1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. compute
  5. ForwardingRule
Google Cloud Classic v7.32.0 published on Tuesday, Jul 16, 2024 by Pulumi

gcp.compute.ForwardingRule

Explore with Pulumi AI

gcp logo
Google Cloud Classic v7.32.0 published on Tuesday, Jul 16, 2024 by Pulumi

    A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given [IPAddress, IPProtocol, portRange] tuple.

    To get more information about ForwardingRule, see:

    Example Usage

    Forwarding Rule Externallb

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const hc = new gcp.compute.RegionHealthCheck("hc", {
        name: "check-website-backend",
        checkIntervalSec: 1,
        timeoutSec: 1,
        region: "us-central1",
        tcpHealthCheck: {
            port: 80,
        },
    });
    const backend = new gcp.compute.RegionBackendService("backend", {
        name: "website-backend",
        region: "us-central1",
        loadBalancingScheme: "EXTERNAL",
        healthChecks: hc.id,
    });
    // Forwarding rule for External Network Load Balancing using Backend Services
    const _default = new gcp.compute.ForwardingRule("default", {
        name: "website-forwarding-rule",
        region: "us-central1",
        portRange: "80",
        backendService: backend.id,
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    hc = gcp.compute.RegionHealthCheck("hc",
        name="check-website-backend",
        check_interval_sec=1,
        timeout_sec=1,
        region="us-central1",
        tcp_health_check={
            "port": 80,
        })
    backend = gcp.compute.RegionBackendService("backend",
        name="website-backend",
        region="us-central1",
        load_balancing_scheme="EXTERNAL",
        health_checks=hc.id)
    # Forwarding rule for External Network Load Balancing using Backend Services
    default = gcp.compute.ForwardingRule("default",
        name="website-forwarding-rule",
        region="us-central1",
        port_range="80",
        backend_service=backend.id)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		hc, err := compute.NewRegionHealthCheck(ctx, "hc", &compute.RegionHealthCheckArgs{
    			Name:             pulumi.String("check-website-backend"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    			Region:           pulumi.String("us-central1"),
    			TcpHealthCheck: &compute.RegionHealthCheckTcpHealthCheckArgs{
    				Port: pulumi.Int(80),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		backend, err := compute.NewRegionBackendService(ctx, "backend", &compute.RegionBackendServiceArgs{
    			Name:                pulumi.String("website-backend"),
    			Region:              pulumi.String("us-central1"),
    			LoadBalancingScheme: pulumi.String("EXTERNAL"),
    			HealthChecks:        hc.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		// Forwarding rule for External Network Load Balancing using Backend Services
    		_, err = compute.NewForwardingRule(ctx, "default", &compute.ForwardingRuleArgs{
    			Name:           pulumi.String("website-forwarding-rule"),
    			Region:         pulumi.String("us-central1"),
    			PortRange:      pulumi.String("80"),
    			BackendService: backend.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var hc = new Gcp.Compute.RegionHealthCheck("hc", new()
        {
            Name = "check-website-backend",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
            Region = "us-central1",
            TcpHealthCheck = new Gcp.Compute.Inputs.RegionHealthCheckTcpHealthCheckArgs
            {
                Port = 80,
            },
        });
    
        var backend = new Gcp.Compute.RegionBackendService("backend", new()
        {
            Name = "website-backend",
            Region = "us-central1",
            LoadBalancingScheme = "EXTERNAL",
            HealthChecks = hc.Id,
        });
    
        // Forwarding rule for External Network Load Balancing using Backend Services
        var @default = new Gcp.Compute.ForwardingRule("default", new()
        {
            Name = "website-forwarding-rule",
            Region = "us-central1",
            PortRange = "80",
            BackendService = backend.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.RegionHealthCheck;
    import com.pulumi.gcp.compute.RegionHealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.RegionHealthCheckTcpHealthCheckArgs;
    import com.pulumi.gcp.compute.RegionBackendService;
    import com.pulumi.gcp.compute.RegionBackendServiceArgs;
    import com.pulumi.gcp.compute.ForwardingRule;
    import com.pulumi.gcp.compute.ForwardingRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var hc = new RegionHealthCheck("hc", RegionHealthCheckArgs.builder()
                .name("check-website-backend")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .region("us-central1")
                .tcpHealthCheck(RegionHealthCheckTcpHealthCheckArgs.builder()
                    .port("80")
                    .build())
                .build());
    
            var backend = new RegionBackendService("backend", RegionBackendServiceArgs.builder()
                .name("website-backend")
                .region("us-central1")
                .loadBalancingScheme("EXTERNAL")
                .healthChecks(hc.id())
                .build());
    
            // Forwarding rule for External Network Load Balancing using Backend Services
            var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
                .name("website-forwarding-rule")
                .region("us-central1")
                .portRange(80)
                .backendService(backend.id())
                .build());
    
        }
    }
    
    resources:
      # Forwarding rule for External Network Load Balancing using Backend Services
      default:
        type: gcp:compute:ForwardingRule
        properties:
          name: website-forwarding-rule
          region: us-central1
          portRange: 80
          backendService: ${backend.id}
      backend:
        type: gcp:compute:RegionBackendService
        properties:
          name: website-backend
          region: us-central1
          loadBalancingScheme: EXTERNAL
          healthChecks: ${hc.id}
      hc:
        type: gcp:compute:RegionHealthCheck
        properties:
          name: check-website-backend
          checkIntervalSec: 1
          timeoutSec: 1
          region: us-central1
          tcpHealthCheck:
            port: '80'
    

    Forwarding Rule Global Internallb

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const hc = new gcp.compute.HealthCheck("hc", {
        name: "check-website-backend",
        checkIntervalSec: 1,
        timeoutSec: 1,
        tcpHealthCheck: {
            port: 80,
        },
    });
    const backend = new gcp.compute.RegionBackendService("backend", {
        name: "website-backend",
        region: "us-central1",
        healthChecks: hc.id,
    });
    const defaultNetwork = new gcp.compute.Network("default", {
        name: "website-net",
        autoCreateSubnetworks: false,
    });
    const defaultSubnetwork = new gcp.compute.Subnetwork("default", {
        name: "website-net",
        ipCidrRange: "10.0.0.0/16",
        region: "us-central1",
        network: defaultNetwork.id,
    });
    // Forwarding rule for Internal Load Balancing
    const _default = new gcp.compute.ForwardingRule("default", {
        name: "website-forwarding-rule",
        region: "us-central1",
        loadBalancingScheme: "INTERNAL",
        backendService: backend.id,
        allPorts: true,
        allowGlobalAccess: true,
        network: defaultNetwork.name,
        subnetwork: defaultSubnetwork.name,
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    hc = gcp.compute.HealthCheck("hc",
        name="check-website-backend",
        check_interval_sec=1,
        timeout_sec=1,
        tcp_health_check={
            "port": 80,
        })
    backend = gcp.compute.RegionBackendService("backend",
        name="website-backend",
        region="us-central1",
        health_checks=hc.id)
    default_network = gcp.compute.Network("default",
        name="website-net",
        auto_create_subnetworks=False)
    default_subnetwork = gcp.compute.Subnetwork("default",
        name="website-net",
        ip_cidr_range="10.0.0.0/16",
        region="us-central1",
        network=default_network.id)
    # Forwarding rule for Internal Load Balancing
    default = gcp.compute.ForwardingRule("default",
        name="website-forwarding-rule",
        region="us-central1",
        load_balancing_scheme="INTERNAL",
        backend_service=backend.id,
        all_ports=True,
        allow_global_access=True,
        network=default_network.name,
        subnetwork=default_subnetwork.name)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		hc, err := compute.NewHealthCheck(ctx, "hc", &compute.HealthCheckArgs{
    			Name:             pulumi.String("check-website-backend"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    			TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
    				Port: pulumi.Int(80),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		backend, err := compute.NewRegionBackendService(ctx, "backend", &compute.RegionBackendServiceArgs{
    			Name:         pulumi.String("website-backend"),
    			Region:       pulumi.String("us-central1"),
    			HealthChecks: hc.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultNetwork, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
    			Name:                  pulumi.String("website-net"),
    			AutoCreateSubnetworks: pulumi.Bool(false),
    		})
    		if err != nil {
    			return err
    		}
    		defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{
    			Name:        pulumi.String("website-net"),
    			IpCidrRange: pulumi.String("10.0.0.0/16"),
    			Region:      pulumi.String("us-central1"),
    			Network:     defaultNetwork.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		// Forwarding rule for Internal Load Balancing
    		_, err = compute.NewForwardingRule(ctx, "default", &compute.ForwardingRuleArgs{
    			Name:                pulumi.String("website-forwarding-rule"),
    			Region:              pulumi.String("us-central1"),
    			LoadBalancingScheme: pulumi.String("INTERNAL"),
    			BackendService:      backend.ID(),
    			AllPorts:            pulumi.Bool(true),
    			AllowGlobalAccess:   pulumi.Bool(true),
    			Network:             defaultNetwork.Name,
    			Subnetwork:          defaultSubnetwork.Name,
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var hc = new Gcp.Compute.HealthCheck("hc", new()
        {
            Name = "check-website-backend",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
            TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
            {
                Port = 80,
            },
        });
    
        var backend = new Gcp.Compute.RegionBackendService("backend", new()
        {
            Name = "website-backend",
            Region = "us-central1",
            HealthChecks = hc.Id,
        });
    
        var defaultNetwork = new Gcp.Compute.Network("default", new()
        {
            Name = "website-net",
            AutoCreateSubnetworks = false,
        });
    
        var defaultSubnetwork = new Gcp.Compute.Subnetwork("default", new()
        {
            Name = "website-net",
            IpCidrRange = "10.0.0.0/16",
            Region = "us-central1",
            Network = defaultNetwork.Id,
        });
    
        // Forwarding rule for Internal Load Balancing
        var @default = new Gcp.Compute.ForwardingRule("default", new()
        {
            Name = "website-forwarding-rule",
            Region = "us-central1",
            LoadBalancingScheme = "INTERNAL",
            BackendService = backend.Id,
            AllPorts = true,
            AllowGlobalAccess = true,
            Network = defaultNetwork.Name,
            Subnetwork = defaultSubnetwork.Name,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
    import com.pulumi.gcp.compute.RegionBackendService;
    import com.pulumi.gcp.compute.RegionBackendServiceArgs;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.ForwardingRule;
    import com.pulumi.gcp.compute.ForwardingRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var hc = new HealthCheck("hc", HealthCheckArgs.builder()
                .name("check-website-backend")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                    .port("80")
                    .build())
                .build());
    
            var backend = new RegionBackendService("backend", RegionBackendServiceArgs.builder()
                .name("website-backend")
                .region("us-central1")
                .healthChecks(hc.id())
                .build());
    
            var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
                .name("website-net")
                .autoCreateSubnetworks(false)
                .build());
    
            var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
                .name("website-net")
                .ipCidrRange("10.0.0.0/16")
                .region("us-central1")
                .network(defaultNetwork.id())
                .build());
    
            // Forwarding rule for Internal Load Balancing
            var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
                .name("website-forwarding-rule")
                .region("us-central1")
                .loadBalancingScheme("INTERNAL")
                .backendService(backend.id())
                .allPorts(true)
                .allowGlobalAccess(true)
                .network(defaultNetwork.name())
                .subnetwork(defaultSubnetwork.name())
                .build());
    
        }
    }
    
    resources:
      # Forwarding rule for Internal Load Balancing
      default:
        type: gcp:compute:ForwardingRule
        properties:
          name: website-forwarding-rule
          region: us-central1
          loadBalancingScheme: INTERNAL
          backendService: ${backend.id}
          allPorts: true
          allowGlobalAccess: true
          network: ${defaultNetwork.name}
          subnetwork: ${defaultSubnetwork.name}
      backend:
        type: gcp:compute:RegionBackendService
        properties:
          name: website-backend
          region: us-central1
          healthChecks: ${hc.id}
      hc:
        type: gcp:compute:HealthCheck
        properties:
          name: check-website-backend
          checkIntervalSec: 1
          timeoutSec: 1
          tcpHealthCheck:
            port: '80'
      defaultNetwork:
        type: gcp:compute:Network
        name: default
        properties:
          name: website-net
          autoCreateSubnetworks: false
      defaultSubnetwork:
        type: gcp:compute:Subnetwork
        name: default
        properties:
          name: website-net
          ipCidrRange: 10.0.0.0/16
          region: us-central1
          network: ${defaultNetwork.id}
    

    Forwarding Rule Basic

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const defaultTargetPool = new gcp.compute.TargetPool("default", {name: "website-target-pool"});
    const _default = new gcp.compute.ForwardingRule("default", {
        name: "website-forwarding-rule",
        target: defaultTargetPool.id,
        portRange: "80",
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    default_target_pool = gcp.compute.TargetPool("default", name="website-target-pool")
    default = gcp.compute.ForwardingRule("default",
        name="website-forwarding-rule",
        target=default_target_pool.id,
        port_range="80")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		defaultTargetPool, err := compute.NewTargetPool(ctx, "default", &compute.TargetPoolArgs{
    			Name: pulumi.String("website-target-pool"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewForwardingRule(ctx, "default", &compute.ForwardingRuleArgs{
    			Name:      pulumi.String("website-forwarding-rule"),
    			Target:    defaultTargetPool.ID(),
    			PortRange: pulumi.String("80"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var defaultTargetPool = new Gcp.Compute.TargetPool("default", new()
        {
            Name = "website-target-pool",
        });
    
        var @default = new Gcp.Compute.ForwardingRule("default", new()
        {
            Name = "website-forwarding-rule",
            Target = defaultTargetPool.Id,
            PortRange = "80",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.TargetPool;
    import com.pulumi.gcp.compute.TargetPoolArgs;
    import com.pulumi.gcp.compute.ForwardingRule;
    import com.pulumi.gcp.compute.ForwardingRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultTargetPool = new TargetPool("defaultTargetPool", TargetPoolArgs.builder()
                .name("website-target-pool")
                .build());
    
            var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
                .name("website-forwarding-rule")
                .target(defaultTargetPool.id())
                .portRange("80")
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:ForwardingRule
        properties:
          name: website-forwarding-rule
          target: ${defaultTargetPool.id}
          portRange: '80'
      defaultTargetPool:
        type: gcp:compute:TargetPool
        name: default
        properties:
          name: website-target-pool
    

    Forwarding Rule L3 Default

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const healthCheck = new gcp.compute.RegionHealthCheck("health_check", {
        name: "health-check",
        region: "us-central1",
        tcpHealthCheck: {
            port: 80,
        },
    });
    const service = new gcp.compute.RegionBackendService("service", {
        region: "us-central1",
        name: "service",
        healthChecks: healthCheck.id,
        protocol: "UNSPECIFIED",
        loadBalancingScheme: "EXTERNAL",
    });
    const fwdRule = new gcp.compute.ForwardingRule("fwd_rule", {
        name: "l3-forwarding-rule",
        backendService: service.id,
        ipProtocol: "L3_DEFAULT",
        allPorts: true,
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    health_check = gcp.compute.RegionHealthCheck("health_check",
        name="health-check",
        region="us-central1",
        tcp_health_check={
            "port": 80,
        })
    service = gcp.compute.RegionBackendService("service",
        region="us-central1",
        name="service",
        health_checks=health_check.id,
        protocol="UNSPECIFIED",
        load_balancing_scheme="EXTERNAL")
    fwd_rule = gcp.compute.ForwardingRule("fwd_rule",
        name="l3-forwarding-rule",
        backend_service=service.id,
        ip_protocol="L3_DEFAULT",
        all_ports=True)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		healthCheck, err := compute.NewRegionHealthCheck(ctx, "health_check", &compute.RegionHealthCheckArgs{
    			Name:   pulumi.String("health-check"),
    			Region: pulumi.String("us-central1"),
    			TcpHealthCheck: &compute.RegionHealthCheckTcpHealthCheckArgs{
    				Port: pulumi.Int(80),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		service, err := compute.NewRegionBackendService(ctx, "service", &compute.RegionBackendServiceArgs{
    			Region:              pulumi.String("us-central1"),
    			Name:                pulumi.String("service"),
    			HealthChecks:        healthCheck.ID(),
    			Protocol:            pulumi.String("UNSPECIFIED"),
    			LoadBalancingScheme: pulumi.String("EXTERNAL"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewForwardingRule(ctx, "fwd_rule", &compute.ForwardingRuleArgs{
    			Name:           pulumi.String("l3-forwarding-rule"),
    			BackendService: service.ID(),
    			IpProtocol:     pulumi.String("L3_DEFAULT"),
    			AllPorts:       pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var healthCheck = new Gcp.Compute.RegionHealthCheck("health_check", new()
        {
            Name = "health-check",
            Region = "us-central1",
            TcpHealthCheck = new Gcp.Compute.Inputs.RegionHealthCheckTcpHealthCheckArgs
            {
                Port = 80,
            },
        });
    
        var service = new Gcp.Compute.RegionBackendService("service", new()
        {
            Region = "us-central1",
            Name = "service",
            HealthChecks = healthCheck.Id,
            Protocol = "UNSPECIFIED",
            LoadBalancingScheme = "EXTERNAL",
        });
    
        var fwdRule = new Gcp.Compute.ForwardingRule("fwd_rule", new()
        {
            Name = "l3-forwarding-rule",
            BackendService = service.Id,
            IpProtocol = "L3_DEFAULT",
            AllPorts = true,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.RegionHealthCheck;
    import com.pulumi.gcp.compute.RegionHealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.RegionHealthCheckTcpHealthCheckArgs;
    import com.pulumi.gcp.compute.RegionBackendService;
    import com.pulumi.gcp.compute.RegionBackendServiceArgs;
    import com.pulumi.gcp.compute.ForwardingRule;
    import com.pulumi.gcp.compute.ForwardingRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var healthCheck = new RegionHealthCheck("healthCheck", RegionHealthCheckArgs.builder()
                .name("health-check")
                .region("us-central1")
                .tcpHealthCheck(RegionHealthCheckTcpHealthCheckArgs.builder()
                    .port(80)
                    .build())
                .build());
    
            var service = new RegionBackendService("service", RegionBackendServiceArgs.builder()
                .region("us-central1")
                .name("service")
                .healthChecks(healthCheck.id())
                .protocol("UNSPECIFIED")
                .loadBalancingScheme("EXTERNAL")
                .build());
    
            var fwdRule = new ForwardingRule("fwdRule", ForwardingRuleArgs.builder()
                .name("l3-forwarding-rule")
                .backendService(service.id())
                .ipProtocol("L3_DEFAULT")
                .allPorts(true)
                .build());
    
        }
    }
    
    resources:
      fwdRule:
        type: gcp:compute:ForwardingRule
        name: fwd_rule
        properties:
          name: l3-forwarding-rule
          backendService: ${service.id}
          ipProtocol: L3_DEFAULT
          allPorts: true
      service:
        type: gcp:compute:RegionBackendService
        properties:
          region: us-central1
          name: service
          healthChecks: ${healthCheck.id}
          protocol: UNSPECIFIED
          loadBalancingScheme: EXTERNAL
      healthCheck:
        type: gcp:compute:RegionHealthCheck
        name: health_check
        properties:
          name: health-check
          region: us-central1
          tcpHealthCheck:
            port: 80
    

