pulumi-gcp 7.12.0a1709074764__py3-none-any.whl → 7.12.0a1709133800__py3-none-any.whl

Sign up to get free protection for your applications and to get access to all the features.
Files changed (934) hide show
  1. pulumi_gcp/accessapproval/get_folder_service_account.py +2 -2
  2. pulumi_gcp/accessapproval/get_organization_service_account.py +2 -2
  3. pulumi_gcp/accessapproval/get_project_service_account.py +2 -2
  4. pulumi_gcp/accesscontextmanager/access_level.py +10 -8
  5. pulumi_gcp/accesscontextmanager/access_level_condition.py +2 -0
  6. pulumi_gcp/accesscontextmanager/access_levels.py +16 -16
  7. pulumi_gcp/accesscontextmanager/access_policy.py +12 -6
  8. pulumi_gcp/accesscontextmanager/access_policy_iam_binding.py +10 -2
  9. pulumi_gcp/accesscontextmanager/access_policy_iam_member.py +10 -2
  10. pulumi_gcp/accesscontextmanager/access_policy_iam_policy.py +10 -2
  11. pulumi_gcp/accesscontextmanager/authorized_orgs_desc.py +8 -6
  12. pulumi_gcp/accesscontextmanager/gcp_user_access_binding.py +80 -0
  13. pulumi_gcp/accesscontextmanager/get_access_policy_iam_policy.py +2 -2
  14. pulumi_gcp/accesscontextmanager/service_perimeter.py +34 -24
  15. pulumi_gcp/accesscontextmanager/service_perimeter_resource.py +6 -4
  16. pulumi_gcp/accesscontextmanager/service_perimeters.py +14 -12
  17. pulumi_gcp/activedirectory/domain_trust.py +6 -6
  18. pulumi_gcp/activedirectory/peering.py +20 -22
  19. pulumi_gcp/alloydb/backup.py +62 -66
  20. pulumi_gcp/alloydb/cluster.py +78 -82
  21. pulumi_gcp/alloydb/instance.py +70 -74
  22. pulumi_gcp/alloydb/user.py +44 -48
  23. pulumi_gcp/apigateway/api.py +2 -4
  24. pulumi_gcp/apigateway/api_config.py +86 -14
  25. pulumi_gcp/apigateway/api_config_iam_binding.py +18 -24
  26. pulumi_gcp/apigateway/api_config_iam_member.py +18 -24
  27. pulumi_gcp/apigateway/api_config_iam_policy.py +18 -24
  28. pulumi_gcp/apigateway/api_iam_binding.py +18 -24
  29. pulumi_gcp/apigateway/api_iam_member.py +18 -24
  30. pulumi_gcp/apigateway/api_iam_policy.py +18 -24
  31. pulumi_gcp/apigateway/gateway.py +16 -22
  32. pulumi_gcp/apigateway/gateway_iam_binding.py +24 -30
  33. pulumi_gcp/apigateway/gateway_iam_member.py +24 -30
  34. pulumi_gcp/apigateway/gateway_iam_policy.py +24 -30
  35. pulumi_gcp/apigee/addons_config.py +22 -26
  36. pulumi_gcp/apigee/endpoint_attachment.py +14 -14
  37. pulumi_gcp/apigee/env_group.py +16 -14
  38. pulumi_gcp/apigee/env_group_attachment.py +0 -100
  39. pulumi_gcp/apigee/environment.py +14 -12
  40. pulumi_gcp/apigee/environment_iam_binding.py +12 -12
  41. pulumi_gcp/apigee/environment_iam_member.py +12 -12
  42. pulumi_gcp/apigee/environment_iam_policy.py +12 -12
  43. pulumi_gcp/apigee/get_environment_iam_policy.py +4 -4
  44. pulumi_gcp/apigee/instance.py +84 -76
  45. pulumi_gcp/apigee/instance_attachment.py +0 -100
  46. pulumi_gcp/apigee/keystores_aliases_self_signed_cert.py +40 -40
  47. pulumi_gcp/apigee/nat_address.py +42 -36
  48. pulumi_gcp/apigee/organization.py +62 -58
  49. pulumi_gcp/apigee/sync_authorization.py +16 -12
  50. pulumi_gcp/apigee/target_server.py +34 -36
  51. pulumi_gcp/appengine/application.py +8 -2
  52. pulumi_gcp/appengine/application_url_dispatch_rules.py +12 -6
  53. pulumi_gcp/appengine/domain_mapping.py +2 -2
  54. pulumi_gcp/appengine/engine_split_traffic.py +12 -6
  55. pulumi_gcp/appengine/firewall_rule.py +6 -2
  56. pulumi_gcp/appengine/flexible_app_version.py +20 -12
  57. pulumi_gcp/appengine/service_network_settings.py +14 -8
  58. pulumi_gcp/appengine/standard_app_version.py +18 -12
  59. pulumi_gcp/artifactregistry/get_repository_iam_policy.py +6 -6
  60. pulumi_gcp/artifactregistry/repository.py +78 -82
  61. pulumi_gcp/artifactregistry/repository_iam_binding.py +18 -18
  62. pulumi_gcp/artifactregistry/repository_iam_member.py +18 -18
  63. pulumi_gcp/artifactregistry/repository_iam_policy.py +18 -18
  64. pulumi_gcp/artifactregistry/vpcsc_config.py +2 -4
  65. pulumi_gcp/assuredworkloads/workload.py +16 -18
  66. pulumi_gcp/backupdisasterrecovery/management_server.py +20 -24
  67. pulumi_gcp/beyondcorp/app_connection.py +44 -30
  68. pulumi_gcp/beyondcorp/app_connector.py +22 -16
  69. pulumi_gcp/beyondcorp/app_gateway.py +20 -16
  70. pulumi_gcp/biglake/catalog.py +6 -2
  71. pulumi_gcp/biglake/database.py +14 -4
  72. pulumi_gcp/biglake/table.py +20 -6
  73. pulumi_gcp/bigquery/app_profile.py +8 -0
  74. pulumi_gcp/bigquery/capacity_commitment.py +4 -4
  75. pulumi_gcp/bigquery/connection.py +72 -54
  76. pulumi_gcp/bigquery/connection_iam_binding.py +18 -18
  77. pulumi_gcp/bigquery/connection_iam_member.py +18 -18
  78. pulumi_gcp/bigquery/connection_iam_policy.py +18 -18
  79. pulumi_gcp/bigquery/data_transfer_config.py +8 -12
  80. pulumi_gcp/bigquery/dataset.py +20 -14
  81. pulumi_gcp/bigquery/dataset_access.py +16 -16
  82. pulumi_gcp/bigquery/dataset_iam_binding.py +4 -4
  83. pulumi_gcp/bigquery/dataset_iam_member.py +4 -4
  84. pulumi_gcp/bigquery/dataset_iam_policy.py +4 -4
  85. pulumi_gcp/bigquery/get_connection_iam_policy.py +6 -6
  86. pulumi_gcp/bigquery/get_dataset_iam_policy.py +2 -2
  87. pulumi_gcp/bigquery/get_default_service_account.py +4 -4
  88. pulumi_gcp/bigquery/get_table_iam_policy.py +6 -6
  89. pulumi_gcp/bigquery/iam_binding.py +36 -36
  90. pulumi_gcp/bigquery/iam_member.py +36 -36
  91. pulumi_gcp/bigquery/iam_policy.py +36 -36
  92. pulumi_gcp/bigquery/job.py +326 -20
  93. pulumi_gcp/bigquery/reservation.py +14 -12
  94. pulumi_gcp/bigquery/reservation_assignment.py +2 -0
  95. pulumi_gcp/bigquery/routine.py +22 -22
  96. pulumi_gcp/bigquery/table.py +8 -8
  97. pulumi_gcp/bigqueryanalyticshub/data_exchange.py +6 -6
  98. pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_binding.py +18 -18
  99. pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_member.py +18 -18
  100. pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_policy.py +18 -18
  101. pulumi_gcp/bigqueryanalyticshub/get_data_exchange_iam_policy.py +6 -6
  102. pulumi_gcp/bigqueryanalyticshub/get_listing_iam_policy.py +8 -8
  103. pulumi_gcp/bigqueryanalyticshub/listing.py +16 -16
  104. pulumi_gcp/bigqueryanalyticshub/listing_iam_binding.py +24 -24
  105. pulumi_gcp/bigqueryanalyticshub/listing_iam_member.py +24 -24
  106. pulumi_gcp/bigqueryanalyticshub/listing_iam_policy.py +24 -24
  107. pulumi_gcp/bigquerydatapolicy/data_policy.py +4 -4
  108. pulumi_gcp/bigquerydatapolicy/data_policy_iam_binding.py +18 -18
  109. pulumi_gcp/bigquerydatapolicy/data_policy_iam_member.py +18 -18
  110. pulumi_gcp/bigquerydatapolicy/data_policy_iam_policy.py +18 -18
  111. pulumi_gcp/bigquerydatapolicy/get_iam_policy.py +6 -6
  112. pulumi_gcp/bigtable/gc_policy.py +0 -208
  113. pulumi_gcp/bigtable/get_instance_iam_policy.py +2 -2
  114. pulumi_gcp/bigtable/get_table_iam_policy.py +4 -4
  115. pulumi_gcp/bigtable/instance.py +14 -10
  116. pulumi_gcp/bigtable/instance_iam_binding.py +8 -8
  117. pulumi_gcp/bigtable/instance_iam_member.py +8 -8
  118. pulumi_gcp/bigtable/instance_iam_policy.py +8 -8
  119. pulumi_gcp/bigtable/table.py +18 -12
  120. pulumi_gcp/bigtable/table_iam_binding.py +8 -8
  121. pulumi_gcp/bigtable/table_iam_member.py +8 -8
  122. pulumi_gcp/bigtable/table_iam_policy.py +8 -8
  123. pulumi_gcp/billing/account_iam_binding.py +8 -8
  124. pulumi_gcp/billing/account_iam_member.py +8 -8
  125. pulumi_gcp/billing/account_iam_policy.py +8 -8
  126. pulumi_gcp/billing/budget.py +2 -2
  127. pulumi_gcp/binaryauthorization/attestor.py +74 -52
  128. pulumi_gcp/binaryauthorization/attestor_iam_binding.py +12 -12
  129. pulumi_gcp/binaryauthorization/attestor_iam_member.py +12 -12
  130. pulumi_gcp/binaryauthorization/attestor_iam_policy.py +12 -12
  131. pulumi_gcp/binaryauthorization/get_attestor_iam_policy.py +4 -4
  132. pulumi_gcp/binaryauthorization/policy.py +48 -32
  133. pulumi_gcp/blockchainnodeengine/blockchain_nodes.py +38 -38
  134. pulumi_gcp/certificateauthority/authority.py +34 -42
  135. pulumi_gcp/certificateauthority/ca_pool.py +274 -6
  136. pulumi_gcp/certificateauthority/ca_pool_iam_binding.py +12 -12
  137. pulumi_gcp/certificateauthority/ca_pool_iam_member.py +12 -12
  138. pulumi_gcp/certificateauthority/ca_pool_iam_policy.py +12 -12
  139. pulumi_gcp/certificateauthority/certificate.py +264 -44
  140. pulumi_gcp/certificateauthority/certificate_template.py +168 -0
  141. pulumi_gcp/certificateauthority/certificate_template_iam_binding.py +12 -12
  142. pulumi_gcp/certificateauthority/certificate_template_iam_member.py +12 -12
  143. pulumi_gcp/certificateauthority/certificate_template_iam_policy.py +12 -12
  144. pulumi_gcp/certificateauthority/get_ca_pool_iam_policy.py +2 -2
  145. pulumi_gcp/certificateauthority/get_certificate_template_iam_policy.py +2 -2
  146. pulumi_gcp/certificatemanager/certificate.py +114 -84
  147. pulumi_gcp/certificatemanager/certificate_issuance_config.py +34 -32
  148. pulumi_gcp/certificatemanager/certificate_map.py +2 -0
  149. pulumi_gcp/certificatemanager/certificate_map_entry.py +12 -2
  150. pulumi_gcp/certificatemanager/dns_authorization.py +2 -0
  151. pulumi_gcp/certificatemanager/trust_config.py +8 -4
  152. pulumi_gcp/cloudasset/folder_feed.py +82 -0
  153. pulumi_gcp/cloudasset/organization_feed.py +74 -0
  154. pulumi_gcp/cloudasset/project_feed.py +70 -0
  155. pulumi_gcp/cloudbuild/bitbucket_server_config.py +98 -14
  156. pulumi_gcp/cloudbuild/get_trigger.py +2 -2
  157. pulumi_gcp/cloudbuild/trigger.py +650 -122
  158. pulumi_gcp/cloudbuild/worker_pool.py +20 -16
  159. pulumi_gcp/cloudbuildv2/connection.py +20 -18
  160. pulumi_gcp/cloudbuildv2/connection_iam_binding.py +18 -12
  161. pulumi_gcp/cloudbuildv2/connection_iam_member.py +18 -12
  162. pulumi_gcp/cloudbuildv2/connection_iam_policy.py +18 -12
  163. pulumi_gcp/cloudbuildv2/get_connection_iam_policy.py +6 -6
  164. pulumi_gcp/cloudbuildv2/repository.py +18 -14
  165. pulumi_gcp/clouddeploy/automation.py +16 -16
  166. pulumi_gcp/clouddeploy/custom_target_type.py +38 -32
  167. pulumi_gcp/clouddeploy/delivery_pipeline.py +40 -38
  168. pulumi_gcp/clouddeploy/get_delivery_pipeline_iam_policy.py +6 -6
  169. pulumi_gcp/clouddeploy/target.py +26 -24
  170. pulumi_gcp/clouddomains/registration.py +74 -74
  171. pulumi_gcp/cloudfunctions/function.py +20 -4
  172. pulumi_gcp/cloudfunctions/function_iam_binding.py +18 -18
  173. pulumi_gcp/cloudfunctions/function_iam_member.py +18 -18
  174. pulumi_gcp/cloudfunctions/function_iam_policy.py +18 -18
  175. pulumi_gcp/cloudfunctions/get_function_iam_policy.py +6 -6
  176. pulumi_gcp/cloudfunctionsv2/function.py +776 -42
  177. pulumi_gcp/cloudfunctionsv2/function_iam_binding.py +18 -18
  178. pulumi_gcp/cloudfunctionsv2/function_iam_member.py +18 -18
  179. pulumi_gcp/cloudfunctionsv2/function_iam_policy.py +18 -18
  180. pulumi_gcp/cloudfunctionsv2/get_function.py +4 -4
  181. pulumi_gcp/cloudfunctionsv2/get_function_iam_policy.py +6 -6
  182. pulumi_gcp/cloudidentity/group.py +8 -8
  183. pulumi_gcp/cloudidentity/group_membership.py +4 -4
  184. pulumi_gcp/cloudids/endpoint.py +12 -10
  185. pulumi_gcp/cloudrun/domain_mapping.py +10 -6
  186. pulumi_gcp/cloudrun/get_service.py +4 -4
  187. pulumi_gcp/cloudrun/get_service_iam_policy.py +6 -6
  188. pulumi_gcp/cloudrun/iam_binding.py +18 -18
  189. pulumi_gcp/cloudrun/iam_member.py +18 -18
  190. pulumi_gcp/cloudrun/iam_policy.py +18 -18
  191. pulumi_gcp/cloudrun/service.py +28 -14
  192. pulumi_gcp/cloudrunv2/get_job.py +4 -4
  193. pulumi_gcp/cloudrunv2/get_job_iam_policy.py +6 -6
  194. pulumi_gcp/cloudrunv2/get_service.py +4 -4
  195. pulumi_gcp/cloudrunv2/get_service_iam_policy.py +6 -6
  196. pulumi_gcp/cloudrunv2/job.py +56 -46
  197. pulumi_gcp/cloudrunv2/job_iam_binding.py +18 -12
  198. pulumi_gcp/cloudrunv2/job_iam_member.py +18 -12
  199. pulumi_gcp/cloudrunv2/job_iam_policy.py +18 -12
  200. pulumi_gcp/cloudrunv2/service.py +94 -68
  201. pulumi_gcp/cloudrunv2/service_iam_binding.py +18 -12
  202. pulumi_gcp/cloudrunv2/service_iam_member.py +18 -12
  203. pulumi_gcp/cloudrunv2/service_iam_policy.py +18 -12
  204. pulumi_gcp/cloudscheduler/job.py +168 -26
  205. pulumi_gcp/cloudtasks/get_queue_iam_policy.py +6 -6
  206. pulumi_gcp/cloudtasks/queue.py +18 -12
  207. pulumi_gcp/cloudtasks/queue_iam_binding.py +18 -12
  208. pulumi_gcp/cloudtasks/queue_iam_member.py +18 -12
  209. pulumi_gcp/cloudtasks/queue_iam_policy.py +18 -12
  210. pulumi_gcp/composer/get_environment.py +22 -0
  211. pulumi_gcp/composer/get_image_versions.py +2 -0
  212. pulumi_gcp/compute/address.py +32 -18
  213. pulumi_gcp/compute/attached_disk.py +8 -6
  214. pulumi_gcp/compute/autoscaler.py +34 -28
  215. pulumi_gcp/compute/backend_bucket.py +42 -16
  216. pulumi_gcp/compute/backend_bucket_signed_url_key.py +16 -8
  217. pulumi_gcp/compute/backend_service.py +350 -34
  218. pulumi_gcp/compute/backend_service_signed_url_key.py +98 -0
  219. pulumi_gcp/compute/disk.py +26 -18
  220. pulumi_gcp/compute/disk_async_replication.py +4 -0
  221. pulumi_gcp/compute/disk_iam_binding.py +18 -12
  222. pulumi_gcp/compute/disk_iam_member.py +18 -12
  223. pulumi_gcp/compute/disk_iam_policy.py +18 -12
  224. pulumi_gcp/compute/disk_resource_policy_attachment.py +12 -6
  225. pulumi_gcp/compute/external_vpn_gateway.py +40 -16
  226. pulumi_gcp/compute/firewall.py +16 -12
  227. pulumi_gcp/compute/firewall_policy.py +4 -4
  228. pulumi_gcp/compute/firewall_policy_association.py +10 -8
  229. pulumi_gcp/compute/firewall_policy_rule.py +4 -2
  230. pulumi_gcp/compute/forwarding_rule.py +1840 -22
  231. pulumi_gcp/compute/get_address.py +6 -2
  232. pulumi_gcp/compute/get_addresses.py +6 -2
  233. pulumi_gcp/compute/get_backend_service.py +32 -0
  234. pulumi_gcp/compute/get_disk.py +0 -2
  235. pulumi_gcp/compute/get_disk_iam_policy.py +6 -6
  236. pulumi_gcp/compute/get_global_address.py +6 -2
  237. pulumi_gcp/compute/get_image.py +0 -2
  238. pulumi_gcp/compute/get_image_iam_policy.py +4 -4
  239. pulumi_gcp/compute/get_instance_iam_policy.py +6 -6
  240. pulumi_gcp/compute/get_instance_serial_port.py +10 -8
  241. pulumi_gcp/compute/get_instance_template.py +0 -22
  242. pulumi_gcp/compute/get_lbip_ranges.py +4 -2
  243. pulumi_gcp/compute/get_machine_types.py +100 -0
  244. pulumi_gcp/compute/get_netblock_ip_ranges.py +4 -2
  245. pulumi_gcp/compute/get_network_peering.py +16 -4
  246. pulumi_gcp/compute/get_node_types.py +4 -2
  247. pulumi_gcp/compute/get_region_disk_iam_policy.py +6 -6
  248. pulumi_gcp/compute/get_region_instance_template.py +4 -0
  249. pulumi_gcp/compute/get_regions.py +2 -0
