pulumi-gcp-kotlin/com.pulumi.gcp.compute.kotlin/ForwardingRule

ForwardingRule

class ForwardingRule : KotlinCustomResource

A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given IPAddress, IPProtocol, portRange tuple. To get more information about ForwardingRule, see:

Example Usage

Internal Http Lb With Mig Backend

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.RegionInstanceGroupManager;
import com.pulumi.gcp.compute.RegionInstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.RegionInstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.inputs.RegionBackendServiceBackendArgs;
import com.pulumi.gcp.compute.RegionUrlMap;
import com.pulumi.gcp.compute.RegionUrlMapArgs;
import com.pulumi.gcp.compute.RegionTargetHttpProxy;
import com.pulumi.gcp.compute.RegionTargetHttpProxyArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.Firewall;
import com.pulumi.gcp.compute.FirewallArgs;
import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
import com.pulumi.gcp.compute.Instance;
import com.pulumi.gcp.compute.InstanceArgs;
import com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var ilbNetwork = new Network("ilbNetwork", NetworkArgs.builder()
            .autoCreateSubnetworks(false)
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var proxySubnet = new Subnetwork("proxySubnet", SubnetworkArgs.builder()
            .ipCidrRange("10.0.0.0/24")
            .region("europe-west1")
            .purpose("INTERNAL_HTTPS_LOAD_BALANCER")
            .role("ACTIVE")
            .network(ilbNetwork.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var ilbSubnet = new Subnetwork("ilbSubnet", SubnetworkArgs.builder()
            .ipCidrRange("10.0.1.0/24")
            .region("europe-west1")
            .network(ilbNetwork.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
            .region("europe-west1")
            .httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
                .portSpecification("USE_SERVING_PORT")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
            .machineType("e2-small")
            .tags("http-server")
            .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
                .network(ilbNetwork.id())
                .subnetwork(ilbSubnet.id())
                .accessConfigs()
                .build())
            .disks(InstanceTemplateDiskArgs.builder()
                .sourceImage("debian-cloud/debian-10")
                .autoDelete(true)
                .boot(true)
                .build())
            .metadata(Map.of("startup-script", """
#! /bin/bash
set -euo pipefail
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y nginx-light jq
NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
cat <<EOF /var/www/html/index.html
<pre>
Name: $NAME
IP: $IP
Metadata: $METADATA
</pre>
EOF
            """))
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var mig = new RegionInstanceGroupManager("mig", RegionInstanceGroupManagerArgs.builder()
            .region("europe-west1")
            .versions(RegionInstanceGroupManagerVersionArgs.builder()
                .instanceTemplate(instanceTemplate.id())
                .name("primary")
                .build())
            .baseInstanceName("vm")
            .targetSize(2)
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
            .region("europe-west1")
            .protocol("HTTP")
            .loadBalancingScheme("INTERNAL_MANAGED")
            .timeoutSec(10)
            .healthChecks(defaultRegionHealthCheck.id())
            .backends(RegionBackendServiceBackendArgs.builder()
                .group(mig.instanceGroup())
                .balancingMode("UTILIZATION")
                .capacityScaler(1)
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
            .region("europe-west1")
            .defaultService(defaultRegionBackendService.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultRegionTargetHttpProxy = new RegionTargetHttpProxy("defaultRegionTargetHttpProxy", RegionTargetHttpProxyArgs.builder()
            .region("europe-west1")
            .urlMap(defaultRegionUrlMap.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var googleComputeForwardingRule = new ForwardingRule("googleComputeForwardingRule", ForwardingRuleArgs.builder()
            .region("europe-west1")
            .ipProtocol("TCP")
            .loadBalancingScheme("INTERNAL_MANAGED")
            .portRange("80")
            .target(defaultRegionTargetHttpProxy.id())
            .network(ilbNetwork.id())
            .subnetwork(ilbSubnet.id())
            .networkTier("PREMIUM")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(proxySubnet)
                .build());
        var fw_iap = new Firewall("fw-iap", FirewallArgs.builder()
            .direction("INGRESS")
            .network(ilbNetwork.id())
            .sourceRanges(
                "130.211.0.0/22",
                "35.191.0.0/16",
                "35.235.240.0/20")
            .allows(FirewallAllowArgs.builder()
                .protocol("tcp")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var fw_ilb_to_backends = new Firewall("fw-ilb-to-backends", FirewallArgs.builder()
            .direction("INGRESS")
            .network(ilbNetwork.id())
            .sourceRanges("10.0.0.0/24")
            .targetTags("http-server")
            .allows(FirewallAllowArgs.builder()
                .protocol("tcp")
                .ports(
                    "80",
                    "443",
                    "8080")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var vm_test = new Instance("vm-test", InstanceArgs.builder()
            .zone("europe-west1-b")
            .machineType("e2-small")
            .networkInterfaces(InstanceNetworkInterfaceArgs.builder()
                .network(ilbNetwork.id())
                .subnetwork(ilbSubnet.id())
                .build())
            .bootDisk(InstanceBootDiskArgs.builder()
                .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()
                    .image("debian-cloud/debian-10")
                    .build())
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
    }
}
Content copied to clipboard

Internal Tcp Udp Lb With Mig Backend

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.RegionInstanceGroupManager;
import com.pulumi.gcp.compute.RegionInstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.RegionInstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.inputs.RegionBackendServiceBackendArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.Firewall;
import com.pulumi.gcp.compute.FirewallArgs;
import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
import com.pulumi.gcp.compute.Instance;
import com.pulumi.gcp.compute.InstanceArgs;
import com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var ilbNetwork = new Network("ilbNetwork", NetworkArgs.builder()
            .autoCreateSubnetworks(false)
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var ilbSubnet = new Subnetwork("ilbSubnet", SubnetworkArgs.builder()
            .ipCidrRange("10.0.1.0/24")
            .region("europe-west1")
            .network(ilbNetwork.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
            .region("europe-west1")
            .httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
                .port("80")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
            .machineType("e2-small")
            .tags(
                "allow-ssh",
                "allow-health-check")
            .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
                .network(ilbNetwork.id())
                .subnetwork(ilbSubnet.id())
                .accessConfigs()
                .build())
            .disks(InstanceTemplateDiskArgs.builder()
                .sourceImage("debian-cloud/debian-10")
                .autoDelete(true)
                .boot(true)
                .build())
            .metadata(Map.of("startup-script", """
#! /bin/bash
set -euo pipefail
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y nginx-light jq
NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
cat <<EOF /var/www/html/index.html
<pre>
Name: $NAME
IP: $IP
Metadata: $METADATA
</pre>
EOF
            """))
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var mig = new RegionInstanceGroupManager("mig", RegionInstanceGroupManagerArgs.builder()
            .region("europe-west1")
            .versions(RegionInstanceGroupManagerVersionArgs.builder()
                .instanceTemplate(instanceTemplate.id())
                .name("primary")
                .build())
            .baseInstanceName("vm")
            .targetSize(2)
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
            .region("europe-west1")
            .protocol("TCP")
            .loadBalancingScheme("INTERNAL")
            .healthChecks(defaultRegionHealthCheck.id())
            .backends(RegionBackendServiceBackendArgs.builder()
                .group(mig.instanceGroup())
                .balancingMode("CONNECTION")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var googleComputeForwardingRule = new ForwardingRule("googleComputeForwardingRule", ForwardingRuleArgs.builder()
            .backendService(defaultRegionBackendService.id())
            .region("europe-west1")
            .ipProtocol("TCP")
            .loadBalancingScheme("INTERNAL")
            .allPorts(true)
            .allowGlobalAccess(true)
            .network(ilbNetwork.id())
            .subnetwork(ilbSubnet.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var fwHc = new Firewall("fwHc", FirewallArgs.builder()
            .direction("INGRESS")
            .network(ilbNetwork.id())
            .sourceRanges(
                "130.211.0.0/22",
                "35.191.0.0/16",
                "35.235.240.0/20")
            .allows(FirewallAllowArgs.builder()
                .protocol("tcp")
                .build())
            .targetTags("allow-health-check")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var fwIlbToBackends = new Firewall("fwIlbToBackends", FirewallArgs.builder()
            .direction("INGRESS")
            .network(ilbNetwork.id())
            .sourceRanges("10.0.1.0/24")
            .allows(
                FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .build(),
                FirewallAllowArgs.builder()
                    .protocol("udp")
                    .build(),
                FirewallAllowArgs.builder()
                    .protocol("icmp")
                    .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var fwIlbSsh = new Firewall("fwIlbSsh", FirewallArgs.builder()
            .direction("INGRESS")
            .network(ilbNetwork.id())
            .allows(FirewallAllowArgs.builder()
                .protocol("tcp")
                .ports("22")
                .build())
            .targetTags("allow-ssh")
            .sourceRanges("0.0.0.0/0")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var vmTest = new Instance("vmTest", InstanceArgs.builder()
            .zone("europe-west1-b")
            .machineType("e2-small")
            .networkInterfaces(InstanceNetworkInterfaceArgs.builder()
                .network(ilbNetwork.id())
                .subnetwork(ilbSubnet.id())
                .build())
            .bootDisk(InstanceBootDiskArgs.builder()
                .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()
                    .image("debian-cloud/debian-10")
                    .build())
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
    }
}
Content copied to clipboard

Forwarding Rule Externallb

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var hc = new RegionHealthCheck("hc", RegionHealthCheckArgs.builder()
            .checkIntervalSec(1)
            .timeoutSec(1)
            .region("us-central1")
            .tcpHealthCheck(RegionHealthCheckTcpHealthCheckArgs.builder()
                .port("80")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var backend = new RegionBackendService("backend", RegionBackendServiceArgs.builder()
            .region("us-central1")
            .loadBalancingScheme("EXTERNAL")
            .healthChecks(hc.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
            .region("us-central1")
            .portRange(80)
            .backendService(backend.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
    }
}
Content copied to clipboard

Forwarding Rule Global Internallb

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var hc = new HealthCheck("hc", HealthCheckArgs.builder()
            .checkIntervalSec(1)
            .timeoutSec(1)
            .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                .port("80")
                .build())
            .build());
        var backend = new RegionBackendService("backend", RegionBackendServiceArgs.builder()
            .region("us-central1")
            .healthChecks(hc.id())
            .build());
        var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
            .autoCreateSubnetworks(false)
            .build());
        var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
            .ipCidrRange("10.0.0.0/16")
            .region("us-central1")
            .network(defaultNetwork.id())
            .build());
        var defaultForwardingRule = new ForwardingRule("defaultForwardingRule", ForwardingRuleArgs.builder()
            .region("us-central1")
            .loadBalancingScheme("INTERNAL")
            .backendService(backend.id())
            .allPorts(true)
            .allowGlobalAccess(true)
            .network(defaultNetwork.name())
            .subnetwork(defaultSubnetwork.name())
            .build());
    }
}
Content copied to clipboard

Forwarding Rule Basic

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.TargetPool;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var defaultTargetPool = new TargetPool("defaultTargetPool");
        var defaultForwardingRule = new ForwardingRule("defaultForwardingRule", ForwardingRuleArgs.builder()
            .target(defaultTargetPool.id())
            .portRange("80")
            .build());
    }
}
Content copied to clipboard