    Forwarding Rule Internallb

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const hc = new gcp.compute.HealthCheck("hc", {
        name: "check-website-backend",
        checkIntervalSec: 1,
        timeoutSec: 1,
        tcpHealthCheck: {
            port: 80,
        },
    });
    const backend = new gcp.compute.RegionBackendService("backend", {
        name: "website-backend",
        region: "us-central1",
        healthChecks: hc.id,
    });
    const defaultNetwork = new gcp.compute.Network("default", {
        name: "website-net",
        autoCreateSubnetworks: false,
    });
    const defaultSubnetwork = new gcp.compute.Subnetwork("default", {
        name: "website-net",
        ipCidrRange: "10.0.0.0/16",
        region: "us-central1",
        network: defaultNetwork.id,
    });
    // Forwarding rule for Internal Load Balancing
    const _default = new gcp.compute.ForwardingRule("default", {
        name: "website-forwarding-rule",
        region: "us-central1",
        loadBalancingScheme: "INTERNAL",
        backendService: backend.id,
        allPorts: true,
        network: defaultNetwork.name,
        subnetwork: defaultSubnetwork.name,
        ipVersion: "IPV4",
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    hc = gcp.compute.HealthCheck("hc",
        name="check-website-backend",
        check_interval_sec=1,
        timeout_sec=1,
        tcp_health_check={
            "port": 80,
        })
    backend = gcp.compute.RegionBackendService("backend",
        name="website-backend",
        region="us-central1",
        health_checks=hc.id)
    default_network = gcp.compute.Network("default",
        name="website-net",
        auto_create_subnetworks=False)
    default_subnetwork = gcp.compute.Subnetwork("default",
        name="website-net",
        ip_cidr_range="10.0.0.0/16",
        region="us-central1",
        network=default_network.id)
    # Forwarding rule for Internal Load Balancing
    default = gcp.compute.ForwardingRule("default",
        name="website-forwarding-rule",
        region="us-central1",
        load_balancing_scheme="INTERNAL",
        backend_service=backend.id,
        all_ports=True,
        network=default_network.name,
        subnetwork=default_subnetwork.name,
        ip_version="IPV4")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		hc, err := compute.NewHealthCheck(ctx, "hc", &compute.HealthCheckArgs{
    			Name:             pulumi.String("check-website-backend"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    			TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
    				Port: pulumi.Int(80),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		backend, err := compute.NewRegionBackendService(ctx, "backend", &compute.RegionBackendServiceArgs{
    			Name:         pulumi.String("website-backend"),
    			Region:       pulumi.String("us-central1"),
    			HealthChecks: hc.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultNetwork, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
    			Name:                  pulumi.String("website-net"),
    			AutoCreateSubnetworks: pulumi.Bool(false),
    		})
    		if err != nil {
    			return err
    		}
    		defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{
    			Name:        pulumi.String("website-net"),
    			IpCidrRange: pulumi.String("10.0.0.0/16"),
    			Region:      pulumi.String("us-central1"),
    			Network:     defaultNetwork.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		// Forwarding rule for Internal Load Balancing
    		_, err = compute.NewForwardingRule(ctx, "default", &compute.ForwardingRuleArgs{
    			Name:                pulumi.String("website-forwarding-rule"),
    			Region:              pulumi.String("us-central1"),
    			LoadBalancingScheme: pulumi.String("INTERNAL"),
    			BackendService:      backend.ID(),
    			AllPorts:            pulumi.Bool(true),
    			Network:             defaultNetwork.Name,
    			Subnetwork:          defaultSubnetwork.Name,
    			IpVersion:           pulumi.String("IPV4"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var hc = new Gcp.Compute.HealthCheck("hc", new()
        {
            Name = "check-website-backend",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
            TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
            {
                Port = 80,
            },
        });
    
        var backend = new Gcp.Compute.RegionBackendService("backend", new()
        {
            Name = "website-backend",
            Region = "us-central1",
            HealthChecks = hc.Id,
        });
    
        var defaultNetwork = new Gcp.Compute.Network("default", new()
        {
            Name = "website-net",
            AutoCreateSubnetworks = false,
        });
    
        var defaultSubnetwork = new Gcp.Compute.Subnetwork("default", new()
        {
            Name = "website-net",
            IpCidrRange = "10.0.0.0/16",
            Region = "us-central1",
            Network = defaultNetwork.Id,
        });
    
        // Forwarding rule for Internal Load Balancing
        var @default = new Gcp.Compute.ForwardingRule("default", new()
        {
            Name = "website-forwarding-rule",
            Region = "us-central1",
            LoadBalancingScheme = "INTERNAL",
            BackendService = backend.Id,
            AllPorts = true,
            Network = defaultNetwork.Name,
            Subnetwork = defaultSubnetwork.Name,
            IpVersion = "IPV4",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
    import com.pulumi.gcp.compute.RegionBackendService;
    import com.pulumi.gcp.compute.RegionBackendServiceArgs;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.ForwardingRule;
    import com.pulumi.gcp.compute.ForwardingRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var hc = new HealthCheck("hc", HealthCheckArgs.builder()
                .name("check-website-backend")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                    .port("80")
                    .build())
                .build());
    
            var backend = new RegionBackendService("backend", RegionBackendServiceArgs.builder()
                .name("website-backend")
                .region("us-central1")
                .healthChecks(hc.id())
                .build());
    
            var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
                .name("website-net")
                .autoCreateSubnetworks(false)
                .build());
    
            var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
                .name("website-net")
                .ipCidrRange("10.0.0.0/16")
                .region("us-central1")
                .network(defaultNetwork.id())
                .build());
    
            // Forwarding rule for Internal Load Balancing
            var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
                .name("website-forwarding-rule")
                .region("us-central1")
                .loadBalancingScheme("INTERNAL")
                .backendService(backend.id())
                .allPorts(true)
                .network(defaultNetwork.name())
                .subnetwork(defaultSubnetwork.name())
                .ipVersion("IPV4")
                .build());
    
        }
    }
    
    resources:
      # Forwarding rule for Internal Load Balancing
      default:
        type: gcp:compute:ForwardingRule
        properties:
          name: website-forwarding-rule
          region: us-central1
          loadBalancingScheme: INTERNAL
          backendService: ${backend.id}
          allPorts: true
          network: ${defaultNetwork.name}
          subnetwork: ${defaultSubnetwork.name}
          ipVersion: IPV4
      backend:
        type: gcp:compute:RegionBackendService
        properties:
          name: website-backend
          region: us-central1
          healthChecks: ${hc.id}
      hc:
        type: gcp:compute:HealthCheck
        properties:
          name: check-website-backend
          checkIntervalSec: 1
          timeoutSec: 1
          tcpHealthCheck:
            port: '80'
      defaultNetwork:
        type: gcp:compute:Network
        name: default
        properties:
          name: website-net
          autoCreateSubnetworks: false
      defaultSubnetwork:
        type: gcp:compute:Subnetwork
        name: default
        properties:
          name: website-net
          ipCidrRange: 10.0.0.0/16
          region: us-central1
          network: ${defaultNetwork.id}
    

    Forwarding Rule Http Lb

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const debianImage = gcp.compute.getImage({
        family: "debian-11",
        project: "debian-cloud",
    });
    const defaultNetwork = new gcp.compute.Network("default", {
        name: "website-net",
        autoCreateSubnetworks: false,
        routingMode: "REGIONAL",
    });
    const defaultSubnetwork = new gcp.compute.Subnetwork("default", {
        name: "website-net-default",
        ipCidrRange: "10.1.2.0/24",
        region: "us-central1",
        network: defaultNetwork.id,
    });
    const instanceTemplate = new gcp.compute.InstanceTemplate("instance_template", {
        name: "template-website-backend",
        machineType: "e2-medium",
        networkInterfaces: [{
            network: defaultNetwork.id,
            subnetwork: defaultSubnetwork.id,
        }],
        disks: [{
            sourceImage: debianImage.then(debianImage => debianImage.selfLink),
            autoDelete: true,
            boot: true,
        }],
        tags: [
            "allow-ssh",
            "load-balanced-backend",
        ],
    });
    const rigm = new gcp.compute.RegionInstanceGroupManager("rigm", {
        region: "us-central1",
        name: "website-rigm",
        versions: [{
            instanceTemplate: instanceTemplate.id,
            name: "primary",
        }],
        baseInstanceName: "internal-glb",
        targetSize: 1,
    });
    const fw1 = new gcp.compute.Firewall("fw1", {
        name: "website-fw-1",
        network: defaultNetwork.id,
        sourceRanges: ["10.1.2.0/24"],
        allows: [
            {
                protocol: "tcp",
            },
            {
                protocol: "udp",
            },
            {
                protocol: "icmp",
            },
        ],
        direction: "INGRESS",
    });
    const fw2 = new gcp.compute.Firewall("fw2", {
        name: "website-fw-2",
        network: defaultNetwork.id,
        sourceRanges: ["0.0.0.0/0"],
        allows: [{
            protocol: "tcp",
            ports: ["22"],
        }],
        targetTags: ["allow-ssh"],
        direction: "INGRESS",
    }, {
        dependsOn: [fw1],
    });
    const fw3 = new gcp.compute.Firewall("fw3", {
        name: "website-fw-3",
        network: defaultNetwork.id,
        sourceRanges: [
            "130.211.0.0/22",
            "35.191.0.0/16",
        ],
        allows: [{
            protocol: "tcp",
        }],
        targetTags: ["load-balanced-backend"],
        direction: "INGRESS",
    }, {
        dependsOn: [fw2],
    });
    const fw4 = new gcp.compute.Firewall("fw4", {
        name: "website-fw-4",
        network: defaultNetwork.id,
        sourceRanges: ["10.129.0.0/26"],
        targetTags: ["load-balanced-backend"],
        allows: [
            {
                protocol: "tcp",
                ports: ["80"],
            },
            {
                protocol: "tcp",
                ports: ["443"],
            },
            {
                protocol: "tcp",
                ports: ["8000"],
            },
        ],
        direction: "INGRESS",
    }, {
        dependsOn: [fw3],
    });
    const defaultRegionHealthCheck = new gcp.compute.RegionHealthCheck("default", {
        region: "us-central1",
        name: "website-hc",
        httpHealthCheck: {
            portSpecification: "USE_SERVING_PORT",
        },
    }, {
        dependsOn: [fw4],
    });
    const defaultRegionBackendService = new gcp.compute.RegionBackendService("default", {
        loadBalancingScheme: "INTERNAL_MANAGED",
        backends: [{
            group: rigm.instanceGroup,
            balancingMode: "UTILIZATION",
            capacityScaler: 1,
        }],
        region: "us-central1",
        name: "website-backend",
        protocol: "HTTP",
        timeoutSec: 10,
        healthChecks: defaultRegionHealthCheck.id,
    });
    const defaultRegionUrlMap = new gcp.compute.RegionUrlMap("default", {
        region: "us-central1",
        name: "website-map",
        defaultService: defaultRegionBackendService.id,
    });
    const defaultRegionTargetHttpProxy = new gcp.compute.RegionTargetHttpProxy("default", {
        region: "us-central1",
        name: "website-proxy",
        urlMap: defaultRegionUrlMap.id,
    });
    const proxy = new gcp.compute.Subnetwork("proxy", {
        name: "website-net-proxy",
        ipCidrRange: "10.129.0.0/26",
        region: "us-central1",
        network: defaultNetwork.id,
        purpose: "REGIONAL_MANAGED_PROXY",
        role: "ACTIVE",
    });
    // Forwarding rule for Internal Load Balancing
    const _default = new gcp.compute.ForwardingRule("default", {
        name: "website-forwarding-rule",
        region: "us-central1",
        ipProtocol: "TCP",
        loadBalancingScheme: "INTERNAL_MANAGED",
        portRange: "80",
        target: defaultRegionTargetHttpProxy.id,
        network: defaultNetwork.id,
        subnetwork: defaultSubnetwork.id,
        networkTier: "PREMIUM",
    }, {
        dependsOn: [proxy],
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    debian_image = gcp.compute.get_image(family="debian-11",
        project="debian-cloud")
    default_network = gcp.compute.Network("default",
        name="website-net",
        auto_create_subnetworks=False,
        routing_mode="REGIONAL")
    default_subnetwork = gcp.compute.Subnetwork("default",
        name="website-net-default",
        ip_cidr_range="10.1.2.0/24",
        region="us-central1",
        network=default_network.id)
    instance_template = gcp.compute.InstanceTemplate("instance_template",
        name="template-website-backend",
        machine_type="e2-medium",
        network_interfaces=[{
            "network": default_network.id,
            "subnetwork": default_subnetwork.id,
        }],
        disks=[{
            "sourceImage": debian_image.self_link,
            "autoDelete": True,
            "boot": True,
        }],
        tags=[
            "allow-ssh",
            "load-balanced-backend",
        ])
    rigm = gcp.compute.RegionInstanceGroupManager("rigm",
        region="us-central1",
        name="website-rigm",
        versions=[{
            "instanceTemplate": instance_template.id,
            "name": "primary",
        }],
        base_instance_name="internal-glb",
        target_size=1)
    fw1 = gcp.compute.Firewall("fw1",
        name="website-fw-1",
        network=default_network.id,
        source_ranges=["10.1.2.0/24"],
        allows=[
            {
                "protocol": "tcp",
            },
            {
                "protocol": "udp",
            },
            {
                "protocol": "icmp",
            },
        ],
        direction="INGRESS")
    fw2 = gcp.compute.Firewall("fw2",
        name="website-fw-2",
        network=default_network.id,
        source_ranges=["0.0.0.0/0"],
        allows=[{
            "protocol": "tcp",
            "ports": ["22"],
        }],
        target_tags=["allow-ssh"],
        direction="INGRESS",
        opts = pulumi.ResourceOptions(depends_on=[fw1]))
    fw3 = gcp.compute.Firewall("fw3",
        name="website-fw-3",
        network=default_network.id,
        source_ranges=[
            "130.211.0.0/22",
            "35.191.0.0/16",
        ],
        allows=[{
            "protocol": "tcp",
        }],
        target_tags=["load-balanced-backend"],
        direction="INGRESS",
        opts = pulumi.ResourceOptions(depends_on=[fw2]))
    fw4 = gcp.compute.Firewall("fw4",
        name="website-fw-4",
        network=default_network.id,
        source_ranges=["10.129.0.0/26"],
        target_tags=["load-balanced-backend"],
        allows=[
            {
                "protocol": "tcp",
                "ports": ["80"],
            },
            {
                "protocol": "tcp",
                "ports": ["443"],
            },
            {
                "protocol": "tcp",
                "ports": ["8000"],
            },
        ],
        direction="INGRESS",
        opts = pulumi.ResourceOptions(depends_on=[fw3]))
    default_region_health_check = gcp.compute.RegionHealthCheck("default",
        region="us-central1",
        name="website-hc",
        http_health_check={
            "portSpecification": "USE_SERVING_PORT",
        },
        opts = pulumi.ResourceOptions(depends_on=[fw4]))
    default_region_backend_service = gcp.compute.RegionBackendService("default",
        load_balancing_scheme="INTERNAL_MANAGED",
        backends=[{
            "group": rigm.instance_group,
            "balancingMode": "UTILIZATION",
            "capacityScaler": 1,
        }],
        region="us-central1",
        name="website-backend",
        protocol="HTTP",
        timeout_sec=10,
        health_checks=default_region_health_check.id)
    default_region_url_map = gcp.compute.RegionUrlMap("default",
        region="us-central1",
        name="website-map",
        default_service=default_region_backend_service.id)
    default_region_target_http_proxy = gcp.compute.RegionTargetHttpProxy("default",
        region="us-central1",
        name="website-proxy",
        url_map=default_region_url_map.id)
    proxy = gcp.compute.Subnetwork("proxy",
        name="website-net-proxy",
        ip_cidr_range="10.129.0.0/26",
        region="us-central1",
        network=default_network.id,
        purpose="REGIONAL_MANAGED_PROXY",
        role="ACTIVE")
    # Forwarding rule for Internal Load Balancing
    default = gcp.compute.ForwardingRule("default",
        name="website-forwarding-rule",
        region="us-central1",
        ip_protocol="TCP",
        load_balancing_scheme="INTERNAL_MANAGED",
        port_range="80",
        target=default_region_target_http_proxy.id,
        network=default_network.id,
        subnetwork=default_subnetwork.id,
        network_tier="PREMIUM",
        opts = pulumi.ResourceOptions(depends_on=[proxy]))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		debianImage, err := compute.LookupImage(ctx, &compute.LookupImageArgs{
    			Family:  pulumi.StringRef("debian-11"),
    			Project: pulumi.StringRef("debian-cloud"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		defaultNetwork, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
    			Name:                  pulumi.String("website-net"),
    			AutoCreateSubnetworks: pulumi.Bool(false),
    			RoutingMode:           pulumi.String("REGIONAL"),
    		})
    		if err != nil {
    			return err
    		}
    		defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{
    			Name:        pulumi.String("website-net-default"),
    			IpCidrRange: pulumi.String("10.1.2.0/24"),
    			Region:      pulumi.String("us-central1"),
    			Network:     defaultNetwork.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		instanceTemplate, err := compute.NewInstanceTemplate(ctx, "instance_template", &compute.InstanceTemplateArgs{
    			Name:        pulumi.String("template-website-backend"),
    			MachineType: pulumi.String("e2-medium"),
    			NetworkInterfaces: compute.InstanceTemplateNetworkInterfaceArray{
    				&compute.InstanceTemplateNetworkInterfaceArgs{
    					Network:    defaultNetwork.ID(),
    					Subnetwork: defaultSubnetwork.ID(),
    				},
    			},
    			Disks: compute.InstanceTemplateDiskArray{
    				&compute.InstanceTemplateDiskArgs{
    					SourceImage: pulumi.String(debianImage.SelfLink),
    					AutoDelete:  pulumi.Bool(true),
    					Boot:        pulumi.Bool(true),
    				},
    			},
    			Tags: pulumi.StringArray{
    				pulumi.String("allow-ssh"),
    				pulumi.String("load-balanced-backend"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		rigm, err := compute.NewRegionInstanceGroupManager(ctx, "rigm", &compute.RegionInstanceGroupManagerArgs{
    			Region: pulumi.String("us-central1"),
    			Name:   pulumi.String("website-rigm"),
    			Versions: compute.RegionInstanceGroupManagerVersionArray{
    				&compute.RegionInstanceGroupManagerVersionArgs{
    					InstanceTemplate: instanceTemplate.ID(),
    					Name:             pulumi.String("primary"),
    				},
    			},
    			BaseInstanceName: pulumi.String("internal-glb"),
    			TargetSize:       pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		fw1, err := compute.NewFirewall(ctx, "fw1", &compute.FirewallArgs{
    			Name:    pulumi.String("website-fw-1"),
    			Network: defaultNetwork.ID(),
    			SourceRanges: pulumi.StringArray{
    				pulumi.String("10.1.2.0/24"),
    			},
    			Allows: compute.FirewallAllowArray{
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    				},
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("udp"),
    				},
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("icmp"),
    				},
    			},
    			Direction: pulumi.String("INGRESS"),
    		})
    		if err != nil {
    			return err
    		}
    		fw2, err := compute.NewFirewall(ctx, "fw2", &compute.FirewallArgs{
    			Name:    pulumi.String("website-fw-2"),
    			Network: defaultNetwork.ID(),
    			SourceRanges: pulumi.StringArray{
    				pulumi.String("0.0.0.0/0"),
    			},
    			Allows: compute.FirewallAllowArray{
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    					Ports: pulumi.StringArray{
    						pulumi.String("22"),
    					},
    				},
    			},
    			TargetTags: pulumi.StringArray{
    				pulumi.String("allow-ssh"),
    			},
    			Direction: pulumi.String("INGRESS"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			fw1,
    		}))
    		if err != nil {
    			return err
    		}
    		fw3, err := compute.NewFirewall(ctx, "fw3", &compute.FirewallArgs{
    			Name:    pulumi.String("website-fw-3"),
    			Network: defaultNetwork.ID(),
    			SourceRanges: pulumi.StringArray{
    				pulumi.String("130.211.0.0/22"),
    				pulumi.String("35.191.0.0/16"),
    			},
    			Allows: compute.FirewallAllowArray{
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    				},
    			},
    			TargetTags: pulumi.StringArray{
    				pulumi.String("load-balanced-backend"),
    			},
    			Direction: pulumi.String("INGRESS"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			fw2,
    		}))
    		if err != nil {
    			return err
    		}
    		fw4, err := compute.NewFirewall(ctx, "fw4", &compute.FirewallArgs{
    			Name:    pulumi.String("website-fw-4"),
    			Network: defaultNetwork.ID(),
    			SourceRanges: pulumi.StringArray{
    				pulumi.String("10.129.0.0/26"),
    			},
    			TargetTags: pulumi.StringArray{
    				pulumi.String("load-balanced-backend"),
    			},
    			Allows: compute.FirewallAllowArray{
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    					Ports: pulumi.StringArray{
    						pulumi.String("80"),
    					},
    				},
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    					Ports: pulumi.StringArray{
    						pulumi.String("443"),
    					},
    				},
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    					Ports: pulumi.StringArray{
    						pulumi.String("8000"),
    					},
    				},
    			},
    			Direction: pulumi.String("INGRESS"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			fw3,
    		}))
    		if err != nil {
    			return err
    		}
    		defaultRegionHealthCheck, err := compute.NewRegionHealthCheck(ctx, "default", &compute.RegionHealthCheckArgs{
    			Region: pulumi.String("us-central1"),
    			Name:   pulumi.String("website-hc"),
    			HttpHealthCheck: &compute.RegionHealthCheckHttpHealthCheckArgs{
    				PortSpecification: pulumi.String("USE_SERVING_PORT"),
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			fw4,
    		}))
    		if err != nil {
    			return err
    		}
    		defaultRegionBackendService, err := compute.NewRegionBackendService(ctx, "default", &compute.RegionBackendServiceArgs{
    			LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
    			Backends: compute.RegionBackendServiceBackendArray{
    				&compute.RegionBackendServiceBackendArgs{
    					Group:          rigm.InstanceGroup,
    					BalancingMode:  pulumi.String("UTILIZATION"),
    					CapacityScaler: pulumi.Float64(1),
    				},
    			},
    			Region:       pulumi.String("us-central1"),
    			Name:         pulumi.String("website-backend"),
    			Protocol:     pulumi.String("HTTP"),
    			TimeoutSec:   pulumi.Int(10),
    			HealthChecks: defaultRegionHealthCheck.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultRegionUrlMap, err := compute.NewRegionUrlMap(ctx, "default", &compute.RegionUrlMapArgs{
    			Region:         pulumi.String("us-central1"),
    			Name:           pulumi.String("website-map"),
    			DefaultService: defaultRegionBackendService.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultRegionTargetHttpProxy, err := compute.NewRegionTargetHttpProxy(ctx, "default", &compute.RegionTargetHttpProxyArgs{
    			Region: pulumi.String("us-central1"),
    			Name:   pulumi.String("website-proxy"),
    			UrlMap: defaultRegionUrlMap.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		proxy, err := compute.NewSubnetwork(ctx, "proxy", &compute.SubnetworkArgs{
    			Name:        pulumi.String("website-net-proxy"),
    			IpCidrRange: pulumi.String("10.129.0.0/26"),
    			Region:      pulumi.String("us-central1"),
    			Network:     defaultNetwork.ID(),
    			Purpose:     pulumi.String("REGIONAL_MANAGED_PROXY"),
    			Role:        pulumi.String("ACTIVE"),
    		})
    		if err != nil {
    			return err
    		}
    		// Forwarding rule for Internal Load Balancing
    		_, err = compute.NewForwardingRule(ctx, "default", &compute.ForwardingRuleArgs{
    			Name:                pulumi.String("website-forwarding-rule"),
    			Region:              pulumi.String("us-central1"),
    			IpProtocol:          pulumi.String("TCP"),
    			LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
    			PortRange:           pulumi.String("80"),
    			Target:              defaultRegionTargetHttpProxy.ID(),
    			Network:             defaultNetwork.ID(),
    			Subnetwork:          defaultSubnetwork.ID(),
    			NetworkTier:         pulumi.String("PREMIUM"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			proxy,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var debianImage = Gcp.Compute.GetImage.Invoke(new()
        {
            Family = "debian-11",
            Project = "debian-cloud",
        });
    
