewallAllowArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; * import java.io.File; * import java.nio.file.Files; * import java.nio.file.Paths; * public class App { * public static void main(String[] args) { * Pulumi.run(App::stack); * } * public static void stack(Context ctx) { * // External TCP proxy load balancer with managed instance group backend * // VPC * var default_ = new Network("default", NetworkArgs.builder() * .name("tcp-proxy-xlb-network") * .autoCreateSubnetworks(false) * .build()); * // backend subnet * var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder() * .name("tcp-proxy-xlb-subnet") * .ipCidrRange("10.0.1.0/24") * .region("us-central1") * .network(default_.id()) * .build()); * // reserved IP address * var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress", GlobalAddressArgs.builder() * .name("tcp-proxy-xlb-ip") * .build()); * var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder() * .name("tcp-proxy-health-check") * .timeoutSec(1) * .checkIntervalSec(1) * .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder() * .port("80") * .build()) * .build()); * // instance template * var defaultInstanceTemplate = new InstanceTemplate("defaultInstanceTemplate", InstanceTemplateArgs.builder() * .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder() * .accessConfigs() * .network(default_.id()) * .subnetwork(defaultSubnetwork.id()) * .build()) * .name("tcp-proxy-xlb-mig-template") * .machineType("e2-small") * .tags("allow-health-check") * .disks(InstanceTemplateDiskArgs.builder() * .sourceImage("debian-cloud/debian-10") * .autoDelete(true) * .boot(true) * .build()) * .metadata(Map.of("startup-script", """ * #! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * """)) * .build()); * // MIG * var defaultInstanceGroupManager = new InstanceGroupManager("defaultInstanceGroupManager", InstanceGroupManagerArgs.builder() * .name("tcp-proxy-xlb-mig1") * .zone("us-central1-c") * .namedPorts(InstanceGroupManagerNamedPortArgs.builder() * .name("tcp") * .port(80) * .build()) * .versions(InstanceGroupManagerVersionArgs.builder() * .instanceTemplate(defaultInstanceTemplate.id()) * .name("primary") * .build()) * .baseInstanceName("vm") * .targetSize(2) * .build()); * // backend service * var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder() * .name("tcp-proxy-xlb-backend-service") * .protocol("TCP") * .portName("tcp") * .loadBalancingScheme("EXTERNAL") * .timeoutSec(10) * .healthChecks(defaultHealthCheck.id()) * .backends(BackendServiceBackendArgs.builder() * .group(defaultInstanceGroupManager.instanceGroup()) * .balancingMode("UTILIZATION") * .maxUtilization(1) * .capacityScaler(1) * .build()) * .build()); * var defaultTargetTCPProxy = new TargetTCPProxy("defaultTargetTCPProxy", TargetTCPProxyArgs.builder() * .name("test-proxy-health-check") * .backendService(defaultBackendService.id()) * .build()); * // forwarding rule * var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder() * .name("tcp-proxy-xlb-forwarding-rule") * .ipProtocol("TCP") * .loadBalancingScheme("EXTERNAL") * .portRange("110") * .target(defaultTargetTCPProxy.id()) * .ipAddress(defaultGlobalAddress.id()) * .build()); * // allow access from health check ranges * var defaultFirewall = new Firewall("defaultFirewall", FirewallArgs.builder() * .name("tcp-proxy-xlb-fw-allow-hc") * .direction("INGRESS") * .network(default_.id()) * .sourceRanges( * "130.211.0.0/22", * "35.191.0.0/16") * .allows(FirewallAllowArgs.builder() * .protocol("tcp") * .build()) * .targetTags("allow-health-check") * .build()); * } * } * ``` * ```yaml * resources: * # External TCP proxy load balancer with managed instance group backend * # VPC * default: * type: gcp:compute:Network * properties: * name: tcp-proxy-xlb-network * autoCreateSubnetworks: false * # backend subnet * defaultSubnetwork: * type: gcp:compute:Subnetwork * name: default * properties: * name: tcp-proxy-xlb-subnet * ipCidrRange: 10.0.1.0/24 * region: us-central1 * network: ${default.id} * # reserved IP address * defaultGlobalAddress: * type: gcp:compute:GlobalAddress * name: default * properties: * name: tcp-proxy-xlb-ip * # forwarding rule * defaultGlobalForwardingRule: * type: gcp:compute:GlobalForwardingRule * name: default * properties: * name: tcp-proxy-xlb-forwarding-rule * ipProtocol: TCP * loadBalancingScheme: EXTERNAL * portRange: '110' * target: ${defaultTargetTCPProxy.id} * ipAddress: ${defaultGlobalAddress.id} * defaultTargetTCPProxy: * type: gcp:compute:TargetTCPProxy * name: default * properties: * name: test-proxy-health-check * backendService: ${defaultBackendService.id} * # backend service * defaultBackendService: * type: gcp:compute:BackendService * name: default * properties: * name: tcp-proxy-xlb-backend-service * protocol: TCP * portName: tcp * loadBalancingScheme: EXTERNAL * timeoutSec: 10 * healthChecks: ${defaultHealthCheck.id} * backends: * - group: ${defaultInstanceGroupManager.instanceGroup} * balancingMode: UTILIZATION * maxUtilization: 1 * capacityScaler: 1 * defaultHealthCheck: * type: gcp:compute:HealthCheck * name: default * properties: * name: tcp-proxy-health-check * timeoutSec: 1 * checkIntervalSec: 1 * tcpHealthCheck: * port: '80' * # instance template * defaultInstanceTemplate: * type: gcp:compute:InstanceTemplate * name: default * properties: * networkInterfaces: * - accessConfigs: * - {} * network: ${default.id} * subnetwork: ${defaultSubnetwork.id} * name: tcp-proxy-xlb-mig-template * machineType: e2-small * tags: * - allow-health-check * disks: * - sourceImage: debian-cloud/debian-10 * autoDelete: true * boot: true * metadata: * startup-script: | * #! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 *           Name: $NAME
 *           IP: $IP
 *           Metadata: $METADATA
 *           
* EOF * # MIG * defaultInstanceGroupManager: * type: gcp:compute:InstanceGroupManager * name: default * properties: * name: tcp-proxy-xlb-mig1 * zone: us-central1-c * namedPorts: * - name: tcp * port: 80 * versions: * - instanceTemplate: ${defaultInstanceTemplate.id} * name: primary * baseInstanceName: vm * targetSize: 2 * # allow access from health check ranges * defaultFirewall: * type: gcp:compute:Firewall * name: default * properties: * name: tcp-proxy-xlb-fw-allow-hc * direction: INGRESS * network: ${default.id} * sourceRanges: * - 130.211.0.0/22 * - 35.191.0.0/16 * allows: * - protocol: tcp * targetTags: * - allow-health-check * ``` * * ### External Http Lb Mig Backend Custom Header * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * // External HTTP load balancer with a CDN-enabled managed instance group backend * // and custom request and response headers * // VPC * const _default = new gcp.compute.Network("default", { * name: "l7-xlb-network", * autoCreateSubnetworks: false, * }); * // backend subnet * const defaultSubnetwork = new gcp.compute.Subnetwork("default", { * name: "l7-xlb-subnet", * ipCidrRange: "10.0.1.0/24", * region: "us-central1", * network: _default.id, * }); * // reserved IP address * const defaultGlobalAddress = new gcp.compute.GlobalAddress("default", {name: "l7-xlb-static-ip"}); * // health check * const defaultHealthCheck = new gcp.compute.HealthCheck("default", { * name: "l7-xlb-hc", * httpHealthCheck: { * portSpecification: "USE_SERVING_PORT", * }, * }); * // instance template * const defaultInstanceTemplate = new gcp.compute.InstanceTemplate("default", { * networkInterfaces: [{ * accessConfigs: [{}], * network: _default.id, * subnetwork: defaultSubnetwork.id, * }], * name: "l7-xlb-mig-template", * machineType: "e2-small", * tags: ["allow-health-check"], * disks: [{ * sourceImage: "debian-cloud/debian-10", * autoDelete: true, * boot: true, * }], * metadata: { * "startup-script": `#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: NAME
 * IP: IP
 * Metadata: METADATA
 * 
* EOF * `, * }, * }); * // MIG * const defaultInstanceGroupManager = new gcp.compute.InstanceGroupManager("default", { * name: "l7-xlb-mig1", * zone: "us-central1-c", * namedPorts: [{ * name: "http", * port: 8080, * }], * versions: [{ * instanceTemplate: defaultInstanceTemplate.id, * name: "primary", * }], * baseInstanceName: "vm", * targetSize: 2, * }); * // backend service with custom request and response headers * const defaultBackendService = new gcp.compute.BackendService("default", { * name: "l7-xlb-backend-service", * protocol: "HTTP", * portName: "my-port", * loadBalancingScheme: "EXTERNAL", * timeoutSec: 10, * enableCdn: true, * customRequestHeaders: ["X-Client-Geo-Location: {client_region_subdivision}, {client_city}"], * customResponseHeaders: ["X-Cache-Hit: {cdn_cache_status}"], * healthChecks: defaultHealthCheck.id, * backends: [{ * group: defaultInstanceGroupManager.instanceGroup, * balancingMode: "UTILIZATION", * capacityScaler: 1, * }], * }); * // url map * const defaultURLMap = new gcp.compute.URLMap("default", { * name: "l7-xlb-url-map", * defaultService: defaultBackendService.id, * }); * // http proxy * const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("default", { * name: "l7-xlb-target-http-proxy", * urlMap: defaultURLMap.id, * }); * // forwarding rule * const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("default", { * name: "l7-xlb-forwarding-rule", * ipProtocol: "TCP", * loadBalancingScheme: "EXTERNAL", * portRange: "80", * target: defaultTargetHttpProxy.id, * ipAddress: defaultGlobalAddress.id, * }); * // allow access from health check ranges * const defaultFirewall = new gcp.compute.Firewall("default", { * name: "l7-xlb-fw-allow-hc", * direction: "INGRESS", * network: _default.id, * sourceRanges: [ * "130.211.0.0/22", * "35.191.0.0/16", * ], * allows: [{ * protocol: "tcp", * }], * targetTags: ["allow-health-check"], * }); * ``` * ```python * import pulumi * import pulumi_gcp as gcp * # External HTTP load balancer with a CDN-enabled managed instance group backend * # and custom request and response headers * # VPC * default = gcp.compute.Network("default", * name="l7-xlb-network", * auto_create_subnetworks=False) * # backend subnet * default_subnetwork = gcp.compute.Subnetwork("default", * name="l7-xlb-subnet", * ip_cidr_range="10.0.1.0/24", * region="us-central1", * network=default.id) * # reserved IP address * default_global_address = gcp.compute.GlobalAddress("default", name="l7-xlb-static-ip") * # health check * default_health_check = gcp.compute.HealthCheck("default", * name="l7-xlb-hc", * http_health_check=gcp.compute.HealthCheckHttpHealthCheckArgs( * port_specification="USE_SERVING_PORT", * )) * # instance template * default_instance_template = gcp.compute.InstanceTemplate("default", * network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs( * access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()], * network=default.id, * subnetwork=default_subnetwork.id, * )], * name="l7-xlb-mig-template", * machine_type="e2-small", * tags=["allow-health-check"], * disks=[gcp.compute.InstanceTemplateDiskArgs( * source_image="debian-cloud/debian-10", * auto_delete=True, * boot=True, * )], * metadata={ * "startup-script": """#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * """, * }) * # MIG * default_instance_group_manager = gcp.compute.InstanceGroupManager("default", * name="l7-xlb-mig1", * zone="us-central1-c", * named_ports=[gcp.compute.InstanceGroupManagerNamedPortArgs( * name="http", * port=8080, * )], * versions=[gcp.compute.InstanceGroupManagerVersionArgs( * instance_template=default_instance_template.id, * name="primary", * )], * base_instance_name="vm", * target_size=2) * # backend service with custom request and response headers * default_backend_service = gcp.compute.BackendService("default", * name="l7-xlb-backend-service", * protocol="HTTP", * port_name="my-port", * load_balancing_scheme="EXTERNAL", * timeout_sec=10, * enable_cdn=True, * custom_request_headers=["X-Client-Geo-Location: {client_region_subdivision}, {client_city}"], * custom_response_headers=["X-Cache-Hit: {cdn_cache_status}"], * health_checks=default_health_check.id, * backends=[gcp.compute.BackendServiceBackendArgs( * group=default_instance_group_manager.instance_group, * balancing_mode="UTILIZATION", * capacity_scaler=1, * )]) * # url map * default_url_map = gcp.compute.URLMap("default", * name="l7-xlb-url-map", * default_service=default_backend_service.id) * # http proxy * default_target_http_proxy = gcp.compute.TargetHttpProxy("default", * name="l7-xlb-target-http-proxy", * url_map=default_url_map.id) * # forwarding rule * default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default", * name="l7-xlb-forwarding-rule", * ip_protocol="TCP", * load_balancing_scheme="EXTERNAL", * port_range="80", * target=default_target_http_proxy.id, * ip_address=default_global_address.id) * # allow access from health check ranges * default_firewall = gcp.compute.Firewall("default", * name="l7-xlb-fw-allow-hc", * direction="INGRESS", * network=default.id, * source_ranges=[ * "130.211.0.0/22", * "35.191.0.0/16", * ], * allows=[gcp.compute.FirewallAllowArgs( * protocol="tcp", * )], * target_tags=["allow-health-check"]) * ``` * ```csharp * using System.Collections.Generic; * using System.Linq; * using Pulumi; * using Gcp = Pulumi.Gcp; * return await Deployment.RunAsync(() => * { * // External HTTP load balancer with a CDN-enabled managed instance group backend * // and custom request and response headers * // VPC * var @default = new Gcp.Compute.Network("default", new() * { * Name = "l7-xlb-network", * AutoCreateSubnetworks = false, * }); * // backend subnet * var defaultSubnetwork = new Gcp.Compute.Subnetwork("default", new() * { * Name = "l7-xlb-subnet", * IpCidrRange = "10.0.1.0/24", * Region = "us-central1", * Network = @default.Id, * }); * // reserved IP address * var defaultGlobalAddress = new Gcp.Compute.GlobalAddress("default", new() * { * Name = "l7-xlb-static-ip", * }); * // health check * var defaultHealthCheck = new Gcp.Compute.HealthCheck("default", new() * { * Name = "l7-xlb-hc", * HttpHealthCheck = new Gcp.Compute.Inputs.HealthCheckHttpHealthCheckArgs * { * PortSpecification = "USE_SERVING_PORT", * }, * }); * // instance template * var defaultInstanceTemplate = new Gcp.Compute.InstanceTemplate("default", new() * { * NetworkInterfaces = new[] * { * new Gcp.Compute.Inputs.InstanceTemplateNetworkInterfaceArgs * { * AccessConfigs = new[] * { * null, * }, * Network = @default.Id, * Subnetwork = defaultSubnetwork.Id, * }, * }, * Name = "l7-xlb-mig-template", * MachineType = "e2-small", * Tags = new[] * { * "allow-health-check", * }, * Disks = new[] * { * new Gcp.Compute.Inputs.InstanceTemplateDiskArgs * { * SourceImage = "debian-cloud/debian-10", * AutoDelete = true, * Boot = true, * }, * }, * Metadata = * { * { "startup-script", @"#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/hostname"") * IP=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip"") * METADATA=$(curl -f -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True"" | jq 'del(.[""startup-script""])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * " }, * }, * }); * // MIG * var defaultInstanceGroupManager = new Gcp.Compute.InstanceGroupManager("default", new() * { * Name = "l7-xlb-mig1", * Zone = "us-central1-c", * NamedPorts = new[] * { * new Gcp.Compute.Inputs.InstanceGroupManagerNamedPortArgs * { * Name = "http", * Port = 8080, * }, * }, * Versions = new[] * { * new Gcp.Compute.Inputs.InstanceGroupManagerVersionArgs * { * InstanceTemplate = defaultInstanceTemplate.Id, * Name = "primary", * }, * }, * BaseInstanceName = "vm", * TargetSize = 2, * }); * // backend service with custom request and response headers * var defaultBackendService = new Gcp.Compute.BackendService("default", new() * { * Name = "l7-xlb-backend-service", * Protocol = "HTTP", * PortName = "my-port", * LoadBalancingScheme = "EXTERNAL", * TimeoutSec = 10, * EnableCdn = true, * CustomRequestHeaders = new[] * { * "X-Client-Geo-Location: {client_region_subdivision}, {client_city}", * }, * CustomResponseHeaders = new[] * { * "X-Cache-Hit: {cdn_cache_status}", * }, * HealthChecks = defaultHealthCheck.Id, * Backends = new[] * { * new Gcp.Compute.Inputs.BackendServiceBackendArgs * { * Group = defaultInstanceGroupManager.InstanceGroup, * BalancingMode = "UTILIZATION", * CapacityScaler = 1, * }, * }, * }); * // url map * var defaultURLMap = new Gcp.Compute.URLMap("default", new() * { * Name = "l7-xlb-url-map", * DefaultService = defaultBackendService.Id, * }); * // http proxy * var defaultTargetHttpProxy = new Gcp.Compute.TargetHttpProxy("default", new() * { * Name = "l7-xlb-target-http-proxy", * UrlMap = defaultURLMap.Id, * }); * // forwarding rule * var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("default", new() * { * Name = "l7-xlb-forwarding-rule", * IpProtocol = "TCP", * LoadBalancingScheme = "EXTERNAL", * PortRange = "80", * Target = defaultTargetHttpProxy.Id, * IpAddress = defaultGlobalAddress.Id, * }); * // allow access from health check ranges * var defaultFirewall = new Gcp.Compute.Firewall("default", new() * { * Name = "l7-xlb-fw-allow-hc", * Direction = "INGRESS", * Network = @default.Id, * SourceRanges = new[] * { * "130.211.0.0/22", * "35.191.0.0/16", * }, * Allows = new[] * { * new Gcp.Compute.Inputs.FirewallAllowArgs * { * Protocol = "tcp", * }, * }, * TargetTags = new[] * { * "allow-health-check", * }, * }); * }); * ``` * ```go * package main * import ( * "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute" * "github.com/pulumi/pulumi/sdk/v3/go/pulumi" * ) * func main() { * pulumi.Run(func(ctx *pulumi.Context) error { * // External HTTP load balancer with a CDN-enabled managed instance group backend * // and custom request and response headers * // VPC * _, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{ * Name: pulumi.String("l7-xlb-network"), * AutoCreateSubnetworks: pulumi.Bool(false), * }) * if err != nil { * return err * } * // backend subnet * defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{ * Name: pulumi.String("l7-xlb-subnet"), * IpCidrRange: pulumi.String("10.0.1.0/24"), * Region: pulumi.String("us-central1"), * Network: _default.ID(), * }) * if err != nil { * return err * } * // reserved IP address * defaultGlobalAddress, err := compute.NewGlobalAddress(ctx, "default", &compute.GlobalAddressArgs{ * Name: pulumi.String("l7-xlb-static-ip"), * }) * if err != nil { * return err * } * // health check * defaultHealthCheck, err := compute.NewHealthCheck(ctx, "default", &compute.HealthCheckArgs{ * Name: pulumi.String("l7-xlb-hc"), * HttpHealthCheck: &compute.HealthCheckHttpHealthCheckArgs{ * PortSpecification: pulumi.String("USE_SERVING_PORT"), * }, * }) * if err != nil { * return err * } * // instance template * defaultInstanceTemplate, err := compute.NewInstanceTemplate(ctx, "default", &compute.InstanceTemplateArgs{ * NetworkInterfaces: compute.InstanceTemplateNetworkInterfaceArray{ * &compute.InstanceTemplateNetworkInterfaceArgs{ * AccessConfigs: compute.InstanceTemplateNetworkInterfaceAccessConfigArray{ * nil, * }, * Network: _default.ID(), * Subnetwork: defaultSubnetwork.ID(), * }, * }, * Name: pulumi.String("l7-xlb-mig-template"), * MachineType: pulumi.String("e2-small"), * Tags: pulumi.StringArray{ * pulumi.String("allow-health-check"), * }, * Disks: compute.InstanceTemplateDiskArray{ * &compute.InstanceTemplateDiskArgs{ * SourceImage: pulumi.String("debian-cloud/debian-10"), * AutoDelete: pulumi.Bool(true), * Boot: pulumi.Bool(true), * }, * }, * Metadata: pulumi.Map{ * "startup-script": pulumi.Any(`#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * `), * }, * }) * if err != nil { * return err * } * // MIG * defaultInstanceGroupManager, err := compute.NewInstanceGroupManager(ctx, "default", &compute.InstanceGroupManagerArgs{ * Name: pulumi.String("l7-xlb-mig1"), * Zone: pulumi.String("us-central1-c"), * NamedPorts: compute.InstanceGroupManagerNamedPortArray{ * &compute.InstanceGroupManagerNamedPortArgs{ * Name: pulumi.String("http"), * Port: pulumi.Int(8080), * }, * }, * Versions: compute.InstanceGroupManagerVersionArray{ * &compute.InstanceGroupManagerVersionArgs{ * InstanceTemplate: defaultInstanceTemplate.ID(), * Name: pulumi.String("primary"), * }, * }, * BaseInstanceName: pulumi.String("vm"), * TargetSize: pulumi.Int(2), * }) * if err != nil { * return err * } * // backend service with custom request and response headers * defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{ * Name: pulumi.String("l7-xlb-backend-service"), * Protocol: pulumi.String("HTTP"), * PortName: pulumi.String("my-port"), * LoadBalancingScheme: pulumi.String("EXTERNAL"), * TimeoutSec: pulumi.Int(10), * EnableCdn: pulumi.Bool(true), * CustomRequestHeaders: pulumi.StringArray{ * pulumi.String("X-Client-Geo-Location: {client_region_subdivision}, {client_city}"), * }, * CustomResponseHeaders: pulumi.StringArray{ * pulumi.String("X-Cache-Hit: {cdn_cache_status}"), * }, * HealthChecks: defaultHealthCheck.ID(), * Backends: compute.BackendServiceBackendArray{ * &compute.BackendServiceBackendArgs{ * Group: defaultInstanceGroupManager.InstanceGroup, * BalancingMode: pulumi.String("UTILIZATION"), * CapacityScaler: pulumi.Float64(1), * }, * }, * }) * if err != nil { * return err * } * // url map * defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{ * Name: pulumi.String("l7-xlb-url-map"), * DefaultService: defaultBackendService.ID(), * }) * if err != nil { * return err * } * // http proxy * defaultTargetHttpProxy, err := compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{ * Name: pulumi.String("l7-xlb-target-http-proxy"), * UrlMap: defaultURLMap.ID(), * }) * if err != nil { * return err * } * // forwarding rule * _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{ * Name: pulumi.String("l7-xlb-forwarding-rule"), * IpProtocol: pulumi.String("TCP"), * LoadBalancingScheme: pulumi.String("EXTERNAL"), * PortRange: pulumi.String("80"), * Target: defaultTargetHttpProxy.ID(), * IpAddress: defaultGlobalAddress.ID(), * }) * if err != nil { * return err * } * // allow access from health check ranges * _, err = compute.NewFirewall(ctx, "default", &compute.FirewallArgs{ * Name: pulumi.String("l7-xlb-fw-allow-hc"), * Direction: pulumi.String("INGRESS"), * Network: _default.ID(), * SourceRanges: pulumi.StringArray{ * pulumi.String("130.211.0.0/22"), * pulumi.String("35.191.0.0/16"), * }, * Allows: compute.FirewallAllowArray{ * &compute.FirewallAllowArgs{ * Protocol: pulumi.String("tcp"), * }, * }, * TargetTags: pulumi.StringArray{ * pulumi.String("allow-health-check"), * }, * }) * if err != nil { * return err * } * return nil * }) * } * ``` * ```java * package generated_program; * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.gcp.compute.Network; * import com.pulumi.gcp.compute.NetworkArgs; * import com.pulumi.gcp.compute.Subnetwork; * import com.pulumi.gcp.compute.SubnetworkArgs; * import com.pulumi.gcp.compute.GlobalAddress; * import com.pulumi.gcp.compute.GlobalAddressArgs; * import com.pulumi.gcp.compute.HealthCheck; * import com.pulumi.gcp.compute.HealthCheckArgs; * import com.pulumi.gcp.compute.inputs.HealthCheckHttpHealthCheckArgs; * import com.pulumi.gcp.compute.InstanceTemplate; * import com.pulumi.gcp.compute.InstanceTemplateArgs; * import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs; * import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs; * import com.pulumi.gcp.compute.InstanceGroupManager; * import com.pulumi.gcp.compute.InstanceGroupManagerArgs; * import com.pulumi.gcp.compute.inputs.InstanceGroupManagerNamedPortArgs; * import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs; * import com.pulumi.gcp.compute.BackendService; * import com.pulumi.gcp.compute.BackendServiceArgs; * import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs; * import com.pulumi.gcp.compute.URLMap; * import com.pulumi.gcp.compute.URLMapArgs; * import com.pulumi.gcp.compute.TargetHttpProxy; * import com.pulumi.gcp.compute.TargetHttpProxyArgs; * import com.pulumi.gcp.compute.GlobalForwardingRule; * import com.pulumi.gcp.compute.GlobalForwardingRuleArgs; * import com.pulumi.gcp.compute.Firewall; * import com.pulumi.gcp.compute.FirewallArgs; * import com.pulumi.gcp.compute.inputs.FirewallAllowArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; * import java.io.File; * import java.nio.file.Files; * import java.nio.file.Paths; * public class App { * public static void main(String[] args) { * Pulumi.run(App::stack); * } * public static void stack(Context ctx) { * // External HTTP load balancer with a CDN-enabled managed instance group backend * // and custom request and response headers * // VPC * var default_ = new Network("default", NetworkArgs.builder() * .name("l7-xlb-network") * .autoCreateSubnetworks(false) * .build()); * // backend subnet * var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder() * .name("l7-xlb-subnet") * .ipCidrRange("10.0.1.0/24") * .region("us-central1") * .network(default_.id()) * .build()); * // reserved IP address * var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress", GlobalAddressArgs.builder() * .name("l7-xlb-static-ip") * .build()); * // health check * var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder() * .name("l7-xlb-hc") * .httpHealthCheck(HealthCheckHttpHealthCheckArgs.builder() * .portSpecification("USE_SERVING_PORT") * .build()) * .build()); * // instance template * var defaultInstanceTemplate = new InstanceTemplate("defaultInstanceTemplate", InstanceTemplateArgs.builder() * .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder() * .accessConfigs() * .network(default_.id()) * .subnetwork(defaultSubnetwork.id()) * .build()) * .name("l7-xlb-mig-template") * .machineType("e2-small") * .tags("allow-health-check") * .disks(InstanceTemplateDiskArgs.builder() * .sourceImage("debian-cloud/debian-10") * .autoDelete(true) * .boot(true) * .build()) * .metadata(Map.of("startup-script", """ * #! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * """)) * .build()); * // MIG * var defaultInstanceGroupManager = new InstanceGroupManager("defaultInstanceGroupManager", InstanceGroupManagerArgs.builder() * .name("l7-xlb-mig1") * .zone("us-central1-c") * .namedPorts(InstanceGroupManagerNamedPortArgs.builder() * .name("http") * .port(8080) * .build()) * .versions(InstanceGroupManagerVersionArgs.builder() * .instanceTemplate(defaultInstanceTemplate.id()) * .name("primary") * .build()) * .baseInstanceName("vm") * .targetSize(2) * .build()); * // backend service with custom request and response headers * var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder() * .name("l7-xlb-backend-service") * .protocol("HTTP") * .portName("my-port") * .loadBalancingScheme("EXTERNAL") * .timeoutSec(10) * .enableCdn(true) * .customRequestHeaders("X-Client-Geo-Location: {client_region_subdivision}, {client_city}") * .customResponseHeaders("X-Cache-Hit: {cdn_cache_status}") * .healthChecks(defaultHealthCheck.id()) * .backends(BackendServiceBackendArgs.builder() * .group(defaultInstanceGroupManager.instanceGroup()) * .balancingMode("UTILIZATION") * .capacityScaler(1) * .build()) * .build()); * // url map * var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder() * .name("l7-xlb-url-map") * .defaultService(defaultBackendService.id()) * .build()); * // http proxy * var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder() * .name("l7-xlb-target-http-proxy") * .urlMap(defaultURLMap.id()) * .build()); * // forwarding rule * var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder() * .name("l7-xlb-forwarding-rule") * .ipProtocol("TCP") * .loadBalancingScheme("EXTERNAL") * .portRange("80") * .target(defaultTargetHttpProxy.id()) * .ipAddress(defaultGlobalAddress.id()) * .build()); * // allow access from health check ranges * var defaultFirewall = new Firewall("defaultFirewall", FirewallArgs.builder() * .name("l7-xlb-fw-allow-hc") * .direction("INGRESS") * .network(default_.id()) * .sourceRanges( * "130.211.0.0/22", * "35.191.0.0/16") * .allows(FirewallAllowArgs.builder() * .protocol("tcp") * .build()) * .targetTags("allow-health-check") * .build()); * } * } * ``` * ```yaml * resources: * # External HTTP load balancer with a CDN-enabled managed instance group backend * # and custom request and response headers * # VPC * default: * type: gcp:compute:Network * properties: * name: l7-xlb-network * autoCreateSubnetworks: false * # backend subnet * defaultSubnetwork: * type: gcp:compute:Subnetwork * name: default * properties: * name: l7-xlb-subnet * ipCidrRange: 10.0.1.0/24 * region: us-central1 * network: ${default.id} * # reserved IP address * defaultGlobalAddress: * type: gcp:compute:GlobalAddress * name: default * properties: * name: l7-xlb-static-ip * # forwarding rule * defaultGlobalForwardingRule: * type: gcp:compute:GlobalForwardingRule * name: default * properties: * name: l7-xlb-forwarding-rule * ipProtocol: TCP * loadBalancingScheme: EXTERNAL * portRange: '80' * target: ${defaultTargetHttpProxy.id} * ipAddress: ${defaultGlobalAddress.id} * # http proxy * defaultTargetHttpProxy: * type: gcp:compute:TargetHttpProxy * name: default * properties: * name: l7-xlb-target-http-proxy * urlMap: ${defaultURLMap.id} * # url map * defaultURLMap: * type: gcp:compute:URLMap * name: default * properties: * name: l7-xlb-url-map * defaultService: ${defaultBackendService.id} * # backend service with custom request and response headers * defaultBackendService: * type: gcp:compute:BackendService * name: default * properties: * name: l7-xlb-backend-service * protocol: HTTP * portName: my-port * loadBalancingScheme: EXTERNAL * timeoutSec: 10 * enableCdn: true * customRequestHeaders: * - 'X-Client-Geo-Location: {client_region_subdivision}, {client_city}' * customResponseHeaders: * - 'X-Cache-Hit: {cdn_cache_status}' * healthChecks: ${defaultHealthCheck.id} * backends: * - group: ${defaultInstanceGroupManager.instanceGroup} * balancingMode: UTILIZATION * capacityScaler: 1 * # instance template * defaultInstanceTemplate: * type: gcp:compute:InstanceTemplate * name: default * properties: * networkInterfaces: * - accessConfigs: * - {} * network: ${default.id} * subnetwork: ${defaultSubnetwork.id} * name: l7-xlb-mig-template * machineType: e2-small * tags: * - allow-health-check * disks: * - sourceImage: debian-cloud/debian-10 * autoDelete: true * boot: true * metadata: * startup-script: | * #! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 *           Name: $NAME
 *           IP: $IP
 *           Metadata: $METADATA
 *           
* EOF * # health check * defaultHealthCheck: * type: gcp:compute:HealthCheck * name: default * properties: * name: l7-xlb-hc * httpHealthCheck: * portSpecification: USE_SERVING_PORT * # MIG * defaultInstanceGroupManager: * type: gcp:compute:InstanceGroupManager * name: default * properties: * name: l7-xlb-mig1 * zone: us-central1-c * namedPorts: * - name: http * port: 8080 * versions: * - instanceTemplate: ${defaultInstanceTemplate.id} * name: primary * baseInstanceName: vm * targetSize: 2 * # allow access from health check ranges * defaultFirewall: * type: gcp:compute:Firewall * name: default * properties: * name: l7-xlb-fw-allow-hc * direction: INGRESS * network: ${default.id} * sourceRanges: * - 130.211.0.0/22 * - 35.191.0.0/16 * allows: * - protocol: tcp * targetTags: * - allow-health-check * ``` * * ### Global Forwarding Rule Http * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", { * name: "check-backend", * requestPath: "/", * checkIntervalSec: 1, * timeoutSec: 1, * }); * const defaultBackendService = new gcp.compute.BackendService("default", { * name: "backend", * portName: "http", * protocol: "HTTP", * timeoutSec: 10, * healthChecks: defaultHttpHealthCheck.id, * }); * const defaultURLMap = new gcp.compute.URLMap("default", { * name: "url-map-target-proxy", * description: "a description", * defaultService: defaultBackendService.id, * hostRules: [{ * hosts: ["mysite.com"], * pathMatcher: "allpaths", * }], * pathMatchers: [{ * name: "allpaths", * defaultService: defaultBackendService.id, * pathRules: [{ * paths: ["/*"], * service: defaultBackendService.id, * }], * }], * }); * const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("default", { * name: "target-proxy", * description: "a description", * urlMap: defaultURLMap.id, * }); * const _default = new gcp.compute.GlobalForwardingRule("default", { * name: "global-rule", * target: defaultTargetHttpProxy.id, * portRange: "80", * }); * ``` * ```python * import pulumi * import pulumi_gcp as gcp * default_http_health_check = gcp.compute.HttpHealthCheck("default", * name="check-backend", * request_path="/", * check_interval_sec=1, * timeout_sec=1) * default_backend_service = gcp.compute.BackendService("default", * name="backend", * port_name="http", * protocol="HTTP", * timeout_sec=10, * health_checks=default_http_health_check.id) * default_url_map = gcp.compute.URLMap("default", * name="url-map-target-proxy", * description="a description", * default_service=default_backend_service.id, * host_rules=[gcp.compute.URLMapHostRuleArgs( * hosts=["mysite.com"], * path_matcher="allpaths", * )], * path_matchers=[gcp.compute.URLMapPathMatcherArgs( * name="allpaths", * default_service=default_backend_service.id, * path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs( * paths=["/*"], * service=default_backend_service.id, * )], * )]) * default_target_http_proxy = gcp.compute.TargetHttpProxy("default", * name="target-proxy", * description="a description", * url_map=default_url_map.id) * default = gcp.compute.GlobalForwardingRule("default", * name="global-rule", * target=default_target_http_proxy.id, * port_range="80") * ``` * ```csharp * using System.Collections.Generic; * using System.Linq; * using Pulumi; * using Gcp = Pulumi.Gcp; * return await Deployment.RunAsync(() => * { * var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new() * { * Name = "check-backend", * RequestPath = "/", * CheckIntervalSec = 1, * TimeoutSec = 1, * }); * var defaultBackendService = new Gcp.Compute.BackendService("default", new() * { * Name = "backend", * PortName = "http", * Protocol = "HTTP", * TimeoutSec = 10, * HealthChecks = defaultHttpHealthCheck.Id, * }); * var defaultURLMap = new Gcp.Compute.URLMap("default", new() * { * Name = "url-map-target-proxy", * Description = "a description", * DefaultService = defaultBackendService.Id, * HostRules = new[] * { * new Gcp.Compute.Inputs.URLMapHostRuleArgs * { * Hosts = new[] * { * "mysite.com", * }, * PathMatcher = "allpaths", * }, * }, * PathMatchers = new[] * { * new Gcp.Compute.Inputs.URLMapPathMatcherArgs * { * Name = "allpaths", * DefaultService = defaultBackendService.Id, * PathRules = new[] * { * new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs * { * Paths = new[] * { * "/*", * }, * Service = defaultBackendService.Id, * }, * }, * }, * }, * }); * var defaultTargetHttpProxy = new Gcp.Compute.TargetHttpProxy("default", new() * { * Name = "target-proxy", * Description = "a description", * UrlMap = defaultURLMap.Id, * }); * var @default = new Gcp.Compute.GlobalForwardingRule("default", new() * { * Name = "global-rule", * Target = defaultTargetHttpProxy.Id, * PortRange = "80", * }); * }); * ``` * ```go * package main * import ( * "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute" * "github.com/pulumi/pulumi/sdk/v3/go/pulumi" * ) * func main() { * pulumi.Run(func(ctx *pulumi.Context) error { * defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{ * Name: pulumi.String("check-backend"), * RequestPath: pulumi.String("/"), * CheckIntervalSec: pulumi.Int(1), * TimeoutSec: pulumi.Int(1), * }) * if err != nil { * return err * } * defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{ * Name: pulumi.String("backend"), * PortName: pulumi.String("http"), * Protocol: pulumi.String("HTTP"), * TimeoutSec: pulumi.Int(10), * HealthChecks: defaultHttpHealthCheck.ID(), * }) * if err != nil { * return err * } * defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{ * Name: pulumi.String("url-map-target-proxy"), * Description: pulumi.String("a description"), * DefaultService: defaultBackendService.ID(), * HostRules: compute.URLMapHostRuleArray{ * &compute.URLMapHostRuleArgs{ * Hosts: pulumi.StringArray{ * pulumi.String("mysite.com"), * }, * PathMatcher: pulumi.String("allpaths"), * }, * }, * PathMatchers: compute.URLMapPathMatcherArray{ * &compute.URLMapPathMatcherArgs{ * Name: pulumi.String("allpaths"), * DefaultService: defaultBackendService.ID(), * PathRules: compute.URLMapPathMatcherPathRuleArray{ * &compute.URLMapPathMatcherPathRuleArgs{ * Paths: pulumi.StringArray{ * pulumi.String("/*"), * }, * Service: defaultBackendService.ID(), * }, * }, * }, * }, * }) * if err != nil { * return err * } * defaultTargetHttpProxy, err := compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{ * Name: pulumi.String("target-proxy"), * Description: pulumi.String("a description"), * UrlMap: defaultURLMap.ID(), * }) * if err != nil { * return err * } * _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{ * Name: pulumi.String("global-rule"), * Target: defaultTargetHttpProxy.ID(), * PortRange: pulumi.String("80"), * }) * if err != nil { * return err * } * return nil * }) * } * ``` * ```java * package generated_program; * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.gcp.compute.HttpHealthCheck; * import com.pulumi.gcp.compute.HttpHealthCheckArgs; * import com.pulumi.gcp.compute.BackendService; * import com.pulumi.gcp.compute.BackendServiceArgs; * import com.pulumi.gcp.compute.URLMap; * import com.pulumi.gcp.compute.URLMapArgs; * import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs; * import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs; * import com.pulumi.gcp.compute.TargetHttpProxy; * import com.pulumi.gcp.compute.TargetHttpProxyArgs; * import com.pulumi.gcp.compute.GlobalForwardingRule; * import com.pulumi.gcp.compute.GlobalForwardingRuleArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; * import java.io.File; * import java.nio.file.Files; * import java.nio.file.Paths; * public class App { * public static void main(String[] args) { * Pulumi.run(App::stack); * } * public static void stack(Context ctx) { * var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder() * .name("check-backend") * .requestPath("/") * .checkIntervalSec(1) * .timeoutSec(1) * .build()); * var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder() * .name("backend") * .portName("http") * .protocol("HTTP") * .timeoutSec(10) * .healthChecks(defaultHttpHealthCheck.id()) * .build()); * var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder() * .name("url-map-target-proxy") * .description("a description") * .defaultService(defaultBackendService.id()) * .hostRules(URLMapHostRuleArgs.builder() * .hosts("mysite.com") * .pathMatcher("allpaths") * .build()) * .pathMatchers(URLMapPathMatcherArgs.builder() * .name("allpaths") * .defaultService(defaultBackendService.id()) * .pathRules(URLMapPathMatcherPathRuleArgs.builder() * .paths("/*") * .service(defaultBackendService.id()) * .build()) * .build()) * .build()); * var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder() * .name("target-proxy") * .description("a description") * .urlMap(defaultURLMap.id()) * .build()); * var default_ = new GlobalForwardingRule("default", GlobalForwardingRuleArgs.builder() * .name("global-rule") * .target(defaultTargetHttpProxy.id()) * .portRange("80") * .build()); * } * } * ``` * ```yaml * resources: * default: * type: gcp:compute:GlobalForwardingRule * properties: * name: global-rule * target: ${defaultTargetHttpProxy.id} * portRange: '80' * defaultTargetHttpProxy: * type: gcp:compute:TargetHttpProxy * name: default * properties: * name: target-proxy * description: a description * urlMap: ${defaultURLMap.id} * defaultURLMap: * type: gcp:compute:URLMap * name: default * properties: * name: url-map-target-proxy * description: a description * defaultService: ${defaultBackendService.id} * hostRules: * - hosts: * - mysite.com * pathMatcher: allpaths * pathMatchers: * - name: allpaths * defaultService: ${defaultBackendService.id} * pathRules: * - paths: * - /* * service: ${defaultBackendService.id} * defaultBackendService: * type: gcp:compute:BackendService * name: default * properties: * name: backend * portName: http * protocol: HTTP * timeoutSec: 10 * healthChecks: ${defaultHttpHealthCheck.id} * defaultHttpHealthCheck: * type: gcp:compute:HttpHealthCheck * name: default * properties: * name: check-backend * requestPath: / * checkIntervalSec: 1 * timeoutSec: 1 * ``` * * ### Global Forwarding Rule Internal * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * const debianImage = gcp.compute.getImage({ * family: "debian-11", * project: "debian-cloud", * }); * const instanceTemplate = new gcp.compute.InstanceTemplate("instance_template", { * name: "template-backend", * machineType: "e2-medium", * networkInterfaces: [{ * network: "default", * }], * disks: [{ * sourceImage: debianImage.then(debianImage => debianImage.selfLink), * autoDelete: true, * boot: true, * }], * }); * const igm = new gcp.compute.InstanceGroupManager("igm", { * name: "igm-internal", * versions: [{ * instanceTemplate: instanceTemplate.id, * name: "primary", * }], * baseInstanceName: "internal-glb", * zone: "us-central1-f", * targetSize: 1, * }); * const defaultHealthCheck = new gcp.compute.HealthCheck("default", { * name: "check-backend", * checkIntervalSec: 1, * timeoutSec: 1, * tcpHealthCheck: { * port: 80, * }, * }); * const defaultBackendService = new gcp.compute.BackendService("default", { * name: "backend", * portName: "http", * protocol: "HTTP", * timeoutSec: 10, * loadBalancingScheme: "INTERNAL_SELF_MANAGED", * backends: [{ * group: igm.instanceGroup, * balancingMode: "RATE", * capacityScaler: 0.4, * maxRatePerInstance: 50, * }], * healthChecks: defaultHealthCheck.id, * }); * const defaultURLMap = new gcp.compute.URLMap("default", { * name: "url-map-target-proxy", * description: "a description", * defaultService: defaultBackendService.id, * hostRules: [{ * hosts: ["mysite.com"], * pathMatcher: "allpaths", * }], * pathMatchers: [{ * name: "allpaths", * defaultService: defaultBackendService.id, * pathRules: [{ * paths: ["/*"], * service: defaultBackendService.id, * }], * }], * }); * const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("default", { * name: "target-proxy", * description: "a description", * urlMap: defaultURLMap.id, * }); * const _default = new gcp.compute.GlobalForwardingRule("default", { * name: "global-rule", * target: defaultTargetHttpProxy.id, * portRange: "80", * loadBalancingScheme: "INTERNAL_SELF_MANAGED", * ipAddress: "0.0.0.0", * metadataFilters: [{ * filterMatchCriteria: "MATCH_ANY", * filterLabels: [{ * name: "PLANET", * value: "MARS", * }], * }], * }); * ``` * ```python * import pulumi * import pulumi_gcp as gcp * debian_image = gcp.compute.get_image(family="debian-11", * project="debian-cloud") * instance_template = gcp.compute.InstanceTemplate("instance_template", * name="template-backend", * machine_type="e2-medium", * network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs( * network="default", * )], * disks=[gcp.compute.InstanceTemplateDiskArgs( * source_image=debian_image.self_link, * auto_delete=True, * boot=True, * )]) * igm = gcp.compute.InstanceGroupManager("igm", * name="igm-internal", * versions=[gcp.compute.InstanceGroupManagerVersionArgs( * instance_template=instance_template.id, * name="primary", * )], * base_instance_name="internal-glb", * zone="us-central1-f", * target_size=1) * default_health_check = gcp.compute.HealthCheck("default", * name="check-backend", * check_interval_sec=1, * timeout_sec=1, * tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs( * port=80, * )) * default_backend_service = gcp.compute.BackendService("default", * name="backend", * port_name="http", * protocol="HTTP", * timeout_sec=10, * load_balancing_scheme="INTERNAL_SELF_MANAGED", * backends=[gcp.compute.BackendServiceBackendArgs( * group=igm.instance_group, * balancing_mode="RATE", * capacity_scaler=0.4, * max_rate_per_instance=50, * )], * health_checks=default_health_check.id) * default_url_map = gcp.compute.URLMap("default", * name="url-map-target-proxy", * description="a description", * default_service=default_backend_service.id, * host_rules=[gcp.compute.URLMapHostRuleArgs( * hosts=["mysite.com"], * path_matcher="allpaths", * )], * path_matchers=[gcp.compute.URLMapPathMatcherArgs( * name="allpaths", * default_service=default_backend_service.id, * path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs( * paths=["/*"], * service=default_backend_service.id, * )], * )]) * default_target_http_proxy = gcp.compute.TargetHttpProxy("default", * name="target-proxy", * description="a description", * url_map=default_url_map.id) * default = gcp.compute.GlobalForwardingRule("default", * name="global-rule", * target=default_target_http_proxy.id, * port_range="80", * load_balancing_scheme="INTERNAL_SELF_MANAGED", * ip_address="0.0.0.0", * metadata_filters=[gcp.compute.GlobalForwardingRuleMetadataFilterArgs( * filter_match_criteria="MATCH_ANY", * filter_labels=[gcp.compute.GlobalForwardingRuleMetadataFilterFilterLabelArgs( * name="PLANET", * value="MARS", * )], * )]) * ``` * ```csharp * using System.Collections.Generic; * using System.Linq; * using Pulumi; * using Gcp = Pulumi.Gcp; * return await Deployment.RunAsync(() => * { * var debianImage = Gcp.Compute.GetImage.Invoke(new() * { * Family = "debian-11", * Project = "debian-cloud", * }); * var instanceTemplate = new Gcp.Compute.InstanceTemplate("instance_template", new() * { * Name = "template-backend", * MachineType = "e2-medium", * NetworkInterfaces = new[] * { * new Gcp.Compute.Inputs.InstanceTemplateNetworkInterfaceArgs * { * Network = "default", * }, * }, * Disks = new[] * { * new Gcp.Compute.Inputs.InstanceTemplateDiskArgs * { * SourceImage = debianImage.Apply(getImageResult => getImageResult.SelfLink), * AutoDelete = true, * Boot = true, * }, * }, * }); * var igm = new Gcp.Compute.InstanceGroupManager("igm", new() * { * Name = "igm-internal", * Versions = new[] * { * new Gcp.Compute.Inputs.InstanceGroupManagerVersionArgs * { * InstanceTemplate = instanceTemplate.Id, * Name = "primary", * }, * }, * BaseInstanceName = "internal-glb", * Zone = "us-central1-f", * TargetSize = 1, * }); * var defaultHealthCheck = new Gcp.Compute.HealthCheck("default", new() * { * Name = "check-backend", * CheckIntervalSec = 1, * TimeoutSec = 1, * TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs * { * Port = 80, * }, * }); * var defaultBackendService = new Gcp.Compute.BackendService("default", new() * { * Name = "backend", * PortName = "http", * Protocol = "HTTP", * TimeoutSec = 10, * LoadBalancingScheme = "INTERNAL_SELF_MANAGED", * Backends = new[] * { * new Gcp.Compute.Inputs.BackendServiceBackendArgs * { * Group = igm.InstanceGroup, * BalancingMode = "RATE", * CapacityScaler = 0.4, * MaxRatePerInstance = 50, * }, * }, * HealthChecks = defaultHealthCheck.Id, * }); * var defaultURLMap = new Gcp.Compute.URLMap("default", new() * { * Name = "url-map-target-proxy", * Description = "a description", * DefaultService = defaultBackendService.Id, * HostRules = new[] * { * new Gcp.Compute.Inputs.URLMapHostRuleArgs * { * Hosts = new[] * { * "mysite.com", * }, * PathMatcher = "allpaths", * }, * }, * PathMatchers = new[] * { * new Gcp.Compute.Inputs.URLMapPathMatcherArgs * { * Name = "allpaths", * DefaultService = defaultBackendService.Id, * PathRules = new[] * { * new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs * { * Paths = new[] * { * "/*", * }, * Service = defaultBackendService.Id, * }, * }, * }, * }, * }); * var defaultTargetHttpProxy = new Gcp.Compute.TargetHttpProxy("default", new() * { * Name = "target-proxy", * Description = "a description", * UrlMap = defaultURLMap.Id, * }); * var @default = new Gcp.Compute.GlobalForwardingRule("default", new() * { * Name = "global-rule", * Target = defaultTargetHttpProxy.Id, * PortRange = "80", * LoadBalancingScheme = "INTERNAL_SELF_MANAGED", * IpAddress = "0.0.0.0", * MetadataFilters = new[] * { * new Gcp.Compute.Inputs.GlobalForwardingRuleMetadataFilterArgs * { * FilterMatchCriteria = "MATCH_ANY", * FilterLabels = new[] * { * new Gcp.Compute.Inputs.GlobalForwardingRuleMetadataFilterFilterLabelArgs * { * Name = "PLANET", * Value = "MARS", * }, * }, * }, * }, * }); * }); * ``` * ```go * package main * import ( * "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute" * "github.com/pulumi/pulumi/sdk/v3/go/pulumi" * ) * func main() { * pulumi.Run(func(ctx *pulumi.Context) error { * debianImage, err := compute.LookupImage(ctx, &compute.LookupImageArgs{ * Family: pulumi.StringRef("debian-11"), * Project: pulumi.StringRef("debian-cloud"), * }, nil) * if err != nil { * return err * } * instanceTemplate, err := compute.NewInstanceTemplate(ctx, "instance_template", &compute.InstanceTemplateArgs{ * Name: pulumi.String("template-backend"), * MachineType: pulumi.String("e2-medium"), * NetworkInterfaces: compute.InstanceTemplateNetworkInterfaceArray{ * &compute.InstanceTemplateNetworkInterfaceArgs{ * Network: pulumi.String("default"), * }, * }, * Disks: compute.InstanceTemplateDiskArray{ * &compute.InstanceTemplateDiskArgs{ * SourceImage: pulumi.String(debianImage.SelfLink), * AutoDelete: pulumi.Bool(true), * Boot: pulumi.Bool(true), * }, * }, * }) * if err != nil { * return err * } * igm, err := compute.NewInstanceGroupManager(ctx, "igm", &compute.InstanceGroupManagerArgs{ * Name: pulumi.String("igm-internal"), * Versions: compute.InstanceGroupManagerVersionArray{ * &compute.InstanceGroupManagerVersionArgs{ * InstanceTemplate: instanceTemplate.ID(), * Name: pulumi.String("primary"), * }, * }, * BaseInstanceName: pulumi.String("internal-glb"), * Zone: pulumi.String("us-central1-f"), * TargetSize: pulumi.Int(1), * }) * if err != nil { * return err * } * defaultHealthCheck, err := compute.NewHealthCheck(ctx, "default", &compute.HealthCheckArgs{ * Name: pulumi.String("check-backend"), * CheckIntervalSec: pulumi.Int(1), * TimeoutSec: pulumi.Int(1), * TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{ * Port: pulumi.Int(80), * }, * }) * if err != nil { * return err * } * defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{ * Name: pulumi.String("backend"), * PortName: pulumi.String("http"), * Protocol: pulumi.String("HTTP"), * TimeoutSec: pulumi.Int(10), * LoadBalancingScheme: pulumi.String("INTERNAL_SELF_MANAGED"), * Backends: compute.BackendServiceBackendArray{ * &compute.BackendServiceBackendArgs{ * Group: igm.InstanceGroup, * BalancingMode: pulumi.String("RATE"), * CapacityScaler: pulumi.Float64(0.4), * MaxRatePerInstance: pulumi.Float64(50), * }, * }, * HealthChecks: defaultHealthCheck.ID(), * }) * if err != nil { * return err * } * defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{ * Name: pulumi.String("url-map-target-proxy"), * Description: pulumi.String("a description"), * DefaultService: defaultBackendService.ID(), * HostRules: compute.URLMapHostRuleArray{ * &compute.URLMapHostRuleArgs{ * Hosts: pulumi.StringArray{ * pulumi.String("mysite.com"), * }, * PathMatcher: pulumi.String("allpaths"), * }, * }, * PathMatchers: compute.URLMapPathMatcherArray{ * &compute.URLMapPathMatcherArgs{ * Name: pulumi.String("allpaths"), * DefaultService: defaultBackendService.ID(), * PathRules: compute.URLMapPathMatcherPathRuleArray{ * &compute.URLMapPathMatcherPathRuleArgs{ * Paths: pulumi.StringArray{ * pulumi.String("/*"), * }, * Service: defaultBackendService.ID(), * }, * }, * }, * }, * }) * if err != nil { * return err * } * defaultTargetHttpProxy, err := compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{ * Name: pulumi.String("target-proxy"), * Description: pulumi.String("a description"), * UrlMap: defaultURLMap.ID(), * }) * if err != nil { * return err * } * _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{ * Name: pulumi.String("global-rule"), * Target: defaultTargetHttpProxy.ID(), * PortRange: pulumi.String("80"), * LoadBalancingScheme: pulumi.String("INTERNAL_SELF_MANAGED"), * IpAddress: pulumi.String("0.0.0.0"), * MetadataFilters: compute.GlobalForwardingRuleMetadataFilterArray{ * &compute.GlobalForwardingRuleMetadataFilterArgs{ * FilterMatchCriteria: pulumi.String("MATCH_ANY"), * FilterLabels: compute.GlobalForwardingRuleMetadataFilterFilterLabelArray{ * &compute.GlobalForwardingRuleMetadataFilterFilterLabelArgs{ * Name: pulumi.String("PLANET"), * Value: pulumi.String("MARS"), * }, * }, * }, * }, * }) * if err != nil { * return err * } * return nil * }) * } * ``` * ```java * package generated_program; * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.gcp.compute.ComputeFunctions; * import com.pulumi.gcp.compute.inputs.GetImageArgs; * import com.pulumi.gcp.compute.InstanceTemplate; * import com.pulumi.gcp.compute.InstanceTemplateArgs; * import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs; * import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs; * import com.pulumi.gcp.compute.InstanceGroupManager; * import com.pulumi.gcp.compute.InstanceGroupManagerArgs; * import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs; * import com.pulumi.gcp.compute.HealthCheck; * import com.pulumi.gcp.compute.HealthCheckArgs; * import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs; * import com.pulumi.gcp.compute.BackendService; * import com.pulumi.gcp.compute.BackendServiceArgs; * import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs; * import com.pulumi.gcp.compute.URLMap; * import com.pulumi.gcp.compute.URLMapArgs; * import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs; * import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs; * import com.pulumi.gcp.compute.TargetHttpProxy; * import com.pulumi.gcp.compute.TargetHttpProxyArgs; * import com.pulumi.gcp.compute.GlobalForwardingRule; * import com.pulumi.gcp.compute.GlobalForwardingRuleArgs; * import com.pulumi.gcp.compute.inputs.GlobalForwardingRuleMetadataFilterArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; * import java.io.File; * import java.nio.file.Files; * import java.nio.file.Paths; * public class App { * public static void main(String[] args) { * Pulumi.run(App::stack); * } * public static void stack(Context ctx) { * final var debianImage = ComputeFunctions.getImage(GetImageArgs.builder() * .family("debian-11") * .project("debian-cloud") * .build()); * var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder() * .name("template-backend") * .machineType("e2-medium") * .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder() * .network("default") * .build()) * .disks(InstanceTemplateDiskArgs.builder() * .sourceImage(debianImage.applyValue(getImageResult -> getImageResult.selfLink())) * .autoDelete(true) * .boot(true) * .build()) * .build()); * var igm = new InstanceGroupManager("igm", InstanceGroupManagerArgs.builder() * .name("igm-internal") * .versions(InstanceGroupManagerVersionArgs.builder() * .instanceTemplate(instanceTemplate.id()) * .name("primary") * .build()) * .baseInstanceName("internal-glb") * .zone("us-central1-f") * .targetSize(1) * .build()); * var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder() * .name("check-backend") * .checkIntervalSec(1) * .timeoutSec(1) * .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder() * .port("80") * .build()) * .build()); * var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder() * .name("backend") * .portName("http") * .protocol("HTTP") * .timeoutSec(10) * .loadBalancingScheme("INTERNAL_SELF_MANAGED") * .backends(BackendServiceBackendArgs.builder() * .group(igm.instanceGroup()) * .balancingMode("RATE") * .capacityScaler(0.4) * .maxRatePerInstance(50) * .build()) * .healthChecks(defaultHealthCheck.id()) * .build()); * var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder() * .name("url-map-target-proxy") * .description("a description") * .defaultService(defaultBackendService.id()) * .hostRules(URLMapHostRuleArgs.builder() * .hosts("mysite.com") * .pathMatcher("allpaths") * .build()) * .pathMatchers(URLMapPathMatcherArgs.builder() * .name("allpaths") * .defaultService(defaultBackendService.id()) * .pathRules(URLMapPathMatcherPathRuleArgs.builder() * .paths("/*") * .service(defaultBackendService.id()) * .build()) * .build()) * .build()); * var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder() * .name("target-proxy") * .description("a description") * .urlMap(defaultURLMap.id()) * .build()); * var default_ = new GlobalForwardingRule("default", GlobalForwardingRuleArgs.builder() * .name("global-rule") * .target(defaultTargetHttpProxy.id()) * .portRange("80") * .loadBalancingScheme("INTERNAL_SELF_MANAGED") * .ipAddress("0.0.0.0") * .metadataFilters(GlobalForwardingRuleMetadataFilterArgs.builder() * .filterMatchCriteria("MATCH_ANY") * .filterLabels(GlobalForwardingRuleMetadataFilterFilterLabelArgs.builder() * .name("PLANET") * .value("MARS") * .build()) * .build()) * .build()); * } * } * ``` * ```yaml * resources: * default: * type: gcp:compute:GlobalForwardingRule * properties: * name: global-rule * target: ${defaultTargetHttpProxy.id} * portRange: '80' * loadBalancingScheme: INTERNAL_SELF_MANAGED * ipAddress: 0.0.0.0 * metadataFilters: * - filterMatchCriteria: MATCH_ANY * filterLabels: * - name: PLANET * value: MARS * defaultTargetHttpProxy: * type: gcp:compute:TargetHttpProxy * name: default * properties: * name: target-proxy * description: a description * urlMap: ${defaultURLMap.id} * defaultURLMap: * type: gcp:compute:URLMap * name: default * properties: * name: url-map-target-proxy * description: a description * defaultService: ${defaultBackendService.id} * hostRules: * - hosts: * - mysite.com * pathMatcher: allpaths * pathMatchers: * - name: allpaths * defaultService: ${defaultBackendService.id} * pathRules: * - paths: * - /* * service: ${defaultBackendService.id} * defaultBackendService: * type: gcp:compute:BackendService * name: default * properties: * name: backend * portName: http * protocol: HTTP * timeoutSec: 10 * loadBalancingScheme: INTERNAL_SELF_MANAGED * backends: * - group: ${igm.instanceGroup} * balancingMode: RATE * capacityScaler: 0.4 * maxRatePerInstance: 50 * healthChecks: ${defaultHealthCheck.id} * igm: * type: gcp:compute:InstanceGroupManager * properties: * name: igm-internal * versions: * - instanceTemplate: ${instanceTemplate.id} * name: primary * baseInstanceName: internal-glb * zone: us-central1-f * targetSize: 1 * instanceTemplate: * type: gcp:compute:InstanceTemplate * name: instance_template * properties: * name: template-backend * machineType: e2-medium * networkInterfaces: * - network: default * disks: * - sourceImage: ${debianImage.selfLink} * autoDelete: true * boot: true * defaultHealthCheck: * type: gcp:compute:HealthCheck * name: default * properties: * name: check-backend * checkIntervalSec: 1 * timeoutSec: 1 * tcpHealthCheck: * port: '80' * variables: * debianImage: * fn::invoke: * Function: gcp:compute:getImage * Arguments: * family: debian-11 * project: debian-cloud * ``` * * ### Global Forwarding Rule External Managed * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * const defaultBackendService = new gcp.compute.BackendService("default", { * name: "backend", * portName: "http", * protocol: "HTTP", * timeoutSec: 10, * loadBalancingScheme: "EXTERNAL_MANAGED", * }); * const defaultURLMap = new gcp.compute.URLMap("default", { * name: "url-map-target-proxy", * description: "a description", * defaultService: defaultBackendService.id, * hostRules: [{ * hosts: ["mysite.com"], * pathMatcher: "allpaths", * }], * pathMatchers: [{ * name: "allpaths", * defaultService: defaultBackendService.id, * pathRules: [{ * paths: ["/*"], * service: defaultBackendService.id, * }], * }], * }); * const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("default", { * name: "target-proxy", * description: "a description", * urlMap: defaultURLMap.id, * }); * const _default = new gcp.compute.GlobalForwardingRule("default", { * name: "global-rule", * target: defaultTargetHttpProxy.id, * portRange: "80", * loadBalancingScheme: "EXTERNAL_MANAGED", * }); * ``` * ```python * import pulumi * import pulumi_gcp as gcp * default_backend_service = gcp.compute.BackendService("default", * name="backend", * port_name="http", * protocol="HTTP", * timeout_sec=10, * load_balancing_scheme="EXTERNAL_MANAGED") * default_url_map = gcp.compute.URLMap("default", * name="url-map-target-proxy", * description="a description", * default_service=default_backend_service.id, * host_rules=[gcp.compute.URLMapHostRuleArgs( * hosts=["mysite.com"], * path_matcher="allpaths", * )], * path_matchers=[gcp.compute.URLMapPathMatcherArgs( * name="allpaths", * default_service=default_backend_service.id, * path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs( * paths=["/*"], * service=default_backend_service.id, * )], * )]) * default_target_http_proxy = gcp.compute.TargetHttpProxy("default", * name="target-proxy", * description="a description", * url_map=default_url_map.id) * default = gcp.compute.GlobalForwardingRule("default", * name="global-rule", * target=default_target_http_proxy.id, * port_range="80", * load_balancing_scheme="EXTERNAL_MANAGED") * ``` * ```csharp * using System.Collections.Generic; * using System.Linq; * using Pulumi; * using Gcp = Pulumi.Gcp; * return await Deployment.RunAsync(() => * { * var defaultBackendService = new Gcp.Compute.BackendService("default", new() * { * Name = "backend", * PortName = "http", * Protocol = "HTTP", * TimeoutSec = 10, * LoadBalancingScheme = "EXTERNAL_MANAGED", * }); * var defaultURLMap = new Gcp.Compute.URLMap("default", new() * { * Name = "url-map-target-proxy", * Description = "a description", * DefaultService = defaultBackendService.Id, * HostRules = new[] * { * new Gcp.Compute.Inputs.URLMapHostRuleArgs * { * Hosts = new[] * { * "mysite.com", * }, * PathMatcher = "allpaths", * }, * }, * PathMatchers = new[] * { * new Gcp.Compute.Inputs.URLMapPathMatcherArgs * { * Name = "allpaths", * DefaultService = defaultBackendService.Id, * PathRules = new[] * { * new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs * { * Paths = new[] * { * "/*", * }, * Service = defaultBackendService.Id, * }, * }, * }, * }, * }); * var defaultTargetHttpProxy = new Gcp.Compute.TargetHttpProxy("default", new() * { * Name = "target-proxy", * Description = "a description", * UrlMap = defaultURLMap.Id, * }); * var @default = new Gcp.Compute.GlobalForwardingRule("default", new() * { * Name = "global-rule", * Target = defaultTargetHttpProxy.Id, * PortRange = "80", * LoadBalancingScheme = "EXTERNAL_MANAGED", * }); * }); * ``` * ```go * package main * import ( * "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute" * "github.com/pulumi/pulumi/sdk/v3/go/pulumi" * ) * func main() { * pulumi.Run(func(ctx *pulumi.Context) error { * defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{ * Name: pulumi.String("backend"), * PortName: pulumi.String("http"), * Protocol: pulumi.String("HTTP"), * TimeoutSec: pulumi.Int(10), * LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"), * }) * if err != nil { * return err * } * defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{ * Name: pulumi.String("url-map-target-proxy"), * Description: pulumi.String("a description"), * DefaultService: defaultBackendService.ID(), * HostRules: compute.URLMapHostRuleArray{ * &compute.URLMapHostRuleArgs{ * Hosts: pulumi.StringArray{ * pulumi.String("mysite.com"), * }, * PathMatcher: pulumi.String("allpaths"), * }, * }, * PathMatchers: compute.URLMapPathMatcherArray{ * &compute.URLMapPathMatcherArgs{ * Name: pulumi.String("allpaths"), * DefaultService: defaultBackendService.ID(), * PathRules: compute.URLMapPathMatcherPathRuleArray{ * &compute.URLMapPathMatcherPathRuleArgs{ * Paths: pulumi.StringArray{ * pulumi.String("/*"), * }, * Service: defaultBackendService.ID(), * }, * }, * }, * }, * }) * if err != nil { * return err * } * defaultTargetHttpProxy, err := compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{ * Name: pulumi.String("target-proxy"), * Description: pulumi.String("a description"), * UrlMap: defaultURLMap.ID(), * }) * if err != nil { * return err * } * _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{ * Name: pulumi.String("global-rule"), * Target: defaultTargetHttpProxy.ID(), * PortRange: pulumi.String("80"), * LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"), * }) * if err != nil { * return err * } * return nil * }) * } * ``` * ```java * package generated_program; * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.gcp.compute.BackendService; * import com.pulumi.gcp.compute.BackendServiceArgs; * import com.pulumi.gcp.compute.URLMap; * import com.pulumi.gcp.compute.URLMapArgs; * import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs; * import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs; * import com.pulumi.gcp.compute.TargetHttpProxy; * import com.pulumi.gcp.compute.TargetHttpProxyArgs; * import com.pulumi.gcp.compute.GlobalForwardingRule; * import com.pulumi.gcp.compute.GlobalForwardingRuleArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; * import java.io.File; * import java.nio.file.Files; * import java.nio.file.Paths; * public class App { * public static void main(String[] args) { * Pulumi.run(App::stack); * } * public static void stack(Context ctx) { * var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder() * .name("backend") * .portName("http") * .protocol("HTTP") * .timeoutSec(10) * .loadBalancingScheme("EXTERNAL_MANAGED") * .build()); * var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder() * .name("url-map-target-proxy") * .description("a