  250. pulumi_gcp/compute/get_snapshot.py +4 -0
  251. pulumi_gcp/compute/get_snapshot_iam_policy.py +4 -4
  252. pulumi_gcp/compute/get_subnetwork_iam_policy.py +6 -6
  253. pulumi_gcp/compute/global_address.py +12 -10
  254. pulumi_gcp/compute/global_forwarding_rule.py +1574 -56
  255. pulumi_gcp/compute/global_network_endpoint.py +2 -0
  256. pulumi_gcp/compute/global_network_endpoint_group.py +8 -4
  257. pulumi_gcp/compute/ha_vpn_gateway.py +38 -10
  258. pulumi_gcp/compute/health_check.py +114 -90
  259. pulumi_gcp/compute/http_health_check.py +6 -4
  260. pulumi_gcp/compute/https_health_check.py +6 -4
  261. pulumi_gcp/compute/image.py +22 -14
  262. pulumi_gcp/compute/image_iam_binding.py +24 -24
  263. pulumi_gcp/compute/image_iam_member.py +24 -24
  264. pulumi_gcp/compute/image_iam_policy.py +24 -24
  265. pulumi_gcp/compute/instance.py +16 -14
  266. pulumi_gcp/compute/instance_from_machine_image.py +4 -4
  267. pulumi_gcp/compute/instance_from_template.py +10 -6
  268. pulumi_gcp/compute/instance_group.py +108 -6
  269. pulumi_gcp/compute/instance_group_manager.py +16 -12
  270. pulumi_gcp/compute/instance_group_membership.py +6 -4
  271. pulumi_gcp/compute/instance_group_named_port.py +22 -10
  272. pulumi_gcp/compute/instance_iam_binding.py +36 -36
  273. pulumi_gcp/compute/instance_iam_member.py +36 -36
  274. pulumi_gcp/compute/instance_iam_policy.py +36 -36
  275. pulumi_gcp/compute/instance_settings.py +4 -6
  276. pulumi_gcp/compute/instance_template.py +150 -12
  277. pulumi_gcp/compute/interconnect_attachment.py +28 -10
  278. pulumi_gcp/compute/machine_image.py +30 -24
  279. pulumi_gcp/compute/machine_image_iam_binding.py +36 -48
  280. pulumi_gcp/compute/machine_image_iam_member.py +36 -48
  281. pulumi_gcp/compute/machine_image_iam_policy.py +36 -48
  282. pulumi_gcp/compute/managed_ssl_certificate.py +212 -0
  283. pulumi_gcp/compute/manged_ssl_certificate.py +212 -0
  284. pulumi_gcp/compute/network.py +18 -14
  285. pulumi_gcp/compute/network_attachment.py +60 -52
  286. pulumi_gcp/compute/network_edge_security_service.py +4 -4
  287. pulumi_gcp/compute/network_endpoint.py +32 -22
  288. pulumi_gcp/compute/network_endpoint_group.py +20 -10
  289. pulumi_gcp/compute/network_endpoint_list.py +44 -32
  290. pulumi_gcp/compute/network_firewall_policy.py +6 -2
  291. pulumi_gcp/compute/network_firewall_policy_association.py +8 -4
  292. pulumi_gcp/compute/network_firewall_policy_rule.py +14 -10
  293. pulumi_gcp/compute/network_peering.py +16 -4
  294. pulumi_gcp/compute/network_peering_routes_config.py +38 -18
  295. pulumi_gcp/compute/node_group.py +28 -10
  296. pulumi_gcp/compute/node_template.py +12 -8
  297. pulumi_gcp/compute/organization_security_policy.py +2 -4
  298. pulumi_gcp/compute/organization_security_policy_association.py +22 -28
  299. pulumi_gcp/compute/organization_security_policy_rule.py +10 -14
  300. pulumi_gcp/compute/packet_mirroring.py +128 -0
  301. pulumi_gcp/compute/per_instance_config.py +16 -8
  302. pulumi_gcp/compute/project_metadata.py +6 -8
  303. pulumi_gcp/compute/public_advertised_prefix.py +2 -0
  304. pulumi_gcp/compute/public_delegated_prefix.py +4 -0
  305. pulumi_gcp/compute/region_autoscaler.py +14 -8
  306. pulumi_gcp/compute/region_backend_service.py +462 -2
  307. pulumi_gcp/compute/region_commitment.py +20 -16
  308. pulumi_gcp/compute/region_disk.py +20 -8
  309. pulumi_gcp/compute/region_disk_iam_binding.py +18 -12
  310. pulumi_gcp/compute/region_disk_iam_member.py +18 -12
  311. pulumi_gcp/compute/region_disk_iam_policy.py +18 -12
  312. pulumi_gcp/compute/region_disk_resource_policy_attachment.py +16 -6
  313. pulumi_gcp/compute/region_health_check.py +114 -90
  314. pulumi_gcp/compute/region_instance_group_manager.py +14 -8
  315. pulumi_gcp/compute/region_network_endpoint.py +16 -4
  316. pulumi_gcp/compute/region_network_endpoint_group.py +166 -32
  317. pulumi_gcp/compute/region_network_firewall_policy.py +6 -2
  318. pulumi_gcp/compute/region_network_firewall_policy_association.py +8 -4
  319. pulumi_gcp/compute/region_network_firewall_policy_rule.py +14 -10
  320. pulumi_gcp/compute/region_per_instance_config.py +12 -4
  321. pulumi_gcp/compute/region_security_policy.py +12 -12
  322. pulumi_gcp/compute/region_security_policy_rule.py +38 -48
  323. pulumi_gcp/compute/region_ssl_certificate.py +138 -32
  324. pulumi_gcp/compute/region_target_http_proxy.py +88 -4
  325. pulumi_gcp/compute/region_target_https_proxy.py +96 -0
  326. pulumi_gcp/compute/region_target_tcp_proxy.py +52 -0
  327. pulumi_gcp/compute/region_url_map.py +1038 -0
  328. pulumi_gcp/compute/reservation.py +10 -8
  329. pulumi_gcp/compute/resource_policy.py +60 -48
  330. pulumi_gcp/compute/route.py +206 -4
  331. pulumi_gcp/compute/router.py +18 -6
  332. pulumi_gcp/compute/router_interface.py +6 -4
  333. pulumi_gcp/compute/router_nat.py +82 -42
  334. pulumi_gcp/compute/router_peer.py +72 -42
  335. pulumi_gcp/compute/security_policy.py +120 -108
  336. pulumi_gcp/compute/security_scan_config.py +4 -6
  337. pulumi_gcp/compute/service_attachment.py +376 -0
  338. pulumi_gcp/compute/snapshot.py +8 -0
  339. pulumi_gcp/compute/snapshot_iam_binding.py +12 -6
  340. pulumi_gcp/compute/snapshot_iam_member.py +12 -6
  341. pulumi_gcp/compute/snapshot_iam_policy.py +12 -6
  342. pulumi_gcp/compute/ssl_certificate.py +118 -30
  343. pulumi_gcp/compute/ssl_policy.py +20 -12
  344. pulumi_gcp/compute/subnetwork.py +58 -30
  345. pulumi_gcp/compute/subnetwork_iam_binding.py +36 -36
  346. pulumi_gcp/compute/subnetwork_iam_member.py +36 -36
  347. pulumi_gcp/compute/subnetwork_iam_policy.py +36 -36
  348. pulumi_gcp/compute/target_grpc_proxy.py +176 -0
  349. pulumi_gcp/compute/target_http_proxy.py +166 -10
  350. pulumi_gcp/compute/target_https_proxy.py +336 -14
  351. pulumi_gcp/compute/target_instance.py +22 -16
  352. pulumi_gcp/compute/target_pool.py +40 -0
  353. pulumi_gcp/compute/target_ssl_proxy.py +54 -0
  354. pulumi_gcp/compute/target_tcp_proxy.py +44 -0
  355. pulumi_gcp/compute/url_map.py +1146 -0
  356. pulumi_gcp/compute/vpn_gateway.py +28 -24
  357. pulumi_gcp/compute/vpn_tunnel.py +40 -36
  358. pulumi_gcp/container/_inputs.py +0 -188
  359. pulumi_gcp/container/attached_cluster.py +124 -0
  360. pulumi_gcp/container/aws_cluster.py +46 -42
  361. pulumi_gcp/container/aws_node_pool.py +34 -26
  362. pulumi_gcp/container/azure_client.py +6 -4
  363. pulumi_gcp/container/azure_cluster.py +30 -26
  364. pulumi_gcp/container/azure_node_pool.py +12 -6
  365. pulumi_gcp/container/cluster.py +62 -6
  366. pulumi_gcp/container/get_attached_versions.py +2 -2
  367. pulumi_gcp/container/get_aws_versions.py +2 -2
  368. pulumi_gcp/container/get_azure_versions.py +2 -2
  369. pulumi_gcp/container/get_engine_versions.py +2 -0
  370. pulumi_gcp/container/node_pool.py +68 -2
  371. pulumi_gcp/container/outputs.py +0 -188
  372. pulumi_gcp/container/registry.py +4 -4
  373. pulumi_gcp/containeranalysis/get_note_iam_policy.py +4 -4
  374. pulumi_gcp/containeranalysis/note.py +32 -26
  375. pulumi_gcp/containeranalysis/note_iam_binding.py +12 -12
  376. pulumi_gcp/containeranalysis/note_iam_member.py +12 -12
  377. pulumi_gcp/containeranalysis/note_iam_policy.py +12 -12
  378. pulumi_gcp/databasemigrationservice/connection_profile.py +40 -46
  379. pulumi_gcp/databasemigrationservice/private_connection.py +6 -6
  380. pulumi_gcp/datacatalog/entry.py +12 -12
  381. pulumi_gcp/datacatalog/entry_group.py +8 -8
  382. pulumi_gcp/datacatalog/entry_group_iam_binding.py +6 -6
  383. pulumi_gcp/datacatalog/entry_group_iam_member.py +6 -6
  384. pulumi_gcp/datacatalog/entry_group_iam_policy.py +6 -6
  385. pulumi_gcp/datacatalog/get_entry_group_iam_policy.py +2 -2
  386. pulumi_gcp/datacatalog/get_policy_tag_iam_policy.py +2 -2
  387. pulumi_gcp/datacatalog/get_tag_template_iam_policy.py +2 -2
  388. pulumi_gcp/datacatalog/get_taxonomy_iam_policy.py +2 -2
  389. pulumi_gcp/datacatalog/policy_tag.py +14 -16
  390. pulumi_gcp/datacatalog/policy_tag_iam_binding.py +6 -6
  391. pulumi_gcp/datacatalog/policy_tag_iam_member.py +6 -6
  392. pulumi_gcp/datacatalog/policy_tag_iam_policy.py +6 -6
  393. pulumi_gcp/datacatalog/tag.py +22 -22
  394. pulumi_gcp/datacatalog/tag_template.py +16 -16
  395. pulumi_gcp/datacatalog/tag_template_iam_binding.py +6 -6
  396. pulumi_gcp/datacatalog/tag_template_iam_member.py +6 -6
  397. pulumi_gcp/datacatalog/tag_template_iam_policy.py +6 -6
  398. pulumi_gcp/datacatalog/taxonomy.py +6 -6
  399. pulumi_gcp/datacatalog/taxonomy_iam_binding.py +6 -6
  400. pulumi_gcp/datacatalog/taxonomy_iam_member.py +6 -6
  401. pulumi_gcp/datacatalog/taxonomy_iam_policy.py +6 -6
  402. pulumi_gcp/dataflow/flex_template_job.py +18 -18
  403. pulumi_gcp/dataflow/job.py +34 -26
  404. pulumi_gcp/dataflow/pipeline.py +4 -2
  405. pulumi_gcp/dataform/repository.py +28 -36
  406. pulumi_gcp/dataform/repository_release_config.py +16 -20
  407. pulumi_gcp/dataform/repository_workflow_config.py +26 -32
  408. pulumi_gcp/datafusion/get_instance_iam_policy.py +6 -6
  409. pulumi_gcp/datafusion/instance.py +60 -40
  410. pulumi_gcp/dataloss/prevention_deidentify_template.py +206 -10
  411. pulumi_gcp/dataloss/prevention_inspect_template.py +270 -42
  412. pulumi_gcp/dataloss/prevention_job_trigger.py +368 -192
  413. pulumi_gcp/dataloss/prevention_stored_info_type.py +24 -20
  414. pulumi_gcp/dataplex/asset.py +16 -10
  415. pulumi_gcp/dataplex/asset_iam_binding.py +30 -30
  416. pulumi_gcp/dataplex/asset_iam_member.py +30 -30
  417. pulumi_gcp/dataplex/asset_iam_policy.py +30 -30
  418. pulumi_gcp/dataplex/datascan.py +90 -92
  419. pulumi_gcp/dataplex/datascan_iam_binding.py +18 -18
  420. pulumi_gcp/dataplex/datascan_iam_member.py +18 -18
  421. pulumi_gcp/dataplex/datascan_iam_policy.py +18 -18
  422. pulumi_gcp/dataplex/get_asset_iam_policy.py +10 -10
  423. pulumi_gcp/dataplex/get_datascan_iam_policy.py +6 -6
  424. pulumi_gcp/dataplex/get_lake_iam_policy.py +6 -6
  425. pulumi_gcp/dataplex/get_task_iam_policy.py +8 -8
  426. pulumi_gcp/dataplex/get_zone_iam_policy.py +8 -8
  427. pulumi_gcp/dataplex/lake.py +8 -6
  428. pulumi_gcp/dataplex/lake_iam_binding.py +18 -18
  429. pulumi_gcp/dataplex/lake_iam_member.py +18 -18
  430. pulumi_gcp/dataplex/lake_iam_policy.py +18 -18
  431. pulumi_gcp/dataplex/task_iam_binding.py +24 -24
  432. pulumi_gcp/dataplex/task_iam_member.py +24 -24
  433. pulumi_gcp/dataplex/task_iam_policy.py +24 -24
  434. pulumi_gcp/dataplex/zone.py +4 -0
  435. pulumi_gcp/dataplex/zone_iam_binding.py +24 -24
  436. pulumi_gcp/dataplex/zone_iam_member.py +24 -24
  437. pulumi_gcp/dataplex/zone_iam_policy.py +24 -24
  438. pulumi_gcp/dataproc/autoscaling_policy.py +2 -0
  439. pulumi_gcp/dataproc/autoscaling_policy_iam_binding.py +18 -18
  440. pulumi_gcp/dataproc/autoscaling_policy_iam_member.py +18 -18
  441. pulumi_gcp/dataproc/autoscaling_policy_iam_policy.py +18 -18
  442. pulumi_gcp/dataproc/cluster.py +18 -10
  443. pulumi_gcp/dataproc/cluster_iam_binding.py +8 -8
  444. pulumi_gcp/dataproc/cluster_iam_member.py +8 -8
  445. pulumi_gcp/dataproc/cluster_iam_policy.py +8 -8
  446. pulumi_gcp/dataproc/get_autoscaling_policy_iam_policy.py +6 -6
  447. pulumi_gcp/dataproc/get_cluster_iam_policy.py +2 -2
  448. pulumi_gcp/dataproc/get_job_iam_policy.py +2 -2
  449. pulumi_gcp/dataproc/get_metastore_service.py +4 -4
  450. pulumi_gcp/dataproc/get_metastore_service_iam_policy.py +6 -6
  451. pulumi_gcp/dataproc/job.py +6 -2
  452. pulumi_gcp/dataproc/job_iam_binding.py +8 -8
  453. pulumi_gcp/dataproc/job_iam_member.py +8 -8
  454. pulumi_gcp/dataproc/job_iam_policy.py +8 -8
  455. pulumi_gcp/dataproc/metastore_federation.py +16 -24
  456. pulumi_gcp/dataproc/metastore_service.py +64 -56
  457. pulumi_gcp/dataproc/metastore_service_iam_binding.py +18 -18
  458. pulumi_gcp/dataproc/metastore_service_iam_member.py +18 -18
  459. pulumi_gcp/dataproc/metastore_service_iam_policy.py +18 -18
  460. pulumi_gcp/dataproc/workflow_template.py +58 -56
  461. pulumi_gcp/datastore/data_store_index.py +4 -4
  462. pulumi_gcp/datastream/connection_profile.py +52 -36
  463. pulumi_gcp/datastream/private_connection.py +4 -4
  464. pulumi_gcp/datastream/stream.py +52 -30
  465. pulumi_gcp/deploymentmanager/deployment.py +6 -2
  466. pulumi_gcp/diagflow/agent.py +20 -20
  467. pulumi_gcp/diagflow/cx_agent.py +4 -2
  468. pulumi_gcp/diagflow/cx_entity_type.py +2 -2
  469. pulumi_gcp/diagflow/cx_environment.py +2 -2
  470. pulumi_gcp/diagflow/cx_flow.py +6 -4
  471. pulumi_gcp/diagflow/cx_intent.py +2 -2
  472. pulumi_gcp/diagflow/cx_page.py +6 -6
  473. pulumi_gcp/diagflow/cx_security_settings.py +6 -4
  474. pulumi_gcp/diagflow/cx_test_case.py +6 -6
  475. pulumi_gcp/diagflow/cx_version.py +2 -2
  476. pulumi_gcp/diagflow/cx_webhook.py +2 -2
  477. pulumi_gcp/diagflow/entity_type.py +6 -8
  478. pulumi_gcp/diagflow/fulfillment.py +6 -8
  479. pulumi_gcp/diagflow/intent.py +32 -30
  480. pulumi_gcp/discoveryengine/chat_engine.py +4 -4
  481. pulumi_gcp/discoveryengine/data_store.py +8 -8
  482. pulumi_gcp/discoveryengine/search_engine.py +8 -8
  483. pulumi_gcp/dns/dns_managed_zone_iam_binding.py +12 -12
  484. pulumi_gcp/dns/dns_managed_zone_iam_member.py +12 -12
  485. pulumi_gcp/dns/dns_managed_zone_iam_policy.py +12 -12
  486. pulumi_gcp/dns/get_keys.py +2 -0
  487. pulumi_gcp/dns/get_managed_zone_iam_policy.py +4 -4
  488. pulumi_gcp/dns/managed_zone.py +82 -38
  489. pulumi_gcp/dns/policy.py +14 -4
  490. pulumi_gcp/dns/record_set.py +76 -44
  491. pulumi_gcp/dns/response_policy.py +16 -4
  492. pulumi_gcp/dns/response_policy_rule.py +12 -4
  493. pulumi_gcp/edgecontainer/cluster.py +54 -48
  494. pulumi_gcp/edgecontainer/node_pool.py +34 -16
  495. pulumi_gcp/edgecontainer/vpn_connection.py +12 -8
  496. pulumi_gcp/edgenetwork/network.py +2 -2
  497. pulumi_gcp/edgenetwork/subnet.py +8 -8
  498. pulumi_gcp/endpoints/get_service_iam_policy.py +2 -2
  499. pulumi_gcp/endpoints/service.py +12 -12
  500. pulumi_gcp/endpoints/service_iam_binding.py +6 -6
  501. pulumi_gcp/endpoints/service_iam_member.py +6 -6
  502. pulumi_gcp/endpoints/service_iam_policy.py +6 -6
  503. pulumi_gcp/essentialcontacts/document_ai_processor.py +2 -2
  504. pulumi_gcp/essentialcontacts/document_ai_processor_default_version.py +8 -8
  505. pulumi_gcp/essentialcontacts/document_ai_warehouse_document_schema.py +18 -18
  506. pulumi_gcp/eventarc/channel.py +10 -10
  507. pulumi_gcp/eventarc/google_channel_config.py +8 -8
  508. pulumi_gcp/eventarc/trigger.py +6 -2
  509. pulumi_gcp/filestore/backup.py +4 -0
  510. pulumi_gcp/filestore/instance.py +44 -30