        var defaultNetwork = new Gcp.Compute.Network("default", new()
        {
            Name = "website-net",
            AutoCreateSubnetworks = false,
            RoutingMode = "REGIONAL",
        });
    
        var defaultSubnetwork = new Gcp.Compute.Subnetwork("default", new()
        {
            Name = "website-net-default",
            IpCidrRange = "10.1.2.0/24",
            Region = "us-central1",
            Network = defaultNetwork.Id,
        });
    
        var instanceTemplate = new Gcp.Compute.InstanceTemplate("instance_template", new()
        {
            Name = "template-website-backend",
            MachineType = "e2-medium",
            NetworkInterfaces = new[]
            {
                new Gcp.Compute.Inputs.InstanceTemplateNetworkInterfaceArgs
                {
                    Network = defaultNetwork.Id,
                    Subnetwork = defaultSubnetwork.Id,
                },
            },
            Disks = new[]
            {
                new Gcp.Compute.Inputs.InstanceTemplateDiskArgs
                {
                    SourceImage = debianImage.Apply(getImageResult => getImageResult.SelfLink),
                    AutoDelete = true,
                    Boot = true,
                },
            },
            Tags = new[]
            {
                "allow-ssh",
                "load-balanced-backend",
            },
        });
    
        var rigm = new Gcp.Compute.RegionInstanceGroupManager("rigm", new()
        {
            Region = "us-central1",
            Name = "website-rigm",
            Versions = new[]
            {
                new Gcp.Compute.Inputs.RegionInstanceGroupManagerVersionArgs
                {
                    InstanceTemplate = instanceTemplate.Id,
                    Name = "primary",
                },
            },
            BaseInstanceName = "internal-glb",
            TargetSize = 1,
        });
    
        var fw1 = new Gcp.Compute.Firewall("fw1", new()
        {
            Name = "website-fw-1",
            Network = defaultNetwork.Id,
            SourceRanges = new[]
            {
                "10.1.2.0/24",
            },
            Allows = new[]
            {
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                },
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "udp",
                },
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "icmp",
                },
            },
            Direction = "INGRESS",
        });
    
        var fw2 = new Gcp.Compute.Firewall("fw2", new()
        {
            Name = "website-fw-2",
            Network = defaultNetwork.Id,
            SourceRanges = new[]
            {
                "0.0.0.0/0",
            },
            Allows = new[]
            {
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                    Ports = new[]
                    {
                        "22",
                    },
                },
            },
            TargetTags = new[]
            {
                "allow-ssh",
            },
            Direction = "INGRESS",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                fw1,
            },
        });
    
        var fw3 = new Gcp.Compute.Firewall("fw3", new()
        {
            Name = "website-fw-3",
            Network = defaultNetwork.Id,
            SourceRanges = new[]
            {
                "130.211.0.0/22",
                "35.191.0.0/16",
            },
            Allows = new[]
            {
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                },
            },
            TargetTags = new[]
            {
                "load-balanced-backend",
            },
            Direction = "INGRESS",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                fw2,
            },
        });
    
        var fw4 = new Gcp.Compute.Firewall("fw4", new()
        {
            Name = "website-fw-4",
            Network = defaultNetwork.Id,
            SourceRanges = new[]
            {
                "10.129.0.0/26",
            },
            TargetTags = new[]
            {
                "load-balanced-backend",
            },
            Allows = new[]
            {
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                    Ports = new[]
                    {
                        "80",
                    },
                },
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                    Ports = new[]
                    {
                        "443",
                    },
                },
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                    Ports = new[]
                    {
                        "8000",
                    },
                },
            },
            Direction = "INGRESS",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                fw3,
            },
        });
    
        var defaultRegionHealthCheck = new Gcp.Compute.RegionHealthCheck("default", new()
        {
            Region = "us-central1",
            Name = "website-hc",
            HttpHealthCheck = new Gcp.Compute.Inputs.RegionHealthCheckHttpHealthCheckArgs
            {
                PortSpecification = "USE_SERVING_PORT",
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                fw4,
            },
        });
    
        var defaultRegionBackendService = new Gcp.Compute.RegionBackendService("default", new()
        {
            LoadBalancingScheme = "INTERNAL_MANAGED",
            Backends = new[]
            {
                new Gcp.Compute.Inputs.RegionBackendServiceBackendArgs
                {
                    Group = rigm.InstanceGroup,
                    BalancingMode = "UTILIZATION",
                    CapacityScaler = 1,
                },
            },
            Region = "us-central1",
            Name = "website-backend",
            Protocol = "HTTP",
            TimeoutSec = 10,
            HealthChecks = defaultRegionHealthCheck.Id,
        });
    
        var defaultRegionUrlMap = new Gcp.Compute.RegionUrlMap("default", new()
        {
            Region = "us-central1",
            Name = "website-map",
            DefaultService = defaultRegionBackendService.Id,
        });
    
        var defaultRegionTargetHttpProxy = new Gcp.Compute.RegionTargetHttpProxy("default", new()
        {
            Region = "us-central1",
            Name = "website-proxy",
            UrlMap = defaultRegionUrlMap.Id,
        });
    
        var proxy = new Gcp.Compute.Subnetwork("proxy", new()
        {
            Name = "website-net-proxy",
            IpCidrRange = "10.129.0.0/26",
            Region = "us-central1",
            Network = defaultNetwork.Id,
            Purpose = "REGIONAL_MANAGED_PROXY",
            Role = "ACTIVE",
        });
    
        // Forwarding rule for Internal Load Balancing
        var @default = new Gcp.Compute.ForwardingRule("default", new()
        {
            Name = "website-forwarding-rule",
            Region = "us-central1",
            IpProtocol = "TCP",
            LoadBalancingScheme = "INTERNAL_MANAGED",
            PortRange = "80",
            Target = defaultRegionTargetHttpProxy.Id,
            Network = defaultNetwork.Id,
            Subnetwork = defaultSubnetwork.Id,
            NetworkTier = "PREMIUM",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                proxy,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.ComputeFunctions;
    import com.pulumi.gcp.compute.inputs.GetImageArgs;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.InstanceTemplate;
    import com.pulumi.gcp.compute.InstanceTemplateArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
    import com.pulumi.gcp.compute.RegionInstanceGroupManager;
    import com.pulumi.gcp.compute.RegionInstanceGroupManagerArgs;
    import com.pulumi.gcp.compute.inputs.RegionInstanceGroupManagerVersionArgs;
    import com.pulumi.gcp.compute.Firewall;
    import com.pulumi.gcp.compute.FirewallArgs;
    import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
    import com.pulumi.gcp.compute.RegionHealthCheck;
    import com.pulumi.gcp.compute.RegionHealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
    import com.pulumi.gcp.compute.RegionBackendService;
    import com.pulumi.gcp.compute.RegionBackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.RegionBackendServiceBackendArgs;
    import com.pulumi.gcp.compute.RegionUrlMap;
    import com.pulumi.gcp.compute.RegionUrlMapArgs;
    import com.pulumi.gcp.compute.RegionTargetHttpProxy;
    import com.pulumi.gcp.compute.RegionTargetHttpProxyArgs;
    import com.pulumi.gcp.compute.ForwardingRule;
    import com.pulumi.gcp.compute.ForwardingRuleArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var debianImage = ComputeFunctions.getImage(GetImageArgs.builder()
                .family("debian-11")
                .project("debian-cloud")
                .build());
    
            var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
                .name("website-net")
                .autoCreateSubnetworks(false)
                .routingMode("REGIONAL")
                .build());
    
            var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
                .name("website-net-default")
                .ipCidrRange("10.1.2.0/24")
                .region("us-central1")
                .network(defaultNetwork.id())
                .build());
    
            var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
                .name("template-website-backend")
                .machineType("e2-medium")
                .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
                    .network(defaultNetwork.id())
                    .subnetwork(defaultSubnetwork.id())
                    .build())
                .disks(InstanceTemplateDiskArgs.builder()
                    .sourceImage(debianImage.applyValue(getImageResult -> getImageResult.selfLink()))
                    .autoDelete(true)
                    .boot(true)
                    .build())
                .tags(            
                    "allow-ssh",
                    "load-balanced-backend")
                .build());
    
            var rigm = new RegionInstanceGroupManager("rigm", RegionInstanceGroupManagerArgs.builder()
                .region("us-central1")
                .name("website-rigm")
                .versions(RegionInstanceGroupManagerVersionArgs.builder()
                    .instanceTemplate(instanceTemplate.id())
                    .name("primary")
                    .build())
                .baseInstanceName("internal-glb")
                .targetSize(1)
                .build());
    
            var fw1 = new Firewall("fw1", FirewallArgs.builder()
                .name("website-fw-1")
                .network(defaultNetwork.id())
                .sourceRanges("10.1.2.0/24")
                .allows(            
                    FirewallAllowArgs.builder()
                        .protocol("tcp")
                        .build(),
                    FirewallAllowArgs.builder()
                        .protocol("udp")
                        .build(),
                    FirewallAllowArgs.builder()
                        .protocol("icmp")
                        .build())
                .direction("INGRESS")
                .build());
    
            var fw2 = new Firewall("fw2", FirewallArgs.builder()
                .name("website-fw-2")
                .network(defaultNetwork.id())
                .sourceRanges("0.0.0.0/0")
                .allows(FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .ports("22")
                    .build())
                .targetTags("allow-ssh")
                .direction("INGRESS")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(fw1)
                    .build());
    
            var fw3 = new Firewall("fw3", FirewallArgs.builder()
                .name("website-fw-3")
                .network(defaultNetwork.id())
                .sourceRanges(            
                    "130.211.0.0/22",
                    "35.191.0.0/16")
                .allows(FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .build())
                .targetTags("load-balanced-backend")
                .direction("INGRESS")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(fw2)
                    .build());
    
            var fw4 = new Firewall("fw4", FirewallArgs.builder()
                .name("website-fw-4")
                .network(defaultNetwork.id())
                .sourceRanges("10.129.0.0/26")
                .targetTags("load-balanced-backend")
                .allows(            
                    FirewallAllowArgs.builder()
                        .protocol("tcp")
                        .ports("80")
                        .build(),
                    FirewallAllowArgs.builder()
                        .protocol("tcp")
                        .ports("443")
                        .build(),
                    FirewallAllowArgs.builder()
                        .protocol("tcp")
                        .ports("8000")
                        .build())
                .direction("INGRESS")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(fw3)
                    .build());
    
            var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
                .region("us-central1")
                .name("website-hc")
                .httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
                    .portSpecification("USE_SERVING_PORT")
                    .build())
                .build(), CustomResourceOptions.builder()
                    .dependsOn(fw4)
                    .build());
    
            var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
                .loadBalancingScheme("INTERNAL_MANAGED")
                .backends(RegionBackendServiceBackendArgs.builder()
                    .group(rigm.instanceGroup())
                    .balancingMode("UTILIZATION")
                    .capacityScaler(1)
                    .build())
                .region("us-central1")
                .name("website-backend")
                .protocol("HTTP")
                .timeoutSec(10)
                .healthChecks(defaultRegionHealthCheck.id())
                .build());
    
            var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
                .region("us-central1")
                .name("website-map")
                .defaultService(defaultRegionBackendService.id())
                .build());
    
            var defaultRegionTargetHttpProxy = new RegionTargetHttpProxy("defaultRegionTargetHttpProxy", RegionTargetHttpProxyArgs.builder()
                .region("us-central1")
                .name("website-proxy")
                .urlMap(defaultRegionUrlMap.id())
                .build());
    
            var proxy = new Subnetwork("proxy", SubnetworkArgs.builder()
                .name("website-net-proxy")
                .ipCidrRange("10.129.0.0/26")
                .region("us-central1")
                .network(defaultNetwork.id())
                .purpose("REGIONAL_MANAGED_PROXY")
                .role("ACTIVE")
                .build());
    
            // Forwarding rule for Internal Load Balancing
            var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
                .name("website-forwarding-rule")
                .region("us-central1")
                .ipProtocol("TCP")
                .loadBalancingScheme("INTERNAL_MANAGED")
                .portRange("80")
                .target(defaultRegionTargetHttpProxy.id())
                .network(defaultNetwork.id())
                .subnetwork(defaultSubnetwork.id())
                .networkTier("PREMIUM")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(proxy)
                    .build());
    
        }
    }
    
    resources:
      # Forwarding rule for Internal Load Balancing
      default:
        type: gcp:compute:ForwardingRule
        properties:
          name: website-forwarding-rule
          region: us-central1
          ipProtocol: TCP
          loadBalancingScheme: INTERNAL_MANAGED
          portRange: '80'
          target: ${defaultRegionTargetHttpProxy.id}
          network: ${defaultNetwork.id}
          subnetwork: ${defaultSubnetwork.id}
          networkTier: PREMIUM
        options:
          dependson:
            - ${proxy}
      defaultRegionTargetHttpProxy:
        type: gcp:compute:RegionTargetHttpProxy
        name: default
        properties:
          region: us-central1
          name: website-proxy
          urlMap: ${defaultRegionUrlMap.id}
      defaultRegionUrlMap:
        type: gcp:compute:RegionUrlMap
        name: default
        properties:
          region: us-central1
          name: website-map
          defaultService: ${defaultRegionBackendService.id}
      defaultRegionBackendService:
        type: gcp:compute:RegionBackendService
        name: default
        properties:
          loadBalancingScheme: INTERNAL_MANAGED
          backends:
            - group: ${rigm.instanceGroup}
              balancingMode: UTILIZATION
              capacityScaler: 1
          region: us-central1
          name: website-backend
          protocol: HTTP
          timeoutSec: 10
          healthChecks: ${defaultRegionHealthCheck.id}
      rigm:
        type: gcp:compute:RegionInstanceGroupManager
        properties:
          region: us-central1
          name: website-rigm
          versions:
            - instanceTemplate: ${instanceTemplate.id}
              name: primary
          baseInstanceName: internal-glb
          targetSize: 1
      instanceTemplate:
        type: gcp:compute:InstanceTemplate
        name: instance_template
        properties:
          name: template-website-backend
          machineType: e2-medium
          networkInterfaces:
            - network: ${defaultNetwork.id}
              subnetwork: ${defaultSubnetwork.id}
          disks:
            - sourceImage: ${debianImage.selfLink}
              autoDelete: true
              boot: true
          tags:
            - allow-ssh
            - load-balanced-backend
      defaultRegionHealthCheck:
        type: gcp:compute:RegionHealthCheck
        name: default
        properties:
          region: us-central1
          name: website-hc
          httpHealthCheck:
            portSpecification: USE_SERVING_PORT
        options:
          dependson:
            - ${fw4}
      fw1:
        type: gcp:compute:Firewall
        properties:
          name: website-fw-1
          network: ${defaultNetwork.id}
          sourceRanges:
            - 10.1.2.0/24
          allows:
            - protocol: tcp
            - protocol: udp
            - protocol: icmp
          direction: INGRESS
      fw2:
        type: gcp:compute:Firewall
        properties:
          name: website-fw-2
          network: ${defaultNetwork.id}
          sourceRanges:
            - 0.0.0.0/0
          allows:
            - protocol: tcp
              ports:
                - '22'
          targetTags:
            - allow-ssh
          direction: INGRESS
        options:
          dependson:
            - ${fw1}
      fw3:
        type: gcp:compute:Firewall
        properties:
          name: website-fw-3
          network: ${defaultNetwork.id}
          sourceRanges:
            - 130.211.0.0/22
            - 35.191.0.0/16
          allows:
            - protocol: tcp
          targetTags:
            - load-balanced-backend
          direction: INGRESS
        options:
          dependson:
            - ${fw2}
      fw4:
        type: gcp:compute:Firewall
        properties:
          name: website-fw-4
          network: ${defaultNetwork.id}
          sourceRanges:
            - 10.129.0.0/26
          targetTags:
            - load-balanced-backend
          allows:
            - protocol: tcp
              ports:
                - '80'
            - protocol: tcp
              ports:
                - '443'
            - protocol: tcp
              ports:
                - '8000'
          direction: INGRESS
        options:
          dependson:
            - ${fw3}
      defaultNetwork:
        type: gcp:compute:Network
        name: default
        properties:
          name: website-net
          autoCreateSubnetworks: false
          routingMode: REGIONAL
      defaultSubnetwork:
        type: gcp:compute:Subnetwork
        name: default
        properties:
          name: website-net-default
          ipCidrRange: 10.1.2.0/24
          region: us-central1
          network: ${defaultNetwork.id}
      proxy:
        type: gcp:compute:Subnetwork
        properties:
          name: website-net-proxy
          ipCidrRange: 10.129.0.0/26
          region: us-central1
          network: ${defaultNetwork.id}
          purpose: REGIONAL_MANAGED_PROXY
          role: ACTIVE
    variables:
      debianImage:
        fn::invoke:
          Function: gcp:compute:getImage
          Arguments:
            family: debian-11
            project: debian-cloud
    

