pulumi-gcp 7.12.0a1709074764__py3-none-any.whl → 7.12.0a1709133800__py3-none-any.whl

Sign up to get free protection for your applications and to get access to all the features.
Files changed (934) hide show
  1. pulumi_gcp/accessapproval/get_folder_service_account.py +2 -2
  2. pulumi_gcp/accessapproval/get_organization_service_account.py +2 -2
  3. pulumi_gcp/accessapproval/get_project_service_account.py +2 -2
  4. pulumi_gcp/accesscontextmanager/access_level.py +10 -8
  5. pulumi_gcp/accesscontextmanager/access_level_condition.py +2 -0
  6. pulumi_gcp/accesscontextmanager/access_levels.py +16 -16
  7. pulumi_gcp/accesscontextmanager/access_policy.py +12 -6
  8. pulumi_gcp/accesscontextmanager/access_policy_iam_binding.py +10 -2
  9. pulumi_gcp/accesscontextmanager/access_policy_iam_member.py +10 -2
  10. pulumi_gcp/accesscontextmanager/access_policy_iam_policy.py +10 -2
  11. pulumi_gcp/accesscontextmanager/authorized_orgs_desc.py +8 -6
  12. pulumi_gcp/accesscontextmanager/gcp_user_access_binding.py +80 -0
  13. pulumi_gcp/accesscontextmanager/get_access_policy_iam_policy.py +2 -2
  14. pulumi_gcp/accesscontextmanager/service_perimeter.py +34 -24
  15. pulumi_gcp/accesscontextmanager/service_perimeter_resource.py +6 -4
  16. pulumi_gcp/accesscontextmanager/service_perimeters.py +14 -12
  17. pulumi_gcp/activedirectory/domain_trust.py +6 -6
  18. pulumi_gcp/activedirectory/peering.py +20 -22
  19. pulumi_gcp/alloydb/backup.py +62 -66
  20. pulumi_gcp/alloydb/cluster.py +78 -82
  21. pulumi_gcp/alloydb/instance.py +70 -74
  22. pulumi_gcp/alloydb/user.py +44 -48
  23. pulumi_gcp/apigateway/api.py +2 -4
  24. pulumi_gcp/apigateway/api_config.py +86 -14
  25. pulumi_gcp/apigateway/api_config_iam_binding.py +18 -24
  26. pulumi_gcp/apigateway/api_config_iam_member.py +18 -24
  27. pulumi_gcp/apigateway/api_config_iam_policy.py +18 -24
  28. pulumi_gcp/apigateway/api_iam_binding.py +18 -24
  29. pulumi_gcp/apigateway/api_iam_member.py +18 -24
  30. pulumi_gcp/apigateway/api_iam_policy.py +18 -24
  31. pulumi_gcp/apigateway/gateway.py +16 -22
  32. pulumi_gcp/apigateway/gateway_iam_binding.py +24 -30
  33. pulumi_gcp/apigateway/gateway_iam_member.py +24 -30
  34. pulumi_gcp/apigateway/gateway_iam_policy.py +24 -30
  35. pulumi_gcp/apigee/addons_config.py +22 -26
  36. pulumi_gcp/apigee/endpoint_attachment.py +14 -14
  37. pulumi_gcp/apigee/env_group.py +16 -14
  38. pulumi_gcp/apigee/env_group_attachment.py +0 -100
  39. pulumi_gcp/apigee/environment.py +14 -12
  40. pulumi_gcp/apigee/environment_iam_binding.py +12 -12
  41. pulumi_gcp/apigee/environment_iam_member.py +12 -12
  42. pulumi_gcp/apigee/environment_iam_policy.py +12 -12
  43. pulumi_gcp/apigee/get_environment_iam_policy.py +4 -4
  44. pulumi_gcp/apigee/instance.py +84 -76
  45. pulumi_gcp/apigee/instance_attachment.py +0 -100
  46. pulumi_gcp/apigee/keystores_aliases_self_signed_cert.py +40 -40
  47. pulumi_gcp/apigee/nat_address.py +42 -36
  48. pulumi_gcp/apigee/organization.py +62 -58
  49. pulumi_gcp/apigee/sync_authorization.py +16 -12
  50. pulumi_gcp/apigee/target_server.py +34 -36
  51. pulumi_gcp/appengine/application.py +8 -2
  52. pulumi_gcp/appengine/application_url_dispatch_rules.py +12 -6
  53. pulumi_gcp/appengine/domain_mapping.py +2 -2
  54. pulumi_gcp/appengine/engine_split_traffic.py +12 -6
  55. pulumi_gcp/appengine/firewall_rule.py +6 -2
  56. pulumi_gcp/appengine/flexible_app_version.py +20 -12
  57. pulumi_gcp/appengine/service_network_settings.py +14 -8
  58. pulumi_gcp/appengine/standard_app_version.py +18 -12
  59. pulumi_gcp/artifactregistry/get_repository_iam_policy.py +6 -6
  60. pulumi_gcp/artifactregistry/repository.py +78 -82
  61. pulumi_gcp/artifactregistry/repository_iam_binding.py +18 -18
  62. pulumi_gcp/artifactregistry/repository_iam_member.py +18 -18
  63. pulumi_gcp/artifactregistry/repository_iam_policy.py +18 -18
  64. pulumi_gcp/artifactregistry/vpcsc_config.py +2 -4
  65. pulumi_gcp/assuredworkloads/workload.py +16 -18
  66. pulumi_gcp/backupdisasterrecovery/management_server.py +20 -24
  67. pulumi_gcp/beyondcorp/app_connection.py +44 -30
  68. pulumi_gcp/beyondcorp/app_connector.py +22 -16
  69. pulumi_gcp/beyondcorp/app_gateway.py +20 -16
  70. pulumi_gcp/biglake/catalog.py +6 -2
  71. pulumi_gcp/biglake/database.py +14 -4
  72. pulumi_gcp/biglake/table.py +20 -6
  73. pulumi_gcp/bigquery/app_profile.py +8 -0
  74. pulumi_gcp/bigquery/capacity_commitment.py +4 -4
  75. pulumi_gcp/bigquery/connection.py +72 -54
  76. pulumi_gcp/bigquery/connection_iam_binding.py +18 -18
  77. pulumi_gcp/bigquery/connection_iam_member.py +18 -18
  78. pulumi_gcp/bigquery/connection_iam_policy.py +18 -18
  79. pulumi_gcp/bigquery/data_transfer_config.py +8 -12
  80. pulumi_gcp/bigquery/dataset.py +20 -14
  81. pulumi_gcp/bigquery/dataset_access.py +16 -16
  82. pulumi_gcp/bigquery/dataset_iam_binding.py +4 -4
  83. pulumi_gcp/bigquery/dataset_iam_member.py +4 -4
  84. pulumi_gcp/bigquery/dataset_iam_policy.py +4 -4
  85. pulumi_gcp/bigquery/get_connection_iam_policy.py +6 -6
  86. pulumi_gcp/bigquery/get_dataset_iam_policy.py +2 -2
  87. pulumi_gcp/bigquery/get_default_service_account.py +4 -4
  88. pulumi_gcp/bigquery/get_table_iam_policy.py +6 -6
  89. pulumi_gcp/bigquery/iam_binding.py +36 -36
  90. pulumi_gcp/bigquery/iam_member.py +36 -36
  91. pulumi_gcp/bigquery/iam_policy.py +36 -36
  92. pulumi_gcp/bigquery/job.py +326 -20
  93. pulumi_gcp/bigquery/reservation.py +14 -12
  94. pulumi_gcp/bigquery/reservation_assignment.py +2 -0
  95. pulumi_gcp/bigquery/routine.py +22 -22
  96. pulumi_gcp/bigquery/table.py +8 -8
  97. pulumi_gcp/bigqueryanalyticshub/data_exchange.py +6 -6
  98. pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_binding.py +18 -18
  99. pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_member.py +18 -18
  100. pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_policy.py +18 -18
  101. pulumi_gcp/bigqueryanalyticshub/get_data_exchange_iam_policy.py +6 -6
  102. pulumi_gcp/bigqueryanalyticshub/get_listing_iam_policy.py +8 -8
  103. pulumi_gcp/bigqueryanalyticshub/listing.py +16 -16
  104. pulumi_gcp/bigqueryanalyticshub/listing_iam_binding.py +24 -24
  105. pulumi_gcp/bigqueryanalyticshub/listing_iam_member.py +24 -24
  106. pulumi_gcp/bigqueryanalyticshub/listing_iam_policy.py +24 -24
  107. pulumi_gcp/bigquerydatapolicy/data_policy.py +4 -4
  108. pulumi_gcp/bigquerydatapolicy/data_policy_iam_binding.py +18 -18
  109. pulumi_gcp/bigquerydatapolicy/data_policy_iam_member.py +18 -18
  110. pulumi_gcp/bigquerydatapolicy/data_policy_iam_policy.py +18 -18
  111. pulumi_gcp/bigquerydatapolicy/get_iam_policy.py +6 -6
  112. pulumi_gcp/bigtable/gc_policy.py +0 -208
  113. pulumi_gcp/bigtable/get_instance_iam_policy.py +2 -2
  114. pulumi_gcp/bigtable/get_table_iam_policy.py +4 -4
  115. pulumi_gcp/bigtable/instance.py +14 -10
  116. pulumi_gcp/bigtable/instance_iam_binding.py +8 -8
  117. pulumi_gcp/bigtable/instance_iam_member.py +8 -8
  118. pulumi_gcp/bigtable/instance_iam_policy.py +8 -8
  119. pulumi_gcp/bigtable/table.py +18 -12
  120. pulumi_gcp/bigtable/table_iam_binding.py +8 -8
  121. pulumi_gcp/bigtable/table_iam_member.py +8 -8
  122. pulumi_gcp/bigtable/table_iam_policy.py +8 -8
  123. pulumi_gcp/billing/account_iam_binding.py +8 -8
  124. pulumi_gcp/billing/account_iam_member.py +8 -8
  125. pulumi_gcp/billing/account_iam_policy.py +8 -8
  126. pulumi_gcp/billing/budget.py +2 -2
  127. pulumi_gcp/binaryauthorization/attestor.py +74 -52
  128. pulumi_gcp/binaryauthorization/attestor_iam_binding.py +12 -12
  129. pulumi_gcp/binaryauthorization/attestor_iam_member.py +12 -12
  130. pulumi_gcp/binaryauthorization/attestor_iam_policy.py +12 -12
  131. pulumi_gcp/binaryauthorization/get_attestor_iam_policy.py +4 -4
  132. pulumi_gcp/binaryauthorization/policy.py +48 -32
  133. pulumi_gcp/blockchainnodeengine/blockchain_nodes.py +38 -38
  134. pulumi_gcp/certificateauthority/authority.py +34 -42
  135. pulumi_gcp/certificateauthority/ca_pool.py +274 -6
  136. pulumi_gcp/certificateauthority/ca_pool_iam_binding.py +12 -12
  137. pulumi_gcp/certificateauthority/ca_pool_iam_member.py +12 -12
  138. pulumi_gcp/certificateauthority/ca_pool_iam_policy.py +12 -12
  139. pulumi_gcp/certificateauthority/certificate.py +264 -44
  140. pulumi_gcp/certificateauthority/certificate_template.py +168 -0
  141. pulumi_gcp/certificateauthority/certificate_template_iam_binding.py +12 -12
  142. pulumi_gcp/certificateauthority/certificate_template_iam_member.py +12 -12
  143. pulumi_gcp/certificateauthority/certificate_template_iam_policy.py +12 -12
  144. pulumi_gcp/certificateauthority/get_ca_pool_iam_policy.py +2 -2
  145. pulumi_gcp/certificateauthority/get_certificate_template_iam_policy.py +2 -2
  146. pulumi_gcp/certificatemanager/certificate.py +114 -84
  147. pulumi_gcp/certificatemanager/certificate_issuance_config.py +34 -32
  148. pulumi_gcp/certificatemanager/certificate_map.py +2 -0
  149. pulumi_gcp/certificatemanager/certificate_map_entry.py +12 -2
  150. pulumi_gcp/certificatemanager/dns_authorization.py +2 -0
  151. pulumi_gcp/certificatemanager/trust_config.py +8 -4
  152. pulumi_gcp/cloudasset/folder_feed.py +82 -0
  153. pulumi_gcp/cloudasset/organization_feed.py +74 -0
  154. pulumi_gcp/cloudasset/project_feed.py +70 -0
  155. pulumi_gcp/cloudbuild/bitbucket_server_config.py +98 -14
  156. pulumi_gcp/cloudbuild/get_trigger.py +2 -2
  157. pulumi_gcp/cloudbuild/trigger.py +650 -122
  158. pulumi_gcp/cloudbuild/worker_pool.py +20 -16
  159. pulumi_gcp/cloudbuildv2/connection.py +20 -18
  160. pulumi_gcp/cloudbuildv2/connection_iam_binding.py +18 -12
  161. pulumi_gcp/cloudbuildv2/connection_iam_member.py +18 -12
  162. pulumi_gcp/cloudbuildv2/connection_iam_policy.py +18 -12
  163. pulumi_gcp/cloudbuildv2/get_connection_iam_policy.py +6 -6
  164. pulumi_gcp/cloudbuildv2/repository.py +18 -14
  165. pulumi_gcp/clouddeploy/automation.py +16 -16
  166. pulumi_gcp/clouddeploy/custom_target_type.py +38 -32
  167. pulumi_gcp/clouddeploy/delivery_pipeline.py +40 -38
  168. pulumi_gcp/clouddeploy/get_delivery_pipeline_iam_policy.py +6 -6
  169. pulumi_gcp/clouddeploy/target.py +26 -24
  170. pulumi_gcp/clouddomains/registration.py +74 -74
  171. pulumi_gcp/cloudfunctions/function.py +20 -4
  172. pulumi_gcp/cloudfunctions/function_iam_binding.py +18 -18
  173. pulumi_gcp/cloudfunctions/function_iam_member.py +18 -18
  174. pulumi_gcp/cloudfunctions/function_iam_policy.py +18 -18
  175. pulumi_gcp/cloudfunctions/get_function_iam_policy.py +6 -6
  176. pulumi_gcp/cloudfunctionsv2/function.py +776 -42
  177. pulumi_gcp/cloudfunctionsv2/function_iam_binding.py +18 -18
  178. pulumi_gcp/cloudfunctionsv2/function_iam_member.py +18 -18
  179. pulumi_gcp/cloudfunctionsv2/function_iam_policy.py +18 -18
  180. pulumi_gcp/cloudfunctionsv2/get_function.py +4 -4
  181. pulumi_gcp/cloudfunctionsv2/get_function_iam_policy.py +6 -6
  182. pulumi_gcp/cloudidentity/group.py +8 -8
  183. pulumi_gcp/cloudidentity/group_membership.py +4 -4
  184. pulumi_gcp/cloudids/endpoint.py +12 -10
  185. pulumi_gcp/cloudrun/domain_mapping.py +10 -6
  186. pulumi_gcp/cloudrun/get_service.py +4 -4
  187. pulumi_gcp/cloudrun/get_service_iam_policy.py +6 -6
  188. pulumi_gcp/cloudrun/iam_binding.py +18 -18
  189. pulumi_gcp/cloudrun/iam_member.py +18 -18
  190. pulumi_gcp/cloudrun/iam_policy.py +18 -18
  191. pulumi_gcp/cloudrun/service.py +28 -14
  192. pulumi_gcp/cloudrunv2/get_job.py +4 -4
  193. pulumi_gcp/cloudrunv2/get_job_iam_policy.py +6 -6
  194. pulumi_gcp/cloudrunv2/get_service.py +4 -4
  195. pulumi_gcp/cloudrunv2/get_service_iam_policy.py +6 -6
  196. pulumi_gcp/cloudrunv2/job.py +56 -46
  197. pulumi_gcp/cloudrunv2/job_iam_binding.py +18 -12
  198. pulumi_gcp/cloudrunv2/job_iam_member.py +18 -12
  199. pulumi_gcp/cloudrunv2/job_iam_policy.py +18 -12
  200. pulumi_gcp/cloudrunv2/service.py +94 -68
  201. pulumi_gcp/cloudrunv2/service_iam_binding.py +18 -12
  202. pulumi_gcp/cloudrunv2/service_iam_member.py +18 -12
  203. pulumi_gcp/cloudrunv2/service_iam_policy.py +18 -12
  204. pulumi_gcp/cloudscheduler/job.py +168 -26
  205. pulumi_gcp/cloudtasks/get_queue_iam_policy.py +6 -6
  206. pulumi_gcp/cloudtasks/queue.py +18 -12
  207. pulumi_gcp/cloudtasks/queue_iam_binding.py +18 -12
  208. pulumi_gcp/cloudtasks/queue_iam_member.py +18 -12
  209. pulumi_gcp/cloudtasks/queue_iam_policy.py +18 -12
  210. pulumi_gcp/composer/get_environment.py +22 -0
  211. pulumi_gcp/composer/get_image_versions.py +2 -0
  212. pulumi_gcp/compute/address.py +32 -18
  213. pulumi_gcp/compute/attached_disk.py +8 -6
  214. pulumi_gcp/compute/autoscaler.py +34 -28
  215. pulumi_gcp/compute/backend_bucket.py +42 -16
  216. pulumi_gcp/compute/backend_bucket_signed_url_key.py +16 -8
  217. pulumi_gcp/compute/backend_service.py +350 -34
  218. pulumi_gcp/compute/backend_service_signed_url_key.py +98 -0
  219. pulumi_gcp/compute/disk.py +26 -18
  220. pulumi_gcp/compute/disk_async_replication.py +4 -0
  221. pulumi_gcp/compute/disk_iam_binding.py +18 -12
  222. pulumi_gcp/compute/disk_iam_member.py +18 -12
  223. pulumi_gcp/compute/disk_iam_policy.py +18 -12
  224. pulumi_gcp/compute/disk_resource_policy_attachment.py +12 -6
  225. pulumi_gcp/compute/external_vpn_gateway.py +40 -16
  226. pulumi_gcp/compute/firewall.py +16 -12
  227. pulumi_gcp/compute/firewall_policy.py +4 -4
  228. pulumi_gcp/compute/firewall_policy_association.py +10 -8
  229. pulumi_gcp/compute/firewall_policy_rule.py +4 -2
  230. pulumi_gcp/compute/forwarding_rule.py +1840 -22
  231. pulumi_gcp/compute/get_address.py +6 -2
  232. pulumi_gcp/compute/get_addresses.py +6 -2
  233. pulumi_gcp/compute/get_backend_service.py +32 -0
  234. pulumi_gcp/compute/get_disk.py +0 -2
  235. pulumi_gcp/compute/get_disk_iam_policy.py +6 -6
  236. pulumi_gcp/compute/get_global_address.py +6 -2
  237. pulumi_gcp/compute/get_image.py +0 -2
  238. pulumi_gcp/compute/get_image_iam_policy.py +4 -4
  239. pulumi_gcp/compute/get_instance_iam_policy.py +6 -6
  240. pulumi_gcp/compute/get_instance_serial_port.py +10 -8
  241. pulumi_gcp/compute/get_instance_template.py +0 -22
  242. pulumi_gcp/compute/get_lbip_ranges.py +4 -2
  243. pulumi_gcp/compute/get_machine_types.py +100 -0
  244. pulumi_gcp/compute/get_netblock_ip_ranges.py +4 -2
  245. pulumi_gcp/compute/get_network_peering.py +16 -4
  246. pulumi_gcp/compute/get_node_types.py +4 -2
  247. pulumi_gcp/compute/get_region_disk_iam_policy.py +6 -6
  248. pulumi_gcp/compute/get_region_instance_template.py +4 -0
  249. pulumi_gcp/compute/get_regions.py +2 -0
  250. pulumi_gcp/compute/get_snapshot.py +4 -0
  251. pulumi_gcp/compute/get_snapshot_iam_policy.py +4 -4
  252. pulumi_gcp/compute/get_subnetwork_iam_policy.py +6 -6
  253. pulumi_gcp/compute/global_address.py +12 -10
  254. pulumi_gcp/compute/global_forwarding_rule.py +1574 -56
  255. pulumi_gcp/compute/global_network_endpoint.py +2 -0