description") * .defaultService(defaultBackendService.id()) * .hostRules(URLMapHostRuleArgs.builder() * .hosts("mysite.com") * .pathMatcher("allpaths") * .build()) * .pathMatchers(URLMapPathMatcherArgs.builder() * .name("allpaths") * .defaultService(defaultBackendService.id()) * .pathRules(URLMapPathMatcherPathRuleArgs.builder() * .paths("/*") * .service(defaultBackendService.id()) * .build()) * .build()) * .build()); * var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder() * .name("target-proxy") * .description("a description") * .urlMap(defaultURLMap.id()) * .build()); * var default_ = new GlobalForwardingRule("default", GlobalForwardingRuleArgs.builder() * .name("global-rule") * .target(defaultTargetHttpProxy.id()) * .portRange("80") * .loadBalancingScheme("EXTERNAL_MANAGED") * .build()); * } * } * ``` * ```yaml * resources: * default: * type: gcp:compute:GlobalForwardingRule * properties: * name: global-rule * target: ${defaultTargetHttpProxy.id} * portRange: '80' * loadBalancingScheme: EXTERNAL_MANAGED * defaultTargetHttpProxy: * type: gcp:compute:TargetHttpProxy * name: default * properties: * name: target-proxy * description: a description * urlMap: ${defaultURLMap.id} * defaultURLMap: * type: gcp:compute:URLMap * name: default * properties: * name: url-map-target-proxy * description: a description * defaultService: ${defaultBackendService.id} * hostRules: * - hosts: * - mysite.com * pathMatcher: allpaths * pathMatchers: * - name: allpaths * defaultService: ${defaultBackendService.id} * pathRules: * - paths: * - /* * service: ${defaultBackendService.id} * defaultBackendService: * type: gcp:compute:BackendService * name: default * properties: * name: backend * portName: http * protocol: HTTP * timeoutSec: 10 * loadBalancingScheme: EXTERNAL_MANAGED * ``` * * ### Global Forwarding Rule Hybrid * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * const config = new pulumi.Config(); * const subnetworkCidr = config.get("subnetworkCidr") || "10.0.0.0/24"; * const _default = new gcp.compute.Network("default", {name: "my-network"}); * const internal = new gcp.compute.Network("internal", { * name: "my-internal-network", * autoCreateSubnetworks: false, * }); * const internalSubnetwork = new gcp.compute.Subnetwork("internal", { * name: "my-subnetwork", * network: internal.id, * ipCidrRange: subnetworkCidr, * region: "us-central1", * privateIpGoogleAccess: true, * }); * // Zonal NEG with GCE_VM_IP_PORT * const defaultNetworkEndpointGroup = new gcp.compute.NetworkEndpointGroup("default", { * name: "default-neg", * network: _default.id, * defaultPort: 90, * zone: "us-central1-a", * networkEndpointType: "GCE_VM_IP_PORT", * }); * // Zonal NEG with GCE_VM_IP * const internalNetworkEndpointGroup = new gcp.compute.NetworkEndpointGroup("internal", { * name: "internal-neg", * network: internal.id, * subnetwork: internalSubnetwork.id, * zone: "us-central1-a", * networkEndpointType: "GCE_VM_IP", * }); * // Hybrid connectivity NEG * const hybrid = new gcp.compute.NetworkEndpointGroup("hybrid", { * name: "hybrid-neg", * network: _default.id, * defaultPort: 90, * zone: "us-central1-a", * networkEndpointType: "NON_GCP_PRIVATE_IP_PORT", * }); * const hybrid_endpoint = new gcp.compute.NetworkEndpoint("hybrid-endpoint", { * networkEndpointGroup: hybrid.name, * port: hybrid.defaultPort, * ipAddress: "127.0.0.1", * }); * const defaultHealthCheck = new gcp.compute.HealthCheck("default", { * name: "health-check", * timeoutSec: 1, * checkIntervalSec: 1, * tcpHealthCheck: { * port: 80, * }, * }); * // Backend service for Zonal NEG * const defaultBackendService = new gcp.compute.BackendService("default", { * name: "backend-default", * portName: "http", * protocol: "HTTP", * timeoutSec: 10, * backends: [{ * group: defaultNetworkEndpointGroup.id, * balancingMode: "RATE", * maxRatePerEndpoint: 10, * }], * healthChecks: defaultHealthCheck.id, * }); * // Backgend service for Hybrid NEG * const hybridBackendService = new gcp.compute.BackendService("hybrid", { * name: "backend-hybrid", * portName: "http", * protocol: "HTTP", * timeoutSec: 10, * backends: [{ * group: hybrid.id, * balancingMode: "RATE", * maxRatePerEndpoint: 10, * }], * healthChecks: defaultHealthCheck.id, * }); * const defaultURLMap = new gcp.compute.URLMap("default", { * name: "url-map-target-proxy", * description: "a description", * defaultService: defaultBackendService.id, * hostRules: [{ * hosts: ["mysite.com"], * pathMatcher: "allpaths", * }], * pathMatchers: [{ * name: "allpaths", * defaultService: defaultBackendService.id, * pathRules: [ * { * paths: ["/*"], * service: defaultBackendService.id, * }, * { * paths: ["/hybrid"], * service: hybridBackendService.id, * }, * ], * }], * }); * const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("default", { * name: "target-proxy", * description: "a description", * urlMap: defaultURLMap.id, * }); * const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("default", { * name: "global-rule", * target: defaultTargetHttpProxy.id, * portRange: "80", * }); * ``` * ```python * import pulumi * import pulumi_gcp as gcp * config = pulumi.Config() * subnetwork_cidr = config.get("subnetworkCidr") * if subnetwork_cidr is None: * subnetwork_cidr = "10.0.0.0/24" * default = gcp.compute.Network("default", name="my-network") * internal = gcp.compute.Network("internal", * name="my-internal-network", * auto_create_subnetworks=False) * internal_subnetwork = gcp.compute.Subnetwork("internal", * name="my-subnetwork", * network=internal.id, * ip_cidr_range=subnetwork_cidr, * region="us-central1", * private_ip_google_access=True) * # Zonal NEG with GCE_VM_IP_PORT * default_network_endpoint_group = gcp.compute.NetworkEndpointGroup("default", * name="default-neg", * network=default.id, * default_port=90, * zone="us-central1-a", * network_endpoint_type="GCE_VM_IP_PORT") * # Zonal NEG with GCE_VM_IP * internal_network_endpoint_group = gcp.compute.NetworkEndpointGroup("internal", * name="internal-neg", * network=internal.id, * subnetwork=internal_subnetwork.id, * zone="us-central1-a", * network_endpoint_type="GCE_VM_IP") * # Hybrid connectivity NEG * hybrid = gcp.compute.NetworkEndpointGroup("hybrid", * name="hybrid-neg", * network=default.id, * default_port=90, * zone="us-central1-a", * network_endpoint_type="NON_GCP_PRIVATE_IP_PORT") * hybrid_endpoint = gcp.compute.NetworkEndpoint("hybrid-endpoint", * network_endpoint_group=hybrid.name, * port=hybrid.default_port, * ip_address="127.0.0.1") * default_health_check = gcp.compute.HealthCheck("default", * name="health-check", * timeout_sec=1, * check_interval_sec=1, * tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs( * port=80, * )) * # Backend service for Zonal NEG * default_backend_service = gcp.compute.BackendService("default", * name="backend-default", * port_name="http", * protocol="HTTP", * timeout_sec=10, * backends=[gcp.compute.BackendServiceBackendArgs( * group=default_network_endpoint_group.id, * balancing_mode="RATE", * max_rate_per_endpoint=10, * )], * health_checks=default_health_check.id) * # Backgend service for Hybrid NEG * hybrid_backend_service = gcp.compute.BackendService("hybrid", * name="backend-hybrid", * port_name="http", * protocol="HTTP", * timeout_sec=10, * backends=[gcp.compute.BackendServiceBackendArgs( * group=hybrid.id, * balancing_mode="RATE", * max_rate_per_endpoint=10, * )], * health_checks=default_health_check.id) * default_url_map = gcp.compute.URLMap("default", * name="url-map-target-proxy", * description="a description", * default_service=default_backend_service.id, * host_rules=[gcp.compute.URLMapHostRuleArgs( * hosts=["mysite.com"], * path_matcher="allpaths", * )], * path_matchers=[gcp.compute.URLMapPathMatcherArgs( * name="allpaths", * default_service=default_backend_service.id, * path_rules=[ * gcp.compute.URLMapPathMatcherPathRuleArgs( * paths=["/*"], * service=default_backend_service.id, * ), * gcp.compute.URLMapPathMatcherPathRuleArgs( * paths=["/hybrid"], * service=hybrid_backend_service.id, * ), * ], * )]) * default_target_http_proxy = gcp.compute.TargetHttpProxy("default", * name="target-proxy", * description="a description", * url_map=default_url_map.id) * default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default", * name="global-rule", * target=default_target_http_proxy.id, * port_range="80") * ``` * ```csharp * using System.Collections.Generic; * using System.Linq; * using Pulumi; * using Gcp = Pulumi.Gcp; * return await Deployment.RunAsync(() => * { * var config = new Config(); * var subnetworkCidr = config.Get("subnetworkCidr") ?? "10.0.0.0/24"; * var @default = new Gcp.Compute.Network("default", new() * { * Name = "my-network", * }); * var @internal = new Gcp.Compute.Network("internal", new() * { * Name = "my-internal-network", * AutoCreateSubnetworks = false, * }); * var internalSubnetwork = new Gcp.Compute.Subnetwork("internal", new() * { * Name = "my-subnetwork", * Network = @internal.Id, * IpCidrRange = subnetworkCidr, * Region = "us-central1", * PrivateIpGoogleAccess = true, * }); * // Zonal NEG with GCE_VM_IP_PORT * var defaultNetworkEndpointGroup = new Gcp.Compute.NetworkEndpointGroup("default", new() * { * Name = "default-neg", * Network = @default.Id, * DefaultPort = 90, * Zone = "us-central1-a", * NetworkEndpointType = "GCE_VM_IP_PORT", * }); * // Zonal NEG with GCE_VM_IP * var internalNetworkEndpointGroup = new Gcp.Compute.NetworkEndpointGroup("internal", new() * { * Name = "internal-neg", * Network = @internal.Id, * Subnetwork = internalSubnetwork.Id, * Zone = "us-central1-a", * NetworkEndpointType = "GCE_VM_IP", * }); * // Hybrid connectivity NEG * var hybrid = new Gcp.Compute.NetworkEndpointGroup("hybrid", new() * { * Name = "hybrid-neg", * Network = @default.Id, * DefaultPort = 90, * Zone = "us-central1-a", * NetworkEndpointType = "NON_GCP_PRIVATE_IP_PORT", * }); * var hybrid_endpoint = new Gcp.Compute.NetworkEndpoint("hybrid-endpoint", new() * { * NetworkEndpointGroup = hybrid.Name, * Port = hybrid.DefaultPort, * IpAddress = "127.0.0.1", * }); * var defaultHealthCheck = new Gcp.Compute.HealthCheck("default", new() * { * Name = "health-check", * TimeoutSec = 1, * CheckIntervalSec = 1, * TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs * { * Port = 80, * }, * }); * // Backend service for Zonal NEG * var defaultBackendService = new Gcp.Compute.BackendService("default", new() * { * Name = "backend-default", * PortName = "http", * Protocol = "HTTP", * TimeoutSec = 10, * Backends = new[] * { * new Gcp.Compute.Inputs.BackendServiceBackendArgs * { * Group = defaultNetworkEndpointGroup.Id, * BalancingMode = "RATE", * MaxRatePerEndpoint = 10, * }, * }, * HealthChecks = defaultHealthCheck.Id, * }); * // Backgend service for Hybrid NEG * var hybridBackendService = new Gcp.Compute.BackendService("hybrid", new() * { * Name = "backend-hybrid", * PortName = "http", * Protocol = "HTTP", * TimeoutSec = 10, * Backends = new[] * { * new Gcp.Compute.Inputs.BackendServiceBackendArgs * { * Group = hybrid.Id, * BalancingMode = "RATE", * MaxRatePerEndpoint = 10, * }, * }, * HealthChecks = defaultHealthCheck.Id, * }); * var defaultURLMap = new Gcp.Compute.URLMap("default", new() * { * Name = "url-map-target-proxy", * Description = "a description", * DefaultService = defaultBackendService.Id, * HostRules = new[] * { * new Gcp.Compute.Inputs.URLMapHostRuleArgs * { * Hosts = new[] * { * "mysite.com", * }, * PathMatcher = "allpaths", * }, * }, * PathMatchers = new[] * { * new Gcp.Compute.Inputs.URLMapPathMatcherArgs * { * Name = "allpaths", * DefaultService = defaultBackendService.Id, * PathRules = new[] * { * new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs * { * Paths = new[] * { * "/*", * }, * Service = defaultBackendService.Id, * }, * new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs * { * Paths = new[] * { * "/hybrid", * }, * Service = hybridBackendService.Id, * }, * }, * }, * }, * }); * var defaultTargetHttpProxy = new Gcp.Compute.TargetHttpProxy("default", new() * { * Name = "target-proxy", * Description = "a description", * UrlMap = defaultURLMap.Id, * }); * var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("default", new() * { * Name = "global-rule", * Target = defaultTargetHttpProxy.Id, * PortRange = "80", * }); * }); * ``` * ```go * package main * import ( * "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute" * "github.com/pulumi/pulumi/sdk/v3/go/pulumi" * "github.com/pulumi/pulumi/sdk/v3/go/pulumi/config" * ) * func main() { * pulumi.Run(func(ctx *pulumi.Context) error { * cfg := config.New(ctx, "") * subnetworkCidr := "10.0.0.0/24" * if param := cfg.Get("subnetworkCidr"); param != "" { * subnetworkCidr = param * } * _, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{ * Name: pulumi.String("my-network"), * }) * if err != nil { * return err * } * internal, err := compute.NewNetwork(ctx, "internal", &compute.NetworkArgs{ * Name: pulumi.String("my-internal-network"), * AutoCreateSubnetworks: pulumi.Bool(false), * }) * if err != nil { * return err * } * internalSubnetwork, err := compute.NewSubnetwork(ctx, "internal", &compute.SubnetworkArgs{ * Name: pulumi.String("my-subnetwork"), * Network: internal.ID(), * IpCidrRange: pulumi.String(subnetworkCidr), * Region: pulumi.String("us-central1"), * PrivateIpGoogleAccess: pulumi.Bool(true), * }) * if err != nil { * return err * } * // Zonal NEG with GCE_VM_IP_PORT * defaultNetworkEndpointGroup, err := compute.NewNetworkEndpointGroup(ctx, "default", &compute.NetworkEndpointGroupArgs{ * Name: pulumi.String("default-neg"), * Network: _default.ID(), * DefaultPort: pulumi.Int(90), * Zone: pulumi.String("us-central1-a"), * NetworkEndpointType: pulumi.String("GCE_VM_IP_PORT"), * }) * if err != nil { * return err * } * // Zonal NEG with GCE_VM_IP * _, err = compute.NewNetworkEndpointGroup(ctx, "internal", &compute.NetworkEndpointGroupArgs{ * Name: pulumi.String("internal-neg"), * Network: internal.ID(), * Subnetwork: internalSubnetwork.ID(), * Zone: pulumi.String("us-central1-a"), * NetworkEndpointType: pulumi.String("GCE_VM_IP"), * }) * if err != nil { * return err * } * // Hybrid connectivity NEG * hybrid, err := compute.NewNetworkEndpointGroup(ctx, "hybrid", &compute.NetworkEndpointGroupArgs{ * Name: pulumi.String("hybrid-neg"), * Network: _default.ID(), * DefaultPort: pulumi.Int(90), * Zone: pulumi.String("us-central1-a"), * NetworkEndpointType: pulumi.String("NON_GCP_PRIVATE_IP_PORT"), * }) * if err != nil { * return err * } * _, err = compute.NewNetworkEndpoint(ctx, "hybrid-endpoint", &compute.NetworkEndpointArgs{ * NetworkEndpointGroup: hybrid.Name, * Port: hybrid.DefaultPort, * IpAddress: pulumi.String("127.0.0.1"), * }) * if err != nil { * return err * } * defaultHealthCheck, err := compute.NewHealthCheck(ctx, "default", &compute.HealthCheckArgs{ * Name: pulumi.String("health-check"), * TimeoutSec: pulumi.Int(1), * CheckIntervalSec: pulumi.Int(1), * TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{ * Port: pulumi.Int(80), * }, * }) * if err != nil { * return err * } * // Backend service for Zonal NEG * defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{ * Name: pulumi.String("backend-default"), * PortName: pulumi.String("http"), * Protocol: pulumi.String("HTTP"), * TimeoutSec: pulumi.Int(10), * Backends: compute.BackendServiceBackendArray{ * &compute.BackendServiceBackendArgs{ * Group: defaultNetworkEndpointGroup.ID(), * BalancingMode: pulumi.String("RATE"), * MaxRatePerEndpoint: pulumi.Float64(10), * }, * }, * HealthChecks: defaultHealthCheck.ID(), * }) * if err != nil { * return err * } * // Backgend service for Hybrid NEG * hybridBackendService, err := compute.NewBackendService(ctx, "hybrid", &compute.BackendServiceArgs{ * Name: pulumi.String("backend-hybrid"), * PortName: pulumi.String("http"), * Protocol: pulumi.String("HTTP"), * TimeoutSec: pulumi.Int(10), * Backends: compute.BackendServiceBackendArray{ * &compute.BackendServiceBackendArgs{ * Group: hybrid.ID(), * BalancingMode: pulumi.String("RATE"), * MaxRatePerEndpoint: pulumi.Float64(10), * }, * }, * HealthChecks: defaultHealthCheck.ID(), * }) * if err != nil { * return err * } * defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{ * Name: pulumi.String("url-map-target-proxy"), * Description: pulumi.String("a description"), * DefaultService: defaultBackendService.ID(), * HostRules: compute.URLMapHostRuleArray{ * &compute.URLMapHostRuleArgs{ * Hosts: pulumi.StringArray{ * pulumi.String("mysite.com"), * }, * PathMatcher: pulumi.String("allpaths"), * }, * }, * PathMatchers: compute.URLMapPathMatcherArray{ * &compute.URLMapPathMatcherArgs{ * Name: pulumi.String("allpaths"), * DefaultService: defaultBackendService.ID(), * PathRules: compute.URLMapPathMatcherPathRuleArray{ * &compute.URLMapPathMatcherPathRuleArgs{ * Paths: pulumi.StringArray{ * pulumi.String("/*"), * }, * Service: defaultBackendService.ID(), * }, * &compute.URLMapPathMatcherPathRuleArgs{ * Paths: pulumi.StringArray{ * pulumi.String("/hybrid"), * }, * Service: hybridBackendService.ID(), * }, * }, * }, * }, * }) * if err != nil { * return err * } * defaultTargetHttpProxy, err := compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{ * Name: pulumi.String("target-proxy"), * Description: pulumi.String("a description"), * UrlMap: defaultURLMap.ID(), * }) * if err != nil { * return err * } * _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{ * Name: pulumi.String("global-rule"), * Target: defaultTargetHttpProxy.ID(), * PortRange: pulumi.String("80"), * }) * if err != nil { * return err * } * return nil * }) * } * ``` * ```java * package generated_program; * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.gcp.compute.Network; * import com.pulumi.gcp.compute.NetworkArgs; * import com.pulumi.gcp.compute.Subnetwork; * import com.pulumi.gcp.compute.SubnetworkArgs; * import com.pulumi.gcp.compute.NetworkEndpointGroup; * import com.pulumi.gcp.compute.NetworkEndpointGroupArgs; * import com.pulumi.gcp.compute.NetworkEndpoint; * import com.pulumi.gcp.compute.NetworkEndpointArgs; * import com.pulumi.gcp.compute.HealthCheck; * import com.pulumi.gcp.compute.HealthCheckArgs; * import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs; * import com.pulumi.gcp.compute.BackendService; * import com.pulumi.gcp.compute.BackendServiceArgs; * import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs; * import com.pulumi.gcp.compute.URLMap; * import com.pulumi.gcp.compute.URLMapArgs; * import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs; * import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs; * import com.pulumi.gcp.compute.TargetHttpProxy; * import com.pulumi.gcp.compute.TargetHttpProxyArgs; * import com.pulumi.gcp.compute.GlobalForwardingRule; * import com.pulumi.gcp.compute.GlobalForwardingRuleArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; * import java.io.File; * import java.nio.file.Files; * import java.nio.file.Paths; * public class App { * public static void main(String[] args) { * Pulumi.run(App::stack); * } * public static void stack(Context ctx) { * final var config = ctx.config(); * final var subnetworkCidr = config.get("subnetworkCidr").orElse("10.0.0.0/24"); * var default_ = new Network("default", NetworkArgs.builder() * .name("my-network") * .build()); * var internal = new Network("internal", NetworkArgs.builder() * .name("my-internal-network") * .autoCreateSubnetworks(false) * .build()); * var internalSubnetwork = new Subnetwork("internalSubnetwork", SubnetworkArgs.builder() * .name("my-subnetwork") * .network(internal.id()) * .ipCidrRange(subnetworkCidr) * .region("us-central1") * .privateIpGoogleAccess(true) * .build()); * // Zonal NEG with GCE_VM_IP_PORT * var defaultNetworkEndpointGroup = new NetworkEndpointGroup("defaultNetworkEndpointGroup", NetworkEndpointGroupArgs.builder() * .name("default-neg") * .network(default_.id()) * .defaultPort("90") * .zone("us-central1-a") * .networkEndpointType("GCE_VM_IP_PORT") * .build()); * // Zonal NEG with GCE_VM_IP * var internalNetworkEndpointGroup = new NetworkEndpointGroup("internalNetworkEndpointGroup", NetworkEndpointGroupArgs.builder() * .name("internal-neg") * .network(internal.id()) * .subnetwork(internalSubnetwork.id()) * .zone("us-central1-a") * .networkEndpointType("GCE_VM_IP") * .build()); * // Hybrid connectivity NEG * var hybrid = new NetworkEndpointGroup("hybrid", NetworkEndpointGroupArgs.builder() * .name("hybrid-neg") * .network(default_.id()) * .defaultPort("90") * .zone("us-central1-a") * .networkEndpointType("NON_GCP_PRIVATE_IP_PORT") * .build()); * var hybrid_endpoint = new NetworkEndpoint("hybrid-endpoint", NetworkEndpointArgs.builder() * .networkEndpointGroup(hybrid.name()) * .port(hybrid.defaultPort()) * .ipAddress("127.0.0.1") * .build()); * var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder() * .name("health-check") * .timeoutSec(1) * .checkIntervalSec(1) * .