    Forwarding Rule Regional Http Xlb

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const debianImage = gcp.compute.getImage({
        family: "debian-11",
        project: "debian-cloud",
    });
    const defaultNetwork = new gcp.compute.Network("default", {
        name: "website-net",
        autoCreateSubnetworks: false,
        routingMode: "REGIONAL",
    });
    const defaultSubnetwork = new gcp.compute.Subnetwork("default", {
        name: "website-net-default",
        ipCidrRange: "10.1.2.0/24",
        region: "us-central1",
        network: defaultNetwork.id,
    });
    const instanceTemplate = new gcp.compute.InstanceTemplate("instance_template", {
        name: "template-website-backend",
        machineType: "e2-medium",
        networkInterfaces: [{
            network: defaultNetwork.id,
            subnetwork: defaultSubnetwork.id,
        }],
        disks: [{
            sourceImage: debianImage.then(debianImage => debianImage.selfLink),
            autoDelete: true,
            boot: true,
        }],
        tags: [
            "allow-ssh",
            "load-balanced-backend",
        ],
    });
    const rigm = new gcp.compute.RegionInstanceGroupManager("rigm", {
        region: "us-central1",
        name: "website-rigm",
        versions: [{
            instanceTemplate: instanceTemplate.id,
            name: "primary",
        }],
        baseInstanceName: "internal-glb",
        targetSize: 1,
    });
    const fw1 = new gcp.compute.Firewall("fw1", {
        name: "website-fw-1",
        network: defaultNetwork.id,
        sourceRanges: ["10.1.2.0/24"],
        allows: [
            {
                protocol: "tcp",
            },
            {
                protocol: "udp",
            },
            {
                protocol: "icmp",
            },
        ],
        direction: "INGRESS",
    });
    const fw2 = new gcp.compute.Firewall("fw2", {
        name: "website-fw-2",
        network: defaultNetwork.id,
        sourceRanges: ["0.0.0.0/0"],
        allows: [{
            protocol: "tcp",
            ports: ["22"],
        }],
        targetTags: ["allow-ssh"],
        direction: "INGRESS",
    }, {
        dependsOn: [fw1],
    });
    const fw3 = new gcp.compute.Firewall("fw3", {
        name: "website-fw-3",
        network: defaultNetwork.id,
        sourceRanges: [
            "130.211.0.0/22",
            "35.191.0.0/16",
        ],
        allows: [{
            protocol: "tcp",
        }],
        targetTags: ["load-balanced-backend"],
        direction: "INGRESS",
    }, {
        dependsOn: [fw2],
    });
    const fw4 = new gcp.compute.Firewall("fw4", {
        name: "website-fw-4",
        network: defaultNetwork.id,
        sourceRanges: ["10.129.0.0/26"],
        targetTags: ["load-balanced-backend"],
        allows: [
            {
                protocol: "tcp",
                ports: ["80"],
            },
            {
                protocol: "tcp",
                ports: ["443"],
            },
            {
                protocol: "tcp",
                ports: ["8000"],
            },
        ],
        direction: "INGRESS",
    }, {
        dependsOn: [fw3],
    });
    const defaultRegionHealthCheck = new gcp.compute.RegionHealthCheck("default", {
        region: "us-central1",
        name: "website-hc",
        httpHealthCheck: {
            portSpecification: "USE_SERVING_PORT",
        },
    }, {
        dependsOn: [fw4],
    });
    const defaultRegionBackendService = new gcp.compute.RegionBackendService("default", {
        loadBalancingScheme: "EXTERNAL_MANAGED",
        backends: [{
            group: rigm.instanceGroup,
            balancingMode: "UTILIZATION",
            capacityScaler: 1,
        }],
        region: "us-central1",
        name: "website-backend",
        protocol: "HTTP",
        timeoutSec: 10,
        healthChecks: defaultRegionHealthCheck.id,
    });
    const defaultRegionUrlMap = new gcp.compute.RegionUrlMap("default", {
        region: "us-central1",
        name: "website-map",
        defaultService: defaultRegionBackendService.id,
    });
    const defaultRegionTargetHttpProxy = new gcp.compute.RegionTargetHttpProxy("default", {
        region: "us-central1",
        name: "website-proxy",
        urlMap: defaultRegionUrlMap.id,
    });
    const defaultAddress = new gcp.compute.Address("default", {
        name: "website-ip-1",
        region: "us-central1",
        networkTier: "STANDARD",
    });
    const proxy = new gcp.compute.Subnetwork("proxy", {
        name: "website-net-proxy",
        ipCidrRange: "10.129.0.0/26",
        region: "us-central1",
        network: defaultNetwork.id,
        purpose: "REGIONAL_MANAGED_PROXY",
        role: "ACTIVE",
    });
    // Forwarding rule for Regional External Load Balancing
    const _default = new gcp.compute.ForwardingRule("default", {
        name: "website-forwarding-rule",
        region: "us-central1",
        ipProtocol: "TCP",
        loadBalancingScheme: "EXTERNAL_MANAGED",
        portRange: "80",
        target: defaultRegionTargetHttpProxy.id,
        network: defaultNetwork.id,
        ipAddress: defaultAddress.address,
        networkTier: "STANDARD",
    }, {
        dependsOn: [proxy],
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    debian_image = gcp.compute.get_image(family="debian-11",
        project="debian-cloud")
    default_network = gcp.compute.Network("default",
        name="website-net",
        auto_create_subnetworks=False,
        routing_mode="REGIONAL")
    default_subnetwork = gcp.compute.Subnetwork("default",
        name="website-net-default",
        ip_cidr_range="10.1.2.0/24",
        region="us-central1",
        network=default_network.id)
    instance_template = gcp.compute.InstanceTemplate("instance_template",
        name="template-website-backend",
        machine_type="e2-medium",
        network_interfaces=[{
            "network": default_network.id,
            "subnetwork": default_subnetwork.id,
        }],
        disks=[{
            "sourceImage": debian_image.self_link,
            "autoDelete": True,
            "boot": True,
        }],
        tags=[
            "allow-ssh",
            "load-balanced-backend",
        ])
    rigm = gcp.compute.RegionInstanceGroupManager("rigm",
        region="us-central1",
        name="website-rigm",
        versions=[{
            "instanceTemplate": instance_template.id,
            "name": "primary",
        }],
        base_instance_name="internal-glb",
        target_size=1)
    fw1 = gcp.compute.Firewall("fw1",
        name="website-fw-1",
        network=default_network.id,
        source_ranges=["10.1.2.0/24"],
        allows=[
            {
                "protocol": "tcp",
            },
            {
                "protocol": "udp",
            },
            {
                "protocol": "icmp",
            },
        ],
        direction="INGRESS")
    fw2 = gcp.compute.Firewall("fw2",
        name="website-fw-2",
        network=default_network.id,
        source_ranges=["0.0.0.0/0"],
        allows=[{
            "protocol": "tcp",
            "ports": ["22"],
        }],
        target_tags=["allow-ssh"],
        direction="INGRESS",
        opts = pulumi.ResourceOptions(depends_on=[fw1]))
    fw3 = gcp.compute.Firewall("fw3",
        name="website-fw-3",
        network=default_network.id,
        source_ranges=[
            "130.211.0.0/22",
            "35.191.0.0/16",
        ],
        allows=[{
            "protocol": "tcp",
        }],
        target_tags=["load-balanced-backend"],
        direction="INGRESS",
        opts = pulumi.ResourceOptions(depends_on=[fw2]))
    fw4 = gcp.compute.Firewall("fw4",
        name="website-fw-4",
        network=default_network.id,
        source_ranges=["10.129.0.0/26"],
        target_tags=["load-balanced-backend"],
        allows=[
            {
                "protocol": "tcp",
                "ports": ["80"],
            },
            {
                "protocol": "tcp",
                "ports": ["443"],
            },
            {
                "protocol": "tcp",
                "ports": ["8000"],
            },
        ],
        direction="INGRESS",
        opts = pulumi.ResourceOptions(depends_on=[fw3]))
    default_region_health_check = gcp.compute.RegionHealthCheck("default",
        region="us-central1",
        name="website-hc",
        http_health_check={
            "portSpecification": "USE_SERVING_PORT",
        },
        opts = pulumi.ResourceOptions(depends_on=[fw4]))
    default_region_backend_service = gcp.compute.RegionBackendService("default",
        load_balancing_scheme="EXTERNAL_MANAGED",
        backends=[{
            "group": rigm.instance_group,
            "balancingMode": "UTILIZATION",
            "capacityScaler": 1,
        }],
        region="us-central1",
        name="website-backend",
        protocol="HTTP",
        timeout_sec=10,
        health_checks=default_region_health_check.id)
    default_region_url_map = gcp.compute.RegionUrlMap("default",
        region="us-central1",
        name="website-map",
        default_service=default_region_backend_service.id)
    default_region_target_http_proxy = gcp.compute.RegionTargetHttpProxy("default",
        region="us-central1",
        name="website-proxy",
        url_map=default_region_url_map.id)
    default_address = gcp.compute.Address("default",
        name="website-ip-1",
        region="us-central1",
        network_tier="STANDARD")
    proxy = gcp.compute.Subnetwork("proxy",
        name="website-net-proxy",
        ip_cidr_range="10.129.0.0/26",
        region="us-central1",
        network=default_network.id,
        purpose="REGIONAL_MANAGED_PROXY",
        role="ACTIVE")
    # Forwarding rule for Regional External Load Balancing
    default = gcp.compute.ForwardingRule("default",
        name="website-forwarding-rule",
        region="us-central1",
        ip_protocol="TCP",
        load_balancing_scheme="EXTERNAL_MANAGED",
        port_range="80",
        target=default_region_target_http_proxy.id,
        network=default_network.id,
        ip_address=default_address.address,
        network_tier="STANDARD",
        opts = pulumi.ResourceOptions(depends_on=[proxy]))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		debianImage, err := compute.LookupImage(ctx, &compute.LookupImageArgs{
    			Family:  pulumi.StringRef("debian-11"),
    			Project: pulumi.StringRef("debian-cloud"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		defaultNetwork, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
    			Name:                  pulumi.String("website-net"),
    			AutoCreateSubnetworks: pulumi.Bool(false),
    			RoutingMode:           pulumi.String("REGIONAL"),
    		})
    		if err != nil {
    			return err
    		}
    		defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{
    			Name:        pulumi.String("website-net-default"),
    			IpCidrRange: pulumi.String("10.1.2.0/24"),
    			Region:      pulumi.String("us-central1"),
    			Network:     defaultNetwork.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		instanceTemplate, err := compute.NewInstanceTemplate(ctx, "instance_template", &compute.InstanceTemplateArgs{
    			Name:        pulumi.String("template-website-backend"),
    			MachineType: pulumi.String("e2-medium"),
    			NetworkInterfaces: compute.InstanceTemplateNetworkInterfaceArray{
    				&compute.InstanceTemplateNetworkInterfaceArgs{
    					Network:    defaultNetwork.ID(),
    					Subnetwork: defaultSubnetwork.ID(),
    				},
    			},
    			Disks: compute.InstanceTemplateDiskArray{
    				&compute.InstanceTemplateDiskArgs{
    					SourceImage: pulumi.String(debianImage.SelfLink),
    					AutoDelete:  pulumi.Bool(true),
    					Boot:        pulumi.Bool(true),
    				},
    			},
    			Tags: pulumi.StringArray{
    				pulumi.String("allow-ssh"),
    				pulumi.String("load-balanced-backend"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		rigm, err := compute.NewRegionInstanceGroupManager(ctx, "rigm", &compute.RegionInstanceGroupManagerArgs{
    			Region: pulumi.String("us-central1"),
    			Name:   pulumi.String("website-rigm"),
    			Versions: compute.RegionInstanceGroupManagerVersionArray{
    				&compute.RegionInstanceGroupManagerVersionArgs{
    					InstanceTemplate: instanceTemplate.ID(),
    					Name:             pulumi.String("primary"),
    				},
    			},
    			BaseInstanceName: pulumi.String("internal-glb"),
    			TargetSize:       pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		fw1, err := compute.NewFirewall(ctx, "fw1", &compute.FirewallArgs{
    			Name:    pulumi.String("website-fw-1"),
    			Network: defaultNetwork.ID(),
    			SourceRanges: pulumi.StringArray{
    				pulumi.String("10.1.2.0/24"),
    			},
    			Allows: compute.FirewallAllowArray{
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    				},
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("udp"),
    				},
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("icmp"),
    				},
    			},
    			Direction: pulumi.String("INGRESS"),
    		})
    		if err != nil {
    			return err
    		}
    		fw2, err := compute.NewFirewall(ctx, "fw2", &compute.FirewallArgs{
    			Name:    pulumi.String("website-fw-2"),
    			Network: defaultNetwork.ID(),
    			SourceRanges: pulumi.StringArray{
    				pulumi.String("0.0.0.0/0"),
    			},
    			Allows: compute.FirewallAllowArray{
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    					Ports: pulumi.StringArray{
    						pulumi.String("22"),
    					},
    				},
    			},
    			TargetTags: pulumi.StringArray{
    				pulumi.String("allow-ssh"),
    			},
    			Direction: pulumi.String("INGRESS"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			fw1,
    		}))
    		if err != nil {
    			return err
    		}
    		fw3, err := compute.NewFirewall(ctx, "fw3", &compute.FirewallArgs{
    			Name:    pulumi.String("website-fw-3"),
    			Network: defaultNetwork.ID(),
    			SourceRanges: pulumi.StringArray{
    				pulumi.String("130.211.0.0/22"),
    				pulumi.String("35.191.0.0/16"),
    			},
    			Allows: compute.FirewallAllowArray{
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    				},
    			},
    			TargetTags: pulumi.StringArray{
    				pulumi.String("load-balanced-backend"),
    			},
    			Direction: pulumi.String("INGRESS"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			fw2,
    		}))
    		if err != nil {
    			return err
    		}
    		fw4, err := compute.NewFirewall(ctx, "fw4", &compute.FirewallArgs{
    			Name:    pulumi.String("website-fw-4"),
    			Network: defaultNetwork.ID(),
    			SourceRanges: pulumi.StringArray{
    				pulumi.String("10.129.0.0/26"),
    			},
    			TargetTags: pulumi.StringArray{
    				pulumi.String("load-balanced-backend"),
    			},
    			Allows: compute.FirewallAllowArray{
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    					Ports: pulumi.StringArray{
    						pulumi.String("80"),
    					},
    				},
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    					Ports: pulumi.StringArray{
    						pulumi.String("443"),
    					},
    				},
    				&compute.FirewallAllowArgs{
    					Protocol: pulumi.String("tcp"),
    					Ports: pulumi.StringArray{
    						pulumi.String("8000"),
    					},
    				},
    			},
    			Direction: pulumi.String("INGRESS"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			fw3,
    		}))
    		if err != nil {
    			return err
    		}
    		defaultRegionHealthCheck, err := compute.NewRegionHealthCheck(ctx, "default", &compute.RegionHealthCheckArgs{
    			Region: pulumi.String("us-central1"),
    			Name:   pulumi.String("website-hc"),
    			HttpHealthCheck: &compute.RegionHealthCheckHttpHealthCheckArgs{
    				PortSpecification: pulumi.String("USE_SERVING_PORT"),
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			fw4,
    		}))
    		if err != nil {
    			return err
    		}
    		defaultRegionBackendService, err := compute.NewRegionBackendService(ctx, "default", &compute.RegionBackendServiceArgs{
    			LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"),
    			Backends: compute.RegionBackendServiceBackendArray{
    				&compute.RegionBackendServiceBackendArgs{
    					Group:          rigm.InstanceGroup,
    					BalancingMode:  pulumi.String("UTILIZATION"),
    					CapacityScaler: pulumi.Float64(1),
    				},
    			},
    			Region:       pulumi.String("us-central1"),
    			Name:         pulumi.String("website-backend"),
    			Protocol:     pulumi.String("HTTP"),
    			TimeoutSec:   pulumi.Int(10),
    			HealthChecks: defaultRegionHealthCheck.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultRegionUrlMap, err := compute.NewRegionUrlMap(ctx, "default", &compute.RegionUrlMapArgs{
    			Region:         pulumi.String("us-central1"),
    			Name:           pulumi.String("website-map"),
    			DefaultService: defaultRegionBackendService.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultRegionTargetHttpProxy, err := compute.NewRegionTargetHttpProxy(ctx, "default", &compute.RegionTargetHttpProxyArgs{
    			Region: pulumi.String("us-central1"),
    			Name:   pulumi.String("website-proxy"),
    			UrlMap: defaultRegionUrlMap.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultAddress, err := compute.NewAddress(ctx, "default", &compute.AddressArgs{
    			Name:        pulumi.String("website-ip-1"),
    			Region:      pulumi.String("us-central1"),
    			NetworkTier: pulumi.String("STANDARD"),
    		})
    		if err != nil {
    			return err
    		}
    		proxy, err := compute.NewSubnetwork(ctx, "proxy", &compute.SubnetworkArgs{
    			Name:        pulumi.String("website-net-proxy"),
    			IpCidrRange: pulumi.String("10.129.0.0/26"),
    			Region:      pulumi.String("us-central1"),
    			Network:     defaultNetwork.ID(),
    			Purpose:     pulumi.String("REGIONAL_MANAGED_PROXY"),
    			Role:        pulumi.String("ACTIVE"),
    		})
    		if err != nil {
    			return err
    		}
    		// Forwarding rule for Regional External Load Balancing
    		_, err = compute.NewForwardingRule(ctx, "default", &compute.ForwardingRuleArgs{
    			Name:                pulumi.String("website-forwarding-rule"),
    			Region:              pulumi.String("us-central1"),
    			IpProtocol:          pulumi.String("TCP"),
    			LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"),
    			PortRange:           pulumi.String("80"),
    			Target:              defaultRegionTargetHttpProxy.ID(),
    			Network:             defaultNetwork.ID(),
    			IpAddress:           defaultAddress.Address,
    			NetworkTier:         pulumi.String("STANDARD"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			proxy,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var debianImage = Gcp.Compute.GetImage.Invoke(new()
        {
            Family = "debian-11",
            Project = "debian-cloud",
        });
    
        var defaultNetwork = new Gcp.Compute.Network("default", new()
        {
            Name = "website-net",
            AutoCreateSubnetworks = false,
            RoutingMode = "REGIONAL",
        });
    