  256. pulumi_gcp/compute/global_network_endpoint_group.py +8 -4
  257. pulumi_gcp/compute/ha_vpn_gateway.py +38 -10
  258. pulumi_gcp/compute/health_check.py +114 -90
  259. pulumi_gcp/compute/http_health_check.py +6 -4
  260. pulumi_gcp/compute/https_health_check.py +6 -4
  261. pulumi_gcp/compute/image.py +22 -14
  262. pulumi_gcp/compute/image_iam_binding.py +24 -24
  263. pulumi_gcp/compute/image_iam_member.py +24 -24
  264. pulumi_gcp/compute/image_iam_policy.py +24 -24
  265. pulumi_gcp/compute/instance.py +16 -14
  266. pulumi_gcp/compute/instance_from_machine_image.py +4 -4
  267. pulumi_gcp/compute/instance_from_template.py +10 -6
  268. pulumi_gcp/compute/instance_group.py +108 -6
  269. pulumi_gcp/compute/instance_group_manager.py +16 -12
  270. pulumi_gcp/compute/instance_group_membership.py +6 -4
  271. pulumi_gcp/compute/instance_group_named_port.py +22 -10
  272. pulumi_gcp/compute/instance_iam_binding.py +36 -36
  273. pulumi_gcp/compute/instance_iam_member.py +36 -36
  274. pulumi_gcp/compute/instance_iam_policy.py +36 -36
  275. pulumi_gcp/compute/instance_settings.py +4 -6
  276. pulumi_gcp/compute/instance_template.py +150 -12
  277. pulumi_gcp/compute/interconnect_attachment.py +28 -10
  278. pulumi_gcp/compute/machine_image.py +30 -24
  279. pulumi_gcp/compute/machine_image_iam_binding.py +36 -48
  280. pulumi_gcp/compute/machine_image_iam_member.py +36 -48
  281. pulumi_gcp/compute/machine_image_iam_policy.py +36 -48
  282. pulumi_gcp/compute/managed_ssl_certificate.py +212 -0
  283. pulumi_gcp/compute/manged_ssl_certificate.py +212 -0
  284. pulumi_gcp/compute/network.py +18 -14
  285. pulumi_gcp/compute/network_attachment.py +60 -52
  286. pulumi_gcp/compute/network_edge_security_service.py +4 -4
  287. pulumi_gcp/compute/network_endpoint.py +32 -22
  288. pulumi_gcp/compute/network_endpoint_group.py +20 -10
  289. pulumi_gcp/compute/network_endpoint_list.py +44 -32
  290. pulumi_gcp/compute/network_firewall_policy.py +6 -2
  291. pulumi_gcp/compute/network_firewall_policy_association.py +8 -4
  292. pulumi_gcp/compute/network_firewall_policy_rule.py +14 -10
  293. pulumi_gcp/compute/network_peering.py +16 -4
  294. pulumi_gcp/compute/network_peering_routes_config.py +38 -18
  295. pulumi_gcp/compute/node_group.py +28 -10
  296. pulumi_gcp/compute/node_template.py +12 -8
  297. pulumi_gcp/compute/organization_security_policy.py +2 -4
  298. pulumi_gcp/compute/organization_security_policy_association.py +22 -28
  299. pulumi_gcp/compute/organization_security_policy_rule.py +10 -14
  300. pulumi_gcp/compute/packet_mirroring.py +128 -0
  301. pulumi_gcp/compute/per_instance_config.py +16 -8
  302. pulumi_gcp/compute/project_metadata.py +6 -8
  303. pulumi_gcp/compute/public_advertised_prefix.py +2 -0
  304. pulumi_gcp/compute/public_delegated_prefix.py +4 -0
  305. pulumi_gcp/compute/region_autoscaler.py +14 -8
  306. pulumi_gcp/compute/region_backend_service.py +462 -2
  307. pulumi_gcp/compute/region_commitment.py +20 -16
  308. pulumi_gcp/compute/region_disk.py +20 -8
  309. pulumi_gcp/compute/region_disk_iam_binding.py +18 -12
  310. pulumi_gcp/compute/region_disk_iam_member.py +18 -12
  311. pulumi_gcp/compute/region_disk_iam_policy.py +18 -12
  312. pulumi_gcp/compute/region_disk_resource_policy_attachment.py +16 -6
  313. pulumi_gcp/compute/region_health_check.py +114 -90
  314. pulumi_gcp/compute/region_instance_group_manager.py +14 -8
  315. pulumi_gcp/compute/region_network_endpoint.py +16 -4
  316. pulumi_gcp/compute/region_network_endpoint_group.py +166 -32
  317. pulumi_gcp/compute/region_network_firewall_policy.py +6 -2
  318. pulumi_gcp/compute/region_network_firewall_policy_association.py +8 -4
  319. pulumi_gcp/compute/region_network_firewall_policy_rule.py +14 -10
  320. pulumi_gcp/compute/region_per_instance_config.py +12 -4
  321. pulumi_gcp/compute/region_security_policy.py +12 -12
  322. pulumi_gcp/compute/region_security_policy_rule.py +38 -48
  323. pulumi_gcp/compute/region_ssl_certificate.py +138 -32
  324. pulumi_gcp/compute/region_target_http_proxy.py +88 -4
  325. pulumi_gcp/compute/region_target_https_proxy.py +96 -0
  326. pulumi_gcp/compute/region_target_tcp_proxy.py +52 -0
  327. pulumi_gcp/compute/region_url_map.py +1038 -0
  328. pulumi_gcp/compute/reservation.py +10 -8
  329. pulumi_gcp/compute/resource_policy.py +60 -48
  330. pulumi_gcp/compute/route.py +206 -4
  331. pulumi_gcp/compute/router.py +18 -6
  332. pulumi_gcp/compute/router_interface.py +6 -4
  333. pulumi_gcp/compute/router_nat.py +82 -42
  334. pulumi_gcp/compute/router_peer.py +72 -42
  335. pulumi_gcp/compute/security_policy.py +120 -108
  336. pulumi_gcp/compute/security_scan_config.py +4 -6
  337. pulumi_gcp/compute/service_attachment.py +376 -0
  338. pulumi_gcp/compute/snapshot.py +8 -0
  339. pulumi_gcp/compute/snapshot_iam_binding.py +12 -6
  340. pulumi_gcp/compute/snapshot_iam_member.py +12 -6
  341. pulumi_gcp/compute/snapshot_iam_policy.py +12 -6
  342. pulumi_gcp/compute/ssl_certificate.py +118 -30
  343. pulumi_gcp/compute/ssl_policy.py +20 -12
  344. pulumi_gcp/compute/subnetwork.py +58 -30
  345. pulumi_gcp/compute/subnetwork_iam_binding.py +36 -36
  346. pulumi_gcp/compute/subnetwork_iam_member.py +36 -36
  347. pulumi_gcp/compute/subnetwork_iam_policy.py +36 -36
  348. pulumi_gcp/compute/target_grpc_proxy.py +176 -0
  349. pulumi_gcp/compute/target_http_proxy.py +166 -10
  350. pulumi_gcp/compute/target_https_proxy.py +336 -14
  351. pulumi_gcp/compute/target_instance.py +22 -16
  352. pulumi_gcp/compute/target_pool.py +40 -0
  353. pulumi_gcp/compute/target_ssl_proxy.py +54 -0
  354. pulumi_gcp/compute/target_tcp_proxy.py +44 -0
  355. pulumi_gcp/compute/url_map.py +1146 -0
  356. pulumi_gcp/compute/vpn_gateway.py +28 -24
  357. pulumi_gcp/compute/vpn_tunnel.py +40 -36
  358. pulumi_gcp/container/_inputs.py +0 -188
  359. pulumi_gcp/container/attached_cluster.py +124 -0
  360. pulumi_gcp/container/aws_cluster.py +46 -42
  361. pulumi_gcp/container/aws_node_pool.py +34 -26
  362. pulumi_gcp/container/azure_client.py +6 -4
  363. pulumi_gcp/container/azure_cluster.py +30 -26
  364. pulumi_gcp/container/azure_node_pool.py +12 -6
  365. pulumi_gcp/container/cluster.py +62 -6
  366. pulumi_gcp/container/get_attached_versions.py +2 -2
  367. pulumi_gcp/container/get_aws_versions.py +2 -2
  368. pulumi_gcp/container/get_azure_versions.py +2 -2
  369. pulumi_gcp/container/get_engine_versions.py +2 -0
  370. pulumi_gcp/container/node_pool.py +68 -2
  371. pulumi_gcp/container/outputs.py +0 -188
  372. pulumi_gcp/container/registry.py +4 -4
  373. pulumi_gcp/containeranalysis/get_note_iam_policy.py +4 -4
  374. pulumi_gcp/containeranalysis/note.py +32 -26
  375. pulumi_gcp/containeranalysis/note_iam_binding.py +12 -12
  376. pulumi_gcp/containeranalysis/note_iam_member.py +12 -12
  377. pulumi_gcp/containeranalysis/note_iam_policy.py +12 -12
  378. pulumi_gcp/databasemigrationservice/connection_profile.py +40 -46
  379. pulumi_gcp/databasemigrationservice/private_connection.py +6 -6
  380. pulumi_gcp/datacatalog/entry.py +12 -12
  381. pulumi_gcp/datacatalog/entry_group.py +8 -8
  382. pulumi_gcp/datacatalog/entry_group_iam_binding.py +6 -6
  383. pulumi_gcp/datacatalog/entry_group_iam_member.py +6 -6
  384. pulumi_gcp/datacatalog/entry_group_iam_policy.py +6 -6
  385. pulumi_gcp/datacatalog/get_entry_group_iam_policy.py +2 -2
  386. pulumi_gcp/datacatalog/get_policy_tag_iam_policy.py +2 -2
  387. pulumi_gcp/datacatalog/get_tag_template_iam_policy.py +2 -2
  388. pulumi_gcp/datacatalog/get_taxonomy_iam_policy.py +2 -2
  389. pulumi_gcp/datacatalog/policy_tag.py +14 -16
  390. pulumi_gcp/datacatalog/policy_tag_iam_binding.py +6 -6
  391. pulumi_gcp/datacatalog/policy_tag_iam_member.py +6 -6
  392. pulumi_gcp/datacatalog/policy_tag_iam_policy.py +6 -6
  393. pulumi_gcp/datacatalog/tag.py +22 -22
  394. pulumi_gcp/datacatalog/tag_template.py +16 -16
  395. pulumi_gcp/datacatalog/tag_template_iam_binding.py +6 -6
  396. pulumi_gcp/datacatalog/tag_template_iam_member.py +6 -6
  397. pulumi_gcp/datacatalog/tag_template_iam_policy.py +6 -6
  398. pulumi_gcp/datacatalog/taxonomy.py +6 -6
  399. pulumi_gcp/datacatalog/taxonomy_iam_binding.py +6 -6
  400. pulumi_gcp/datacatalog/taxonomy_iam_member.py +6 -6
  401. pulumi_gcp/datacatalog/taxonomy_iam_policy.py +6 -6
  402. pulumi_gcp/dataflow/flex_template_job.py +18 -18
  403. pulumi_gcp/dataflow/job.py +34 -26
  404. pulumi_gcp/dataflow/pipeline.py +4 -2
  405. pulumi_gcp/dataform/repository.py +28 -36
  406. pulumi_gcp/dataform/repository_release_config.py +16 -20
  407. pulumi_gcp/dataform/repository_workflow_config.py +26 -32
  408. pulumi_gcp/datafusion/get_instance_iam_policy.py +6 -6
  409. pulumi_gcp/datafusion/instance.py +60 -40
  410. pulumi_gcp/dataloss/prevention_deidentify_template.py +206 -10
  411. pulumi_gcp/dataloss/prevention_inspect_template.py +270 -42
  412. pulumi_gcp/dataloss/prevention_job_trigger.py +368 -192
  413. pulumi_gcp/dataloss/prevention_stored_info_type.py +24 -20
  414. pulumi_gcp/dataplex/asset.py +16 -10
  415. pulumi_gcp/dataplex/asset_iam_binding.py +30 -30
  416. pulumi_gcp/dataplex/asset_iam_member.py +30 -30
  417. pulumi_gcp/dataplex/asset_iam_policy.py +30 -30
  418. pulumi_gcp/dataplex/datascan.py +90 -92
  419. pulumi_gcp/dataplex/datascan_iam_binding.py +18 -18
  420. pulumi_gcp/dataplex/datascan_iam_member.py +18 -18
  421. pulumi_gcp/dataplex/datascan_iam_policy.py +18 -18
  422. pulumi_gcp/dataplex/get_asset_iam_policy.py +10 -10
  423. pulumi_gcp/dataplex/get_datascan_iam_policy.py +6 -6
  424. pulumi_gcp/dataplex/get_lake_iam_policy.py +6 -6
  425. pulumi_gcp/dataplex/get_task_iam_policy.py +8 -8
  426. pulumi_gcp/dataplex/get_zone_iam_policy.py +8 -8
  427. pulumi_gcp/dataplex/lake.py +8 -6
  428. pulumi_gcp/dataplex/lake_iam_binding.py +18 -18
  429. pulumi_gcp/dataplex/lake_iam_member.py +18 -18
  430. pulumi_gcp/dataplex/lake_iam_policy.py +18 -18
  431. pulumi_gcp/dataplex/task_iam_binding.py +24 -24
  432. pulumi_gcp/dataplex/task_iam_member.py +24 -24
  433. pulumi_gcp/dataplex/task_iam_policy.py +24 -24
  434. pulumi_gcp/dataplex/zone.py +4 -0
  435. pulumi_gcp/dataplex/zone_iam_binding.py +24 -24
  436. pulumi_gcp/dataplex/zone_iam_member.py +24 -24
  437. pulumi_gcp/dataplex/zone_iam_policy.py +24 -24
  438. pulumi_gcp/dataproc/autoscaling_policy.py +2 -0
  439. pulumi_gcp/dataproc/autoscaling_policy_iam_binding.py +18 -18
  440. pulumi_gcp/dataproc/autoscaling_policy_iam_member.py +18 -18
  441. pulumi_gcp/dataproc/autoscaling_policy_iam_policy.py +18 -18
  442. pulumi_gcp/dataproc/cluster.py +18 -10
  443. pulumi_gcp/dataproc/cluster_iam_binding.py +8 -8
  444. pulumi_gcp/dataproc/cluster_iam_member.py +8 -8
  445. pulumi_gcp/dataproc/cluster_iam_policy.py +8 -8
  446. pulumi_gcp/dataproc/get_autoscaling_policy_iam_policy.py +6 -6
  447. pulumi_gcp/dataproc/get_cluster_iam_policy.py +2 -2
  448. pulumi_gcp/dataproc/get_job_iam_policy.py +2 -2
  449. pulumi_gcp/dataproc/get_metastore_service.py +4 -4
  450. pulumi_gcp/dataproc/get_metastore_service_iam_policy.py +6 -6
  451. pulumi_gcp/dataproc/job.py +6 -2
  452. pulumi_gcp/dataproc/job_iam_binding.py +8 -8
  453. pulumi_gcp/dataproc/job_iam_member.py +8 -8
  454. pulumi_gcp/dataproc/job_iam_policy.py +8 -8
  455. pulumi_gcp/dataproc/metastore_federation.py +16 -24
  456. pulumi_gcp/dataproc/metastore_service.py +64 -56
  457. pulumi_gcp/dataproc/metastore_service_iam_binding.py +18 -18
  458. pulumi_gcp/dataproc/metastore_service_iam_member.py +18 -18
  459. pulumi_gcp/dataproc/metastore_service_iam_policy.py +18 -18
  460. pulumi_gcp/dataproc/workflow_template.py +58 -56
  461. pulumi_gcp/datastore/data_store_index.py +4 -4
  462. pulumi_gcp/datastream/connection_profile.py +52 -36
  463. pulumi_gcp/datastream/private_connection.py +4 -4
  464. pulumi_gcp/datastream/stream.py +52 -30
  465. pulumi_gcp/deploymentmanager/deployment.py +6 -2
  466. pulumi_gcp/diagflow/agent.py +20 -20
  467. pulumi_gcp/diagflow/cx_agent.py +4 -2
  468. pulumi_gcp/diagflow/cx_entity_type.py +2 -2
  469. pulumi_gcp/diagflow/cx_environment.py +2 -2
  470. pulumi_gcp/diagflow/cx_flow.py +6 -4
  471. pulumi_gcp/diagflow/cx_intent.py +2 -2
  472. pulumi_gcp/diagflow/cx_page.py +6 -6
  473. pulumi_gcp/diagflow/cx_security_settings.py +6 -4
  474. pulumi_gcp/diagflow/cx_test_case.py +6 -6
  475. pulumi_gcp/diagflow/cx_version.py +2 -2
  476. pulumi_gcp/diagflow/cx_webhook.py +2 -2
  477. pulumi_gcp/diagflow/entity_type.py +6 -8
  478. pulumi_gcp/diagflow/fulfillment.py +6 -8
  479. pulumi_gcp/diagflow/intent.py +32 -30
  480. pulumi_gcp/discoveryengine/chat_engine.py +4 -4
  481. pulumi_gcp/discoveryengine/data_store.py +8 -8
  482. pulumi_gcp/discoveryengine/search_engine.py +8 -8
  483. pulumi_gcp/dns/dns_managed_zone_iam_binding.py +12 -12
  484. pulumi_gcp/dns/dns_managed_zone_iam_member.py +12 -12
  485. pulumi_gcp/dns/dns_managed_zone_iam_policy.py +12 -12
  486. pulumi_gcp/dns/get_keys.py +2 -0
  487. pulumi_gcp/dns/get_managed_zone_iam_policy.py +4 -4
  488. pulumi_gcp/dns/managed_zone.py +82 -38
  489. pulumi_gcp/dns/policy.py +14 -4
  490. pulumi_gcp/dns/record_set.py +76 -44
  491. pulumi_gcp/dns/response_policy.py +16 -4
  492. pulumi_gcp/dns/response_policy_rule.py +12 -4
  493. pulumi_gcp/edgecontainer/cluster.py +54 -48
  494. pulumi_gcp/edgecontainer/node_pool.py +34 -16
  495. pulumi_gcp/edgecontainer/vpn_connection.py +12 -8
  496. pulumi_gcp/edgenetwork/network.py +2 -2
  497. pulumi_gcp/edgenetwork/subnet.py +8 -8
  498. pulumi_gcp/endpoints/get_service_iam_policy.py +2 -2
  499. pulumi_gcp/endpoints/service.py +12 -12
  500. pulumi_gcp/endpoints/service_iam_binding.py +6 -6
  501. pulumi_gcp/endpoints/service_iam_member.py +6 -6
  502. pulumi_gcp/endpoints/service_iam_policy.py +6 -6
  503. pulumi_gcp/essentialcontacts/document_ai_processor.py +2 -2
  504. pulumi_gcp/essentialcontacts/document_ai_processor_default_version.py +8 -8
  505. pulumi_gcp/essentialcontacts/document_ai_warehouse_document_schema.py +18 -18
  506. pulumi_gcp/eventarc/channel.py +10 -10
  507. pulumi_gcp/eventarc/google_channel_config.py +8 -8
  508. pulumi_gcp/eventarc/trigger.py +6 -2
  509. pulumi_gcp/filestore/backup.py +4 -0
  510. pulumi_gcp/filestore/instance.py +44 -30
  511. pulumi_gcp/filestore/snapshot.py +8 -0
  512. pulumi_gcp/firebase/_inputs.py +0 -6
  513. pulumi_gcp/firebase/android_app.py +8 -12
  514. pulumi_gcp/firebase/app_check_debug_token.py +38 -0
  515. pulumi_gcp/firebase/app_check_service_config.py +6 -12
  516. pulumi_gcp/firebase/apple_app.py +8 -12
  517. pulumi_gcp/firebase/database_instance.py +26 -36
  518. pulumi_gcp/firebase/extensions_instance.py +8 -10
  519. pulumi_gcp/firebase/hosting_channel.py +14 -22
  520. pulumi_gcp/firebase/hosting_custom_domain.py +40 -54
  521. pulumi_gcp/firebase/hosting_release.py +48 -66
  522. pulumi_gcp/firebase/hosting_site.py +6 -12