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder() * .port("80") * .build()) * .build()); * // Backend service for Zonal NEG * var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder() * .name("backend-default") * .portName("http") * .protocol("HTTP") * .timeoutSec(10) * .backends(BackendServiceBackendArgs.builder() * .group(defaultNetworkEndpointGroup.id()) * .balancingMode("RATE") * .maxRatePerEndpoint(10) * .build()) * .healthChecks(defaultHealthCheck.id()) * .build()); * // Backgend service for Hybrid NEG * var hybridBackendService = new BackendService("hybridBackendService", BackendServiceArgs.builder() * .name("backend-hybrid") * .portName("http") * .protocol("HTTP") * .timeoutSec(10) * .backends(BackendServiceBackendArgs.builder() * .group(hybrid.id()) * .balancingMode("RATE") * .maxRatePerEndpoint(10) * .build()) * .healthChecks(defaultHealthCheck.id()) * .build()); * var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder() * .name("url-map-target-proxy") * .description("a description") * .defaultService(defaultBackendService.id()) * .hostRules(URLMapHostRuleArgs.builder() * .hosts("mysite.com") * .pathMatcher("allpaths") * .build()) * .pathMatchers(URLMapPathMatcherArgs.builder() * .name("allpaths") * .defaultService(defaultBackendService.id()) * .pathRules( * URLMapPathMatcherPathRuleArgs.builder() * .paths("/*") * .service(defaultBackendService.id()) * .build(), * URLMapPathMatcherPathRuleArgs.builder() * .paths("/hybrid") * .service(hybridBackendService.id()) * .build()) * .build()) * .build()); * var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder() * .name("target-proxy") * .description("a description") * .urlMap(defaultURLMap.id()) * .build()); * var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder() * .name("global-rule") * .target(defaultTargetHttpProxy.id()) * .portRange("80") * .build()); * } * } * ``` * ```yaml * configuration: * # Roughly mirrors https://cloud.google.com/load-balancing/docs/https/setting-up-ext-https-hybrid * subnetworkCidr: * type: string * default: 10.0.0.0/24 * resources: * default: * type: gcp:compute:Network * properties: * name: my-network * internal: * type: gcp:compute:Network * properties: * name: my-internal-network * autoCreateSubnetworks: false * internalSubnetwork: * type: gcp:compute:Subnetwork * name: internal * properties: * name: my-subnetwork * network: ${internal.id} * ipCidrRange: ${subnetworkCidr} * region: us-central1 * privateIpGoogleAccess: true * # Zonal NEG with GCE_VM_IP_PORT * defaultNetworkEndpointGroup: * type: gcp:compute:NetworkEndpointGroup * name: default * properties: * name: default-neg * network: ${default.id} * defaultPort: '90' * zone: us-central1-a * networkEndpointType: GCE_VM_IP_PORT * # Zonal NEG with GCE_VM_IP * internalNetworkEndpointGroup: * type: gcp:compute:NetworkEndpointGroup * name: internal * properties: * name: internal-neg * network: ${internal.id} * subnetwork: ${internalSubnetwork.id} * zone: us-central1-a * networkEndpointType: GCE_VM_IP * # Hybrid connectivity NEG * hybrid: * type: gcp:compute:NetworkEndpointGroup * properties: * name: hybrid-neg * network: ${default.id} * defaultPort: '90' * zone: us-central1-a * networkEndpointType: NON_GCP_PRIVATE_IP_PORT * hybrid-endpoint: * type: gcp:compute:NetworkEndpoint * properties: * networkEndpointGroup: ${hybrid.name} * port: ${hybrid.defaultPort} * ipAddress: 127.0.0.1 * # Backend service for Zonal NEG * defaultBackendService: * type: gcp:compute:BackendService * name: default * properties: * name: backend-default * portName: http * protocol: HTTP * timeoutSec: 10 * backends: * - group: ${defaultNetworkEndpointGroup.id} * balancingMode: RATE * maxRatePerEndpoint: 10 * healthChecks: ${defaultHealthCheck.id} * # Backgend service for Hybrid NEG * hybridBackendService: * type: gcp:compute:BackendService * name: hybrid * properties: * name: backend-hybrid * portName: http * protocol: HTTP * timeoutSec: 10 * backends: * - group: ${hybrid.id} * balancingMode: RATE * maxRatePerEndpoint: 10 * healthChecks: ${defaultHealthCheck.id} * defaultHealthCheck: * type: gcp:compute:HealthCheck * name: default * properties: * name: health-check * timeoutSec: 1 * checkIntervalSec: 1 * tcpHealthCheck: * port: '80' * defaultURLMap: * type: gcp:compute:URLMap * name: default * properties: * name: url-map-target-proxy * description: a description * defaultService: ${defaultBackendService.id} * hostRules: * - hosts: * - mysite.com * pathMatcher: allpaths * pathMatchers: * - name: allpaths * defaultService: ${defaultBackendService.id} * pathRules: * - paths: * - /* * service: ${defaultBackendService.id} * - paths: * - /hybrid * service: ${hybridBackendService.id} * defaultTargetHttpProxy: * type: gcp:compute:TargetHttpProxy * name: default * properties: * name: target-proxy * description: a description * urlMap: ${defaultURLMap.id} * defaultGlobalForwardingRule: * type: gcp:compute:GlobalForwardingRule * name: default * properties: * name: global-rule * target: ${defaultTargetHttpProxy.id} * portRange: '80' * ``` * * ### Global Internal Http Lb With Mig Backend * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * // Global Internal HTTP load balancer with a managed instance group backend * // VPC network * const gilbNetwork = new gcp.compute.Network("gilb_network", { * name: "l7-gilb-network", * autoCreateSubnetworks: false, * }); * // proxy-only subnet * const proxySubnet = new gcp.compute.Subnetwork("proxy_subnet", { * name: "l7-gilb-proxy-subnet", * ipCidrRange: "10.0.0.0/24", * region: "europe-west1", * purpose: "GLOBAL_MANAGED_PROXY", * role: "ACTIVE", * network: gilbNetwork.id, * }); * // backend subnet * const gilbSubnet = new gcp.compute.Subnetwork("gilb_subnet", { * name: "l7-gilb-subnet", * ipCidrRange: "10.0.1.0/24", * region: "europe-west1", * network: gilbNetwork.id, * }); * // health check * const defaultHealthCheck = new gcp.compute.HealthCheck("default", { * name: "l7-gilb-hc", * httpHealthCheck: { * portSpecification: "USE_SERVING_PORT", * }, * }); * // instance template * const instanceTemplate = new gcp.compute.InstanceTemplate("instance_template", { * networkInterfaces: [{ * accessConfigs: [{}], * network: gilbNetwork.id, * subnetwork: gilbSubnet.id, * }], * name: "l7-gilb-mig-template", * machineType: "e2-small", * tags: ["http-server"], * disks: [{ * sourceImage: "debian-cloud/debian-10", * autoDelete: true, * boot: true, * }], * metadata: { * "startup-script": `#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: NAME
 * IP: IP
 * Metadata: METADATA
 * 
* EOF * `, * }, * }); * // MIG * const mig = new gcp.compute.InstanceGroupManager("mig", { * name: "l7-gilb-mig1", * zone: "europe-west1-b", * versions: [{ * instanceTemplate: instanceTemplate.id, * name: "primary", * }], * baseInstanceName: "vm", * targetSize: 2, * }); * // backend service * const defaultBackendService = new gcp.compute.BackendService("default", { * name: "l7-gilb-backend-subnet", * protocol: "HTTP", * loadBalancingScheme: "INTERNAL_MANAGED", * timeoutSec: 10, * healthChecks: defaultHealthCheck.id, * backends: [{ * group: mig.instanceGroup, * balancingMode: "UTILIZATION", * capacityScaler: 1, * }], * }); * // URL map * const defaultURLMap = new gcp.compute.URLMap("default", { * name: "l7-gilb-url-map", * defaultService: defaultBackendService.id, * }); * // HTTP target proxy * const _default = new gcp.compute.TargetHttpProxy("default", { * name: "l7-gilb-target-http-proxy", * urlMap: defaultURLMap.id, * }); * // forwarding rule * const googleComputeForwardingRule = new gcp.compute.GlobalForwardingRule("google_compute_forwarding_rule", { * name: "l7-gilb-forwarding-rule", * ipProtocol: "TCP", * loadBalancingScheme: "INTERNAL_MANAGED", * portRange: "80", * target: _default.id, * network: gilbNetwork.id, * subnetwork: gilbSubnet.id, * }); * // allow all access from IAP and health check ranges * const fw_iap = new gcp.compute.Firewall("fw-iap", { * name: "l7-gilb-fw-allow-iap-hc", * direction: "INGRESS", * network: gilbNetwork.id, * sourceRanges: [ * "130.211.0.0/22", * "35.191.0.0/16", * "35.235.240.0/20", * ], * allows: [{ * protocol: "tcp", * }], * }); * // allow http from proxy subnet to backends * const fw_gilb_to_backends = new gcp.compute.Firewall("fw-gilb-to-backends", { * name: "l7-gilb-fw-allow-gilb-to-backends", * direction: "INGRESS", * network: gilbNetwork.id, * sourceRanges: ["10.0.0.0/24"], * targetTags: ["http-server"], * allows: [{ * protocol: "tcp", * ports: [ * "80", * "443", * "8080", * ], * }], * }); * // test instance * const vm_test = new gcp.compute.Instance("vm-test", { * name: "l7-gilb-test-vm", * zone: "europe-west1-b", * machineType: "e2-small", * networkInterfaces: [{ * network: gilbNetwork.id, * subnetwork: gilbSubnet.id, * }], * bootDisk: { * initializeParams: { * image: "debian-cloud/debian-10", * }, * }, * }); * ``` * ```python * import pulumi * import pulumi_gcp as gcp * # Global Internal HTTP load balancer with a managed instance group backend * # VPC network * gilb_network = gcp.compute.Network("gilb_network", * name="l7-gilb-network", * auto_create_subnetworks=False) * # proxy-only subnet * proxy_subnet = gcp.compute.Subnetwork("proxy_subnet", * name="l7-gilb-proxy-subnet", * ip_cidr_range="10.0.0.0/24", * region="europe-west1", * purpose="GLOBAL_MANAGED_PROXY", * role="ACTIVE", * network=gilb_network.id) * # backend subnet * gilb_subnet = gcp.compute.Subnetwork("gilb_subnet", * name="l7-gilb-subnet", * ip_cidr_range="10.0.1.0/24", * region="europe-west1", * network=gilb_network.id) * # health check * default_health_check = gcp.compute.HealthCheck("default", * name="l7-gilb-hc", * http_health_check=gcp.compute.HealthCheckHttpHealthCheckArgs( * port_specification="USE_SERVING_PORT", * )) * # instance template * instance_template = gcp.compute.InstanceTemplate("instance_template", * network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs( * access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()], * network=gilb_network.id, * subnetwork=gilb_subnet.id, * )], * name="l7-gilb-mig-template", * machine_type="e2-small", * tags=["http-server"], * disks=[gcp.compute.InstanceTemplateDiskArgs( * source_image="debian-cloud/debian-10", * auto_delete=True, * boot=True, * )], * metadata={ * "startup-script": """#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * """, * }) * # MIG * mig = gcp.compute.InstanceGroupManager("mig", * name="l7-gilb-mig1", * zone="europe-west1-b", * versions=[gcp.compute.InstanceGroupManagerVersionArgs( * instance_template=instance_template.id, * name="primary", * )], * base_instance_name="vm", * target_size=2) * # backend service * default_backend_service = gcp.compute.BackendService("default", * name="l7-gilb-backend-subnet", * protocol="HTTP", * load_balancing_scheme="INTERNAL_MANAGED", * timeout_sec=10, * health_checks=default_health_check.id, * backends=[gcp.compute.BackendServiceBackendArgs( * group=mig.instance_group, * balancing_mode="UTILIZATION", * capacity_scaler=1, * )]) * # URL map * default_url_map = gcp.compute.URLMap("default", * name="l7-gilb-url-map", * default_service=default_backend_service.id) * # HTTP target proxy * default = gcp.compute.TargetHttpProxy("default", * name="l7-gilb-target-http-proxy", * url_map=default_url_map.id) * # forwarding rule * google_compute_forwarding_rule = gcp.compute.GlobalForwardingRule("google_compute_forwarding_rule", * name="l7-gilb-forwarding-rule", * ip_protocol="TCP", * load_balancing_scheme="INTERNAL_MANAGED", * port_range="80", * target=default.id, * network=gilb_network.id, * subnetwork=gilb_subnet.id) * # allow all access from IAP and health check ranges * fw_iap = gcp.compute.Firewall("fw-iap", * name="l7-gilb-fw-allow-iap-hc", * direction="INGRESS", * network=gilb_network.id, * source_ranges=[ * "130.211.0.0/22", * "35.191.0.0/16", * "35.235.240.0/20", * ], * allows=[gcp.compute.FirewallAllowArgs( * protocol="tcp", * )]) * # allow http from proxy subnet to backends * fw_gilb_to_backends = gcp.compute.Firewall("fw-gilb-to-backends", * name="l7-gilb-fw-allow-gilb-to-backends", * direction="INGRESS", * network=gilb_network.id, * source_ranges=["10.0.0.0/24"], * target_tags=["http-server"], * allows=[gcp.compute.FirewallAllowArgs( * protocol="tcp", * ports=[ * "80", * "443", * "8080", * ], * )]) * # test instance * vm_test = gcp.compute.Instance("vm-test", * name="l7-gilb-test-vm", * zone="europe-west1-b", * machine_type="e2-small", * network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs( * network=gilb_network.id, * subnetwork=gilb_subnet.id, * )], * boot_disk=gcp.compute.InstanceBootDiskArgs( * initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs( * image="debian-cloud/debian-10", * ), * )) * ``` * ```csharp * using System.Collections.Generic; * using System.Linq; * using Pulumi; * using Gcp = Pulumi.Gcp; * return await Deployment.RunAsync(() => * { * // Global Internal HTTP load balancer with a managed instance group backend * // VPC network * var gilbNetwork = new Gcp.Compute.Network("gilb_network", new() * { * Name = "l7-gilb-network", * AutoCreateSubnetworks = false, * }); * // proxy-only subnet * var proxySubnet = new Gcp.Compute.Subnetwork("proxy_subnet", new() * { * Name = "l7-gilb-proxy-subnet", * IpCidrRange = "10.0.0.0/24", * Region = "europe-west1", * Purpose = "GLOBAL_MANAGED_PROXY", * Role = "ACTIVE", * Network = gilbNetwork.Id, * }); * // backend subnet * var gilbSubnet = new Gcp.Compute.Subnetwork("gilb_subnet", new() * { * Name = "l7-gilb-subnet", * IpCidrRange = "10.0.1.0/24", * Region = "europe-west1", * Network = gilbNetwork.Id, * }); * // health check * var defaultHealthCheck = new Gcp.Compute.HealthCheck("default", new() * { * Name = "l7-gilb-hc", * HttpHealthCheck = new Gcp.Compute.Inputs.HealthCheckHttpHealthCheckArgs * { * PortSpecification = "USE_SERVING_PORT", * }, * }); * // instance template * var instanceTemplate = new Gcp.Compute.InstanceTemplate("instance_template", new() * { * NetworkInterfaces = new[] * { * new Gcp.Compute.Inputs.InstanceTemplateNetworkInterfaceArgs * { * AccessConfigs = new[] * { * null, * }, * Network = gilbNetwork.Id, * Subnetwork = gilbSubnet.Id, * }, * }, * Name = "l7-gilb-mig-template", * MachineType = "e2-small", * Tags = new[] * { * "http-server", * }, * Disks = new[] * { * new Gcp.Compute.Inputs.InstanceTemplateDiskArgs * { * SourceImage = "debian-cloud/debian-10", * AutoDelete = true, * Boot = true, * }, * }, * Metadata = * { * { "startup-script", @"#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/hostname"") * IP=$(curl -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip"") * METADATA=$(curl -f -H ""Metadata-Flavor: Google"" ""http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True"" | jq 'del(.[""startup-script""])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * " }, * }, * }); * // MIG * var mig = new Gcp.Compute.InstanceGroupManager("mig", new() * { * Name = "l7-gilb-mig1", * Zone = "europe-west1-b", * Versions = new[] * { * new Gcp.Compute.Inputs.InstanceGroupManagerVersionArgs * { * InstanceTemplate = instanceTemplate.Id, * Name = "primary", * }, * }, * BaseInstanceName = "vm", * TargetSize = 2, * }); * // backend service * var defaultBackendService = new Gcp.Compute.BackendService("default", new() * { * Name = "l7-gilb-backend-subnet", * Protocol = "HTTP", * LoadBalancingScheme = "INTERNAL_MANAGED", * TimeoutSec = 10, * HealthChecks = defaultHealthCheck.Id, * Backends = new[] * { * new Gcp.Compute.Inputs.BackendServiceBackendArgs * { * Group = mig.InstanceGroup, * BalancingMode = "UTILIZATION", * CapacityScaler = 1, * }, * }, * }); * // URL map * var defaultURLMap = new Gcp.Compute.URLMap("default", new() * { * Name = "l7-gilb-url-map", * DefaultService = defaultBackendService.Id, * }); * // HTTP target proxy * var @default = new Gcp.Compute.TargetHttpProxy("default", new() * { * Name = "l7-gilb-target-http-proxy", * UrlMap = defaultURLMap.Id, * }); * // forwarding rule * var googleComputeForwardingRule = new Gcp.Compute.GlobalForwardingRule("google_compute_forwarding_rule", new() * { * Name = "l7-gilb-forwarding-rule", * IpProtocol = "TCP", * LoadBalancingScheme = "INTERNAL_MANAGED", * PortRange = "80", * Target = @default.Id, * Network = gilbNetwork.Id, * Subnetwork = gilbSubnet.Id, * }); * // allow all access from IAP and health check ranges * var fw_iap = new Gcp.Compute.Firewall("fw-iap", new() * { * Name = "l7-gilb-fw-allow-iap-hc", * Direction = "INGRESS", * Network = gilbNetwork.Id, * SourceRanges = new[] * { * "130.211.0.0/22", * "35.191.0.0/16", * "35.235.240.0/20", * }, * Allows = new[] * { * new Gcp.Compute.Inputs.FirewallAllowArgs * { * Protocol = "tcp", * }, * }, * }); * // allow http from proxy subnet to backends * var fw_gilb_to_backends = new Gcp.Compute.Firewall("fw-gilb-to-backends", new() * { * Name = "l7-gilb-fw-allow-gilb-to-backends", * Direction = "INGRESS", * Network = gilbNetwork.Id, * SourceRanges = new[] * { * "10.0.0.0/24", * }, * TargetTags = new[] * { * "http-server", * }, * Allows = new[] * { * new Gcp.Compute.Inputs.FirewallAllowArgs * { * Protocol = "tcp", * Ports = new[] * { * "80", * "443", * "8080", * }, * }, * }, * }); * // test instance * var vm_test = new Gcp.Compute.Instance("vm-test", new() * { * Name = "l7-gilb-test-vm", * Zone = "europe-west1-b", * MachineType = "e2-small", * NetworkInterfaces = new[] * { * new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs * { * Network = gilbNetwork.Id, * Subnetwork = gilbSubnet.Id, * }, * }, * BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs * { * InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs * { * Image = "debian-cloud/debian-10", * }, * }, * }); * }); * ``` * ```go * package main * import ( * "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute" * "github.com/pulumi/pulumi/sdk/v3/go/pulumi" * ) * func main() { * pulumi.Run(func(ctx *pulumi.Context) error { * // Global Internal HTTP load balancer with a managed instance group backend * // VPC network * gilbNetwork, err := compute.NewNetwork(ctx, "gilb_network", &compute.NetworkArgs{ * Name: pulumi.String("l7-gilb-network"), * AutoCreateSubnetworks: pulumi.Bool(false), * }) * if err != nil { * return err * } * // proxy-only subnet * _, err = compute.NewSubnetwork(ctx, "proxy_subnet", &compute.SubnetworkArgs{ * Name: pulumi.String("l7-gilb-proxy-subnet"), * IpCidrRange: pulumi.String("10.0.0.0/24"), * Region: pulumi.String("europe-west1"), * Purpose: pulumi.String("GLOBAL_MANAGED_PROXY"), * Role: pulumi.String("ACTIVE"), * Network: gilbNetwork.ID(), * }) * if err != nil { * return err * } * // backend subnet * gilbSubnet, err := compute.NewSubnetwork(ctx, "gilb_subnet", &compute.SubnetworkArgs{ * Name: pulumi.String("l7-gilb-subnet"), * IpCidrRange: pulumi.String("10.0.1.0/24"), * Region: pulumi.String("europe-west1"), * Network: gilbNetwork.ID(), * }) * if err != nil { * return err * } * // health check * defaultHealthCheck, err := compute.NewHealthCheck(ctx, "default", &compute.HealthCheckArgs{ * Name: pulumi.String("l7-gilb-hc"), * HttpHealthCheck: &compute.HealthCheckHttpHealthCheckArgs{ * PortSpecification: pulumi.String("USE_SERVING_PORT"), * }, * }) * if err != nil { * return err * } * // instance template * instanceTemplate, err := compute.NewInstanceTemplate(ctx, "instance_template", &compute.InstanceTemplateArgs{ * NetworkInterfaces: compute.InstanceTemplateNetworkInterfaceArray{ * &compute.InstanceTemplateNetworkInterfaceArgs{ * AccessConfigs: compute.InstanceTemplateNetworkInterfaceAccessConfigArray{ * nil, * }, * Network: gilbNetwork.ID(), * Subnetwork: gilbSubnet.ID(), * }, * }, * Name: pulumi.String("l7-gilb-mig-template"), * MachineType: pulumi.String("e2-small"), * Tags: pulumi.StringArray{ * pulumi.String("http-server"), * }, * Disks: compute.InstanceTemplateDiskArray{ * &compute.InstanceTemplateDiskArgs{ * SourceImage: pulumi.String("debian-cloud/debian-10"), * AutoDelete: pulumi.Bool(true), * Boot: pulumi.Bool(true), * }, * }, * Metadata: pulumi.Map{ * "startup-script": pulumi.Any(`#! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * `), * }, * }) * if err != nil { * return err * } * // MIG * mig, err := compute.NewInstanceGroupManager(ctx, "mig", &compute.InstanceGroupManagerArgs{ * Name: pulumi.String("l7-gilb-mig1"), * Zone: pulumi.String("europe-west1-b"), * Versions: compute.InstanceGroupManagerVersionArray{ * &compute.InstanceGroupManagerVersionArgs{ * InstanceTemplate: instanceTemplate.ID(), * Name: pulumi.String("primary"), * }, * }, * BaseInstanceName: pulumi.String("vm"), * TargetSize: pulumi.Int(2), * }) * if err != nil { * return err * } * // backend service * defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{ * Name: pulumi.String("l7-gilb-backend-subnet"), * Protocol: pulumi.String("HTTP"), * LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"), * TimeoutSec: pulumi.Int(10), * HealthChecks: defaultHealthCheck.ID(), * Backends: compute.BackendServiceBackendArray{ * &compute.BackendServiceBackendArgs{ * Group: mig.InstanceGroup, * BalancingMode: pulumi.String("UTILIZATION"), * CapacityScaler: pulumi.Float64(1), * }, * }, * }) * if err != nil { * return err * } * // URL map * defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{ * Name: pulumi.String("l7-gilb-url-map"), * DefaultService: defaultBackendService.ID(), * }) * if err != nil { * return err * } * // HTTP target proxy * _, err = compute.NewTargetHttpProxy(ctx, "default", &compute.TargetHttpProxyArgs{ * Name: pulumi.String("l7-gilb-target-http-proxy"), * UrlMap: defaultURLMap.ID(), * }) * if err != nil { * return err * } * // forwarding rule * _, err = compute.NewGlobalForwardingRule(ctx, "google_compute_forwarding_rule", &compute.GlobalForwardingRuleArgs{ * Name: pulumi.String("l7-gilb-forwarding-rule"), * IpProtocol: pulumi.String("TCP"), * LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"), * PortRange: pulumi.String("80"), * Target: _default.ID(), * Network: gilbNetwork.ID(), * Subnetwork: gilbSubnet.ID(), * }) * if err != nil { * return err * } * // allow all access from IAP and health check ranges * _, err = compute.NewFirewall(ctx, "fw-iap", &compute.FirewallArgs{ * Name: pulumi.String("l7-gilb-fw-allow-iap-hc"), * Direction: pulumi.String("INGRESS"), * Network: gilbNetwork.ID(), * SourceRanges: pulumi.StringArray{ * pulumi.String("130.211.0.0/22"), * pulumi.String("35.191.0.0/16"), * pulumi.String("35.235.240.0/20"), * }, * Allows: compute.FirewallAllowArray{ * &compute.FirewallAllowArgs{ * Protocol: pulumi.String("tcp"), * }, * }, * }) * if err != nil { * return err * } * // allow http from proxy subnet to backends * _, err = compute.NewFirewall(ctx, "fw-gilb-to-backends", &compute.FirewallArgs{ * Name: pulumi.String("l7-gilb-fw-allow-gilb-to-backends"), * Direction: pulumi.String("INGRESS"), * Network: gilbNetwork.ID(), * SourceRanges: pulumi.StringArray{ * pulumi.String("10.0.0.0/24"), * }, * TargetTags: pulumi.StringArray{ * pulumi.String("http-server"), * }, * Allows: compute.FirewallAllowArray{ * &compute.FirewallAllowArgs{ * Protocol: pulumi.String("tcp"), * Ports: pulumi.StringArray{ * pulumi.String("80"), * pulumi.String("443"), * pulumi.String("8080"), * }, * }, * }, * }) * if err != nil { * return err * } * // test instance * _, err = compute.NewInstance(ctx, "vm-test", &compute.InstanceArgs{ * Name: pulumi.String("l7-gilb-test-vm"), * Zone: pulumi.String("europe-west1-b"), * MachineType: pulumi.String("e2-small"), * NetworkInterfaces: compute.InstanceNetworkInterfaceArray{ * &compute.InstanceNetworkInterfaceArgs{ * Network: gilbNetwork.ID(), * Subnetwork: gilbSubnet.ID(), * }, * }, * BootDisk: &compute.InstanceBootDiskArgs{ * InitializeParams: &compute.InstanceBootDiskInitializeParamsArgs{ * Image: pulumi.String("debian-cloud/debian-10"), * }, * }, * }) * if err != nil { * return err * } * return nil * }) * } * ``` * ```java * package generated_program; * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.gcp.compute.Network; * import com.pulumi.gcp.compute.NetworkArgs; * import com.pulumi.gcp.compute.Subnetwork; * import com.pulumi.gcp.compute.SubnetworkArgs; * import com.pulumi.gcp.compute.HealthCheck; * import com.pulumi.gcp.compute.HealthCheckArgs; * import com.pulumi.gcp.compute.inputs.HealthCheckHttpHealthCheckArgs; * import com.pulumi.gcp.compute.InstanceTemplate; * import com.pulumi.gcp.compute.InstanceTemplateArgs; * import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs; * import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs; * import com.pulumi.gcp.compute.InstanceGroupManager; * import com.pulumi.gcp.compute.InstanceGroupManagerArgs; * import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs; * import com.pulumi.gcp.compute.BackendService; * import com.pulumi.gcp.compute.BackendServiceArgs; * import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs; * import com.pulumi.gcp.compute.URLMap; * import com.pulumi.gcp.compute.URLMapArgs; * import com.pulumi.gcp.compute.TargetHttpProxy; * import com.pulumi.gcp.compute.TargetHttpProxyArgs; * import com.pulumi.gcp.compute.GlobalForwardingRule; * import com.pulumi.gcp.compute.GlobalForwardingRuleArgs; * import com.pulumi.gcp.compute.Firewall; * import com.pulumi.gcp.compute.FirewallArgs; * import com.pulumi.gcp.compute.inputs.FirewallAllowArgs; * import com.pulumi.gcp.compute.Instance; * import com.pulumi.gcp.compute.InstanceArgs; * import com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs; * import com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs; * import com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; * import java.io.File; * import java.nio.file.Files; * import java.nio.file.Paths; * public class App { * public static void main(String[] args) { * Pulumi.run(App::stack); * } * public static void stack(Context ctx) { * // Global Internal HTTP load balancer with a managed instance group backend * // VPC network * var gilbNetwork = new Network("gilbNetwork", NetworkArgs.builder() * .name("l7-gilb-network") * .autoCreateSubnetworks(false) * .build()); * // proxy-only subnet * var proxySubnet = new Subnetwork("proxySubnet", SubnetworkArgs.builder() * .name("l7-gilb-proxy-subnet") * .ipCidrRange("10.0.0.0/24") * .region("europe-west1") * .purpose("GLOBAL_MANAGED_PROXY") * .role("ACTIVE") * .network(gilbNetwork.id()) * .build()); * // backend subnet * var gilbSubnet = new Subnetwork("gilbSubnet", SubnetworkArgs.builder() * .name("l7-gilb-subnet") * .ipCidrRange("10.0.1.0/24") * .region("europe-west1") * .network(gilbNetwork.id()) * .build()); * // health check * var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder() * .name("l7-gilb-hc") * .httpHealthCheck(HealthCheckHttpHealthCheckArgs.builder() * .portSpecification("USE_SERVING_PORT") * .build()) * .build()); * // instance template * var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder() * .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder() * .accessConfigs() * .network(gilbNetwork.id()) * .subnetwork(gilbSubnet.id()) * .build()) * .name("l7-gilb-mig-template") * .machineType("e2-small") * .tags("http-server") * .disks(InstanceTemplateDiskArgs.builder() * .sourceImage("debian-cloud/debian-10") * .autoDelete(true) * .boot(true) * .build()) * .metadata(Map.of("startup-script", """ * #! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 * Name: $NAME
 * IP: $IP
 * Metadata: $METADATA
 * 
* EOF * """)) * .build()); * // MIG * var mig = new InstanceGroupManager("mig", InstanceGroupManagerArgs.builder() * .name("l7-gilb-mig1") * .zone("europe-west1-b") * .versions(InstanceGroupManagerVersionArgs.builder() * .instanceTemplate(instanceTemplate.id()) * .name("primary") * .build()) * .baseInstanceName("vm") * .targetSize(2) * .build()); * // backend service * var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder() * .name("l7-gilb-backend-subnet") * .protocol("HTTP") * .loadBalancingScheme("INTERNAL_MANAGED") * .timeoutSec(10) * .healthChecks(defaultHealthCheck.id()) * .backends(BackendServiceBackendArgs.builder() * .group(mig.instanceGroup()) * .balancingMode("UTILIZATION") * .capacityScaler(1) * .build()) * .build()); * // URL map * var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder() * .name("l7-gilb-url-map") * .defaultService(defaultBackendService.id()) * .build()); * // HTTP target proxy * var default_ = new TargetHttpProxy("default", TargetHttpProxyArgs.builder() * .name("l7-gilb-target-http-proxy") * .urlMap(defaultURLMap.id()) * .build()); * // forwarding rule * var googleComputeForwardingRule = new GlobalForwardingRule("googleComputeForwardingRule", GlobalForwardingRuleArgs.builder() * .name("l7-gilb-forwarding-rule") * .ipProtocol("TCP") * .loadBalancingScheme("INTERNAL_MANAGED") * .portRange("80") * .target(default_.id()) * .network(gilbNetwork.id()) * .subnetwork(gilbSubnet.id()) * .build()); * // allow all access from IAP and health check ranges * var fw_iap = new Firewall("fw-iap", FirewallArgs.builder() * .name("l7-gilb-fw-allow-iap-hc") * .direction("INGRESS") * .network(gilbNetwork.id()) * .sourceRanges( * "130.211.0.0/22", * "35.191.0.0/16", * "35.235.240.0/20") * .allows(FirewallAllowArgs.builder() * .protocol("tcp") * .build()) * .build()); * // allow http from proxy subnet to backends * var fw_gilb_to_backends = new Firewall("fw-gilb-to-backends", FirewallArgs.builder() * .name("l7-gilb-fw-allow-gilb-to-backends") * .direction("INGRESS") * .network(gilbNetwork.id()) * .sourceRanges("10.0.0.0/24") * .targetTags("http-server") * .allows(FirewallAllowArgs.builder() * .protocol("tcp") * .ports( * "80", * "443", * "8080") * .build()) * .build()); * // test instance * var vm_test = new Instance("vm-test", InstanceArgs.builder() * .name("l7-gilb-test-vm") * .zone("europe-west1-b") * .machineType("e2-small") * .networkInterfaces(InstanceNetworkInterfaceArgs.builder() * .network(gilbNetwork.id()) * .subnetwork(gilbSubnet.id()) * .build()) * .bootDisk(InstanceBootDiskArgs.builder() * .initializeParams(InstanceBootDiskInitializeParamsArgs.builder() * .image("debian-cloud/debian-10") * .build()) * .build()) * .build()); * } * } * ``` * ```yaml * resources: * # Global Internal HTTP load balancer with a managed instance group backend * # VPC network * gilbNetwork: * type: gcp:compute:Network * name: gilb_network * properties: * name: l7-gilb-network * autoCreateSubnetworks: false * # proxy-only subnet * proxySubnet: * type: gcp:compute:Subnetwork * name: proxy_subnet * properties: * name: l7-gilb-proxy-subnet * ipCidrRange: 10.0.0.0/24 * region: europe-west1 * purpose: GLOBAL_MANAGED_PROXY * role: ACTIVE * network: ${gilbNetwork.id} * # backend subnet * gilbSubnet: * type: gcp:compute:Subnetwork * name: gilb_subnet * properties: * name: l7-gilb-subnet * ipCidrRange: 10.0.1.0/24 * region: europe-west1 * network: ${gilbNetwork.id} * # forwarding rule * googleComputeForwardingRule: * type: gcp:compute:GlobalForwardingRule * name: google_compute_forwarding_rule * properties: * name: l7-gilb-forwarding-rule * ipProtocol: TCP * loadBalancingScheme: INTERNAL_MANAGED * portRange: '80' * target: ${default.id} * network: ${gilbNetwork.id} * subnetwork: ${gilbSubnet.id} * # HTTP target proxy * default: * type: gcp:compute:TargetHttpProxy * properties: * name: l7-gilb-target-http-proxy * urlMap: ${defaultURLMap.id} * # URL map * defaultURLMap: * type: gcp:compute:URLMap * name: default * properties: * name: l7-gilb-url-map * defaultService: ${defaultBackendService.id} * # backend service * defaultBackendService: * type: gcp:compute:BackendService * name: default * properties: * name: l7-gilb-backend-subnet * protocol: HTTP * loadBalancingScheme: INTERNAL_MANAGED * timeoutSec: 10 * healthChecks: ${defaultHealthCheck.id} * backends: * - group: ${mig.instanceGroup} * balancingMode: UTILIZATION * capacityScaler: 1 * # instance template * instanceTemplate: * type: gcp:compute:InstanceTemplate * name: instance_template * properties: * networkInterfaces: * - accessConfigs: * - {} * network: ${gilbNetwork.id} * subnetwork: ${gilbSubnet.id} * name: l7-gilb-mig-template * machineType: e2-small * tags: * - http-server * disks: * - sourceImage: debian-cloud/debian-10 * autoDelete: true * boot: true * metadata: * startup-script: | * #! /bin/bash * set -euo pipefail * export DEBIAN_FRONTEND=noninteractive * apt-get update * apt-get install -y nginx-light jq * NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname") * IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip") * METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])') * cat < /var/www/html/index.html *
 *           Name: $NAME
 *           IP: $IP
 *           Metadata: $METADATA
 *           
* EOF * # health check * defaultHealthCheck: * type: gcp:compute:HealthCheck * name: default * properties: * name: l7-gilb-hc * httpHealthCheck: * portSpecification: USE_SERVING_PORT * # MIG * mig: * type: gcp:compute:InstanceGroupManager * properties: * name: l7-gilb-mig1 * zone: europe-west1-b * versions: * - instanceTemplate: ${instanceTemplate.id} * name: primary * baseInstanceName: vm * targetSize: 2 * # allow all access from IAP and health check ranges * fw-iap: * type: gcp:compute:Firewall * properties: * name: l7-gilb-fw-allow-iap-hc * direction: INGRESS * network: ${gilbNetwork.id} * sourceRanges: * - 130.211.0.0/22 * - 35.191.0.0/16 * - 35.235.240.0/20 * allows: * - protocol: tcp * # allow http from proxy subnet to backends * fw-gilb-to-backends: * type: gcp:compute:Firewall * properties: * name: l7-gilb-fw-allow-gilb-to-backends * direction: INGRESS * network: ${gilbNetwork.id} * sourceRanges: * - 10.0.0.0/24 * targetTags: * - http-server * allows: * - protocol: tcp * ports: * - '80' * - '443' * - '8080' * # test instance * vm-test: * type: gcp:compute:Instance * properties: * name: l7-gilb-test-vm * zone: europe-west1-b * machineType: e2-small * networkInterfaces: * - network: ${gilbNetwork.id} * subnetwork: ${gilbSubnet.id} * bootDisk: * initializeParams: * image: debian-cloud/debian-10 * ``` * * ### Private Service Connect Google Apis * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * const network = new gcp.compute.Network("network", { * project: "my-project-name", * name: "my-network", * autoCreateSubnetworks: false, * }); * const vpcSubnetwork = new gcp.compute.Subnetwork("vpc_subnetwork", { * project: network.project, * name: "my-subnetwork", * ipCidrRange: "10.2.0.0/16", * region: "us-central1", * network: network.id, * privateIpGoogleAccess: true, * }); * const _default = new gcp.compute.GlobalAddress("default", { * project: network.project, * name: "global-psconnect-ip", * addressType: "INTERNAL", * purpose: "PRIVATE_SERVICE_CONNECT", * network: network.id, * address: "100.100.100.106", * }); * const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("default", { * project: network.project, * name: "globalrule", * target: "all-apis", * network: network.id, * ipAddress: _default.id, * loadBalancingScheme: "", * serviceDirectoryRegistrations: { * namespace: "sd-namespace", * serviceDirectoryRegion: "europe-west3", * }, * }); * ``` * ```python * import pulumi * import pulumi_gcp as gcp * network = gcp.compute.Network("network", * project="my-project-name", * name="my-network", * auto_create_subnetworks=False) * vpc_subnetwork = gcp.compute.Subnetwork("vpc_subnetwork", * project=network.project, * name="my-subnetwork", * ip_cidr_range="10.2.0.0/16", * region="us-central1", * network=network.id, * private_ip_google_access=True) * default = gcp.compute.GlobalAddress("default", * project=network.project, * name="global-psconnect-ip", * address_type="INTERNAL", * purpose="PRIVATE_SERVICE_CONNECT", * network=network.id, * address="100.100.100.106") * default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default", * project=network.project, * name="globalrule", * target="all-apis", * network=network.id, * ip_address=default.id, * load_balancing_scheme="", * service_directory_registrations=gcp.compute.GlobalForwardingRuleServiceDirectoryRegistrationsArgs( * namespace="sd-namespace", * service_directory_region="europe-west3", * )) * ``` * ```csharp * using System.Collections.Generic; * using System.Linq; * using Pulumi; * using Gcp = Pulumi.Gcp; * return await Deployment.RunAsync(() => * { * var network = new Gcp.Compute.Network("network", new() * { * Project = "my-project-name", * Name = "my-network", * AutoCreateSubnetworks = false, * }); * var vpcSubnetwork = new Gcp.Compute.Subnetwork("vpc_subnetwork", new() * { * Project = network.Project, * Name = "my-subnetwork", * IpCidrRange = "10.2.0.0/16", * Region = "us-central1", * Network = network.Id, * PrivateIpGoogleAccess = true, * }); * var @default = new Gcp.Compute.GlobalAddress("default", new() * { * Project = network.Project, * Name = "global-psconnect-ip", * AddressType = "INTERNAL", * Purpose = "PRIVATE_SERVICE_CONNECT", * Network = network.Id, * Address = "100.100.100.106", * }); * var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("default", new() * { * Project = network.Project, * Name = "globalrule", * Target = "all-apis", * Network = network.Id, * IpAddress = @default.Id, * LoadBalancingScheme = "", * ServiceDirectoryRegistrations = new Gcp.Compute.Inputs.GlobalForwardingRuleServiceDirectoryRegistrationsArgs * { * Namespace = "sd-namespace", * ServiceDirectoryRegion = "europe-west3", * }, * }); * }); * ``` * ```go * package main * import ( * "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute" * "github.com/pulumi/pulumi/sdk/v3/go/pulumi" * ) * func main() { * pulumi.Run(func(ctx *pulumi.Context) error { * network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{ * Project: pulumi.String("my-project-name"), * Name: pulumi.String("my-network"), * AutoCreateSubnetworks: pulumi.Bool(false), * }) * if err != nil { * return err * } * _, err = compute.NewSubnetwork(ctx, "vpc_subnetwork", &compute.SubnetworkArgs{ * Project: network.Project, * Name: pulumi.String("my-subnetwork"), * IpCidrRange: pulumi.String("10.2.0.0/16"), * Region: pulumi.String("us-central1"), * Network: network.ID(), * PrivateIpGoogleAccess: pulumi.Bool(true), * }) * if err != nil { * return err * } * _, err = compute.NewGlobalAddress(ctx, "default", &compute.GlobalAddressArgs{ * Project: network.Project, * Name: pulumi.String("global-psconnect-ip"), * AddressType: pulumi.String("INTERNAL"), * Purpose: pulumi.String("PRIVATE_SERVICE_CONNECT"), * Network: network.ID(), * Address: pulumi.String("100.100.100.106"), * }) * if err != nil { * return err * } * _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{ * Project: network.Project, * Name: pulumi.String("globalrule"), * Target: pulumi.String("all-apis"), * Network: network.ID(), * IpAddress: _default.ID(), * LoadBalancingScheme: pulumi.String(""), * ServiceDirectoryRegistrations: &compute.GlobalForwardingRuleServiceDirectoryRegistrationsArgs{ * Namespace: pulumi.String("sd-namespace"), * ServiceDirectoryRegion: pulumi.String("europe-west3"), * }, * }) * if err != nil { * return err * } * return nil * }) * } * ``` * ```java * package generated_program; * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.gcp.compute.Network; * import com.pulumi.gcp.compute.NetworkArgs; * import com.pulumi.gcp.compute.Subnetwork; * import com.pulumi.gcp.compute.SubnetworkArgs; * import com.pulumi.gcp.compute.GlobalAddress; * import com.pulumi.gcp.compute.GlobalAddressArgs; * import com.pulumi.gcp.compute.GlobalForwardingRule; * import com.pulumi.gcp.compute.GlobalForwardingRuleArgs; * import com.pulumi.gcp.compute.inputs.GlobalForwardingRuleServiceDirectoryRegistrationsArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; * import java.io.File; * import java.nio.file.Files; * import java.nio.file.Paths; * public class App { * public static void main(String[] args) { * Pulumi.run(App::stack); * } * public static void stack(Context ctx) { * var network = new Network("network", NetworkArgs.builder() * .project("my-project-name") * .name("my-network") * .autoCreateSubnetworks(false) * .build()); * var vpcSubnetwork = new Subnetwork("vpcSubnetwork", SubnetworkArgs.builder() * .project(network.project()) * .name("my-subnetwork") * .ipCidrRange("10.2.0.0/16") * .region("us-central1") * .network(network.id()) * .privateIpGoogleAccess(true) * .build()); * var default_ = new GlobalAddress("default", GlobalAddressArgs.builder() * .project(network.project()) * .name("global-psconnect-ip") * .addressType("INTERNAL") * .purpose("PRIVATE_SERVICE_CONNECT") * .network(network.id()) * .address("100.100.100.106") * .build()); * var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder() * .project(network.project()) * .name("globalrule") * .target("all-apis") * .network(network.id()) * .ipAddress(default_.id()) * .loadBalancingScheme("") * .serviceDirectoryRegistrations(GlobalForwardingRuleServiceDirectoryRegistrationsArgs.builder() * .namespace("sd-namespace") * .serviceDirectoryRegion("europe-west3") * .build()) * .build()); * } * } * ``` * ```yaml * resources: * network: * type: gcp:compute:Network * properties: * project: my-project-name * name: my-network * autoCreateSubnetworks: false * vpcSubnetwork: * type: gcp:compute:Subnetwork * name: vpc_subnetwork * properties: * project: ${network.project} * name: my-subnetwork * ipCidrRange: 10.2.0.0/16 * region: us-central1 * network: ${network.id} * privateIpGoogleAccess: true * default: * type: gcp:compute:GlobalAddress * properties: * project: ${network.project} * name: global-psconnect-ip * addressType: INTERNAL * purpose: PRIVATE_SERVICE_CONNECT * network: ${network.id} * address: 100.100.100.106 * defaultGlobalForwardingRule: * type: gcp:compute:GlobalForwardingRule * name: default * properties: * project: ${network.project} * name: globalrule * target: all-apis * network: ${network.id} * ipAddress: ${default.id} * loadBalancingScheme: * serviceDirectoryRegistrations: * namespace: sd-namespace * serviceDirectoryRegion: europe-west3 * ``` * * ### Private Service Connect Google Apis No Automate Dns * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * const network = new gcp.compute.Network("network", { * project: "my-project-name", * name: "my-network", * autoCreateSubnetworks: false, * }); * const vpcSubnetwork = new gcp.compute.Subnetwork("vpc_subnetwork", { * project: network.project, * name: "my-subnetwork", * ipCidrRange: "10.2.0.0/16", * region: "us-central1", * network: network.id, * privateIpGoogleAccess: true, * }); * const _default = new gcp.compute.GlobalAddress("default", { * project: network.project, * name: "global-psconnect-ip", * addressType: "INTERNAL", * purpose: "PRIVATE_SERVICE_CONNECT", * network: network.id, * address: "100.100.100.106", * }); * const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("default", { * project: network.project, * name: "globalrule", * target: "all-apis", * network: network.id, * ipAddress: _default.id, * loadBalancingScheme: "", * noAutomateDnsZone: false, * }); * ``` * ```python * import pulumi * import pulumi_gcp as gcp * network = gcp.compute.Network("network", * project="my-project-name", * name="my-network", * auto_create_subnetworks=False) * vpc_subnetwork = gcp.compute.Subnetwork("vpc_subnetwork", * project=network.project, * name="my-subnetwork", * ip_cidr_range="10.2.0.0/16", * region="us-central1", * network=network.id, * private_ip_google_access=True) * default = gcp.compute.GlobalAddress("default", * project=network.project, * name="global-psconnect-ip", * address_type="INTERNAL", * purpose="PRIVATE_SERVICE_CONNECT", * network=network.id, * address="100.100.100.106") * default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default", * project=network.project, * name="globalrule", * target="all-apis", * network=network.id, * ip_address=default.id, * load_balancing_scheme="", * no_automate_dns_zone=False) * ``` * ```csharp * using System.Collections.Generic; * using System.Linq; * using Pulumi; * using Gcp = Pulumi.Gcp; * return await Deployment.RunAsync(() => * { * var network = new Gcp.Compute.Network("network", new() * { * Project = "my-project-name", * Name = "my-network", * AutoCreateSubnetworks = false, * }); * var vpcSubnetwork = new Gcp.Compute.Subnetwork("vpc_subnetwork", new() * { * Project = network.Project, * Name = "my-subnetwork", * IpCidrRange = "10.2.0.0/16", * Region = "us-central1", * Network = network.Id, * PrivateIpGoogleAccess = true, * }); * var @default = new Gcp.Compute.GlobalAddress("default", new() * { * Project = network.Project, * Name = "global-psconnect-ip", * AddressType = "INTERNAL", * Purpose = "PRIVATE_SERVICE_CONNECT", * Network = network.Id, * Address = "100.100.100.106", * }); * var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("default", new() * { * Project = network.Project, * Name = "globalrule", * Target = "all-apis", * Network = network.Id, * IpAddress = @default.Id, * LoadBalancingScheme = "", * NoAutomateDnsZone = false, * }); * }); * ``` * ```go * package main * import ( * "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute" * "github.com/pulumi/pulumi/sdk/v3/go/pulumi" * ) * func main() { * pulumi.Run(func(ctx *pulumi.Context) error { * network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{ * Project: pulumi.String("my-project-name"), * Name: pulumi.String("my-network"), * AutoCreateSubnetworks: pulumi.Bool(false), * }) * if err != nil { * return err * } * _, err = compute.NewSubnetwork(ctx, "vpc_subnetwork", &compute.SubnetworkArgs{ * Project: network.Project, * Name: pulumi.String("my-subnetwork"), * IpCidrRange: pulumi.String("10.2.0.0/16"), * Region: pulumi.String("us-central1"), * Network: network.ID(), * PrivateIpGoogleAccess: pulumi.Bool(true), * }) * if err != nil { * return err * } * _, err = compute.NewGlobalAddress(ctx, "default", &compute.GlobalAddressArgs{ * Project: network.Project, * Name: pulumi.String("global-psconnect-ip"), * AddressType: pulumi.String("INTERNAL"), * Purpose: pulumi.String("PRIVATE_SERVICE_CONNECT"), * Network: network.ID(), * Address: pulumi.String("100.100.100.106"), * }) * if err != nil { * return err * } * _, err = compute.NewGlobalForwardingRule(ctx, "default", &compute.GlobalForwardingRuleArgs{ * Project: network.Project, * Name: pulumi.String("globalrule"), * Target: pulumi.String("all-apis"), * Network: network.ID(), * IpAddress: _default.ID(), * LoadBalancingScheme: pulumi.String(""), * NoAutomateDnsZone: pulumi.Bool(false), * }) * if err != nil { * return err * } * return nil * }) * } * ``` * ```java * package generated_program; * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.gcp.compute.Network; * import com.pulumi.gcp.compute.NetworkArgs; * import com.pulumi.gcp.compute.Subnetwork; * import com.pulumi.gcp.compute.SubnetworkArgs; * import com.pulumi.gcp.compute.GlobalAddress; * import com.pulumi.gcp.compute.GlobalAddressArgs; * import com.pulumi.gcp.compute.GlobalForwardingRule; * import com.pulumi.gcp.compute.GlobalForwardingRuleArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; * import java.io.File; * import java.nio.file.Files; * import java.nio.file.Paths; * public class App { * public static void main(String[] args) { * Pulumi.run(App::stack); * } * public static void stack(Context ctx) { * var network = new Network("network", NetworkArgs.builder() * .project("my-project-name") * .name("my-network") * .autoCreateSubnetworks(false) * .build()); * var vpcSubnetwork = new Subnetwork("vpcSubnetwork", SubnetworkArgs.builder() * .project(network.project()) * .name("my-subnetwork") * .ipCidrRange("10.2.0.0/16") * .region("us-central1") * .network(network.id()) * .privateIpGoogleAccess(true) * .build()); * var default_ = new GlobalAddress("default", GlobalAddressArgs.builder() * .project(network.project()) * .name("global-psconnect-ip") * .addressType("INTERNAL") * .purpose("PRIVATE_SERVICE_CONNECT") * .network(network.id()) * .address("100.100.100.106") * .build()); * var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder() * .project(network.project()) * .name("globalrule") * .target("all-apis") * .network(network.id()) * .ipAddress(default_.id()) * .loadBalancingScheme("") * .noAutomateDnsZone(false) * .build()); * } * } * ``` * ```yaml * resources: * network: * type: gcp:compute:Network * properties: * project: my-project-name * name: my-network * autoCreateSubnetworks: false * vpcSubnetwork: * type: gcp:compute:Subnetwork * name: vpc_subnetwork * properties: * project: ${network.project} * name: my-subnetwork * ipCidrRange: 10.2.0.0/16 * region: us-central1 * network: ${network.id} * privateIpGoogleAccess: true * default: * type: gcp:compute:GlobalAddress * properties: * project: ${network.project} * name: global-psconnect-ip * addressType: INTERNAL * purpose: PRIVATE_SERVICE_CONNECT * network: ${network.id} * address: 100.100.100.106 * defaultGlobalForwardingRule: * type: gcp:compute:GlobalForwardingRule * name: default * properties: * project: ${network.project} * name: globalrule * target: all-apis * network: ${network.id} * ipAddress: ${default.id} * loadBalancingScheme: * noAutomateDnsZone: false * ``` * * ## Import * GlobalForwardingRule can be imported using any of these accepted formats: * * `projects/{{project}}/global/forwardingRules/{{name}}` * * `{{project}}/{{name}}` * * `{{name}}` * When using the `pulumi import` command, GlobalForwardingRule can be imported using one of the formats above. For example: * ```sh * $ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default projects/{{project}}/global/forwardingRules/{{name}} * ``` * ```sh * $ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default {{project}}/{{name}} * ``` * ```sh * $ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default {{name}} * ``` * @property allowPscGlobalAccess This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region. * @property description An optional description of this resource. Provide this property when * you create the resource. * @property ipAddress IP address for which this forwarding rule accepts traffic. When a client * sends traffic to this IP address, the forwarding rule directs the traffic * to the referenced `target`. * While creating a forwarding rule, specifying an `IPAddress` is * required under the following circumstances: * * When the `target` is set to `targetGrpcProxy` and * `validateForProxyless` is set to `true`, the * `IPAddress` should be set to `0.0.0.0`. * * When the `target` is a Private Service Connect Google APIs * bundle, you must specify an `IPAddress`. * Otherwise, you can optionally specify an IP address that references an * existing static (reserved) IP address resource. When omitted, Google Cloud * assigns an ephemeral IP address. * Use one of the following formats to specify an IP address while creating a * forwarding rule: * * IP address number, as in `100.1.2.3` * * IPv6 address range, as in `2600:1234::/96` * * Full resource URL, as in * `https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name` * * Partial URL or by name, as in: * * `projects/project_id/regions/region/addresses/address-name` * * `regions/region/addresses/address-name` * * `global/addresses/address-name` * * `address-name` * The forwarding rule's `target`, * and in most cases, also the `loadBalancingScheme`, determine the * type of IP address that you can use. For detailed information, see * [IP address * specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). * When reading an `IPAddress`, the API always returns the IP * address number. * @property ipProtocol The IP protocol to which this rule applies. * For protocol forwarding, valid * options are `TCP`, `UDP`, `ESP`, * `AH`, `SCTP`, `ICMP` and * `L3_DEFAULT`. * The valid IP protocols are different for different load balancing products * as described in [Load balancing * features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends). * Possible values are: `TCP`, `UDP`, `ESP`, `AH`, `SCTP`, `ICMP`. * @property ipVersion The IP Version that will be used by this global forwarding rule. * Possible values are: `IPV4`, `IPV6`. * @property labels Labels to apply to this forwarding rule. A list of key->value pairs. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effective_labels` for all of the labels present on the resource. * @property loadBalancingScheme Specifies the forwarding rule type. * For more information about forwarding rules, refer to * [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). * Default value is `EXTERNAL`. * Possible values are: `EXTERNAL`, `EXTERNAL_MANAGED`, `INTERNAL_MANAGED`, `INTERNAL_SELF_MANAGED`. * @property metadataFilters Opaque filter criteria used by Loadbalancer to restrict routing * configuration to a limited set xDS compliant clients. In their xDS * requests to Loadbalancer, xDS clients present node metadata. If a * match takes place, the relevant routing configuration is made available * to those proxies. * For each metadataFilter in this list, if its filterMatchCriteria is set * to MATCH_ANY, at least one of the filterLabels must match the * corresponding label provided in the metadata. If its filterMatchCriteria * is set to MATCH_ALL, then all of its filterLabels must match with * corresponding labels in the provided metadata. * metadataFilters specified here can be overridden by those specified in * the UrlMap that this ForwardingRule references. * metadataFilters only applies to Loadbalancers that have their * loadBalancingScheme set to INTERNAL_SELF_MANAGED. * Structure is documented below. * @property name Name of the resource; provided by the client when the resource is created. * The name must be 1-63 characters long, and comply with * [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). * Specifically, the name must be 1-63 characters long and match the regular * expression `a-z?` which means the first * character must be a lowercase letter, and all following characters must * be a dash, lowercase letter, or digit, except the last character, which * cannot be a dash. * For Private Service Connect forwarding rules that forward traffic to Google * APIs, the forwarding rule name must be a 1-20 characters string with * lowercase letters and numbers and must start with a letter. * @property network This field is not used for external load balancing. * For Internal TCP/UDP Load Balancing, this field identifies the network that * the load balanced IP should belong to for this Forwarding Rule. * If the subnetwork is specified, the network of the subnetwork will be used. * If neither subnetwork nor this field is specified, the default network will * be used. * For Private Service Connect forwarding rules that forward traffic to Google * APIs, a network must be provided. * @property noAutomateDnsZone This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field. * @property portRange The `portRange` field has the following limitations: * * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP, * and * * It's applicable only to the following products: external passthrough * Network Load Balancers, internal and external proxy Network Load * Balancers, internal and external Application Load Balancers, external * protocol forwarding, and Classic VPN. * * Some products have restrictions on what ports can be used. See * [port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#port_specifications) * for details. * For external forwarding rules, two or more forwarding rules cannot use the * same `[IPAddress, IPProtocol]` pair, and cannot have overlapping * `portRange`s. * For internal forwarding rules within the same VPC network, two or more * forwarding rules cannot use the same `[IPAddress, IPProtocol]` pair, and * cannot have overlapping `portRange`s. * @property project The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. * @property serviceDirectoryRegistrations Service Directory resources to register this forwarding rule with. * Currently, only supports a single Service Directory resource. * Structure is documented below. * @property sourceIpRanges If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). * @property subnetwork This field identifies the subnetwork that the load balanced IP should * belong to for this Forwarding Rule, used in internal load balancing and * network load balancing with IPv6. * If the network specified is in auto subnet mode, this field is optional. * However, a subnetwork must be specified if the network is in custom subnet * mode or when creating external forwarding rule with IPv6. * @property target The URL of the target resource to receive the matched traffic. For * regional forwarding rules, this target must be in the same region as the * forwarding rule. For global forwarding rules, this target must be a global * load balancing resource. * The forwarded traffic must be of a type appropriate to the target object. * * For load balancers, see the "Target" column in [Port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). * * For Private Service Connect forwarding rules that forward traffic to Google APIs, provide the name of a supported Google API bundle: * * `vpc-sc` - [ APIs that support VPC Service Controls](https://cloud.google.com/vpc-service-controls/docs/supported-products). * * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis). * For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment. * - - - * */*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/ */ public data class GlobalForwardingRuleArgs( public val allowPscGlobalAccess: Output? = null, public val description: Output? = null, public val ipAddress: Output? = null, public val ipProtocol: Output? = null, public val ipVersion: Output? = null, public val labels: Output>? = null, public val loadBalancingScheme: Output? = null, public val metadataFilters: Output>? = null, public val name: Output? = null, public val network: Output? = null, public val noAutomateDnsZone: Output? = null, public val portRange: Output? = null, public val project: Output? = null, public val serviceDirectoryRegistrations: Output? = null, public val sourceIpRanges: Output>? = null, public val subnetwork: Output? = null, public val target: Output? = null, ) : ConvertibleToJava { override fun toJava(): com.pulumi.gcp.compute.GlobalForwardingRuleArgs = com.pulumi.gcp.compute.GlobalForwardingRuleArgs.builder() .allowPscGlobalAccess(allowPscGlobalAccess?.applyValue({ args0 -> args0 })) .description(description?.applyValue({ args0 -> args0 })) .ipAddress(ipAddress?.applyValue({ args0 -> args0 })) .ipProtocol(ipProtocol?.applyValue({ args0 -> args0 })) .ipVersion(ipVersion?.applyValue({ args0 -> args0 })) .labels(labels?.applyValue({ args0 -> args0.map({ args0 -> args0.key.to(args0.value) }).toMap() })) .loadBalancingScheme(loadBalancingScheme?.applyValue({ args0 -> args0 })) .metadataFilters( metadataFilters?.applyValue({ args0 -> args0.map({ args0 -> args0.let({ args0 -> args0.toJava() }) }) }), ) .name(name?.applyValue({ args0 -> args0 })) .network(network?.applyValue({ args0 -> args0 })) .noAutomateDnsZone(noAutomateDnsZone?.applyValue({ args0 -> args0 })) .portRange(portRange?.applyValue({ args0 -> args0 })) .project(project?.applyValue({ args0 -> args0 })) .serviceDirectoryRegistrations( serviceDirectoryRegistrations?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }), ) .sourceIpRanges(sourceIpRanges?.applyValue({ args0 -> args0.map({ args0 -> args0 }) })) .subnetwork(subnetwork?.applyValue({ args0 -> args0 })) .target(target?.applyValue({ args0 -> args0 })).build() } /** * Builder for [GlobalForwardingRuleArgs]. */ @PulumiTagMarker public class GlobalForwardingRuleArgsBuilder internal constructor() { private var allowPscGlobalAccess: Output? = null private var description: Output? = null private var ipAddress: Output? = null private var ipProtocol: Output? = null private var ipVersion: Output? = null private var labels: Output>? = null private var loadBalancingScheme: Output? = null private var metadataFilters: Output>? = null private var name: Output? = null private var network: Output? = null private var noAutomateDnsZone: Output? = null private var portRange: Output? = null private var project: Output? = null private var serviceDirectoryRegistrations: Output? = null private var sourceIpRanges: Output>? = null private var subnetwork: Output? = null private var target: Output? = null /** * @param value This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region. */ @JvmName("mwiybkommllnhvhm") public suspend fun allowPscGlobalAccess(`value`: Output) { this.allowPscGlobalAccess = value } /** * @param value An optional description of this resource. Provide this property when * you create the resource. */ @JvmName("ioahoyekdqbtoglu") public suspend fun description(`value`: Output) { this.description = value } /** * @param value IP address for which this forwarding rule accepts traffic. When a client * sends traffic to this IP address, the forwarding rule directs the traffic * to the referenced `target`. * While creating a forwarding rule, specifying an `IPAddress` is * required under the following circumstances: * * When the `target` is set to `targetGrpcProxy` and * `validateForProxyless` is set to `true`, the * `IPAddress` should be set to `0.0.0.0`. * * When the `target` is a Private Service Connect Google APIs * bundle, you must specify an `IPAddress`. * Otherwise, you can optionally specify an IP address that references an * existing static (reserved) IP address resource. When omitted, Google Cloud * assigns an ephemeral IP address. * Use one of the following formats to specify an IP address while creating a * forwarding rule: * * IP address number, as in `100.1.2.3` * * IPv6 address range, as in `2600:1234::/96` * * Full resource URL, as in * `https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name` * * Partial URL or by name, as in: * * `projects/project_id/regions/region/addresses/address-name` * * `regions/region/addresses/address-name` * * `global/addresses/address-name` * * `address-name` * The forwarding rule's `target`, * and in most cases, also the `loadBalancingScheme`, determine the * type of IP address that you can use. For detailed information, see * [IP address * specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). * When reading an `IPAddress`, the API always returns the IP * address number. */ @JvmName("mtgdhrtagjrwsyos") public suspend fun ipAddress(`value`: Output) { this.ipAddress = value } /** * @param value The IP protocol to which this rule applies. * For protocol forwarding, valid * options are `TCP`, `UDP`, `ESP`, * `AH`, `SCTP`, `ICMP` and * `L3_DEFAULT`. * The valid IP protocols are different for different load balancing products * as described in [Load balancing * features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends). * Possible values are: `TCP`, `UDP`, `ESP`, `AH`, `SCTP`, `ICMP`. */ @JvmName("lkgqukwkbbvgkgvx") public suspend fun ipProtocol(`value`: Output) { this.ipProtocol = value } /** * @param value The IP Version that will be used by this global forwarding rule. * Possible values are: `IPV4`, `IPV6`. */ @JvmName("vvxjwhefiijwhlly") public suspend fun ipVersion(`value`: Output) { this.ipVersion = value } /** * @param value Labels to apply to this forwarding rule. A list of key->value pairs. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effective_labels` for all of the labels present on the resource. */ @JvmName("yqfkvxdiyakpklcj") public suspend fun labels(`value`: Output>) { this.labels = value } /** * @param value Specifies the forwarding rule type. * For more information about forwarding rules, refer to * [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). * Default value is `EXTERNAL`. * Possible values are: `EXTERNAL`, `EXTERNAL_MANAGED`, `INTERNAL_MANAGED`, `INTERNAL_SELF_MANAGED`. */ @JvmName("siivlkvsybxcbuam") public suspend fun loadBalancingScheme(`value`: Output) { this.loadBalancingScheme = value } /** * @param value Opaque filter criteria used by Loadbalancer to restrict routing * configuration to a limited set xDS compliant clients. In their xDS * requests to Loadbalancer, xDS clients present node metadata. If a * match takes place, the relevant routing configuration is made available * to those proxies. * For each metadataFilter in this list, if its filterMatchCriteria is set * to MATCH_ANY, at least one of the filterLabels must match the * corresponding label provided in the metadata. If its filterMatchCriteria * is set to MATCH_ALL, then all of its filterLabels must match with * corresponding labels in the provided metadata. * metadataFilters specified here can be overridden by those specified in * the UrlMap that this ForwardingRule references. * metadataFilters only applies to Loadbalancers that have their * loadBalancingScheme set to INTERNAL_SELF_MANAGED. * Structure is documented below. */ @JvmName("qgqslfdpyffdcfmu") public suspend fun metadataFilters(`value`: Output>) { this.metadataFilters = value } @JvmName("kkfagrtrqebovccc") public suspend fun metadataFilters(vararg values: Output) { this.metadataFilters = Output.all(values.asList()) } /** * @param values Opaque filter criteria used by Loadbalancer to restrict routing * configuration to a limited set xDS compliant clients. In their xDS * requests to Loadbalancer, xDS clients present node metadata. If a * match takes place, the relevant routing configuration is made available * to those proxies. * For each metadataFilter in this list, if its filterMatchCriteria is set * to MATCH_ANY, at least one of the filterLabels must match the * corresponding label provided in the metadata. If its filterMatchCriteria * is set to MATCH_ALL, then all of its filterLabels must match with * corresponding labels in the provided metadata. * metadataFilters specified here can be overridden by those specified in * the UrlMap that this ForwardingRule references. * metadataFilters only applies to Loadbalancers that have their * loadBalancingScheme set to INTERNAL_SELF_MANAGED. * Structure is documented below. */ @JvmName("ksdawdpcpfiddhgu") public suspend fun metadataFilters(values: List>) { this.metadataFilters = Output.all(values) } /** * @param value Name of the resource; provided by the client when the resource is created. * The name must be 1-63 characters long, and comply with * [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). * Specifically, the name must be 1-63 characters long and match the regular * expression `a-z?