        var defaultSubnetwork = new Gcp.Compute.Subnetwork("default", new()
        {
            Name = "website-net-default",
            IpCidrRange = "10.1.2.0/24",
            Region = "us-central1",
            Network = defaultNetwork.Id,
        });
    
        var instanceTemplate = new Gcp.Compute.InstanceTemplate("instance_template", new()
        {
            Name = "template-website-backend",
            MachineType = "e2-medium",
            NetworkInterfaces = new[]
            {
                new Gcp.Compute.Inputs.InstanceTemplateNetworkInterfaceArgs
                {
                    Network = defaultNetwork.Id,
                    Subnetwork = defaultSubnetwork.Id,
                },
            },
            Disks = new[]
            {
                new Gcp.Compute.Inputs.InstanceTemplateDiskArgs
                {
                    SourceImage = debianImage.Apply(getImageResult => getImageResult.SelfLink),
                    AutoDelete = true,
                    Boot = true,
                },
            },
            Tags = new[]
            {
                "allow-ssh",
                "load-balanced-backend",
            },
        });
    
        var rigm = new Gcp.Compute.RegionInstanceGroupManager("rigm", new()
        {
            Region = "us-central1",
            Name = "website-rigm",
            Versions = new[]
            {
                new Gcp.Compute.Inputs.RegionInstanceGroupManagerVersionArgs
                {
                    InstanceTemplate = instanceTemplate.Id,
                    Name = "primary",
                },
            },
            BaseInstanceName = "internal-glb",
            TargetSize = 1,
        });
    
        var fw1 = new Gcp.Compute.Firewall("fw1", new()
        {
            Name = "website-fw-1",
            Network = defaultNetwork.Id,
            SourceRanges = new[]
            {
                "10.1.2.0/24",
            },
            Allows = new[]
            {
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                },
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "udp",
                },
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "icmp",
                },
            },
            Direction = "INGRESS",
        });
    
        var fw2 = new Gcp.Compute.Firewall("fw2", new()
        {
            Name = "website-fw-2",
            Network = defaultNetwork.Id,
            SourceRanges = new[]
            {
                "0.0.0.0/0",
            },
            Allows = new[]
            {
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                    Ports = new[]
                    {
                        "22",
                    },
                },
            },
            TargetTags = new[]
            {
                "allow-ssh",
            },
            Direction = "INGRESS",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                fw1,
            },
        });
    
        var fw3 = new Gcp.Compute.Firewall("fw3", new()
        {
            Name = "website-fw-3",
            Network = defaultNetwork.Id,
            SourceRanges = new[]
            {
                "130.211.0.0/22",
                "35.191.0.0/16",
            },
            Allows = new[]
            {
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                },
            },
            TargetTags = new[]
            {
                "load-balanced-backend",
            },
            Direction = "INGRESS",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                fw2,
            },
        });
    
        var fw4 = new Gcp.Compute.Firewall("fw4", new()
        {
            Name = "website-fw-4",
            Network = defaultNetwork.Id,
            SourceRanges = new[]
            {
                "10.129.0.0/26",
            },
            TargetTags = new[]
            {
                "load-balanced-backend",
            },
            Allows = new[]
            {
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                    Ports = new[]
                    {
                        "80",
                    },
                },
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                    Ports = new[]
                    {
                        "443",
                    },
                },
                new Gcp.Compute.Inputs.FirewallAllowArgs
                {
                    Protocol = "tcp",
                    Ports = new[]
                    {
                        "8000",
                    },
                },
            },
            Direction = "INGRESS",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                fw3,
            },
        });
    
        var defaultRegionHealthCheck = new Gcp.Compute.RegionHealthCheck("default", new()
        {
            Region = "us-central1",
            Name = "website-hc",
            HttpHealthCheck = new Gcp.Compute.Inputs.RegionHealthCheckHttpHealthCheckArgs
            {
                PortSpecification = "USE_SERVING_PORT",
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                fw4,
            },
        });
    
        var defaultRegionBackendService = new Gcp.Compute.RegionBackendService("default", new()
        {
            LoadBalancingScheme = "EXTERNAL_MANAGED",
            Backends = new[]
            {
                new Gcp.Compute.Inputs.RegionBackendServiceBackendArgs
                {
                    Group = rigm.InstanceGroup,
                    BalancingMode = "UTILIZATION",
                    CapacityScaler = 1,
                },
            },
            Region = "us-central1",
            Name = "website-backend",
            Protocol = "HTTP",
            TimeoutSec = 10,
            HealthChecks = defaultRegionHealthCheck.Id,
        });
    
        var defaultRegionUrlMap = new Gcp.Compute.RegionUrlMap("default", new()
        {
            Region = "us-central1",
            Name = "website-map",
            DefaultService = defaultRegionBackendService.Id,
        });
    
        var defaultRegionTargetHttpProxy = new Gcp.Compute.RegionTargetHttpProxy("default", new()
        {
            Region = "us-central1",
            Name = "website-proxy",
            UrlMap = defaultRegionUrlMap.Id,
        });
    
        var defaultAddress = new Gcp.Compute.Address("default", new()
        {
            Name = "website-ip-1",
            Region = "us-central1",
            NetworkTier = "STANDARD",
        });
    
        var proxy = new Gcp.Compute.Subnetwork("proxy", new()
        {
            Name = "website-net-proxy",
            IpCidrRange = "10.129.0.0/26",
            Region = "us-central1",
            Network = defaultNetwork.Id,
            Purpose = "REGIONAL_MANAGED_PROXY",
            Role = "ACTIVE",
        });
    
        // Forwarding rule for Regional External Load Balancing
        var @default = new Gcp.Compute.ForwardingRule("default", new()
        {
            Name = "website-forwarding-rule",
            Region = "us-central1",
            IpProtocol = "TCP",
            LoadBalancingScheme = "EXTERNAL_MANAGED",
            PortRange = "80",
            Target = defaultRegionTargetHttpProxy.Id,
            Network = defaultNetwork.Id,
            IpAddress = defaultAddress.IPAddress,
            NetworkTier = "STANDARD",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                proxy,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.ComputeFunctions;
    import com.pulumi.gcp.compute.inputs.GetImageArgs;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.InstanceTemplate;
    import com.pulumi.gcp.compute.InstanceTemplateArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
    import com.pulumi.gcp.compute.RegionInstanceGroupManager;
    import com.pulumi.gcp.compute.RegionInstanceGroupManagerArgs;
    import com.pulumi.gcp.compute.inputs.RegionInstanceGroupManagerVersionArgs;
    import com.pulumi.gcp.compute.Firewall;
    import com.pulumi.gcp.compute.FirewallArgs;
    import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
    import com.pulumi.gcp.compute.RegionHealthCheck;
    import com.pulumi.gcp.compute.RegionHealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
    import com.pulumi.gcp.compute.RegionBackendService;
    import com.pulumi.gcp.compute.RegionBackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.RegionBackendServiceBackendArgs;
    import com.pulumi.gcp.compute.RegionUrlMap;
    import com.pulumi.gcp.compute.RegionUrlMapArgs;
    import com.pulumi.gcp.compute.RegionTargetHttpProxy;
    import com.pulumi.gcp.compute.RegionTargetHttpProxyArgs;
    import com.pulumi.gcp.compute.Address;
    import com.pulumi.gcp.compute.AddressArgs;
    import com.pulumi.gcp.compute.ForwardingRule;
    import com.pulumi.gcp.compute.ForwardingRuleArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var debianImage = ComputeFunctions.getImage(GetImageArgs.builder()
                .family("debian-11")
                .project("debian-cloud")
                .build());
    
            var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
                .name("website-net")
                .autoCreateSubnetworks(false)
                .routingMode("REGIONAL")
                .build());
    
            var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
                .name("website-net-default")
                .ipCidrRange("10.1.2.0/24")
                .region("us-central1")
                .network(defaultNetwork.id())
                .build());
    
            var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
                .name("template-website-backend")
                .machineType("e2-medium")
                .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
                    .network(defaultNetwork.id())
                    .subnetwork(defaultSubnetwork.id())
                    .build())
                .disks(InstanceTemplateDiskArgs.builder()
                    .sourceImage(debianImage.applyValue(getImageResult -> getImageResult.selfLink()))
                    .autoDelete(true)
                    .boot(true)
                    .build())
                .tags(            
                    "allow-ssh",
                    "load-balanced-backend")
                .build());
    
            var rigm = new RegionInstanceGroupManager("rigm", RegionInstanceGroupManagerArgs.builder()
                .region("us-central1")
                .name("website-rigm")
                .versions(RegionInstanceGroupManagerVersionArgs.builder()
                    .instanceTemplate(instanceTemplate.id())
                    .name("primary")
                    .build())
                .baseInstanceName("internal-glb")
                .targetSize(1)
                .build());
    
            var fw1 = new Firewall("fw1", FirewallArgs.builder()
                .name("website-fw-1")
                .network(defaultNetwork.id())
                .sourceRanges("10.1.2.0/24")
                .allows(            
                    FirewallAllowArgs.builder()
                        .protocol("tcp")
                        .build(),
                    FirewallAllowArgs.builder()
                        .protocol("udp")
                        .build(),
                    FirewallAllowArgs.builder()
                        .protocol("icmp")
                        .build())
                .direction("INGRESS")
                .build());
    
            var fw2 = new Firewall("fw2", FirewallArgs.builder()
                .name("website-fw-2")
                .network(defaultNetwork.id())
                .sourceRanges("0.0.0.0/0")
                .allows(FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .ports("22")
                    .build())
                .targetTags("allow-ssh")
                .direction("INGRESS")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(fw1)
                    .build());
    
            var fw3 = new Firewall("fw3", FirewallArgs.builder()
                .name("website-fw-3")
                .network(defaultNetwork.id())
                .sourceRanges(            
                    "130.211.0.0/22",
                    "35.191.0.0/16")
                .allows(FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .build())
                .targetTags("load-balanced-backend")
                .direction("INGRESS")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(fw2)
                    .build());
    
            var fw4 = new Firewall("fw4", FirewallArgs.builder()
                .name("website-fw-4")
                .network(defaultNetwork.id())
                .sourceRanges("10.129.0.0/26")
                .targetTags("load-balanced-backend")
                .allows(            
                    FirewallAllowArgs.builder()
                        .protocol("tcp")
                        .ports("80")
                        .build(),
                    FirewallAllowArgs.builder()
                        .protocol("tcp")
                        .ports("443")
                        .build(),
                    FirewallAllowArgs.builder()
                        .protocol("tcp")
                        .ports("8000")
                        .build())
                .direction("INGRESS")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(fw3)
                    .build());
    
            var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
                .region("us-central1")
                .name("website-hc")
                .httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
                    .portSpecification("USE_SERVING_PORT")
                    .build())
                .build(), CustomResourceOptions.builder()
                    .dependsOn(fw4)
                    .build());
    
            var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
                .loadBalancingScheme("EXTERNAL_MANAGED")
                .backends(RegionBackendServiceBackendArgs.builder()
                    .group(rigm.instanceGroup())
                    .balancingMode("UTILIZATION")
                    .capacityScaler(1)
                    .build())
                .region("us-central1")
                .name("website-backend")
                .protocol("HTTP")
                .timeoutSec(10)
                .healthChecks(defaultRegionHealthCheck.id())
                .build());
    
            var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
                .region("us-central1")
                .name("website-map")
                .defaultService(defaultRegionBackendService.id())
                .build());
    
            var defaultRegionTargetHttpProxy = new RegionTargetHttpProxy("defaultRegionTargetHttpProxy", RegionTargetHttpProxyArgs.builder()
                .region("us-central1")
                .name("website-proxy")
                .urlMap(defaultRegionUrlMap.id())
                .build());
    
            var defaultAddress = new Address("defaultAddress", AddressArgs.builder()
                .name("website-ip-1")
                .region("us-central1")
                .networkTier("STANDARD")
                .build());
    
            var proxy = new Subnetwork("proxy", SubnetworkArgs.builder()
                .name("website-net-proxy")
                .ipCidrRange("10.129.0.0/26")
                .region("us-central1")
                .network(defaultNetwork.id())
                .purpose("REGIONAL_MANAGED_PROXY")
                .role("ACTIVE")
                .build());
    
            // Forwarding rule for Regional External Load Balancing
            var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
                .name("website-forwarding-rule")
                .region("us-central1")
                .ipProtocol("TCP")
                .loadBalancingScheme("EXTERNAL_MANAGED")
                .portRange("80")
                .target(defaultRegionTargetHttpProxy.id())
                .network(defaultNetwork.id())
                .ipAddress(defaultAddress.address())
                .networkTier("STANDARD")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(proxy)
                    .build());
    
        }
    }
    
    resources:
      # Forwarding rule for Regional External Load Balancing
      default:
        type: gcp:compute:ForwardingRule
        properties:
          name: website-forwarding-rule
          region: us-central1
          ipProtocol: TCP
          loadBalancingScheme: EXTERNAL_MANAGED
          portRange: '80'
          target: ${defaultRegionTargetHttpProxy.id}
          network: ${defaultNetwork.id}
          ipAddress: ${defaultAddress.address}
          networkTier: STANDARD
        options:
          dependson:
            - ${proxy}
      defaultRegionTargetHttpProxy:
        type: gcp:compute:RegionTargetHttpProxy
        name: default
        properties:
          region: us-central1
          name: website-proxy
          urlMap: ${defaultRegionUrlMap.id}
      defaultRegionUrlMap:
        type: gcp:compute:RegionUrlMap
        name: default
        properties:
          region: us-central1
          name: website-map
          defaultService: ${defaultRegionBackendService.id}
      defaultRegionBackendService:
        type: gcp:compute:RegionBackendService
        name: default
        properties:
          loadBalancingScheme: EXTERNAL_MANAGED
          backends:
            - group: ${rigm.instanceGroup}
              balancingMode: UTILIZATION
              capacityScaler: 1
          region: us-central1
          name: website-backend
          protocol: HTTP
          timeoutSec: 10
          healthChecks: ${defaultRegionHealthCheck.id}
      rigm:
        type: gcp:compute:RegionInstanceGroupManager
        properties:
          region: us-central1
          name: website-rigm
          versions:
            - instanceTemplate: ${instanceTemplate.id}
              name: primary
          baseInstanceName: internal-glb
          targetSize: 1
      instanceTemplate:
        type: gcp:compute:InstanceTemplate
        name: instance_template
        properties:
          name: template-website-backend
          machineType: e2-medium
          networkInterfaces:
            - network: ${defaultNetwork.id}
              subnetwork: ${defaultSubnetwork.id}
          disks:
            - sourceImage: ${debianImage.selfLink}
              autoDelete: true
              boot: true
          tags:
            - allow-ssh
            - load-balanced-backend
      defaultRegionHealthCheck:
        type: gcp:compute:RegionHealthCheck
        name: default
        properties:
          region: us-central1
          name: website-hc
          httpHealthCheck:
            portSpecification: USE_SERVING_PORT
        options:
          dependson:
            - ${fw4}
      defaultAddress:
        type: gcp:compute:Address
        name: default
        properties:
          name: website-ip-1
          region: us-central1
          networkTier: STANDARD
      fw1:
        type: gcp:compute:Firewall
        properties:
          name: website-fw-1
          network: ${defaultNetwork.id}
          sourceRanges:
            - 10.1.2.0/24
          allows:
            - protocol: tcp
            - protocol: udp
            - protocol: icmp
          direction: INGRESS
      fw2:
        type: gcp:compute:Firewall
        properties:
          name: website-fw-2
          network: ${defaultNetwork.id}
          sourceRanges:
            - 0.0.0.0/0
          allows:
            - protocol: tcp
              ports:
                - '22'
          targetTags:
            - allow-ssh
          direction: INGRESS
        options:
          dependson:
            - ${fw1}
      fw3:
        type: gcp:compute:Firewall
        properties:
          name: website-fw-3
          network: ${defaultNetwork.id}
          sourceRanges:
            - 130.211.0.0/22
            - 35.191.0.0/16
          allows:
            - protocol: tcp
          targetTags:
            - load-balanced-backend
          direction: INGRESS
        options:
          dependson:
            - ${fw2}
      fw4:
        type: gcp:compute:Firewall
        properties:
          name: website-fw-4
          network: ${defaultNetwork.id}
          sourceRanges:
            - 10.129.0.0/26
          targetTags:
            - load-balanced-backend
          allows:
            - protocol: tcp
              ports:
                - '80'
            - protocol: tcp
              ports:
                - '443'
            - protocol: tcp
              ports:
                - '8000'
          direction: INGRESS
        options:
          dependson:
            - ${fw3}
      defaultNetwork:
        type: gcp:compute:Network
        name: default
        properties:
          name: website-net
          autoCreateSubnetworks: false
          routingMode: REGIONAL
      defaultSubnetwork:
        type: gcp:compute:Subnetwork
        name: default
        properties:
          name: website-net-default
          ipCidrRange: 10.1.2.0/24
          region: us-central1
          network: ${defaultNetwork.id}
      proxy:
        type: gcp:compute:Subnetwork
        properties:
          name: website-net-proxy
          ipCidrRange: 10.129.0.0/26
          region: us-central1
          network: ${defaultNetwork.id}
          purpose: REGIONAL_MANAGED_PROXY
          role: ACTIVE
    variables:
      debianImage:
        fn::invoke:
          Function: gcp:compute:getImage
          Arguments:
            family: debian-11
            project: debian-cloud
    