  523. pulumi_gcp/firebase/hosting_version.py +66 -86
  524. pulumi_gcp/firebase/outputs.py +0 -6
  525. pulumi_gcp/firebase/project.py +10 -10
  526. pulumi_gcp/firebase/storage_bucket.py +10 -12
  527. pulumi_gcp/firebase/web_app.py +46 -40
  528. pulumi_gcp/firebaserules/release.py +20 -24
  529. pulumi_gcp/firebaserules/ruleset.py +10 -10
  530. pulumi_gcp/firestore/backup_schedule.py +4 -0
  531. pulumi_gcp/firestore/database.py +40 -32
  532. pulumi_gcp/firestore/document.py +132 -0
  533. pulumi_gcp/firestore/field.py +2 -0
  534. pulumi_gcp/firestore/index.py +94 -10
  535. pulumi_gcp/folder/access_approval_settings.py +26 -18
  536. pulumi_gcp/folder/get_iam_policy.py +2 -2
  537. pulumi_gcp/folder/iam_audit_config.py +42 -42
  538. pulumi_gcp/folder/iam_member.py +42 -42
  539. pulumi_gcp/folder/iam_policy.py +42 -42
  540. pulumi_gcp/folder/organization_policy.py +22 -22
  541. pulumi_gcp/gkebackup/backup_plan.py +28 -4
  542. pulumi_gcp/gkebackup/backup_plan_iam_binding.py +18 -12
  543. pulumi_gcp/gkebackup/backup_plan_iam_member.py +18 -12
  544. pulumi_gcp/gkebackup/backup_plan_iam_policy.py +18 -12
  545. pulumi_gcp/gkebackup/get_backup_plan_iam_policy.py +6 -6
  546. pulumi_gcp/gkebackup/get_restore_plan_iam_policy.py +6 -6
  547. pulumi_gcp/gkebackup/restore_plan.py +48 -12
  548. pulumi_gcp/gkebackup/restore_plan_iam_binding.py +48 -12
  549. pulumi_gcp/gkebackup/restore_plan_iam_member.py +48 -12
  550. pulumi_gcp/gkebackup/restore_plan_iam_policy.py +48 -12
  551. pulumi_gcp/gkehub/feature.py +200 -38
  552. pulumi_gcp/gkehub/feature_iam_binding.py +18 -12
  553. pulumi_gcp/gkehub/feature_iam_member.py +18 -12
  554. pulumi_gcp/gkehub/feature_iam_policy.py +18 -12
  555. pulumi_gcp/gkehub/feature_membership.py +54 -22
  556. pulumi_gcp/gkehub/fleet.py +4 -4
  557. pulumi_gcp/gkehub/get_feature_iam_policy.py +6 -6
  558. pulumi_gcp/gkehub/get_membership_iam_policy.py +6 -6
  559. pulumi_gcp/gkehub/get_scope_iam_policy.py +4 -4
  560. pulumi_gcp/gkehub/membership.py +24 -18
  561. pulumi_gcp/gkehub/membership_iam_binding.py +18 -18
  562. pulumi_gcp/gkehub/membership_iam_member.py +18 -18
  563. pulumi_gcp/gkehub/membership_iam_policy.py +18 -18
  564. pulumi_gcp/gkehub/scope.py +6 -6
  565. pulumi_gcp/gkehub/scope_iam_binding.py +12 -12
  566. pulumi_gcp/gkehub/scope_iam_member.py +12 -12
  567. pulumi_gcp/gkehub/scope_iam_policy.py +12 -12
  568. pulumi_gcp/gkeonprem/bare_metal_admin_cluster.py +126 -122
  569. pulumi_gcp/gkeonprem/bare_metal_cluster.py +242 -236
  570. pulumi_gcp/gkeonprem/bare_metal_node_pool.py +8 -0
  571. pulumi_gcp/gkeonprem/v_mware_cluster.py +242 -236
  572. pulumi_gcp/gkeonprem/v_mware_node_pool.py +4 -180
  573. pulumi_gcp/healthcare/consent_store.py +32 -10
  574. pulumi_gcp/healthcare/consent_store_iam_binding.py +12 -12
  575. pulumi_gcp/healthcare/consent_store_iam_member.py +12 -12
  576. pulumi_gcp/healthcare/consent_store_iam_policy.py +12 -12
  577. pulumi_gcp/healthcare/dataset.py +2 -0
  578. pulumi_gcp/healthcare/dataset_iam_binding.py +8 -8
  579. pulumi_gcp/healthcare/dataset_iam_member.py +8 -8
  580. pulumi_gcp/healthcare/dataset_iam_policy.py +8 -8
  581. pulumi_gcp/healthcare/dicom_store.py +30 -26
  582. pulumi_gcp/healthcare/dicom_store_iam_binding.py +14 -14
  583. pulumi_gcp/healthcare/dicom_store_iam_member.py +14 -14
  584. pulumi_gcp/healthcare/dicom_store_iam_policy.py +14 -14
  585. pulumi_gcp/healthcare/fhir_store.py +44 -24
  586. pulumi_gcp/healthcare/fhir_store_iam_binding.py +14 -14
  587. pulumi_gcp/healthcare/fhir_store_iam_member.py +14 -14
  588. pulumi_gcp/healthcare/fhir_store_iam_policy.py +14 -14
  589. pulumi_gcp/healthcare/get_consent_store_iam_policy.py +4 -4
  590. pulumi_gcp/healthcare/get_dataset_iam_policy.py +2 -2
  591. pulumi_gcp/healthcare/get_dicom_store_iam_policy.py +2 -2
  592. pulumi_gcp/healthcare/get_fhir_store_iam_policy.py +2 -2
  593. pulumi_gcp/healthcare/get_hl7_v2_store_iam_policy.py +2 -2
  594. pulumi_gcp/healthcare/hl7_store.py +30 -20
  595. pulumi_gcp/healthcare/hl7_store_iam_binding.py +14 -14
  596. pulumi_gcp/healthcare/hl7_store_iam_member.py +14 -14
  597. pulumi_gcp/healthcare/hl7_store_iam_policy.py +14 -14
  598. pulumi_gcp/iam/_inputs.py +0 -18
  599. pulumi_gcp/iam/access_boundary_policy.py +100 -0
  600. pulumi_gcp/iam/deny_policy.py +92 -0
  601. pulumi_gcp/iam/outputs.py +0 -18
  602. pulumi_gcp/iam/workforce_pool.py +20 -20
  603. pulumi_gcp/iam/workforce_pool_provider.py +0 -21
  604. pulumi_gcp/iam/workload_identity_pool.py +6 -6
  605. pulumi_gcp/iam/workload_identity_pool_provider.py +8 -46
  606. pulumi_gcp/iap/app_engine_service_iam_binding.py +56 -56
  607. pulumi_gcp/iap/app_engine_service_iam_member.py +56 -56
  608. pulumi_gcp/iap/app_engine_service_iam_policy.py +56 -56
  609. pulumi_gcp/iap/app_engine_version_iam_binding.py +68 -68
  610. pulumi_gcp/iap/app_engine_version_iam_member.py +68 -68
  611. pulumi_gcp/iap/app_engine_version_iam_policy.py +68 -68
  612. pulumi_gcp/iap/brand.py +12 -6
  613. pulumi_gcp/iap/client.py +14 -8
  614. pulumi_gcp/iap/get_app_engine_service_iam_policy.py +6 -6
  615. pulumi_gcp/iap/get_app_engine_version_iam_policy.py +8 -8
  616. pulumi_gcp/iap/get_client.py +2 -2
  617. pulumi_gcp/iap/get_tunnel_iam_policy.py +2 -2
  618. pulumi_gcp/iap/get_tunnel_instance_iam_policy.py +6 -6
  619. pulumi_gcp/iap/get_web_backend_service_iam_policy.py +4 -4
  620. pulumi_gcp/iap/get_web_iam_policy.py +2 -2
  621. pulumi_gcp/iap/get_web_region_backend_service_iam_policy.py +6 -6
  622. pulumi_gcp/iap/get_web_type_app_engine_iam_policy.py +4 -4
  623. pulumi_gcp/iap/get_web_type_compute_iam_policy.py +2 -2
  624. pulumi_gcp/iap/tunnel_iam_binding.py +12 -12
  625. pulumi_gcp/iap/tunnel_iam_member.py +12 -12
  626. pulumi_gcp/iap/tunnel_iam_policy.py +12 -12
  627. pulumi_gcp/iap/tunnel_instance_iam_binding.py +36 -36
  628. pulumi_gcp/iap/tunnel_instance_iam_member.py +36 -36
  629. pulumi_gcp/iap/tunnel_instance_iam_policy.py +36 -36
  630. pulumi_gcp/iap/web_backend_service_iam_binding.py +24 -24
  631. pulumi_gcp/iap/web_backend_service_iam_member.py +24 -24
  632. pulumi_gcp/iap/web_backend_service_iam_policy.py +24 -24
  633. pulumi_gcp/iap/web_iam_binding.py +12 -12
  634. pulumi_gcp/iap/web_iam_member.py +12 -12
  635. pulumi_gcp/iap/web_iam_policy.py +12 -12
  636. pulumi_gcp/iap/web_region_backend_service_iam_binding.py +36 -36
  637. pulumi_gcp/iap/web_region_backend_service_iam_member.py +36 -36
  638. pulumi_gcp/iap/web_region_backend_service_iam_policy.py +36 -36
  639. pulumi_gcp/iap/web_type_app_enging_iam_binding.py +24 -24
  640. pulumi_gcp/iap/web_type_app_enging_iam_member.py +24 -24
  641. pulumi_gcp/iap/web_type_app_enging_iam_policy.py +24 -24
  642. pulumi_gcp/iap/web_type_compute_iam_binding.py +12 -12
  643. pulumi_gcp/iap/web_type_compute_iam_member.py +12 -12
  644. pulumi_gcp/iap/web_type_compute_iam_policy.py +12 -12
  645. pulumi_gcp/identityplatform/config.py +12 -8
  646. pulumi_gcp/identityplatform/default_supported_idp_config.py +8 -8
  647. pulumi_gcp/identityplatform/inbound_saml_config.py +8 -4
  648. pulumi_gcp/identityplatform/oauth_idp_config.py +10 -8
  649. pulumi_gcp/identityplatform/tenant.py +4 -4
  650. pulumi_gcp/identityplatform/tenant_default_supported_idp_config.py +2 -2
  651. pulumi_gcp/identityplatform/tenant_inbound_saml_config.py +8 -4
  652. pulumi_gcp/identityplatform/tenant_oauth_idp_config.py +4 -2
  653. pulumi_gcp/integrationconnectors/connection.py +16 -14
  654. pulumi_gcp/integrationconnectors/endpoint_attachment.py +8 -6
  655. pulumi_gcp/kms/crypto_key.py +16 -4
  656. pulumi_gcp/kms/crypto_key_iam_binding.py +32 -26
  657. pulumi_gcp/kms/crypto_key_iam_member.py +32 -26
  658. pulumi_gcp/kms/crypto_key_iam_policy.py +32 -26
  659. pulumi_gcp/kms/crypto_key_version.py +8 -2
  660. pulumi_gcp/kms/get_crypto_key_iam_policy.py +2 -2
  661. pulumi_gcp/kms/get_kms_crypto_key_version.py +2 -2
  662. pulumi_gcp/kms/get_kms_key_ring.py +4 -4
  663. pulumi_gcp/kms/key_ring.py +6 -2
  664. pulumi_gcp/kms/key_ring_iam_binding.py +52 -44
  665. pulumi_gcp/kms/key_ring_iam_member.py +52 -44
  666. pulumi_gcp/kms/key_ring_iam_policy.py +52 -44
  667. pulumi_gcp/kms/secret_ciphertext.py +20 -12
  668. pulumi_gcp/logging/billing_account_exclusion.py +2 -0
  669. pulumi_gcp/logging/billing_account_sink.py +8 -2
  670. pulumi_gcp/logging/folder_exclusion.py +2 -0
  671. pulumi_gcp/logging/folder_settings.py +12 -14
  672. pulumi_gcp/logging/folder_sink.py +8 -2
  673. pulumi_gcp/logging/linked_dataset.py +22 -24
  674. pulumi_gcp/logging/log_view.py +8 -6
  675. pulumi_gcp/logging/metric.py +78 -68
  676. pulumi_gcp/logging/organization_exclusion.py +6 -4
  677. pulumi_gcp/logging/organization_settings.py +10 -12
  678. pulumi_gcp/logging/organization_sink.py +8 -2
  679. pulumi_gcp/logging/project_bucket_config.py +178 -0
  680. pulumi_gcp/logging/project_exclusion.py +2 -0
  681. pulumi_gcp/looker/instance.py +76 -70
  682. pulumi_gcp/memcache/instance.py +10 -6
  683. pulumi_gcp/migrationcenter/group.py +6 -6
  684. pulumi_gcp/ml/engine_model.py +8 -4
  685. pulumi_gcp/monitoring/alert_policy.py +58 -58
  686. pulumi_gcp/monitoring/custom_service.py +2 -2
  687. pulumi_gcp/monitoring/dashboard.py +0 -4
  688. pulumi_gcp/monitoring/generic_service.py +18 -18
  689. pulumi_gcp/monitoring/get_app_engine_service.py +10 -2
  690. pulumi_gcp/monitoring/get_cluster_istio_service.py +10 -8
  691. pulumi_gcp/monitoring/get_istio_canonical_service.py +6 -4
  692. pulumi_gcp/monitoring/get_mesh_istio_service.py +6 -4
  693. pulumi_gcp/monitoring/get_notification_channel.py +2 -2
  694. pulumi_gcp/monitoring/metric_descriptor.py +34 -34
  695. pulumi_gcp/monitoring/monitored_project.py +14 -4
  696. pulumi_gcp/monitoring/notification_channel.py +8 -8
  697. pulumi_gcp/monitoring/slo.py +238 -4
  698. pulumi_gcp/monitoring/uptime_check_config.py +106 -102
  699. pulumi_gcp/netapp/active_directory.py +4 -2
  700. pulumi_gcp/netapp/backup_policy.py +12 -10
  701. pulumi_gcp/netapp/backup_vault.py +4 -2
  702. pulumi_gcp/netapp/kmsconfig.py +14 -6
  703. pulumi_gcp/netapp/storage_pool.py +12 -8
  704. pulumi_gcp/netapp/volume.py +12 -8
  705. pulumi_gcp/netapp/volume_snapshot.py +16 -12
  706. pulumi_gcp/networkconnectivity/hub.py +6 -4
  707. pulumi_gcp/networkconnectivity/policy_based_route.py +18 -6
  708. pulumi_gcp/networkconnectivity/service_connection_policy.py +12 -4
  709. pulumi_gcp/networkconnectivity/spoke.py +28 -8
  710. pulumi_gcp/networkmanagement/connectivity_test.py +36 -22
  711. pulumi_gcp/networksecurity/address_group.py +32 -26
  712. pulumi_gcp/networksecurity/authorization_policy.py +8 -8
  713. pulumi_gcp/networksecurity/client_tls_policy.py +8 -8
  714. pulumi_gcp/networksecurity/firewall_endpoint.py +4 -4
  715. pulumi_gcp/networksecurity/gateway_security_policy.py +38 -54
  716. pulumi_gcp/networksecurity/gateway_security_policy_rule.py +20 -12
  717. pulumi_gcp/networksecurity/security_profile.py +8 -8
  718. pulumi_gcp/networksecurity/security_profile_group.py +10 -10
  719. pulumi_gcp/networksecurity/server_tls_policy.py +30 -28
  720. pulumi_gcp/networksecurity/tls_inspection_policy.py +28 -44
  721. pulumi_gcp/networksecurity/url_list.py +6 -2
  722. pulumi_gcp/networkservices/edge_cache_keyset.py +4 -0
  723. pulumi_gcp/networkservices/edge_cache_origin.py +12 -4
  724. pulumi_gcp/networkservices/edge_cache_service.py +270 -16
  725. pulumi_gcp/networkservices/endpoint_policy.py +8 -8
  726. pulumi_gcp/networkservices/gateway.py +96 -60
  727. pulumi_gcp/networkservices/grpc_route.py +12 -12
  728. pulumi_gcp/networkservices/http_route.py +26 -26
  729. pulumi_gcp/networkservices/mesh.py +8 -8
  730. pulumi_gcp/networkservices/service_binding.py +16 -20
  731. pulumi_gcp/networkservices/tcp_route.py +298 -0
  732. pulumi_gcp/networkservices/tls_route.py +214 -0
  733. pulumi_gcp/notebooks/environment.py +6 -4
  734. pulumi_gcp/notebooks/get_instance_iam_policy.py +6 -6
  735. pulumi_gcp/notebooks/get_runtime_iam_policy.py +6 -6
  736. pulumi_gcp/notebooks/instance.py +38 -28
  737. pulumi_gcp/notebooks/instance_iam_binding.py +18 -18
  738. pulumi_gcp/notebooks/instance_iam_member.py +18 -18
  739. pulumi_gcp/notebooks/instance_iam_policy.py +18 -18
  740. pulumi_gcp/notebooks/runtime.py +74 -64
  741. pulumi_gcp/notebooks/runtime_iam_binding.py +18 -18
  742. pulumi_gcp/notebooks/runtime_iam_member.py +18 -18
  743. pulumi_gcp/notebooks/runtime_iam_policy.py +18 -18
  744. pulumi_gcp/organizations/access_approval_settings.py +34 -26
  745. pulumi_gcp/organizations/get_billing_account.py +6 -2
  746. pulumi_gcp/organizations/get_folders.py +2 -2
  747. pulumi_gcp/organizations/get_iam_policy.py +0 -62
  748. pulumi_gcp/organizations/iam_audit_config.py +8 -8
  749. pulumi_gcp/organizations/iam_binding.py +4 -4
  750. pulumi_gcp/organizations/iam_custom_role.py +8 -8
  751. pulumi_gcp/organizations/iam_member.py +42 -42
  752. pulumi_gcp/organizations/iam_policy.py +42 -42
  753. pulumi_gcp/organizations/policy.py +26 -26
  754. pulumi_gcp/organizations/project.py +16 -4
  755. pulumi_gcp/orgpolicy/custom_constraint.py +14 -8
  756. pulumi_gcp/orgpolicy/policy.py +24 -60
  757. pulumi_gcp/osconfig/guest_policies.py +16 -22
  758. pulumi_gcp/osconfig/os_policy_assignment.py +42 -40
  759. pulumi_gcp/osconfig/patch_deployment.py +122 -120
  760. pulumi_gcp/oslogin/ssh_public_key.py +4 -2
  761. pulumi_gcp/projects/access_approval_settings.py +24 -22
  762. pulumi_gcp/projects/api_key.py +50 -10
  763. pulumi_gcp/projects/default_service_accounts.py +10 -10
  764. pulumi_gcp/projects/iam_audit_config.py +46 -46
  765. pulumi_gcp/projects/iam_binding.py +46 -46
  766. pulumi_gcp/projects/iam_custom_role.py +6 -6
  767. pulumi_gcp/projects/iam_member.py +46 -46
  768. pulumi_gcp/projects/iam_policy.py +46 -46
  769. pulumi_gcp/projects/organization_policy.py +26 -26
  770. pulumi_gcp/projects/service.py +4 -4
  771. pulumi_gcp/projects/service_identity.py +6 -8
  772. pulumi_gcp/projects/usage_export_bucket.py +16 -4
  773. pulumi_gcp/pubsub/get_schema_iam_policy.py +4 -4
  774. pulumi_gcp/pubsub/get_subscription_iam_policy.py +2 -2
  775. pulumi_gcp/pubsub/get_topic_iam_policy.py +4 -4
  776. pulumi_gcp/pubsub/lite_reservation.py +2 -0
  777. pulumi_gcp/pubsub/lite_subscription.py +10 -6
  778. pulumi_gcp/pubsub/lite_topic.py +10 -6
  779. pulumi_gcp/pubsub/schema.py +22 -18
  780. pulumi_gcp/pubsub/schema_iam_binding.py +12 -12
  781. pulumi_gcp/pubsub/schema_iam_member.py +12 -12
  782. pulumi_gcp/pubsub/schema_iam_policy.py +12 -12
  783. pulumi_gcp/pubsub/subscription.py +90 -96
  784. pulumi_gcp/pubsub/subscription_iam_binding.py +8 -8
  785. pulumi_gcp/pubsub/subscription_iam_member.py +8 -8
  786. pulumi_gcp/pubsub/subscription_iam_policy.py +8 -8
  787. pulumi_gcp/pubsub/topic.py +46 -24
  788. pulumi_gcp/pubsub/topic_iam_binding.py +12 -12
  789. pulumi_gcp/pubsub/topic_iam_member.py +12 -12
  790. pulumi_gcp/pubsub/topic_iam_policy.py +12 -12
  791. pulumi_gcp/recaptcha/enterprise_key.py +54 -54
  792. pulumi_gcp/redis/cluster.py +32 -24
  793. pulumi_gcp/redis/instance.py +132 -14
  794. pulumi_gcp/resourcemanager/lien.py +12 -8
  795. pulumi_gcp/runtimeconfig/config.py +6 -2
  796. pulumi_gcp/runtimeconfig/get_variable.py +4 -4
  797. pulumi_gcp/runtimeconfig/variable.py +20 -8
  798. pulumi_gcp/secretmanager/get_secret_iam_policy.py +4 -4
  799. pulumi_gcp/secretmanager/secret.py +16 -18
  800. pulumi_gcp/secretmanager/secret_iam_binding.py +12 -12
  801. pulumi_gcp/secretmanager/secret_iam_member.py +12 -12
  802. pulumi_gcp/secretmanager/secret_iam_policy.py +12 -12
  803. pulumi_gcp/secretmanager/secret_version.py +4 -4
  804. pulumi_gcp/securesourcemanager/get_instance_iam_policy.py +6 -6
  805. pulumi_gcp/securesourcemanager/instance.py +144 -14
  806. pulumi_gcp/securitycenter/get_source_iam_policy.py +2 -2
  807. pulumi_gcp/securitycenter/instance_iam_binding.py +60 -40
  808. pulumi_gcp/securitycenter/instance_iam_member.py +60 -40
  809. pulumi_gcp/securitycenter/instance_iam_policy.py +60 -40
  810. pulumi_gcp/securitycenter/mute_config.py +6 -6
  811. pulumi_gcp/securitycenter/notification_config.py +4 -4
  812. pulumi_gcp/securitycenter/organization_custom_module.py +40 -40
  813. pulumi_gcp/securitycenter/project_custom_module.py +36 -36
  814. pulumi_gcp/securitycenter/source.py +6 -6
  815. pulumi_gcp/securitycenter/source_iam_binding.py +6 -6
  816. pulumi_gcp/securitycenter/source_iam_member.py +6 -6
  817. pulumi_gcp/securitycenter/source_iam_policy.py +6 -6
  818. pulumi_gcp/securityposture/posture.py +46 -46
  819. pulumi_gcp/serviceaccount/account.py +2 -2
  820. pulumi_gcp/serviceaccount/get_account.py +34 -0
  821. pulumi_gcp/serviceaccount/get_account_access_token.py +8 -10
  822. pulumi_gcp/serviceaccount/get_account_key.py +4 -4
  823. pulumi_gcp/serviceaccount/get_iam_policy.py +2 -2
  824. pulumi_gcp/serviceaccount/key.py +46 -2
  825. pulumi_gcp/servicedirectory/endpoint.py +28 -40
  826. pulumi_gcp/servicedirectory/namespace.py +2 -4
  827. pulumi_gcp/servicedirectory/namespace_iam_binding.py +14 -12
  828. pulumi_gcp/servicedirectory/namespace_iam_member.py +14 -12
  829. pulumi_gcp/servicedirectory/namespace_iam_policy.py +14 -12
  830. pulumi_gcp/servicedirectory/service.py +10 -14
  831. pulumi_gcp/servicedirectory/service_iam_binding.py +14 -12
  832. pulumi_gcp/servicedirectory/service_iam_member.py +14 -12
  833. pulumi_gcp/servicedirectory/service_iam_policy.py +14 -12
  834. pulumi_gcp/servicenetworking/connection.py +8 -6
  835. pulumi_gcp/servicenetworking/peered_dns_domain.py +6 -4
  836. pulumi_gcp/serviceusage/consumer_quota_override.py +126 -0
  837. pulumi_gcp/sourcerepo/get_repository_iam_policy.py +4 -4
  838. pulumi_gcp/sourcerepo/repository.py +20 -16
  839. pulumi_gcp/sourcerepo/repository_iam_binding.py +12 -12
  840. pulumi_gcp/sourcerepo/repository_iam_member.py +12 -12
  841. pulumi_gcp/sourcerepo/repository_iam_policy.py +12 -12
  842. pulumi_gcp/spanner/database.py +2 -0
  843. pulumi_gcp/spanner/database_iam_binding.py +12 -12
  844. pulumi_gcp/spanner/database_iam_member.py +12 -12
  845. pulumi_gcp/spanner/database_iam_policy.py +12 -12
  846. pulumi_gcp/spanner/get_database_iam_policy.py +6 -6
  847. pulumi_gcp/spanner/get_instance_iam_policy.py +4 -4
  848. pulumi_gcp/spanner/instance.py +16 -16
  849. pulumi_gcp/spanner/instance_iam_binding.py +8 -8
  850. pulumi_gcp/spanner/instance_iam_member.py +8 -8
  851. pulumi_gcp/spanner/instance_iam_policy.py +8 -8
  852. pulumi_gcp/sql/database.py +14 -4
  853. pulumi_gcp/sql/database_instance.py +76 -26
  854. pulumi_gcp/sql/get_backup_run.py +2 -2
  855. pulumi_gcp/sql/get_ca_certs.py +32 -0
  856. pulumi_gcp/sql/get_database.py +2 -2
  857. pulumi_gcp/sql/get_databases.py +2 -2
  858. pulumi_gcp/sql/source_representation_instance.py +20 -16
  859. pulumi_gcp/sql/ssl_cert.py +6 -4
  860. pulumi_gcp/sql/user.py +154 -0
  861. pulumi_gcp/storage/bucket.py +44 -38
  862. pulumi_gcp/storage/bucket_access_control.py +8 -4
  863. pulumi_gcp/storage/bucket_acl.py +6 -2
  864. pulumi_gcp/storage/bucket_iam_binding.py +12 -12
  865. pulumi_gcp/storage/bucket_iam_member.py +12 -12
  866. pulumi_gcp/storage/bucket_iam_policy.py +12 -12
  867. pulumi_gcp/storage/bucket_object.py +14 -12
  868. pulumi_gcp/storage/default_object_access_control.py +8 -4
  869. pulumi_gcp/storage/default_object_acl.py +6 -2
  870. pulumi_gcp/storage/get_bucket_iam_policy.py +2 -2
  871. pulumi_gcp/storage/get_bucket_object.py +4 -4
  872. pulumi_gcp/storage/get_object_signed_url.py +6 -4
  873. pulumi_gcp/storage/get_project_service_account.py +6 -6
  874. pulumi_gcp/storage/hmac_key.py +2 -2
  875. pulumi_gcp/storage/insights_report_config.py +14 -14
  876. pulumi_gcp/storage/notification.py +20 -18
  877. pulumi_gcp/storage/object_access_control.py +10 -4
  878. pulumi_gcp/storage/object_acl.py +8 -2
  879. pulumi_gcp/storage/transfer_agent_pool.py +6 -6
  880. pulumi_gcp/storage/transfer_job.py +30 -38
  881. pulumi_gcp/tags/get_tag_key_iam_policy.py +2 -2
  882. pulumi_gcp/tags/get_tag_value_iam_policy.py +2 -2
  883. pulumi_gcp/tags/location_tag_binding.py +44 -32
  884. pulumi_gcp/tags/tag_binding.py +16 -10
  885. pulumi_gcp/tags/tag_key.py +4 -4
  886. pulumi_gcp/tags/tag_key_iam_binding.py +6 -6
  887. pulumi_gcp/tags/tag_key_iam_member.py +6 -6
  888. pulumi_gcp/tags/tag_key_iam_policy.py +6 -6
  889. pulumi_gcp/tags/tag_value.py +8 -8
  890. pulumi_gcp/tags/tag_value_iam_binding.py +6 -6
  891. pulumi_gcp/tags/tag_value_iam_member.py +6 -6
  892. pulumi_gcp/tags/tag_value_iam_policy.py +6 -6
  893. pulumi_gcp/tpu/get_tensorflow_versions.py +2 -0
  894. pulumi_gcp/tpu/get_v2_accelerator_types.py +10 -8
  895. pulumi_gcp/tpu/get_v2_runtime_versions.py +2 -0
  896. pulumi_gcp/tpu/node.py +12 -6
  897. pulumi_gcp/tpu/v2_vm.py +134 -2
  898. pulumi_gcp/vertex/ai_dataset.py +6 -6
  899. pulumi_gcp/vertex/ai_endpoint.py +28 -26
  900. pulumi_gcp/vertex/ai_feature_group.py +8 -6
  901. pulumi_gcp/vertex/ai_feature_group_feature.py +12 -8
  902. pulumi_gcp/vertex/ai_feature_online_store.py +26 -24
  903. pulumi_gcp/vertex/ai_feature_online_store_featureview.py +36 -28
  904. pulumi_gcp/vertex/ai_feature_store.py +30 -26
  905. pulumi_gcp/vertex/ai_feature_store_entity_type.py +12 -8
  906. pulumi_gcp/vertex/ai_feature_store_entity_type_feature.py +18 -12
  907. pulumi_gcp/vertex/ai_index.py +8 -0
  908. pulumi_gcp/vertex/ai_index_endpoint.py +36 -36
  909. pulumi_gcp/vertex/ai_metadata_store.py +2 -0
  910. pulumi_gcp/vertex/ai_tensorboard.py +12 -14
  911. pulumi_gcp/vmwareengine/cluster.py +12 -0
  912. pulumi_gcp/vmwareengine/external_access_rule.py +16 -0
  913. pulumi_gcp/vmwareengine/external_address.py +10 -4
  914. pulumi_gcp/vmwareengine/get_network.py +4 -4
  915. pulumi_gcp/vmwareengine/get_network_policy.py +4 -4
  916. pulumi_gcp/vmwareengine/get_private_cloud.py +4 -4
  917. pulumi_gcp/vmwareengine/network.py +56 -4
  918. pulumi_gcp/vmwareengine/network_peering.py +12 -2
  919. pulumi_gcp/vmwareengine/network_policy.py +8 -0
  920. pulumi_gcp/vmwareengine/private_cloud.py +8 -0
  921. pulumi_gcp/vmwareengine/subnet.py +6 -0
  922. pulumi_gcp/vpcaccess/connector.py +16 -6
  923. pulumi_gcp/vpcaccess/get_connector.py +2 -0
  924. pulumi_gcp/workbench/get_instance_iam_policy.py +6 -6
  925. pulumi_gcp/workbench/instance.py +42 -26
  926. pulumi_gcp/workflows/workflow.py +98 -0
  927. pulumi_gcp/workstations/workstation.py +26 -30
  928. pulumi_gcp/workstations/workstation_cluster.py +48 -48
  929. pulumi_gcp/workstations/workstation_config.py +182 -194
  930. {pulumi_gcp-7.12.0a1709074764.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/METADATA +1 -1
  931. pulumi_gcp-7.12.0a1709133800.dist-info/RECORD +1489 -0
  932. pulumi_gcp-7.12.0a1709074764.dist-info/RECORD +0 -1489
  933. {pulumi_gcp-7.12.0a1709074764.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/WHEEL +0 -0
  934. {pulumi_gcp-7.12.0a1709074764.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/top_level.txt +0 -0
pulumi_gcp/compute/forwarding_rule.py CHANGED
@@ -1706,42 +1706,951 @@ class ForwardingRule(pulumi.CustomResource):
1706
1706
  * [Official Documentation](https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules)
1707
1707
 
1708
1708
  ## Example Usage
1709
+ ### Internal Http Lb With Mig Backend
1710
+
1711
+ ```python
1712
+ import pulumi
1713
+ import pulumi_gcp as gcp
1714
+
1715
+ # Internal HTTP load balancer with a managed instance group backend
1716
+ # VPC network
1717
+ ilb_network = gcp.compute.Network("ilb_network",
1718
+ name="l7-ilb-network",
1719
+ auto_create_subnetworks=False)
1720
+ # proxy-only subnet
1721
+ proxy_subnet = gcp.compute.Subnetwork("proxy_subnet",
1722
+ name="l7-ilb-proxy-subnet",
1723
+ ip_cidr_range="10.0.0.0/24",
1724
+ region="europe-west1",
1725
+ purpose="REGIONAL_MANAGED_PROXY",
1726
+ role="ACTIVE",
1727
+ network=ilb_network.id)
1728
+ # backend subnet
1729
+ ilb_subnet = gcp.compute.Subnetwork("ilb_subnet",
1730
+ name="l7-ilb-subnet",
1731
+ ip_cidr_range="10.0.1.0/24",
1732
+ region="europe-west1",
1733
+ network=ilb_network.id)
1734
+ # health check
1735
+ default_region_health_check = gcp.compute.RegionHealthCheck("default",
1736
+ name="l7-ilb-hc",
1737
+ region="europe-west1",
1738
+ http_health_check=gcp.compute.RegionHealthCheckHttpHealthCheckArgs(
1739
+ port_specification="USE_SERVING_PORT",
1740
+ ))
1741
+ # instance template
1742
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
1743
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
1744
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
1745
+ network=ilb_network.id,
1746
+ subnetwork=ilb_subnet.id,
1747
+ )],
1748
+ name="l7-ilb-mig-template",
1749
+ machine_type="e2-small",
1750
+ tags=["http-server"],
1751
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
1752
+ source_image="debian-cloud/debian-10",
1753
+ auto_delete=True,
1754
+ boot=True,
1755
+ )],
1756
+ metadata={
1757
+ "startup-script": \"\"\"#! /bin/bash
1758
+ set -euo pipefail
1759
+
1760
+ export DEBIAN_FRONTEND=noninteractive
1761
+ apt-get update
1762
+ apt-get install -y nginx-light jq
1763
+
1764
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
1765
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
1766
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
1767
+
1768
+ cat <<EOF > /var/www/html/index.html
1769
+ <pre>
1770
+ Name: $NAME
1771
+ IP: $IP
1772
+ Metadata: $METADATA
1773
+ </pre>
1774
+ EOF
1775
+ \"\"\",
1776
+ })
1777
+ # MIG
1778
+ mig = gcp.compute.RegionInstanceGroupManager("mig",
1779
+ name="l7-ilb-mig1",
1780
+ region="europe-west1",
1781
+ versions=[gcp.compute.RegionInstanceGroupManagerVersionArgs(
1782
+ instance_template=instance_template.id,
1783
+ name="primary",
1784
+ )],
1785
+ base_instance_name="vm",
1786
+ target_size=2)
1787
+ # backend service
1788
+ default_region_backend_service = gcp.compute.RegionBackendService("default",
1789
+ name="l7-ilb-backend-subnet",
1790
+ region="europe-west1",
1791
+ protocol="HTTP",
1792
+ load_balancing_scheme="INTERNAL_MANAGED",
1793
+ timeout_sec=10,
1794
+ health_checks=default_region_health_check.id,
1795
+ backends=[gcp.compute.RegionBackendServiceBackendArgs(
1796
+ group=mig.instance_group,
1797
+ balancing_mode="UTILIZATION",
1798
+ capacity_scaler=1,
1799
+ )])
1800
+ # URL map
1801
+ default_region_url_map = gcp.compute.RegionUrlMap("default",
1802
+ name="l7-ilb-regional-url-map",
1803
+ region="europe-west1",
1804
+ default_service=default_region_backend_service.id)
1805
+ # HTTP target proxy
1806
+ default = gcp.compute.RegionTargetHttpProxy("default",
1807
+ name="l7-ilb-target-http-proxy",
1808
+ region="europe-west1",
1809
+ url_map=default_region_url_map.id)
1810
+ # forwarding rule
1811
+ google_compute_forwarding_rule = gcp.compute.ForwardingRule("google_compute_forwarding_rule",
1812
+ name="l7-ilb-forwarding-rule",
1813
+ region="europe-west1",
1814
+ ip_protocol="TCP",
1815
+ load_balancing_scheme="INTERNAL_MANAGED",
1816
+ port_range="80",
1817
+ target=default.id,
1818
+ network=ilb_network.id,
1819
+ subnetwork=ilb_subnet.id,
1820
+ network_tier="PREMIUM")
1821
+ # allow all access from IAP and health check ranges
1822
+ fw_iap = gcp.compute.Firewall("fw-iap",
1823
+ name="l7-ilb-fw-allow-iap-hc",
1824
+ direction="INGRESS",
1825
+ network=ilb_network.id,
1826
+ source_ranges=[
1827
+ "130.211.0.0/22",
1828
+ "35.191.0.0/16",
1829
+ "35.235.240.0/20",
1830
+ ],
1831
+ allows=[gcp.compute.FirewallAllowArgs(
1832
+ protocol="tcp",
1833
+ )])
1834
+ # allow http from proxy subnet to backends
1835
+ fw_ilb_to_backends = gcp.compute.Firewall("fw-ilb-to-backends",
1836
+ name="l7-ilb-fw-allow-ilb-to-backends",
1837
+ direction="INGRESS",
1838
+ network=ilb_network.id,
1839
+ source_ranges=["10.0.0.0/24"],
1840
+ target_tags=["http-server"],
1841
+ allows=[gcp.compute.FirewallAllowArgs(
1842
+ protocol="tcp",
1843
+ ports=[
1844
+ "80",
1845
+ "443",
1846
+ "8080",
1847
+ ],
1848
+ )])
1849
+ # test instance
1850
+ vm_test = gcp.compute.Instance("vm-test",
1851
+ name="l7-ilb-test-vm",
1852
+ zone="europe-west1-b",
1853
+ machine_type="e2-small",
1854
+ network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(
1855
+ network=ilb_network.id,
1856
+ subnetwork=ilb_subnet.id,
1857
+ )],
1858
+ boot_disk=gcp.compute.InstanceBootDiskArgs(
1859
+ initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(
1860
+ image="debian-cloud/debian-10",
1861
+ ),
1862
+ ))
1863
+ ```
1864
+ ### Internal Tcp Udp Lb With Mig Backend
1865
+
1866
+ ```python
1867
+ import pulumi
1868
+ import pulumi_gcp as gcp
1869
+
1870
+ # Internal TCP/UDP load balancer with a managed instance group backend
1871
+ # VPC
1872
+ ilb_network = gcp.compute.Network("ilb_network",
1873
+ name="l4-ilb-network",
1874
+ auto_create_subnetworks=False)
1875
+ # backed subnet
1876
+ ilb_subnet = gcp.compute.Subnetwork("ilb_subnet",
1877
+ name="l4-ilb-subnet",
1878
+ ip_cidr_range="10.0.1.0/24",
1879
+ region="europe-west1",
1880
+ network=ilb_network.id)
1881
+ # health check
1882
+ default_region_health_check = gcp.compute.RegionHealthCheck("default",
1883
+ name="l4-ilb-hc",
1884
+ region="europe-west1",
1885
+ http_health_check=gcp.compute.RegionHealthCheckHttpHealthCheckArgs(
1886
+ port=80,
1887
+ ))
1888
+ # instance template
1889
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
1890
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
1891
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
1892
+ network=ilb_network.id,
1893
+ subnetwork=ilb_subnet.id,
1894
+ )],
1895
+ name="l4-ilb-mig-template",
1896
+ machine_type="e2-small",
1897
+ tags=[
1898
+ "allow-ssh",
1899
+ "allow-health-check",
1900
+ ],
1901
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
1902
+ source_image="debian-cloud/debian-10",
1903
+ auto_delete=True,
1904
+ boot=True,
1905
+ )],
1906
+ metadata={
1907
+ "startup-script": \"\"\"#! /bin/bash
1908
+ set -euo pipefail
1909
+
1910
+ export DEBIAN_FRONTEND=noninteractive
1911
+ apt-get update
1912
+ apt-get install -y nginx-light jq
1913
+
1914
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
1915
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
1916
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
1917
+
1918
+ cat <<EOF > /var/www/html/index.html
1919
+ <pre>
1920
+ Name: $NAME
1921
+ IP: $IP
1922
+ Metadata: $METADATA
1923
+ </pre>
1924
+ EOF
1925
+ \"\"\",
1926
+ })
1927
+ # MIG
1928
+ mig = gcp.compute.RegionInstanceGroupManager("mig",
1929
+ name="l4-ilb-mig1",
1930
+ region="europe-west1",
1931
+ versions=[gcp.compute.RegionInstanceGroupManagerVersionArgs(
1932
+ instance_template=instance_template.id,
1933
+ name="primary",
1934
+ )],
1935
+ base_instance_name="vm",
1936
+ target_size=2)
1937
+ # backend service
1938
+ default = gcp.compute.RegionBackendService("default",
1939
+ name="l4-ilb-backend-subnet",
1940
+ region="europe-west1",
1941
+ protocol="TCP",
1942
+ load_balancing_scheme="INTERNAL",
1943
+ health_checks=default_region_health_check.id,
1944
+ backends=[gcp.compute.RegionBackendServiceBackendArgs(
1945
+ group=mig.instance_group,
1946
+ balancing_mode="CONNECTION",
1947
+ )])
1948
+ # forwarding rule
1949
+ google_compute_forwarding_rule = gcp.compute.ForwardingRule("google_compute_forwarding_rule",
1950
+ name="l4-ilb-forwarding-rule",
1951
+ backend_service=default.id,
1952
+ region="europe-west1",
1953
+ ip_protocol="TCP",
1954
+ load_balancing_scheme="INTERNAL",
1955
+ all_ports=True,
1956
+ allow_global_access=True,
1957
+ network=ilb_network.id,
1958
+ subnetwork=ilb_subnet.id)
1959
+ # allow all access from health check ranges
1960
+ fw_hc = gcp.compute.Firewall("fw_hc",
1961
+ name="l4-ilb-fw-allow-hc",
1962
+ direction="INGRESS",
1963
+ network=ilb_network.id,
1964
+ source_ranges=[
1965
+ "130.211.0.0/22",
1966
+ "35.191.0.0/16",
1967
+ "35.235.240.0/20",
1968
+ ],
1969
+ allows=[gcp.compute.FirewallAllowArgs(
1970
+ protocol="tcp",
1971
+ )],
1972
+ target_tags=["allow-health-check"])
1973
+ # allow communication within the subnet
1974
+ fw_ilb_to_backends = gcp.compute.Firewall("fw_ilb_to_backends",
1975
+ name="l4-ilb-fw-allow-ilb-to-backends",
1976
+ direction="INGRESS",
1977
+ network=ilb_network.id,
1978
+ source_ranges=["10.0.1.0/24"],
1979
+ allows=[
1980
+ gcp.compute.FirewallAllowArgs(
1981
+ protocol="tcp",
1982
+ ),
1983
+ gcp.compute.FirewallAllowArgs(
1984
+ protocol="udp",
1985
+ ),
1986
+ gcp.compute.FirewallAllowArgs(
1987
+ protocol="icmp",
1988
+ ),
1989
+ ])
1990
+ # allow SSH
1991
+ fw_ilb_ssh = gcp.compute.Firewall("fw_ilb_ssh",
1992
+ name="l4-ilb-fw-ssh",
1993
+ direction="INGRESS",
1994
+ network=ilb_network.id,
1995
+ allows=[gcp.compute.FirewallAllowArgs(
1996
+ protocol="tcp",
1997
+ ports=["22"],
1998
+ )],
1999
+ target_tags=["allow-ssh"],
2000
+ source_ranges=["0.0.0.0/0"])
2001
+ # test instance
2002
+ vm_test = gcp.compute.Instance("vm_test",
2003
+ name="l4-ilb-test-vm",
2004
+ zone="europe-west1-b",
2005
+ machine_type="e2-small",
2006
+ network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(
2007
+ network=ilb_network.id,
2008
+ subnetwork=ilb_subnet.id,
2009
+ )],
2010
+ boot_disk=gcp.compute.InstanceBootDiskArgs(
2011
+ initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(
2012
+ image="debian-cloud/debian-10",
2013
+ ),
2014
+ ))
2015
+ ```
2016
+ ### Forwarding Rule Externallb
2017
+
2018
+ ```python
2019
+ import pulumi
2020
+ import pulumi_gcp as gcp
2021
+
2022
+ hc = gcp.compute.RegionHealthCheck("hc",
2023
+ name="check-website-backend",
2024
+ check_interval_sec=1,
2025
+ timeout_sec=1,
2026
+ region="us-central1",
2027
+ tcp_health_check=gcp.compute.RegionHealthCheckTcpHealthCheckArgs(
2028
+ port=80,
2029
+ ))
2030
+ backend = gcp.compute.RegionBackendService("backend",
2031
+ name="website-backend",
2032
+ region="us-central1",
2033
+ load_balancing_scheme="EXTERNAL",
2034
+ health_checks=hc.id)
2035
+ # Forwarding rule for External Network Load Balancing using Backend Services
2036
+ default = gcp.compute.ForwardingRule("default",
2037
+ name="website-forwarding-rule",
2038
+ region="us-central1",
2039
+ port_range="80",
2040
+ backend_service=backend.id)
2041
+ ```
2042
+ ### Forwarding Rule Global Internallb
2043
+
2044
+ ```python
2045
+ import pulumi
2046
+ import pulumi_gcp as gcp
2047
+
2048
+ hc = gcp.compute.HealthCheck("hc",
2049
+ name="check-website-backend",
2050
+ check_interval_sec=1,
2051
+ timeout_sec=1,
2052
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
2053
+ port=80,
2054
+ ))
2055
+ backend = gcp.compute.RegionBackendService("backend",
2056
+ name="website-backend",
2057
+ region="us-central1",
2058
+ health_checks=hc.id)
2059
+ default_network = gcp.compute.Network("default",
2060
+ name="website-net",
2061
+ auto_create_subnetworks=False)
2062
+ default_subnetwork = gcp.compute.Subnetwork("default",
2063
+ name="website-net",
2064
+ ip_cidr_range="10.0.0.0/16",
2065
+ region="us-central1",
2066
+ network=default_network.id)
2067
+ # Forwarding rule for Internal Load Balancing
2068
+ default = gcp.compute.ForwardingRule("default",
2069
+ name="website-forwarding-rule",
2070
+ region="us-central1",
2071
+ load_balancing_scheme="INTERNAL",
2072
+ backend_service=backend.id,
2073
+ all_ports=True,
2074
+ allow_global_access=True,
2075
+ network=default_network.name,
2076
+ subnetwork=default_subnetwork.name)
2077
+ ```
1709
2078
  ### Forwarding Rule Basic
1710
2079
 
1711
2080
  ```python
1712
2081
  import pulumi
1713
2082
  import pulumi_gcp as gcp
1714
2083
 
1715
- default_target_pool = gcp.compute.TargetPool("defaultTargetPool")
1716
- default_forwarding_rule = gcp.compute.ForwardingRule("defaultForwardingRule",
2084
+ default_target_pool = gcp.compute.TargetPool("default", name="website-target-pool")
2085
+ default = gcp.compute.ForwardingRule("default",
2086
+ name="website-forwarding-rule",
1717
2087
  target=default_target_pool.id,
1718
2088
  port_range="80")
1719
2089
  ```
1720
- ### Forwarding Rule Regional Steering
2090
+ ### Forwarding Rule L3 Default
1721
2091
 
1722
2092
  ```python
1723
2093
  import pulumi
1724
2094
  import pulumi_gcp as gcp
1725
2095
 
1726
- basic = gcp.compute.Address("basic", region="us-central1")
1727
- external_region_backend_service = gcp.compute.RegionBackendService("externalRegionBackendService",
2096
+ health_check = gcp.compute.RegionHealthCheck("health_check",
2097
+ name="health-check",
1728
2098
  region="us-central1",
2099
+ tcp_health_check=gcp.compute.RegionHealthCheckTcpHealthCheckArgs(
2100
+ port=80,
2101
+ ))
2102
+ service = gcp.compute.RegionBackendService("service",
2103
+ region="us-central1",
2104
+ name="service",
2105
+ health_checks=health_check.id,
2106
+ protocol="UNSPECIFIED",
1729
2107
  load_balancing_scheme="EXTERNAL")
1730
- external_forwarding_rule = gcp.compute.ForwardingRule("externalForwardingRule",
2108
+ fwd_rule = gcp.compute.ForwardingRule("fwd_rule",
2109
+ name="l3-forwarding-rule",
2110
+ backend_service=service.id,
2111
+ ip_protocol="L3_DEFAULT",
2112
+ all_ports=True)
2113
+ ```
2114
+ ### Forwarding Rule Internallb
2115
+
2116
+ ```python
2117
+ import pulumi
2118
+ import pulumi_gcp as gcp
2119
+
2120
+ hc = gcp.compute.HealthCheck("hc",
2121
+ name="check-website-backend",
2122
+ check_interval_sec=1,
2123
+ timeout_sec=1,
2124
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
2125
+ port=80,
2126
+ ))
2127
+ backend = gcp.compute.RegionBackendService("backend",
2128
+ name="website-backend",
2129
+ region="us-central1",
2130
+ health_checks=hc.id)
2131
+ default_network = gcp.compute.Network("default",
2132
+ name="website-net",
2133
+ auto_create_subnetworks=False)
2134
+ default_subnetwork = gcp.compute.Subnetwork("default",
2135
+ name="website-net",
2136
+ ip_cidr_range="10.0.0.0/16",
2137
+ region="us-central1",
2138
+ network=default_network.id)
2139
+ # Forwarding rule for Internal Load Balancing
2140
+ default = gcp.compute.ForwardingRule("default",
2141
+ name="website-forwarding-rule",
2142
+ region="us-central1",
2143
+ load_balancing_scheme="INTERNAL",
2144
+ backend_service=backend.id,
2145
+ all_ports=True,
2146
+ network=default_network.name,
2147
+ subnetwork=default_subnetwork.name,
2148
+ ip_version="IPV4")
2149
+ ```
2150
+ ### Forwarding Rule Http Lb
2151
+
2152
+ ```python
2153
+ import pulumi
2154
+ import pulumi_gcp as gcp
2155
+
2156
+ debian_image = gcp.compute.get_image(family="debian-11",
2157
+ project="debian-cloud")
2158
+ default_network = gcp.compute.Network("default",
2159
+ name="website-net",
2160
+ auto_create_subnetworks=False,
2161
+ routing_mode="REGIONAL")
2162
+ default_subnetwork = gcp.compute.Subnetwork("default",
2163
+ name="website-net-default",
2164
+ ip_cidr_range="10.1.2.0/24",
2165
+ region="us-central1",
2166
+ network=default_network.id)
2167
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
2168
+ name="template-website-backend",
2169
+ machine_type="e2-medium",
2170
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
2171
+ network=default_network.id,
2172
+ subnetwork=default_subnetwork.id,
2173
+ )],
2174
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
2175
+ source_image=debian_image.self_link,
2176
+ auto_delete=True,
2177
+ boot=True,
2178
+ )],
2179
+ tags=[
2180
+ "allow-ssh",
2181
+ "load-balanced-backend",
2182
+ ])
2183
+ rigm = gcp.compute.RegionInstanceGroupManager("rigm",
2184
+ region="us-central1",
2185
+ name="website-rigm",
2186
+ versions=[gcp.compute.RegionInstanceGroupManagerVersionArgs(
2187
+ instance_template=instance_template.id,
2188
+ name="primary",
2189
+ )],
2190
+ base_instance_name="internal-glb",
2191
+ target_size=1)
2192
+ default_region_health_check = gcp.compute.RegionHealthCheck("default",
2193
+ region="us-central1",
2194
+ name="website-hc",
2195
+ http_health_check=gcp.compute.RegionHealthCheckHttpHealthCheckArgs(
2196
+ port_specification="USE_SERVING_PORT",
2197
+ ))
2198
+ default_region_backend_service = gcp.compute.RegionBackendService("default",
2199
+ load_balancing_scheme="INTERNAL_MANAGED",
2200
+ backends=[gcp.compute.RegionBackendServiceBackendArgs(
2201
+ group=rigm.instance_group,
2202
+ balancing_mode="UTILIZATION",
2203
+ capacity_scaler=1,
2204
+ )],
2205
+ region="us-central1",
2206
+ name="website-backend",
2207
+ protocol="HTTP",
2208
+ timeout_sec=10,
2209
+ health_checks=default_region_health_check.id)
2210
+ default_region_url_map = gcp.compute.RegionUrlMap("default",
2211
+ region="us-central1",
2212
+ name="website-map",
2213
+ default_service=default_region_backend_service.id)
2214
+ default_region_target_http_proxy = gcp.compute.RegionTargetHttpProxy("default",
2215
+ region="us-central1",
2216
+ name="website-proxy",
2217
+ url_map=default_region_url_map.id)
2218
+ # Forwarding rule for Internal Load Balancing
2219
+ default = gcp.compute.ForwardingRule("default",
2220
+ name="website-forwarding-rule",
2221
+ region="us-central1",
2222
+ ip_protocol="TCP",
2223
+ load_balancing_scheme="INTERNAL_MANAGED",
2224
+ port_range="80",
2225
+ target=default_region_target_http_proxy.id,
2226
+ network=default_network.id,
2227
+ subnetwork=default_subnetwork.id,
2228
+ network_tier="PREMIUM")
2229
+ fw1 = gcp.compute.Firewall("fw1",
2230
+ name="website-fw-1",
2231
+ network=default_network.id,
2232
+ source_ranges=["10.1.2.0/24"],
2233
+ allows=[
2234
+ gcp.compute.FirewallAllowArgs(
2235
+ protocol="tcp",
2236
+ ),
2237
+ gcp.compute.FirewallAllowArgs(
2238
+ protocol="udp",
2239
+ ),
2240
+ gcp.compute.FirewallAllowArgs(
2241
+ protocol="icmp",
2242
+ ),
2243
+ ],
2244
+ direction="INGRESS")
2245
+ fw2 = gcp.compute.Firewall("fw2",
2246
+ name="website-fw-2",
2247
+ network=default_network.id,
2248
+ source_ranges=["0.0.0.0/0"],
2249
+ allows=[gcp.compute.FirewallAllowArgs(
2250
+ protocol="tcp",
2251
+ ports=["22"],
2252
+ )],
2253
+ target_tags=["allow-ssh"],
2254
+ direction="INGRESS")
2255
+ fw3 = gcp.compute.Firewall("fw3",
2256
+ name="website-fw-3",
2257
+ network=default_network.id,
2258
+ source_ranges=[
2259
+ "130.211.0.0/22",
2260
+ "35.191.0.0/16",
2261
+ ],
2262
+ allows=[gcp.compute.FirewallAllowArgs(
2263
+ protocol="tcp",
2264
+ )],
2265
+ target_tags=["load-balanced-backend"],
2266
+ direction="INGRESS")
2267
+ fw4 = gcp.compute.Firewall("fw4",
2268
+ name="website-fw-4",
2269
+ network=default_network.id,
2270
+ source_ranges=["10.129.0.0/26"],
2271
+ target_tags=["load-balanced-backend"],
2272
+ allows=[
2273
+ gcp.compute.FirewallAllowArgs(
2274
+ protocol="tcp",
2275
+ ports=["80"],
2276
+ ),
2277
+ gcp.compute.FirewallAllowArgs(
2278
+ protocol="tcp",
2279
+ ports=["443"],
2280
+ ),
2281
+ gcp.compute.FirewallAllowArgs(
2282
+ protocol="tcp",
2283
+ ports=["8000"],
2284
+ ),
2285
+ ],
2286
+ direction="INGRESS")
2287
+ proxy = gcp.compute.Subnetwork("proxy",
2288
+ name="website-net-proxy",
2289
+ ip_cidr_range="10.129.0.0/26",
2290
+ region="us-central1",
2291
+ network=default_network.id,
2292
+ purpose="REGIONAL_MANAGED_PROXY",
2293
+ role="ACTIVE")
2294
+ ```
2295
+ ### Forwarding Rule Regional Http Xlb
2296
+
2297
+ ```python
2298
+ import pulumi
2299
+ import pulumi_gcp as gcp
2300
+
2301
+ debian_image = gcp.compute.get_image(family="debian-11",
2302
+ project="debian-cloud")
2303
+ default_network = gcp.compute.Network("default",
2304
+ name="website-net",
2305
+ auto_create_subnetworks=False,
2306
+ routing_mode="REGIONAL")
2307
+ default_subnetwork = gcp.compute.Subnetwork("default",
2308
+ name="website-net-default",
2309
+ ip_cidr_range="10.1.2.0/24",
2310
+ region="us-central1",
2311
+ network=default_network.id)
2312
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
2313
+ name="template-website-backend",
2314
+ machine_type="e2-medium",
2315
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
2316
+ network=default_network.id,
2317
+ subnetwork=default_subnetwork.id,
2318
+ )],
2319
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
2320
+ source_image=debian_image.self_link,
2321
+ auto_delete=True,
2322
+ boot=True,
2323
+ )],
2324
+ tags=[
2325
+ "allow-ssh",
2326
+ "load-balanced-backend",
2327
+ ])
2328
+ rigm = gcp.compute.RegionInstanceGroupManager("rigm",
2329
+ region="us-central1",
2330
+ name="website-rigm",
2331
+ versions=[gcp.compute.RegionInstanceGroupManagerVersionArgs(
2332
+ instance_template=instance_template.id,
2333
+ name="primary",
2334
+ )],
2335
+ base_instance_name="internal-glb",
2336
+ target_size=1)
2337
+ default_region_health_check = gcp.compute.RegionHealthCheck("default",
2338
+ region="us-central1",
2339
+ name="website-hc",
2340
+ http_health_check=gcp.compute.RegionHealthCheckHttpHealthCheckArgs(
2341
+ port_specification="USE_SERVING_PORT",
2342
+ ))
2343
+ default_region_backend_service = gcp.compute.RegionBackendService("default",
2344
+ load_balancing_scheme="EXTERNAL_MANAGED",
2345
+ backends=[gcp.compute.RegionBackendServiceBackendArgs(
2346
+ group=rigm.instance_group,
2347
+ balancing_mode="UTILIZATION",
2348
+ capacity_scaler=1,
2349
+ )],
2350
+ region="us-central1",
2351
+ name="website-backend",
2352
+ protocol="HTTP",
2353
+ timeout_sec=10,
2354
+ health_checks=default_region_health_check.id)
2355
+ default_region_url_map = gcp.compute.RegionUrlMap("default",
2356
+ region="us-central1",
2357
+ name="website-map",
2358
+ default_service=default_region_backend_service.id)
2359
+ default_region_target_http_proxy = gcp.compute.RegionTargetHttpProxy("default",
2360
+ region="us-central1",
2361
+ name="website-proxy",
2362
+ url_map=default_region_url_map.id)
2363
+ default_address = gcp.compute.Address("default",
2364
+ name="website-ip-1",
2365
+ region="us-central1",
2366
+ network_tier="STANDARD")
2367
+ # Forwarding rule for Regional External Load Balancing
2368
+ default = gcp.compute.ForwardingRule("default",
2369
+ name="website-forwarding-rule",
2370
+ region="us-central1",
2371
+ ip_protocol="TCP",
2372
+ load_balancing_scheme="EXTERNAL_MANAGED",
2373
+ port_range="80",
2374
+ target=default_region_target_http_proxy.id,
2375
+ network=default_network.id,
2376
+ ip_address=default_address.id,
2377
+ network_tier="STANDARD")
2378
+ fw1 = gcp.compute.Firewall("fw1",
2379
+ name="website-fw-1",
2380
+ network=default_network.id,
2381
+ source_ranges=["10.1.2.0/24"],
2382
+ allows=[
2383
+ gcp.compute.FirewallAllowArgs(
2384
+ protocol="tcp",
2385
+ ),
2386
+ gcp.compute.FirewallAllowArgs(
2387
+ protocol="udp",
2388
+ ),
2389
+ gcp.compute.FirewallAllowArgs(
2390
+ protocol="icmp",
2391
+ ),
2392
+ ],
2393
+ direction="INGRESS")
2394
+ fw2 = gcp.compute.Firewall("fw2",
2395
+ name="website-fw-2",
2396
+ network=default_network.id,
2397
+ source_ranges=["0.0.0.0/0"],
2398
+ allows=[gcp.compute.FirewallAllowArgs(
2399
+ protocol="tcp",
2400
+ ports=["22"],
2401
+ )],
2402
+ target_tags=["allow-ssh"],
2403
+ direction="INGRESS")
2404
+ fw3 = gcp.compute.Firewall("fw3",
2405
+ name="website-fw-3",
2406
+ network=default_network.id,
2407
+ source_ranges=[
2408
+ "130.211.0.0/22",
2409
+ "35.191.0.0/16",
2410
+ ],
2411
+ allows=[gcp.compute.FirewallAllowArgs(
2412
+ protocol="tcp",
2413
+ )],
2414
+ target_tags=["load-balanced-backend"],
2415
+ direction="INGRESS")
2416
+ fw4 = gcp.compute.Firewall("fw4",
2417
+ name="website-fw-4",
2418
+ network=default_network.id,
2419
+ source_ranges=["10.129.0.0/26"],
2420
+ target_tags=["load-balanced-backend"],
2421
+ allows=[
2422
+ gcp.compute.FirewallAllowArgs(
2423
+ protocol="tcp",
2424
+ ports=["80"],
2425
+ ),
2426
+ gcp.compute.FirewallAllowArgs(
2427
+ protocol="tcp",
2428
+ ports=["443"],
2429
+ ),
2430
+ gcp.compute.FirewallAllowArgs(
2431
+ protocol="tcp",
2432
+ ports=["8000"],
2433
+ ),
2434
+ ],
2435
+ direction="INGRESS")
2436
+ proxy = gcp.compute.Subnetwork("proxy",
2437
+ name="website-net-proxy",
2438
+ ip_cidr_range="10.129.0.0/26",
2439
+ region="us-central1",
2440
+ network=default_network.id,
2441
+ purpose="REGIONAL_MANAGED_PROXY",
2442
+ role="ACTIVE")
2443
+ ```
2444
+ ### Forwarding Rule Vpc Psc
2445
+
2446
+ ```python
2447
+ import pulumi
2448
+ import pulumi_gcp as gcp
2449
+
2450
+ # Consumer service endpoint
2451
+ consumer_net = gcp.compute.Network("consumer_net",
2452
+ name="consumer-net",
2453
+ auto_create_subnetworks=False)
2454
+ consumer_subnet = gcp.compute.Subnetwork("consumer_subnet",
2455
+ name="consumer-net",
2456
+ ip_cidr_range="10.0.0.0/16",
2457
+ region="us-central1",
2458
+ network=consumer_net.id)
2459
+ consumer_address = gcp.compute.Address("consumer_address",
2460
+ name="website-ip-1",
2461
+ region="us-central1",
2462
+ subnetwork=consumer_subnet.id,
2463
+ address_type="INTERNAL")
2464
+ # Producer service attachment
2465
+ producer_net = gcp.compute.Network("producer_net",
2466
+ name="producer-net",
2467
+ auto_create_subnetworks=False)
2468
+ psc_producer_subnet = gcp.compute.Subnetwork("psc_producer_subnet",
2469
+ name="producer-psc-net",
2470
+ ip_cidr_range="10.1.0.0/16",
2471
+ region="us-central1",
2472
+ purpose="PRIVATE_SERVICE_CONNECT",
2473
+ network=producer_net.id)
2474
+ producer_subnet = gcp.compute.Subnetwork("producer_subnet",
2475
+ name="producer-net",
2476
+ ip_cidr_range="10.0.0.0/16",
2477
+ region="us-central1",
2478
+ network=producer_net.id)
2479
+ producer_service_health_check = gcp.compute.HealthCheck("producer_service_health_check",
2480
+ name="producer-service-health-check",
2481
+ check_interval_sec=1,
2482
+ timeout_sec=1,
2483
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
2484
+ port=80,
2485
+ ))
2486
+ producer_service_backend = gcp.compute.RegionBackendService("producer_service_backend",
2487
+ name="producer-service-backend",
2488
+ region="us-central1",
2489
+ health_checks=producer_service_health_check.id)
2490
+ producer_target_service = gcp.compute.ForwardingRule("producer_target_service",
2491
+ name="producer-forwarding-rule",
2492
+ region="us-central1",
2493
+ load_balancing_scheme="INTERNAL",
2494
+ backend_service=producer_service_backend.id,
2495
+ all_ports=True,
2496
+ network=producer_net.name,
2497
+ subnetwork=producer_subnet.name)
2498
+ producer_service_attachment = gcp.compute.ServiceAttachment("producer_service_attachment",
2499
+ name="producer-service",
2500
+ region="us-central1",
2501
+ description="A service attachment configured with Terraform",
2502
+ enable_proxy_protocol=True,
2503
+ connection_preference="ACCEPT_AUTOMATIC",
2504
+ nat_subnets=[psc_producer_subnet.name],
2505
+ target_service=producer_target_service.id)
2506
+ # Forwarding rule for VPC private service connect
2507
+ default = gcp.compute.ForwardingRule("default",
2508
+ name="psc-endpoint",
2509
+ region="us-central1",
2510
+ load_balancing_scheme="",
2511
+ target=producer_service_attachment.id,
2512
+ network=consumer_net.name,
2513
+ ip_address=consumer_address.id,
2514
+ allow_psc_global_access=True)
2515
+ ```
2516
+ ### Forwarding Rule Vpc Psc No Automate Dns
2517
+
2518
+ ```python
2519
+ import pulumi
2520
+ import pulumi_gcp as gcp
2521
+
2522
+ consumer_net = gcp.compute.Network("consumer_net",
2523
+ name="consumer-net",
2524
+ auto_create_subnetworks=False)
2525
+ consumer_subnet = gcp.compute.Subnetwork("consumer_subnet",
2526
+ name="consumer-net",
2527
+ ip_cidr_range="10.0.0.0/16",
2528
+ region="us-central1",
2529
+ network=consumer_net.id)
2530
+ consumer_address = gcp.compute.Address("consumer_address",
2531
+ name="website-ip-1",
2532
+ region="us-central1",
2533
+ subnetwork=consumer_subnet.id,
2534
+ address_type="INTERNAL")
2535
+ producer_net = gcp.compute.Network("producer_net",
2536
+ name="producer-net",
2537
+ auto_create_subnetworks=False)
2538
+ psc_producer_subnet = gcp.compute.Subnetwork("psc_producer_subnet",
2539
+ name="producer-psc-net",
2540
+ ip_cidr_range="10.1.0.0/16",
2541
+ region="us-central1",
2542
+ purpose="PRIVATE_SERVICE_CONNECT",
2543
+ network=producer_net.id)
2544
+ producer_subnet = gcp.compute.Subnetwork("producer_subnet",
2545
+ name="producer-net",
2546
+ ip_cidr_range="10.0.0.0/16",
2547
+ region="us-central1",
2548
+ network=producer_net.id)
2549
+ producer_service_health_check = gcp.compute.HealthCheck("producer_service_health_check",
2550
+ name="producer-service-health-check",
2551
+ check_interval_sec=1,
2552
+ timeout_sec=1,
2553
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
2554
+ port=80,
2555
+ ))
2556
+ producer_service_backend = gcp.compute.RegionBackendService("producer_service_backend",
2557
+ name="producer-service-backend",
2558
+ region="us-central1",
2559
+ health_checks=producer_service_health_check.id)
2560
+ producer_target_service = gcp.compute.ForwardingRule("producer_target_service",
2561
+ name="producer-forwarding-rule",
2562
+ region="us-central1",
2563
+ load_balancing_scheme="INTERNAL",
2564
+ backend_service=producer_service_backend.id,
2565
+ all_ports=True,
2566
+ network=producer_net.name,
2567
+ subnetwork=producer_subnet.name)
2568
+ producer_service_attachment = gcp.compute.ServiceAttachment("producer_service_attachment",
2569
+ name="producer-service",
2570
+ region="us-central1",
2571
+ description="A service attachment configured with Terraform",
2572
+ enable_proxy_protocol=True,
2573
+ connection_preference="ACCEPT_AUTOMATIC",
2574
+ nat_subnets=[psc_producer_subnet.name],
2575
+ target_service=producer_target_service.id)
2576
+ default = gcp.compute.ForwardingRule("default",
2577
+ name="psc-endpoint",
2578
+ region="us-central1",
2579
+ load_balancing_scheme="",
2580
+ target=producer_service_attachment.id,
2581
+ network=consumer_net.name,
2582
+ ip_address=consumer_address.id,
2583
+ allow_psc_global_access=True,
2584
+ no_automate_dns_zone=True)
2585
+ ```
2586
+ ### Forwarding Rule Regional Steering
2587
+
2588
+ ```python
2589
+ import pulumi
2590
+ import pulumi_gcp as gcp
2591
+
2592
+ basic = gcp.compute.Address("basic",
2593
+ name="website-ip",
2594
+ region="us-central1")
2595
+ external = gcp.compute.RegionBackendService("external",
2596
+ name="service-backend",
1731
2597
  region="us-central1",
1732
- ip_address=basic.self_link,
1733
- backend_service=external_region_backend_service.self_link,
1734
2598
  load_balancing_scheme="EXTERNAL")
1735
2599
  steering = gcp.compute.ForwardingRule("steering",
2600
+ name="steering-rule",
1736
2601
  region="us-central1",
1737
2602
  ip_address=basic.self_link,
1738
- backend_service=external_region_backend_service.self_link,
2603
+ backend_service=external.self_link,
1739
2604
  load_balancing_scheme="EXTERNAL",
1740
2605
  source_ip_ranges=[
1741
2606
  "34.121.88.0/24",
1742
2607
  "35.187.239.137",
1743
- ],
1744
- opts=pulumi.ResourceOptions(depends_on=[external_forwarding_rule]))
2608
+ ])
2609
+ external_forwarding_rule = gcp.compute.ForwardingRule("external",
2610
+ name="external-forwarding-rule",
2611
+ region="us-central1",
2612
+ ip_address=basic.self_link,
2613
+ backend_service=external.self_link,
2614
+ load_balancing_scheme="EXTERNAL")
2615
+ ```
2616
+ ### Forwarding Rule Internallb Ipv6
2617
+
2618
+ ```python
2619
+ import pulumi
2620
+ import pulumi_gcp as gcp
2621
+
2622
+ hc = gcp.compute.HealthCheck("hc",
2623
+ name="check-ilb-ipv6-backend",
2624
+ check_interval_sec=1,
2625
+ timeout_sec=1,
2626
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
2627
+ port=80,
2628
+ ))
2629
+ backend = gcp.compute.RegionBackendService("backend",
2630
+ name="ilb-ipv6-backend",
2631
+ region="us-central1",
2632
+ health_checks=hc.id)
2633
+ default_network = gcp.compute.Network("default",
2634
+ name="net-ipv6",
2635
+ auto_create_subnetworks=False,
2636
+ enable_ula_internal_ipv6=True)
2637
+ default_subnetwork = gcp.compute.Subnetwork("default",
2638
+ name="subnet-internal-ipv6",
2639
+ ip_cidr_range="10.0.0.0/16",
2640
+ region="us-central1",
2641
+ stack_type="IPV4_IPV6",
2642
+ ipv6_access_type="INTERNAL",
2643
+ network=default_network.id)
2644
+ # Forwarding rule for Internal Load Balancing
2645
+ default = gcp.compute.ForwardingRule("default",
2646
+ name="ilb-ipv6-forwarding-rule",
2647
+ region="us-central1",
2648
+ load_balancing_scheme="INTERNAL",
2649
+ backend_service=backend.id,
2650
+ all_ports=True,
2651
+ network=default_network.name,
2652
+ subnetwork=default_subnetwork.name,
2653
+ ip_version="IPV6")
1745
2654
  ```
1746
2655
 
1747
2656
  ## Import
@@ -1991,42 +2900,951 @@ class ForwardingRule(pulumi.CustomResource):
1991
2900
  * [Official Documentation](https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules)
1992
2901
 
1993
2902
  ## Example Usage
2903
+ ### Internal Http Lb With Mig Backend
2904
+
2905
+ ```python
2906
+ import pulumi
2907
+ import pulumi_gcp as gcp
2908
+
2909
+ # Internal HTTP load balancer with a managed instance group backend
2910
+ # VPC network
2911
+ ilb_network = gcp.compute.Network("ilb_network",
2912
+ name="l7-ilb-network",
2913
+ auto_create_subnetworks=False)
2914
+ # proxy-only subnet
2915
+ proxy_subnet = gcp.compute.Subnetwork("proxy_subnet",
2916
+ name="l7-ilb-proxy-subnet",
2917
+ ip_cidr_range="10.0.0.0/24",
2918
+ region="europe-west1",
2919
+ purpose="REGIONAL_MANAGED_PROXY",
2920
+ role="ACTIVE",
2921
+ network=ilb_network.id)
2922
+ # backend subnet
2923
+ ilb_subnet = gcp.compute.Subnetwork("ilb_subnet",
2924
+ name="l7-ilb-subnet",
2925
+ ip_cidr_range="10.0.1.0/24",
2926
+ region="europe-west1",
2927
+ network=ilb_network.id)
2928
+ # health check
2929
+ default_region_health_check = gcp.compute.RegionHealthCheck("default",
2930
+ name="l7-ilb-hc",
2931
+ region="europe-west1",
2932
+ http_health_check=gcp.compute.RegionHealthCheckHttpHealthCheckArgs(
2933
+ port_specification="USE_SERVING_PORT",
2934
+ ))
2935
+ # instance template
2936
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
2937
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
2938
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
2939
+ network=ilb_network.id,
2940
+ subnetwork=ilb_subnet.id,
2941
+ )],
2942
+ name="l7-ilb-mig-template",
2943
+ machine_type="e2-small",
2944
+ tags=["http-server"],
2945
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
2946
+ source_image="debian-cloud/debian-10",
2947
+ auto_delete=True,
2948
+ boot=True,
2949
+ )],
2950
+ metadata={
2951
+ "startup-script": \"\"\"#! /bin/bash
2952
+ set -euo pipefail
2953
+
2954
+ export DEBIAN_FRONTEND=noninteractive
2955
+ apt-get update
2956
+ apt-get install -y nginx-light jq
2957
+
2958
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
2959
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
2960
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
2961
+
2962
+ cat <<EOF > /var/www/html/index.html
2963
+ <pre>
2964
+ Name: $NAME
2965
+ IP: $IP
2966
+ Metadata: $METADATA
2967
+ </pre>
2968
+ EOF
2969
+ \"\"\",
2970
+ })
2971
+ # MIG
2972
+ mig = gcp.compute.RegionInstanceGroupManager("mig",
2973
+ name="l7-ilb-mig1",
2974
+ region="europe-west1",
2975
+ versions=[gcp.compute.RegionInstanceGroupManagerVersionArgs(
2976
+ instance_template=instance_template.id,
2977
+ name="primary",
2978
+ )],
2979
+ base_instance_name="vm",
2980
+ target_size=2)
2981
+ # backend service
2982
+ default_region_backend_service = gcp.compute.RegionBackendService("default",
2983
+ name="l7-ilb-backend-subnet",
2984
+ region="europe-west1",
2985
+ protocol="HTTP",
2986
+ load_balancing_scheme="INTERNAL_MANAGED",
2987
+ timeout_sec=10,
2988
+ health_checks=default_region_health_check.id,
2989
+ backends=[gcp.compute.RegionBackendServiceBackendArgs(
2990
+ group=mig.instance_group,
2991
+ balancing_mode="UTILIZATION",
2992
+ capacity_scaler=1,
2993
+ )])
2994
+ # URL map
2995
+ default_region_url_map = gcp.compute.RegionUrlMap("default",
2996
+ name="l7-ilb-regional-url-map",
2997
+ region="europe-west1",
2998
+ default_service=default_region_backend_service.id)
2999
+ # HTTP target proxy
3000
+ default = gcp.compute.RegionTargetHttpProxy("default",
3001
+ name="l7-ilb-target-http-proxy",
3002
+ region="europe-west1",
3003
+ url_map=default_region_url_map.id)
3004
+ # forwarding rule
3005
+ google_compute_forwarding_rule = gcp.compute.ForwardingRule("google_compute_forwarding_rule",
3006
+ name="l7-ilb-forwarding-rule",
3007
+ region="europe-west1",
3008
+ ip_protocol="TCP",
3009
+ load_balancing_scheme="INTERNAL_MANAGED",
3010
+ port_range="80",
3011
+ target=default.id,
3012
+ network=ilb_network.id,
3013
+ subnetwork=ilb_subnet.id,
3014
+ network_tier="PREMIUM")
3015
+ # allow all access from IAP and health check ranges
3016
+ fw_iap = gcp.compute.Firewall("fw-iap",
3017
+ name="l7-ilb-fw-allow-iap-hc",
3018
+ direction="INGRESS",
3019
+ network=ilb_network.id,
3020
+ source_ranges=[
3021
+ "130.211.0.0/22",
3022
+ "35.191.0.0/16",
3023
+ "35.235.240.0/20",
3024
+ ],
3025
+ allows=[gcp.compute.FirewallAllowArgs(
3026
+ protocol="tcp",
3027
+ )])
3028
+ # allow http from proxy subnet to backends
3029
+ fw_ilb_to_backends = gcp.compute.Firewall("fw-ilb-to-backends",
3030
+ name="l7-ilb-fw-allow-ilb-to-backends",
3031
+ direction="INGRESS",
3032
+ network=ilb_network.id,
3033
+ source_ranges=["10.0.0.0/24"],
3034
+ target_tags=["http-server"],
3035
+ allows=[gcp.compute.FirewallAllowArgs(
3036
+ protocol="tcp",
3037
+ ports=[
3038
+ "80",
3039
+ "443",
3040
+ "8080",
3041
+ ],
3042
+ )])
3043
+ # test instance
3044
+ vm_test = gcp.compute.Instance("vm-test",
3045
+ name="l7-ilb-test-vm",
3046
+ zone="europe-west1-b",
3047
+ machine_type="e2-small",
3048
+ network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(
3049
+ network=ilb_network.id,
3050
+ subnetwork=ilb_subnet.id,
3051
+ )],
3052
+ boot_disk=gcp.compute.InstanceBootDiskArgs(
3053
+ initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(
3054
+ image="debian-cloud/debian-10",
3055
+ ),
3056
+ ))
3057
+ ```
3058
+ ### Internal Tcp Udp Lb With Mig Backend
3059
+
3060
+ ```python
3061
+ import pulumi
3062
+ import pulumi_gcp as gcp
3063
+
3064
+ # Internal TCP/UDP load balancer with a managed instance group backend
3065
+ # VPC
3066
+ ilb_network = gcp.compute.Network("ilb_network",
3067
+ name="l4-ilb-network",
3068
+ auto_create_subnetworks=False)
3069
+ # backed subnet
3070
+ ilb_subnet = gcp.compute.Subnetwork("ilb_subnet",
3071
+ name="l4-ilb-subnet",
3072
+ ip_cidr_range="10.0.1.0/24",
3073
+ region="europe-west1",
3074
+ network=ilb_network.id)
3075
+ # health check
3076
+ default_region_health_check = gcp.compute.RegionHealthCheck("default",
3077
+ name="l4-ilb-hc",
3078
+ region="europe-west1",
3079
+ http_health_check=gcp.compute.RegionHealthCheckHttpHealthCheckArgs(
3080
+ port=80,
3081
+ ))
3082
+ # instance template
3083
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
3084
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
3085
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
3086
+ network=ilb_network.id,
3087
+ subnetwork=ilb_subnet.id,
3088
+ )],
3089
+ name="l4-ilb-mig-template",
3090
+ machine_type="e2-small",
3091
+ tags=[
3092
+ "allow-ssh",
3093
+ "allow-health-check",
3094
+ ],
3095
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
3096
+ source_image="debian-cloud/debian-10",
3097
+ auto_delete=True,
3098
+ boot=True,
3099
+ )],
3100
+ metadata={
3101
+ "startup-script": \"\"\"#! /bin/bash
3102
+ set -euo pipefail
3103
+
3104
+ export DEBIAN_FRONTEND=noninteractive
3105
+ apt-get update
3106
+ apt-get install -y nginx-light jq
3107
+
3108
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
3109
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
3110
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
3111
+
3112
+ cat <<EOF > /var/www/html/index.html
3113
+ <pre>
3114
+ Name: $NAME
3115
+ IP: $IP
3116
+ Metadata: $METADATA
3117
+ </pre>
3118
+ EOF
3119
+ \"\"\",
3120
+ })
3121
+ # MIG
3122
+ mig = gcp.compute.RegionInstanceGroupManager("mig",
3123
+ name="l4-ilb-mig1",
3124
+ region="europe-west1",
3125
+ versions=[gcp.compute.RegionInstanceGroupManagerVersionArgs(
3126
+ instance_template=instance_template.id,
3127
+ name="primary",
3128
+ )],
3129
+ base_instance_name="vm",
3130
+ target_size=2)
3131
+ # backend service
3132
+ default = gcp.compute.RegionBackendService("default",
3133
+ name="l4-ilb-backend-subnet",
3134
+ region="europe-west1",
3135
+ protocol="TCP",
3136
+ load_balancing_scheme="INTERNAL",
3137
+ health_checks=default_region_health_check.id,
3138
+ backends=[gcp.compute.RegionBackendServiceBackendArgs(
3139
+ group=mig.instance_group,
3140
+ balancing_mode="CONNECTION",
3141
+ )])
3142
+ # forwarding rule
3143
+ google_compute_forwarding_rule = gcp.compute.ForwardingRule("google_compute_forwarding_rule",
3144
+ name="l4-ilb-forwarding-rule",
3145
+ backend_service=default.id,
3146
+ region="europe-west1",
3147
+ ip_protocol="TCP",
3148
+ load_balancing_scheme="INTERNAL",
3149
+ all_ports=True,
3150
+ allow_global_access=True,
3151
+ network=ilb_network.id,
3152
+ subnetwork=ilb_subnet.id)
3153
+ # allow all access from health check ranges
3154
+ fw_hc = gcp.compute.Firewall("fw_hc",
3155
+ name="l4-ilb-fw-allow-hc",
3156
+ direction="INGRESS",
3157
+ network=ilb_network.id,
3158
+ source_ranges=[
3159
+ "130.211.0.0/22",
3160
+ "35.191.0.0/16",
3161
+ "35.235.240.0/20",
3162
+ ],
3163
+ allows=[gcp.compute.FirewallAllowArgs(
3164
+ protocol="tcp",
3165
+ )],
3166
+ target_tags=["allow-health-check"])
3167
+ # allow communication within the subnet
3168
+ fw_ilb_to_backends = gcp.compute.Firewall("fw_ilb_to_backends",
3169
+ name="l4-ilb-fw-allow-ilb-to-backends",
3170
+ direction="INGRESS",
3171
+ network=ilb_network.id,
3172
+ source_ranges=["10.0.1.0/24"],
3173
+ allows=[
3174
+ gcp.compute.FirewallAllowArgs(
3175
+ protocol="tcp",
3176
+ ),
3177
+ gcp.compute.FirewallAllowArgs(
3178
+ protocol="udp",
3179
+ ),
3180
+ gcp.compute.FirewallAllowArgs(
3181
+ protocol="icmp",
3182
+ ),
3183
+ ])
3184
+ # allow SSH
3185
+ fw_ilb_ssh = gcp.compute.Firewall("fw_ilb_ssh",
3186
+ name="l4-ilb-fw-ssh",
3187
+ direction="INGRESS",
3188
+ network=ilb_network.id,
3189
+ allows=[gcp.compute.FirewallAllowArgs(
3190
+ protocol="tcp",
3191
+ ports=["22"],
3192
+ )],
3193
+ target_tags=["allow-ssh"],
3194
+ source_ranges=["0.0.0.0/0"])
3195
+ # test instance
3196
+ vm_test = gcp.compute.Instance("vm_test",
3197
+ name="l4-ilb-test-vm",
3198
+ zone="europe-west1-b",
3199
+ machine_type="e2-small",
3200
+ network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(
3201
+ network=ilb_network.id,
3202
+ subnetwork=ilb_subnet.id,
3203
+ )],
3204
+ boot_disk=gcp.compute.InstanceBootDiskArgs(
3205
+ initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(
3206
+ image="debian-cloud/debian-10",
3207
+ ),
3208
+ ))
3209
+ ```
3210
+ ### Forwarding Rule Externallb
3211
+
3212
+ ```python
3213
+ import pulumi
3214
+ import pulumi_gcp as gcp
3215
+
3216
+ hc = gcp.compute.RegionHealthCheck("hc",
3217
+ name="check-website-backend",
3218
+ check_interval_sec=1,
3219
+ timeout_sec=1,
3220
+ region="us-central1",
3221
+ tcp_health_check=gcp.compute.RegionHealthCheckTcpHealthCheckArgs(
3222
+ port=80,
3223
+ ))
3224
+ backend = gcp.compute.RegionBackendService("backend",
3225
+ name="website-backend",
3226
+ region="us-central1",
3227
+ load_balancing_scheme="EXTERNAL",
3228
+ health_checks=hc.id)
3229
+ # Forwarding rule for External Network Load Balancing using Backend Services
3230
+ default = gcp.compute.ForwardingRule("default",
3231
+ name="website-forwarding-rule",
3232
+ region="us-central1",
3233
+ port_range="80",
3234
+ backend_service=backend.id)
3235
+ ```
3236
+ ### Forwarding Rule Global Internallb
3237
+
3238
+ ```python
3239
+ import pulumi
3240
+ import pulumi_gcp as gcp
3241
+
3242
+ hc = gcp.compute.HealthCheck("hc",
3243
+ name="check-website-backend",
3244
+ check_interval_sec=1,
3245
+ timeout_sec=1,
3246
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
3247
+ port=80,
3248
+ ))
3249
+ backend = gcp.compute.RegionBackendService("backend",
3250
+ name="website-backend",
3251
+ region="us-central1",
3252
+ health_checks=hc.id)
3253
+ default_network = gcp.compute.Network("default",
3254
+ name="website-net",
3255
+ auto_create_subnetworks=False)
3256
+ default_subnetwork = gcp.compute.Subnetwork("default",
3257
+ name="website-net",
3258
+ ip_cidr_range="10.0.0.0/16",
3259
+ region="us-central1",
3260
+ network=default_network.id)
3261
+ # Forwarding rule for Internal Load Balancing
3262
+ default = gcp.compute.ForwardingRule("default",
3263
+ name="website-forwarding-rule",
3264
+ region="us-central1",
3265
+ load_balancing_scheme="INTERNAL",
3266
+ backend_service=backend.id,
3267
+ all_ports=True,
3268
+ allow_global_access=True,
3269
+ network=default_network.name,
3270
+ subnetwork=default_subnetwork.name)
3271
+ ```
1994
3272
  ### Forwarding Rule Basic
1995
3273
 
1996
3274
  ```python
1997
3275
  import pulumi
1998
3276
  import pulumi_gcp as gcp
1999
3277
 
2000
- default_target_pool = gcp.compute.TargetPool("defaultTargetPool")
2001
- default_forwarding_rule = gcp.compute.ForwardingRule("defaultForwardingRule",
3278
+ default_target_pool = gcp.compute.TargetPool("default", name="website-target-pool")
3279
+ default = gcp.compute.ForwardingRule("default",
3280
+ name="website-forwarding-rule",
2002
3281
  target=default_target_pool.id,
2003
3282
  port_range="80")
2004
3283
  ```
2005
- ### Forwarding Rule Regional Steering
3284
+ ### Forwarding Rule L3 Default
2006
3285
 
2007
3286
  ```python
2008
3287
  import pulumi
2009
3288
  import pulumi_gcp as gcp
2010
3289
 
2011
- basic = gcp.compute.Address("basic", region="us-central1")
2012
- external_region_backend_service = gcp.compute.RegionBackendService("externalRegionBackendService",
3290
+ health_check = gcp.compute.RegionHealthCheck("health_check",
3291
+ name="health-check",
2013
3292
  region="us-central1",
3293
+ tcp_health_check=gcp.compute.RegionHealthCheckTcpHealthCheckArgs(
3294
+ port=80,
3295
+ ))
3296
+ service = gcp.compute.RegionBackendService("service",
3297
+ region="us-central1",
3298
+ name="service",
3299
+ health_checks=health_check.id,
3300
+ protocol="UNSPECIFIED",
2014
3301
  load_balancing_scheme="EXTERNAL")
2015
- external_forwarding_rule = gcp.compute.ForwardingRule("externalForwardingRule",
3302
+ fwd_rule = gcp.compute.ForwardingRule("fwd_rule",
3303
+ name="l3-forwarding-rule",
3304
+ backend_service=service.id,
3305
+ ip_protocol="L3_DEFAULT",
3306
+ all_ports=True)
3307
+ ```
3308
+ ### Forwarding Rule Internallb
3309
+
3310
+ ```python
3311
+ import pulumi
3312
+ import pulumi_gcp as gcp
3313
+
3314
+ hc = gcp.compute.HealthCheck("hc",
3315
+ name="check-website-backend",
3316
+ check_interval_sec=1,
3317
+ timeout_sec=1,
3318
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
3319
+ port=80,
3320
+ ))
3321
+ backend = gcp.compute.RegionBackendService("backend",
3322
+ name="website-backend",
3323
+ region="us-central1",
3324
+ health_checks=hc.id)
3325
+ default_network = gcp.compute.Network("default",
3326
+ name="website-net",
3327
+ auto_create_subnetworks=False)
3328
+ default_subnetwork = gcp.compute.Subnetwork("default",
3329
+ name="website-net",
3330
+ ip_cidr_range="10.0.0.0/16",
3331
+ region="us-central1",
3332
+ network=default_network.id)
3333
+ # Forwarding rule for Internal Load Balancing
3334
+ default = gcp.compute.ForwardingRule("default",
3335
+ name="website-forwarding-rule",
3336
+ region="us-central1",
3337
+ load_balancing_scheme="INTERNAL",
3338
+ backend_service=backend.id,
3339
+ all_ports=True,
3340
+ network=default_network.name,
3341
+ subnetwork=default_subnetwork.name,
3342
+ ip_version="IPV4")
3343
+ ```
3344
+ ### Forwarding Rule Http Lb
3345
+
3346
+ ```python
3347
+ import pulumi
3348
+ import pulumi_gcp as gcp
3349
+
3350
+ debian_image = gcp.compute.get_image(family="debian-11",
3351
+ project="debian-cloud")
3352
+ default_network = gcp.compute.Network("default",
3353
+ name="website-net",
3354
+ auto_create_subnetworks=False,
3355
+ routing_mode="REGIONAL")
3356
+ default_subnetwork = gcp.compute.Subnetwork("default",
3357
+ name="website-net-default",
3358
+ ip_cidr_range="10.1.2.0/24",
3359
+ region="us-central1",
3360
+ network=default_network.id)
3361
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
3362
+ name="template-website-backend",
3363
+ machine_type="e2-medium",
3364
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
3365
+ network=default_network.id,
3366
+ subnetwork=default_subnetwork.id,
3367
+ )],
3368
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
3369
+ source_image=debian_image.self_link,
3370
+ auto_delete=True,
3371
+ boot=True,
3372
+ )],
3373
+ tags=[
3374
+ "allow-ssh",
3375
+ "load-balanced-backend",
3376
+ ])
3377
+ rigm = gcp.compute.RegionInstanceGroupManager("rigm",
3378
+ region="us-central1",
3379
+ name="website-rigm",
3380
+ versions=[gcp.compute.RegionInstanceGroupManagerVersionArgs(
3381
+ instance_template=instance_template.id,
3382
+ name="primary",
3383
+ )],
3384
+ base_instance_name="internal-glb",
3385
+ target_size=1)
3386
+ default_region_health_check = gcp.compute.RegionHealthCheck("default",
3387
+ region="us-central1",
3388
+ name="website-hc",
3389
+ http_health_check=gcp.compute.RegionHealthCheckHttpHealthCheckArgs(
3390
+ port_specification="USE_SERVING_PORT",
3391
+ ))
3392
+ default_region_backend_service = gcp.compute.RegionBackendService("default",
3393
+ load_balancing_scheme="INTERNAL_MANAGED",
3394
+ backends=[gcp.compute.RegionBackendServiceBackendArgs(
3395
+ group=rigm.instance_group,
3396
+ balancing_mode="UTILIZATION",
3397
+ capacity_scaler=1,
3398
+ )],
3399
+ region="us-central1",
3400
+ name="website-backend",
3401
+ protocol="HTTP",
3402
+ timeout_sec=10,
3403
+ health_checks=default_region_health_check.id)
3404
+ default_region_url_map = gcp.compute.RegionUrlMap("default",
3405
+ region="us-central1",
3406
+ name="website-map",
3407
+ default_service=default_region_backend_service.id)
3408
+ default_region_target_http_proxy = gcp.compute.RegionTargetHttpProxy("default",
3409
+ region="us-central1",
3410
+ name="website-proxy",
3411
+ url_map=default_region_url_map.id)
3412
+ # Forwarding rule for Internal Load Balancing
3413
+ default = gcp.compute.ForwardingRule("default",
3414
+ name="website-forwarding-rule",
3415
+ region="us-central1",
3416
+ ip_protocol="TCP",
3417
+ load_balancing_scheme="INTERNAL_MANAGED",
3418
+ port_range="80",
3419
+ target=default_region_target_http_proxy.id,
3420
+ network=default_network.id,
3421
+ subnetwork=default_subnetwork.id,
3422
+ network_tier="PREMIUM")
3423
+ fw1 = gcp.compute.Firewall("fw1",
3424
+ name="website-fw-1",
3425
+ network=default_network.id,
3426
+ source_ranges=["10.1.2.0/24"],
