Service
Represents a ServiceAttachment resource. To get more information about ServiceAttachment, see:
Example Usage
Service Attachment Basic
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.ServiceAttachment;
import com.pulumi.gcp.compute.ServiceAttachmentArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
.checkIntervalSec(1)
.timeoutSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build());
var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
.region("us-west2")
.healthChecks(producerServiceHealthCheck.id())
.build());
var pscIlbNetwork = new Network("pscIlbNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var pscIlbProducerSubnetwork = new Subnetwork("pscIlbProducerSubnetwork", SubnetworkArgs.builder()
.region("us-west2")
.network(pscIlbNetwork.id())
.ipCidrRange("10.0.0.0/16")
.build());
var pscIlbTargetService = new ForwardingRule("pscIlbTargetService", ForwardingRuleArgs.builder()
.region("us-west2")
.loadBalancingScheme("INTERNAL")
.backendService(producerServiceBackend.id())
.allPorts(true)
.network(pscIlbNetwork.name())
.subnetwork(pscIlbProducerSubnetwork.name())
.build());
var pscIlbNat = new Subnetwork("pscIlbNat", SubnetworkArgs.builder()
.region("us-west2")
.network(pscIlbNetwork.id())
.purpose("PRIVATE_SERVICE_CONNECT")
.ipCidrRange("10.1.0.0/16")
.build());
var pscIlbServiceAttachment = new ServiceAttachment("pscIlbServiceAttachment", ServiceAttachmentArgs.builder()
.region("us-west2")
.description("A service attachment configured with Terraform")
.domainNames("gcp.tfacc.hashicorptest.com.")
.enableProxyProtocol(true)
.connectionPreference("ACCEPT_AUTOMATIC")
.natSubnets(pscIlbNat.id())
.targetService(pscIlbTargetService.id())
.build());
var pscIlbConsumerAddress = new Address("pscIlbConsumerAddress", AddressArgs.builder()
.region("us-west2")
.subnetwork("default")
.addressType("INTERNAL")
.build());
var pscIlbConsumer = new ForwardingRule("pscIlbConsumer", ForwardingRuleArgs.builder()
.region("us-west2")
.target(pscIlbServiceAttachment.id())
.loadBalancingScheme("")
.network("default")
.ipAddress(pscIlbConsumerAddress.id())
.build());
}
}Content copied to clipboard
Service Attachment Explicit Projects
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.ServiceAttachment;
import com.pulumi.gcp.compute.ServiceAttachmentArgs;
import com.pulumi.gcp.compute.inputs.ServiceAttachmentConsumerAcceptListArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
.checkIntervalSec(1)
.timeoutSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build());
var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
.region("us-west2")
.healthChecks(producerServiceHealthCheck.id())
.build());
var pscIlbNetwork = new Network("pscIlbNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var pscIlbProducerSubnetwork = new Subnetwork("pscIlbProducerSubnetwork", SubnetworkArgs.builder()
.region("us-west2")
.network(pscIlbNetwork.id())
.ipCidrRange("10.0.0.0/16")
.build());
var pscIlbTargetService = new ForwardingRule("pscIlbTargetService", ForwardingRuleArgs.builder()
.region("us-west2")
.loadBalancingScheme("INTERNAL")
.backendService(producerServiceBackend.id())
.allPorts(true)
.network(pscIlbNetwork.name())
.subnetwork(pscIlbProducerSubnetwork.name())
.build());
var pscIlbNat = new Subnetwork("pscIlbNat", SubnetworkArgs.builder()
.region("us-west2")
.network(pscIlbNetwork.id())
.purpose("PRIVATE_SERVICE_CONNECT")
.ipCidrRange("10.1.0.0/16")
.build());
var pscIlbServiceAttachment = new ServiceAttachment("pscIlbServiceAttachment", ServiceAttachmentArgs.builder()
.region("us-west2")
.description("A service attachment configured with Terraform")
.domainNames("gcp.tfacc.hashicorptest.com.")
.enableProxyProtocol(true)
.connectionPreference("ACCEPT_MANUAL")
.natSubnets(pscIlbNat.id())
.targetService(pscIlbTargetService.id())
.consumerRejectLists(
"673497134629",
"482878270665")
.consumerAcceptLists(ServiceAttachmentConsumerAcceptListArgs.builder()
.projectIdOrNum("658859330310")
.connectionLimit(4)
.build())
.build());
var pscIlbConsumerAddress = new Address("pscIlbConsumerAddress", AddressArgs.builder()
.region("us-west2")
.subnetwork("default")
.addressType("INTERNAL")
.build());
var pscIlbConsumer = new ForwardingRule("pscIlbConsumer", ForwardingRuleArgs.builder()
.region("us-west2")
.target(pscIlbServiceAttachment.id())
.loadBalancingScheme("")
.network("default")
.ipAddress(pscIlbConsumerAddress.id())
.build());
}
}Content copied to clipboard
Service Attachment Reconcile Connections
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.ServiceAttachment;
import com.pulumi.gcp.compute.ServiceAttachmentArgs;
import com.pulumi.gcp.compute.inputs.ServiceAttachmentConsumerAcceptListArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
.checkIntervalSec(1)
.timeoutSec(1)
.tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
.port("80")
.build())
.build());
var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
.region("us-west2")
.healthChecks(producerServiceHealthCheck.id())
.build());
var pscIlbNetwork = new Network("pscIlbNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var pscIlbProducerSubnetwork = new Subnetwork("pscIlbProducerSubnetwork", SubnetworkArgs.builder()
.region("us-west2")
.network(pscIlbNetwork.id())
.ipCidrRange("10.0.0.0/16")
.build());
var pscIlbTargetService = new ForwardingRule("pscIlbTargetService", ForwardingRuleArgs.builder()
.region("us-west2")
.loadBalancingScheme("INTERNAL")
.backendService(producerServiceBackend.id())
.allPorts(true)
.network(pscIlbNetwork.name())
.subnetwork(pscIlbProducerSubnetwork.name())
.build());
var pscIlbNat = new Subnetwork("pscIlbNat", SubnetworkArgs.builder()
.region("us-west2")
.network(pscIlbNetwork.id())
.purpose("PRIVATE_SERVICE_CONNECT")
.ipCidrRange("10.1.0.0/16")
.build());
var pscIlbServiceAttachment = new ServiceAttachment("pscIlbServiceAttachment", ServiceAttachmentArgs.builder()
.region("us-west2")
.description("A service attachment configured with Terraform")
.domainNames("gcp.tfacc.hashicorptest.com.")
.enableProxyProtocol(true)
.connectionPreference("ACCEPT_MANUAL")
.natSubnets(pscIlbNat.id())
.targetService(pscIlbTargetService.id())
.consumerRejectLists(
"673497134629",
"482878270665")
.consumerAcceptLists(ServiceAttachmentConsumerAcceptListArgs.builder()
.projectIdOrNum("658859330310")
.connectionLimit(4)
.build())
.reconcileConnections(false)
.build());
}
}Content copied to clipboard
Import
ServiceAttachment can be imported using any of these accepted formats
$ pulumi import gcp:compute/serviceAttachment:ServiceAttachment default projects/{{project}}/regions/{{region}}/serviceAttachments/{{name}}Content copied to clipboard
$ pulumi import gcp:compute/serviceAttachment:ServiceAttachment default {{project}}/{{region}}/{{name}}Content copied to clipboard
$ pulumi import gcp:compute/serviceAttachment:ServiceAttachment default {{region}}/{{name}}Content copied to clipboard
$ pulumi import gcp:compute/serviceAttachment:ServiceAttachment default {{name}}Content copied to clipboard
Properties
Link copied to clipboard
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
Link copied to clipboard
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
Link copied to clipboard
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
Link copied to clipboard
An array of projects that are not allowed to connect to this service attachment.
Link copied to clipboard
An optional description of this resource.
Link copied to clipboard
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
Link copied to clipboard
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.
Link copied to clipboard
Fingerprint of this resource. This field is used internally during updates of this resource.
Link copied to clipboard
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
Link copied to clipboard
An array of subnets that is provided for NAT in this service attachment.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list. For newly created service attachment, this boolean defaults to true.
Link copied to clipboard
The URL of a forwarding rule that represents the service identified by this service attachment.