Mirroring
data class MirroringDeploymentArgs(val description: Output<String>? = null, val forwardingRule: Output<String>? = null, val labels: Output<Map<String, String>>? = null, val location: Output<String>? = null, val mirroringDeploymentGroup: Output<String>? = null, val mirroringDeploymentId: Output<String>? = null, val project: Output<String>? = null) : ConvertibleToJava<MirroringDeploymentArgs>
A deployment represents a zonal mirroring backend ready to accept GENEVE-encapsulated replica traffic, e.g. a zonal instance group fronted by an internal passthrough load balancer. Deployments are always part of a global deployment group which represents a global mirroring service. To get more information about MirroringDeployment, see:
How-to Guides
Example Usage
Network Security Mirroring Deployment Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const network = new gcp.compute.Network("network", {
name: "example-network",
autoCreateSubnetworks: false,
});
const subnetwork = new gcp.compute.Subnetwork("subnetwork", {
name: "example-subnet",
region: "us-central1",
ipCidrRange: "10.1.0.0/16",
network: network.name,
});
const healthCheck = new gcp.compute.RegionHealthCheck("health_check", {
name: "example-hc",
region: "us-central1",
httpHealthCheck: {
port: 80,
},
});
const backendService = new gcp.compute.RegionBackendService("backend_service", {
name: "example-bs",
region: "us-central1",
healthChecks: healthCheck.id,
protocol: "UDP",
loadBalancingScheme: "INTERNAL",
});
const forwardingRule = new gcp.compute.ForwardingRule("forwarding_rule", {
name: "example-fwr",
region: "us-central1",
network: network.name,
subnetwork: subnetwork.name,
backendService: backendService.id,
loadBalancingScheme: "INTERNAL",
ports: ["6081"],
ipProtocol: "UDP",
isMirroringCollector: true,
});
const deploymentGroup = new gcp.networksecurity.MirroringDeploymentGroup("deployment_group", {
mirroringDeploymentGroupId: "example-dg",
location: "global",
network: network.id,
});
const _default = new gcp.networksecurity.MirroringDeployment("default", {
mirroringDeploymentId: "example-deployment",
location: "us-central1-a",
forwardingRule: forwardingRule.id,
mirroringDeploymentGroup: deploymentGroup.id,
description: "some description",
labels: {
foo: "bar",
},
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
network = gcp.compute.Network("network",
name="example-network",
auto_create_subnetworks=False)
subnetwork = gcp.compute.Subnetwork("subnetwork",
name="example-subnet",
region="us-central1",
ip_cidr_range="10.1.0.0/16",
network=network.name)
health_check = gcp.compute.RegionHealthCheck("health_check",
name="example-hc",
region="us-central1",
http_health_check={
"port": 80,
})
backend_service = gcp.compute.RegionBackendService("backend_service",
name="example-bs",
region="us-central1",
health_checks=health_check.id,
protocol="UDP",
load_balancing_scheme="INTERNAL")
forwarding_rule = gcp.compute.ForwardingRule("forwarding_rule",
name="example-fwr",
region="us-central1",
network=network.name,
subnetwork=subnetwork.name,
backend_service=backend_service.id,
load_balancing_scheme="INTERNAL",
ports=["6081"],
ip_protocol="UDP",
is_mirroring_collector=True)
deployment_group = gcp.networksecurity.MirroringDeploymentGroup("deployment_group",
mirroring_deployment_group_id="example-dg",
location="global",
network=network.id)
default = gcp.networksecurity.MirroringDeployment("default",
mirroring_deployment_id="example-deployment",
location="us-central1-a",
forwarding_rule=forwarding_rule.id,
mirroring_deployment_group=deployment_group.id,
description="some description",
labels={
"foo": "bar",
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var network = new Gcp.Compute.Network("network", new()
{
Name = "example-network",
AutoCreateSubnetworks = false,
});
var subnetwork = new Gcp.Compute.Subnetwork("subnetwork", new()
{
Name = "example-subnet",
Region = "us-central1",
IpCidrRange = "10.1.0.0/16",
Network = network.Name,
});
var healthCheck = new Gcp.Compute.RegionHealthCheck("health_check", new()
{
Name = "example-hc",
Region = "us-central1",
HttpHealthCheck = new Gcp.Compute.Inputs.RegionHealthCheckHttpHealthCheckArgs
{
Port = 80,
},
});
var backendService = new Gcp.Compute.RegionBackendService("backend_service", new()
{
Name = "example-bs",
Region = "us-central1",
HealthChecks = healthCheck.Id,
Protocol = "UDP",
LoadBalancingScheme = "INTERNAL",
});
var forwardingRule = new Gcp.Compute.ForwardingRule("forwarding_rule", new()
{
Name = "example-fwr",
Region = "us-central1",
Network = network.Name,
Subnetwork = subnetwork.Name,
BackendService = backendService.Id,
LoadBalancingScheme = "INTERNAL",
Ports = new[]
{
"6081",
},
IpProtocol = "UDP",
IsMirroringCollector = true,
});
var deploymentGroup = new Gcp.NetworkSecurity.MirroringDeploymentGroup("deployment_group", new()
{
MirroringDeploymentGroupId = "example-dg",
Location = "global",
Network = network.Id,
});
var @default = new Gcp.NetworkSecurity.MirroringDeployment("default", new()
{
MirroringDeploymentId = "example-deployment",
Location = "us-central1-a",
ForwardingRule = forwardingRule.Id,
MirroringDeploymentGroup = deploymentGroup.Id,
Description = "some description",
Labels =
{
{ "foo", "bar" },
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{
Name: pulumi.String("example-network"),
AutoCreateSubnetworks: pulumi.Bool(false),
})
if err != nil {
return err
}
subnetwork, err := compute.NewSubnetwork(ctx, "subnetwork", &compute.SubnetworkArgs{
Name: pulumi.String("example-subnet"),
Region: pulumi.String("us-central1"),
IpCidrRange: pulumi.String("10.1.0.0/16"),
Network: network.Name,
})
if err != nil {
return err
}
healthCheck, err := compute.NewRegionHealthCheck(ctx, "health_check", &compute.RegionHealthCheckArgs{
Name: pulumi.String("example-hc"),
Region: pulumi.String("us-central1"),
HttpHealthCheck: &compute.RegionHealthCheckHttpHealthCheckArgs{
Port: pulumi.Int(80),
},
})
if err != nil {
return err
}
backendService, err := compute.NewRegionBackendService(ctx, "backend_service", &compute.RegionBackendServiceArgs{
Name: pulumi.String("example-bs"),
Region: pulumi.String("us-central1"),
HealthChecks: healthCheck.ID(),
Protocol: pulumi.String("UDP"),
LoadBalancingScheme: pulumi.String("INTERNAL"),
})
if err != nil {
return err
}
forwardingRule, err := compute.NewForwardingRule(ctx, "forwarding_rule", &compute.ForwardingRuleArgs{
Name: pulumi.String("example-fwr"),
Region: pulumi.String("us-central1"),
Network: network.Name,
Subnetwork: subnetwork.Name,
BackendService: backendService.ID(),
LoadBalancingScheme: pulumi.String("INTERNAL"),
Ports: pulumi.StringArray{
pulumi.String("6081"),
},
IpProtocol: pulumi.String("UDP"),
IsMirroringCollector: pulumi.Bool(true),
})
if err != nil {
return err
}
deploymentGroup, err := networksecurity.NewMirroringDeploymentGroup(ctx, "deployment_group", &networksecurity.MirroringDeploymentGroupArgs{
MirroringDeploymentGroupId: pulumi.String("example-dg"),
Location: pulumi.String("global"),
Network: network.ID(),
})
if err != nil {
return err
}
_, err = networksecurity.NewMirroringDeployment(ctx, "default", &networksecurity.MirroringDeploymentArgs{
MirroringDeploymentId: pulumi.String("example-deployment"),
Location: pulumi.String("us-central1-a"),
ForwardingRule: forwardingRule.ID(),
MirroringDeploymentGroup: deploymentGroup.ID(),
Description: pulumi.String("some description"),
Labels: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.networksecurity.MirroringDeploymentGroup;
import com.pulumi.gcp.networksecurity.MirroringDeploymentGroupArgs;
import com.pulumi.gcp.networksecurity.MirroringDeployment;
import com.pulumi.gcp.networksecurity.MirroringDeploymentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var network = new Network("network", NetworkArgs.builder()
.name("example-network")
.autoCreateSubnetworks(false)
.build());
var subnetwork = new Subnetwork("subnetwork", SubnetworkArgs.builder()
.name("example-subnet")
.region("us-central1")
.ipCidrRange("10.1.0.0/16")
.network(network.name())
.build());
var healthCheck = new RegionHealthCheck("healthCheck", RegionHealthCheckArgs.builder()
.name("example-hc")
.region("us-central1")
.httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
.port(80)
.build())
.build());
var backendService = new RegionBackendService("backendService", RegionBackendServiceArgs.builder()
.name("example-bs")
.region("us-central1")
.healthChecks(healthCheck.id())
.protocol("UDP")
.loadBalancingScheme("INTERNAL")
.build());
var forwardingRule = new ForwardingRule("forwardingRule", ForwardingRuleArgs.builder()
.name("example-fwr")
.region("us-central1")
.network(network.name())
.subnetwork(subnetwork.name())
.backendService(backendService.id())
.loadBalancingScheme("INTERNAL")
.ports("6081")
.ipProtocol("UDP")
.isMirroringCollector(true)
.build());
var deploymentGroup = new MirroringDeploymentGroup("deploymentGroup", MirroringDeploymentGroupArgs.builder()
.mirroringDeploymentGroupId("example-dg")
.location("global")
.network(network.id())
.build());
var default_ = new MirroringDeployment("default", MirroringDeploymentArgs.builder()
.mirroringDeploymentId("example-deployment")
.location("us-central1-a")
.forwardingRule(forwardingRule.id())
.mirroringDeploymentGroup(deploymentGroup.id())
.description("some description")
.labels(Map.of("foo", "bar"))
.build());
}
}Content copied to clipboard
resources:
network:
type: gcp:compute:Network
properties:
name: example-network
autoCreateSubnetworks: false
subnetwork:
type: gcp:compute:Subnetwork
properties:
name: example-subnet
region: us-central1
ipCidrRange: 10.1.0.0/16
network: ${network.name}
healthCheck:
type: gcp:compute:RegionHealthCheck
name: health_check
properties:
name: example-hc
region: us-central1
httpHealthCheck:
port: 80
backendService:
type: gcp:compute:RegionBackendService
name: backend_service
properties:
name: example-bs
region: us-central1
healthChecks: ${healthCheck.id}
protocol: UDP
loadBalancingScheme: INTERNAL
forwardingRule:
type: gcp:compute:ForwardingRule
name: forwarding_rule
properties:
name: example-fwr
region: us-central1
network: ${network.name}
subnetwork: ${subnetwork.name}
backendService: ${backendService.id}
loadBalancingScheme: INTERNAL
ports:
- 6081
ipProtocol: UDP
isMirroringCollector: true
deploymentGroup:
type: gcp:networksecurity:MirroringDeploymentGroup
name: deployment_group
properties:
mirroringDeploymentGroupId: example-dg
location: global
network: ${network.id}
default:
type: gcp:networksecurity:MirroringDeployment
properties:
mirroringDeploymentId: example-deployment
location: us-central1-a
forwardingRule: ${forwardingRule.id}
mirroringDeploymentGroup: ${deploymentGroup.id}
description: some description
labels:
foo: barContent copied to clipboard
Import
MirroringDeployment can be imported using any of these accepted formats:
projects/{{project}}/locations/{{location}}/mirroringDeployments/{{mirroring_deployment_id}}{{project}}/{{location}}/{{mirroring_deployment_id}}{{location}}/{{mirroring_deployment_id}}When using thepulumi importcommand, MirroringDeployment can be imported using one of the formats above. For example:
$ pulumi import gcp:networksecurity/mirroringDeployment:MirroringDeployment default projects/{{project}}/locations/{{location}}/mirroringDeployments/{{mirroring_deployment_id}}Content copied to clipboard
$ pulumi import gcp:networksecurity/mirroringDeployment:MirroringDeployment default {{project}}/{{location}}/{{mirroring_deployment_id}}Content copied to clipboard
$ pulumi import gcp:networksecurity/mirroringDeployment:MirroringDeployment default {{location}}/{{mirroring_deployment_id}}Content copied to clipboard
Properties
Link copied to clipboard
User-provided description of the deployment. Used as additional context for the deployment.
Link copied to clipboard
The regional forwarding rule that fronts the mirroring collectors, for example: projects/123456789/regions/us-central1/forwardingRules/my-rule. See https://google.aip.dev/124.
Link copied to clipboard
Labels are key/value pairs that help to organize and filter resources. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
Link copied to clipboard
The deployment group that this deployment is a part of, for example: projects/123456789/locations/global/mirroringDeploymentGroups/my-dg. See https://google.aip.dev/124.
Link copied to clipboard
The ID to use for the new deployment, which will become the final component of the deployment's resource name.