    Forwarding Rule Vpc Psc

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    // Consumer service endpoint
    const consumerNet = new gcp.compute.Network("consumer_net", {
        name: "consumer-net",
        autoCreateSubnetworks: false,
    });
    const consumerSubnet = new gcp.compute.Subnetwork("consumer_subnet", {
        name: "consumer-net",
        ipCidrRange: "10.0.0.0/16",
        region: "us-central1",
        network: consumerNet.id,
    });
    const consumerAddress = new gcp.compute.Address("consumer_address", {
        name: "website-ip-1",
        region: "us-central1",
        subnetwork: consumerSubnet.id,
        addressType: "INTERNAL",
    });
    // Producer service attachment
    const producerNet = new gcp.compute.Network("producer_net", {
        name: "producer-net",
        autoCreateSubnetworks: false,
    });
    const pscProducerSubnet = new gcp.compute.Subnetwork("psc_producer_subnet", {
        name: "producer-psc-net",
        ipCidrRange: "10.1.0.0/16",
        region: "us-central1",
        purpose: "PRIVATE_SERVICE_CONNECT",
        network: producerNet.id,
    });
    const producerSubnet = new gcp.compute.Subnetwork("producer_subnet", {
        name: "producer-net",
        ipCidrRange: "10.0.0.0/16",
        region: "us-central1",
        network: producerNet.id,
    });
    const producerServiceHealthCheck = new gcp.compute.HealthCheck("producer_service_health_check", {
        name: "producer-service-health-check",
        checkIntervalSec: 1,
        timeoutSec: 1,
        tcpHealthCheck: {
            port: 80,
        },
    });
    const producerServiceBackend = new gcp.compute.RegionBackendService("producer_service_backend", {
        name: "producer-service-backend",
        region: "us-central1",
        healthChecks: producerServiceHealthCheck.id,
    });
    const producerTargetService = new gcp.compute.ForwardingRule("producer_target_service", {
        name: "producer-forwarding-rule",
        region: "us-central1",
        loadBalancingScheme: "INTERNAL",
        backendService: producerServiceBackend.id,
        allPorts: true,
        network: producerNet.name,
        subnetwork: producerSubnet.name,
    });
    const producerServiceAttachment = new gcp.compute.ServiceAttachment("producer_service_attachment", {
        name: "producer-service",
        region: "us-central1",
        description: "A service attachment configured with Terraform",
        enableProxyProtocol: true,
        connectionPreference: "ACCEPT_AUTOMATIC",
        natSubnets: [pscProducerSubnet.name],
        targetService: producerTargetService.id,
    });
    // Forwarding rule for VPC private service connect
    const _default = new gcp.compute.ForwardingRule("default", {
        name: "psc-endpoint",
        region: "us-central1",
        loadBalancingScheme: "",
        target: producerServiceAttachment.id,
        network: consumerNet.name,
        ipAddress: consumerAddress.id,
        allowPscGlobalAccess: true,
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    # Consumer service endpoint
    consumer_net = gcp.compute.Network("consumer_net",
        name="consumer-net",
        auto_create_subnetworks=False)
    consumer_subnet = gcp.compute.Subnetwork("consumer_subnet",
        name="consumer-net",
        ip_cidr_range="10.0.0.0/16",
        region="us-central1",
        network=consumer_net.id)
    consumer_address = gcp.compute.Address("consumer_address",
        name="website-ip-1",
        region="us-central1",
        subnetwork=consumer_subnet.id,
        address_type="INTERNAL")
    # Producer service attachment
    producer_net = gcp.compute.Network("producer_net",
        name="producer-net",
        auto_create_subnetworks=False)
    psc_producer_subnet = gcp.compute.Subnetwork("psc_producer_subnet",
        name="producer-psc-net",
        ip_cidr_range="10.1.0.0/16",
        region="us-central1",
        purpose="PRIVATE_SERVICE_CONNECT",
        network=producer_net.id)
    producer_subnet = gcp.compute.Subnetwork("producer_subnet",
        name="producer-net",
        ip_cidr_range="10.0.0.0/16",
        region="us-central1",
        network=producer_net.id)
    producer_service_health_check = gcp.compute.HealthCheck("producer_service_health_check",
        name="producer-service-health-check",
        check_interval_sec=1,
        timeout_sec=1,
        tcp_health_check={
            "port": 80,
        })
    producer_service_backend = gcp.compute.RegionBackendService("producer_service_backend",
        name="producer-service-backend",
        region="us-central1",
        health_checks=producer_service_health_check.id)
    producer_target_service = gcp.compute.ForwardingRule("producer_target_service",
        name="producer-forwarding-rule",
        region="us-central1",
        load_balancing_scheme="INTERNAL",
        backend_service=producer_service_backend.id,
        all_ports=True,
        network=producer_net.name,
        subnetwork=producer_subnet.name)
    producer_service_attachment = gcp.compute.ServiceAttachment("producer_service_attachment",
        name="producer-service",
        region="us-central1",
        description="A service attachment configured with Terraform",
        enable_proxy_protocol=True,
        connection_preference="ACCEPT_AUTOMATIC",
        nat_subnets=[psc_producer_subnet.name],
        target_service=producer_target_service.id)
    # Forwarding rule for VPC private service connect
    default = gcp.compute.ForwardingRule("default",
        name="psc-endpoint",
        region="us-central1",
        load_balancing_scheme="",
        target=producer_service_attachment.id,
        network=consumer_net.name,
        ip_address=consumer_address.id,
        allow_psc_global_access=True)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		// Consumer service endpoint
    		consumerNet, err := compute.NewNetwork(ctx, "consumer_net", &compute.NetworkArgs{
    			Name:                  pulumi.String("consumer-net"),
    			AutoCreateSubnetworks: pulumi.Bool(false),
    		})
    		if err != nil {
    			return err
    		}
    		consumerSubnet, err := compute.NewSubnetwork(ctx, "consumer_subnet", &compute.SubnetworkArgs{
    			Name:        pulumi.String("consumer-net"),
    			IpCidrRange: pulumi.String("10.0.0.0/16"),
    			Region:      pulumi.String("us-central1"),
    			Network:     consumerNet.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		consumerAddress, err := compute.NewAddress(ctx, "consumer_address", &compute.AddressArgs{
    			Name:        pulumi.String("website-ip-1"),
    			Region:      pulumi.String("us-central1"),
    			Subnetwork:  consumerSubnet.ID(),
    			AddressType: pulumi.String("INTERNAL"),
    		})
    		if err != nil {
    			return err
    		}
    		// Producer service attachment
    		producerNet, err := compute.NewNetwork(ctx, "producer_net", &compute.NetworkArgs{
    			Name:                  pulumi.String("producer-net"),
    			AutoCreateSubnetworks: pulumi.Bool(false),
    		})
    		if err != nil {
    			return err
    		}
    		pscProducerSubnet, err := compute.NewSubnetwork(ctx, "psc_producer_subnet", &compute.SubnetworkArgs{
    			Name:        pulumi.String("producer-psc-net"),
    			IpCidrRange: pulumi.String("10.1.0.0/16"),
    			Region:      pulumi.String("us-central1"),
    			Purpose:     pulumi.String("PRIVATE_SERVICE_CONNECT"),
    			Network:     producerNet.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		producerSubnet, err := compute.NewSubnetwork(ctx, "producer_subnet", &compute.SubnetworkArgs{
    			Name:        pulumi.String("producer-net"),
    			IpCidrRange: pulumi.String("10.0.0.0/16"),
    			Region:      pulumi.String("us-central1"),
    			Network:     producerNet.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		producerServiceHealthCheck, err := compute.NewHealthCheck(ctx, "producer_service_health_check", &compute.HealthCheckArgs{
    			Name:             pulumi.String("producer-service-health-check"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    			TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
    				Port: pulumi.Int(80),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		producerServiceBackend, err := compute.NewRegionBackendService(ctx, "producer_service_backend", &compute.RegionBackendServiceArgs{
    			Name:         pulumi.String("producer-service-backend"),
    			Region:       pulumi.String("us-central1"),
    			HealthChecks: producerServiceHealthCheck.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		producerTargetService, err := compute.NewForwardingRule(ctx, "producer_target_service", &compute.ForwardingRuleArgs{
    			Name:                pulumi.String("producer-forwarding-rule"),
    			Region:              pulumi.String("us-central1"),
    			LoadBalancingScheme: pulumi.String("INTERNAL"),
    			BackendService:      producerServiceBackend.ID(),
    			AllPorts:            pulumi.Bool(true),
    			Network:             producerNet.Name,
    			Subnetwork:          producerSubnet.Name,
    		})
    		if err != nil {
    			return err
    		}
    		producerServiceAttachment, err := compute.NewServiceAttachment(ctx, "producer_service_attachment", &compute.ServiceAttachmentArgs{
    			Name:                 pulumi.String("producer-service"),
    			Region:               pulumi.String("us-central1"),
    			Description:          pulumi.String("A service attachment configured with Terraform"),
    			EnableProxyProtocol:  pulumi.Bool(true),
    			ConnectionPreference: pulumi.String("ACCEPT_AUTOMATIC"),
    			NatSubnets: pulumi.StringArray{
    				pscProducerSubnet.Name,
    			},
    			TargetService: producerTargetService.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		// Forwarding rule for VPC private service connect
    		_, err = compute.NewForwardingRule(ctx, "default", &compute.ForwardingRuleArgs{
    			Name:                 pulumi.String("psc-endpoint"),
    			Region:               pulumi.String("us-central1"),
    			LoadBalancingScheme:  pulumi.String(""),
    			Target:               producerServiceAttachment.ID(),
    			Network:              consumerNet.Name,
    			IpAddress:            consumerAddress.ID(),
    			AllowPscGlobalAccess: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        // Consumer service endpoint
        var consumerNet = new Gcp.Compute.Network("consumer_net", new()
        {
            Name = "consumer-net",
            AutoCreateSubnetworks = false,
        });
    
        var consumerSubnet = new Gcp.Compute.Subnetwork("consumer_subnet", new()
        {
            Name = "consumer-net",
            IpCidrRange = "10.0.0.0/16",
            Region = "us-central1",
            Network = consumerNet.Id,
        });
    
        var consumerAddress = new Gcp.Compute.Address("consumer_address", new()
        {
            Name = "website-ip-1",
            Region = "us-central1",
            Subnetwork = consumerSubnet.Id,
            AddressType = "INTERNAL",
        });
    
        // Producer service attachment
        var producerNet = new Gcp.Compute.Network("producer_net", new()
        {
            Name = "producer-net",
            AutoCreateSubnetworks = false,
        });
    
        var pscProducerSubnet = new Gcp.Compute.Subnetwork("psc_producer_subnet", new()
        {
            Name = "producer-psc-net",
            IpCidrRange = "10.1.0.0/16",
            Region = "us-central1",
            Purpose = "PRIVATE_SERVICE_CONNECT",
            Network = producerNet.Id,
        });
    
        var producerSubnet = new Gcp.Compute.Subnetwork("producer_subnet", new()
        {
            Name = "producer-net",
            IpCidrRange = "10.0.0.0/16",
            Region = "us-central1",
            Network = producerNet.Id,
        });
    
        var producerServiceHealthCheck = new Gcp.Compute.HealthCheck("producer_service_health_check", new()
        {
            Name = "producer-service-health-check",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
            TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
            {
                Port = 80,
            },
        });
    
        var producerServiceBackend = new Gcp.Compute.RegionBackendService("producer_service_backend", new()
        {
            Name = "producer-service-backend",
            Region = "us-central1",
            HealthChecks = producerServiceHealthCheck.Id,
        });
    
        var producerTargetService = new Gcp.Compute.ForwardingRule("producer_target_service", new()
        {
            Name = "producer-forwarding-rule",
            Region = "us-central1",
            LoadBalancingScheme = "INTERNAL",
            BackendService = producerServiceBackend.Id,
            AllPorts = true,
            Network = producerNet.Name,
            Subnetwork = producerSubnet.Name,
        });
    
        var producerServiceAttachment = new Gcp.Compute.ServiceAttachment("producer_service_attachment", new()
        {
            Name = "producer-service",
            Region = "us-central1",
            Description = "A service attachment configured with Terraform",
            EnableProxyProtocol = true,
            ConnectionPreference = "ACCEPT_AUTOMATIC",
            NatSubnets = new[]
            {
                pscProducerSubnet.Name,
            },
            TargetService = producerTargetService.Id,
        });
    
        // Forwarding rule for VPC private service connect
        var @default = new Gcp.Compute.ForwardingRule("default", new()
        {
            Name = "psc-endpoint",
            Region = "us-central1",
            LoadBalancingScheme = "",
            Target = producerServiceAttachment.Id,
            Network = consumerNet.Name,
            IpAddress = consumerAddress.Id,
            AllowPscGlobalAccess = true,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.Address;
    import com.pulumi.gcp.compute.AddressArgs;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
    import com.pulumi.gcp.compute.RegionBackendService;
    import com.pulumi.gcp.compute.RegionBackendServiceArgs;
    import com.pulumi.gcp.compute.ForwardingRule;
    import com.pulumi.gcp.compute.ForwardingRuleArgs;
    import com.pulumi.gcp.compute.ServiceAttachment;
    import com.pulumi.gcp.compute.ServiceAttachmentArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            // Consumer service endpoint
            var consumerNet = new Network("consumerNet", NetworkArgs.builder()
                .name("consumer-net")
                .autoCreateSubnetworks(false)
                .build());
    
            var consumerSubnet = new Subnetwork("consumerSubnet", SubnetworkArgs.builder()
                .name("consumer-net")
                .ipCidrRange("10.0.0.0/16")
                .region("us-central1")
                .network(consumerNet.id())
                .build());
    
            var consumerAddress = new Address("consumerAddress", AddressArgs.builder()
                .name("website-ip-1")
                .region("us-central1")
                .subnetwork(consumerSubnet.id())
                .addressType("INTERNAL")
                .build());
    
            // Producer service attachment
            var producerNet = new Network("producerNet", NetworkArgs.builder()
                .name("producer-net")
                .autoCreateSubnetworks(false)
                .build());
    
            var pscProducerSubnet = new Subnetwork("pscProducerSubnet", SubnetworkArgs.builder()
                .name("producer-psc-net")
                .ipCidrRange("10.1.0.0/16")
                .region("us-central1")
                .purpose("PRIVATE_SERVICE_CONNECT")
                .network(producerNet.id())
                .build());
    
            var producerSubnet = new Subnetwork("producerSubnet", SubnetworkArgs.builder()
                .name("producer-net")
                .ipCidrRange("10.0.0.0/16")
                .region("us-central1")
                .network(producerNet.id())
                .build());
    
            var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
                .name("producer-service-health-check")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                    .port("80")
                    .build())
                .build());
    
            var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
                .name("producer-service-backend")
                .region("us-central1")
                .healthChecks(producerServiceHealthCheck.id())
                .build());
    
            var producerTargetService = new ForwardingRule("producerTargetService", ForwardingRuleArgs.builder()
                .name("producer-forwarding-rule")
                .region("us-central1")
                .loadBalancingScheme("INTERNAL")
                .backendService(producerServiceBackend.id())
                .allPorts(true)
                .network(producerNet.name())
                .subnetwork(producerSubnet.name())
                .build());
    
            var producerServiceAttachment = new ServiceAttachment("producerServiceAttachment", ServiceAttachmentArgs.builder()
                .name("producer-service")
                .region("us-central1")
                .description("A service attachment configured with Terraform")
                .enableProxyProtocol(true)
                .connectionPreference("ACCEPT_AUTOMATIC")
                .natSubnets(pscProducerSubnet.name())
                .targetService(producerTargetService.id())
                .build());
    
            // Forwarding rule for VPC private service connect
            var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
                .name("psc-endpoint")
                .region("us-central1")
                .loadBalancingScheme("")
                .target(producerServiceAttachment.id())
                .network(consumerNet.name())
                .ipAddress(consumerAddress.id())
                .allowPscGlobalAccess(true)
                .build());
    
        }
    }
    
    resources:
      # Forwarding rule for VPC private service connect
      default:
        type: gcp:compute:ForwardingRule
        properties:
          name: psc-endpoint
          region: us-central1
          loadBalancingScheme:
          target: ${producerServiceAttachment.id}
          network: ${consumerNet.name}
          ipAddress: ${consumerAddress.id}
          allowPscGlobalAccess: true
      # Consumer service endpoint
      consumerNet:
        type: gcp:compute:Network
        name: consumer_net
        properties:
          name: consumer-net
          autoCreateSubnetworks: false
      consumerSubnet:
        type: gcp:compute:Subnetwork
        name: consumer_subnet
        properties:
          name: consumer-net
          ipCidrRange: 10.0.0.0/16
          region: us-central1
          network: ${consumerNet.id}
      consumerAddress:
        type: gcp:compute:Address
        name: consumer_address
        properties:
          name: website-ip-1
          region: us-central1
          subnetwork: ${consumerSubnet.id}
          addressType: INTERNAL
      # Producer service attachment
      producerNet:
        type: gcp:compute:Network
        name: producer_net
        properties:
          name: producer-net
          autoCreateSubnetworks: false
      producerSubnet:
        type: gcp:compute:Subnetwork
        name: producer_subnet
        properties:
          name: producer-net
          ipCidrRange: 10.0.0.0/16
          region: us-central1
          network: ${producerNet.id}
      pscProducerSubnet:
        type: gcp:compute:Subnetwork
        name: psc_producer_subnet
        properties:
          name: producer-psc-net
          ipCidrRange: 10.1.0.0/16
          region: us-central1
          purpose: PRIVATE_SERVICE_CONNECT
          network: ${producerNet.id}
      producerServiceAttachment:
        type: gcp:compute:ServiceAttachment
        name: producer_service_attachment
        properties:
          name: producer-service
          region: us-central1
          description: A service attachment configured with Terraform
          enableProxyProtocol: true
          connectionPreference: ACCEPT_AUTOMATIC
          natSubnets:
            - ${pscProducerSubnet.name}
          targetService: ${producerTargetService.id}
      producerTargetService:
        type: gcp:compute:ForwardingRule
        name: producer_target_service
        properties:
          name: producer-forwarding-rule
          region: us-central1
          loadBalancingScheme: INTERNAL
          backendService: ${producerServiceBackend.id}
          allPorts: true
          network: ${producerNet.name}
          subnetwork: ${producerSubnet.name}
      producerServiceBackend:
        type: gcp:compute:RegionBackendService
        name: producer_service_backend
        properties:
          name: producer-service-backend
          region: us-central1
          healthChecks: ${producerServiceHealthCheck.id}
      producerServiceHealthCheck:
        type: gcp:compute:HealthCheck
        name: producer_service_health_check
        properties:
          name: producer-service-health-check
          checkIntervalSec: 1
          timeoutSec: 1
          tcpHealthCheck:
            port: '80'
    

    Forwarding Rule Vpc Psc No Automate Dns

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const consumerNet = new gcp.compute.Network("consumer_net", {
        name: "consumer-net",
        autoCreateSubnetworks: false,
    });
    const consumerSubnet = new gcp.compute.Subnetwork("consumer_subnet", {
        name: "consumer-net",
        ipCidrRange: "10.0.0.0/16",
        region: "us-central1",
        network: consumerNet.id,
    });
    const consumerAddress = new gcp.compute.Address("consumer_address", {
        name: "website-ip-1",
        region: "us-central1",
        subnetwork: consumerSubnet.id,
        addressType: "INTERNAL",
    });
    const producerNet = new gcp.compute.Network("producer_net", {
        name: "producer-net",
        autoCreateSubnetworks: false,
    });
    const pscProducerSubnet = new gcp.compute.Subnetwork("psc_producer_subnet", {
        name: "producer-psc-net",
        ipCidrRange: "10.1.0.0/16",
        region: "us-central1",
        purpose: "PRIVATE_SERVICE_CONNECT",
        network: producerNet.id,
    });
    const producerSubnet = new gcp.compute.Subnetwork("producer_subnet", {
        name: "producer-net",
        ipCidrRange: "10.0.0.0/16",
        region: "us-central1",
        network: producerNet.id,
    });
    const producerServiceHealthCheck = new gcp.compute.HealthCheck("producer_service_health_check", {
        name: "producer-service-health-check",
        checkIntervalSec: 1,
        timeoutSec: 1,
        tcpHealthCheck: {
            port: 80,
        },
    });
    const producerServiceBackend = new gcp.compute.RegionBackendService("producer_service_backend", {
        name: "producer-service-backend",
        region: "us-central1",
        healthChecks: producerServiceHealthCheck.id,
    });
    const producerTargetService = new gcp.compute.ForwardingRule("producer_target_service", {
        name: "producer-forwarding-rule",
        region: "us-central1",
        loadBalancingScheme: "INTERNAL",
        backendService: producerServiceBackend.id,
        allPorts: true,
        network: producerNet.name,
        subnetwork: producerSubnet.name,
    });
    const producerServiceAttachment = new gcp.compute.ServiceAttachment("producer_service_attachment", {
        name: "producer-service",
        region: "us-central1",
        description: "A service attachment configured with Terraform",
        enableProxyProtocol: true,
        connectionPreference: "ACCEPT_AUTOMATIC",
        natSubnets: [pscProducerSubnet.name],
        targetService: producerTargetService.id,
    });
    const _default = new gcp.compute.ForwardingRule("default", {
        name: "psc-endpoint",
        region: "us-central1",
        loadBalancingScheme: "",
        target: producerServiceAttachment.id,
        network: consumerNet.name,
        ipAddress: consumerAddress.id,
        allowPscGlobalAccess: true,
        noAutomateDnsZone: true,
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    consumer_net = gcp.compute.Network("consumer_net",
        name="consumer-net",
        auto_create_subnetworks=False)
    consumer_subnet = gcp.compute.Subnetwork("consumer_subnet",
        name="consumer-net",
        ip_cidr_range="10.0.0.0/16",
        region="us-central1",
        network=consumer_net.id)
    consumer_address = gcp.compute.Address("consumer_address",
        name="website-ip-1",
        region="us-central1",
        subnetwork=consumer_subnet.id,
        address_type="INTERNAL")
    producer_net = gcp.compute.Network("producer_net",
        name="producer-net",
        auto_create_subnetworks=False)
    psc_producer_subnet = gcp.compute.Subnetwork("psc_producer_subnet",
        name="producer-psc-net",
        ip_cidr_range="10.1.0.0/16",
        region="us-central1",
        purpose="PRIVATE_SERVICE_CONNECT",
        network=producer_net.id)
    producer_subnet = gcp.compute.Subnetwork("producer_subnet",
        name="producer-net",
        ip_cidr_range="10.0.0.0/16",
        region="us-central1",
        network=producer_net.id)
    producer_service_health_check = gcp.compute.HealthCheck("producer_service_health_check",
        name="producer-service-health-check",
        check_interval_sec=1,
        timeout_sec=1,
        tcp_health_check={
            "port": 80,
        })
    producer_service_backend = gcp.compute.RegionBackendService("producer_service_backend",
        name="producer-service-backend",
        region="us-central1",
        health_checks=producer_service_health_check.id)
    producer_target_service = gcp.compute.ForwardingRule("producer_target_service",
        name="producer-forwarding-rule",
        region="us-central1",
        load_balancing_scheme="INTERNAL",
        backend_service=producer_service_backend.id,
        all_ports=True,
        network=producer_net.name,
        subnetwork=producer_subnet.name)
    producer_service_attachment = gcp.compute.ServiceAttachment("producer_service_attachment",
        name="producer-service",
        region="us-central1",
        description="A service attachment configured with Terraform",
        enable_proxy_protocol=True,
        connection_preference="ACCEPT_AUTOMATIC",
        nat_subnets=[psc_producer_subnet.name],
        target_service=producer_target_service.id)
    default = gcp.compute.ForwardingRule("default",
        name="psc-endpoint",
        region="us-central1",
        load_balancing_scheme="",
        target=producer_service_attachment.id,
        network=consumer_net.name,
        ip_address=consumer_address.id,
        allow_psc_global_access=True,
        no_automate_dns_zone=True)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		consumerNet, err := compute.NewNetwork(ctx, "consumer_net", &compute.NetworkArgs{
    			Name:                  pulumi.String("consumer-net"),
    			AutoCreateSubnetworks: pulumi.Bool(false),
    		})
    		if err != nil {
    			return err
    		}
    		consumerSubnet, err := compute.NewSubnetwork(ctx, "consumer_subnet", &compute.SubnetworkArgs{
    			Name:        pulumi.String("consumer-net"),
    			IpCidrRange: pulumi.String("10.0.0.0/16"),
    			Region:      pulumi.String("us-central1"),
    			Network:     consumerNet.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		consumerAddress, err := compute.NewAddress(ctx, "consumer_address", &compute.AddressArgs{
    			Name:        pulumi.String("website-ip-1"),
    			Region:      pulumi.String("us-central1"),
    			Subnetwork:  consumerSubnet.ID(),
    			AddressType: pulumi.String("INTERNAL"),
    		})
    		if err != nil {
    			return err
    		}
    		producerNet, err := compute.NewNetwork(ctx, "producer_net", &compute.NetworkArgs{
    			Name:                  pulumi.String("producer-net"),
    			AutoCreateSubnetworks: pulumi.Bool(false),
    		})
    		if err != nil {
    			return err
    		}
    		pscProducerSubnet, err := compute.NewSubnetwork(ctx, "psc_producer_subnet", &compute.SubnetworkArgs{
    			Name:        pulumi.String("producer-psc-net"),
    			IpCidrRange: pulumi.String("10.1.0.0/16"),
    			Region:      pulumi.String("us-central1"),
    			Purpose:     pulumi.String("PRIVATE_SERVICE_CONNECT"),
    			Network:     producerNet.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		producerSubnet, err := compute.NewSubnetwork(ctx, "producer_subnet", &compute.SubnetworkArgs{
    			Name:        pulumi.String("producer-net"),
    			IpCidrRange: pulumi.String("10.0.0.0/16"),
    			Region:      pulumi.String("us-central1"),
    			Network:     producerNet.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		producerServiceHealthCheck, err := compute.NewHealthCheck(ctx, "producer_service_health_check", &compute.HealthCheckArgs{
    			Name:             pulumi.String("producer-service-health-check"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    			TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
    				Port: pulumi.Int(80),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		producerServiceBackend, err := compute.NewRegionBackendService(ctx, "producer_service_backend", &compute.RegionBackendServiceArgs{
    			Name:         pulumi.String("producer-service-backend"),
    			Region:       pulumi.String("us-central1"),
    			HealthChecks: producerServiceHealthCheck.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		producerTargetService, err := compute.NewForwardingRule(ctx, "producer_target_service", &compute.ForwardingRuleArgs{
    			Name:                pulumi.String("producer-forwarding-rule"),
    			Region:              pulumi.String("us-central1"),
    			LoadBalancingScheme: pulumi.String("INTERNAL"),
    			BackendService:      producerServiceBackend.ID(),
    			AllPorts:            pulumi.Bool(true),
    			Network:             producerNet.Name,
    			Subnetwork:          producerSubnet.Name,
    		})
    		if err != nil {
    			return err
    		}
    		producerServiceAttachment, err := compute.NewServiceAttachment(ctx, "producer_service_attachment", &compute.ServiceAttachmentArgs{
    			Name:                 pulumi.String("producer-service"),
    			Region:               pulumi.String("us-central1"),
    			Description:          pulumi.String("A service attachment configured with Terraform"),
    			EnableProxyProtocol:  pulumi.Bool(true),
    			ConnectionPreference: pulumi.String("ACCEPT_AUTOMATIC"),
    			NatSubnets: pulumi.StringArray{
    				pscProducerSubnet.Name,
    			},
    			TargetService: producerTargetService.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewForwardingRule(ctx, "default", &compute.ForwardingRuleArgs{
    			Name:                 pulumi.String("psc-endpoint"),
    			Region:               pulumi.String("us-central1"),
    			LoadBalancingScheme:  pulumi.String(""),
    			Target:               producerServiceAttachment.ID(),
    			Network:              consumerNet.Name,
    			IpAddress:            consumerAddress.ID(),
    			AllowPscGlobalAccess: pulumi.Bool(true),
    			NoAutomateDnsZone:    pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var consumerNet = new Gcp.Compute.Network("consumer_net", new()
        {
            Name = "consumer-net",
            AutoCreateSubnetworks = false,
        });
    
        var consumerSubnet = new Gcp.Compute.Subnetwork("consumer_subnet", new()
        {
            Name = "consumer-net",
            IpCidrRange = "10.0.0.0/16",
            Region = "us-central1",
            Network = consumerNet.Id,
        });
    
        var consumerAddress = new Gcp.Compute.Address("consumer_address", new()
        {
            Name = "website-ip-1",
            Region = "us-central1",
            Subnetwork = consumerSubnet.Id,
            AddressType = "INTERNAL",
        });
    
        var producerNet = new Gcp.Compute.Network("producer_net", new()
        {
            Name = "producer-net",
            AutoCreateSubnetworks = false,
        });
    
        var pscProducerSubnet = new Gcp.Compute.Subnetwork("psc_producer_subnet", new()
        {
            Name = "producer-psc-net",
            IpCidrRange = "10.1.0.0/16",
            Region = "us-central1",
            Purpose = "PRIVATE_SERVICE_CONNECT",
            Network = producerNet.Id,
        });
    
        var producerSubnet = new Gcp.Compute.Subnetwork("producer_subnet", new()
        {
            Name = "producer-net",
            IpCidrRange = "10.0.0.0/16",
            Region = "us-central1",
            Network = producerNet.Id,
        });
    
        var producerServiceHealthCheck = new Gcp.Compute.HealthCheck("producer_service_health_check", new()
        {
            Name = "producer-service-health-check",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
            TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
            {
                Port = 80,
            },
        });
    
        var producerServiceBackend = new Gcp.Compute.RegionBackendService("producer_service_backend", new()
        {
            Name = "producer-service-backend",
            Region = "us-central1",
            HealthChecks = producerServiceHealthCheck.Id,
        });
    
        var producerTargetService = new Gcp.Compute.ForwardingRule("producer_target_service", new()
        {
            Name = "producer-forwarding-rule",
            Region = "us-central1",
            LoadBalancingScheme = "INTERNAL",
            BackendService = producerServiceBackend.Id,
            AllPorts = true,
            Network = producerNet.Name,
            Subnetwork = producerSubnet.Name,
        });
    
        var producerServiceAttachment = new Gcp.Compute.ServiceAttachment("producer_service_attachment", new()
        {
            Name = "producer-service",
            Region = "us-central1",
            Description = "A service attachment configured with Terraform",
            EnableProxyProtocol = true,
            ConnectionPreference = "ACCEPT_AUTOMATIC",
            NatSubnets = new[]
            {
                pscProducerSubnet.Name,
            },
            TargetService = producerTargetService.Id,
        });
    
        var @default = new Gcp.Compute.ForwardingRule("default", new()
        {
            Name = "psc-endpoint",
            Region = "us-central1",
            LoadBalancingScheme = "",
            Target = producerServiceAttachment.Id,
            Network = consumerNet.Name,
            IpAddress = consumerAddress.Id,
            AllowPscGlobalAccess = true,
            NoAutomateDnsZone = true,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.Address;
    import com.pulumi.gcp.compute.AddressArgs;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
    import com.pulumi.gcp.compute.RegionBackendService;
    import com.pulumi.gcp.compute.RegionBackendServiceArgs;
    import com.pulumi.gcp.compute.ForwardingRule;
    import com.pulumi.gcp.compute.ForwardingRuleArgs;
    import com.pulumi.gcp.compute.ServiceAttachment;
    import com.pulumi.gcp.compute.ServiceAttachmentArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var consumerNet = new Network("consumerNet", NetworkArgs.builder()
                .name("consumer-net")
                .autoCreateSubnetworks(false)
                .build());
    
            var consumerSubnet = new Subnetwork("consumerSubnet", SubnetworkArgs.builder()
                .name("consumer-net")
                .ipCidrRange("10.0.0.0/16")
                .region("us-central1")
                .network(consumerNet.id())
                .build());
    
            var consumerAddress = new Address("consumerAddress", AddressArgs.builder()
                .name("website-ip-1")
                .region("us-central1")
                .subnetwork(consumerSubnet.id())
                .addressType("INTERNAL")
                .build());
    
            var producerNet = new Network("producerNet", NetworkArgs.builder()
                .name("producer-net")
                .autoCreateSubnetworks(false)
                .build());
    
            var pscProducerSubnet = new Subnetwork("pscProducerSubnet", SubnetworkArgs.builder()
                .name("producer-psc-net")
                .ipCidrRange("10.1.0.0/16")
                .region("us-central1")
                .purpose("PRIVATE_SERVICE_CONNECT")
                .network(producerNet.id())
                .build());
    
            var producerSubnet = new Subnetwork("producerSubnet", SubnetworkArgs.builder()
                .name("producer-net")
                .ipCidrRange("10.0.0.0/16")
                .region("us-central1")
                .network(producerNet.id())
                .build());
    
            var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
                .name("producer-service-health-check")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                    .port("80")
                    .build())
                .build());
    
            var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
                .name("producer-service-backend")
                .region("us-central1")
                .healthChecks(producerServiceHealthCheck.id())
                .build());
    
            var producerTargetService = new ForwardingRule("producerTargetService", ForwardingRuleArgs.builder()
                .name("producer-forwarding-rule")
                .region("us-central1")
                .loadBalancingScheme("INTERNAL")
                .backendService(producerServiceBackend.id())
                .allPorts(true)
                .network(producerNet.name())
                .subnetwork(producerSubnet.name())
                .build());
    
            var producerServiceAttachment = new ServiceAttachment("producerServiceAttachment", ServiceAttachmentArgs.builder()
                .name("producer-service")
                .region("us-central1")
                .description("A service attachment configured with Terraform")
                .enableProxyProtocol(true)
                .connectionPreference("ACCEPT_AUTOMATIC")
                .natSubnets(pscProducerSubnet.name())
                .targetService(producerTargetService.id())
                .build());
    
            var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
                .name("psc-endpoint")
                .region("us-central1")
                .loadBalancingScheme("")
                .target(producerServiceAttachment.id())
                .network(consumerNet.name())
                .ipAddress(consumerAddress.id())
                .allowPscGlobalAccess(true)
                .noAutomateDnsZone(true)
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:ForwardingRule
        properties:
          name: psc-endpoint
          region: us-central1
          loadBalancingScheme:
          target: ${producerServiceAttachment.id}
          network: ${consumerNet.name}
          ipAddress: ${consumerAddress.id}
          allowPscGlobalAccess: true
          noAutomateDnsZone: true
      consumerNet:
        type: gcp:compute:Network
        name: consumer_net
        properties:
          name: consumer-net
          autoCreateSubnetworks: false
      consumerSubnet:
        type: gcp:compute:Subnetwork
        name: consumer_subnet
        properties:
          name: consumer-net
          ipCidrRange: 10.0.0.0/16
          region: us-central1
          network: ${consumerNet.id}
      consumerAddress:
        type: gcp:compute:Address
        name: consumer_address
        properties:
          name: website-ip-1
          region: us-central1
          subnetwork: ${consumerSubnet.id}
          addressType: INTERNAL
      producerNet:
        type: gcp:compute:Network
        name: producer_net
        properties:
          name: producer-net
          autoCreateSubnetworks: false
      producerSubnet:
        type: gcp:compute:Subnetwork
        name: producer_subnet
        properties:
          name: producer-net
          ipCidrRange: 10.0.0.0/16
          region: us-central1
          network: ${producerNet.id}
      pscProducerSubnet:
        type: gcp:compute:Subnetwork
        name: psc_producer_subnet
        properties:
          name: producer-psc-net
          ipCidrRange: 10.1.0.0/16
          region: us-central1
          purpose: PRIVATE_SERVICE_CONNECT
          network: ${producerNet.id}
      producerServiceAttachment:
        type: gcp:compute:ServiceAttachment
        name: producer_service_attachment
        properties:
          name: producer-service
          region: us-central1
          description: A service attachment configured with Terraform
          enableProxyProtocol: true
          connectionPreference: ACCEPT_AUTOMATIC
          natSubnets:
            - ${pscProducerSubnet.name}
          targetService: ${producerTargetService.id}
      producerTargetService:
        type: gcp:compute:ForwardingRule
        name: producer_target_service
        properties:
          name: producer-forwarding-rule
          region: us-central1
          loadBalancingScheme: INTERNAL
          backendService: ${producerServiceBackend.id}
          allPorts: true
          network: ${producerNet.name}
          subnetwork: ${producerSubnet.name}
      producerServiceBackend:
        type: gcp:compute:RegionBackendService
        name: producer_service_backend
        properties:
          name: producer-service-backend
          region: us-central1
          healthChecks: ${producerServiceHealthCheck.id}
      producerServiceHealthCheck:
        type: gcp:compute:HealthCheck
        name: producer_service_health_check
        properties:
          name: producer-service-health-check
          checkIntervalSec: 1
          timeoutSec: 1
          tcpHealthCheck:
            port: '80'
    

    Forwarding Rule Regional Steering

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const basic = new gcp.compute.Address("basic", {
        name: "website-ip",
        region: "us-central1",
    });
    const external = new gcp.compute.RegionBackendService("external", {
        name: "service-backend",
        region: "us-central1",
        loadBalancingScheme: "EXTERNAL",
    });
    const externalForwardingRule = new gcp.compute.ForwardingRule("external", {
        name: "external-forwarding-rule",
        region: "us-central1",
        ipAddress: basic.address,
        backendService: external.selfLink,
        loadBalancingScheme: "EXTERNAL",
    });
    const steering = new gcp.compute.ForwardingRule("steering", {
        name: "steering-rule",
        region: "us-central1",
        ipAddress: basic.address,
        backendService: external.selfLink,
        loadBalancingScheme: "EXTERNAL",
        sourceIpRanges: [
            "34.121.88.0/24",
            "35.187.239.137",
        ],
    }, {
        dependsOn: [externalForwardingRule],
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    basic = gcp.compute.Address("basic",
        name="website-ip",
        region="us-central1")
    external = gcp.compute.RegionBackendService("external",
        name="service-backend",
        region="us-central1",
        load_balancing_scheme="EXTERNAL")
    external_forwarding_rule = gcp.compute.ForwardingRule("external",
        name="external-forwarding-rule",
        region="us-central1",
        ip_address=basic.address,
        backend_service=external.self_link,
        load_balancing_scheme="EXTERNAL")
    steering = gcp.compute.ForwardingRule("steering",
        name="steering-rule",
        region="us-central1",
        ip_address=basic.address,
        backend_service=external.self_link,
        load_balancing_scheme="EXTERNAL",
        source_ip_ranges=[
            "34.121.88.0/24",
            "35.187.239.137",
        ],
        opts = pulumi.ResourceOptions(depends_on=[external_forwarding_rule]))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		basic, err := compute.NewAddress(ctx, "basic", &compute.AddressArgs{
    			Name:   pulumi.String("website-ip"),
    			Region: pulumi.String("us-central1"),
    		})
    		if err != nil {
    			return err
    		}
    		external, err := compute.NewRegionBackendService(ctx, "external", &compute.RegionBackendServiceArgs{
    			Name:                pulumi.String("service-backend"),
    			Region:              pulumi.String("us-central1"),
    			LoadBalancingScheme: pulumi.String("EXTERNAL"),
    		})
    		if err != nil {
    			return err
    		}
    		externalForwardingRule, err := compute.NewForwardingRule(ctx, "external", &compute.ForwardingRuleArgs{
    			Name:                pulumi.String("external-forwarding-rule"),
    			Region:              pulumi.String("us-central1"),
    			IpAddress:           basic.Address,
    			BackendService:      external.SelfLink,
    			LoadBalancingScheme: pulumi.String("EXTERNAL"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewForwardingRule(ctx, "steering", &compute.ForwardingRuleArgs{
    			Name:                pulumi.String("steering-rule"),
    			Region:              pulumi.String("us-central1"),
    			IpAddress:           basic.Address,
    			BackendService:      external.SelfLink,
    			LoadBalancingScheme: pulumi.String("EXTERNAL"),
    			SourceIpRanges: pulumi.StringArray{
    				pulumi.String("34.121.88.0/24"),
    				pulumi.String("35.187.239.137"),
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			externalForwardingRule,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var basic = new Gcp.Compute.Address("basic", new()
        {
            Name = "website-ip",
            Region = "us-central1",
        });
    
        var external = new Gcp.Compute.RegionBackendService("external", new()
        {
            Name = "service-backend",
            Region = "us-central1",
            LoadBalancingScheme = "EXTERNAL",
        });
    
        var externalForwardingRule = new Gcp.Compute.ForwardingRule("external", new()
        {
            Name = "external-forwarding-rule",
            Region = "us-central1",
            IpAddress = basic.IPAddress,
            BackendService = external.SelfLink,
            LoadBalancingScheme = "EXTERNAL",
        });
    
        var steering = new Gcp.Compute.ForwardingRule("steering", new()
        {
            Name = "steering-rule",
            Region = "us-central1",
            IpAddress = basic.IPAddress,
            BackendService = external.SelfLink,
            LoadBalancingScheme = "EXTERNAL",
            SourceIpRanges = new[]
            {
                "34.121.88.0/24",
                "35.187.239.137",
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                externalForwardingRule,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.Address;
    import com.pulumi.gcp.compute.AddressArgs;
    import com.pulumi.gcp.compute.RegionBackendService;
    import com.pulumi.gcp.compute.RegionBackendServiceArgs;
    import com.pulumi.gcp.compute.ForwardingRule;
    import com.pulumi.gcp.compute.ForwardingRuleArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var basic = new Address("basic", AddressArgs.builder()
                .name("website-ip")
                .region("us-central1")
                .build());
    
            var external = new RegionBackendService("external", RegionBackendServiceArgs.builder()
                .name("service-backend")
                .region("us-central1")
                .loadBalancingScheme("EXTERNAL")
                .build());
    
            var externalForwardingRule = new ForwardingRule("externalForwardingRule", ForwardingRuleArgs.builder()
                .name("external-forwarding-rule")
                .region("us-central1")
                .ipAddress(basic.address())
                .backendService(external.selfLink())
                .loadBalancingScheme("EXTERNAL")
                .build());
    
            var steering = new ForwardingRule("steering", ForwardingRuleArgs.builder()
                .name("steering-rule")
                .region("us-central1")
                .ipAddress(basic.address())
                .backendService(external.selfLink())
                .loadBalancingScheme("EXTERNAL")
                .sourceIpRanges(            
                    "34.121.88.0/24",
                    "35.187.239.137")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(externalForwardingRule)
                    .build());
    
        }
    }
    
    resources:
      steering:
        type: gcp:compute:ForwardingRule
        properties:
          name: steering-rule
          region: us-central1
          ipAddress: ${basic.address}
          backendService: ${external.selfLink}
          loadBalancingScheme: EXTERNAL
          sourceIpRanges:
            - 34.121.88.0/24
            - 35.187.239.137
        options:
          dependson:
            - ${externalForwardingRule}
      basic:
        type: gcp:compute:Address
        properties:
          name: website-ip
          region: us-central1
      external:
        type: gcp:compute:RegionBackendService
        properties:
          name: service-backend
          region: us-central1
          loadBalancingScheme: EXTERNAL
      externalForwardingRule:
        type: gcp:compute:ForwardingRule
        name: external
        properties:
          name: external-forwarding-rule
          region: us-central1
          ipAddress: ${basic.address}
          backendService: ${external.selfLink}
          loadBalancingScheme: EXTERNAL
    

    Forwarding Rule Internallb Ipv6

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const hc = new gcp.compute.HealthCheck("hc", {
        name: "check-ilb-ipv6-backend",
        checkIntervalSec: 1,
        timeoutSec: 1,
        tcpHealthCheck: {
            port: 80,
        },
    });
    const backend = new gcp.compute.RegionBackendService("backend", {
        name: "ilb-ipv6-backend",
        region: "us-central1",
        healthChecks: hc.id,
    });
    const defaultNetwork = new gcp.compute.Network("default", {
        name: "net-ipv6",
        autoCreateSubnetworks: false,
        enableUlaInternalIpv6: true,
    });
    const defaultSubnetwork = new gcp.compute.Subnetwork("default", {
        name: "subnet-internal-ipv6",
        ipCidrRange: "10.0.0.0/16",
        region: "us-central1",
        stackType: "IPV4_IPV6",
        ipv6AccessType: "INTERNAL",
        network: defaultNetwork.id,
    });
    // Forwarding rule for Internal Load Balancing
    const _default = new gcp.compute.ForwardingRule("default", {
        name: "ilb-ipv6-forwarding-rule",
        region: "us-central1",
        loadBalancingScheme: "INTERNAL",
        backendService: backend.id,
        allPorts: true,
        network: defaultNetwork.name,
        subnetwork: defaultSubnetwork.name,
        ipVersion: "IPV6",
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    hc = gcp.compute.HealthCheck("hc",
        name="check-ilb-ipv6-backend",
        check_interval_sec=1,
        timeout_sec=1,
        tcp_health_check={
            "port": 80,
        })
    backend = gcp.compute.RegionBackendService("backend",
        name="ilb-ipv6-backend",
        region="us-central1",
        health_checks=hc.id)
    default_network = gcp.compute.Network("default",
        name="net-ipv6",
        auto_create_subnetworks=False,
        enable_ula_internal_ipv6=True)
    default_subnetwork = gcp.compute.Subnetwork("default",
        name="subnet-internal-ipv6",
        ip_cidr_range="10.0.0.0/16",
        region="us-central1",
        stack_type="IPV4_IPV6",
        ipv6_access_type="INTERNAL",
        network=default_network.id)
    # Forwarding rule for Internal Load Balancing
    default = gcp.compute.ForwardingRule("default",
        name="ilb-ipv6-forwarding-rule",
        region="us-central1",
        load_balancing_scheme="INTERNAL",
        backend_service=backend.id,
        all_ports=True,
        network=default_network.name,
        subnetwork=default_subnetwork.name,
        ip_version="IPV6")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		hc, err := compute.NewHealthCheck(ctx, "hc", &compute.HealthCheckArgs{
    			Name:             pulumi.String("check-ilb-ipv6-backend"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    			TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
    				Port: pulumi.Int(80),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		backend, err := compute.NewRegionBackendService(ctx, "backend", &compute.RegionBackendServiceArgs{
    			Name:         pulumi.String("ilb-ipv6-backend"),
    			Region:       pulumi.String("us-central1"),
    			HealthChecks: hc.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultNetwork, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
    			Name:                  pulumi.String("net-ipv6"),
    			AutoCreateSubnetworks: pulumi.Bool(false),
    			EnableUlaInternalIpv6: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{
    			Name:           pulumi.String("subnet-internal-ipv6"),
    			IpCidrRange:    pulumi.String("10.0.0.0/16"),
    			Region:         pulumi.String("us-central1"),
    			StackType:      pulumi.String("IPV4_IPV6"),
    			Ipv6AccessType: pulumi.String("INTERNAL"),
    			Network:        defaultNetwork.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		// Forwarding rule for Internal Load Balancing
    		_, err = compute.NewForwardingRule(ctx, "default", &compute.ForwardingRuleArgs{
    			Name:                pulumi.String("ilb-ipv6-forwarding-rule"),
    			Region:              pulumi.String("us-central1"),
    			LoadBalancingScheme: pulumi.String("INTERNAL"),
    			BackendService:      backend.ID(),
    			AllPorts:            pulumi.Bool(true),
    			Network:             defaultNetwork.Name,
    			Subnetwork:          defaultSubnetwork.Name,
    			IpVersion:           pulumi.String("IPV6"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var hc = new Gcp.Compute.HealthCheck("hc", new()
        {
            Name = "check-ilb-ipv6-backend",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
            TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
            {
                Port = 80,
            },
        });
    
        var backend = new Gcp.Compute.RegionBackendService("backend", new()
        {
            Name = "ilb-ipv6-backend",
            Region = "us-central1",
            HealthChecks = hc.Id,
        });
    
        var defaultNetwork = new Gcp.Compute.Network("default", new()
        {
            Name = "net-ipv6",
            AutoCreateSubnetworks = false,
            EnableUlaInternalIpv6 = true,
        });
    
        var defaultSubnetwork = new Gcp.Compute.Subnetwork("default", new()
        {
            Name = "subnet-internal-ipv6",
            IpCidrRange = "10.0.0.0/16",
            Region = "us-central1",
            StackType = "IPV4_IPV6",
            Ipv6AccessType = "INTERNAL",
            Network = defaultNetwork.Id,
        });
    
        // Forwarding rule for Internal Load Balancing
        var @default = new Gcp.Compute.ForwardingRule("default", new()
        {
            Name = "ilb-ipv6-forwarding-rule",
            Region = "us-central1",
            LoadBalancingScheme = "INTERNAL",
            BackendService = backend.Id,
            AllPorts = true,
            Network = defaultNetwork.Name,
            Subnetwork = defaultSubnetwork.Name,
            IpVersion = "IPV6",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
    import com.pulumi.gcp.compute.RegionBackendService;
    import com.pulumi.gcp.compute.RegionBackendServiceArgs;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.ForwardingRule;
    import com.pulumi.gcp.compute.ForwardingRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var hc = new HealthCheck("hc", HealthCheckArgs.builder()
                .name("check-ilb-ipv6-backend")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                    .port("80")
                    .build())
                .build());
    
            var backend = new RegionBackendService("backend", RegionBackendServiceArgs.builder()
                .name("ilb-ipv6-backend")
                .region("us-central1")
                .healthChecks(hc.id())
                .build());
    
            var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
                .name("net-ipv6")
                .autoCreateSubnetworks(false)
                .enableUlaInternalIpv6(true)
                .build());
    
            var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
                .name("subnet-internal-ipv6")
                .ipCidrRange("10.0.0.0/16")
                .region("us-central1")
                .stackType("IPV4_IPV6")
                .ipv6AccessType("INTERNAL")
                .network(defaultNetwork.id())
                .build());
    
            // Forwarding rule for Internal Load Balancing
            var default_ = new ForwardingRule("default", ForwardingRuleArgs.builder()
                .name("ilb-ipv6-forwarding-rule")
                .region("us-central1")
                .loadBalancingScheme("INTERNAL")
                .backendService(backend.id())
                .allPorts(true)
                .network(defaultNetwork.name())
                .subnetwork(defaultSubnetwork.name())
                .ipVersion("IPV6")
                .build());
    
        }
    }
    
    resources:
      # Forwarding rule for Internal Load Balancing
      default:
        type: gcp:compute:ForwardingRule
        properties:
          name: ilb-ipv6-forwarding-rule
          region: us-central1
          loadBalancingScheme: INTERNAL
          backendService: ${backend.id}
          allPorts: true
          network: ${defaultNetwork.name}
          subnetwork: ${defaultSubnetwork.name}
          ipVersion: IPV6
      backend:
        type: gcp:compute:RegionBackendService
        properties:
          name: ilb-ipv6-backend
          region: us-central1
          healthChecks: ${hc.id}
      hc:
        type: gcp:compute:HealthCheck
        properties:
          name: check-ilb-ipv6-backend
          checkIntervalSec: 1
          timeoutSec: 1
          tcpHealthCheck:
            port: '80'
      defaultNetwork:
        type: gcp:compute:Network
        name: default
        properties:
          name: net-ipv6
          autoCreateSubnetworks: false
          enableUlaInternalIpv6: true
      defaultSubnetwork:
        type: gcp:compute:Subnetwork
        name: default
        properties:
          name: subnet-internal-ipv6
          ipCidrRange: 10.0.0.0/16
          region: us-central1
          stackType: IPV4_IPV6
          ipv6AccessType: INTERNAL
          network: ${defaultNetwork.id}
    

    Create ForwardingRule Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new ForwardingRule(name: string, args?: ForwardingRuleArgs, opts?: CustomResourceOptions);
    @overload
    def ForwardingRule(resource_name: str,
                       args: Optional[ForwardingRuleArgs] = None,
                       opts: Optional[ResourceOptions] = None)
    
    @overload
    def ForwardingRule(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       all_ports: Optional[bool] = None,
                       allow_global_access: Optional[bool] = None,
                       allow_psc_global_access: Optional[bool] = None,
                       backend_service: Optional[str] = None,
                       description: Optional[str] = None,
                       ip_address: Optional[str] = None,
                       ip_protocol: Optional[str] = None,
                       ip_version: Optional[str] = None,
                       is_mirroring_collector: Optional[bool] = None,
                       labels: Optional[Mapping[str, str]] = None,
                       load_balancing_scheme: Optional[str] = None,
                       name: Optional[str] = None,
                       network: Optional[str] = None,
                       network_tier: Optional[str] = None,
                       no_automate_dns_zone: Optional[bool] = None,
                       port_range: Optional[str] = None,
                       ports: Optional[Sequence[str]] = None,
                       project: Optional[str] = None,
                       recreate_closed_psc: Optional[bool] = None,
                       region: Optional[str] = None,
                       service_directory_registrations: Optional[ForwardingRuleServiceDirectoryRegistrationsArgs] = None,
                       service_label: Optional[str] = None,
                       source_ip_ranges: Optional[Sequence[str]] = None,
                       subnetwork: Optional[str] = None,
                       target: Optional[str] = None)
    func NewForwardingRule(ctx *Context, name string, args *ForwardingRuleArgs, opts ...ResourceOption) (*ForwardingRule, error)
    public ForwardingRule(string name, ForwardingRuleArgs? args = null, CustomResourceOptions? opts = null)
    public ForwardingRule(String name, ForwardingRuleArgs args)
    public ForwardingRule(String name, ForwardingRuleArgs args, CustomResourceOptions options)
    
    type: gcp:compute:ForwardingRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ForwardingRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ForwardingRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ForwardingRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ForwardingRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ForwardingRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var forwardingRuleResource = new Gcp.Compute.ForwardingRule("forwardingRuleResource", new()
    {
        AllPorts = false,
        AllowGlobalAccess = false,
        AllowPscGlobalAccess = false,
        BackendService = "string",
        Description = "string",
        IpAddress = "string",
        IpProtocol = "string",
        IpVersion = "string",
        IsMirroringCollector = false,
        Labels = 
        {
            { "string", "string" },
        },
        LoadBalancingScheme = "string",
        Name = "string",
        Network = "string",
        NetworkTier = "string",
        NoAutomateDnsZone = false,
        PortRange = "string",
        Ports = new[]
        {
            "string",
        },
        Project = "string",
        RecreateClosedPsc = false,
        Region = "string",
        ServiceDirectoryRegistrations = new Gcp.Compute.Inputs.ForwardingRuleServiceDirectoryRegistrationsArgs
        {
            Namespace = "string",
            Service = "string",
        },
        ServiceLabel = "string",
        SourceIpRanges = new[]
        {
            "string",
        },
        Subnetwork = "string",
        Target = "string",
    });
    
    example, err := compute.NewForwardingRule(ctx, "forwardingRuleResource", &compute.ForwardingRuleArgs{
    	AllPorts:             pulumi.Bool(false),
    	AllowGlobalAccess:    pulumi.Bool(false),
    	AllowPscGlobalAccess: pulumi.Bool(false),
    	BackendService:       pulumi.String("string"),
    	Description:          pulumi.String("string"),
    	IpAddress:            pulumi.String("string"),
    	IpProtocol:           pulumi.String("string"),
    	IpVersion:            pulumi.String("string"),
    	IsMirroringCollector: pulumi.Bool(false),
    	Labels: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	LoadBalancingScheme: pulumi.String("string"),
    	Name:                pulumi.String("string"),
    	Network:             pulumi.String("string"),
    	NetworkTier:         pulumi.String("string"),
    	NoAutomateDnsZone:   pulumi.Bool(false),
    	PortRange:           pulumi.String("string"),
    	Ports: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Project:           pulumi.String("string"),
    	RecreateClosedPsc: pulumi.Bool(false),
    	Region:            pulumi.String("string"),
    	ServiceDirectoryRegistrations: &compute.ForwardingRuleServiceDirectoryRegistrationsArgs{
    		Namespace: pulumi.String("string"),
    		Service:   pulumi.String("string"),
    	},
    	ServiceLabel: pulumi.String("string"),
    	SourceIpRanges: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Subnetwork: pulumi.String("string"),
    	Target:     pulumi.String("string"),
    })
    
    var forwardingRuleResource = new ForwardingRule("forwardingRuleResource", ForwardingRuleArgs.builder()
        .allPorts(false)
        .allowGlobalAccess(false)
        .allowPscGlobalAccess(false)
        .backendService("string")
        .description("string")
        .ipAddress("string")
        .ipProtocol("string")
        .ipVersion("string")
        .isMirroringCollector(false)
        .labels(Map.of("string", "string"))
        .loadBalancingScheme("string")
        .name("string")
        .network("string")
        .networkTier("string")
        .noAutomateDnsZone(false)
        .portRange("string")
        .ports("string")
        .project("string")
        .recreateClosedPsc(false)
        .region("string")
        .serviceDirectoryRegistrations(ForwardingRuleServiceDirectoryRegistrationsArgs.builder()
            .namespace("string")
            .service("string")
            .build())
        .serviceLabel("string")
        .sourceIpRanges("string")
        .subnetwork("string")
        .target("string")
        .build());
    
    forwarding_rule_resource = gcp.compute.ForwardingRule("forwardingRuleResource",
        all_ports=False,
        allow_global_access=False,
        allow_psc_global_access=False,
        backend_service="string",
        description="string",
        ip_address="string",
        ip_protocol="string",
        ip_version="string",
        is_mirroring_collector=False,
        labels={
            "string": "string",
        },
        load_balancing_scheme="string",
        name="string",
        network="string",
        network_tier="string",
        no_automate_dns_zone=False,
        port_range="string",
        ports=["string"],
        project="string",
        recreate_closed_psc=False,
        region="string",
        service_directory_registrations={
            "namespace": "string",
            "service": "string",
        },
        service_label="string",
        source_ip_ranges=["string"],
        subnetwork="string",
        target="string")
    
    const forwardingRuleResource = new gcp.compute.ForwardingRule("forwardingRuleResource", {
        allPorts: false,
        allowGlobalAccess: false,
        allowPscGlobalAccess: false,
        backendService: "string",
        description: "string",
        ipAddress: "string",
        ipProtocol: "string",
        ipVersion: "string",
        isMirroringCollector: false,
        labels: {
            string: "string",
        },
        loadBalancingScheme: "string",
        name: "string",
        network: "string",
        networkTier: "string",
        noAutomateDnsZone: false,
        portRange: "string",
        ports: ["string"],
        project: "string",
        recreateClosedPsc: false,
        region: "string",
        serviceDirectoryRegistrations: {
            namespace: "string",
            service: "string",
        },
        serviceLabel: "string",
        sourceIpRanges: ["string"],
        subnetwork: "string",
        target: "string",
    });
    
    type: gcp:compute:ForwardingRule
    properties:
        allPorts: false
        allowGlobalAccess: false
        allowPscGlobalAccess: false
        backendService: string
        description: string
        ipAddress: string
        ipProtocol: string
        ipVersion: string
        isMirroringCollector: false
        labels:
            string: string
        loadBalancingScheme: string
        name: string
        network: string
        networkTier: string
        noAutomateDnsZone: false
        portRange: string
        ports:
            - string
        project: string
        recreateClosedPsc: false
        region: string
        serviceDirectoryRegistrations:
            namespace: string
            service: string
        serviceLabel: string
        sourceIpRanges:
            - string
        subnetwork: string
        target: string
    

    ForwardingRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The ForwardingRule resource accepts the following input properties:

    AllPorts bool
    The ports, portRange, and allPorts fields are mutually exclusive. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The allPorts field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, SCTP, or L3_DEFAULT.
    • It's applicable only to the following products: internal passthrough Network Load Balancers, backend service-based external passthrough Network Load Balancers, and internal and external protocol forwarding.
    • Set this field to true to allow packets addressed to any port or packets lacking destination port information (for example, UDP fragments after the first fragment) to be forwarded to the backends configured with this forwarding rule. The L3_DEFAULT protocol requires allPorts be set to true.
    AllowGlobalAccess bool
    This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
    AllowPscGlobalAccess bool
    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.
    BackendService string
    Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
    Description string
    An optional description of this resource. Provide this property when you create the resource.
    IpAddress string
    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target or backendService. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress. Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:
    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name The forwarding rule's target or backendService, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.
    IpProtocol string
    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. A Forwarding Rule with protocol L3_DEFAULT can attach with target instance or backend service with UNSPECIFIED protocol. A forwarding rule with "L3_DEFAULT" IPProtocal cannot be attached to a backend service with TCP or UDP. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP, L3_DEFAULT.
    IpVersion string
    The IP address version that will be used by this forwarding rule. Valid options are IPV4 and IPV6. If not set, the IPv4 address will be used by default. Possible values are: IPV4, IPV6.
    IsMirroringCollector bool
    Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBal