Global
Represents a GlobalForwardingRule resource. Global forwarding rules are used to forward traffic to the correct load balancer for HTTP load balancing. Global forwarding rules can only be used for HTTP load balancing. For more information, see https://cloud.google.com/compute/docs/load-balancing/http/
Example Usage
External Ssl Proxy Lb Mig Backend
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.GlobalAddress;
import com.pulumi.tls.PrivateKey;
import com.pulumi.tls.PrivateKeyArgs;
import com.pulumi.tls.SelfSignedCert;
import com.pulumi.tls.SelfSignedCertArgs;
import com.pulumi.tls.inputs.SelfSignedCertSubjectArgs;
import com.pulumi.gcp.compute.SSLCertificate;
import com.pulumi.gcp.compute.SSLCertificateArgs;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.InstanceGroupManager;
import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.InstanceGroupManagerNamedPortArgs;
import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.BackendService;
import com.pulumi.gcp.compute.BackendServiceArgs;
import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
import com.pulumi.gcp.compute.TargetSSLProxy;
import com.pulumi.gcp.compute.TargetSSLProxyArgs;
import com.pulumi.gcp.compute.GlobalForwardingRule;
import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
import com.pulumi.gcp.compute.Firewall;
import com.pulumi.gcp.compute.FirewallArgs;
import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build(), CustomResourceOptions.builder()
.provider(google)
.build());
var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
.ipCidrRange("10.0.1.0/24")
.region("us-central1")
.network(defaultNetwork.id())
.build(), CustomResourceOptions.builder()
.provider(google)
.build());
var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress");
var defaultPrivateKey = new PrivateKey("defaultPrivateKey", PrivateKeyArgs.builder()
.algorithm("RSA")
.rsaBits(2048)
.build());
var defaultSelfSignedCert = new SelfSignedCert("defaultSelfSignedCert", SelfSignedCertArgs.builder()
.keyAlgorithm(defaultPrivateKey.algorithm())
.privateKeyPem(defaultPrivateKey.privateKeyPem())
.validityPeriodHours(12)
.earlyRenewalHours(3)
.allowedUses(
"key_encipherment",
"digital_signature",
"server_auth")
.dnsNames("example.com")
.subject(SelfSignedCertSubjectArgs.builder()
.commonName("example.com")
.organization("ACME Examples, Inc")
.build())
.build());
var defaultSSLCertificate = new SSLCertificate("defaultSSLCertificate", SSLCertificateArgs.builder()
.privateKey(defaultPrivateKey.privateKeyPem())
.certificate(defaultSelfSignedCert.certPem())
.build());
var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()
.timeoutSec(1)
.checkIntervalSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("443")
.build())
.build());
var defaultInstanceTemplate = new InstanceTemplate("defaultInstanceTemplate", InstanceTemplateArgs.builder()
.machineType("e2-small")
.tags("allow-health-check")
.networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
.network(defaultNetwork.id())
.subnetwork(defaultSubnetwork.id())
.accessConfigs()
.build())
.disks(InstanceTemplateDiskArgs.builder()
.sourceImage("debian-cloud/debian-10")
.autoDelete(true)
.boot(true)
.build())
.metadata(Map.of("startup-script", """
#! /bin/bash
set -euo pipefail
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install -y apache2 jq
sudo a2ensite default-ssl
sudo a2enmod ssl
sudo service apache2 restart
NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
cat <<EOF /var/www/html/index.html
<h1>SSL Load Balancer</h1>
<pre>
Name: $NAME
IP: $IP
Metadata: $METADATA
</pre>
EOF
"""))
.build(), CustomResourceOptions.builder()
.provider(google)
.build());
var defaultInstanceGroupManager = new InstanceGroupManager("defaultInstanceGroupManager", InstanceGroupManagerArgs.builder()
.zone("us-central1-c")
.namedPorts(InstanceGroupManagerNamedPortArgs.builder()
.name("tcp")
.port(443)
.build())
.versions(InstanceGroupManagerVersionArgs.builder()
.instanceTemplate(defaultInstanceTemplate.id())
.name("primary")
.build())
.baseInstanceName("vm")
.targetSize(2)
.build(), CustomResourceOptions.builder()
.provider(google)
.build());
var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
.protocol("SSL")
.portName("tcp")
.loadBalancingScheme("EXTERNAL")
.timeoutSec(10)
.healthChecks(defaultHealthCheck.id())
.backends(BackendServiceBackendArgs.builder()
.group(defaultInstanceGroupManager.instanceGroup())
.balancingMode("UTILIZATION")
.maxUtilization(1)
.capacityScaler(1)
.build())
.build());
var defaultTargetSSLProxy = new TargetSSLProxy("defaultTargetSSLProxy", TargetSSLProxyArgs.builder()
.backendService(defaultBackendService.id())
.sslCertificates(defaultSSLCertificate.id())
.build());
var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
.ipProtocol("TCP")
.loadBalancingScheme("EXTERNAL")
.portRange("443")
.target(defaultTargetSSLProxy.id())
.ipAddress(defaultGlobalAddress.id())
.build(), CustomResourceOptions.builder()
.provider(google)
.build());
var defaultFirewall = new Firewall("defaultFirewall", FirewallArgs.builder()
.direction("INGRESS")
.network(defaultNetwork.id())
.sourceRanges(
"130.211.0.0/22",
"35.191.0.0/16")
.allows(FirewallAllowArgs.builder()
.protocol("tcp")
.build())
.targetTags("allow-health-check")
.build(), CustomResourceOptions.builder()
.provider(google)
.build());
}
}Content copied to clipboard
External Tcp Proxy Lb Mig Backend
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.GlobalAddress;
import com.pulumi.gcp.compute.GlobalAddressArgs;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.InstanceGroupManager;
import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.InstanceGroupManagerNamedPortArgs;
import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.BackendService;
import com.pulumi.gcp.compute.BackendServiceArgs;
import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
import com.pulumi.gcp.compute.TargetTCPProxy;
import com.pulumi.gcp.compute.TargetTCPProxyArgs;
import com.pulumi.gcp.compute.GlobalForwardingRule;
import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
import com.pulumi.gcp.compute.Firewall;
import com.pulumi.gcp.compute.FirewallArgs;
import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
.ipCidrRange("10.0.1.0/24")
.region("us-central1")
.network(defaultNetwork.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress", GlobalAddressArgs.Empty, CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()
.timeoutSec(1)
.checkIntervalSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultInstanceTemplate = new InstanceTemplate("defaultInstanceTemplate", InstanceTemplateArgs.builder()
.machineType("e2-small")
.tags("allow-health-check")
.networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
.network(defaultNetwork.id())
.subnetwork(defaultSubnetwork.id())
.accessConfigs()
.build())
.disks(InstanceTemplateDiskArgs.builder()
.sourceImage("debian-cloud/debian-10")
.autoDelete(true)
.boot(true)
.build())
.metadata(Map.of("startup-script", """
#! /bin/bash
set -euo pipefail
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y nginx-light jq
NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
cat <<EOF /var/www/html/index.html
<pre>
Name: $NAME
IP: $IP
Metadata: $METADATA
</pre>
EOF
"""))
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultInstanceGroupManager = new InstanceGroupManager("defaultInstanceGroupManager", InstanceGroupManagerArgs.builder()
.zone("us-central1-c")
.namedPorts(InstanceGroupManagerNamedPortArgs.builder()
.name("tcp")
.port(80)
.build())
.versions(InstanceGroupManagerVersionArgs.builder()
.instanceTemplate(defaultInstanceTemplate.id())
.name("primary")
.build())
.baseInstanceName("vm")
.targetSize(2)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
.protocol("TCP")
.portName("tcp")
.loadBalancingScheme("EXTERNAL")
.timeoutSec(10)
.healthChecks(defaultHealthCheck.id())
.backends(BackendServiceBackendArgs.builder()
.group(defaultInstanceGroupManager.instanceGroup())
.balancingMode("UTILIZATION")
.maxUtilization(1)
.capacityScaler(1)
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultTargetTCPProxy = new TargetTCPProxy("defaultTargetTCPProxy", TargetTCPProxyArgs.builder()
.backendService(defaultBackendService.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
.ipProtocol("TCP")
.loadBalancingScheme("EXTERNAL")
.portRange("110")
.target(defaultTargetTCPProxy.id())
.ipAddress(defaultGlobalAddress.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultFirewall = new Firewall("defaultFirewall", FirewallArgs.builder()
.direction("INGRESS")
.network(defaultNetwork.id())
.sourceRanges(
"130.211.0.0/22",
"35.191.0.0/16")
.allows(FirewallAllowArgs.builder()
.protocol("tcp")
.build())
.targetTags("allow-health-check")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
External Http Lb Mig Backend Custom Header
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.GlobalAddress;
import com.pulumi.gcp.compute.GlobalAddressArgs;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.InstanceGroupManager;
import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.InstanceGroupManagerNamedPortArgs;
import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.BackendService;
import com.pulumi.gcp.compute.BackendServiceArgs;
import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
import com.pulumi.gcp.compute.URLMap;
import com.pulumi.gcp.compute.URLMapArgs;
import com.pulumi.gcp.compute.TargetHttpProxy;
import com.pulumi.gcp.compute.TargetHttpProxyArgs;
import com.pulumi.gcp.compute.GlobalForwardingRule;
import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
import com.pulumi.gcp.compute.Firewall;
import com.pulumi.gcp.compute.FirewallArgs;
import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
.ipCidrRange("10.0.1.0/24")
.region("us-central1")
.network(defaultNetwork.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress", GlobalAddressArgs.Empty, CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()
.httpHealthCheck(HealthCheckHttpHealthCheckArgs.builder()
.portSpecification("USE_SERVING_PORT")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultInstanceTemplate = new InstanceTemplate("defaultInstanceTemplate", InstanceTemplateArgs.builder()
.machineType("e2-small")
.tags("allow-health-check")
.networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
.network(defaultNetwork.id())
.subnetwork(defaultSubnetwork.id())
.accessConfigs()
.build())
.disks(InstanceTemplateDiskArgs.builder()
.sourceImage("debian-cloud/debian-10")
.autoDelete(true)
.boot(true)
.build())
.metadata(Map.of("startup-script", """
#! /bin/bash
set -euo pipefail
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y nginx-light jq
NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
cat <<EOF /var/www/html/index.html
<pre>
Name: $NAME
IP: $IP
Metadata: $METADATA
</pre>
EOF
"""))
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultInstanceGroupManager = new InstanceGroupManager("defaultInstanceGroupManager", InstanceGroupManagerArgs.builder()
.zone("us-central1-c")
.namedPorts(InstanceGroupManagerNamedPortArgs.builder()
.name("http")
.port(8080)
.build())
.versions(InstanceGroupManagerVersionArgs.builder()
.instanceTemplate(defaultInstanceTemplate.id())
.name("primary")
.build())
.baseInstanceName("vm")
.targetSize(2)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
.protocol("HTTP")
.portName("my-port")
.loadBalancingScheme("EXTERNAL")
.timeoutSec(10)
.enableCdn(true)
.customRequestHeaders("X-Client-Geo-Location: {client_region_subdivision}, {client_city}")
.customResponseHeaders("X-Cache-Hit: {cdn_cache_status}")
.healthChecks(defaultHealthCheck.id())
.backends(BackendServiceBackendArgs.builder()
.group(defaultInstanceGroupManager.instanceGroup())
.balancingMode("UTILIZATION")
.capacityScaler(1)
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
.defaultService(defaultBackendService.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()
.urlMap(defaultURLMap.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
.ipProtocol("TCP")
.loadBalancingScheme("EXTERNAL")
.portRange("80")
.target(defaultTargetHttpProxy.id())
.ipAddress(defaultGlobalAddress.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultFirewall = new Firewall("defaultFirewall", FirewallArgs.builder()
.direction("INGRESS")
.network(defaultNetwork.id())
.sourceRanges(
"130.211.0.0/22",
"35.191.0.0/16")
.allows(FirewallAllowArgs.builder()
.protocol("tcp")
.build())
.targetTags("allow-health-check")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Global Forwarding Rule Http
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HttpHealthCheck;
import com.pulumi.gcp.compute.HttpHealthCheckArgs;
import com.pulumi.gcp.compute.BackendService;
import com.pulumi.gcp.compute.BackendServiceArgs;
import com.pulumi.gcp.compute.URLMap;
import com.pulumi.gcp.compute.URLMapArgs;
import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
import com.pulumi.gcp.compute.TargetHttpProxy;
import com.pulumi.gcp.compute.TargetHttpProxyArgs;
import com.pulumi.gcp.compute.GlobalForwardingRule;
import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
.requestPath("/")
.checkIntervalSec(1)
.timeoutSec(1)
.build());
var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
.portName("http")
.protocol("HTTP")
.timeoutSec(10)
.healthChecks(defaultHttpHealthCheck.id())
.build());
var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
.description("a description")
.defaultService(defaultBackendService.id())
.hostRules(URLMapHostRuleArgs.builder()
.hosts("mysite.com")
.pathMatcher("allpaths")
.build())
.pathMatchers(URLMapPathMatcherArgs.builder()
.name("allpaths")
.defaultService(defaultBackendService.id())
.pathRules(URLMapPathMatcherPathRuleArgs.builder()
.paths("/*")
.service(defaultBackendService.id())
.build())
.build())
.build());
var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()
.description("a description")
.urlMap(defaultURLMap.id())
.build());
var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
.target(defaultTargetHttpProxy.id())
.portRange("80")
.build());
}
}Content copied to clipboard
Global Forwarding Rule Internal
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.ComputeFunctions;
import com.pulumi.gcp.compute.inputs.GetImageArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.InstanceGroupManager;
import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.BackendService;
import com.pulumi.gcp.compute.BackendServiceArgs;
import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
import com.pulumi.gcp.compute.URLMap;
import com.pulumi.gcp.compute.URLMapArgs;
import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
import com.pulumi.gcp.compute.TargetHttpProxy;
import com.pulumi.gcp.compute.TargetHttpProxyArgs;
import com.pulumi.gcp.compute.GlobalForwardingRule;
import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
import com.pulumi.gcp.compute.inputs.GlobalForwardingRuleMetadataFilterArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var debianImage = ComputeFunctions.getImage(GetImageArgs.builder()
.family("debian-11")
.project("debian-cloud")
.build());
var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
.machineType("e2-medium")
.networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
.network("default")
.build())
.disks(InstanceTemplateDiskArgs.builder()
.sourceImage(debianImage.applyValue(getImageResult -> getImageResult.selfLink()))
.autoDelete(true)
.boot(true)
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var igm = new InstanceGroupManager("igm", InstanceGroupManagerArgs.builder()
.versions(InstanceGroupManagerVersionArgs.builder()
.instanceTemplate(instanceTemplate.id())
.name("primary")
.build())
.baseInstanceName("internal-glb")
.zone("us-central1-f")
.targetSize(1)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()
.checkIntervalSec(1)
.timeoutSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
.portName("http")
.protocol("HTTP")
.timeoutSec(10)
.loadBalancingScheme("INTERNAL_SELF_MANAGED")
.backends(BackendServiceBackendArgs.builder()
.group(igm.instanceGroup())
.balancingMode("RATE")
.capacityScaler(0.4)
.maxRatePerInstance(50)
.build())
.healthChecks(defaultHealthCheck.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
.description("a description")
.defaultService(defaultBackendService.id())
.hostRules(URLMapHostRuleArgs.builder()
.hosts("mysite.com")
.pathMatcher("allpaths")
.build())
.pathMatchers(URLMapPathMatcherArgs.builder()
.name("allpaths")
.defaultService(defaultBackendService.id())
.pathRules(URLMapPathMatcherPathRuleArgs.builder()
.paths("/*")
.service(defaultBackendService.id())
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()
.description("a description")
.urlMap(defaultURLMap.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
.target(defaultTargetHttpProxy.id())
.portRange("80")
.loadBalancingScheme("INTERNAL_SELF_MANAGED")
.ipAddress("0.0.0.0")
.metadataFilters(GlobalForwardingRuleMetadataFilterArgs.builder()
.filterMatchCriteria("MATCH_ANY")
.filterLabels(GlobalForwardingRuleMetadataFilterFilterLabelArgs.builder()
.name("PLANET")
.value("MARS")
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Global Forwarding Rule External Managed
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.BackendService;
import com.pulumi.gcp.compute.BackendServiceArgs;
import com.pulumi.gcp.compute.URLMap;
import com.pulumi.gcp.compute.URLMapArgs;
import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
import com.pulumi.gcp.compute.TargetHttpProxy;
import com.pulumi.gcp.compute.TargetHttpProxyArgs;
import com.pulumi.gcp.compute.GlobalForwardingRule;
import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
.portName("http")
.protocol("HTTP")
.timeoutSec(10)
.loadBalancingScheme("EXTERNAL_MANAGED")
.build());
var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
.description("a description")
.defaultService(defaultBackendService.id())
.hostRules(URLMapHostRuleArgs.builder()
.hosts("mysite.com")
.pathMatcher("allpaths")
.build())
.pathMatchers(URLMapPathMatcherArgs.builder()
.name("allpaths")
.defaultService(defaultBackendService.id())
.pathRules(URLMapPathMatcherPathRuleArgs.builder()
.paths("/*")
.service(defaultBackendService.id())
.build())
.build())
.build());
var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()
.description("a description")
.urlMap(defaultURLMap.id())
.build());
var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
.target(defaultTargetHttpProxy.id())
.portRange("80")
.loadBalancingScheme("EXTERNAL_MANAGED")
.build());
}
}Content copied to clipboard
Global Forwarding Rule Hybrid
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.NetworkEndpointGroup;
import com.pulumi.gcp.compute.NetworkEndpointGroupArgs;
import com.pulumi.gcp.compute.NetworkEndpoint;
import com.pulumi.gcp.compute.NetworkEndpointArgs;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.BackendService;
import com.pulumi.gcp.compute.BackendServiceArgs;
import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
import com.pulumi.gcp.compute.URLMap;
import com.pulumi.gcp.compute.URLMapArgs;
import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
import com.pulumi.gcp.compute.TargetHttpProxy;
import com.pulumi.gcp.compute.TargetHttpProxyArgs;
import com.pulumi.gcp.compute.GlobalForwardingRule;
import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var subnetworkCidr = config.get("subnetworkCidr").orElse("10.0.0.0/24");
var defaultNetwork = new Network("defaultNetwork");
var internalNetwork = new Network("internalNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var internalSubnetwork = new Subnetwork("internalSubnetwork", SubnetworkArgs.builder()
.network(internalNetwork.id())
.ipCidrRange(subnetworkCidr)
.region("us-central1")
.privateIpGoogleAccess(true)
.build());
var defaultNetworkEndpointGroup = new NetworkEndpointGroup("defaultNetworkEndpointGroup", NetworkEndpointGroupArgs.builder()
.network(defaultNetwork.id())
.defaultPort("90")
.zone("us-central1-a")
.networkEndpointType("GCE_VM_IP_PORT")
.build());
var internalNetworkEndpointGroup = new NetworkEndpointGroup("internalNetworkEndpointGroup", NetworkEndpointGroupArgs.builder()
.network(internalNetwork.id())
.subnetwork(internalSubnetwork.id())
.zone("us-central1-a")
.networkEndpointType("GCE_VM_IP")
.build());
var hybridNetworkEndpointGroup = new NetworkEndpointGroup("hybridNetworkEndpointGroup", NetworkEndpointGroupArgs.builder()
.network(defaultNetwork.id())
.defaultPort("90")
.zone("us-central1-a")
.networkEndpointType("NON_GCP_PRIVATE_IP_PORT")
.build());
var hybrid_endpoint = new NetworkEndpoint("hybrid-endpoint", NetworkEndpointArgs.builder()
.networkEndpointGroup(hybridNetworkEndpointGroup.name())
.port(hybridNetworkEndpointGroup.defaultPort())
.ipAddress("127.0.0.1")
.build());
var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()
.timeoutSec(1)
.checkIntervalSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build());
var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
.portName("http")
.protocol("HTTP")
.timeoutSec(10)
.backends(BackendServiceBackendArgs.builder()
.group(defaultNetworkEndpointGroup.id())
.balancingMode("RATE")
.maxRatePerEndpoint(10)
.build())
.healthChecks(defaultHealthCheck.id())
.build());
var hybridBackendService = new BackendService("hybridBackendService", BackendServiceArgs.builder()
.portName("http")
.protocol("HTTP")
.timeoutSec(10)
.backends(BackendServiceBackendArgs.builder()
.group(hybridNetworkEndpointGroup.id())
.balancingMode("RATE")
.maxRatePerEndpoint(10)
.build())
.healthChecks(defaultHealthCheck.id())
.build());
var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
.description("a description")
.defaultService(defaultBackendService.id())
.hostRules(URLMapHostRuleArgs.builder()
.hosts("mysite.com")
.pathMatcher("allpaths")
.build())
.pathMatchers(URLMapPathMatcherArgs.builder()
.name("allpaths")
.defaultService(defaultBackendService.id())
.pathRules(
URLMapPathMatcherPathRuleArgs.builder()
.paths("/*")
.service(defaultBackendService.id())
.build(),
URLMapPathMatcherPathRuleArgs.builder()
.paths("/hybrid")
.service(hybridBackendService.id())
.build())
.build())
.build());
var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()
.description("a description")
.urlMap(defaultURLMap.id())
.build());
var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
.target(defaultTargetHttpProxy.id())
.portRange("80")
.build());
}
}Content copied to clipboard
Private Service Connect Google Apis
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.GlobalAddress;
import com.pulumi.gcp.compute.GlobalAddressArgs;
import com.pulumi.gcp.compute.GlobalForwardingRule;
import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var network = new Network("network", NetworkArgs.builder()
.project("my-project-name")
.autoCreateSubnetworks(false)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var vpcSubnetwork = new Subnetwork("vpcSubnetwork", SubnetworkArgs.builder()
.project(network.project())
.ipCidrRange("10.2.0.0/16")
.region("us-central1")
.network(network.id())
.privateIpGoogleAccess(true)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress", GlobalAddressArgs.builder()
.project(network.project())
.addressType("INTERNAL")
.purpose("PRIVATE_SERVICE_CONNECT")
.network(network.id())
.address("100.100.100.106")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()
.project(network.project())
.target("all-apis")
.network(network.id())
.ipAddress(defaultGlobalAddress.id())
.loadBalancingScheme("")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Import
GlobalForwardingRule can be imported using any of these accepted formats
$ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default projects/{{project}}/global/forwardingRules/{{name}}Content copied to clipboard
$ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default {{project}}/{{name}}Content copied to clipboard
$ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default {{name}}Content copied to clipboard
////
Properties
Link copied to clipboard
The IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to IP address specifications. An address can be specified either by a literal IP address or a reference to an existing Address resource. If you don't specify a reserved IP address, an ephemeral IP address is assigned. The value must be set to 0.0.0.0 when the target is a targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
Link copied to clipboard
The IP protocol to which this rule applies. When the load balancing scheme is INTERNAL_SELF_MANAGED, only TCP is valid. This field must not be set if the global address is configured as a purpose of PRIVATE_SERVICE_CONNECT and addressType of INTERNAL Possible values are TCP, UDP, ESP, AH, SCTP, and ICMP.
Link copied to clipboard
Link copied to clipboard
Specifies the forwarding rule type. * EXTERNAL is used for: * Classic Cloud VPN gateways * Protocol forwarding to VMs from an external IP address * The following load balancers: HTTP(S), SSL Proxy, TCP Proxy, and Network TCP/UDP * INTERNAL is used for: * Protocol forwarding to VMs from an internal IP address * Internal TCP/UDP load balancers * INTERNAL_MANAGED is used for: * Internal HTTP(S) load balancers * INTERNAL_SELF_MANAGED is used for: * Traffic Director * EXTERNAL_MANAGED is used for: * Global external HTTP(S) load balancers For more information about forwarding rules, refer to /load-balancing/docs/forwarding-rule-concepts. Possible values: INVALID, INTERNAL, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED, EXTERNAL, EXTERNAL_MANAGED
Link copied to clipboard
Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
Link copied to clipboard
Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
Link copied to clipboard
This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same IPAddress, IPProtocol pair must have disjoint port ranges. Some types of forwarding target have constraints on the acceptable ports:
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must live in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object. For INTERNAL_SELF_MANAGED load balancing, only targetHttpProxy is valid, not targetHttpsProxy.