  511. pulumi_gcp/filestore/snapshot.py +8 -0
  512. pulumi_gcp/firebase/_inputs.py +0 -6
  513. pulumi_gcp/firebase/android_app.py +8 -12
  514. pulumi_gcp/firebase/app_check_debug_token.py +38 -0
  515. pulumi_gcp/firebase/app_check_service_config.py +6 -12
  516. pulumi_gcp/firebase/apple_app.py +8 -12
  517. pulumi_gcp/firebase/database_instance.py +26 -36
  518. pulumi_gcp/firebase/extensions_instance.py +8 -10
  519. pulumi_gcp/firebase/hosting_channel.py +14 -22
  520. pulumi_gcp/firebase/hosting_custom_domain.py +40 -54
  521. pulumi_gcp/firebase/hosting_release.py +48 -66
  522. pulumi_gcp/firebase/hosting_site.py +6 -12
  523. pulumi_gcp/firebase/hosting_version.py +66 -86
  524. pulumi_gcp/firebase/outputs.py +0 -6
  525. pulumi_gcp/firebase/project.py +10 -10
  526. pulumi_gcp/firebase/storage_bucket.py +10 -12
  527. pulumi_gcp/firebase/web_app.py +46 -40
  528. pulumi_gcp/firebaserules/release.py +20 -24
  529. pulumi_gcp/firebaserules/ruleset.py +10 -10
  530. pulumi_gcp/firestore/backup_schedule.py +4 -0
  531. pulumi_gcp/firestore/database.py +40 -32
  532. pulumi_gcp/firestore/document.py +132 -0
  533. pulumi_gcp/firestore/field.py +2 -0
  534. pulumi_gcp/firestore/index.py +94 -10
  535. pulumi_gcp/folder/access_approval_settings.py +26 -18
  536. pulumi_gcp/folder/get_iam_policy.py +2 -2
  537. pulumi_gcp/folder/iam_audit_config.py +42 -42
  538. pulumi_gcp/folder/iam_member.py +42 -42
  539. pulumi_gcp/folder/iam_policy.py +42 -42
  540. pulumi_gcp/folder/organization_policy.py +22 -22
  541. pulumi_gcp/gkebackup/backup_plan.py +28 -4
  542. pulumi_gcp/gkebackup/backup_plan_iam_binding.py +18 -12
  543. pulumi_gcp/gkebackup/backup_plan_iam_member.py +18 -12
  544. pulumi_gcp/gkebackup/backup_plan_iam_policy.py +18 -12
  545. pulumi_gcp/gkebackup/get_backup_plan_iam_policy.py +6 -6
  546. pulumi_gcp/gkebackup/get_restore_plan_iam_policy.py +6 -6
  547. pulumi_gcp/gkebackup/restore_plan.py +48 -12
  548. pulumi_gcp/gkebackup/restore_plan_iam_binding.py +48 -12
  549. pulumi_gcp/gkebackup/restore_plan_iam_member.py +48 -12
  550. pulumi_gcp/gkebackup/restore_plan_iam_policy.py +48 -12
  551. pulumi_gcp/gkehub/feature.py +200 -38
  552. pulumi_gcp/gkehub/feature_iam_binding.py +18 -12
  553. pulumi_gcp/gkehub/feature_iam_member.py +18 -12
  554. pulumi_gcp/gkehub/feature_iam_policy.py +18 -12
  555. pulumi_gcp/gkehub/feature_membership.py +54 -22
  556. pulumi_gcp/gkehub/fleet.py +4 -4
  557. pulumi_gcp/gkehub/get_feature_iam_policy.py +6 -6
  558. pulumi_gcp/gkehub/get_membership_iam_policy.py +6 -6
  559. pulumi_gcp/gkehub/get_scope_iam_policy.py +4 -4
  560. pulumi_gcp/gkehub/membership.py +24 -18
  561. pulumi_gcp/gkehub/membership_iam_binding.py +18 -18
  562. pulumi_gcp/gkehub/membership_iam_member.py +18 -18
  563. pulumi_gcp/gkehub/membership_iam_policy.py +18 -18
  564. pulumi_gcp/gkehub/scope.py +6 -6
  565. pulumi_gcp/gkehub/scope_iam_binding.py +12 -12
  566. pulumi_gcp/gkehub/scope_iam_member.py +12 -12
  567. pulumi_gcp/gkehub/scope_iam_policy.py +12 -12
  568. pulumi_gcp/gkeonprem/bare_metal_admin_cluster.py +126 -122
  569. pulumi_gcp/gkeonprem/bare_metal_cluster.py +242 -236
  570. pulumi_gcp/gkeonprem/bare_metal_node_pool.py +8 -0
  571. pulumi_gcp/gkeonprem/v_mware_cluster.py +242 -236
  572. pulumi_gcp/gkeonprem/v_mware_node_pool.py +4 -180
  573. pulumi_gcp/healthcare/consent_store.py +32 -10
  574. pulumi_gcp/healthcare/consent_store_iam_binding.py +12 -12
  575. pulumi_gcp/healthcare/consent_store_iam_member.py +12 -12
  576. pulumi_gcp/healthcare/consent_store_iam_policy.py +12 -12
  577. pulumi_gcp/healthcare/dataset.py +2 -0
  578. pulumi_gcp/healthcare/dataset_iam_binding.py +8 -8
  579. pulumi_gcp/healthcare/dataset_iam_member.py +8 -8
  580. pulumi_gcp/healthcare/dataset_iam_policy.py +8 -8
  581. pulumi_gcp/healthcare/dicom_store.py +30 -26
  582. pulumi_gcp/healthcare/dicom_store_iam_binding.py +14 -14
  583. pulumi_gcp/healthcare/dicom_store_iam_member.py +14 -14
  584. pulumi_gcp/healthcare/dicom_store_iam_policy.py +14 -14
  585. pulumi_gcp/healthcare/fhir_store.py +44 -24
  586. pulumi_gcp/healthcare/fhir_store_iam_binding.py +14 -14
  587. pulumi_gcp/healthcare/fhir_store_iam_member.py +14 -14
  588. pulumi_gcp/healthcare/fhir_store_iam_policy.py +14 -14
  589. pulumi_gcp/healthcare/get_consent_store_iam_policy.py +4 -4
  590. pulumi_gcp/healthcare/get_dataset_iam_policy.py +2 -2
  591. pulumi_gcp/healthcare/get_dicom_store_iam_policy.py +2 -2
  592. pulumi_gcp/healthcare/get_fhir_store_iam_policy.py +2 -2
  593. pulumi_gcp/healthcare/get_hl7_v2_store_iam_policy.py +2 -2
  594. pulumi_gcp/healthcare/hl7_store.py +30 -20
  595. pulumi_gcp/healthcare/hl7_store_iam_binding.py +14 -14
  596. pulumi_gcp/healthcare/hl7_store_iam_member.py +14 -14
  597. pulumi_gcp/healthcare/hl7_store_iam_policy.py +14 -14
  598. pulumi_gcp/iam/_inputs.py +0 -18
  599. pulumi_gcp/iam/access_boundary_policy.py +100 -0
  600. pulumi_gcp/iam/deny_policy.py +92 -0
  601. pulumi_gcp/iam/outputs.py +0 -18
  602. pulumi_gcp/iam/workforce_pool.py +20 -20
  603. pulumi_gcp/iam/workforce_pool_provider.py +0 -21
  604. pulumi_gcp/iam/workload_identity_pool.py +6 -6
  605. pulumi_gcp/iam/workload_identity_pool_provider.py +8 -46
  606. pulumi_gcp/iap/app_engine_service_iam_binding.py +56 -56
  607. pulumi_gcp/iap/app_engine_service_iam_member.py +56 -56
  608. pulumi_gcp/iap/app_engine_service_iam_policy.py +56 -56
  609. pulumi_gcp/iap/app_engine_version_iam_binding.py +68 -68
  610. pulumi_gcp/iap/app_engine_version_iam_member.py +68 -68
  611. pulumi_gcp/iap/app_engine_version_iam_policy.py +68 -68
  612. pulumi_gcp/iap/brand.py +12 -6
  613. pulumi_gcp/iap/client.py +14 -8
  614. pulumi_gcp/iap/get_app_engine_service_iam_policy.py +6 -6
  615. pulumi_gcp/iap/get_app_engine_version_iam_policy.py +8 -8
  616. pulumi_gcp/iap/get_client.py +2 -2
  617. pulumi_gcp/iap/get_tunnel_iam_policy.py +2 -2
  618. pulumi_gcp/iap/get_tunnel_instance_iam_policy.py +6 -6
  619. pulumi_gcp/iap/get_web_backend_service_iam_policy.py +4 -4
  620. pulumi_gcp/iap/get_web_iam_policy.py +2 -2
  621. pulumi_gcp/iap/get_web_region_backend_service_iam_policy.py +6 -6
  622. pulumi_gcp/iap/get_web_type_app_engine_iam_policy.py +4 -4
  623. pulumi_gcp/iap/get_web_type_compute_iam_policy.py +2 -2
  624. pulumi_gcp/iap/tunnel_iam_binding.py +12 -12
  625. pulumi_gcp/iap/tunnel_iam_member.py +12 -12
  626. pulumi_gcp/iap/tunnel_iam_policy.py +12 -12
  627. pulumi_gcp/iap/tunnel_instance_iam_binding.py +36 -36
  628. pulumi_gcp/iap/tunnel_instance_iam_member.py +36 -36
  629. pulumi_gcp/iap/tunnel_instance_iam_policy.py +36 -36
  630. pulumi_gcp/iap/web_backend_service_iam_binding.py +24 -24
  631. pulumi_gcp/iap/web_backend_service_iam_member.py +24 -24
  632. pulumi_gcp/iap/web_backend_service_iam_policy.py +24 -24
  633. pulumi_gcp/iap/web_iam_binding.py +12 -12
  634. pulumi_gcp/iap/web_iam_member.py +12 -12
  635. pulumi_gcp/iap/web_iam_policy.py +12 -12
  636. pulumi_gcp/iap/web_region_backend_service_iam_binding.py +36 -36
  637. pulumi_gcp/iap/web_region_backend_service_iam_member.py +36 -36
  638. pulumi_gcp/iap/web_region_backend_service_iam_policy.py +36 -36
  639. pulumi_gcp/iap/web_type_app_enging_iam_binding.py +24 -24
  640. pulumi_gcp/iap/web_type_app_enging_iam_member.py +24 -24
  641. pulumi_gcp/iap/web_type_app_enging_iam_policy.py +24 -24
  642. pulumi_gcp/iap/web_type_compute_iam_binding.py +12 -12
  643. pulumi_gcp/iap/web_type_compute_iam_member.py +12 -12
  644. pulumi_gcp/iap/web_type_compute_iam_policy.py +12 -12
  645. pulumi_gcp/identityplatform/config.py +12 -8
  646. pulumi_gcp/identityplatform/default_supported_idp_config.py +8 -8
  647. pulumi_gcp/identityplatform/inbound_saml_config.py +8 -4
  648. pulumi_gcp/identityplatform/oauth_idp_config.py +10 -8
  649. pulumi_gcp/identityplatform/tenant.py +4 -4
  650. pulumi_gcp/identityplatform/tenant_default_supported_idp_config.py +2 -2
  651. pulumi_gcp/identityplatform/tenant_inbound_saml_config.py +8 -4
  652. pulumi_gcp/identityplatform/tenant_oauth_idp_config.py +4 -2
  653. pulumi_gcp/integrationconnectors/connection.py +16 -14
  654. pulumi_gcp/integrationconnectors/endpoint_attachment.py +8 -6
  655. pulumi_gcp/kms/crypto_key.py +16 -4
  656. pulumi_gcp/kms/crypto_key_iam_binding.py +32 -26
  657. pulumi_gcp/kms/crypto_key_iam_member.py +32 -26
  658. pulumi_gcp/kms/crypto_key_iam_policy.py +32 -26
  659. pulumi_gcp/kms/crypto_key_version.py +8 -2
  660. pulumi_gcp/kms/get_crypto_key_iam_policy.py +2 -2
  661. pulumi_gcp/kms/get_kms_crypto_key_version.py +2 -2
  662. pulumi_gcp/kms/get_kms_key_ring.py +4 -4
  663. pulumi_gcp/kms/key_ring.py +6 -2
  664. pulumi_gcp/kms/key_ring_iam_binding.py +52 -44
  665. pulumi_gcp/kms/key_ring_iam_member.py +52 -44
  666. pulumi_gcp/kms/key_ring_iam_policy.py +52 -44
  667. pulumi_gcp/kms/secret_ciphertext.py +20 -12
  668. pulumi_gcp/logging/billing_account_exclusion.py +2 -0
  669. pulumi_gcp/logging/billing_account_sink.py +8 -2
  670. pulumi_gcp/logging/folder_exclusion.py +2 -0
  671. pulumi_gcp/logging/folder_settings.py +12 -14
  672. pulumi_gcp/logging/folder_sink.py +8 -2
  673. pulumi_gcp/logging/linked_dataset.py +22 -24
  674. pulumi_gcp/logging/log_view.py +8 -6
  675. pulumi_gcp/logging/metric.py +78 -68
  676. pulumi_gcp/logging/organization_exclusion.py +6 -4
  677. pulumi_gcp/logging/organization_settings.py +10 -12
  678. pulumi_gcp/logging/organization_sink.py +8 -2
  679. pulumi_gcp/logging/project_bucket_config.py +178 -0
  680. pulumi_gcp/logging/project_exclusion.py +2 -0
  681. pulumi_gcp/looker/instance.py +76 -70
  682. pulumi_gcp/memcache/instance.py +10 -6
  683. pulumi_gcp/migrationcenter/group.py +6 -6
  684. pulumi_gcp/ml/engine_model.py +8 -4
  685. pulumi_gcp/monitoring/alert_policy.py +58 -58
  686. pulumi_gcp/monitoring/custom_service.py +2 -2
  687. pulumi_gcp/monitoring/dashboard.py +0 -4
  688. pulumi_gcp/monitoring/generic_service.py +18 -18
  689. pulumi_gcp/monitoring/get_app_engine_service.py +10 -2
  690. pulumi_gcp/monitoring/get_cluster_istio_service.py +10 -8
  691. pulumi_gcp/monitoring/get_istio_canonical_service.py +6 -4
  692. pulumi_gcp/monitoring/get_mesh_istio_service.py +6 -4
  693. pulumi_gcp/monitoring/get_notification_channel.py +2 -2
  694. pulumi_gcp/monitoring/metric_descriptor.py +34 -34
  695. pulumi_gcp/monitoring/monitored_project.py +14 -4
  696. pulumi_gcp/monitoring/notification_channel.py +8 -8
  697. pulumi_gcp/monitoring/slo.py +238 -4
  698. pulumi_gcp/monitoring/uptime_check_config.py +106 -102
  699. pulumi_gcp/netapp/active_directory.py +4 -2
  700. pulumi_gcp/netapp/backup_policy.py +12 -10
  701. pulumi_gcp/netapp/backup_vault.py +4 -2
  702. pulumi_gcp/netapp/kmsconfig.py +14 -6
  703. pulumi_gcp/netapp/storage_pool.py +12 -8
  704. pulumi_gcp/netapp/volume.py +12 -8
  705. pulumi_gcp/netapp/volume_snapshot.py +16 -12
  706. pulumi_gcp/networkconnectivity/hub.py +6 -4
  707. pulumi_gcp/networkconnectivity/policy_based_route.py +18 -6
  708. pulumi_gcp/networkconnectivity/service_connection_policy.py +12 -4
  709. pulumi_gcp/networkconnectivity/spoke.py +28 -8
  710. pulumi_gcp/networkmanagement/connectivity_test.py +36 -22
  711. pulumi_gcp/networksecurity/address_group.py +32 -26
  712. pulumi_gcp/networksecurity/authorization_policy.py +8 -8
  713. pulumi_gcp/networksecurity/client_tls_policy.py +8 -8
  714. pulumi_gcp/networksecurity/firewall_endpoint.py +4 -4
  715. pulumi_gcp/networksecurity/gateway_security_policy.py +38 -54
  716. pulumi_gcp/networksecurity/gateway_security_policy_rule.py +20 -12
  717. pulumi_gcp/networksecurity/security_profile.py +8 -8
  718. pulumi_gcp/networksecurity/security_profile_group.py +10 -10
  719. pulumi_gcp/networksecurity/server_tls_policy.py +30 -28
  720. pulumi_gcp/networksecurity/tls_inspection_policy.py +28 -44
  721. pulumi_gcp/networksecurity/url_list.py +6 -2
  722. pulumi_gcp/networkservices/edge_cache_keyset.py +4 -0
  723. pulumi_gcp/networkservices/edge_cache_origin.py +12 -4
  724. pulumi_gcp/networkservices/edge_cache_service.py +270 -16
  725. pulumi_gcp/networkservices/endpoint_policy.py +8 -8
  726. pulumi_gcp/networkservices/gateway.py +96 -60
  727. pulumi_gcp/networkservices/grpc_route.py +12 -12
  728. pulumi_gcp/networkservices/http_route.py +26 -26
  729. pulumi_gcp/networkservices/mesh.py +8 -8
  730. pulumi_gcp/networkservices/service_binding.py +16 -20
  731. pulumi_gcp/networkservices/tcp_route.py +298 -0
  732. pulumi_gcp/networkservices/tls_route.py +214 -0
  733. pulumi_gcp/notebooks/environment.py +6 -4
  734. pulumi_gcp/notebooks/get_instance_iam_policy.py +6 -6
  735. pulumi_gcp/notebooks/get_runtime_iam_policy.py +6 -6
  736. pulumi_gcp/notebooks/instance.py +38 -28
  737. pulumi_gcp/notebooks/instance_iam_binding.py +18 -18
  738. pulumi_gcp/notebooks/instance_iam_member.py +18 -18
  739. pulumi_gcp/notebooks/instance_iam_policy.py +18 -18
  740. pulumi_gcp/notebooks/runtime.py +74 -64
  741. pulumi_gcp/notebooks/runtime_iam_binding.py +18 -18
  742. pulumi_gcp/notebooks/runtime_iam_member.py +18 -18
  743. pulumi_gcp/notebooks/runtime_iam_policy.py +18 -18
  744. pulumi_gcp/organizations/access_approval_settings.py +34 -26
  745. pulumi_gcp/organizations/get_billing_account.py +6 -2
  746. pulumi_gcp/organizations/get_folders.py +2 -2
  747. pulumi_gcp/organizations/get_iam_policy.py +0 -62
  748. pulumi_gcp/organizations/iam_audit_config.py +8 -8
  749. pulumi_gcp/organizations/iam_binding.py +4 -4
  750. pulumi_gcp/organizations/iam_custom_role.py +8 -8
  751. pulumi_gcp/organizations/iam_member.py +42 -42
  752. pulumi_gcp/organizations/iam_policy.py +42 -42
  753. pulumi_gcp/organizations/policy.py +26 -26
  754. pulumi_gcp/organizations/project.py +16 -4
  755. pulumi_gcp/orgpolicy/custom_constraint.py +14 -8
  756. pulumi_gcp/orgpolicy/policy.py +24 -60
  757. pulumi_gcp/osconfig/guest_policies.py +16 -22
  758. pulumi_gcp/osconfig/os_policy_assignment.py +42 -40
  759. pulumi_gcp/osconfig/patch_deployment.py +122 -120
  760. pulumi_gcp/oslogin/ssh_public_key.py +4 -2
  761. pulumi_gcp/projects/access_approval_settings.py +24 -22
  762. pulumi_gcp/projects/api_key.py +50 -10
  763. pulumi_gcp/projects/default_service_accounts.py +10 -10
  764. pulumi_gcp/projects/iam_audit_config.py +46 -46
  765. pulumi_gcp/projects/iam_binding.py +46 -46
  766. pulumi_gcp/projects/iam_custom_role.py +6 -6
  767. pulumi_gcp/projects/iam_member.py +46 -46
  768. pulumi_gcp/projects/iam_policy.py +46 -46
  769. pulumi_gcp/projects/organization_policy.py +26 -26