` which means the first * character must be a lowercase letter, and all following characters must * be a dash, lowercase letter, or digit, except the last character, which * cannot be a dash. * For Private Service Connect forwarding rules that forward traffic to Google * APIs, the forwarding rule name must be a 1-20 characters string with * lowercase letters and numbers and must start with a letter. */ @JvmName("lbulsdhbgskbpahs") public suspend fun name(`value`: Output) { this.name = value } /** * @param value This field is not used for external load balancing. * For Internal TCP/UDP Load Balancing, this field identifies the network that * the load balanced IP should belong to for this Forwarding Rule. * If the subnetwork is specified, the network of the subnetwork will be used. * If neither subnetwork nor this field is specified, the default network will * be used. * For Private Service Connect forwarding rules that forward traffic to Google * APIs, a network must be provided. */ @JvmName("rgqdtkwyjvemapww") public suspend fun network(`value`: Output) { this.network = value } /** * @param value This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field. */ @JvmName("brqraabddmvdqfmd") public suspend fun noAutomateDnsZone(`value`: Output) { this.noAutomateDnsZone = value } /** * @param value The `portRange` field has the following limitations: * * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP, * and * * It's applicable only to the following products: external passthrough * Network Load Balancers, internal and external proxy Network Load * Balancers, internal and external Application Load Balancers, external * protocol forwarding, and Classic VPN. * * Some products have restrictions on what ports can be used. See * [port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#port_specifications) * for details. * For external forwarding rules, two or more forwarding rules cannot use the * same `[IPAddress, IPProtocol]` pair, and cannot have overlapping * `portRange`s. * For internal forwarding rules within the same VPC network, two or more * forwarding rules cannot use the same `[IPAddress, IPProtocol]` pair, and * cannot have overlapping `portRange`s. */ @JvmName("jqkkypewincndblk") public suspend fun portRange(`value`: Output) { this.portRange = value } /** * @param value The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ @JvmName("ansxdclexqgqqxmj") public suspend fun project(`value`: Output) { this.project = value } /** * @param value Service Directory resources to register this forwarding rule with. * Currently, only supports a single Service Directory resource. * Structure is documented below. */ @JvmName("hbjfjkumkuwiurjy") public suspend fun serviceDirectoryRegistrations(`value`: Output) { this.serviceDirectoryRegistrations = value } /** * @param value If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). */ @JvmName("vmnoffwejubxmtlf") public suspend fun sourceIpRanges(`value`: Output>) { this.sourceIpRanges = value } @JvmName("ccqqhhyoleutbdcy") public suspend fun sourceIpRanges(vararg values: Output) { this.sourceIpRanges = Output.all(values.asList()) } /** * @param values If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). */ @JvmName("qskaygvbgmfuhnba") public suspend fun sourceIpRanges(values: List>) { this.sourceIpRanges = Output.all(values) } /** * @param value This field identifies the subnetwork that the load balanced IP should * belong to for this Forwarding Rule, used in internal load balancing and * network load balancing with IPv6. * If the network specified is in auto subnet mode, this field is optional. * However, a subnetwork must be specified if the network is in custom subnet * mode or when creating external forwarding rule with IPv6. */ @JvmName("ywwvrnlgrpsesuft") public suspend fun subnetwork(`value`: Output) { this.subnetwork = value } /** * @param value The URL of the target resource to receive the matched traffic. For * regional forwarding rules, this target must be in the same region as the * forwarding rule. For global forwarding rules, this target must be a global * load balancing resource. * The forwarded traffic must be of a type appropriate to the target object. * * For load balancers, see the "Target" column in [Port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). * * For Private Service Connect forwarding rules that forward traffic to Google APIs, provide the name of a supported Google API bundle: * * `vpc-sc` - [ APIs that support VPC Service Controls](https://cloud.google.com/vpc-service-controls/docs/supported-products). * * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis). * For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment. * - - - */ @JvmName("ajkmbtftrappdflc") public suspend fun target(`value`: Output) { this.target = value } /** * @param value This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region. */ @JvmName("hykhbjewigpbbgfi") public suspend fun allowPscGlobalAccess(`value`: Boolean?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.allowPscGlobalAccess = mapped } /** * @param value An optional description of this resource. Provide this property when * you create the resource. */ @JvmName("feiirrsgsnbgwkbr") public suspend fun description(`value`: String?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.description = mapped } /** * @param value IP address for which this forwarding rule accepts traffic. When a client * sends traffic to this IP address, the forwarding rule directs the traffic * to the referenced `target`. * While creating a forwarding rule, specifying an `IPAddress` is * required under the following circumstances: * * When the `target` is set to `targetGrpcProxy` and * `validateForProxyless` is set to `true`, the * `IPAddress` should be set to `0.0.0.0`. * * When the `target` is a Private Service Connect Google APIs * bundle, you must specify an `IPAddress`. * Otherwise, you can optionally specify an IP address that references an * existing static (reserved) IP address resource. When omitted, Google Cloud * assigns an ephemeral IP address. * Use one of the following formats to specify an IP address while creating a * forwarding rule: * * IP address number, as in `100.1.2.3` * * IPv6 address range, as in `2600:1234::/96` * * Full resource URL, as in * `https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name` * * Partial URL or by name, as in: * * `projects/project_id/regions/region/addresses/address-name` * * `regions/region/addresses/address-name` * * `global/addresses/address-name` * * `address-name` * The forwarding rule's `target`, * and in most cases, also the `loadBalancingScheme`, determine the * type of IP address that you can use. For detailed information, see * [IP address * specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). * When reading an `IPAddress`, the API always returns the IP * address number. */ @JvmName("ymuegsmdhfxlyiim") public suspend fun ipAddress(`value`: String?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.ipAddress = mapped } /** * @param value The IP protocol to which this rule applies. * For protocol forwarding, valid * options are `TCP`, `UDP`, `ESP`, * `AH`, `SCTP`, `ICMP` and * `L3_DEFAULT`. * The valid IP protocols are different for different load balancing products * as described in [Load balancing * features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends). * Possible values are: `TCP`, `UDP`, `ESP`, `AH`, `SCTP`, `ICMP`. */ @JvmName("vmmypcvnfmfiimho") public suspend fun ipProtocol(`value`: String?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.ipProtocol = mapped } /** * @param value The IP Version that will be used by this global forwarding rule. * Possible values are: `IPV4`, `IPV6`. */ @JvmName("kmdysjtbkqaceomu") public suspend fun ipVersion(`value`: String?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.ipVersion = mapped } /** * @param value Labels to apply to this forwarding rule. A list of key->value pairs. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effective_labels` for all of the labels present on the resource. */ @JvmName("lvavgrfsxpjuvfhk") public suspend fun labels(`value`: Map?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.labels = mapped } /** * @param values Labels to apply to this forwarding rule. A list of key->value pairs. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effective_labels` for all of the labels present on the resource. */ @JvmName("mgxrucyrixfppllt") public fun labels(vararg values: Pair) { val toBeMapped = values.toMap() val mapped = toBeMapped.let({ args0 -> of(args0) }) this.labels = mapped } /** * @param value Specifies the forwarding rule type. * For more information about forwarding rules, refer to * [Forwarding rule concepts](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts). * Default value is `EXTERNAL`. * Possible values are: `EXTERNAL`, `EXTERNAL_MANAGED`, `INTERNAL_MANAGED`, `INTERNAL_SELF_MANAGED`. */ @JvmName("osluhehvffjvgkxb") public suspend fun loadBalancingScheme(`value`: String?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.loadBalancingScheme = mapped } /** * @param value Opaque filter criteria used by Loadbalancer to restrict routing * configuration to a limited set xDS compliant clients. In their xDS * requests to Loadbalancer, xDS clients present node metadata. If a * match takes place, the relevant routing configuration is made available * to those proxies. * For each metadataFilter in this list, if its filterMatchCriteria is set * to MATCH_ANY, at least one of the filterLabels must match the * corresponding label provided in the metadata. If its filterMatchCriteria * is set to MATCH_ALL, then all of its filterLabels must match with * corresponding labels in the provided metadata. * metadataFilters specified here can be overridden by those specified in * the UrlMap that this ForwardingRule references. * metadataFilters only applies to Loadbalancers that have their * loadBalancingScheme set to INTERNAL_SELF_MANAGED. * Structure is documented below. */ @JvmName("xicnslgqilahtnnh") public suspend fun metadataFilters(`value`: List?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.metadataFilters = mapped } /** * @param argument Opaque filter criteria used by Loadbalancer to restrict routing * configuration to a limited set xDS compliant clients. In their xDS * requests to Loadbalancer, xDS clients present node metadata. If a * match takes place, the relevant routing configuration is made available * to those proxies. * For each metadataFilter in this list, if its filterMatchCriteria is set * to MATCH_ANY, at least one of the filterLabels must match the * corresponding label provided in the metadata. If its filterMatchCriteria * is set to MATCH_ALL, then all of its filterLabels must match with * corresponding labels in the provided metadata. * metadataFilters specified here can be overridden by those specified in * the UrlMap that this ForwardingRule references. * metadataFilters only applies to Loadbalancers that have their * loadBalancingScheme set to INTERNAL_SELF_MANAGED. * Structure is documented below. */ @JvmName("qnyjdjpngxlrimlm") public suspend fun metadataFilters(argument: List Unit>) { val toBeMapped = argument.toList().map { GlobalForwardingRuleMetadataFilterArgsBuilder().applySuspend { it() }.build() } val mapped = of(toBeMapped) this.metadataFilters = mapped } /** * @param argument Opaque filter criteria used by Loadbalancer to restrict routing * configuration to a limited set xDS compliant clients. In their xDS * requests to Loadbalancer, xDS clients present node metadata. If a * match takes place, the relevant routing configuration is made available * to those proxies. * For each metadataFilter in this list, if its filterMatchCriteria is set * to MATCH_ANY, at least one of the filterLabels must match the * corresponding label provided in the metadata. If its filterMatchCriteria * is set to MATCH_ALL, then all of its filterLabels must match with * corresponding labels in the provided metadata. * metadataFilters specified here can be overridden by those specified in * the UrlMap that this ForwardingRule references. * metadataFilters only applies to Loadbalancers that have their * loadBalancingScheme set to INTERNAL_SELF_MANAGED. * Structure is documented below. */ @JvmName("cpxbuawpxgwgxorn") public suspend fun metadataFilters(vararg argument: suspend GlobalForwardingRuleMetadataFilterArgsBuilder.() -> Unit) { val toBeMapped = argument.toList().map { GlobalForwardingRuleMetadataFilterArgsBuilder().applySuspend { it() }.build() } val mapped = of(toBeMapped) this.metadataFilters = mapped } /** * @param argument Opaque filter criteria used by Loadbalancer to restrict routing * configuration to a limited set xDS compliant clients. In their xDS * requests to Loadbalancer, xDS clients present node metadata. If a * match takes place, the relevant routing configuration is made available * to those proxies. * For each metadataFilter in this list, if its filterMatchCriteria is set * to MATCH_ANY, at least one of the filterLabels must match the * corresponding label provided in the metadata. If its filterMatchCriteria * is set to MATCH_ALL, then all of its filterLabels must match with * corresponding labels in the provided metadata. * metadataFilters specified here can be overridden by those specified in * the UrlMap that this ForwardingRule references. * metadataFilters only applies to Loadbalancers that have their * loadBalancingScheme set to INTERNAL_SELF_MANAGED. * Structure is documented below. */ @JvmName("jpyweutvdeapicuq") public suspend fun metadataFilters(argument: suspend GlobalForwardingRuleMetadataFilterArgsBuilder.() -> Unit) { val toBeMapped = listOf( GlobalForwardingRuleMetadataFilterArgsBuilder().applySuspend { argument() }.build(), ) val mapped = of(toBeMapped) this.metadataFilters = mapped } /** * @param values Opaque filter criteria used by Loadbalancer to restrict routing * configuration to a limited set xDS compliant clients. In their xDS * requests to Loadbalancer, xDS clients present node metadata. If a * match takes place, the relevant routing configuration is made available * to those proxies. * For each metadataFilter in this list, if its filterMatchCriteria is set * to MATCH_ANY, at least one of the filterLabels must match the * corresponding label provided in the metadata. If its filterMatchCriteria * is set to MATCH_ALL, then all of its filterLabels must match with * corresponding labels in the provided metadata. * metadataFilters specified here can be overridden by those specified in * the UrlMap that this ForwardingRule references. * metadataFilters only applies to Loadbalancers that have their * loadBalancingScheme set to INTERNAL_SELF_MANAGED. * Structure is documented below. */ @JvmName("ijwpxnnghigfdmem") public suspend fun metadataFilters(vararg values: GlobalForwardingRuleMetadataFilterArgs) { val toBeMapped = values.toList() val mapped = toBeMapped.let({ args0 -> of(args0) }) this.metadataFilters = mapped } /** * @param value Name of the resource; provided by the client when the resource is created. * The name must be 1-63 characters long, and comply with * [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). * Specifically, the name must be 1-63 characters long and match the regular * expression `a-z?` which means the first * character must be a lowercase letter, and all following characters must * be a dash, lowercase letter, or digit, except the last character, which * cannot be a dash. * For Private Service Connect forwarding rules that forward traffic to Google * APIs, the forwarding rule name must be a 1-20 characters string with * lowercase letters and numbers and must start with a letter. */ @JvmName("eyycsffxleuwbufp") public suspend fun name(`value`: String?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.name = mapped } /** * @param value This field is not used for external load balancing. * For Internal TCP/UDP Load Balancing, this field identifies the network that * the load balanced IP should belong to for this Forwarding Rule. * If the subnetwork is specified, the network of the subnetwork will be used. * If neither subnetwork nor this field is specified, the default network will * be used. * For Private Service Connect forwarding rules that forward traffic to Google * APIs, a network must be provided. */ @JvmName("hgyoxousnrqdnscl") public suspend fun network(`value`: String?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.network = mapped } /** * @param value This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field. */ @JvmName("ffxtdpuqjqpnkvvr") public suspend fun noAutomateDnsZone(`value`: Boolean?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.noAutomateDnsZone = mapped } /** * @param value The `portRange` field has the following limitations: * * It requires that the forwarding rule `IPProtocol` be TCP, UDP, or SCTP, * and * * It's applicable only to the following products: external passthrough * Network Load Balancers, internal and external proxy Network Load * Balancers, internal and external Application Load Balancers, external * protocol forwarding, and Classic VPN. * * Some products have restrictions on what ports can be used. See * [port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#port_specifications) * for details. * For external forwarding rules, two or more forwarding rules cannot use the * same `[IPAddress, IPProtocol]` pair, and cannot have overlapping * `portRange`s. * For internal forwarding rules within the same VPC network, two or more * forwarding rules cannot use the same `[IPAddress, IPProtocol]` pair, and * cannot have overlapping `portRange`s. */ @JvmName("ovoffbwghegajvfn") public suspend fun portRange(`value`: String?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.portRange = mapped } /** * @param value The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ @JvmName("nkthdtopgtppuwul") public suspend fun project(`value`: String?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.project = mapped } /** * @param value Service Directory resources to register this forwarding rule with. * Currently, only supports a single Service Directory resource. * Structure is documented below. */ @JvmName("psmpifrsifgxrrnj") public suspend fun serviceDirectoryRegistrations(`value`: GlobalForwardingRuleServiceDirectoryRegistrationsArgs?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.serviceDirectoryRegistrations = mapped } /** * @param argument Service Directory resources to register this forwarding rule with. * Currently, only supports a single Service Directory resource. * Structure is documented below. */ @JvmName("prsnsiyijayfvxlq") public suspend fun serviceDirectoryRegistrations(argument: suspend GlobalForwardingRuleServiceDirectoryRegistrationsArgsBuilder.() -> Unit) { val toBeMapped = GlobalForwardingRuleServiceDirectoryRegistrationsArgsBuilder().applySuspend { argument() }.build() val mapped = of(toBeMapped) this.serviceDirectoryRegistrations = mapped } /** * @param value If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). */ @JvmName("wimmtqfrlgyhmfhx") public suspend fun sourceIpRanges(`value`: List?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.sourceIpRanges = mapped } /** * @param values If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24). */ @JvmName("nreyixmjmuydmgws") public suspend fun sourceIpRanges(vararg values: String) { val toBeMapped = values.toList() val mapped = toBeMapped.let({ args0 -> of(args0) }) this.sourceIpRanges = mapped } /** * @param value This field identifies the subnetwork that the load balanced IP should * belong to for this Forwarding Rule, used in internal load balancing and * network load balancing with IPv6. * If the network specified is in auto subnet mode, this field is optional. * However, a subnetwork must be specified if the network is in custom subnet * mode or when creating external forwarding rule with IPv6. */ @JvmName("jkwrefpyvfmxqbdt") public suspend fun subnetwork(`value`: String?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.subnetwork = mapped } /** * @param value The URL of the target resource to receive the matched traffic. For * regional forwarding rules, this target must be in the same region as the * forwarding rule. For global forwarding rules, this target must be a global * load balancing resource. * The forwarded traffic must be of a type appropriate to the target object. * * For load balancers, see the "Target" column in [Port specifications](https://cloud.google.com/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). * * For Private Service Connect forwarding rules that forward traffic to Google APIs, provide the name of a supported Google API bundle: * * `vpc-sc` - [ APIs that support VPC Service Controls](https://cloud.google.com/vpc-service-controls/docs/supported-products). * * `all-apis` - [All supported Google APIs](https://cloud.google.com/vpc/docs/private-service-connect#supported-apis). * For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment. * - - - */ @JvmName("fwkdsfwpwvodfgwd") public suspend fun target(`value`: String?) { val toBeMapped = value val mapped = toBeMapped?.let({ args0 -> of(args0) }) this.target = mapped } internal fun build(): GlobalForwardingRuleArgs = GlobalForwardingRuleArgs( allowPscGlobalAccess = allowPscGlobalAccess, description = description, ipAddress = ipAddress, ipProtocol = ipProtocol, ipVersion = ipVersion, labels = labels, loadBalancingScheme = loadBalancingScheme, metadataFilters = metadataFilters, name = name, network = network, noAutomateDnsZone = noAutomateDnsZone, portRange = portRange, project = project, serviceDirectoryRegistrations = serviceDirectoryRegistrations, sourceIpRanges = sourceIpRanges, subnetwork = subnetwork, target = target, ) }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy