Forwarding
data class ForwardingRuleArgs(val allPorts: Output<Boolean>? = null, val allowGlobalAccess: Output<Boolean>? = null, val allowPscGlobalAccess: Output<Boolean>? = null, val backendService: Output<String>? = null, val description: Output<String>? = null, val ipAddress: Output<String>? = null, val ipProtocol: Output<String>? = null, val ipVersion: Output<String>? = null, val isMirroringCollector: Output<Boolean>? = null, val labels: Output<Map<String, String>>? = null, val loadBalancingScheme: Output<String>? = null, val name: Output<String>? = null, val network: Output<String>? = null, val networkTier: Output<String>? = null, val noAutomateDnsZone: Output<Boolean>? = null, val portRange: Output<String>? = null, val ports: Output<List<String>>? = null, val project: Output<String>? = null, val region: Output<String>? = null, val serviceDirectoryRegistrations: Output<List<ForwardingRuleServiceDirectoryRegistrationArgs>>? = null, val serviceLabel: Output<String>? = null, val sourceIpRanges: Output<List<String>>? = null, val subnetwork: Output<String>? = null, val target: Output<String>? = null) : ConvertibleToJava<ForwardingRuleArgs>
A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given IPAddress, IPProtocol, portRange tuple. To get more information about ForwardingRule, see:
How-to Guides
Example Usage
Internal Http Lb With Mig Backend
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.RegionInstanceGroupManager;
import com.pulumi.gcp.compute.RegionInstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.RegionInstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.inputs.RegionBackendServiceBackendArgs;
import com.pulumi.gcp.compute.RegionUrlMap;
import com.pulumi.gcp.compute.RegionUrlMapArgs;
import com.pulumi.gcp.compute.RegionTargetHttpProxy;
import com.pulumi.gcp.compute.RegionTargetHttpProxyArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.Firewall;
import com.pulumi.gcp.compute.FirewallArgs;
import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
import com.pulumi.gcp.compute.Instance;
import com.pulumi.gcp.compute.InstanceArgs;
import com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var ilbNetwork = new Network("ilbNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var proxySubnet = new Subnetwork("proxySubnet", SubnetworkArgs.builder()
.ipCidrRange("10.0.0.0/24")
.region("europe-west1")
.purpose("REGIONAL_MANAGED_PROXY")
.role("ACTIVE")
.network(ilbNetwork.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var ilbSubnet = new Subnetwork("ilbSubnet", SubnetworkArgs.builder()
.ipCidrRange("10.0.1.0/24")
.region("europe-west1")
.network(ilbNetwork.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
.region("europe-west1")
.httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
.portSpecification("USE_SERVING_PORT")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
.machineType("e2-small")
.tags("http-server")
.networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
.network(ilbNetwork.id())
.subnetwork(ilbSubnet.id())
.accessConfigs()
.build())
.disks(InstanceTemplateDiskArgs.builder()
.sourceImage("debian-cloud/debian-10")
.autoDelete(true)
.boot(true)
.build())
.metadata(Map.of("startup-script", """
#! /bin/bash
set -euo pipefail
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y nginx-light jq
NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
cat <<EOF /var/www/html/index.html
<pre>
Name: $NAME
IP: $IP
Metadata: $METADATA
</pre>
EOF
"""))
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var mig = new RegionInstanceGroupManager("mig", RegionInstanceGroupManagerArgs.builder()
.region("europe-west1")
.versions(RegionInstanceGroupManagerVersionArgs.builder()
.instanceTemplate(instanceTemplate.id())
.name("primary")
.build())
.baseInstanceName("vm")
.targetSize(2)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
.region("europe-west1")
.protocol("HTTP")
.loadBalancingScheme("INTERNAL_MANAGED")
.timeoutSec(10)
.healthChecks(defaultRegionHealthCheck.id())
.backends(RegionBackendServiceBackendArgs.builder()
.group(mig.instanceGroup())
.balancingMode("UTILIZATION")
.capacityScaler(1)
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
.region("europe-west1")
.defaultService(defaultRegionBackendService.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultRegionTargetHttpProxy = new RegionTargetHttpProxy("defaultRegionTargetHttpProxy", RegionTargetHttpProxyArgs.builder()
.region("europe-west1")
.urlMap(defaultRegionUrlMap.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var googleComputeForwardingRule = new ForwardingRule("googleComputeForwardingRule", ForwardingRuleArgs.builder()
.region("europe-west1")
.ipProtocol("TCP")
.loadBalancingScheme("INTERNAL_MANAGED")
.portRange("80")
.target(defaultRegionTargetHttpProxy.id())
.network(ilbNetwork.id())
.subnetwork(ilbSubnet.id())
.networkTier("PREMIUM")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(proxySubnet)
.build());
var fw_iap = new Firewall("fw-iap", FirewallArgs.builder()
.direction("INGRESS")
.network(ilbNetwork.id())
.sourceRanges(
"130.211.0.0/22",
"35.191.0.0/16",
"35.235.240.0/20")
.allows(FirewallAllowArgs.builder()
.protocol("tcp")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var fw_ilb_to_backends = new Firewall("fw-ilb-to-backends", FirewallArgs.builder()
.direction("INGRESS")
.network(ilbNetwork.id())
.sourceRanges("10.0.0.0/24")
.targetTags("http-server")
.allows(FirewallAllowArgs.builder()
.protocol("tcp")
.ports(
"80",
"443",
"8080")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var vm_test = new Instance("vm-test", InstanceArgs.builder()
.zone("europe-west1-b")
.machineType("e2-small")
.networkInterfaces(InstanceNetworkInterfaceArgs.builder()
.network(ilbNetwork.id())
.subnetwork(ilbSubnet.id())
.build())
.bootDisk(InstanceBootDiskArgs.builder()
.initializeParams(InstanceBootDiskInitializeParamsArgs.builder()
.image("debian-cloud/debian-10")
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Internal Tcp Udp Lb With Mig Backend
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.RegionInstanceGroupManager;
import com.pulumi.gcp.compute.RegionInstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.RegionInstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.inputs.RegionBackendServiceBackendArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.Firewall;
import com.pulumi.gcp.compute.FirewallArgs;
import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
import com.pulumi.gcp.compute.Instance;
import com.pulumi.gcp.compute.InstanceArgs;
import com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var ilbNetwork = new Network("ilbNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var ilbSubnet = new Subnetwork("ilbSubnet", SubnetworkArgs.builder()
.ipCidrRange("10.0.1.0/24")
.region("europe-west1")
.network(ilbNetwork.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
.region("europe-west1")
.httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
.port("80")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
.machineType("e2-small")
.tags(
"allow-ssh",
"allow-health-check")
.networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
.network(ilbNetwork.id())
.subnetwork(ilbSubnet.id())
.accessConfigs()
.build())
.disks(InstanceTemplateDiskArgs.builder()
.sourceImage("debian-cloud/debian-10")
.autoDelete(true)
.boot(true)
.build())
.metadata(Map.of("startup-script", """
#! /bin/bash
set -euo pipefail
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y nginx-light jq
NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
cat <<EOF /var/www/html/index.html
<pre>
Name: $NAME
IP: $IP
Metadata: $METADATA
</pre>
EOF
"""))
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var mig = new RegionInstanceGroupManager("mig", RegionInstanceGroupManagerArgs.builder()
.region("europe-west1")
.versions(RegionInstanceGroupManagerVersionArgs.builder()
.instanceTemplate(instanceTemplate.id())
.name("primary")
.build())
.baseInstanceName("vm")
.targetSize(2)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
.region("europe-west1")
.protocol("TCP")
.loadBalancingScheme("INTERNAL")
.healthChecks(defaultRegionHealthCheck.id())
.backends(RegionBackendServiceBackendArgs.builder()
.group(mig.instanceGroup())
.balancingMode("CONNECTION")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var googleComputeForwardingRule = new ForwardingRule("googleComputeForwardingRule", ForwardingRuleArgs.builder()
.backendService(defaultRegionBackendService.id())
.region("europe-west1")
.ipProtocol("TCP")
.loadBalancingScheme("INTERNAL")
.allPorts(true)
.allowGlobalAccess(true)
.network(ilbNetwork.id())
.subnetwork(ilbSubnet.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var fwHc = new Firewall("fwHc", FirewallArgs.builder()
.direction("INGRESS")
.network(ilbNetwork.id())
.sourceRanges(
"130.211.0.0/22",
"35.191.0.0/16",
"35.235.240.0/20")
.allows(FirewallAllowArgs.builder()
.protocol("tcp")
.build())
.targetTags("allow-health-check")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var fwIlbToBackends = new Firewall("fwIlbToBackends", FirewallArgs.builder()
.direction("INGRESS")
.network(ilbNetwork.id())
.sourceRanges("10.0.1.0/24")
.allows(
FirewallAllowArgs.builder()
.protocol("tcp")
.build(),
FirewallAllowArgs.builder()
.protocol("udp")
.build(),
FirewallAllowArgs.builder()
.protocol("icmp")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var fwIlbSsh = new Firewall("fwIlbSsh", FirewallArgs.builder()
.direction("INGRESS")
.network(ilbNetwork.id())
.allows(FirewallAllowArgs.builder()
.protocol("tcp")
.ports("22")
.build())
.targetTags("allow-ssh")
.sourceRanges("0.0.0.0/0")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var vmTest = new Instance("vmTest", InstanceArgs.builder()
.zone("europe-west1-b")
.machineType("e2-small")
.networkInterfaces(InstanceNetworkInterfaceArgs.builder()
.network(ilbNetwork.id())
.subnetwork(ilbSubnet.id())
.build())
.bootDisk(InstanceBootDiskArgs.builder()
.initializeParams(InstanceBootDiskInitializeParamsArgs.builder()
.image("debian-cloud/debian-10")
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Forwarding Rule Externallb
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var hc = new RegionHealthCheck("hc", RegionHealthCheckArgs.builder()
.checkIntervalSec(1)
.timeoutSec(1)
.region("us-central1")
.tcpHealthCheck(RegionHealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var backend = new RegionBackendService("backend", RegionBackendServiceArgs.builder()
.region("us-central1")
.loadBalancingScheme("EXTERNAL")
.healthChecks(hc.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
.region("us-central1")
.portRange(80)
.backendService(backend.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Forwarding Rule Global Internallb
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var hc = new HealthCheck("hc", HealthCheckArgs.builder()
.checkIntervalSec(1)
.timeoutSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build());
var backend = new RegionBackendService("backend", RegionBackendServiceArgs.builder()
.region("us-central1")
.healthChecks(hc.id())
.build());
var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.network(defaultNetwork.id())
.build());
var defaultForwardingRule = new ForwardingRule("defaultForwardingRule", ForwardingRuleArgs.builder()
.region("us-central1")
.loadBalancingScheme("INTERNAL")
.backendService(backend.id())
.allPorts(true)
.allowGlobalAccess(true)
.network(defaultNetwork.name())
.subnetwork(defaultSubnetwork.name())
.build());
}
}Content copied to clipboard
Forwarding Rule Basic
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.TargetPool;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultTargetPool = new TargetPool("defaultTargetPool");
var defaultForwardingRule = new ForwardingRule("defaultForwardingRule", ForwardingRuleArgs.builder()
.target(defaultTargetPool.id())
.portRange("80")
.build());
}
}Content copied to clipboard
Forwarding Rule L3 Default
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var healthCheck = new RegionHealthCheck("healthCheck", RegionHealthCheckArgs.builder()
.region("us-central1")
.tcpHealthCheck(RegionHealthCheckTcpHealthCheckArgs.builder()
.port(80)
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var service = new RegionBackendService("service", RegionBackendServiceArgs.builder()
.region("us-central1")
.healthChecks(healthCheck.id())
.protocol("UNSPECIFIED")
.loadBalancingScheme("EXTERNAL")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var fwdRule = new ForwardingRule("fwdRule", ForwardingRuleArgs.builder()
.backendService(service.id())
.ipProtocol("L3_DEFAULT")
.allPorts(true)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Forwarding Rule Internallb
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var hc = new HealthCheck("hc", HealthCheckArgs.builder()
.checkIntervalSec(1)
.timeoutSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build());
var backend = new RegionBackendService("backend", RegionBackendServiceArgs.builder()
.region("us-central1")
.healthChecks(hc.id())
.build());
var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.network(defaultNetwork.id())
.build());
var defaultForwardingRule = new ForwardingRule("defaultForwardingRule", ForwardingRuleArgs.builder()
.region("us-central1")
.loadBalancingScheme("INTERNAL")
.backendService(backend.id())
.allPorts(true)
.network(defaultNetwork.name())
.subnetwork(defaultSubnetwork.name())
.ipVersion("IPV4")
.build());
}
}Content copied to clipboard
Forwarding Rule Http Lb
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.ComputeFunctions;
import com.pulumi.gcp.compute.inputs.GetImageArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.RegionInstanceGroupManager;
import com.pulumi.gcp.compute.RegionInstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.RegionInstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.Firewall;
import com.pulumi.gcp.compute.FirewallArgs;
import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.inputs.RegionBackendServiceBackendArgs;
import com.pulumi.gcp.compute.RegionUrlMap;
import com.pulumi.gcp.compute.RegionUrlMapArgs;
import com.pulumi.gcp.compute.RegionTargetHttpProxy;
import com.pulumi.gcp.compute.RegionTargetHttpProxyArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var debianImage = ComputeFunctions.getImage(GetImageArgs.builder()
.family("debian-11")
.project("debian-cloud")
.build());
var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.routingMode("REGIONAL")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
.ipCidrRange("10.1.2.0/24")
.region("us-central1")
.network(defaultNetwork.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
.machineType("e2-medium")
.networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
.network(defaultNetwork.id())
.subnetwork(defaultSubnetwork.id())
.build())
.disks(InstanceTemplateDiskArgs.builder()
.sourceImage(debianImage.applyValue(getImageResult -> getImageResult.selfLink()))
.autoDelete(true)
.boot(true)
.build())
.tags(
"allow-ssh",
"load-balanced-backend")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var rigm = new RegionInstanceGroupManager("rigm", RegionInstanceGroupManagerArgs.builder()
.region("us-central1")
.versions(RegionInstanceGroupManagerVersionArgs.builder()
.instanceTemplate(instanceTemplate.id())
.name("primary")
.build())
.baseInstanceName("internal-glb")
.targetSize(1)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var fw1 = new Firewall("fw1", FirewallArgs.builder()
.network(defaultNetwork.id())
.sourceRanges("10.1.2.0/24")
.allows(
FirewallAllowArgs.builder()
.protocol("tcp")
.build(),
FirewallAllowArgs.builder()
.protocol("udp")
.build(),
FirewallAllowArgs.builder()
.protocol("icmp")
.build())
.direction("INGRESS")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var fw2 = new Firewall("fw2", FirewallArgs.builder()
.network(defaultNetwork.id())
.sourceRanges("0.0.0.0/0")
.allows(FirewallAllowArgs.builder()
.protocol("tcp")
.ports("22")
.build())
.targetTags("allow-ssh")
.direction("INGRESS")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(fw1)
.build());
var fw3 = new Firewall("fw3", FirewallArgs.builder()
.network(defaultNetwork.id())
.sourceRanges(
"130.211.0.0/22",
"35.191.0.0/16")
.allows(FirewallAllowArgs.builder()
.protocol("tcp")
.build())
.targetTags("load-balanced-backend")
.direction("INGRESS")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(fw2)
.build());
var fw4 = new Firewall("fw4", FirewallArgs.builder()
.network(defaultNetwork.id())
.sourceRanges("10.129.0.0/26")
.targetTags("load-balanced-backend")
.allows(
FirewallAllowArgs.builder()
.protocol("tcp")
.ports("80")
.build(),
FirewallAllowArgs.builder()
.protocol("tcp")
.ports("443")
.build(),
FirewallAllowArgs.builder()
.protocol("tcp")
.ports("8000")
.build())
.direction("INGRESS")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(fw3)
.build());
var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
.region("us-central1")
.httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
.portSpecification("USE_SERVING_PORT")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(fw4)
.build());
var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
.loadBalancingScheme("INTERNAL_MANAGED")
.backends(RegionBackendServiceBackendArgs.builder()
.group(rigm.instanceGroup())
.balancingMode("UTILIZATION")
.capacityScaler(1)
.build())
.region("us-central1")
.protocol("HTTP")
.timeoutSec(10)
.healthChecks(defaultRegionHealthCheck.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
.region("us-central1")
.defaultService(defaultRegionBackendService.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultRegionTargetHttpProxy = new RegionTargetHttpProxy("defaultRegionTargetHttpProxy", RegionTargetHttpProxyArgs.builder()
.region("us-central1")
.urlMap(defaultRegionUrlMap.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var proxy = new Subnetwork("proxy", SubnetworkArgs.builder()
.ipCidrRange("10.129.0.0/26")
.region("us-central1")
.network(defaultNetwork.id())
.purpose("REGIONAL_MANAGED_PROXY")
.role("ACTIVE")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultForwardingRule = new ForwardingRule("defaultForwardingRule", ForwardingRuleArgs.builder()
.region("us-central1")
.ipProtocol("TCP")
.loadBalancingScheme("INTERNAL_MANAGED")
.portRange("80")
.target(defaultRegionTargetHttpProxy.id())
.network(defaultNetwork.id())
.subnetwork(defaultSubnetwork.id())
.networkTier("PREMIUM")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(proxy)
.build());
}
}Content copied to clipboard
Forwarding Rule Regional Http Xlb
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.ComputeFunctions;
import com.pulumi.gcp.compute.inputs.GetImageArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.RegionInstanceGroupManager;
import com.pulumi.gcp.compute.RegionInstanceGroupManagerArgs;
import com.pulumi.gcp.compute.inputs.RegionInstanceGroupManagerVersionArgs;
import com.pulumi.gcp.compute.Firewall;
import com.pulumi.gcp.compute.FirewallArgs;
import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.inputs.RegionBackendServiceBackendArgs;
import com.pulumi.gcp.compute.RegionUrlMap;
import com.pulumi.gcp.compute.RegionUrlMapArgs;
import com.pulumi.gcp.compute.RegionTargetHttpProxy;
import com.pulumi.gcp.compute.RegionTargetHttpProxyArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var debianImage = ComputeFunctions.getImage(GetImageArgs.builder()
.family("debian-11")
.project("debian-cloud")
.build());
var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.routingMode("REGIONAL")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
.ipCidrRange("10.1.2.0/24")
.region("us-central1")
.network(defaultNetwork.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
.machineType("e2-medium")
.networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
.network(defaultNetwork.id())
.subnetwork(defaultSubnetwork.id())
.build())
.disks(InstanceTemplateDiskArgs.builder()
.sourceImage(debianImage.applyValue(getImageResult -> getImageResult.selfLink()))
.autoDelete(true)
.boot(true)
.build())
.tags(
"allow-ssh",
"load-balanced-backend")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var rigm = new RegionInstanceGroupManager("rigm", RegionInstanceGroupManagerArgs.builder()
.region("us-central1")
.versions(RegionInstanceGroupManagerVersionArgs.builder()
.instanceTemplate(instanceTemplate.id())
.name("primary")
.build())
.baseInstanceName("internal-glb")
.targetSize(1)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var fw1 = new Firewall("fw1", FirewallArgs.builder()
.network(defaultNetwork.id())
.sourceRanges("10.1.2.0/24")
.allows(
FirewallAllowArgs.builder()
.protocol("tcp")
.build(),
FirewallAllowArgs.builder()
.protocol("udp")
.build(),
FirewallAllowArgs.builder()
.protocol("icmp")
.build())
.direction("INGRESS")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var fw2 = new Firewall("fw2", FirewallArgs.builder()
.network(defaultNetwork.id())
.sourceRanges("0.0.0.0/0")
.allows(FirewallAllowArgs.builder()
.protocol("tcp")
.ports("22")
.build())
.targetTags("allow-ssh")
.direction("INGRESS")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(fw1)
.build());
var fw3 = new Firewall("fw3", FirewallArgs.builder()
.network(defaultNetwork.id())
.sourceRanges(
"130.211.0.0/22",
"35.191.0.0/16")
.allows(FirewallAllowArgs.builder()
.protocol("tcp")
.build())
.targetTags("load-balanced-backend")
.direction("INGRESS")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(fw2)
.build());
var fw4 = new Firewall("fw4", FirewallArgs.builder()
.network(defaultNetwork.id())
.sourceRanges("10.129.0.0/26")
.targetTags("load-balanced-backend")
.allows(
FirewallAllowArgs.builder()
.protocol("tcp")
.ports("80")
.build(),
FirewallAllowArgs.builder()
.protocol("tcp")
.ports("443")
.build(),
FirewallAllowArgs.builder()
.protocol("tcp")
.ports("8000")
.build())
.direction("INGRESS")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(fw3)
.build());
var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
.region("us-central1")
.httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
.portSpecification("USE_SERVING_PORT")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(fw4)
.build());
var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
.loadBalancingScheme("EXTERNAL_MANAGED")
.backends(RegionBackendServiceBackendArgs.builder()
.group(rigm.instanceGroup())
.balancingMode("UTILIZATION")
.capacityScaler(1)
.build())
.region("us-central1")
.protocol("HTTP")
.timeoutSec(10)
.healthChecks(defaultRegionHealthCheck.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
.region("us-central1")
.defaultService(defaultRegionBackendService.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultRegionTargetHttpProxy = new RegionTargetHttpProxy("defaultRegionTargetHttpProxy", RegionTargetHttpProxyArgs.builder()
.region("us-central1")
.urlMap(defaultRegionUrlMap.id())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultAddress = new Address("defaultAddress", AddressArgs.builder()
.region("us-central1")
.networkTier("STANDARD")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var proxy = new Subnetwork("proxy", SubnetworkArgs.builder()
.ipCidrRange("10.129.0.0/26")
.region("us-central1")
.network(defaultNetwork.id())
.purpose("REGIONAL_MANAGED_PROXY")
.role("ACTIVE")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultForwardingRule = new ForwardingRule("defaultForwardingRule", ForwardingRuleArgs.builder()
.region("us-central1")
.ipProtocol("TCP")
.loadBalancingScheme("EXTERNAL_MANAGED")
.portRange("80")
.target(defaultRegionTargetHttpProxy.id())
.network(defaultNetwork.id())
.ipAddress(defaultAddress.id())
.networkTier("STANDARD")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(proxy)
.build());
}
}Content copied to clipboard
Forwarding Rule Vpc Psc
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.ServiceAttachment;
import com.pulumi.gcp.compute.ServiceAttachmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var consumerNet = new Network("consumerNet", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var consumerSubnet = new Subnetwork("consumerSubnet", SubnetworkArgs.builder()
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.network(consumerNet.id())
.build());
var consumerAddress = new Address("consumerAddress", AddressArgs.builder()
.region("us-central1")
.subnetwork(consumerSubnet.id())
.addressType("INTERNAL")
.build());
var producerNet = new Network("producerNet", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var pscProducerSubnet = new Subnetwork("pscProducerSubnet", SubnetworkArgs.builder()
.ipCidrRange("10.1.0.0/16")
.region("us-central1")
.purpose("PRIVATE_SERVICE_CONNECT")
.network(producerNet.id())
.build());
var producerSubnet = new Subnetwork("producerSubnet", SubnetworkArgs.builder()
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.network(producerNet.id())
.build());
var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
.checkIntervalSec(1)
.timeoutSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build());
var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
.region("us-central1")
.healthChecks(producerServiceHealthCheck.id())
.build());
var producerTargetService = new ForwardingRule("producerTargetService", ForwardingRuleArgs.builder()
.region("us-central1")
.loadBalancingScheme("INTERNAL")
.backendService(producerServiceBackend.id())
.allPorts(true)
.network(producerNet.name())
.subnetwork(producerSubnet.name())
.build());
var producerServiceAttachment = new ServiceAttachment("producerServiceAttachment", ServiceAttachmentArgs.builder()
.region("us-central1")
.description("A service attachment configured with Terraform")
.enableProxyProtocol(true)
.connectionPreference("ACCEPT_AUTOMATIC")
.natSubnets(pscProducerSubnet.name())
.targetService(producerTargetService.id())
.build());
var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
.region("us-central1")
.loadBalancingScheme("")
.target(producerServiceAttachment.id())
.network(consumerNet.name())
.ipAddress(consumerAddress.id())
.allowPscGlobalAccess(true)
.build());
}
}Content copied to clipboard
Forwarding Rule Vpc Psc No Automate Dns
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.ServiceAttachment;
import com.pulumi.gcp.compute.ServiceAttachmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var consumerNet = new Network("consumerNet", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var consumerSubnet = new Subnetwork("consumerSubnet", SubnetworkArgs.builder()
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.network(consumerNet.id())
.build());
var consumerAddress = new Address("consumerAddress", AddressArgs.builder()
.region("us-central1")
.subnetwork(consumerSubnet.id())
.addressType("INTERNAL")
.build());
var producerNet = new Network("producerNet", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var pscProducerSubnet = new Subnetwork("pscProducerSubnet", SubnetworkArgs.builder()
.ipCidrRange("10.1.0.0/16")
.region("us-central1")
.purpose("PRIVATE_SERVICE_CONNECT")
.network(producerNet.id())
.build());
var producerSubnet = new Subnetwork("producerSubnet", SubnetworkArgs.builder()
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.network(producerNet.id())
.build());
var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
.checkIntervalSec(1)
.timeoutSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build());
var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
.region("us-central1")
.healthChecks(producerServiceHealthCheck.id())
.build());
var producerTargetService = new ForwardingRule("producerTargetService", ForwardingRuleArgs.builder()
.region("us-central1")
.loadBalancingScheme("INTERNAL")
.backendService(producerServiceBackend.id())
.allPorts(true)
.network(producerNet.name())
.subnetwork(producerSubnet.name())
.build());
var producerServiceAttachment = new ServiceAttachment("producerServiceAttachment", ServiceAttachmentArgs.builder()
.region("us-central1")
.description("A service attachment configured with Terraform")
.enableProxyProtocol(true)
.connectionPreference("ACCEPT_AUTOMATIC")
.natSubnets(pscProducerSubnet.name())
.targetService(producerTargetService.id())
.build());
var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
.region("us-central1")
.loadBalancingScheme("")
.target(producerServiceAttachment.id())
.network(consumerNet.name())
.ipAddress(consumerAddress.id())
.allowPscGlobalAccess(true)
.noAutomateDnsZone(true)
.build());
}
}Content copied to clipboard
Forwarding Rule Regional Steering
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var basic = new Address("basic", AddressArgs.builder()
.region("us-central1")
.build());
var externalRegionBackendService = new RegionBackendService("externalRegionBackendService", RegionBackendServiceArgs.builder()
.region("us-central1")
.loadBalancingScheme("EXTERNAL")
.build());
var externalForwardingRule = new ForwardingRule("externalForwardingRule", ForwardingRuleArgs.builder()
.region("us-central1")
.ipAddress(basic.selfLink())
.backendService(externalRegionBackendService.selfLink())
.loadBalancingScheme("EXTERNAL")
.build());
var steering = new ForwardingRule("steering", ForwardingRuleArgs.builder()
.region("us-central1")
.ipAddress(basic.selfLink())
.backendService(externalRegionBackendService.selfLink())
.loadBalancingScheme("EXTERNAL")
.sourceIpRanges(
"34.121.88.0/24",
"35.187.239.137")
.build(), CustomResourceOptions.builder()
.dependsOn(externalForwardingRule)
.build());
}
}Content copied to clipboard
Forwarding Rule Internallb Ipv6
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var hc = new HealthCheck("hc", HealthCheckArgs.builder()
.checkIntervalSec(1)
.timeoutSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build());
var backend = new RegionBackendService("backend", RegionBackendServiceArgs.builder()
.region("us-central1")
.healthChecks(hc.id())
.build());
var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.enableUlaInternalIpv6(true)
.build());
var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
.ipCidrRange("10.0.0.0/16")
.region("us-central1")
.stackType("IPV4_IPV6")
.ipv6AccessType("INTERNAL")
.network(defaultNetwork.id())
.build());
var defaultForwardingRule = new ForwardingRule("defaultForwardingRule", ForwardingRuleArgs.builder()
.region("us-central1")
.loadBalancingScheme("INTERNAL")
.backendService(backend.id())
.allPorts(true)
.network(defaultNetwork.name())
.subnetwork(defaultSubnetwork.name())
.ipVersion("IPV6")
.build());
}
}Content copied to clipboard
Import
ForwardingRule can be imported using any of these accepted formats
$ pulumi import gcp:compute/forwardingRule:ForwardingRule default projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}Content copied to clipboard
$ pulumi import gcp:compute/forwardingRule:ForwardingRule default {{project}}/{{region}}/{{name}}Content copied to clipboard
$ pulumi import gcp:compute/forwardingRule:ForwardingRule default {{region}}/{{name}}Content copied to clipboard
$ pulumi import gcp:compute/forwardingRule:ForwardingRule default {{name}}Content copied to clipboard
Constructors
Link copied to clipboard
constructor(allPorts: Output<Boolean>? = null, allowGlobalAccess: Output<Boolean>? = null, allowPscGlobalAccess: Output<Boolean>? = null, backendService: Output<String>? = null, description: Output<String>? = null, ipAddress: Output<String>? = null, ipProtocol: Output<String>? = null, ipVersion: Output<String>? = null, isMirroringCollector: Output<Boolean>? = null, labels: Output<Map<String, String>>? = null, loadBalancingScheme: Output<String>? = null, name: Output<String>? = null, network: Output<String>? = null, networkTier: Output<String>? = null, noAutomateDnsZone: Output<Boolean>? = null, portRange: Output<String>? = null, ports: Output<List<String>>? = null, project: Output<String>? = null, region: Output<String>? = null, serviceDirectoryRegistrations: Output<List<ForwardingRuleServiceDirectoryRegistrationArgs>>? = null, serviceLabel: Output<String>? = null, sourceIpRanges: Output<List<String>>? = null, subnetwork: Output<String>? = null, target: Output<String>? = null)
Properties
Link copied to clipboard
This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
Link copied to clipboard
This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.
Link copied to clipboard
Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
Link copied to clipboard
An optional description of this resource. Provide this property when you create the resource.
Link copied to clipboard
IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target or backendService. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:
Link copied to clipboard
The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in [Load balancing
Link copied to clipboard
Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
Link copied to clipboard
Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL, INTERNAL_MANAGED.
Link copied to clipboard
Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
Link copied to clipboard
This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
Link copied to clipboard
This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address. Possible values are: PREMIUM, STANDARD.
Link copied to clipboard
This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.
Link copied to clipboard
val serviceDirectoryRegistrations: Output<List<ForwardingRuleServiceDirectoryRegistrationArgs>>? = null
Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. Structure is documented below.
Link copied to clipboard
An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for INTERNAL load balancing.
Link copied to clipboard
If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
Link copied to clipboard
This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.
Link copied to clipboard
The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.