  770. pulumi_gcp/projects/service.py +4 -4
  771. pulumi_gcp/projects/service_identity.py +6 -8
  772. pulumi_gcp/projects/usage_export_bucket.py +16 -4
  773. pulumi_gcp/pubsub/get_schema_iam_policy.py +4 -4
  774. pulumi_gcp/pubsub/get_subscription_iam_policy.py +2 -2
  775. pulumi_gcp/pubsub/get_topic_iam_policy.py +4 -4
  776. pulumi_gcp/pubsub/lite_reservation.py +2 -0
  777. pulumi_gcp/pubsub/lite_subscription.py +10 -6
  778. pulumi_gcp/pubsub/lite_topic.py +10 -6
  779. pulumi_gcp/pubsub/schema.py +22 -18
  780. pulumi_gcp/pubsub/schema_iam_binding.py +12 -12
  781. pulumi_gcp/pubsub/schema_iam_member.py +12 -12
  782. pulumi_gcp/pubsub/schema_iam_policy.py +12 -12
  783. pulumi_gcp/pubsub/subscription.py +90 -96
  784. pulumi_gcp/pubsub/subscription_iam_binding.py +8 -8
  785. pulumi_gcp/pubsub/subscription_iam_member.py +8 -8
  786. pulumi_gcp/pubsub/subscription_iam_policy.py +8 -8
  787. pulumi_gcp/pubsub/topic.py +46 -24
  788. pulumi_gcp/pubsub/topic_iam_binding.py +12 -12
  789. pulumi_gcp/pubsub/topic_iam_member.py +12 -12
  790. pulumi_gcp/pubsub/topic_iam_policy.py +12 -12
  791. pulumi_gcp/recaptcha/enterprise_key.py +54 -54
  792. pulumi_gcp/redis/cluster.py +32 -24
  793. pulumi_gcp/redis/instance.py +132 -14
  794. pulumi_gcp/resourcemanager/lien.py +12 -8
  795. pulumi_gcp/runtimeconfig/config.py +6 -2
  796. pulumi_gcp/runtimeconfig/get_variable.py +4 -4
  797. pulumi_gcp/runtimeconfig/variable.py +20 -8
  798. pulumi_gcp/secretmanager/get_secret_iam_policy.py +4 -4
  799. pulumi_gcp/secretmanager/secret.py +16 -18
  800. pulumi_gcp/secretmanager/secret_iam_binding.py +12 -12
  801. pulumi_gcp/secretmanager/secret_iam_member.py +12 -12
  802. pulumi_gcp/secretmanager/secret_iam_policy.py +12 -12
  803. pulumi_gcp/secretmanager/secret_version.py +4 -4
  804. pulumi_gcp/securesourcemanager/get_instance_iam_policy.py +6 -6
  805. pulumi_gcp/securesourcemanager/instance.py +144 -14
  806. pulumi_gcp/securitycenter/get_source_iam_policy.py +2 -2
  807. pulumi_gcp/securitycenter/instance_iam_binding.py +60 -40
  808. pulumi_gcp/securitycenter/instance_iam_member.py +60 -40
  809. pulumi_gcp/securitycenter/instance_iam_policy.py +60 -40
  810. pulumi_gcp/securitycenter/mute_config.py +6 -6
  811. pulumi_gcp/securitycenter/notification_config.py +4 -4
  812. pulumi_gcp/securitycenter/organization_custom_module.py +40 -40
  813. pulumi_gcp/securitycenter/project_custom_module.py +36 -36
  814. pulumi_gcp/securitycenter/source.py +6 -6
  815. pulumi_gcp/securitycenter/source_iam_binding.py +6 -6
  816. pulumi_gcp/securitycenter/source_iam_member.py +6 -6
  817. pulumi_gcp/securitycenter/source_iam_policy.py +6 -6
  818. pulumi_gcp/securityposture/posture.py +46 -46
  819. pulumi_gcp/serviceaccount/account.py +2 -2
  820. pulumi_gcp/serviceaccount/get_account.py +34 -0
  821. pulumi_gcp/serviceaccount/get_account_access_token.py +8 -10
  822. pulumi_gcp/serviceaccount/get_account_key.py +4 -4
  823. pulumi_gcp/serviceaccount/get_iam_policy.py +2 -2
  824. pulumi_gcp/serviceaccount/key.py +46 -2
  825. pulumi_gcp/servicedirectory/endpoint.py +28 -40
  826. pulumi_gcp/servicedirectory/namespace.py +2 -4
  827. pulumi_gcp/servicedirectory/namespace_iam_binding.py +14 -12
  828. pulumi_gcp/servicedirectory/namespace_iam_member.py +14 -12
  829. pulumi_gcp/servicedirectory/namespace_iam_policy.py +14 -12
  830. pulumi_gcp/servicedirectory/service.py +10 -14
  831. pulumi_gcp/servicedirectory/service_iam_binding.py +14 -12
  832. pulumi_gcp/servicedirectory/service_iam_member.py +14 -12
  833. pulumi_gcp/servicedirectory/service_iam_policy.py +14 -12
  834. pulumi_gcp/servicenetworking/connection.py +8 -6
  835. pulumi_gcp/servicenetworking/peered_dns_domain.py +6 -4
  836. pulumi_gcp/serviceusage/consumer_quota_override.py +126 -0
  837. pulumi_gcp/sourcerepo/get_repository_iam_policy.py +4 -4
  838. pulumi_gcp/sourcerepo/repository.py +20 -16
  839. pulumi_gcp/sourcerepo/repository_iam_binding.py +12 -12
  840. pulumi_gcp/sourcerepo/repository_iam_member.py +12 -12
  841. pulumi_gcp/sourcerepo/repository_iam_policy.py +12 -12
  842. pulumi_gcp/spanner/database.py +2 -0
  843. pulumi_gcp/spanner/database_iam_binding.py +12 -12
  844. pulumi_gcp/spanner/database_iam_member.py +12 -12
  845. pulumi_gcp/spanner/database_iam_policy.py +12 -12
  846. pulumi_gcp/spanner/get_database_iam_policy.py +6 -6
  847. pulumi_gcp/spanner/get_instance_iam_policy.py +4 -4
  848. pulumi_gcp/spanner/instance.py +16 -16
  849. pulumi_gcp/spanner/instance_iam_binding.py +8 -8
  850. pulumi_gcp/spanner/instance_iam_member.py +8 -8
  851. pulumi_gcp/spanner/instance_iam_policy.py +8 -8
  852. pulumi_gcp/sql/database.py +14 -4
  853. pulumi_gcp/sql/database_instance.py +76 -26
  854. pulumi_gcp/sql/get_backup_run.py +2 -2
  855. pulumi_gcp/sql/get_ca_certs.py +32 -0
  856. pulumi_gcp/sql/get_database.py +2 -2
  857. pulumi_gcp/sql/get_databases.py +2 -2
  858. pulumi_gcp/sql/source_representation_instance.py +20 -16
  859. pulumi_gcp/sql/ssl_cert.py +6 -4
  860. pulumi_gcp/sql/user.py +154 -0
  861. pulumi_gcp/storage/bucket.py +44 -38
  862. pulumi_gcp/storage/bucket_access_control.py +8 -4
  863. pulumi_gcp/storage/bucket_acl.py +6 -2
  864. pulumi_gcp/storage/bucket_iam_binding.py +12 -12
  865. pulumi_gcp/storage/bucket_iam_member.py +12 -12
  866. pulumi_gcp/storage/bucket_iam_policy.py +12 -12
  867. pulumi_gcp/storage/bucket_object.py +14 -12
  868. pulumi_gcp/storage/default_object_access_control.py +8 -4
  869. pulumi_gcp/storage/default_object_acl.py +6 -2
  870. pulumi_gcp/storage/get_bucket_iam_policy.py +2 -2
  871. pulumi_gcp/storage/get_bucket_object.py +4 -4
  872. pulumi_gcp/storage/get_object_signed_url.py +6 -4
  873. pulumi_gcp/storage/get_project_service_account.py +6 -6
  874. pulumi_gcp/storage/hmac_key.py +2 -2
  875. pulumi_gcp/storage/insights_report_config.py +14 -14
  876. pulumi_gcp/storage/notification.py +20 -18
  877. pulumi_gcp/storage/object_access_control.py +10 -4
  878. pulumi_gcp/storage/object_acl.py +8 -2
  879. pulumi_gcp/storage/transfer_agent_pool.py +6 -6
  880. pulumi_gcp/storage/transfer_job.py +30 -38
  881. pulumi_gcp/tags/get_tag_key_iam_policy.py +2 -2
  882. pulumi_gcp/tags/get_tag_value_iam_policy.py +2 -2
  883. pulumi_gcp/tags/location_tag_binding.py +44 -32
  884. pulumi_gcp/tags/tag_binding.py +16 -10
  885. pulumi_gcp/tags/tag_key.py +4 -4
  886. pulumi_gcp/tags/tag_key_iam_binding.py +6 -6
  887. pulumi_gcp/tags/tag_key_iam_member.py +6 -6
  888. pulumi_gcp/tags/tag_key_iam_policy.py +6 -6
  889. pulumi_gcp/tags/tag_value.py +8 -8
  890. pulumi_gcp/tags/tag_value_iam_binding.py +6 -6
  891. pulumi_gcp/tags/tag_value_iam_member.py +6 -6
  892. pulumi_gcp/tags/tag_value_iam_policy.py +6 -6
  893. pulumi_gcp/tpu/get_tensorflow_versions.py +2 -0
  894. pulumi_gcp/tpu/get_v2_accelerator_types.py +10 -8
  895. pulumi_gcp/tpu/get_v2_runtime_versions.py +2 -0
  896. pulumi_gcp/tpu/node.py +12 -6
  897. pulumi_gcp/tpu/v2_vm.py +134 -2
  898. pulumi_gcp/vertex/ai_dataset.py +6 -6
  899. pulumi_gcp/vertex/ai_endpoint.py +28 -26
  900. pulumi_gcp/vertex/ai_feature_group.py +8 -6
  901. pulumi_gcp/vertex/ai_feature_group_feature.py +12 -8
  902. pulumi_gcp/vertex/ai_feature_online_store.py +26 -24
  903. pulumi_gcp/vertex/ai_feature_online_store_featureview.py +36 -28
  904. pulumi_gcp/vertex/ai_feature_store.py +30 -26
  905. pulumi_gcp/vertex/ai_feature_store_entity_type.py +12 -8
  906. pulumi_gcp/vertex/ai_feature_store_entity_type_feature.py +18 -12
  907. pulumi_gcp/vertex/ai_index.py +8 -0
  908. pulumi_gcp/vertex/ai_index_endpoint.py +36 -36
  909. pulumi_gcp/vertex/ai_metadata_store.py +2 -0
  910. pulumi_gcp/vertex/ai_tensorboard.py +12 -14
  911. pulumi_gcp/vmwareengine/cluster.py +12 -0
  912. pulumi_gcp/vmwareengine/external_access_rule.py +16 -0
  913. pulumi_gcp/vmwareengine/external_address.py +10 -4
  914. pulumi_gcp/vmwareengine/get_network.py +4 -4
  915. pulumi_gcp/vmwareengine/get_network_policy.py +4 -4
  916. pulumi_gcp/vmwareengine/get_private_cloud.py +4 -4
  917. pulumi_gcp/vmwareengine/network.py +56 -4
  918. pulumi_gcp/vmwareengine/network_peering.py +12 -2
  919. pulumi_gcp/vmwareengine/network_policy.py +8 -0
  920. pulumi_gcp/vmwareengine/private_cloud.py +8 -0
  921. pulumi_gcp/vmwareengine/subnet.py +6 -0
  922. pulumi_gcp/vpcaccess/connector.py +16 -6
  923. pulumi_gcp/vpcaccess/get_connector.py +2 -0
  924. pulumi_gcp/workbench/get_instance_iam_policy.py +6 -6
  925. pulumi_gcp/workbench/instance.py +42 -26
  926. pulumi_gcp/workflows/workflow.py +98 -0
  927. pulumi_gcp/workstations/workstation.py +26 -30
  928. pulumi_gcp/workstations/workstation_cluster.py +48 -48
  929. pulumi_gcp/workstations/workstation_config.py +182 -194
  930. {pulumi_gcp-7.12.0a1709074764.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/METADATA +1 -1
  931. pulumi_gcp-7.12.0a1709133800.dist-info/RECORD +1489 -0
  932. pulumi_gcp-7.12.0a1709074764.dist-info/RECORD +0 -1489
  933. {pulumi_gcp-7.12.0a1709074764.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/WHEEL +0 -0
  934. {pulumi_gcp-7.12.0a1709074764.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/top_level.txt +0 -0
@@ -1185,18 +1185,519 @@ class GlobalForwardingRule(pulumi.CustomResource):
1185
1185
  https://cloud.google.com/compute/docs/load-balancing/http/
1186
1186
 
1187
1187
  ## Example Usage
1188
+ ### External Ssl Proxy Lb Mig Backend
1189
+
1190
+ ```python
1191
+ import pulumi
1192
+ import pulumi_gcp as gcp
1193
+ import pulumi_tls as tls
1194
+
1195
+ # External SSL proxy load balancer with managed instance group backend
1196
+ # VPC
1197
+ default = gcp.compute.Network("default",
1198
+ name="ssl-proxy-xlb-network",
1199
+ auto_create_subnetworks=False)
1200
+ # backend subnet
1201
+ default_subnetwork = gcp.compute.Subnetwork("default",
1202
+ name="ssl-proxy-xlb-subnet",
1203
+ ip_cidr_range="10.0.1.0/24",
1204
+ region="us-central1",
1205
+ network=default.id)
1206
+ # reserved IP address
1207
+ default_global_address = gcp.compute.GlobalAddress("default", name="ssl-proxy-xlb-ip")
1208
+ # Self-signed regional SSL certificate for testing
1209
+ default_private_key = tls.PrivateKey("default",
1210
+ algorithm="RSA",
1211
+ rsa_bits=2048)
1212
+ default_self_signed_cert = tls.SelfSignedCert("default",
1213
+ key_algorithm=default_private_key.algorithm,
1214
+ private_key_pem=default_private_key.private_key_pem,
1215
+ validity_period_hours=12,
1216
+ early_renewal_hours=3,
1217
+ allowed_uses=[
1218
+ "key_encipherment",
1219
+ "digital_signature",
1220
+ "server_auth",
1221
+ ],
1222
+ dns_names=["example.com"],
1223
+ subject=tls.SelfSignedCertSubjectArgs(
1224
+ common_name="example.com",
1225
+ organization="ACME Examples, Inc",
1226
+ ))
1227
+ default_ssl_certificate = gcp.compute.SSLCertificate("default",
1228
+ name="default-cert",
1229
+ private_key=default_private_key.private_key_pem,
1230
+ certificate=default_self_signed_cert.cert_pem)
1231
+ default_health_check = gcp.compute.HealthCheck("default",
1232
+ name="ssl-proxy-health-check",
1233
+ timeout_sec=1,
1234
+ check_interval_sec=1,
1235
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
1236
+ port=443,
1237
+ ))
1238
+ # instance template
1239
+ default_instance_template = gcp.compute.InstanceTemplate("default",
1240
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
1241
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
1242
+ network=default.id,
1243
+ subnetwork=default_subnetwork.id,
1244
+ )],
1245
+ name="ssl-proxy-xlb-mig-template",
1246
+ machine_type="e2-small",
1247
+ tags=["allow-health-check"],
1248
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
1249
+ source_image="debian-cloud/debian-10",
1250
+ auto_delete=True,
1251
+ boot=True,
1252
+ )],
1253
+ metadata={
1254
+ "startup-script": \"\"\"#! /bin/bash
1255
+ set -euo pipefail
1256
+ export DEBIAN_FRONTEND=noninteractive
1257
+ sudo apt-get update
1258
+ sudo apt-get install -y apache2 jq
1259
+ sudo a2ensite default-ssl
1260
+ sudo a2enmod ssl
1261
+ sudo service apache2 restart
1262
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
1263
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
1264
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
1265
+ cat <<EOF > /var/www/html/index.html
1266
+ <h1>SSL Load Balancer</h1>
1267
+ <pre>
1268
+ Name: $NAME
1269
+ IP: $IP
1270
+ Metadata: $METADATA
1271
+ </pre>
1272
+ EOF
1273
+ \"\"\",
1274
+ })
1275
+ # MIG
1276
+ default_instance_group_manager = gcp.compute.InstanceGroupManager("default",
1277
+ name="ssl-proxy-xlb-mig1",
1278
+ zone="us-central1-c",
1279
+ named_ports=[gcp.compute.InstanceGroupManagerNamedPortArgs(
1280
+ name="tcp",
1281
+ port=443,
1282
+ )],
1283
+ versions=[gcp.compute.InstanceGroupManagerVersionArgs(
1284
+ instance_template=default_instance_template.id,
1285
+ name="primary",
1286
+ )],
1287
+ base_instance_name="vm",
1288
+ target_size=2)
1289
+ # backend service
1290
+ default_backend_service = gcp.compute.BackendService("default",
1291
+ name="ssl-proxy-xlb-backend-service",
1292
+ protocol="SSL",
1293
+ port_name="tcp",
1294
+ load_balancing_scheme="EXTERNAL",
1295
+ timeout_sec=10,
1296
+ health_checks=default_health_check.id,
1297
+ backends=[gcp.compute.BackendServiceBackendArgs(
1298
+ group=default_instance_group_manager.instance_group,
1299
+ balancing_mode="UTILIZATION",
1300
+ max_utilization=1,
1301
+ capacity_scaler=1,
1302
+ )])
1303
+ default_target_ssl_proxy = gcp.compute.TargetSSLProxy("default",
1304
+ name="test-proxy",
1305
+ backend_service=default_backend_service.id,
1306
+ ssl_certificates=[default_ssl_certificate.id])
1307
+ # forwarding rule
1308
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
1309
+ name="ssl-proxy-xlb-forwarding-rule",
1310
+ ip_protocol="TCP",
1311
+ load_balancing_scheme="EXTERNAL",
1312
+ port_range="443",
1313
+ target=default_target_ssl_proxy.id,
1314
+ ip_address=default_global_address.id)
1315
+ # allow access from health check ranges
1316
+ default_firewall = gcp.compute.Firewall("default",
1317
+ name="ssl-proxy-xlb-fw-allow-hc",
1318
+ direction="INGRESS",
1319
+ network=default.id,
1320
+ source_ranges=[
1321
+ "130.211.0.0/22",
1322
+ "35.191.0.0/16",
1323
+ ],
1324
+ allows=[gcp.compute.FirewallAllowArgs(
1325
+ protocol="tcp",
1326
+ )],
1327
+ target_tags=["allow-health-check"])
1328
+ ```
1329
+ ### External Tcp Proxy Lb Mig Backend
1330
+
1331
+ ```python
1332
+ import pulumi
1333
+ import pulumi_gcp as gcp
1334
+
1335
+ # External TCP proxy load balancer with managed instance group backend
1336
+ # VPC
1337
+ default = gcp.compute.Network("default",
1338
+ name="tcp-proxy-xlb-network",
1339
+ auto_create_subnetworks=False)
1340
+ # backend subnet
1341
+ default_subnetwork = gcp.compute.Subnetwork("default",
1342
+ name="tcp-proxy-xlb-subnet",
1343
+ ip_cidr_range="10.0.1.0/24",
1344
+ region="us-central1",
1345
+ network=default.id)
1346
+ # reserved IP address
1347
+ default_global_address = gcp.compute.GlobalAddress("default", name="tcp-proxy-xlb-ip")
1348
+ default_health_check = gcp.compute.HealthCheck("default",
1349
+ name="tcp-proxy-health-check",
1350
+ timeout_sec=1,
1351
+ check_interval_sec=1,
1352
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
1353
+ port=80,
1354
+ ))
1355
+ # instance template
1356
+ default_instance_template = gcp.compute.InstanceTemplate("default",
1357
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
1358
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
1359
+ network=default.id,
1360
+ subnetwork=default_subnetwork.id,
1361
+ )],
1362
+ name="tcp-proxy-xlb-mig-template",
1363
+ machine_type="e2-small",
1364
+ tags=["allow-health-check"],
1365
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
1366
+ source_image="debian-cloud/debian-10",
1367
+ auto_delete=True,
1368
+ boot=True,
1369
+ )],
1370
+ metadata={
1371
+ "startup-script": \"\"\"#! /bin/bash
1372
+ set -euo pipefail
1373
+ export DEBIAN_FRONTEND=noninteractive
1374
+ apt-get update
1375
+ apt-get install -y nginx-light jq
1376
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
1377
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
1378
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
1379
+ cat <<EOF > /var/www/html/index.html
1380
+ <pre>
1381
+ Name: $NAME
1382
+ IP: $IP
1383
+ Metadata: $METADATA
1384
+ </pre>
1385
+ EOF
1386
+ \"\"\",
1387
+ })
1388
+ # MIG
1389
+ default_instance_group_manager = gcp.compute.InstanceGroupManager("default",
1390
+ name="tcp-proxy-xlb-mig1",
1391
+ zone="us-central1-c",
1392
+ named_ports=[gcp.compute.InstanceGroupManagerNamedPortArgs(
1393
+ name="tcp",
1394
+ port=80,
1395
+ )],
1396
+ versions=[gcp.compute.InstanceGroupManagerVersionArgs(
1397
+ instance_template=default_instance_template.id,
1398
+ name="primary",
1399
+ )],
1400
+ base_instance_name="vm",
1401
+ target_size=2)
1402
+ # backend service
1403
+ default_backend_service = gcp.compute.BackendService("default",
1404
+ name="tcp-proxy-xlb-backend-service",
1405
+ protocol="TCP",
1406
+ port_name="tcp",
1407
+ load_balancing_scheme="EXTERNAL",
1408
+ timeout_sec=10,
1409
+ health_checks=default_health_check.id,
1410
+ backends=[gcp.compute.BackendServiceBackendArgs(
1411
+ group=default_instance_group_manager.instance_group,
1412
+ balancing_mode="UTILIZATION",
1413
+ max_utilization=1,
1414
+ capacity_scaler=1,
1415
+ )])
1416
+ default_target_tcp_proxy = gcp.compute.TargetTCPProxy("default",
1417
+ name="test-proxy-health-check",
1418
+ backend_service=default_backend_service.id)
1419
+ # forwarding rule
1420
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
1421
+ name="tcp-proxy-xlb-forwarding-rule",
1422
+ ip_protocol="TCP",
1423
+ load_balancing_scheme="EXTERNAL",
1424
+ port_range="110",
1425
+ target=default_target_tcp_proxy.id,
1426
+ ip_address=default_global_address.id)
1427
+ # allow access from health check ranges
1428
+ default_firewall = gcp.compute.Firewall("default",
1429
+ name="tcp-proxy-xlb-fw-allow-hc",
1430
+ direction="INGRESS",
1431
+ network=default.id,
1432
+ source_ranges=[
1433
+ "130.211.0.0/22",
1434
+ "35.191.0.0/16",
1435
+ ],
1436
+ allows=[gcp.compute.FirewallAllowArgs(
1437
+ protocol="tcp",
1438
+ )],
1439
+ target_tags=["allow-health-check"])
1440
+ ```
1441
+ ### External Http Lb Mig Backend Custom Header
1442
+
1443
+ ```python
1444
+ import pulumi
1445
+ import pulumi_gcp as gcp
1446
+
1447
+ # External HTTP load balancer with a CDN-enabled managed instance group backend
1448
+ # and custom request and response headers
1449
+ # VPC
1450
+ default = gcp.compute.Network("default",
1451
+ name="l7-xlb-network",
1452
+ auto_create_subnetworks=False)
1453
+ # backend subnet
1454
+ default_subnetwork = gcp.compute.Subnetwork("default",
1455
+ name="l7-xlb-subnet",
1456
+ ip_cidr_range="10.0.1.0/24",
1457
+ region="us-central1",
1458
+ network=default.id)
1459
+ # reserved IP address
1460
+ default_global_address = gcp.compute.GlobalAddress("default", name="l7-xlb-static-ip")
1461
+ # health check
1462
+ default_health_check = gcp.compute.HealthCheck("default",
1463
+ name="l7-xlb-hc",
1464
+ http_health_check=gcp.compute.HealthCheckHttpHealthCheckArgs(
1465
+ port_specification="USE_SERVING_PORT",
1466
+ ))
1467
+ # instance template
1468
+ default_instance_template = gcp.compute.InstanceTemplate("default",
1469
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
1470
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
1471
+ network=default.id,
1472
+ subnetwork=default_subnetwork.id,
1473
+ )],
1474
+ name="l7-xlb-mig-template",
1475
+ machine_type="e2-small",
1476
+ tags=["allow-health-check"],
1477
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
1478
+ source_image="debian-cloud/debian-10",
1479
+ auto_delete=True,
1480
+ boot=True,
1481
+ )],
1482
+ metadata={
1483
+ "startup-script": \"\"\"#! /bin/bash
1484
+ set -euo pipefail
1485
+
1486
+ export DEBIAN_FRONTEND=noninteractive
1487
+ apt-get update
1488
+ apt-get install -y nginx-light jq
1489
+
1490
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
1491
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
1492
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
1493
+
1494
+ cat <<EOF > /var/www/html/index.html
1495
+ <pre>
1496
+ Name: $NAME
1497
+ IP: $IP
1498
+ Metadata: $METADATA
1499
+ </pre>
1500
+ EOF
1501
+ \"\"\",
1502
+ })
1503
+ # MIG
1504
+ default_instance_group_manager = gcp.compute.InstanceGroupManager("default",
1505
+ name="l7-xlb-mig1",
1506
+ zone="us-central1-c",
1507
+ named_ports=[gcp.compute.InstanceGroupManagerNamedPortArgs(
1508
+ name="http",
1509
+ port=8080,
1510
+ )],
1511
+ versions=[gcp.compute.InstanceGroupManagerVersionArgs(
1512
+ instance_template=default_instance_template.id,
1513
+ name="primary",
1514
+ )],
1515
+ base_instance_name="vm",
1516
+ target_size=2)
1517
+ # backend service with custom request and response headers
1518
+ default_backend_service = gcp.compute.BackendService("default",
1519
+ name="l7-xlb-backend-service",
1520
+ protocol="HTTP",
1521
+ port_name="my-port",
1522
+ load_balancing_scheme="EXTERNAL",
1523
+ timeout_sec=10,
1524
+ enable_cdn=True,
1525
+ custom_request_headers=["X-Client-Geo-Location: {client_region_subdivision}, {client_city}"],
1526
+ custom_response_headers=["X-Cache-Hit: {cdn_cache_status}"],
1527
+ health_checks=default_health_check.id,
1528
+ backends=[gcp.compute.BackendServiceBackendArgs(
1529
+ group=default_instance_group_manager.instance_group,
1530
+ balancing_mode="UTILIZATION",
1531
+ capacity_scaler=1,
1532
+ )])
1533
+ # url map
1534
+ default_url_map = gcp.compute.URLMap("default",
1535
+ name="l7-xlb-url-map",
1536
+ default_service=default_backend_service.id)
1537
+ # http proxy
1538
+ default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
1539
+ name="l7-xlb-target-http-proxy",
1540
+ url_map=default_url_map.id)
1541
+ # forwarding rule
1542
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
1543
+ name="l7-xlb-forwarding-rule",
1544
+ ip_protocol="TCP",
1545
+ load_balancing_scheme="EXTERNAL",
1546
+ port_range="80",
1547
+ target=default_target_http_proxy.id,
1548
+ ip_address=default_global_address.id)
1549
+ # allow access from health check ranges
1550
+ default_firewall = gcp.compute.Firewall("default",
1551
+ name="l7-xlb-fw-allow-hc",
1552
+ direction="INGRESS",
1553
+ network=default.id,
1554
+ source_ranges=[
1555
+ "130.211.0.0/22",
1556
+ "35.191.0.0/16",
1557
+ ],
1558
+ allows=[gcp.compute.FirewallAllowArgs(
1559
+ protocol="tcp",
1560
+ )],
1561
+ target_tags=["allow-health-check"])
1562
+ ```
1563
+ ### Global Forwarding Rule Http
1564
+
1565
+ ```python
1566
+ import pulumi
1567
+ import pulumi_gcp as gcp
1568
+
1569
+ default_http_health_check = gcp.compute.HttpHealthCheck("default",
1570
+ name="check-backend",
1571
+ request_path="/",
1572
+ check_interval_sec=1,
1573
+ timeout_sec=1)
1574
+ default_backend_service = gcp.compute.BackendService("default",
1575
+ name="backend",
1576
+ port_name="http",
1577
+ protocol="HTTP",
1578
+ timeout_sec=10,
1579
+ health_checks=default_http_health_check.id)
1580
+ default_url_map = gcp.compute.URLMap("default",
1581
+ name="url-map-target-proxy",
1582
+ description="a description",
1583
+ default_service=default_backend_service.id,
1584
+ host_rules=[gcp.compute.URLMapHostRuleArgs(
1585
+ hosts=["mysite.com"],
1586
+ path_matcher="allpaths",
1587
+ )],
1588
+ path_matchers=[gcp.compute.URLMapPathMatcherArgs(
1589
+ name="allpaths",
1590
+ default_service=default_backend_service.id,
1591
+ path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs(
1592
+ paths=["/*"],
1593
+ service=default_backend_service.id,
1594
+ )],
1595
+ )])
1596
+ default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
1597
+ name="target-proxy",
1598
+ description="a description",
1599
+ url_map=default_url_map.id)
1600
+ default = gcp.compute.GlobalForwardingRule("default",
1601
+ name="global-rule",
1602
+ target=default_target_http_proxy.id,
1603
+ port_range="80")
1604
+ ```
1605
+ ### Global Forwarding Rule Internal
1606
+
1607
+ ```python
1608
+ import pulumi
1609
+ import pulumi_gcp as gcp
1610
+
1611
+ debian_image = gcp.compute.get_image(family="debian-11",
1612
+ project="debian-cloud")
1613
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
1614
+ name="template-backend",
1615
+ machine_type="e2-medium",
1616
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
1617
+ network="default",
1618
+ )],
1619
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
1620
+ source_image=debian_image.self_link,
1621
+ auto_delete=True,
1622
+ boot=True,
1623
+ )])
1624
+ igm = gcp.compute.InstanceGroupManager("igm",
1625
+ name="igm-internal",
1626
+ versions=[gcp.compute.InstanceGroupManagerVersionArgs(
1627
+ instance_template=instance_template.id,
1628
+ name="primary",
1629
+ )],
1630
+ base_instance_name="internal-glb",
1631
+ zone="us-central1-f",
1632
+ target_size=1)
1633
+ default_health_check = gcp.compute.HealthCheck("default",
1634
+ name="check-backend",
1635
+ check_interval_sec=1,
1636
+ timeout_sec=1,
1637
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
1638
+ port=80,
1639
+ ))
1640
+ default_backend_service = gcp.compute.BackendService("default",
1641
+ name="backend",
1642
+ port_name="http",
1643
+ protocol="HTTP",
1644
+ timeout_sec=10,
1645
+ load_balancing_scheme="INTERNAL_SELF_MANAGED",
1646
+ backends=[gcp.compute.BackendServiceBackendArgs(
1647
+ group=igm.instance_group,
1648
+ balancing_mode="RATE",
1649
+ capacity_scaler=0.4,
1650
+ max_rate_per_instance=50,
1651
+ )],
1652
+ health_checks=default_health_check.id)
1653
+ default_url_map = gcp.compute.URLMap("default",
1654
+ name="url-map-target-proxy",
1655
+ description="a description",
1656
+ default_service=default_backend_service.id,
1657
+ host_rules=[gcp.compute.URLMapHostRuleArgs(
1658
+ hosts=["mysite.com"],
1659
+ path_matcher="allpaths",
1660
+ )],
1661
+ path_matchers=[gcp.compute.URLMapPathMatcherArgs(
1662
+ name="allpaths",
1663
+ default_service=default_backend_service.id,
1664
+ path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs(
1665
+ paths=["/*"],
1666
+ service=default_backend_service.id,
1667
+ )],
1668
+ )])
1669
+ default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
1670
+ name="target-proxy",
1671
+ description="a description",
1672
+ url_map=default_url_map.id)
1673
+ default = gcp.compute.GlobalForwardingRule("default",
1674
+ name="global-rule",
1675
+ target=default_target_http_proxy.id,
1676
+ port_range="80",
1677
+ load_balancing_scheme="INTERNAL_SELF_MANAGED",
1678
+ ip_address="0.0.0.0",
1679
+ metadata_filters=[gcp.compute.GlobalForwardingRuleMetadataFilterArgs(
1680
+ filter_match_criteria="MATCH_ANY",
1681
+ filter_labels=[gcp.compute.GlobalForwardingRuleMetadataFilterFilterLabelArgs(
1682
+ name="PLANET",
1683
+ value="MARS",
1684
+ )],
1685
+ )])
1686
+ ```
1188
1687
  ### Global Forwarding Rule External Managed
1189
1688
 
1190
1689
  ```python
1191
1690
  import pulumi
1192
1691
  import pulumi_gcp as gcp
1193
1692
 
1194
- default_backend_service = gcp.compute.BackendService("defaultBackendService",
1693
+ default_backend_service = gcp.compute.BackendService("default",
1694
+ name="backend",
1195
1695
  port_name="http",
1196
1696
  protocol="HTTP",
1197
1697
  timeout_sec=10,
1198
1698
  load_balancing_scheme="EXTERNAL_MANAGED")
1199
- default_url_map = gcp.compute.URLMap("defaultURLMap",
1699
+ default_url_map = gcp.compute.URLMap("default",
1700
+ name="url-map-target-proxy",
1200
1701
  description="a description",
1201
1702
  default_service=default_backend_service.id,
1202
1703
  host_rules=[gcp.compute.URLMapHostRuleArgs(
@@ -1211,14 +1712,272 @@ class GlobalForwardingRule(pulumi.CustomResource):
1211
1712
  service=default_backend_service.id,
1212
1713
  )],
1213
1714
  )])
1214
- default_target_http_proxy = gcp.compute.TargetHttpProxy("defaultTargetHttpProxy",
1715
+ default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
1716
+ name="target-proxy",
1215
1717
  description="a description",
1216
1718
  url_map=default_url_map.id)
1217
- default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule",
1719
+ default = gcp.compute.GlobalForwardingRule("default",
1720
+ name="global-rule",
1218
1721
  target=default_target_http_proxy.id,
1219
1722
  port_range="80",
1220
1723
  load_balancing_scheme="EXTERNAL_MANAGED")
1221
1724
  ```
1725
+ ### Global Forwarding Rule Hybrid
1726
+
1727
+ ```python
1728
+ import pulumi
1729
+ import pulumi_gcp as gcp
1730
+
1731
+ config = pulumi.Config()
1732
+ subnetwork_cidr = config.get("subnetworkCidr")
1733
+ if subnetwork_cidr is None:
1734
+ subnetwork_cidr = "10.0.0.0/24"
1735
+ default = gcp.compute.Network("default", name="my-network")
1736
+ internal = gcp.compute.Network("internal",
1737
+ name="my-internal-network",
1738
+ auto_create_subnetworks=False)
1739
+ internal_subnetwork = gcp.compute.Subnetwork("internal",
1740
+ name="my-subnetwork",
1741
+ network=internal.id,
1742
+ ip_cidr_range=subnetwork_cidr,
1743
+ region="us-central1",
1744
+ private_ip_google_access=True)
1745
+ # Zonal NEG with GCE_VM_IP_PORT
1746
+ default_network_endpoint_group = gcp.compute.NetworkEndpointGroup("default",
1747
+ name="default-neg",
1748
+ network=default.id,
1749
+ default_port=90,
1750
+ zone="us-central1-a",
1751
+ network_endpoint_type="GCE_VM_IP_PORT")
1752
+ # Zonal NEG with GCE_VM_IP
1753
+ internal_network_endpoint_group = gcp.compute.NetworkEndpointGroup("internal",
1754
+ name="internal-neg",
1755
+ network=internal.id,
1756
+ subnetwork=internal_subnetwork.id,
1757
+ zone="us-central1-a",
1758
+ network_endpoint_type="GCE_VM_IP")
1759
+ # Hybrid connectivity NEG
1760
+ hybrid = gcp.compute.NetworkEndpointGroup("hybrid",
1761
+ name="hybrid-neg",
1762
+ network=default.id,
1763
+ default_port=90,
1764
+ zone="us-central1-a",
1765
+ network_endpoint_type="NON_GCP_PRIVATE_IP_PORT")
1766
+ hybrid_endpoint = gcp.compute.NetworkEndpoint("hybrid-endpoint",
1767
+ network_endpoint_group=hybrid.name,
1768
+ port=hybrid.default_port,
1769
+ ip_address="127.0.0.1")
1770
+ default_health_check = gcp.compute.HealthCheck("default",
1771
+ name="health-check",
1772
+ timeout_sec=1,
1773
+ check_interval_sec=1,
1774
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
1775
+ port=80,
1776
+ ))
1777
+ # Backend service for Zonal NEG
1778
+ default_backend_service = gcp.compute.BackendService("default",
1779
+ name="backend-default",
1780
+ port_name="http",
1781
+ protocol="HTTP",
1782
+ timeout_sec=10,
1783
+ backends=[gcp.compute.BackendServiceBackendArgs(
1784
+ group=default_network_endpoint_group.id,
1785
+ balancing_mode="RATE",
1786
+ max_rate_per_endpoint=10,
1787
+ )],
1788
+ health_checks=default_health_check.id)
1789
+ # Backgend service for Hybrid NEG
1790
+ hybrid_backend_service = gcp.compute.BackendService("hybrid",
1791
+ name="backend-hybrid",
1792
+ port_name="http",
1793
+ protocol="HTTP",
1794
+ timeout_sec=10,
1795
+ backends=[gcp.compute.BackendServiceBackendArgs(
1796
+ group=hybrid.id,
1797
+ balancing_mode="RATE",
1798
+ max_rate_per_endpoint=10,
1799
+ )],
1800
+ health_checks=default_health_check.id)
1801
+ default_url_map = gcp.compute.URLMap("default",
1802
+ name="url-map-target-proxy",
1803
+ description="a description",
1804
+ default_service=default_backend_service.id,
1805
+ host_rules=[gcp.compute.URLMapHostRuleArgs(
1806
+ hosts=["mysite.com"],
1807
+ path_matcher="allpaths",
1808
+ )],
1809
+ path_matchers=[gcp.compute.URLMapPathMatcherArgs(
1810
+ name="allpaths",
1811
+ default_service=default_backend_service.id,
1812
+ path_rules=[
1813
+ gcp.compute.URLMapPathMatcherPathRuleArgs(
1814
+ paths=["/*"],
1815
+ service=default_backend_service.id,
1816
+ ),
1817
+ gcp.compute.URLMapPathMatcherPathRuleArgs(
1818
+ paths=["/hybrid"],
1819
+ service=hybrid_backend_service.id,
1820
+ ),
1821
+ ],
1822
+ )])
1823
+ default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
1824
+ name="target-proxy",
1825
+ description="a description",
1826
+ url_map=default_url_map.id)
1827
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
1828
+ name="global-rule",
1829
+ target=default_target_http_proxy.id,
1830
+ port_range="80")
1831
+ ```
1832
+ ### Global Internal Http Lb With Mig Backend
1833
+
1834
+ ```python
1835
+ import pulumi
1836
+ import pulumi_gcp as gcp
1837
+
1838
+ # Global Internal HTTP load balancer with a managed instance group backend
1839
+ # VPC network
1840
+ gilb_network = gcp.compute.Network("gilb_network",
1841
+ name="l7-gilb-network",
1842
+ auto_create_subnetworks=False)
1843
+ # proxy-only subnet
1844
+ proxy_subnet = gcp.compute.Subnetwork("proxy_subnet",
1845
+ name="l7-gilb-proxy-subnet",
1846
+ ip_cidr_range="10.0.0.0/24",
1847
+ region="europe-west1",
1848
+ purpose="GLOBAL_MANAGED_PROXY",
1849
+ role="ACTIVE",
1850
+ network=gilb_network.id)
1851
+ # backend subnet
1852
+ gilb_subnet = gcp.compute.Subnetwork("gilb_subnet",
1853
+ name="l7-gilb-subnet",
1854
+ ip_cidr_range="10.0.1.0/24",
1855
+ region="europe-west1",
1856
+ network=gilb_network.id)
1857
+ # health check
1858
+ default_health_check = gcp.compute.HealthCheck("default",
1859
+ name="l7-gilb-hc",
1860
+ http_health_check=gcp.compute.HealthCheckHttpHealthCheckArgs(
1861
+ port_specification="USE_SERVING_PORT",
1862
+ ))
1863
+ # instance template
1864
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
1865
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
1866
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
1867
+ network=gilb_network.id,
1868
+ subnetwork=gilb_subnet.id,
1869
+ )],
1870
+ name="l7-gilb-mig-template",
1871
+ machine_type="e2-small",
1872
+ tags=["http-server"],
1873
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
1874
+ source_image="debian-cloud/debian-10",
1875
+ auto_delete=True,
1876
+ boot=True,
1877
+ )],
1878
+ metadata={
1879
+ "startup-script": \"\"\"#! /bin/bash
1880
+ set -euo pipefail
1881
+
1882
+ export DEBIAN_FRONTEND=noninteractive
1883
+ apt-get update
1884
+ apt-get install -y nginx-light jq
1885
+
1886
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
1887
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
1888
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
1889
+
1890
+ cat <<EOF > /var/www/html/index.html
1891
+ <pre>
1892
+ Name: $NAME
1893
+ IP: $IP
1894
+ Metadata: $METADATA
1895
+ </pre>
1896
+ EOF
1897
+ \"\"\",
1898
+ })
1899
+ # MIG
1900
+ mig = gcp.compute.InstanceGroupManager("mig",
1901
+ name="l7-gilb-mig1",
1902
+ zone="europe-west1-b",
1903
+ versions=[gcp.compute.InstanceGroupManagerVersionArgs(
1904
+ instance_template=instance_template.id,
1905
+ name="primary",
1906
+ )],
1907
+ base_instance_name="vm",
1908
+ target_size=2)
1909
+ # backend service
1910
+ default_backend_service = gcp.compute.BackendService("default",
1911
+ name="l7-gilb-backend-subnet",
1912
+ protocol="HTTP",
1913
+ load_balancing_scheme="INTERNAL_MANAGED",
1914
+ timeout_sec=10,
1915
+ health_checks=default_health_check.id,
1916
+ backends=[gcp.compute.BackendServiceBackendArgs(
1917
+ group=mig.instance_group,
1918
+ balancing_mode="UTILIZATION",
1919
+ capacity_scaler=1,
1920
+ )])
1921
+ # URL map
1922
+ default_url_map = gcp.compute.URLMap("default",
1923
+ name="l7-gilb-url-map",
1924
+ default_service=default_backend_service.id)
1925
+ # HTTP target proxy
1926
+ default = gcp.compute.TargetHttpProxy("default",
1927
+ name="l7-gilb-target-http-proxy",
1928
+ url_map=default_url_map.id)
1929
+ # forwarding rule
1930
+ google_compute_forwarding_rule = gcp.compute.GlobalForwardingRule("google_compute_forwarding_rule",
1931
+ name="l7-gilb-forwarding-rule",
1932
+ ip_protocol="TCP",
1933
+ load_balancing_scheme="INTERNAL_MANAGED",
1934
+ port_range="80",
1935
+ target=default.id,
1936
+ network=gilb_network.id,
1937
+ subnetwork=gilb_subnet.id)
1938
+ # allow all access from IAP and health check ranges
1939
+ fw_iap = gcp.compute.Firewall("fw-iap",
1940
+ name="l7-gilb-fw-allow-iap-hc",
1941
+ direction="INGRESS",
1942
+ network=gilb_network.id,
1943
+ source_ranges=[
1944
+ "130.211.0.0/22",
1945
+ "35.191.0.0/16",
1946
+ "35.235.240.0/20",
1947
+ ],
1948
+ allows=[gcp.compute.FirewallAllowArgs(
1949
+ protocol="tcp",
1950
+ )])
1951
+ # allow http from proxy subnet to backends
1952
+ fw_gilb_to_backends = gcp.compute.Firewall("fw-gilb-to-backends",
1953
+ name="l7-gilb-fw-allow-gilb-to-backends",
1954
+ direction="INGRESS",
1955
+ network=gilb_network.id,
1956
+ source_ranges=["10.0.0.0/24"],
1957
+ target_tags=["http-server"],
1958
+ allows=[gcp.compute.FirewallAllowArgs(
1959
+ protocol="tcp",
1960
+ ports=[
1961
+ "80",
1962
+ "443",
1963
+ "8080",
1964
+ ],
1965
+ )])
1966
+ # test instance
1967
+ vm_test = gcp.compute.Instance("vm-test",
1968
+ name="l7-gilb-test-vm",
1969
+ zone="europe-west1-b",
1970
+ machine_type="e2-small",
1971
+ network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(
1972
+ network=gilb_network.id,
1973
+ subnetwork=gilb_subnet.id,
1974
+ )],
1975
+ boot_disk=gcp.compute.InstanceBootDiskArgs(
1976
+ initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(
1977
+ image="debian-cloud/debian-10",
1978
+ ),
1979
+ ))
1980
+ ```
1222
1981
  ### Private Service Connect Google Apis
1223
1982
 
1224
1983
  ```python
@@ -1227,33 +1986,33 @@ class GlobalForwardingRule(pulumi.CustomResource):
1227
1986
 
1228
1987
  network = gcp.compute.Network("network",
1229
1988
  project="my-project-name",
1230
- auto_create_subnetworks=False,
1231
- opts=pulumi.ResourceOptions(provider=google_beta))
1232
- vpc_subnetwork = gcp.compute.Subnetwork("vpcSubnetwork",
1989
+ name="my-network",
1990
+ auto_create_subnetworks=False)
1991
+ vpc_subnetwork = gcp.compute.Subnetwork("vpc_subnetwork",
1233
1992
  project=network.project,
1993
+ name="my-subnetwork",
1234
1994
  ip_cidr_range="10.2.0.0/16",
1235
1995
  region="us-central1",
1236
1996
  network=network.id,
1237
- private_ip_google_access=True,
1238
- opts=pulumi.ResourceOptions(provider=google_beta))
1239
- default_global_address = gcp.compute.GlobalAddress("defaultGlobalAddress",
1997
+ private_ip_google_access=True)
1998
+ default = gcp.compute.GlobalAddress("default",
1240
1999
  project=network.project,
2000
+ name="global-psconnect-ip",
1241
2001
  address_type="INTERNAL",
1242
2002
  purpose="PRIVATE_SERVICE_CONNECT",
1243
2003
  network=network.id,
1244
- address="100.100.100.106",
1245
- opts=pulumi.ResourceOptions(provider=google_beta))
1246
- default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule",
2004
+ address="100.100.100.106")
2005
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
1247
2006
  project=network.project,
2007
+ name="globalrule",
1248
2008
  target="all-apis",
1249
2009
  network=network.id,
1250
- ip_address=default_global_address.id,
2010
+ ip_address=default.id,
1251
2011
  load_balancing_scheme="",
1252
2012
  service_directory_registrations=gcp.compute.GlobalForwardingRuleServiceDirectoryRegistrationsArgs(
1253
2013
  namespace="sd-namespace",
1254
2014
  service_directory_region="europe-west3",
1255
- ),
1256
- opts=pulumi.ResourceOptions(provider=google_beta))
2015
+ ))
1257
2016
  ```
1258
2017
  ### Private Service Connect Google Apis No Automate Dns
1259
2018
 
@@ -1263,30 +2022,30 @@ class GlobalForwardingRule(pulumi.CustomResource):
1263
2022
 
1264
2023
  network = gcp.compute.Network("network",
1265
2024
  project="my-project-name",
1266
- auto_create_subnetworks=False,
1267
- opts=pulumi.ResourceOptions(provider=google_beta))
1268
- vpc_subnetwork = gcp.compute.Subnetwork("vpcSubnetwork",
2025
+ name="my-network",
2026
+ auto_create_subnetworks=False)
2027
+ vpc_subnetwork = gcp.compute.Subnetwork("vpc_subnetwork",
1269
2028
  project=network.project,
2029
+ name="my-subnetwork",
1270
2030
  ip_cidr_range="10.2.0.0/16",
1271
2031
  region="us-central1",
1272
2032
  network=network.id,
1273
- private_ip_google_access=True,
1274
- opts=pulumi.ResourceOptions(provider=google_beta))
1275
- default_global_address = gcp.compute.GlobalAddress("defaultGlobalAddress",
2033
+ private_ip_google_access=True)
2034
+ default = gcp.compute.GlobalAddress("default",
1276
2035
  project=network.project,
2036
+ name="global-psconnect-ip",
1277
2037
  address_type="INTERNAL",
1278
2038
  purpose="PRIVATE_SERVICE_CONNECT",
1279
2039
  network=network.id,
1280
- address="100.100.100.106",
1281
- opts=pulumi.ResourceOptions(provider=google_beta))
1282
- default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule",
2040
+ address="100.100.100.106")
2041
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
1283
2042
  project=network.project,
2043
+ name="globalrule",
1284
2044
  target="all-apis",
1285
2045
  network=network.id,
1286
- ip_address=default_global_address.id,
2046
+ ip_address=default.id,
1287
2047
  load_balancing_scheme="",
1288
- no_automate_dns_zone=False,
1289
- opts=pulumi.ResourceOptions(provider=google_beta))
2048
+ no_automate_dns_zone=False)
1290
2049
  ```
1291
2050
 
1292
2051
  ## Import
@@ -1465,18 +2224,519 @@ class GlobalForwardingRule(pulumi.CustomResource):
1465
2224
  https://cloud.google.com/compute/docs/load-balancing/http/
1466
2225
 
1467
2226
  ## Example Usage
2227
+ ### External Ssl Proxy Lb Mig Backend
2228
+
2229
+ ```python
2230
+ import pulumi
2231
+ import pulumi_gcp as gcp
2232
+ import pulumi_tls as tls
2233
+
2234
+ # External SSL proxy load balancer with managed instance group backend
2235
+ # VPC
2236
+ default = gcp.compute.Network("default",
2237
+ name="ssl-proxy-xlb-network",
2238
+ auto_create_subnetworks=False)
2239
+ # backend subnet
2240
+ default_subnetwork = gcp.compute.Subnetwork("default",
2241
+ name="ssl-proxy-xlb-subnet",
2242
+ ip_cidr_range="10.0.1.0/24",
2243
+ region="us-central1",
2244
+ network=default.id)
2245
+ # reserved IP address
2246
+ default_global_address = gcp.compute.GlobalAddress("default", name="ssl-proxy-xlb-ip")
2247
+ # Self-signed regional SSL certificate for testing
2248
+ default_private_key = tls.PrivateKey("default",
2249
+ algorithm="RSA",
2250
+ rsa_bits=2048)
2251
+ default_self_signed_cert = tls.SelfSignedCert("default",
2252
+ key_algorithm=default_private_key.algorithm,
2253
+ private_key_pem=default_private_key.private_key_pem,
2254
+ validity_period_hours=12,
2255
+ early_renewal_hours=3,
2256
+ allowed_uses=[
2257
+ "key_encipherment",
2258
+ "digital_signature",
2259
+ "server_auth",
2260
+ ],
2261
+ dns_names=["example.com"],
2262
+ subject=tls.SelfSignedCertSubjectArgs(
2263
+ common_name="example.com",
2264
+ organization="ACME Examples, Inc",
2265
+ ))
2266
+ default_ssl_certificate = gcp.compute.SSLCertificate("default",
2267
+ name="default-cert",
2268
+ private_key=default_private_key.private_key_pem,
2269
+ certificate=default_self_signed_cert.cert_pem)
2270
+ default_health_check = gcp.compute.HealthCheck("default",
2271
+ name="ssl-proxy-health-check",
2272
+ timeout_sec=1,
2273
+ check_interval_sec=1,
2274
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
2275
+ port=443,
2276
+ ))
2277
+ # instance template
2278
+ default_instance_template = gcp.compute.InstanceTemplate("default",
2279
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
2280
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
2281
+ network=default.id,
2282
+ subnetwork=default_subnetwork.id,
2283
+ )],
2284
+ name="ssl-proxy-xlb-mig-template",
2285
+ machine_type="e2-small",
2286
+ tags=["allow-health-check"],
2287
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
2288
+ source_image="debian-cloud/debian-10",
2289
+ auto_delete=True,
2290
+ boot=True,
2291
+ )],
2292
+ metadata={
2293
+ "startup-script": \"\"\"#! /bin/bash
2294
+ set -euo pipefail
2295
+ export DEBIAN_FRONTEND=noninteractive
2296
+ sudo apt-get update
2297
+ sudo apt-get install -y apache2 jq
2298
+ sudo a2ensite default-ssl
2299
+ sudo a2enmod ssl
2300
+ sudo service apache2 restart
2301
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
2302
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
2303
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
2304
+ cat <<EOF > /var/www/html/index.html
2305
+ <h1>SSL Load Balancer</h1>
2306
+ <pre>
2307
+ Name: $NAME
2308
+ IP: $IP
2309
+ Metadata: $METADATA
2310
+ </pre>
2311
+ EOF
2312
+ \"\"\",
2313
+ })
2314
+ # MIG
2315
+ default_instance_group_manager = gcp.compute.InstanceGroupManager("default",
2316
+ name="ssl-proxy-xlb-mig1",
2317
+ zone="us-central1-c",
2318
+ named_ports=[gcp.compute.InstanceGroupManagerNamedPortArgs(
2319
+ name="tcp",
2320
+ port=443,
2321
+ )],
2322
+ versions=[gcp.compute.InstanceGroupManagerVersionArgs(
2323
+ instance_template=default_instance_template.id,
2324
+ name="primary",
2325
+ )],
2326
+ base_instance_name="vm",
2327
+ target_size=2)
2328
+ # backend service
2329
+ default_backend_service = gcp.compute.BackendService("default",
2330
+ name="ssl-proxy-xlb-backend-service",
2331
+ protocol="SSL",
2332
+ port_name="tcp",
2333
+ load_balancing_scheme="EXTERNAL",
2334
+ timeout_sec=10,
2335
+ health_checks=default_health_check.id,
2336
+ backends=[gcp.compute.BackendServiceBackendArgs(
2337
+ group=default_instance_group_manager.instance_group,
2338
+ balancing_mode="UTILIZATION",
2339
+ max_utilization=1,
2340
+ capacity_scaler=1,
2341
+ )])
2342
+ default_target_ssl_proxy = gcp.compute.TargetSSLProxy("default",
2343
+ name="test-proxy",
2344
+ backend_service=default_backend_service.id,
2345
+ ssl_certificates=[default_ssl_certificate.id])
2346
+ # forwarding rule
2347
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
2348
+ name="ssl-proxy-xlb-forwarding-rule",
2349
+ ip_protocol="TCP",
2350
+ load_balancing_scheme="EXTERNAL",
2351
+ port_range="443",
2352
+ target=default_target_ssl_proxy.id,
2353
+ ip_address=default_global_address.id)
2354
+ # allow access from health check ranges
2355
+ default_firewall = gcp.compute.Firewall("default",
2356
+ name="ssl-proxy-xlb-fw-allow-hc",
2357
+ direction="INGRESS",
2358
+ network=default.id,
2359
+ source_ranges=[
2360
+ "130.211.0.0/22",
2361
+ "35.191.0.0/16",
2362
+ ],
2363
+ allows=[gcp.compute.FirewallAllowArgs(
2364
+ protocol="tcp",
2365
+ )],
2366
+ target_tags=["allow-health-check"])
2367
+ ```
2368
+ ### External Tcp Proxy Lb Mig Backend
2369
+
2370
+ ```python
2371
+ import pulumi
2372
+ import pulumi_gcp as gcp
2373
+
2374
+ # External TCP proxy load balancer with managed instance group backend
2375
+ # VPC
2376
+ default = gcp.compute.Network("default",
2377
+ name="tcp-proxy-xlb-network",
2378
+ auto_create_subnetworks=False)
2379
+ # backend subnet
2380
+ default_subnetwork = gcp.compute.Subnetwork("default",
2381
+ name="tcp-proxy-xlb-subnet",
2382
+ ip_cidr_range="10.0.1.0/24",
2383
+ region="us-central1",
2384
+ network=default.id)
2385
+ # reserved IP address
2386
+ default_global_address = gcp.compute.GlobalAddress("default", name="tcp-proxy-xlb-ip")
2387
+ default_health_check = gcp.compute.HealthCheck("default",
2388
+ name="tcp-proxy-health-check",
2389
+ timeout_sec=1,
2390
+ check_interval_sec=1,
2391
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
2392
+ port=80,
2393
+ ))
2394
+ # instance template
2395
+ default_instance_template = gcp.compute.InstanceTemplate("default",
2396
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
2397
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
2398
+ network=default.id,
2399
+ subnetwork=default_subnetwork.id,
2400
+ )],
2401
+ name="tcp-proxy-xlb-mig-template",
2402
+ machine_type="e2-small",
2403
+ tags=["allow-health-check"],
2404
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
2405
+ source_image="debian-cloud/debian-10",
2406
+ auto_delete=True,
2407
+ boot=True,
2408
+ )],
2409
+ metadata={
2410
+ "startup-script": \"\"\"#! /bin/bash
2411
+ set -euo pipefail
2412
+ export DEBIAN_FRONTEND=noninteractive
2413
+ apt-get update
2414
+ apt-get install -y nginx-light jq
2415
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
2416
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
2417
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
2418
+ cat <<EOF > /var/www/html/index.html
2419
+ <pre>
2420
+ Name: $NAME
2421
+ IP: $IP
2422
+ Metadata: $METADATA
2423
+ </pre>
2424
+ EOF
2425
+ \"\"\",
2426
+ })
2427
+ # MIG
2428
+ default_instance_group_manager = gcp.compute.InstanceGroupManager("default",
2429
+ name="tcp-proxy-xlb-mig1",
2430
+ zone="us-central1-c",
2431
+ named_ports=[gcp.compute.InstanceGroupManagerNamedPortArgs(
2432
+ name="tcp",
2433
+ port=80,
2434
+ )],
2435
+ versions=[gcp.compute.InstanceGroupManagerVersionArgs(
2436
+ instance_template=default_instance_template.id,
2437
+ name="primary",
2438
+ )],
2439
+ base_instance_name="vm",
2440
+ target_size=2)
2441
+ # backend service
2442
+ default_backend_service = gcp.compute.BackendService("default",
2443
+ name="tcp-proxy-xlb-backend-service",
2444
+ protocol="TCP",
2445
+ port_name="tcp",
2446
+ load_balancing_scheme="EXTERNAL",
2447
+ timeout_sec=10,
2448
+ health_checks=default_health_check.id,
2449
+ backends=[gcp.compute.BackendServiceBackendArgs(
2450
+ group=default_instance_group_manager.instance_group,
2451
+ balancing_mode="UTILIZATION",
2452
+ max_utilization=1,
2453
+ capacity_scaler=1,
2454
+ )])
2455
+ default_target_tcp_proxy = gcp.compute.TargetTCPProxy("default",
2456
+ name="test-proxy-health-check",
2457
+ backend_service=default_backend_service.id)
2458
+ # forwarding rule
2459
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
2460
+ name="tcp-proxy-xlb-forwarding-rule",
2461
+ ip_protocol="TCP",
2462
+ load_balancing_scheme="EXTERNAL",
2463
+ port_range="110",
2464
+ target=default_target_tcp_proxy.id,
2465
+ ip_address=default_global_address.id)
2466
+ # allow access from health check ranges
2467
+ default_firewall = gcp.compute.Firewall("default",
2468
+ name="tcp-proxy-xlb-fw-allow-hc",
2469
+ direction="INGRESS",
2470
+ network=default.id,
2471
+ source_ranges=[
2472
+ "130.211.0.0/22",
2473
+ "35.191.0.0/16",
2474
+ ],
2475
+ allows=[gcp.compute.FirewallAllowArgs(
2476
+ protocol="tcp",
2477
+ )],
2478
+ target_tags=["allow-health-check"])
2479
+ ```
2480
+ ### External Http Lb Mig Backend Custom Header
2481
+
2482
+ ```python
2483
+ import pulumi
2484
+ import pulumi_gcp as gcp
2485
+
2486
+ # External HTTP load balancer with a CDN-enabled managed instance group backend
2487
+ # and custom request and response headers
2488
+ # VPC
2489
+ default = gcp.compute.Network("default",
2490
+ name="l7-xlb-network",
2491
+ auto_create_subnetworks=False)
2492
+ # backend subnet
2493
+ default_subnetwork = gcp.compute.Subnetwork("default",
2494
+ name="l7-xlb-subnet",
2495
+ ip_cidr_range="10.0.1.0/24",
2496
+ region="us-central1",
2497
+ network=default.id)
2498
+ # reserved IP address
2499
+ default_global_address = gcp.compute.GlobalAddress("default", name="l7-xlb-static-ip")
2500
+ # health check
2501
+ default_health_check = gcp.compute.HealthCheck("default",
2502
+ name="l7-xlb-hc",
2503
+ http_health_check=gcp.compute.HealthCheckHttpHealthCheckArgs(
2504
+ port_specification="USE_SERVING_PORT",
2505
+ ))
2506
+ # instance template
2507
+ default_instance_template = gcp.compute.InstanceTemplate("default",
2508
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
2509
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
2510
+ network=default.id,
2511
+ subnetwork=default_subnetwork.id,
2512
+ )],
2513
+ name="l7-xlb-mig-template",
2514
+ machine_type="e2-small",
2515
+ tags=["allow-health-check"],
2516
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
2517
+ source_image="debian-cloud/debian-10",
2518
+ auto_delete=True,
2519
+ boot=True,
2520
+ )],
2521
+ metadata={
2522
+ "startup-script": \"\"\"#! /bin/bash
2523
+ set -euo pipefail
2524
+
2525
+ export DEBIAN_FRONTEND=noninteractive
2526
+ apt-get update
2527
+ apt-get install -y nginx-light jq
2528
+
2529
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
2530
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
2531
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
2532
+
2533
+ cat <<EOF > /var/www/html/index.html
2534
+ <pre>
2535
+ Name: $NAME
2536
+ IP: $IP
2537
+ Metadata: $METADATA
2538
+ </pre>
2539
+ EOF
2540
+ \"\"\",
2541
+ })
2542
+ # MIG
2543
+ default_instance_group_manager = gcp.compute.InstanceGroupManager("default",
2544
+ name="l7-xlb-mig1",
2545
+ zone="us-central1-c",
2546
+ named_ports=[gcp.compute.InstanceGroupManagerNamedPortArgs(
2547
+ name="http",
2548
+ port=8080,
2549
+ )],
2550
+ versions=[gcp.compute.InstanceGroupManagerVersionArgs(
2551
+ instance_template=default_instance_template.id,
2552
+ name="primary",
2553
+ )],
2554
+ base_instance_name="vm",
2555
+ target_size=2)
2556
+ # backend service with custom request and response headers
2557
+ default_backend_service = gcp.compute.BackendService("default",
2558
+ name="l7-xlb-backend-service",
2559
+ protocol="HTTP",
2560
+ port_name="my-port",
2561
+ load_balancing_scheme="EXTERNAL",
2562
+ timeout_sec=10,
2563
+ enable_cdn=True,
2564
+ custom_request_headers=["X-Client-Geo-Location: {client_region_subdivision}, {client_city}"],
2565
+ custom_response_headers=["X-Cache-Hit: {cdn_cache_status}"],
2566
+ health_checks=default_health_check.id,
2567
+ backends=[gcp.compute.BackendServiceBackendArgs(
2568
+ group=default_instance_group_manager.instance_group,
2569
+ balancing_mode="UTILIZATION",
2570
+ capacity_scaler=1,
2571
+ )])
2572
+ # url map
2573
+ default_url_map = gcp.compute.URLMap("default",
2574
+ name="l7-xlb-url-map",
2575
+ default_service=default_backend_service.id)
2576
+ # http proxy
2577
+ default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
2578
+ name="l7-xlb-target-http-proxy",
2579
+ url_map=default_url_map.id)
2580
+ # forwarding rule
2581
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
2582
+ name="l7-xlb-forwarding-rule",
2583
+ ip_protocol="TCP",
2584
+ load_balancing_scheme="EXTERNAL",
2585
+ port_range="80",
2586
+ target=default_target_http_proxy.id,
2587
+ ip_address=default_global_address.id)
2588
+ # allow access from health check ranges
2589
+ default_firewall = gcp.compute.Firewall("default",
2590
+ name="l7-xlb-fw-allow-hc",
2591
+ direction="INGRESS",
2592
+ network=default.id,
2593
+ source_ranges=[
2594
+ "130.211.0.0/22",
2595
+ "35.191.0.0/16",
2596
+ ],
2597
+ allows=[gcp.compute.FirewallAllowArgs(
2598
+ protocol="tcp",
2599
+ )],
2600
+ target_tags=["allow-health-check"])
2601
+ ```
2602
+ ### Global Forwarding Rule Http
2603
+
2604
+ ```python
2605
+ import pulumi
2606
+ import pulumi_gcp as gcp
2607
+
2608
+ default_http_health_check = gcp.compute.HttpHealthCheck("default",
2609
+ name="check-backend",
2610
+ request_path="/",
2611
+ check_interval_sec=1,
2612
+ timeout_sec=1)
2613
+ default_backend_service = gcp.compute.BackendService("default",
2614
+ name="backend",
2615
+ port_name="http",
2616
+ protocol="HTTP",
2617
+ timeout_sec=10,
2618
+ health_checks=default_http_health_check.id)
2619
+ default_url_map = gcp.compute.URLMap("default",
2620
+ name="url-map-target-proxy",
2621
+ description="a description",
2622
+ default_service=default_backend_service.id,
2623
+ host_rules=[gcp.compute.URLMapHostRuleArgs(
2624
+ hosts=["mysite.com"],
2625
+ path_matcher="allpaths",
2626
+ )],
2627
+ path_matchers=[gcp.compute.URLMapPathMatcherArgs(
2628
+ name="allpaths",
2629
+ default_service=default_backend_service.id,
2630
+ path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs(
2631
+ paths=["/*"],
2632
+ service=default_backend_service.id,
2633
+ )],
2634
+ )])
2635
+ default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
2636
+ name="target-proxy",
2637
+ description="a description",
2638
+ url_map=default_url_map.id)
2639
+ default = gcp.compute.GlobalForwardingRule("default",
2640
+ name="global-rule",
2641
+ target=default_target_http_proxy.id,
2642
+ port_range="80")
2643
+ ```
2644
+ ### Global Forwarding Rule Internal
2645
+
2646
+ ```python
2647
+ import pulumi
2648
+ import pulumi_gcp as gcp
2649
+
2650
+ debian_image = gcp.compute.get_image(family="debian-11",
2651
+ project="debian-cloud")
2652
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
2653
+ name="template-backend",
2654
+ machine_type="e2-medium",
2655
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
2656
+ network="default",
2657
+ )],
2658
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
2659
+ source_image=debian_image.self_link,
2660
+ auto_delete=True,
2661
+ boot=True,
2662
+ )])
2663
+ igm = gcp.compute.InstanceGroupManager("igm",
2664
+ name="igm-internal",
2665
+ versions=[gcp.compute.InstanceGroupManagerVersionArgs(
2666
+ instance_template=instance_template.id,
2667
+ name="primary",
2668
+ )],
2669
+ base_instance_name="internal-glb",
2670
+ zone="us-central1-f",
2671
+ target_size=1)
2672
+ default_health_check = gcp.compute.HealthCheck("default",
2673
+ name="check-backend",
2674
+ check_interval_sec=1,
2675
+ timeout_sec=1,
2676
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
2677
+ port=80,
2678
+ ))
2679
+ default_backend_service = gcp.compute.BackendService("default",
2680
+ name="backend",
2681
+ port_name="http",
2682
+ protocol="HTTP",
2683
+ timeout_sec=10,
2684
+ load_balancing_scheme="INTERNAL_SELF_MANAGED",
2685
+ backends=[gcp.compute.BackendServiceBackendArgs(
2686
+ group=igm.instance_group,
2687
+ balancing_mode="RATE",
2688
+ capacity_scaler=0.4,
2689
+ max_rate_per_instance=50,
2690
+ )],
2691
+ health_checks=default_health_check.id)
2692
+ default_url_map = gcp.compute.URLMap("default",
2693
+ name="url-map-target-proxy",
2694
+ description="a description",
2695
+ default_service=default_backend_service.id,
2696
+ host_rules=[gcp.compute.URLMapHostRuleArgs(
2697
+ hosts=["mysite.com"],
2698
+ path_matcher="allpaths",
2699
+ )],
2700
+ path_matchers=[gcp.compute.URLMapPathMatcherArgs(
2701
+ name="allpaths",
2702
+ default_service=default_backend_service.id,
2703
+ path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs(
2704
+ paths=["/*"],
2705
+ service=default_backend_service.id,
2706
+ )],
2707
+ )])
2708
+ default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
2709
+ name="target-proxy",
2710
+ description="a description",
2711
+ url_map=default_url_map.id)
2712
+ default = gcp.compute.GlobalForwardingRule("default",
2713
+ name="global-rule",
2714
+ target=default_target_http_proxy.id,
2715
+ port_range="80",
2716
+ load_balancing_scheme="INTERNAL_SELF_MANAGED",
2717
+ ip_address="0.0.0.0",
2718
+ metadata_filters=[gcp.compute.GlobalForwardingRuleMetadataFilterArgs(
2719
+ filter_match_criteria="MATCH_ANY",
2720
+ filter_labels=[gcp.compute.GlobalForwardingRuleMetadataFilterFilterLabelArgs(
2721
+ name="PLANET",
2722
+ value="MARS",
2723
+ )],
2724
+ )])
2725
+ ```
1468
2726
  ### Global Forwarding Rule External Managed
1469
2727
 
1470
2728
  ```python
1471
2729
  import pulumi
1472
2730
  import pulumi_gcp as gcp
1473
2731
 
1474
- default_backend_service = gcp.compute.BackendService("defaultBackendService",
2732
+ default_backend_service = gcp.compute.BackendService("default",
2733
+ name="backend",
1475
2734
  port_name="http",
1476
2735
  protocol="HTTP",
1477
2736
  timeout_sec=10,
1478
2737
  load_balancing_scheme="EXTERNAL_MANAGED")
1479
- default_url_map = gcp.compute.URLMap("defaultURLMap",
2738
+ default_url_map = gcp.compute.URLMap("default",
2739
+ name="url-map-target-proxy",
1480
2740
  description="a description",
1481
2741
  default_service=default_backend_service.id,
1482
2742
  host_rules=[gcp.compute.URLMapHostRuleArgs(
@@ -1491,14 +2751,272 @@ class GlobalForwardingRule(pulumi.CustomResource):
1491
2751
  service=default_backend_service.id,
1492
2752
  )],
1493
2753
  )])
1494
- default_target_http_proxy = gcp.compute.TargetHttpProxy("defaultTargetHttpProxy",
2754
+ default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
2755
+ name="target-proxy",
1495
2756
  description="a description",
1496
2757
  url_map=default_url_map.id)
1497
- default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule",
2758
+ default = gcp.compute.GlobalForwardingRule("default",
2759
+ name="global-rule",
1498
2760
  target=default_target_http_proxy.id,
1499
2761
  port_range="80",
1500
2762
  load_balancing_scheme="EXTERNAL_MANAGED")
1501
2763
  ```
2764
+ ### Global Forwarding Rule Hybrid
2765
+
2766
+ ```python
2767
+ import pulumi
2768
+ import pulumi_gcp as gcp
2769
+
2770
+ config = pulumi.Config()
2771
+ subnetwork_cidr = config.get("subnetworkCidr")
2772
+ if subnetwork_cidr is None:
2773
+ subnetwork_cidr = "10.0.0.0/24"
2774
+ default = gcp.compute.Network("default", name="my-network")
2775
+ internal = gcp.compute.Network("internal",
2776
+ name="my-internal-network",
2777
+ auto_create_subnetworks=False)
2778
+ internal_subnetwork = gcp.compute.Subnetwork("internal",
2779
+ name="my-subnetwork",
2780
+ network=internal.id,
2781
+ ip_cidr_range=subnetwork_cidr,
2782
+ region="us-central1",
2783
+ private_ip_google_access=True)
2784
+ # Zonal NEG with GCE_VM_IP_PORT
2785
+ default_network_endpoint_group = gcp.compute.NetworkEndpointGroup("default",
2786
+ name="default-neg",
2787
+ network=default.id,
2788
+ default_port=90,
2789
+ zone="us-central1-a",
2790
+ network_endpoint_type="GCE_VM_IP_PORT")
2791
+ # Zonal NEG with GCE_VM_IP
2792
+ internal_network_endpoint_group = gcp.compute.NetworkEndpointGroup("internal",
2793
+ name="internal-neg",
2794
+ network=internal.id,
2795
+ subnetwork=internal_subnetwork.id,
2796
+ zone="us-central1-a",
2797
+ network_endpoint_type="GCE_VM_IP")
2798
+ # Hybrid connectivity NEG
2799
+ hybrid = gcp.compute.NetworkEndpointGroup("hybrid",
2800
+ name="hybrid-neg",
2801
+ network=default.id,
2802
+ default_port=90,
2803
+ zone="us-central1-a",
2804
+ network_endpoint_type="NON_GCP_PRIVATE_IP_PORT")
2805
+ hybrid_endpoint = gcp.compute.NetworkEndpoint("hybrid-endpoint",
2806
+ network_endpoint_group=hybrid.name,
2807
+ port=hybrid.default_port,
2808
+ ip_address="127.0.0.1")
2809
+ default_health_check = gcp.compute.HealthCheck("default",
2810
+ name="health-check",
2811
+ timeout_sec=1,
2812
+ check_interval_sec=1,
2813
+ tcp_health_check=gcp.compute.HealthCheckTcpHealthCheckArgs(
2814
+ port=80,
2815
+ ))
2816
+ # Backend service for Zonal NEG
2817
+ default_backend_service = gcp.compute.BackendService("default",
2818
+ name="backend-default",
2819
+ port_name="http",
2820
+ protocol="HTTP",
2821
+ timeout_sec=10,
2822
+ backends=[gcp.compute.BackendServiceBackendArgs(
2823
+ group=default_network_endpoint_group.id,
2824
+ balancing_mode="RATE",
2825
+ max_rate_per_endpoint=10,
2826
+ )],
2827
+ health_checks=default_health_check.id)
2828
+ # Backgend service for Hybrid NEG
2829
+ hybrid_backend_service = gcp.compute.BackendService("hybrid",
2830
+ name="backend-hybrid",
2831
+ port_name="http",
2832
+ protocol="HTTP",
2833
+ timeout_sec=10,
2834
+ backends=[gcp.compute.BackendServiceBackendArgs(
2835
+ group=hybrid.id,
2836
+ balancing_mode="RATE",
2837
+ max_rate_per_endpoint=10,
2838
+ )],
2839
+ health_checks=default_health_check.id)
2840
+ default_url_map = gcp.compute.URLMap("default",
2841
+ name="url-map-target-proxy",
2842
+ description="a description",
2843
+ default_service=default_backend_service.id,
2844
+ host_rules=[gcp.compute.URLMapHostRuleArgs(
2845
+ hosts=["mysite.com"],
2846
+ path_matcher="allpaths",
2847
+ )],
2848
+ path_matchers=[gcp.compute.URLMapPathMatcherArgs(
2849
+ name="allpaths",
2850
+ default_service=default_backend_service.id,
2851
+ path_rules=[
2852
+ gcp.compute.URLMapPathMatcherPathRuleArgs(
2853
+ paths=["/*"],
2854
+ service=default_backend_service.id,
2855
+ ),
2856
+ gcp.compute.URLMapPathMatcherPathRuleArgs(
2857
+ paths=["/hybrid"],
2858
+ service=hybrid_backend_service.id,
2859
+ ),
2860
+ ],
2861
+ )])
2862
+ default_target_http_proxy = gcp.compute.TargetHttpProxy("default",
2863
+ name="target-proxy",
2864
+ description="a description",
2865
+ url_map=default_url_map.id)
2866
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
2867
+ name="global-rule",
2868
+ target=default_target_http_proxy.id,
2869
+ port_range="80")
2870
+ ```
2871
+ ### Global Internal Http Lb With Mig Backend
2872
+
2873
+ ```python
2874
+ import pulumi
2875
+ import pulumi_gcp as gcp
2876
+
2877
+ # Global Internal HTTP load balancer with a managed instance group backend
2878
+ # VPC network
2879
+ gilb_network = gcp.compute.Network("gilb_network",
2880
+ name="l7-gilb-network",
2881
+ auto_create_subnetworks=False)
2882
+ # proxy-only subnet
2883
+ proxy_subnet = gcp.compute.Subnetwork("proxy_subnet",
2884
+ name="l7-gilb-proxy-subnet",
2885
+ ip_cidr_range="10.0.0.0/24",
2886
+ region="europe-west1",
2887
+ purpose="GLOBAL_MANAGED_PROXY",
2888
+ role="ACTIVE",
2889
+ network=gilb_network.id)
2890
+ # backend subnet
2891
+ gilb_subnet = gcp.compute.Subnetwork("gilb_subnet",
2892
+ name="l7-gilb-subnet",
2893
+ ip_cidr_range="10.0.1.0/24",
2894
+ region="europe-west1",
2895
+ network=gilb_network.id)
2896
+ # health check
2897
+ default_health_check = gcp.compute.HealthCheck("default",
2898
+ name="l7-gilb-hc",
2899
+ http_health_check=gcp.compute.HealthCheckHttpHealthCheckArgs(
2900
+ port_specification="USE_SERVING_PORT",
2901
+ ))
2902
+ # instance template
2903
+ instance_template = gcp.compute.InstanceTemplate("instance_template",
2904
+ network_interfaces=[gcp.compute.InstanceTemplateNetworkInterfaceArgs(
2905
+ access_configs=[gcp.compute.InstanceTemplateNetworkInterfaceAccessConfigArgs()],
2906
+ network=gilb_network.id,
2907
+ subnetwork=gilb_subnet.id,
2908
+ )],
2909
+ name="l7-gilb-mig-template",
2910
+ machine_type="e2-small",
2911
+ tags=["http-server"],
2912
+ disks=[gcp.compute.InstanceTemplateDiskArgs(
2913
+ source_image="debian-cloud/debian-10",
2914
+ auto_delete=True,
2915
+ boot=True,
2916
+ )],
2917
+ metadata={
2918
+ "startup-script": \"\"\"#! /bin/bash
2919
+ set -euo pipefail
2920
+
2921
+ export DEBIAN_FRONTEND=noninteractive
2922
+ apt-get update
2923
+ apt-get install -y nginx-light jq
2924
+
2925
+ NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
2926
+ IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
2927
+ METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
2928
+
2929
+ cat <<EOF > /var/www/html/index.html
2930
+ <pre>
2931
+ Name: $NAME
2932
+ IP: $IP
2933
+ Metadata: $METADATA
2934
+ </pre>
2935
+ EOF
2936
+ \"\"\",
2937
+ })
2938
+ # MIG
2939
+ mig = gcp.compute.InstanceGroupManager("mig",
2940
+ name="l7-gilb-mig1",
2941
+ zone="europe-west1-b",
2942
+ versions=[gcp.compute.InstanceGroupManagerVersionArgs(
2943
+ instance_template=instance_template.id,
2944
+ name="primary",
2945
+ )],
2946
+ base_instance_name="vm",
2947
+ target_size=2)
2948
+ # backend service
2949
+ default_backend_service = gcp.compute.BackendService("default",
2950
+ name="l7-gilb-backend-subnet",
2951
+ protocol="HTTP",
2952
+ load_balancing_scheme="INTERNAL_MANAGED",
2953
+ timeout_sec=10,
2954
+ health_checks=default_health_check.id,
2955
+ backends=[gcp.compute.BackendServiceBackendArgs(
2956
+ group=mig.instance_group,
2957
+ balancing_mode="UTILIZATION",
2958
+ capacity_scaler=1,
2959
+ )])
2960
+ # URL map
2961
+ default_url_map = gcp.compute.URLMap("default",
2962
+ name="l7-gilb-url-map",
2963
+ default_service=default_backend_service.id)
2964
+ # HTTP target proxy
2965
+ default = gcp.compute.TargetHttpProxy("default",
2966
+ name="l7-gilb-target-http-proxy",
2967
+ url_map=default_url_map.id)
2968
+ # forwarding rule
2969
+ google_compute_forwarding_rule = gcp.compute.GlobalForwardingRule("google_compute_forwarding_rule",
2970
+ name="l7-gilb-forwarding-rule",
2971
+ ip_protocol="TCP",
2972
+ load_balancing_scheme="INTERNAL_MANAGED",
2973
+ port_range="80",
2974
+ target=default.id,
2975
+ network=gilb_network.id,
2976
+ subnetwork=gilb_subnet.id)
2977
+ # allow all access from IAP and health check ranges
2978
+ fw_iap = gcp.compute.Firewall("fw-iap",
2979
+ name="l7-gilb-fw-allow-iap-hc",
2980
+ direction="INGRESS",
2981
+ network=gilb_network.id,
2982
+ source_ranges=[
2983
+ "130.211.0.0/22",
2984
+ "35.191.0.0/16",
2985
+ "35.235.240.0/20",
2986
+ ],
2987
+ allows=[gcp.compute.FirewallAllowArgs(
2988
+ protocol="tcp",
2989
+ )])
2990
+ # allow http from proxy subnet to backends
2991
+ fw_gilb_to_backends = gcp.compute.Firewall("fw-gilb-to-backends",
2992
+ name="l7-gilb-fw-allow-gilb-to-backends",
2993
+ direction="INGRESS",
2994
+ network=gilb_network.id,
2995
+ source_ranges=["10.0.0.0/24"],
2996
+ target_tags=["http-server"],
2997
+ allows=[gcp.compute.FirewallAllowArgs(
2998
+ protocol="tcp",
2999
+ ports=[
3000
+ "80",
3001
+ "443",
3002
+ "8080",
3003
+ ],
3004
+ )])
3005
+ # test instance
3006
+ vm_test = gcp.compute.Instance("vm-test",
3007
+ name="l7-gilb-test-vm",
3008
+ zone="europe-west1-b",
3009
+ machine_type="e2-small",
3010
+ network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(
3011
+ network=gilb_network.id,
3012
+ subnetwork=gilb_subnet.id,
3013
+ )],
3014
+ boot_disk=gcp.compute.InstanceBootDiskArgs(
3015
+ initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(
3016
+ image="debian-cloud/debian-10",
3017
+ ),
3018
+ ))
3019
+ ```
1502
3020
  ### Private Service Connect Google Apis
1503
3021
 
1504
3022
  ```python
@@ -1507,33 +3025,33 @@ class GlobalForwardingRule(pulumi.CustomResource):
1507
3025
 
1508
3026
  network = gcp.compute.Network("network",
1509
3027
  project="my-project-name",
1510
- auto_create_subnetworks=False,
1511
- opts=pulumi.ResourceOptions(provider=google_beta))
1512
- vpc_subnetwork = gcp.compute.Subnetwork("vpcSubnetwork",
3028
+ name="my-network",
3029
+ auto_create_subnetworks=False)
3030
+ vpc_subnetwork = gcp.compute.Subnetwork("vpc_subnetwork",
1513
3031
  project=network.project,
3032
+ name="my-subnetwork",
1514
3033
  ip_cidr_range="10.2.0.0/16",
1515
3034
  region="us-central1",
1516
3035
  network=network.id,
1517
- private_ip_google_access=True,
1518
- opts=pulumi.ResourceOptions(provider=google_beta))
1519
- default_global_address = gcp.compute.GlobalAddress("defaultGlobalAddress",
3036
+ private_ip_google_access=True)
3037
+ default = gcp.compute.GlobalAddress("default",
1520
3038
  project=network.project,
3039
+ name="global-psconnect-ip",
1521
3040
  address_type="INTERNAL",
1522
3041
  purpose="PRIVATE_SERVICE_CONNECT",
1523
3042
  network=network.id,
1524
- address="100.100.100.106",
1525
- opts=pulumi.ResourceOptions(provider=google_beta))
1526
- default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule",
3043
+ address="100.100.100.106")
3044
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
1527
3045
  project=network.project,
3046
+ name="globalrule",
1528
3047
  target="all-apis",
1529
3048
  network=network.id,
1530
- ip_address=default_global_address.id,
3049
+ ip_address=default.id,
1531
3050
  load_balancing_scheme="",
1532
3051
  service_directory_registrations=gcp.compute.GlobalForwardingRuleServiceDirectoryRegistrationsArgs(
1533
3052
  namespace="sd-namespace",
1534
3053
  service_directory_region="europe-west3",
1535
- ),
1536
- opts=pulumi.ResourceOptions(provider=google_beta))
3054
+ ))
1537
3055
  ```
1538
3056
  ### Private Service Connect Google Apis No Automate Dns
1539
3057
 
@@ -1543,30 +3061,30 @@ class GlobalForwardingRule(pulumi.CustomResource):
1543
3061
 
1544
3062
  network = gcp.compute.Network("network",
1545
3063
  project="my-project-name",
1546
- auto_create_subnetworks=False,
1547
- opts=pulumi.ResourceOptions(provider=google_beta))
1548
- vpc_subnetwork = gcp.compute.Subnetwork("vpcSubnetwork",
3064
+ name="my-network",
3065
+ auto_create_subnetworks=False)
3066
+ vpc_subnetwork = gcp.compute.Subnetwork("vpc_subnetwork",
1549
3067
  project=network.project,
3068
+ name="my-subnetwork",
1550
3069
  ip_cidr_range="10.2.0.0/16",
1551
3070
  region="us-central1",
1552
3071
  network=network.id,
1553
- private_ip_google_access=True,
1554
- opts=pulumi.ResourceOptions(provider=google_beta))
1555
- default_global_address = gcp.compute.GlobalAddress("defaultGlobalAddress",
3072
+ private_ip_google_access=True)
3073
+ default = gcp.compute.GlobalAddress("default",
1556
3074
  project=network.project,
3075
+ name="global-psconnect-ip",
1557
3076
  address_type="INTERNAL",
1558
3077
  purpose="PRIVATE_SERVICE_CONNECT",
1559
3078
  network=network.id,
1560
- address="100.100.100.106",
1561
- opts=pulumi.ResourceOptions(provider=google_beta))
1562
- default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule",
3079
+ address="100.100.100.106")
3080
+ default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("default",
1563
3081
  project=network.project,
3082
+ name="globalrule",
1564
3083
  target="all-apis",
1565
3084
  network=network.id,
1566
- ip_address=default_global_address.id,
3085
+ ip_address=default.id,
1567
3086
  load_balancing_scheme="",
1568
- no_automate_dns_zone=False,
1569
- opts=pulumi.ResourceOptions(provider=google_beta))
3087
+ no_automate_dns_zone=False)
1570
3088
  ```
1571
3089
 
1572
3090
  ## Import