Forwarding Rule L3 Default

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var healthCheck = new RegionHealthCheck("healthCheck", RegionHealthCheckArgs.builder()
            .region("us-central1")
            .tcpHealthCheck(RegionHealthCheckTcpHealthCheckArgs.builder()
                .port(80)
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var service = new RegionBackendService("service", RegionBackendServiceArgs.builder()
            .region("us-central1")
            .healthChecks(healthCheck.id())
            .protocol("UNSPECIFIED")
            .loadBalancingScheme("EXTERNAL")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var fwdRule = new ForwardingRule("fwdRule", ForwardingRuleArgs.builder()
            .backendService(service.id())
            .ipProtocol("L3_DEFAULT")
            .allPorts(true)
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
    }
}
Content copied to clipboard

Forwarding Rule Internallb

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var hc = new HealthCheck("hc", HealthCheckArgs.builder()
            .checkIntervalSec(1)
            .timeoutSec(1)
            .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                .port("80")
                .build())
            .build());
        var backend = new RegionBackendService("backend", RegionBackendServiceArgs.builder()
            .region("us-central1")
            .healthChecks(hc.id())
            .build());
        var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
            .autoCreateSubnetworks(false)
            .build());
        var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
            .ipCidrRange("10.0.0.0/16")
            .region("us-central1")
            .network(defaultNetwork.id())
            .build());
        var defaultForwardingRule = new ForwardingRule("defaultForwardingRule", ForwardingRuleArgs.builder()
            .region("us-central1")
            .loadBalancingScheme("INTERNAL")
            .backendService(backend.id())
            .allPorts(true)
            .network(defaultNetwork.name())
            .subnetwork(defaultSubnetwork.name())
            .build());
    }
}
Content copied to clipboard

Forwarding Rule Http Lb

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.ComputeFunctions;
import com.pulumi.gcp.compute.inputs.GetImageArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.RegionInstanceGroupManager;
import com.pulumi.gcp.compute.RegionInstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.RegionInstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.Firewall;
import com.pulumi.gcp.compute.FirewallArgs;
import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.inputs.RegionBackendServiceBackendArgs;
import com.pulumi.gcp.compute.RegionUrlMap;
import com.pulumi.gcp.compute.RegionUrlMapArgs;
import com.pulumi.gcp.compute.RegionTargetHttpProxy;
import com.pulumi.gcp.compute.RegionTargetHttpProxyArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var debianImage = ComputeFunctions.getImage(GetImageArgs.builder()
            .family("debian-11")
            .project("debian-cloud")
            .build());
        var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
            .autoCreateSubnetworks(false)
            .routingMode("REGIONAL")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
            .ipCidrRange("10.1.2.0/24")
            .region("us-central1")
            .network(defaultNetwork.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
            .machineType("e2-medium")
            .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
                .network(defaultNetwork.id())
                .subnetwork(defaultSubnetwork.id())
                .build())
            .disks(InstanceTemplateDiskArgs.builder()
                .sourceImage(debianImage.applyValue(getImageResult -> getImageResult.selfLink()))
                .autoDelete(true)
                .boot(true)
                .build())
            .tags(
                "allow-ssh",
                "load-balanced-backend")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var rigm = new RegionInstanceGroupManager("rigm", RegionInstanceGroupManagerArgs.builder()
            .region("us-central1")
            .versions(RegionInstanceGroupManagerVersionArgs.builder()
                .instanceTemplate(instanceTemplate.id())
                .name("primary")
                .build())
            .baseInstanceName("internal-glb")
            .targetSize(1)
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var fw1 = new Firewall("fw1", FirewallArgs.builder()
            .network(defaultNetwork.id())
            .sourceRanges("10.1.2.0/24")
            .allows(
                FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .build(),
                FirewallAllowArgs.builder()
                    .protocol("udp")
                    .build(),
                FirewallAllowArgs.builder()
                    .protocol("icmp")
                    .build())
            .direction("INGRESS")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var fw2 = new Firewall("fw2", FirewallArgs.builder()
            .network(defaultNetwork.id())
            .sourceRanges("0.0.0.0/0")
            .allows(FirewallAllowArgs.builder()
                .protocol("tcp")
                .ports("22")
                .build())
            .targetTags("allow-ssh")
            .direction("INGRESS")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(fw1)
                .build());
        var fw3 = new Firewall("fw3", FirewallArgs.builder()
            .network(defaultNetwork.id())
            .sourceRanges(
                "130.211.0.0/22",
                "35.191.0.0/16")
            .allows(FirewallAllowArgs.builder()
                .protocol("tcp")
                .build())
            .targetTags("load-balanced-backend")
            .direction("INGRESS")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(fw2)
                .build());
        var fw4 = new Firewall("fw4", FirewallArgs.builder()
            .network(defaultNetwork.id())
            .sourceRanges("10.129.0.0/26")
            .targetTags("load-balanced-backend")
            .allows(
                FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .ports("80")
                    .build(),
                FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .ports("443")
                    .build(),
                FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .ports("8000")
                    .build())
            .direction("INGRESS")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(fw3)
                .build());
        var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
            .region("us-central1")
            .httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
                .portSpecification("USE_SERVING_PORT")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(fw4)
                .build());
        var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
            .loadBalancingScheme("INTERNAL_MANAGED")
            .backends(RegionBackendServiceBackendArgs.builder()
                .group(rigm.instanceGroup())
                .balancingMode("UTILIZATION")
                .capacityScaler(1)
                .build())
            .region("us-central1")
            .protocol("HTTP")
            .timeoutSec(10)
            .healthChecks(defaultRegionHealthCheck.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
            .region("us-central1")
            .defaultService(defaultRegionBackendService.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultRegionTargetHttpProxy = new RegionTargetHttpProxy("defaultRegionTargetHttpProxy", RegionTargetHttpProxyArgs.builder()
            .region("us-central1")
            .urlMap(defaultRegionUrlMap.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var proxy = new Subnetwork("proxy", SubnetworkArgs.builder()
            .ipCidrRange("10.129.0.0/26")
            .region("us-central1")
            .network(defaultNetwork.id())
            .purpose("INTERNAL_HTTPS_LOAD_BALANCER")
            .role("ACTIVE")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultForwardingRule = new ForwardingRule("defaultForwardingRule", ForwardingRuleArgs.builder()
            .region("us-central1")
            .ipProtocol("TCP")
            .loadBalancingScheme("INTERNAL_MANAGED")
            .portRange("80")
            .target(defaultRegionTargetHttpProxy.id())
            .network(defaultNetwork.id())
            .subnetwork(defaultSubnetwork.id())
            .networkTier("PREMIUM")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(proxy)
                .build());
    }
}
Content copied to clipboard

Forwarding Rule Regional Http Xlb

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.ComputeFunctions;
import com.pulumi.gcp.compute.inputs.GetImageArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.RegionInstanceGroupManager;
import com.pulumi.gcp.compute.RegionInstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.RegionInstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.Firewall;
import com.pulumi.gcp.compute.FirewallArgs;
import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.inputs.RegionBackendServiceBackendArgs;
import com.pulumi.gcp.compute.RegionUrlMap;
import com.pulumi.gcp.compute.RegionUrlMapArgs;
import com.pulumi.gcp.compute.RegionTargetHttpProxy;
import com.pulumi.gcp.compute.RegionTargetHttpProxyArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var debianImage = ComputeFunctions.getImage(GetImageArgs.builder()
            .family("debian-11")
            .project("debian-cloud")
            .build());
        var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
            .autoCreateSubnetworks(false)
            .routingMode("REGIONAL")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
            .ipCidrRange("10.1.2.0/24")
            .region("us-central1")
            .network(defaultNetwork.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
            .machineType("e2-medium")
            .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
                .network(defaultNetwork.id())
                .subnetwork(defaultSubnetwork.id())
                .build())
            .disks(InstanceTemplateDiskArgs.builder()
                .sourceImage(debianImage.applyValue(getImageResult -> getImageResult.selfLink()))
                .autoDelete(true)
                .boot(true)
                .build())
            .tags(
                "allow-ssh",
                "load-balanced-backend")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var rigm = new RegionInstanceGroupManager("rigm", RegionInstanceGroupManagerArgs.builder()
            .region("us-central1")
            .versions(RegionInstanceGroupManagerVersionArgs.builder()
                .instanceTemplate(instanceTemplate.id())
                .name("primary")
                .build())
            .baseInstanceName("internal-glb")
            .targetSize(1)
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var fw1 = new Firewall("fw1", FirewallArgs.builder()
            .network(defaultNetwork.id())
            .sourceRanges("10.1.2.0/24")
            .allows(
                FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .build(),
                FirewallAllowArgs.builder()
                    .protocol("udp")
                    .build(),
                FirewallAllowArgs.builder()
                    .protocol("icmp")
                    .build())
            .direction("INGRESS")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var fw2 = new Firewall("fw2", FirewallArgs.builder()
            .network(defaultNetwork.id())
            .sourceRanges("0.0.0.0/0")
            .allows(FirewallAllowArgs.builder()
                .protocol("tcp")
                .ports("22")
                .build())
            .targetTags("allow-ssh")
            .direction("INGRESS")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(fw1)
                .build());
        var fw3 = new Firewall("fw3", FirewallArgs.builder()
            .network(defaultNetwork.id())
            .sourceRanges(
                "130.211.0.0/22",
                "35.191.0.0/16")
            .allows(FirewallAllowArgs.builder()
                .protocol("tcp")
                .build())
            .targetTags("load-balanced-backend")
            .direction("INGRESS")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(fw2)
                .build());
        var fw4 = new Firewall("fw4", FirewallArgs.builder()
            .network(defaultNetwork.id())
            .sourceRanges("10.129.0.0/26")
            .targetTags("load-balanced-backend")
            .allows(
                FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .ports("80")
                    .build(),
                FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .ports("443")
                    .build(),
                FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .ports("8000")
                    .build())
            .direction("INGRESS")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(fw3)
                .build());
        var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
            .region("us-central1")
            .httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
                .portSpecification("USE_SERVING_PORT")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(fw4)
                .build());
        var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
            .loadBalancingScheme("EXTERNAL_MANAGED")
            .backends(RegionBackendServiceBackendArgs.builder()
                .group(rigm.instanceGroup())
                .balancingMode("UTILIZATION")
                .capacityScaler(1)
                .build())
            .region("us-central1")
            .protocol("HTTP")
            .timeoutSec(10)
            .healthChecks(defaultRegionHealthCheck.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
            .region("us-central1")
            .defaultService(defaultRegionBackendService.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultRegionTargetHttpProxy = new RegionTargetHttpProxy("defaultRegionTargetHttpProxy", RegionTargetHttpProxyArgs.builder()
            .region("us-central1")
            .urlMap(defaultRegionUrlMap.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultAddress = new Address("defaultAddress", AddressArgs.builder()
            .region("us-central1")
            .networkTier("STANDARD")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var proxy = new Subnetwork("proxy", SubnetworkArgs.builder()
            .ipCidrRange("10.129.0.0/26")
            .region("us-central1")
            .network(defaultNetwork.id())
            .purpose("REGIONAL_MANAGED_PROXY")
            .role("ACTIVE")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultForwardingRule = new ForwardingRule("defaultForwardingRule", ForwardingRuleArgs.builder()
            .region("us-central1")
            .ipProtocol("TCP")
            .loadBalancingScheme("EXTERNAL_MANAGED")
            .portRange("80")
            .target(defaultRegionTargetHttpProxy.id())
            .network(defaultNetwork.id())
            .ipAddress(defaultAddress.id())
            .networkTier("STANDARD")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(proxy)
                .build());
    }
}
Content copied to clipboard

Forwarding Rule VPC Psc

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.ServiceAttachment;
import com.pulumi.gcp.compute.ServiceAttachmentArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var consumerNet = new Network("consumerNet", NetworkArgs.builder()
            .autoCreateSubnetworks(false)
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var consumerSubnet = new Subnetwork("consumerSubnet", SubnetworkArgs.builder()
            .ipCidrRange("10.0.0.0/16")
            .region("us-central1")
            .network(consumerNet.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var consumerAddress = new Address("consumerAddress", AddressArgs.builder()
            .region("us-central1")
            .subnetwork(consumerSubnet.id())
            .addressType("INTERNAL")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var producerNet = new Network("producerNet", NetworkArgs.builder()
            .autoCreateSubnetworks(false)
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var pscProducerSubnet = new Subnetwork("pscProducerSubnet", SubnetworkArgs.builder()
            .ipCidrRange("10.1.0.0/16")
            .region("us-central1")
            .purpose("PRIVATE_SERVICE_CONNECT")
            .network(producerNet.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var producerSubnet = new Subnetwork("producerSubnet", SubnetworkArgs.builder()
            .ipCidrRange("10.0.0.0/16")
            .region("us-central1")
            .network(producerNet.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
            .checkIntervalSec(1)
            .timeoutSec(1)
            .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                .port("80")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
            .region("us-central1")
            .healthChecks(producerServiceHealthCheck.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var producerTargetService = new ForwardingRule("producerTargetService", ForwardingRuleArgs.builder()
            .region("us-central1")
            .loadBalancingScheme("INTERNAL")
            .backendService(producerServiceBackend.id())
            .allPorts(true)
            .network(producerNet.name())
            .subnetwork(producerSubnet.name())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var producerServiceAttachment = new ServiceAttachment("producerServiceAttachment", ServiceAttachmentArgs.builder()
            .region("us-central1")
            .description("A service attachment configured with Terraform")
            .enableProxyProtocol(true)
            .connectionPreference("ACCEPT_AUTOMATIC")
            .natSubnets(pscProducerSubnet.name())
            .targetService(producerTargetService.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
            .region("us-central1")
            .loadBalancingScheme("")
            .target(producerServiceAttachment.id())
            .network(consumerNet.name())
            .ipAddress(consumerAddress.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
    }
}
Content copied to clipboard

Import

ForwardingRule can be imported using any of these accepted formats

$ pulumi import gcp:compute/forwardingRule:ForwardingRule default projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}
Content copied to clipboard
$ pulumi import gcp:compute/forwardingRule:ForwardingRule default {{project}}/{{region}}/{{name}}
Content copied to clipboard
$ pulumi import gcp:compute/forwardingRule:ForwardingRule default {{region}}/{{name}}
Content copied to clipboard
$ pulumi import gcp:compute/forwardingRule:ForwardingRule default {{name}}
Content copied to clipboard

Properties

Link copied to clipboard
val allowGlobalAccess: Output<Boolean>?

If true, clients can access ILB from all regions. Otherwise only allows from the local region the ILB is located at.

Link copied to clipboard
val allPorts: Output<Boolean>?

This field can be used with internal load balancer or network load balancer when the forwarding rule references a backend service, or with the target field when it references a TargetInstance. Set this to true to allow packets addressed to any ports to be forwarded to the backends configured with this forwarding rule. This can be used when the protocol is TCP/UDP, and it must be set to true when the protocol is set to L3_DEFAULT. Cannot be set if port or portRange are set.

Link copied to clipboard
val backendService: Output<String>?

A BackendService to receive the matched traffic. This is used only for INTERNAL load balancing.

Link copied to clipboard
val creationTimestamp: Output<String>

Creation timestamp in RFC3339 text format.

Link copied to clipboard
val description: Output<String>?

An optional description of this resource. Provide this property when you create the resource.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val ipAddress: Output<String>

The IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to IP address specifications. An address can be specified either by a literal IP address or a reference to an existing Address resource. If you don't specify a reserved IP address, an ephemeral IP address is assigned. The value must be set to 0.0.0.0 when the target is a targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.

Link copied to clipboard
val ipProtocol: Output<String>

The IP protocol to which this rule applies. When the load balancing scheme is INTERNAL, only TCP and UDP are valid. Possible values are TCP, UDP, ESP, AH, SCTP, ICMP, and L3_DEFAULT.

Link copied to clipboard
val isMirroringCollector: Output<Boolean>?

Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.

Link copied to clipboard
val labelFingerprint: Output<String>

Used internally during label updates.

Link copied to clipboard
val labels: Output<Map<String, String>>?

Labels to apply to this rule.

Link copied to clipboard
val loadBalancingScheme: Output<String>?

Specifies the forwarding rule type. * EXTERNAL is used for: * Classic Cloud VPN gateways * Protocol forwarding to VMs from an external IP address * The following load balancers: HTTP(S), SSL Proxy, TCP Proxy, and Network TCP/UDP * INTERNAL is used for: * Protocol forwarding to VMs from an internal IP address * Internal TCP/UDP load balancers * INTERNAL_MANAGED is used for: * Internal HTTP(S) load balancers * INTERNAL_SELF_MANAGED is used for: * Traffic Director * EXTERNAL_MANAGED is used for: * Global external HTTP(S) load balancers For more information about forwarding rules, refer to /load-balancing/docs/forwarding-rule-concepts. Possible values: INVALID, INTERNAL, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED, EXTERNAL, EXTERNAL_MANAGED

Link copied to clipboard
val name: Output<String>

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

Link copied to clipboard
val network: Output<String>

For internal load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. This field is only used for INTERNAL load balancing.

Link copied to clipboard
val networkTier: Output<String>

The networking tier used for configuring this address. If this field is not specified, it is assumed to be PREMIUM. Possible values are PREMIUM and STANDARD.

Link copied to clipboard
val portRange: Output<String>?

This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same IPAddress, IPProtocol pair must have disjoint port ranges. Some types of forwarding target have constraints on the acceptable ports:

Link copied to clipboard
val ports: Output<List<String>>?

This field is used along with internal load balancing and network load balancer when the forwarding rule references a backend service and when protocol is not L3_DEFAULT. A single port or a comma separated list of ports can be configured. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule. You can only use one of ports and portRange, or allPorts. The three are mutually exclusive. You may specify a maximum of up to 5 ports, which can be non-contiguous.

Link copied to clipboard
val project: Output<String>

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Link copied to clipboard
val pscConnectionId: Output<String>

The PSC connection id of the PSC Forwarding Rule.

Link copied to clipboard
val pscConnectionStatus: Output<String>

The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val region: Output<String>

A reference to the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules.

Link copied to clipboard
val selfLink: Output<String>

The URI of the created resource.

Link copied to clipboard
val serviceDirectoryRegistrations: Output<List<ForwardingRuleServiceDirectoryRegistration>>

Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. Structure is documented below.

Link copied to clipboard
val serviceLabel: Output<String>?

An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for INTERNAL load balancing.

Link copied to clipboard
val serviceName: Output<String>

The internal fully qualified service name for this Forwarding Rule. This field is only used for INTERNAL load balancing.

Link copied to clipboard
val subnetwork: Output<String>

The subnetwork that the load balanced IP should belong to for this Forwarding Rule. This field is only used for INTERNAL load balancing. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.

Link copied to clipboard
val target: Output<String>?

The URL of the target resource to receive the matched traffic. The target must live in the same region as the forwarding rule. The forwarded traffic must be of a type appropriate to the target object.

Link copied to clipboard
val urn: Output<String>