3427
+ allows=[
3428
+ gcp.compute.FirewallAllowArgs(
3429
+ protocol="tcp",
3430
+ ),
3431
+ gcp.compute.FirewallAllowArgs(
3432
+ protocol="udp",
3433
+ ),
3434
+ gcp.compute.FirewallAllowArgs(
3435
+ protocol="icmp",
3436
+ ),
3437
+ ],
3438
+ direction="INGRESS")
3439
+ fw2 = gcp.compute.Firewall("fw2",
3440
+ name="website-fw-2",
3441
+ network=default_network.id,
3442
+ source_ranges=["0.0.0.0/0"],
3443
+ allows=[gcp.compute.FirewallAllowArgs(
3444
+ protocol="tcp",
3445
+ ports=["22"],
3446
+ )],
3447
+ target_tags=["allow-ssh"],
3448
+ direction="INGRESS")
3449
+ fw3 = gcp.compute.Firewall("fw3",
3450
+ name="website-fw-3",
3451
+ network=default_network.id,
3452
+ source_ranges=[
3453
+ "130.211.0.0/22",
3454
+ "35.191.0.0/16",
3455
+ ],
3456
+ allows=[gcp.compute.FirewallAllowArgs(
3457
+ protocol="tcp",
3458
+ )],
3459
+ target_tags=["load-balanced-backend"],
3460
+ direction="INGRESS")
3461
+ fw4 = gcp.compute.Firewall("fw4",
3462
+ name="website-fw-4",
3463
+ network=default_network.id,
3464
+ source_ranges=["10.129.0.0/26"],
3465
+ target_tags=["load-balanced-backend"],
3466
+ allows=[
3467
+ gcp.compute.FirewallAllowArgs(
3468
+ protocol="tcp",
3469
+ ports=["80"],
3470
+ ),
3471
+ gcp.compute.FirewallAllowArgs(
3472
+ protocol="tcp",
3473
+ ports=["443"],
3474
+ ),
3475
+ gcp.compute.FirewallAllowArgs(
3476
+ protocol="tcp",
3477
+ ports=["8000"],
3478
+ ),
3479
+ ],
3480
+ direction="INGRESS")
3481
+ proxy = gcp.compute.Subnetwork("proxy",
3482
+ name="website-net-proxy",
3483
+ ip_cidr_range="10.129.0.0/26",
3484
+ region="us-central1",
3485
+ network=default_network.id,
3486
+ purpose="REGIONAL_MANAGED_PROXY",
3487
+ role="ACTIVE")
3488
+ ```
3489
+ ### Forwarding Rule Regional Http Xlb
3490
+
3491
+ ```python
3492
+ import pulumi
3493
+ import pulumi_gcp as gcp
3494
+
3495
+ debian_image = gcp.compute.get_image(family="debian-11",
3496
+ project="debian-cloud")
3497
+ default_network = gcp.compute.Network("default",
3498
+ name="website-net",
3499
+ auto_create_subnetworks=False,
3500
+ routing_mode="REGIONAL")
3501
+ default_subnetwork = gcp.compute.Subnetwork("default",
3502
+ name="website-net-default",
3503
+ ip_cidr_range="10.1.2.0/24",
3504
+ region="us-central1",
3505
+ network=default_network.id)
3506
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
3507
+ name="template-website-backend",
3508
+ machine_type="e2-medium",
3509
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
3510
+ network=default_network.id,
3511
+ subnetwork=default_subnetwork.id,
3512
+ )],
3513
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
3514
+ source_image=debian_image.self_link,
3515
+ auto_delete=True,
3516
+ boot=True,
3517
+ )],
3518
+ tags=[
3519
+ "allow-ssh",
3520
+ "load-balanced-backend",
3521
+ ])
3522
+ rigm = gcp.compute.RegionInstanceGroupManager("rigm",
3523
+ region="us-central1",
3524
+ name="website-rigm",
3525
+ versions=[gcp.compute.RegionInstanceGroupManagerVersionArgs(
3526
+ instance_template=instance_template.id,
3527
+ name="primary",
3528
+ )],
3529
+ base_instance_name="internal-glb",
3530
+ target_size=1)
3531
+ default_region_health_check = gcp.compute.RegionHealthCheck("default",
3532
+ region="us-central1",
3533
+ name="website-hc",
3534
+ http_health_check=gcp.compute.RegionHealthCheckHttpHealthCheckArgs(
3535
+ port_specification="USE_SERVING_PORT",
3536
+ ))
3537
+ default_region_backend_service = gcp.compute.RegionBackendService("default",
3538
+ load_balancing_scheme="EXTERNAL_MANAGED",
3539
+ backends=[gcp.compute.RegionBackendServiceBackendArgs(
3540
+ group=rigm.instance_group,
3541
+ balancing_mode="UTILIZATION",
3542
+ capacity_scaler=1,
3543
+ )],
3544
+ region="us-central1",
3545
+ name="website-backend",
3546
+ protocol="HTTP",
3547
+ timeout_sec=10,
3548
+ health_checks=default_region_health_check.id)
3549
+ default_region_url_map = gcp.compute.RegionUrlMap("default",
3550
+ region="us-central1",
3551
+ name="website-map",
3552
+ default_service=default_region_backend_service.id)
3553
+ default_region_target_http_proxy = gcp.compute.RegionTargetHttpProxy("default",
3554
+ region="us-central1",
3555
+ name="website-proxy",
3556
+ url_map=default_region_url_map.id)
3557
+ default_address = gcp.compute.Address("default",
3558
+ name="website-ip-1",
3559
+ region="us-central1",
3560
+ network_tier="STANDARD")
3561
+ # Forwarding rule for Regional External Load Balancing
3562
+ default = gcp.compute.ForwardingRule("default",
3563
+ name="website-forwarding-rule",
3564
+ region="us-central1",
3565
+ ip_protocol="TCP",
3566
+ load_balancing_scheme="EXTERNAL_MANAGED",
3567
+ port_range="80",
3568
+ target=default_region_target_http_proxy.id,
3569
+ network=default_network.id,
3570
+ ip_address=default_address.id,
3571
+ network_tier="STANDARD")
3572
+ fw1 = gcp.compute.Firewall("fw1",
3573
+ name="website-fw-1",
3574
+ network=default_network.id,
3575
+ source_ranges=["10.1.2.0/24"],
3576
+ allows=[
3577
+ gcp.compute.FirewallAllowArgs(
3578
+ protocol="tcp",
3579
+ ),
3580
+ gcp.compute.FirewallAllowArgs(
3581
+ protocol="udp",
3582
+ ),
3583
+ gcp.compute.FirewallAllowArgs(
3584
+ protocol="icmp",
3585
+ ),
3586
+ ],
3587
+ direction="INGRESS")
3588
+ fw2 = gcp.compute.Firewall("fw2",
3589
+ name="website-fw-2",
3590
+ network=default_network.id,
3591
+ source_ranges=["0.0.0.0/0"],
3592
+ allows=[gcp.compute.FirewallAllowArgs(
3593
+ protocol="tcp",
3594
+ ports=["22"],
3595
+ )],
3596
+ target_tags=["allow-ssh"],
3597
+ direction="INGRESS")
3598
+ fw3 = gcp.compute.Firewall("fw3",
3599
+ name="website-fw-3",
3600
+ network=default_network.id,
3601
+ source_ranges=[
3602
+ "130.211.0.0/22",
3603
+ "35.191.0.0/16",
3604
+ ],
3605
+ allows=[gcp.compute.FirewallAllowArgs(
3606
+ protocol="tcp",
3607
+ )],
3608
+ target_tags=["load-balanced-backend"],
3609
+ direction="INGRESS")
3610
+ fw4 = gcp.compute.Firewall("fw4",
3611
+ name="website-fw-4",
3612
+ network=default_network.id,
3613
+ source_ranges=["10.129.0.0/26"],
3614
+ target_tags=["load-balanced-backend"],
3615
+ allows=[
3616
+ gcp.compute.FirewallAllowArgs(
3617
+ protocol="tcp",
3618
+ ports=["80"],
3619
+ ),
3620
+ gcp.compute.FirewallAllowArgs(
3621
+ protocol="tcp",
3622
+ ports=["443"],
3623
+ ),
3624
+ gcp.compute.FirewallAllowArgs(
3625
+ protocol="tcp",
3626
+ ports=["8000"],
3627
+ ),
3628
+ ],
3629
+ direction="INGRESS")
3630
+ proxy = gcp.compute.Subnetwork("proxy",
3631
+ name="website-net-proxy",
3632
+ ip_cidr_range="10.129.0.0/26",
3633
+ region="us-central1",
3634
+ network=default_network.id,
3635
+ purpose="REGIONAL_MANAGED_PROXY",
3636
+ role="ACTIVE")
3637
+ ```
3638
+ ### Forwarding Rule Vpc Psc
3639
+
3640
+ ```python
3641
+ import pulumi
3642
+ import pulumi_gcp as gcp
3643
+
3644
+ # Consumer service endpoint
3645
+ consumer_net = gcp.compute.Network("consumer_net",
3646
+ name="consumer-net",
3647
+ auto_create_subnetworks=False)
3648
+ consumer_subnet = gcp.compute.Subnetwork("consumer_subnet",
3649
+ name="consumer-net",
3650
+ ip_cidr_range="10.0.0.0/16",
3651
+ region="us-central1",
3652
+ network=consumer_net.id)
3653
+ consumer_address = gcp.compute.Address("consumer_address",
3654
+ name="website-ip-1",
3655
+ region="us-central1",
3656
+ subnetwork=consumer_subnet.id,
3657
+ address_type="INTERNAL")
3658
+ # Producer service attachment
3659
+ producer_net = gcp.compute.Network("producer_net",
3660
+ name="producer-net",
3661
+ auto_create_subnetworks=False)
3662
+ psc_producer_subnet = gcp.compute.Subnetwork("psc_producer_subnet",
3663
+ name="producer-psc-net",
3664
+ ip_cidr_range="10.1.0.0/16",
3665
+ region="us-central1",
3666
+ purpose="PRIVATE_SERVICE_CONNECT",
3667
+ network=producer_net.id)
3668
+ producer_subnet = gcp.compute.Subnetwork("producer_subnet",
3669
+ name="producer-net",
3670
+ ip_cidr_range="10.0.0.0/16",
3671
+ region="us-central1",
3672
+ network=producer_net.id)
3673
+ producer_service_health_check = gcp.compute.HealthCheck("producer_service_health_check",
3674
+ name="producer-service-health-check",
3675
+ check_interval_sec=1,
3676
+ timeout_sec=1,
3677
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
3678
+ port=80,
3679
+ ))
3680
+ producer_service_backend = gcp.compute.RegionBackendService("producer_service_backend",
3681
+ name="producer-service-backend",
3682
+ region="us-central1",
3683
+ health_checks=producer_service_health_check.id)
3684
+ producer_target_service = gcp.compute.ForwardingRule("producer_target_service",
3685
+ name="producer-forwarding-rule",
3686
+ region="us-central1",
3687
+ load_balancing_scheme="INTERNAL",
3688
+ backend_service=producer_service_backend.id,
3689
+ all_ports=True,
3690
+ network=producer_net.name,
3691
+ subnetwork=producer_subnet.name)
3692
+ producer_service_attachment = gcp.compute.ServiceAttachment("producer_service_attachment",
3693
+ name="producer-service",
3694
+ region="us-central1",
3695
+ description="A service attachment configured with Terraform",
3696
+ enable_proxy_protocol=True,
3697
+ connection_preference="ACCEPT_AUTOMATIC",
3698
+ nat_subnets=[psc_producer_subnet.name],
3699
+ target_service=producer_target_service.id)
3700
+ # Forwarding rule for VPC private service connect
3701
+ default = gcp.compute.ForwardingRule("default",
3702
+ name="psc-endpoint",
3703
+ region="us-central1",
3704
+ load_balancing_scheme="",
3705
+ target=producer_service_attachment.id,
3706
+ network=consumer_net.name,
3707
+ ip_address=consumer_address.id,
3708
+ allow_psc_global_access=True)
3709
+ ```
3710
+ ### Forwarding Rule Vpc Psc No Automate Dns
3711
+
3712
+ ```python
3713
+ import pulumi
3714
+ import pulumi_gcp as gcp
3715
+
3716
+ consumer_net = gcp.compute.Network("consumer_net",
3717
+ name="consumer-net",
3718
+ auto_create_subnetworks=False)
3719
+ consumer_subnet = gcp.compute.Subnetwork("consumer_subnet",
3720
+ name="consumer-net",
3721
+ ip_cidr_range="10.0.0.0/16",
3722
+ region="us-central1",
3723
+ network=consumer_net.id)
3724
+ consumer_address = gcp.compute.Address("consumer_address",
3725
+ name="website-ip-1",
3726
+ region="us-central1",
3727
+ subnetwork=consumer_subnet.id,
3728
+ address_type="INTERNAL")
3729
+ producer_net = gcp.compute.Network("producer_net",
3730
+ name="producer-net",
3731
+ auto_create_subnetworks=False)
3732
+ psc_producer_subnet = gcp.compute.Subnetwork("psc_producer_subnet",
3733
+ name="producer-psc-net",
3734
+ ip_cidr_range="10.1.0.0/16",
3735
+ region="us-central1",
3736
+ purpose="PRIVATE_SERVICE_CONNECT",
3737
+ network=producer_net.id)
3738
+ producer_subnet = gcp.compute.Subnetwork("producer_subnet",
3739
+ name="producer-net",
3740
+ ip_cidr_range="10.0.0.0/16",
3741
+ region="us-central1",
3742
+ network=producer_net.id)
3743
+ producer_service_health_check = gcp.compute.HealthCheck("producer_service_health_check",
3744
+ name="producer-service-health-check",
3745
+ check_interval_sec=1,
3746
+ timeout_sec=1,
3747
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
3748
+ port=80,
3749
+ ))
3750
+ producer_service_backend = gcp.compute.RegionBackendService("producer_service_backend",
3751
+ name="producer-service-backend",
3752
+ region="us-central1",
3753
+ health_checks=producer_service_health_check.id)
3754
+ producer_target_service = gcp.compute.ForwardingRule("producer_target_service",
3755
+ name="producer-forwarding-rule",
3756
+ region="us-central1",
3757
+ load_balancing_scheme="INTERNAL",
3758
+ backend_service=producer_service_backend.id,
3759
+ all_ports=True,
3760
+ network=producer_net.name,
3761
+ subnetwork=producer_subnet.name)
3762
+ producer_service_attachment = gcp.compute.ServiceAttachment("producer_service_attachment",
3763
+ name="producer-service",
3764
+ region="us-central1",
3765
+ description="A service attachment configured with Terraform",
3766
+ enable_proxy_protocol=True,
3767
+ connection_preference="ACCEPT_AUTOMATIC",
3768
+ nat_subnets=[psc_producer_subnet.name],
3769
+ target_service=producer_target_service.id)
3770
+ default = gcp.compute.ForwardingRule("default",
3771
+ name="psc-endpoint",
3772
+ region="us-central1",
3773
+ load_balancing_scheme="",
3774
+ target=producer_service_attachment.id,
3775
+ network=consumer_net.name,
3776
+ ip_address=consumer_address.id,
3777
+ allow_psc_global_access=True,
3778
+ no_automate_dns_zone=True)
3779
+ ```
3780
+ ### Forwarding Rule Regional Steering
3781
+
3782
+ ```python
3783
+ import pulumi
3784
+ import pulumi_gcp as gcp
3785
+
3786
+ basic = gcp.compute.Address("basic",
3787
+ name="website-ip",
3788
+ region="us-central1")
3789
+ external = gcp.compute.RegionBackendService("external",
3790
+ name="service-backend",
2016
3791
  region="us-central1",
2017
- ip_address=basic.self_link,
2018
- backend_service=external_region_backend_service.self_link,
2019
3792
  load_balancing_scheme="EXTERNAL")
2020
3793
  steering = gcp.compute.ForwardingRule("steering",
3794
+ name="steering-rule",
2021
3795
  region="us-central1",
2022
3796
  ip_address=basic.self_link,
2023
- backend_service=external_region_backend_service.self_link,
3797
+ backend_service=external.self_link,
2024
3798
  load_balancing_scheme="EXTERNAL",
2025
3799
  source_ip_ranges=[
2026
3800
  "34.121.88.0/24",
2027
3801
  "35.187.239.137",
2028
- ],
2029
- opts=pulumi.ResourceOptions(depends_on=[external_forwarding_rule]))
3802
+ ])
3803
+ external_forwarding_rule = gcp.compute.ForwardingRule("external",
3804
+ name="external-forwarding-rule",
3805
+ region="us-central1",
3806
+ ip_address=basic.self_link,
3807
+ backend_service=external.self_link,
3808
+ load_balancing_scheme="EXTERNAL")
3809
+ ```
3810
+ ### Forwarding Rule Internallb Ipv6
3811
+
3812
+ ```python
3813
+ import pulumi
3814
+ import pulumi_gcp as gcp
3815
+
3816
+ hc = gcp.compute.HealthCheck("hc",
3817
+ name="check-ilb-ipv6-backend",
3818
+ check_interval_sec=1,
3819
+ timeout_sec=1,
3820
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
3821
+ port=80,
3822
+ ))
3823
+ backend = gcp.compute.RegionBackendService("backend",
3824
+ name="ilb-ipv6-backend",
3825
+ region="us-central1",
3826
+ health_checks=hc.id)
3827
+ default_network = gcp.compute.Network("default",
3828
+ name="net-ipv6",
3829
+ auto_create_subnetworks=False,
3830
+ enable_ula_internal_ipv6=True)
3831
+ default_subnetwork = gcp.compute.Subnetwork("default",
3832
+ name="subnet-internal-ipv6",
3833
+ ip_cidr_range="10.0.0.0/16",
3834
+ region="us-central1",
3835
+ stack_type="IPV4_IPV6",
3836
+ ipv6_access_type="INTERNAL",
3837
+ network=default_network.id)
3838
+ # Forwarding rule for Internal Load Balancing
3839
+ default = gcp.compute.ForwardingRule("default",
3840
+ name="ilb-ipv6-forwarding-rule",
3841
+ region="us-central1",
3842
+ load_balancing_scheme="INTERNAL",
3843
+ backend_service=backend.id,
3844
+ all_ports=True,
3845
+ network=default_network.name,
3846
+ subnetwork=default_subnetwork.name,
3847
+ ip_version="IPV6")
2030
3848
  ```
2031
3849
 
2032
3850
  ## Import