1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. compute
  5. GlobalForwardingRule
Google Cloud Classic v7.2.2 published on Monday, Jan 1, 0001 by Pulumi

gcp.compute.GlobalForwardingRule

Explore with Pulumi AI

gcp logo
Google Cloud Classic v7.2.2 published on Monday, Jan 1, 0001 by Pulumi

    Represents a GlobalForwardingRule resource. Global forwarding rules are used to forward traffic to the correct load balancer for HTTP load balancing. Global forwarding rules can only be used for HTTP load balancing.

    For more information, see https://cloud.google.com/compute/docs/load-balancing/http/

    Example Usage

    External Ssl Proxy Lb Mig Backend

    Coming soon!

    Coming soon!

    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.GlobalAddress;
    import com.pulumi.tls.PrivateKey;
    import com.pulumi.tls.PrivateKeyArgs;
    import com.pulumi.tls.SelfSignedCert;
    import com.pulumi.tls.SelfSignedCertArgs;
    import com.pulumi.tls.inputs.SelfSignedCertSubjectArgs;
    import com.pulumi.gcp.compute.SSLCertificate;
    import com.pulumi.gcp.compute.SSLCertificateArgs;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
    import com.pulumi.gcp.compute.InstanceTemplate;
    import com.pulumi.gcp.compute.InstanceTemplateArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
    import com.pulumi.gcp.compute.InstanceGroupManager;
    import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
    import com.pulumi.gcp.compute.inputs.InstanceGroupManagerNamedPortArgs;
    import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
    import com.pulumi.gcp.compute.TargetSSLProxy;
    import com.pulumi.gcp.compute.TargetSSLProxyArgs;
    import com.pulumi.gcp.compute.GlobalForwardingRule;
    import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
    import com.pulumi.gcp.compute.Firewall;
    import com.pulumi.gcp.compute.FirewallArgs;
    import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()        
                .autoCreateSubnetworks(false)
                .build(), CustomResourceOptions.builder()
                    .provider(google)
                    .build());
    
            var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()        
                .ipCidrRange("10.0.1.0/24")
                .region("us-central1")
                .network(defaultNetwork.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google)
                    .build());
    
            var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress");
    
            var defaultPrivateKey = new PrivateKey("defaultPrivateKey", PrivateKeyArgs.builder()        
                .algorithm("RSA")
                .rsaBits(2048)
                .build());
    
            var defaultSelfSignedCert = new SelfSignedCert("defaultSelfSignedCert", SelfSignedCertArgs.builder()        
                .keyAlgorithm(defaultPrivateKey.algorithm())
                .privateKeyPem(defaultPrivateKey.privateKeyPem())
                .validityPeriodHours(12)
                .earlyRenewalHours(3)
                .allowedUses(            
                    "key_encipherment",
                    "digital_signature",
                    "server_auth")
                .dnsNames("example.com")
                .subject(SelfSignedCertSubjectArgs.builder()
                    .commonName("example.com")
                    .organization("ACME Examples, Inc")
                    .build())
                .build());
    
            var defaultSSLCertificate = new SSLCertificate("defaultSSLCertificate", SSLCertificateArgs.builder()        
                .privateKey(defaultPrivateKey.privateKeyPem())
                .certificate(defaultSelfSignedCert.certPem())
                .build());
    
            var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()        
                .timeoutSec(1)
                .checkIntervalSec(1)
                .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                    .port("443")
                    .build())
                .build());
    
            var defaultInstanceTemplate = new InstanceTemplate("defaultInstanceTemplate", InstanceTemplateArgs.builder()        
                .machineType("e2-small")
                .tags("allow-health-check")
                .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
                    .network(defaultNetwork.id())
                    .subnetwork(defaultSubnetwork.id())
                    .accessConfigs()
                    .build())
                .disks(InstanceTemplateDiskArgs.builder()
                    .sourceImage("debian-cloud/debian-10")
                    .autoDelete(true)
                    .boot(true)
                    .build())
                .metadata(Map.of("startup-script", """
    #! /bin/bash
    set -euo pipefail
    export DEBIAN_FRONTEND=noninteractive
    sudo apt-get update
    sudo apt-get install  -y apache2 jq
    sudo a2ensite default-ssl
    sudo a2enmod ssl
    sudo service apache2 restart
    NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
    IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
    METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
    cat <<EOF > /var/www/html/index.html
    <h1>SSL Load Balancer</h1>
    <pre>
    Name: $NAME
    IP: $IP
    Metadata: $METADATA
    </pre>
    EOF
                """))
                .build(), CustomResourceOptions.builder()
                    .provider(google)
                    .build());
    
            var defaultInstanceGroupManager = new InstanceGroupManager("defaultInstanceGroupManager", InstanceGroupManagerArgs.builder()        
                .zone("us-central1-c")
                .namedPorts(InstanceGroupManagerNamedPortArgs.builder()
                    .name("tcp")
                    .port(443)
                    .build())
                .versions(InstanceGroupManagerVersionArgs.builder()
                    .instanceTemplate(defaultInstanceTemplate.id())
                    .name("primary")
                    .build())
                .baseInstanceName("vm")
                .targetSize(2)
                .build(), CustomResourceOptions.builder()
                    .provider(google)
                    .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()        
                .protocol("SSL")
                .portName("tcp")
                .loadBalancingScheme("EXTERNAL")
                .timeoutSec(10)
                .healthChecks(defaultHealthCheck.id())
                .backends(BackendServiceBackendArgs.builder()
                    .group(defaultInstanceGroupManager.instanceGroup())
                    .balancingMode("UTILIZATION")
                    .maxUtilization(1)
                    .capacityScaler(1)
                    .build())
                .build());
    
            var defaultTargetSSLProxy = new TargetSSLProxy("defaultTargetSSLProxy", TargetSSLProxyArgs.builder()        
                .backendService(defaultBackendService.id())
                .sslCertificates(defaultSSLCertificate.id())
                .build());
    
            var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()        
                .ipProtocol("TCP")
                .loadBalancingScheme("EXTERNAL")
                .portRange("443")
                .target(defaultTargetSSLProxy.id())
                .ipAddress(defaultGlobalAddress.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google)
                    .build());
    
            var defaultFirewall = new Firewall("defaultFirewall", FirewallArgs.builder()        
                .direction("INGRESS")
                .network(defaultNetwork.id())
                .sourceRanges(            
                    "130.211.0.0/22",
                    "35.191.0.0/16")
                .allows(FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .build())
                .targetTags("allow-health-check")
                .build(), CustomResourceOptions.builder()
                    .provider(google)
                    .build());
    
        }
    }
    

    Coming soon!

    Coming soon!

    resources:
      # External SSL proxy load balancer with managed instance group backend
    
      # VPC
      defaultNetwork:
        type: gcp:compute:Network
        properties:
          autoCreateSubnetworks: false
        options:
          provider: ${google}
      # backend subnet
      defaultSubnetwork:
        type: gcp:compute:Subnetwork
        properties:
          ipCidrRange: 10.0.1.0/24
          region: us-central1
          network: ${defaultNetwork.id}
        options:
          provider: ${google}
      # reserved IP address
      defaultGlobalAddress:
        type: gcp:compute:GlobalAddress
      # Self-signed regional SSL certificate for testing
      defaultPrivateKey:
        type: tls:PrivateKey
        properties:
          algorithm: RSA
          rsaBits: 2048
      defaultSelfSignedCert:
        type: tls:SelfSignedCert
        properties:
          keyAlgorithm: ${defaultPrivateKey.algorithm}
          privateKeyPem: ${defaultPrivateKey.privateKeyPem}
          # Certificate expires after 12 hours.
          validityPeriodHours: 12
          # Generate a new certificate if Terraform is run within three
          #   # hours of the certificate's expiration time.
          earlyRenewalHours: 3
          # Reasonable set of uses for a server SSL certificate.
          allowedUses:
            - key_encipherment
            - digital_signature
            - server_auth
          dnsNames:
            - example.com
          subject:
            commonName: example.com
            organization: ACME Examples, Inc
      defaultSSLCertificate:
        type: gcp:compute:SSLCertificate
        properties:
          privateKey: ${defaultPrivateKey.privateKeyPem}
          certificate: ${defaultSelfSignedCert.certPem}
      defaultTargetSSLProxy:
        type: gcp:compute:TargetSSLProxy
        properties:
          backendService: ${defaultBackendService.id}
          sslCertificates:
            - ${defaultSSLCertificate.id}
      # forwarding rule
      defaultGlobalForwardingRule:
        type: gcp:compute:GlobalForwardingRule
        properties:
          ipProtocol: TCP
          loadBalancingScheme: EXTERNAL
          portRange: '443'
          target: ${defaultTargetSSLProxy.id}
          ipAddress: ${defaultGlobalAddress.id}
        options:
          provider: ${google}
      # backend service
      defaultBackendService:
        type: gcp:compute:BackendService
        properties:
          protocol: SSL
          portName: tcp
          loadBalancingScheme: EXTERNAL
          timeoutSec: 10
          healthChecks:
            - ${defaultHealthCheck.id}
          backends:
            - group: ${defaultInstanceGroupManager.instanceGroup}
              balancingMode: UTILIZATION
              maxUtilization: 1
              capacityScaler: 1
      defaultHealthCheck:
        type: gcp:compute:HealthCheck
        properties:
          timeoutSec: 1
          checkIntervalSec: 1
          tcpHealthCheck:
            port: '443'
      # instance template
      defaultInstanceTemplate:
        type: gcp:compute:InstanceTemplate
        properties:
          machineType: e2-small
          tags:
            - allow-health-check
          networkInterfaces:
            - network: ${defaultNetwork.id}
              subnetwork: ${defaultSubnetwork.id}
              accessConfigs:
                - {}
          disks:
            - sourceImage: debian-cloud/debian-10
              autoDelete: true
              boot: true
          # install nginx and serve a simple web page
          metadata:
            startup-script: |
              #! /bin/bash
              set -euo pipefail
              export DEBIAN_FRONTEND=noninteractive
              sudo apt-get update
              sudo apt-get install  -y apache2 jq
              sudo a2ensite default-ssl
              sudo a2enmod ssl
              sudo service apache2 restart
              NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
              IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
              METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
              cat <<EOF > /var/www/html/index.html
              <h1>SSL Load Balancer</h1>
              <pre>
              Name: $NAME
              IP: $IP
              Metadata: $METADATA
              </pre>
              EOF          
        options:
          provider: ${google}
      # MIG
      defaultInstanceGroupManager:
        type: gcp:compute:InstanceGroupManager
        properties:
          zone: us-central1-c
          namedPorts:
            - name: tcp
              port: 443
          versions:
            - instanceTemplate: ${defaultInstanceTemplate.id}
              name: primary
          baseInstanceName: vm
          targetSize: 2
        options:
          provider: ${google}
      # allow access from health check ranges
      defaultFirewall:
        type: gcp:compute:Firewall
        properties:
          direction: INGRESS
          network: ${defaultNetwork.id}
          sourceRanges:
            - 130.211.0.0/22
            - 35.191.0.0/16
          allows:
            - protocol: tcp
          targetTags:
            - allow-health-check
        options:
          provider: ${google}
    

    External Tcp Proxy Lb Mig Backend

    Coming soon!

    Coming soon!

    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.GlobalAddress;
    import com.pulumi.gcp.compute.GlobalAddressArgs;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
    import com.pulumi.gcp.compute.InstanceTemplate;
    import com.pulumi.gcp.compute.InstanceTemplateArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
    import com.pulumi.gcp.compute.InstanceGroupManager;
    import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
    import com.pulumi.gcp.compute.inputs.InstanceGroupManagerNamedPortArgs;
    import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
    import com.pulumi.gcp.compute.TargetTCPProxy;
    import com.pulumi.gcp.compute.TargetTCPProxyArgs;
    import com.pulumi.gcp.compute.GlobalForwardingRule;
    import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
    import com.pulumi.gcp.compute.Firewall;
    import com.pulumi.gcp.compute.FirewallArgs;
    import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()        
                .autoCreateSubnetworks(false)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()        
                .ipCidrRange("10.0.1.0/24")
                .region("us-central1")
                .network(defaultNetwork.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress", GlobalAddressArgs.Empty, CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
    
            var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()        
                .timeoutSec(1)
                .checkIntervalSec(1)
                .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                    .port("80")
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultInstanceTemplate = new InstanceTemplate("defaultInstanceTemplate", InstanceTemplateArgs.builder()        
                .machineType("e2-small")
                .tags("allow-health-check")
                .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
                    .network(defaultNetwork.id())
                    .subnetwork(defaultSubnetwork.id())
                    .accessConfigs()
                    .build())
                .disks(InstanceTemplateDiskArgs.builder()
                    .sourceImage("debian-cloud/debian-10")
                    .autoDelete(true)
                    .boot(true)
                    .build())
                .metadata(Map.of("startup-script", """
    #! /bin/bash
    set -euo pipefail
    export DEBIAN_FRONTEND=noninteractive
    apt-get update
    apt-get install -y nginx-light jq
    NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
    IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
    METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
    cat <<EOF > /var/www/html/index.html
    <pre>
    Name: $NAME
    IP: $IP
    Metadata: $METADATA
    </pre>
    EOF
                """))
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultInstanceGroupManager = new InstanceGroupManager("defaultInstanceGroupManager", InstanceGroupManagerArgs.builder()        
                .zone("us-central1-c")
                .namedPorts(InstanceGroupManagerNamedPortArgs.builder()
                    .name("tcp")
                    .port(80)
                    .build())
                .versions(InstanceGroupManagerVersionArgs.builder()
                    .instanceTemplate(defaultInstanceTemplate.id())
                    .name("primary")
                    .build())
                .baseInstanceName("vm")
                .targetSize(2)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()        
                .protocol("TCP")
                .portName("tcp")
                .loadBalancingScheme("EXTERNAL")
                .timeoutSec(10)
                .healthChecks(defaultHealthCheck.id())
                .backends(BackendServiceBackendArgs.builder()
                    .group(defaultInstanceGroupManager.instanceGroup())
                    .balancingMode("UTILIZATION")
                    .maxUtilization(1)
                    .capacityScaler(1)
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultTargetTCPProxy = new TargetTCPProxy("defaultTargetTCPProxy", TargetTCPProxyArgs.builder()        
                .backendService(defaultBackendService.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()        
                .ipProtocol("TCP")
                .loadBalancingScheme("EXTERNAL")
                .portRange("110")
                .target(defaultTargetTCPProxy.id())
                .ipAddress(defaultGlobalAddress.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultFirewall = new Firewall("defaultFirewall", FirewallArgs.builder()        
                .direction("INGRESS")
                .network(defaultNetwork.id())
                .sourceRanges(            
                    "130.211.0.0/22",
                    "35.191.0.0/16")
                .allows(FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .build())
                .targetTags("allow-health-check")
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
        }
    }
    

    Coming soon!

    Coming soon!

    resources:
      # External TCP proxy load balancer with managed instance group backend
    
      # VPC
      defaultNetwork:
        type: gcp:compute:Network
        properties:
          autoCreateSubnetworks: false
        options:
          provider: ${["google-beta"]}
      # backend subnet
      defaultSubnetwork:
        type: gcp:compute:Subnetwork
        properties:
          ipCidrRange: 10.0.1.0/24
          region: us-central1
          network: ${defaultNetwork.id}
        options:
          provider: ${["google-beta"]}
      # reserved IP address
      defaultGlobalAddress:
        type: gcp:compute:GlobalAddress
        options:
          provider: ${["google-beta"]}
      # forwarding rule
      defaultGlobalForwardingRule:
        type: gcp:compute:GlobalForwardingRule
        properties:
          ipProtocol: TCP
          loadBalancingScheme: EXTERNAL
          portRange: '110'
          target: ${defaultTargetTCPProxy.id}
          ipAddress: ${defaultGlobalAddress.id}
        options:
          provider: ${["google-beta"]}
      defaultTargetTCPProxy:
        type: gcp:compute:TargetTCPProxy
        properties:
          backendService: ${defaultBackendService.id}
        options:
          provider: ${["google-beta"]}
      # backend service
      defaultBackendService:
        type: gcp:compute:BackendService
        properties:
          protocol: TCP
          portName: tcp
          loadBalancingScheme: EXTERNAL
          timeoutSec: 10
          healthChecks:
            - ${defaultHealthCheck.id}
          backends:
            - group: ${defaultInstanceGroupManager.instanceGroup}
              balancingMode: UTILIZATION
              maxUtilization: 1
              capacityScaler: 1
        options:
          provider: ${["google-beta"]}
      defaultHealthCheck:
        type: gcp:compute:HealthCheck
        properties:
          timeoutSec: 1
          checkIntervalSec: 1
          tcpHealthCheck:
            port: '80'
        options:
          provider: ${["google-beta"]}
      # instance template
      defaultInstanceTemplate:
        type: gcp:compute:InstanceTemplate
        properties:
          machineType: e2-small
          tags:
            - allow-health-check
          networkInterfaces:
            - network: ${defaultNetwork.id}
              subnetwork: ${defaultSubnetwork.id}
              accessConfigs:
                - {}
          disks:
            - sourceImage: debian-cloud/debian-10
              autoDelete: true
              boot: true
          # install nginx and serve a simple web page
          metadata:
            startup-script: |
              #! /bin/bash
              set -euo pipefail
              export DEBIAN_FRONTEND=noninteractive
              apt-get update
              apt-get install -y nginx-light jq
              NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
              IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
              METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
              cat <<EOF > /var/www/html/index.html
              <pre>
              Name: $NAME
              IP: $IP
              Metadata: $METADATA
              </pre>
              EOF          
        options:
          provider: ${["google-beta"]}
      # MIG
      defaultInstanceGroupManager:
        type: gcp:compute:InstanceGroupManager
        properties:
          zone: us-central1-c
          namedPorts:
            - name: tcp
              port: 80
          versions:
            - instanceTemplate: ${defaultInstanceTemplate.id}
              name: primary
          baseInstanceName: vm
          targetSize: 2
        options:
          provider: ${["google-beta"]}
      # allow access from health check ranges
      defaultFirewall:
        type: gcp:compute:Firewall
        properties:
          direction: INGRESS
          network: ${defaultNetwork.id}
          sourceRanges:
            - 130.211.0.0/22
            - 35.191.0.0/16
          allows:
            - protocol: tcp
          targetTags:
            - allow-health-check
        options:
          provider: ${["google-beta"]}
    

    External Http Lb Mig Backend Custom Header

    Coming soon!

    Coming soon!

    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.GlobalAddress;
    import com.pulumi.gcp.compute.GlobalAddressArgs;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckHttpHealthCheckArgs;
    import com.pulumi.gcp.compute.InstanceTemplate;
    import com.pulumi.gcp.compute.InstanceTemplateArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
    import com.pulumi.gcp.compute.InstanceGroupManager;
    import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
    import com.pulumi.gcp.compute.inputs.InstanceGroupManagerNamedPortArgs;
    import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
    import com.pulumi.gcp.compute.URLMap;
    import com.pulumi.gcp.compute.URLMapArgs;
    import com.pulumi.gcp.compute.TargetHttpProxy;
    import com.pulumi.gcp.compute.TargetHttpProxyArgs;
    import com.pulumi.gcp.compute.GlobalForwardingRule;
    import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
    import com.pulumi.gcp.compute.Firewall;
    import com.pulumi.gcp.compute.FirewallArgs;
    import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()        
                .autoCreateSubnetworks(false)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()        
                .ipCidrRange("10.0.1.0/24")
                .region("us-central1")
                .network(defaultNetwork.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress", GlobalAddressArgs.Empty, CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
    
            var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()        
                .httpHealthCheck(HealthCheckHttpHealthCheckArgs.builder()
                    .portSpecification("USE_SERVING_PORT")
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultInstanceTemplate = new InstanceTemplate("defaultInstanceTemplate", InstanceTemplateArgs.builder()        
                .machineType("e2-small")
                .tags("allow-health-check")
                .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
                    .network(defaultNetwork.id())
                    .subnetwork(defaultSubnetwork.id())
                    .accessConfigs()
                    .build())
                .disks(InstanceTemplateDiskArgs.builder()
                    .sourceImage("debian-cloud/debian-10")
                    .autoDelete(true)
                    .boot(true)
                    .build())
                .metadata(Map.of("startup-script", """
    #! /bin/bash
    set -euo pipefail
    
    export DEBIAN_FRONTEND=noninteractive
    apt-get update
    apt-get install -y nginx-light jq
    
    NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
    IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
    METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
    
    cat <<EOF > /var/www/html/index.html
    <pre>
    Name: $NAME
    IP: $IP
    Metadata: $METADATA
    </pre>
    EOF
                """))
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultInstanceGroupManager = new InstanceGroupManager("defaultInstanceGroupManager", InstanceGroupManagerArgs.builder()        
                .zone("us-central1-c")
                .namedPorts(InstanceGroupManagerNamedPortArgs.builder()
                    .name("http")
                    .port(8080)
                    .build())
                .versions(InstanceGroupManagerVersionArgs.builder()
                    .instanceTemplate(defaultInstanceTemplate.id())
                    .name("primary")
                    .build())
                .baseInstanceName("vm")
                .targetSize(2)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()        
                .protocol("HTTP")
                .portName("my-port")
                .loadBalancingScheme("EXTERNAL")
                .timeoutSec(10)
                .enableCdn(true)
                .customRequestHeaders("X-Client-Geo-Location: {client_region_subdivision}, {client_city}")
                .customResponseHeaders("X-Cache-Hit: {cdn_cache_status}")
                .healthChecks(defaultHealthCheck.id())
                .backends(BackendServiceBackendArgs.builder()
                    .group(defaultInstanceGroupManager.instanceGroup())
                    .balancingMode("UTILIZATION")
                    .capacityScaler(1)
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()        
                .defaultService(defaultBackendService.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()        
                .urlMap(defaultURLMap.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()        
                .ipProtocol("TCP")
                .loadBalancingScheme("EXTERNAL")
                .portRange("80")
                .target(defaultTargetHttpProxy.id())
                .ipAddress(defaultGlobalAddress.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultFirewall = new Firewall("defaultFirewall", FirewallArgs.builder()        
                .direction("INGRESS")
                .network(defaultNetwork.id())
                .sourceRanges(            
                    "130.211.0.0/22",
                    "35.191.0.0/16")
                .allows(FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .build())
                .targetTags("allow-health-check")
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
        }
    }
    

    Coming soon!

    Coming soon!

    resources:
      # External HTTP load balancer with a CDN-enabled managed instance group backend
      # and custom request and response headers
    
      # VPC
      defaultNetwork:
        type: gcp:compute:Network
        properties:
          autoCreateSubnetworks: false
        options:
          provider: ${["google-beta"]}
      # backend subnet
      defaultSubnetwork:
        type: gcp:compute:Subnetwork
        properties:
          ipCidrRange: 10.0.1.0/24
          region: us-central1
          network: ${defaultNetwork.id}
        options:
          provider: ${["google-beta"]}
      # reserved IP address
      defaultGlobalAddress:
        type: gcp:compute:GlobalAddress
        options:
          provider: ${["google-beta"]}
      # forwarding rule
      defaultGlobalForwardingRule:
        type: gcp:compute:GlobalForwardingRule
        properties:
          ipProtocol: TCP
          loadBalancingScheme: EXTERNAL
          portRange: '80'
          target: ${defaultTargetHttpProxy.id}
          ipAddress: ${defaultGlobalAddress.id}
        options:
          provider: ${["google-beta"]}
      # http proxy
      defaultTargetHttpProxy:
        type: gcp:compute:TargetHttpProxy
        properties:
          urlMap: ${defaultURLMap.id}
        options:
          provider: ${["google-beta"]}
      # url map
      defaultURLMap:
        type: gcp:compute:URLMap
        properties:
          defaultService: ${defaultBackendService.id}
        options:
          provider: ${["google-beta"]}
      # backend service with custom request and response headers
      defaultBackendService:
        type: gcp:compute:BackendService
        properties:
          protocol: HTTP
          portName: my-port
          loadBalancingScheme: EXTERNAL
          timeoutSec: 10
          enableCdn: true
          customRequestHeaders:
            - 'X-Client-Geo-Location: {client_region_subdivision}, {client_city}'
          customResponseHeaders:
            - 'X-Cache-Hit: {cdn_cache_status}'
          healthChecks:
            - ${defaultHealthCheck.id}
          backends:
            - group: ${defaultInstanceGroupManager.instanceGroup}
              balancingMode: UTILIZATION
              capacityScaler: 1
        options:
          provider: ${["google-beta"]}
      # instance template
      defaultInstanceTemplate:
        type: gcp:compute:InstanceTemplate
        properties:
          machineType: e2-small
          tags:
            - allow-health-check
          networkInterfaces:
            - network: ${defaultNetwork.id}
              subnetwork: ${defaultSubnetwork.id}
              accessConfigs:
                - {}
          disks:
            - sourceImage: debian-cloud/debian-10
              autoDelete: true
              boot: true
          # install nginx and serve a simple web page
          metadata:
            startup-script: |
              #! /bin/bash
              set -euo pipefail
    
              export DEBIAN_FRONTEND=noninteractive
              apt-get update
              apt-get install -y nginx-light jq
    
              NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
              IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
              METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
    
              cat <<EOF > /var/www/html/index.html
              <pre>
              Name: $NAME
              IP: $IP
              Metadata: $METADATA
              </pre>
              EOF          
        options:
          provider: ${["google-beta"]}
      # health check
      defaultHealthCheck:
        type: gcp:compute:HealthCheck
        properties:
          httpHealthCheck:
            portSpecification: USE_SERVING_PORT
        options:
          provider: ${["google-beta"]}
      # MIG
      defaultInstanceGroupManager:
        type: gcp:compute:InstanceGroupManager
        properties:
          zone: us-central1-c
          namedPorts:
            - name: http
              port: 8080
          versions:
            - instanceTemplate: ${defaultInstanceTemplate.id}
              name: primary
          baseInstanceName: vm
          targetSize: 2
        options:
          provider: ${["google-beta"]}
      # allow access from health check ranges
      defaultFirewall:
        type: gcp:compute:Firewall
        properties:
          direction: INGRESS
          network: ${defaultNetwork.id}
          sourceRanges:
            - 130.211.0.0/22
            - 35.191.0.0/16
          allows:
            - protocol: tcp
          targetTags:
            - allow-health-check
        options:
          provider: ${["google-beta"]}
    

    Global Forwarding Rule Http

    Coming soon!

    Coming soon!

    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HttpHealthCheck;
    import com.pulumi.gcp.compute.HttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.URLMap;
    import com.pulumi.gcp.compute.URLMapArgs;
    import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
    import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
    import com.pulumi.gcp.compute.TargetHttpProxy;
    import com.pulumi.gcp.compute.TargetHttpProxyArgs;
    import com.pulumi.gcp.compute.GlobalForwardingRule;
    import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()        
                .requestPath("/")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()        
                .portName("http")
                .protocol("HTTP")
                .timeoutSec(10)
                .healthChecks(defaultHttpHealthCheck.id())
                .build());
    
            var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()        
                .description("a description")
                .defaultService(defaultBackendService.id())
                .hostRules(URLMapHostRuleArgs.builder()
                    .hosts("mysite.com")
                    .pathMatcher("allpaths")
                    .build())
                .pathMatchers(URLMapPathMatcherArgs.builder()
                    .name("allpaths")
                    .defaultService(defaultBackendService.id())
                    .pathRules(URLMapPathMatcherPathRuleArgs.builder()
                        .paths("/*")
                        .service(defaultBackendService.id())
                        .build())
                    .build())
                .build());
    
            var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()        
                .description("a description")
                .urlMap(defaultURLMap.id())
                .build());
    
            var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()        
                .target(defaultTargetHttpProxy.id())
                .portRange("80")
                .build());
    
        }
    }
    

    Coming soon!

    Coming soon!

    resources:
      defaultGlobalForwardingRule:
        type: gcp:compute:GlobalForwardingRule
        properties:
          target: ${defaultTargetHttpProxy.id}
          portRange: '80'
      defaultTargetHttpProxy:
        type: gcp:compute:TargetHttpProxy
        properties:
          description: a description
          urlMap: ${defaultURLMap.id}
      defaultURLMap:
        type: gcp:compute:URLMap
        properties:
          description: a description
          defaultService: ${defaultBackendService.id}
          hostRules:
            - hosts:
                - mysite.com
              pathMatcher: allpaths
          pathMatchers:
            - name: allpaths
              defaultService: ${defaultBackendService.id}
              pathRules:
                - paths:
                    - /*
                  service: ${defaultBackendService.id}
      defaultBackendService:
        type: gcp:compute:BackendService
        properties:
          portName: http
          protocol: HTTP
          timeoutSec: 10
          healthChecks:
            - ${defaultHttpHealthCheck.id}
      defaultHttpHealthCheck:
        type: gcp:compute:HttpHealthCheck
        properties:
          requestPath: /
          checkIntervalSec: 1
          timeoutSec: 1
    

    Global Forwarding Rule Internal

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var defaultBackendService = new Gcp.Compute.BackendService("defaultBackendService", new()
        {
            PortName = "http",
            Protocol = "HTTP",
            TimeoutSec = 10,
            LoadBalancingScheme = "EXTERNAL_MANAGED",
        });
    
        var defaultURLMap = new Gcp.Compute.URLMap("defaultURLMap", new()
        {
            Description = "a description",
            DefaultService = defaultBackendService.Id,
            HostRules = new[]
            {
                new Gcp.Compute.Inputs.URLMapHostRuleArgs
                {
                    Hosts = new[]
                    {
                        "mysite.com",
                    },
                    PathMatcher = "allpaths",
                },
            },
            PathMatchers = new[]
            {
                new Gcp.Compute.Inputs.URLMapPathMatcherArgs
                {
                    Name = "allpaths",
                    DefaultService = defaultBackendService.Id,
                    PathRules = new[]
                    {
                        new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
                        {
                            Paths = new[]
                            {
                                "/*",
                            },
                            Service = defaultBackendService.Id,
                        },
                    },
                },
            },
        });
    
        var defaultTargetHttpProxy = new Gcp.Compute.TargetHttpProxy("defaultTargetHttpProxy", new()
        {
            Description = "a description",
            UrlMap = defaultURLMap.Id,
        });
    
        var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("defaultGlobalForwardingRule", new()
        {
            Target = defaultTargetHttpProxy.Id,
            PortRange = "80",
            LoadBalancingScheme = "EXTERNAL_MANAGED",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		defaultBackendService, err := compute.NewBackendService(ctx, "defaultBackendService", &compute.BackendServiceArgs{
    			PortName:            pulumi.String("http"),
    			Protocol:            pulumi.String("HTTP"),
    			TimeoutSec:          pulumi.Int(10),
    			LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"),
    		})
    		if err != nil {
    			return err
    		}
    		defaultURLMap, err := compute.NewURLMap(ctx, "defaultURLMap", &compute.URLMapArgs{
    			Description:    pulumi.String("a description"),
    			DefaultService: defaultBackendService.ID(),
    			HostRules: compute.URLMapHostRuleArray{
    				&compute.URLMapHostRuleArgs{
    					Hosts: pulumi.StringArray{
    						pulumi.String("mysite.com"),
    					},
    					PathMatcher: pulumi.String("allpaths"),
    				},
    			},
    			PathMatchers: compute.URLMapPathMatcherArray{
    				&compute.URLMapPathMatcherArgs{
    					Name:           pulumi.String("allpaths"),
    					DefaultService: defaultBackendService.ID(),
    					PathRules: compute.URLMapPathMatcherPathRuleArray{
    						&compute.URLMapPathMatcherPathRuleArgs{
    							Paths: pulumi.StringArray{
    								pulumi.String("/*"),
    							},
    							Service: defaultBackendService.ID(),
    						},
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		defaultTargetHttpProxy, err := compute.NewTargetHttpProxy(ctx, "defaultTargetHttpProxy", &compute.TargetHttpProxyArgs{
    			Description: pulumi.String("a description"),
    			UrlMap:      defaultURLMap.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewGlobalForwardingRule(ctx, "defaultGlobalForwardingRule", &compute.GlobalForwardingRuleArgs{
    			Target:              defaultTargetHttpProxy.ID(),
    			PortRange:           pulumi.String("80"),
    			LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.ComputeFunctions;
    import com.pulumi.gcp.compute.inputs.GetImageArgs;
    import com.pulumi.gcp.compute.InstanceTemplate;
    import com.pulumi.gcp.compute.InstanceTemplateArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
    import com.pulumi.gcp.compute.InstanceGroupManager;
    import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
    import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
    import com.pulumi.gcp.compute.URLMap;
    import com.pulumi.gcp.compute.URLMapArgs;
    import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
    import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
    import com.pulumi.gcp.compute.TargetHttpProxy;
    import com.pulumi.gcp.compute.TargetHttpProxyArgs;
    import com.pulumi.gcp.compute.GlobalForwardingRule;
    import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
    import com.pulumi.gcp.compute.inputs.GlobalForwardingRuleMetadataFilterArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var debianImage = ComputeFunctions.getImage(GetImageArgs.builder()
                .family("debian-11")
                .project("debian-cloud")
                .build());
    
            var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()        
                .machineType("e2-medium")
                .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
                    .network("default")
                    .build())
                .disks(InstanceTemplateDiskArgs.builder()
                    .sourceImage(debianImage.applyValue(getImageResult -> getImageResult.selfLink()))
                    .autoDelete(true)
                    .boot(true)
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var igm = new InstanceGroupManager("igm", InstanceGroupManagerArgs.builder()        
                .versions(InstanceGroupManagerVersionArgs.builder()
                    .instanceTemplate(instanceTemplate.id())
                    .name("primary")
                    .build())
                .baseInstanceName("internal-glb")
                .zone("us-central1-f")
                .targetSize(1)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()        
                .checkIntervalSec(1)
                .timeoutSec(1)
                .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                    .port("80")
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()        
                .portName("http")
                .protocol("HTTP")
                .timeoutSec(10)
                .loadBalancingScheme("INTERNAL_SELF_MANAGED")
                .backends(BackendServiceBackendArgs.builder()
                    .group(igm.instanceGroup())
                    .balancingMode("RATE")
                    .capacityScaler(0.4)
                    .maxRatePerInstance(50)
                    .build())
                .healthChecks(defaultHealthCheck.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()        
                .description("a description")
                .defaultService(defaultBackendService.id())
                .hostRules(URLMapHostRuleArgs.builder()
                    .hosts("mysite.com")
                    .pathMatcher("allpaths")
                    .build())
                .pathMatchers(URLMapPathMatcherArgs.builder()
                    .name("allpaths")
                    .defaultService(defaultBackendService.id())
                    .pathRules(URLMapPathMatcherPathRuleArgs.builder()
                        .paths("/*")
                        .service(defaultBackendService.id())
                        .build())
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()        
                .description("a description")
                .urlMap(defaultURLMap.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()        
                .target(defaultTargetHttpProxy.id())
                .portRange("80")
                .loadBalancingScheme("INTERNAL_SELF_MANAGED")
                .ipAddress("0.0.0.0")
                .metadataFilters(GlobalForwardingRuleMetadataFilterArgs.builder()
                    .filterMatchCriteria("MATCH_ANY")
                    .filterLabels(GlobalForwardingRuleMetadataFilterFilterLabelArgs.builder()
                        .name("PLANET")
                        .value("MARS")
                        .build())
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
        }
    }
    
    import pulumi
    import pulumi_gcp as gcp
    
    default_backend_service = gcp.compute.BackendService("defaultBackendService",
        port_name="http",
        protocol="HTTP",
        timeout_sec=10,
        load_balancing_scheme="EXTERNAL_MANAGED")
    default_url_map = gcp.compute.URLMap("defaultURLMap",
        description="a description",
        default_service=default_backend_service.id,
        host_rules=[gcp.compute.URLMapHostRuleArgs(
            hosts=["mysite.com"],
            path_matcher="allpaths",
        )],
        path_matchers=[gcp.compute.URLMapPathMatcherArgs(
            name="allpaths",
            default_service=default_backend_service.id,
            path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs(
                paths=["/*"],
                service=default_backend_service.id,
            )],
        )])
    default_target_http_proxy = gcp.compute.TargetHttpProxy("defaultTargetHttpProxy",
        description="a description",
        url_map=default_url_map.id)
    default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule",
        target=default_target_http_proxy.id,
        port_range="80",
        load_balancing_scheme="EXTERNAL_MANAGED")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", {
        portName: "http",
        protocol: "HTTP",
        timeoutSec: 10,
        loadBalancingScheme: "EXTERNAL_MANAGED",
    });
    const defaultURLMap = new gcp.compute.URLMap("defaultURLMap", {
        description: "a description",
        defaultService: defaultBackendService.id,
        hostRules: [{
            hosts: ["mysite.com"],
            pathMatcher: "allpaths",
        }],
        pathMatchers: [{
            name: "allpaths",
            defaultService: defaultBackendService.id,
            pathRules: [{
                paths: ["/*"],
                service: defaultBackendService.id,
            }],
        }],
    });
    const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("defaultTargetHttpProxy", {
        description: "a description",
        urlMap: defaultURLMap.id,
    });
    const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule", {
        target: defaultTargetHttpProxy.id,
        portRange: "80",
        loadBalancingScheme: "EXTERNAL_MANAGED",
    });
    
    resources:
      defaultGlobalForwardingRule:
        type: gcp:compute:GlobalForwardingRule
        properties:
          target: ${defaultTargetHttpProxy.id}
          portRange: '80'
          loadBalancingScheme: INTERNAL_SELF_MANAGED
          ipAddress: 0.0.0.0
          metadataFilters:
            - filterMatchCriteria: MATCH_ANY
              filterLabels:
                - name: PLANET
                  value: MARS
        options:
          provider: ${["google-beta"]}
      defaultTargetHttpProxy:
        type: gcp:compute:TargetHttpProxy
        properties:
          description: a description
          urlMap: ${defaultURLMap.id}
        options:
          provider: ${["google-beta"]}
      defaultURLMap:
        type: gcp:compute:URLMap
        properties:
          description: a description
          defaultService: ${defaultBackendService.id}
          hostRules:
            - hosts:
                - mysite.com
              pathMatcher: allpaths
          pathMatchers:
            - name: allpaths
              defaultService: ${defaultBackendService.id}
              pathRules:
                - paths:
                    - /*
                  service: ${defaultBackendService.id}
        options:
          provider: ${["google-beta"]}
      defaultBackendService:
        type: gcp:compute:BackendService
        properties:
          portName: http
          protocol: HTTP
          timeoutSec: 10
          loadBalancingScheme: INTERNAL_SELF_MANAGED
          backends:
            - group: ${igm.instanceGroup}
              balancingMode: RATE
              capacityScaler: 0.4
              maxRatePerInstance: 50
          healthChecks:
            - ${defaultHealthCheck.id}
        options:
          provider: ${["google-beta"]}
      igm:
        type: gcp:compute:InstanceGroupManager
        properties:
          versions:
            - instanceTemplate: ${instanceTemplate.id}
              name: primary
          baseInstanceName: internal-glb
          zone: us-central1-f
          targetSize: 1
        options:
          provider: ${["google-beta"]}
      instanceTemplate:
        type: gcp:compute:InstanceTemplate
        properties:
          machineType: e2-medium
          networkInterfaces:
            - network: default
          disks:
            - sourceImage: ${debianImage.selfLink}
              autoDelete: true
              boot: true
        options:
          provider: ${["google-beta"]}
      defaultHealthCheck:
        type: gcp:compute:HealthCheck
        properties:
          checkIntervalSec: 1
          timeoutSec: 1
          tcpHealthCheck:
            port: '80'
        options:
          provider: ${["google-beta"]}
    variables:
      debianImage:
        fn::invoke:
          Function: gcp:compute:getImage
          Arguments:
            family: debian-11
            project: debian-cloud
    

    Global Forwarding Rule External Managed

    Coming soon!

    Coming soon!

    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.URLMap;
    import com.pulumi.gcp.compute.URLMapArgs;
    import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
    import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
    import com.pulumi.gcp.compute.TargetHttpProxy;
    import com.pulumi.gcp.compute.TargetHttpProxyArgs;
    import com.pulumi.gcp.compute.GlobalForwardingRule;
    import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()        
                .portName("http")
                .protocol("HTTP")
                .timeoutSec(10)
                .loadBalancingScheme("EXTERNAL_MANAGED")
                .build());
    
            var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()        
                .description("a description")
                .defaultService(defaultBackendService.id())
                .hostRules(URLMapHostRuleArgs.builder()
                    .hosts("mysite.com")
                    .pathMatcher("allpaths")
                    .build())
                .pathMatchers(URLMapPathMatcherArgs.builder()
                    .name("allpaths")
                    .defaultService(defaultBackendService.id())
                    .pathRules(URLMapPathMatcherPathRuleArgs.builder()
                        .paths("/*")
                        .service(defaultBackendService.id())
                        .build())
                    .build())
                .build());
    
            var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()        
                .description("a description")
                .urlMap(defaultURLMap.id())
                .build());
    
            var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()        
                .target(defaultTargetHttpProxy.id())
                .portRange("80")
                .loadBalancingScheme("EXTERNAL_MANAGED")
                .build());
    
        }
    }
    

    Coming soon!

    Coming soon!

    resources:
      defaultGlobalForwardingRule:
        type: gcp:compute:GlobalForwardingRule
        properties:
          target: ${defaultTargetHttpProxy.id}
          portRange: '80'
          loadBalancingScheme: EXTERNAL_MANAGED
      defaultTargetHttpProxy:
        type: gcp:compute:TargetHttpProxy
        properties:
          description: a description
          urlMap: ${defaultURLMap.id}
      defaultURLMap:
        type: gcp:compute:URLMap
        properties:
          description: a description
          defaultService: ${defaultBackendService.id}
          hostRules:
            - hosts:
                - mysite.com
              pathMatcher: allpaths
          pathMatchers:
            - name: allpaths
              defaultService: ${defaultBackendService.id}
              pathRules:
                - paths:
                    - /*
                  service: ${defaultBackendService.id}
      defaultBackendService:
        type: gcp:compute:BackendService
        properties:
          portName: http
          protocol: HTTP
          timeoutSec: 10
          loadBalancingScheme: EXTERNAL_MANAGED
    

    Global Forwarding Rule Hybrid

    Coming soon!

    Coming soon!

    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.NetworkEndpointGroup;
    import com.pulumi.gcp.compute.NetworkEndpointGroupArgs;
    import com.pulumi.gcp.compute.NetworkEndpoint;
    import com.pulumi.gcp.compute.NetworkEndpointArgs;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
    import com.pulumi.gcp.compute.URLMap;
    import com.pulumi.gcp.compute.URLMapArgs;
    import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
    import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
    import com.pulumi.gcp.compute.TargetHttpProxy;
    import com.pulumi.gcp.compute.TargetHttpProxyArgs;
    import com.pulumi.gcp.compute.GlobalForwardingRule;
    import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var config = ctx.config();
            final var subnetworkCidr = config.get("subnetworkCidr").orElse("10.0.0.0/24");
            var defaultNetwork = new Network("defaultNetwork");
    
            var internalNetwork = new Network("internalNetwork", NetworkArgs.builder()        
                .autoCreateSubnetworks(false)
                .build());
    
            var internalSubnetwork = new Subnetwork("internalSubnetwork", SubnetworkArgs.builder()        
                .network(internalNetwork.id())
                .ipCidrRange(subnetworkCidr)
                .region("us-central1")
                .privateIpGoogleAccess(true)
                .build());
    
            var defaultNetworkEndpointGroup = new NetworkEndpointGroup("defaultNetworkEndpointGroup", NetworkEndpointGroupArgs.builder()        
                .network(defaultNetwork.id())
                .defaultPort("90")
                .zone("us-central1-a")
                .networkEndpointType("GCE_VM_IP_PORT")
                .build());
    
            var internalNetworkEndpointGroup = new NetworkEndpointGroup("internalNetworkEndpointGroup", NetworkEndpointGroupArgs.builder()        
                .network(internalNetwork.id())
                .subnetwork(internalSubnetwork.id())
                .zone("us-central1-a")
                .networkEndpointType("GCE_VM_IP")
                .build());
    
            var hybridNetworkEndpointGroup = new NetworkEndpointGroup("hybridNetworkEndpointGroup", NetworkEndpointGroupArgs.builder()        
                .network(defaultNetwork.id())
                .defaultPort("90")
                .zone("us-central1-a")
                .networkEndpointType("NON_GCP_PRIVATE_IP_PORT")
                .build());
    
            var hybrid_endpoint = new NetworkEndpoint("hybrid-endpoint", NetworkEndpointArgs.builder()        
                .networkEndpointGroup(hybridNetworkEndpointGroup.name())
                .port(hybridNetworkEndpointGroup.defaultPort())
                .ipAddress("127.0.0.1")
                .build());
    
            var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()        
                .timeoutSec(1)
                .checkIntervalSec(1)
                .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                    .port("80")
                    .build())
                .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()        
                .portName("http")
                .protocol("HTTP")
                .timeoutSec(10)
                .backends(BackendServiceBackendArgs.builder()
                    .group(defaultNetworkEndpointGroup.id())
                    .balancingMode("RATE")
                    .maxRatePerEndpoint(10)
                    .build())
                .healthChecks(defaultHealthCheck.id())
                .build());
    
            var hybridBackendService = new BackendService("hybridBackendService", BackendServiceArgs.builder()        
                .portName("http")
                .protocol("HTTP")
                .timeoutSec(10)
                .backends(BackendServiceBackendArgs.builder()
                    .group(hybridNetworkEndpointGroup.id())
                    .balancingMode("RATE")
                    .maxRatePerEndpoint(10)
                    .build())
                .healthChecks(defaultHealthCheck.id())
                .build());
    
            var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()        
                .description("a description")
                .defaultService(defaultBackendService.id())
                .hostRules(URLMapHostRuleArgs.builder()
                    .hosts("mysite.com")
                    .pathMatcher("allpaths")
                    .build())
                .pathMatchers(URLMapPathMatcherArgs.builder()
                    .name("allpaths")
                    .defaultService(defaultBackendService.id())
                    .pathRules(                
                        URLMapPathMatcherPathRuleArgs.builder()
                            .paths("/*")
                            .service(defaultBackendService.id())
                            .build(),
                        URLMapPathMatcherPathRuleArgs.builder()
                            .paths("/hybrid")
                            .service(hybridBackendService.id())
                            .build())
                    .build())
                .build());
    
            var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()        
                .description("a description")
                .urlMap(defaultURLMap.id())
                .build());
    
            var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()        
                .target(defaultTargetHttpProxy.id())
                .portRange("80")
                .build());
    
        }
    }
    

    Coming soon!

    Coming soon!

    configuration:
      # Roughly mirrors https://cloud.google.com/load-balancing/docs/https/setting-up-ext-https-hybrid
      subnetworkCidr:
        type: string
        default: 10.0.0.0/24
    resources:
      defaultNetwork:
        type: gcp:compute:Network
      internalNetwork:
        type: gcp:compute:Network
        properties:
          autoCreateSubnetworks: false
      internalSubnetwork:
        type: gcp:compute:Subnetwork
        properties:
          network: ${internalNetwork.id}
          ipCidrRange: ${subnetworkCidr}
          region: us-central1
          privateIpGoogleAccess: true
      # Zonal NEG with GCE_VM_IP_PORT
      defaultNetworkEndpointGroup:
        type: gcp:compute:NetworkEndpointGroup
        properties:
          network: ${defaultNetwork.id}
          defaultPort: '90'
          zone: us-central1-a
          networkEndpointType: GCE_VM_IP_PORT
      # Zonal NEG with GCE_VM_IP
      internalNetworkEndpointGroup:
        type: gcp:compute:NetworkEndpointGroup
        properties:
          network: ${internalNetwork.id}
          subnetwork: ${internalSubnetwork.id}
          zone: us-central1-a
          networkEndpointType: GCE_VM_IP
      # Hybrid connectivity NEG
      hybridNetworkEndpointGroup:
        type: gcp:compute:NetworkEndpointGroup
        properties:
          network: ${defaultNetwork.id}
          defaultPort: '90'
          zone: us-central1-a
          networkEndpointType: NON_GCP_PRIVATE_IP_PORT
      hybrid-endpoint:
        type: gcp:compute:NetworkEndpoint
        properties:
          networkEndpointGroup: ${hybridNetworkEndpointGroup.name}
          port: ${hybridNetworkEndpointGroup.defaultPort}
          ipAddress: 127.0.0.1
      # Backend service for Zonal NEG
      defaultBackendService:
        type: gcp:compute:BackendService
        properties:
          portName: http
          protocol: HTTP
          timeoutSec: 10
          backends:
            - group: ${defaultNetworkEndpointGroup.id}
              balancingMode: RATE
              maxRatePerEndpoint: 10
          healthChecks:
            - ${defaultHealthCheck.id}
      # Backgend service for Hybrid NEG
      hybridBackendService:
        type: gcp:compute:BackendService
        properties:
          portName: http
          protocol: HTTP
          timeoutSec: 10
          backends:
            - group: ${hybridNetworkEndpointGroup.id}
              balancingMode: RATE
              maxRatePerEndpoint: 10
          healthChecks:
            - ${defaultHealthCheck.id}
      defaultHealthCheck:
        type: gcp:compute:HealthCheck
        properties:
          timeoutSec: 1
          checkIntervalSec: 1
          tcpHealthCheck:
            port: '80'
      defaultURLMap:
        type: gcp:compute:URLMap
        properties:
          description: a description
          defaultService: ${defaultBackendService.id}
          hostRules:
            - hosts:
                - mysite.com
              pathMatcher: allpaths
          pathMatchers:
            - name: allpaths
              defaultService: ${defaultBackendService.id}
              pathRules:
                - paths:
                    - /*
                  service: ${defaultBackendService.id}
                - paths:
                    - /hybrid
                  service: ${hybridBackendService.id}
      defaultTargetHttpProxy:
        type: gcp:compute:TargetHttpProxy
        properties:
          description: a description
          urlMap: ${defaultURLMap.id}
      defaultGlobalForwardingRule:
        type: gcp:compute:GlobalForwardingRule
        properties:
          target: ${defaultTargetHttpProxy.id}
          portRange: '80'
    

    Global Internal Http Lb With Mig Backend

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var network = new Gcp.Compute.Network("network", new()
        {
            Project = "my-project-name",
            AutoCreateSubnetworks = false,
        }, new CustomResourceOptions
        {
            Provider = google_beta,
        });
    
        var vpcSubnetwork = new Gcp.Compute.Subnetwork("vpcSubnetwork", new()
        {
            Project = network.Project,
            IpCidrRange = "10.2.0.0/16",
            Region = "us-central1",
            Network = network.Id,
            PrivateIpGoogleAccess = true,
        }, new CustomResourceOptions
        {
            Provider = google_beta,
        });
    
        var defaultGlobalAddress = new Gcp.Compute.GlobalAddress("defaultGlobalAddress", new()
        {
            Project = network.Project,
            AddressType = "INTERNAL",
            Purpose = "PRIVATE_SERVICE_CONNECT",
            Network = network.Id,
            Address = "100.100.100.106",
        }, new CustomResourceOptions
        {
            Provider = google_beta,
        });
    
        var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("defaultGlobalForwardingRule", new()
        {
            Project = network.Project,
            Target = "all-apis",
            Network = network.Id,
            IpAddress = defaultGlobalAddress.Id,
            LoadBalancingScheme = "",
        }, new CustomResourceOptions
        {
            Provider = google_beta,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{
    			Project:               pulumi.String("my-project-name"),
    			AutoCreateSubnetworks: pulumi.Bool(false),
    		}, pulumi.Provider(google_beta))
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewSubnetwork(ctx, "vpcSubnetwork", &compute.SubnetworkArgs{
    			Project:               network.Project,
    			IpCidrRange:           pulumi.String("10.2.0.0/16"),
    			Region:                pulumi.String("us-central1"),
    			Network:               network.ID(),
    			PrivateIpGoogleAccess: pulumi.Bool(true),
    		}, pulumi.Provider(google_beta))
    		if err != nil {
    			return err
    		}
    		defaultGlobalAddress, err := compute.NewGlobalAddress(ctx, "defaultGlobalAddress", &compute.GlobalAddressArgs{
    			Project:     network.Project,
    			AddressType: pulumi.String("INTERNAL"),
    			Purpose:     pulumi.String("PRIVATE_SERVICE_CONNECT"),
    			Network:     network.ID(),
    			Address:     pulumi.String("100.100.100.106"),
    		}, pulumi.Provider(google_beta))
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewGlobalForwardingRule(ctx, "defaultGlobalForwardingRule", &compute.GlobalForwardingRuleArgs{
    			Project:             network.Project,
    			Target:              pulumi.String("all-apis"),
    			Network:             network.ID(),
    			IpAddress:           defaultGlobalAddress.ID(),
    			LoadBalancingScheme: pulumi.String(""),
    		}, pulumi.Provider(google_beta))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckHttpHealthCheckArgs;
    import com.pulumi.gcp.compute.InstanceTemplate;
    import com.pulumi.gcp.compute.InstanceTemplateArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
    import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
    import com.pulumi.gcp.compute.InstanceGroupManager;
    import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
    import com.pulumi.gcp.compute.inputs.InstanceGroupManagerVersionArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
    import com.pulumi.gcp.compute.URLMap;
    import com.pulumi.gcp.compute.URLMapArgs;
    import com.pulumi.gcp.compute.TargetHttpProxy;
    import com.pulumi.gcp.compute.TargetHttpProxyArgs;
    import com.pulumi.gcp.compute.GlobalForwardingRule;
    import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
    import com.pulumi.gcp.compute.Firewall;
    import com.pulumi.gcp.compute.FirewallArgs;
    import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
    import com.pulumi.gcp.compute.Instance;
    import com.pulumi.gcp.compute.InstanceArgs;
    import com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;
    import com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;
    import com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var gilbNetwork = new Network("gilbNetwork", NetworkArgs.builder()        
                .autoCreateSubnetworks(false)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var proxySubnet = new Subnetwork("proxySubnet", SubnetworkArgs.builder()        
                .ipCidrRange("10.0.0.0/24")
                .region("europe-west1")
                .purpose("GLOBAL_MANAGED_PROXY")
                .role("ACTIVE")
                .network(gilbNetwork.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var gilbSubnet = new Subnetwork("gilbSubnet", SubnetworkArgs.builder()        
                .ipCidrRange("10.0.1.0/24")
                .region("europe-west1")
                .network(gilbNetwork.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()        
                .httpHealthCheck(HealthCheckHttpHealthCheckArgs.builder()
                    .portSpecification("USE_SERVING_PORT")
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()        
                .machineType("e2-small")
                .tags("http-server")
                .networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
                    .network(gilbNetwork.id())
                    .subnetwork(gilbSubnet.id())
                    .accessConfigs()
                    .build())
                .disks(InstanceTemplateDiskArgs.builder()
                    .sourceImage("debian-cloud/debian-10")
                    .autoDelete(true)
                    .boot(true)
                    .build())
                .metadata(Map.of("startup-script", """
    #! /bin/bash
    set -euo pipefail
    
    export DEBIAN_FRONTEND=noninteractive
    apt-get update
    apt-get install -y nginx-light jq
    
    NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
    IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
    METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
    
    cat <<EOF > /var/www/html/index.html
    <pre>
    Name: $NAME
    IP: $IP
    Metadata: $METADATA
    </pre>
    EOF
                """))
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var mig = new InstanceGroupManager("mig", InstanceGroupManagerArgs.builder()        
                .zone("europe-west1-b")
                .versions(InstanceGroupManagerVersionArgs.builder()
                    .instanceTemplate(instanceTemplate.id())
                    .name("primary")
                    .build())
                .baseInstanceName("vm")
                .targetSize(2)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()        
                .protocol("HTTP")
                .loadBalancingScheme("INTERNAL_MANAGED")
                .timeoutSec(10)
                .healthChecks(defaultHealthCheck.id())
                .backends(BackendServiceBackendArgs.builder()
                    .group(mig.instanceGroup())
                    .balancingMode("UTILIZATION")
                    .capacityScaler(1)
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()        
                .defaultService(defaultBackendService.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultTargetHttpProxy = new TargetHttpProxy("defaultTargetHttpProxy", TargetHttpProxyArgs.builder()        
                .urlMap(defaultURLMap.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var googleComputeForwardingRule = new GlobalForwardingRule("googleComputeForwardingRule", GlobalForwardingRuleArgs.builder()        
                .ipProtocol("TCP")
                .loadBalancingScheme("INTERNAL_MANAGED")
                .portRange("80")
                .target(defaultTargetHttpProxy.id())
                .network(gilbNetwork.id())
                .subnetwork(gilbSubnet.id())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .dependsOn(proxySubnet)
                    .build());
    
            var fw_iap = new Firewall("fw-iap", FirewallArgs.builder()        
                .direction("INGRESS")
                .network(gilbNetwork.id())
                .sourceRanges(            
                    "130.211.0.0/22",
                    "35.191.0.0/16",
                    "35.235.240.0/20")
                .allows(FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var fw_gilb_to_backends = new Firewall("fw-gilb-to-backends", FirewallArgs.builder()        
                .direction("INGRESS")
                .network(gilbNetwork.id())
                .sourceRanges("10.0.0.0/24")
                .targetTags("http-server")
                .allows(FirewallAllowArgs.builder()
                    .protocol("tcp")
                    .ports(                
                        "80",
                        "443",
                        "8080")
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var vm_test = new Instance("vm-test", InstanceArgs.builder()        
                .zone("europe-west1-b")
                .machineType("e2-small")
                .networkInterfaces(InstanceNetworkInterfaceArgs.builder()
                    .network(gilbNetwork.id())
                    .subnetwork(gilbSubnet.id())
                    .build())
                .bootDisk(InstanceBootDiskArgs.builder()
                    .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()
                        .image("debian-cloud/debian-10")
                        .build())
                    .build())
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
        }
    }
    
    import pulumi
    import pulumi_gcp as gcp
    
    network = gcp.compute.Network("network",
        project="my-project-name",
        auto_create_subnetworks=False,
        opts=pulumi.ResourceOptions(provider=google_beta))
    vpc_subnetwork = gcp.compute.Subnetwork("vpcSubnetwork",
        project=network.project,
        ip_cidr_range="10.2.0.0/16",
        region="us-central1",
        network=network.id,
        private_ip_google_access=True,
        opts=pulumi.ResourceOptions(provider=google_beta))
    default_global_address = gcp.compute.GlobalAddress("defaultGlobalAddress",
        project=network.project,
        address_type="INTERNAL",
        purpose="PRIVATE_SERVICE_CONNECT",
        network=network.id,
        address="100.100.100.106",
        opts=pulumi.ResourceOptions(provider=google_beta))
    default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule",
        project=network.project,
        target="all-apis",
        network=network.id,
        ip_address=default_global_address.id,
        load_balancing_scheme="",
        opts=pulumi.ResourceOptions(provider=google_beta))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const network = new gcp.compute.Network("network", {
        project: "my-project-name",
        autoCreateSubnetworks: false,
    }, {
        provider: google_beta,
    });
    const vpcSubnetwork = new gcp.compute.Subnetwork("vpcSubnetwork", {
        project: network.project,
        ipCidrRange: "10.2.0.0/16",
        region: "us-central1",
        network: network.id,
        privateIpGoogleAccess: true,
    }, {
        provider: google_beta,
    });
    const defaultGlobalAddress = new gcp.compute.GlobalAddress("defaultGlobalAddress", {
        project: network.project,
        addressType: "INTERNAL",
        purpose: "PRIVATE_SERVICE_CONNECT",
        network: network.id,
        address: "100.100.100.106",
    }, {
        provider: google_beta,
    });
    const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule", {
        project: network.project,
        target: "all-apis",
        network: network.id,
        ipAddress: defaultGlobalAddress.id,
        loadBalancingScheme: "",
    }, {
        provider: google_beta,
    });
    
    resources:
      # Global Internal HTTP load balancer with a managed instance group backend
    
      # VPC network
      gilbNetwork:
        type: gcp:compute:Network
        properties:
          autoCreateSubnetworks: false
        options:
          provider: ${["google-beta"]}
      # proxy-only subnet
      proxySubnet:
        type: gcp:compute:Subnetwork
        properties:
          ipCidrRange: 10.0.0.0/24
          region: europe-west1
          purpose: GLOBAL_MANAGED_PROXY
          role: ACTIVE
          network: ${gilbNetwork.id}
        options:
          provider: ${["google-beta"]}
      # backend subnet
      gilbSubnet:
        type: gcp:compute:Subnetwork
        properties:
          ipCidrRange: 10.0.1.0/24
          region: europe-west1
          network: ${gilbNetwork.id}
        options:
          provider: ${["google-beta"]}
      # forwarding rule
      googleComputeForwardingRule:
        type: gcp:compute:GlobalForwardingRule
        properties:
          ipProtocol: TCP
          loadBalancingScheme: INTERNAL_MANAGED
          portRange: '80'
          target: ${defaultTargetHttpProxy.id}
          network: ${gilbNetwork.id}
          subnetwork: ${gilbSubnet.id}
        options:
          provider: ${["google-beta"]}
          dependson:
            - ${proxySubnet}
      # HTTP target proxy
      defaultTargetHttpProxy:
        type: gcp:compute:TargetHttpProxy
        properties:
          urlMap: ${defaultURLMap.id}
        options:
          provider: ${["google-beta"]}
      # URL map
      defaultURLMap:
        type: gcp:compute:URLMap
        properties:
          defaultService: ${defaultBackendService.id}
        options:
          provider: ${["google-beta"]}
      # backend service
      defaultBackendService:
        type: gcp:compute:BackendService
        properties:
          protocol: HTTP
          loadBalancingScheme: INTERNAL_MANAGED
          timeoutSec: 10
          healthChecks:
            - ${defaultHealthCheck.id}
          backends:
            - group: ${mig.instanceGroup}
              balancingMode: UTILIZATION
              capacityScaler: 1
        options:
          provider: ${["google-beta"]}
      # instance template
      instanceTemplate:
        type: gcp:compute:InstanceTemplate
        properties:
          machineType: e2-small
          tags:
            - http-server
          networkInterfaces:
            - network: ${gilbNetwork.id}
              subnetwork: ${gilbSubnet.id}
              accessConfigs:
                - {}
          disks:
            - sourceImage: debian-cloud/debian-10
              autoDelete: true
              boot: true
          # install nginx and serve a simple web page
          metadata:
            startup-script: |
              #! /bin/bash
              set -euo pipefail
    
              export DEBIAN_FRONTEND=noninteractive
              apt-get update
              apt-get install -y nginx-light jq
    
              NAME=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/hostname")
              IP=$(curl -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip")
              METADATA=$(curl -f -H "Metadata-Flavor: Google" "http://metadata.google.internal/computeMetadata/v1/instance/attributes/?recursive=True" | jq 'del(.["startup-script"])')
    
              cat <<EOF > /var/www/html/index.html
              <pre>
              Name: $NAME
              IP: $IP
              Metadata: $METADATA
              </pre>
              EOF          
        options:
          provider: ${["google-beta"]}
      # health check
      defaultHealthCheck:
        type: gcp:compute:HealthCheck
        properties:
          httpHealthCheck:
            portSpecification: USE_SERVING_PORT
        options:
          provider: ${["google-beta"]}
      # MIG
      mig:
        type: gcp:compute:InstanceGroupManager
        properties:
          zone: europe-west1-b
          versions:
            - instanceTemplate: ${instanceTemplate.id}
              name: primary
          baseInstanceName: vm
          targetSize: 2
        options:
          provider: ${["google-beta"]}
      # allow all access from IAP and health check ranges
      fw-iap:
        type: gcp:compute:Firewall
        properties:
          direction: INGRESS
          network: ${gilbNetwork.id}
          sourceRanges:
            - 130.211.0.0/22
            - 35.191.0.0/16
            - 35.235.240.0/20
          allows:
            - protocol: tcp
        options:
          provider: ${["google-beta"]}
      # allow http from proxy subnet to backends
      fw-gilb-to-backends:
        type: gcp:compute:Firewall
        properties:
          direction: INGRESS
          network: ${gilbNetwork.id}
          sourceRanges:
            - 10.0.0.0/24
          targetTags:
            - http-server
          allows:
            - protocol: tcp
              ports:
                - '80'
                - '443'
                - '8080'
        options:
          provider: ${["google-beta"]}
      # test instance
      vm-test:
        type: gcp:compute:Instance
        properties:
          zone: europe-west1-b
          machineType: e2-small
          networkInterfaces:
            - network: ${gilbNetwork.id}
              subnetwork: ${gilbSubnet.id}
          bootDisk:
            initializeParams:
              image: debian-cloud/debian-10
        options:
          provider: ${["google-beta"]}
    

    Private Service Connect Google Apis

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var network = new Gcp.Compute.Network("network", new()
        {
            Project = "my-project-name",
            AutoCreateSubnetworks = false,
        }, new CustomResourceOptions
        {
            Provider = google_beta,
        });
    
        var vpcSubnetwork = new Gcp.Compute.Subnetwork("vpcSubnetwork", new()
        {
            Project = network.Project,
            IpCidrRange = "10.2.0.0/16",
            Region = "us-central1",
            Network = network.Id,
            PrivateIpGoogleAccess = true,
        }, new CustomResourceOptions
        {
            Provider = google_beta,
        });
    
        var defaultGlobalAddress = new Gcp.Compute.GlobalAddress("defaultGlobalAddress", new()
        {
            Project = network.Project,
            AddressType = "INTERNAL",
            Purpose = "PRIVATE_SERVICE_CONNECT",
            Network = network.Id,
            Address = "100.100.100.106",
        }, new CustomResourceOptions
        {
            Provider = google_beta,
        });
    
        var defaultGlobalForwardingRule = new Gcp.Compute.GlobalForwardingRule("defaultGlobalForwardingRule", new()
        {
            Project = network.Project,
            Target = "all-apis",
            Network = network.Id,
            IpAddress = defaultGlobalAddress.Id,
            LoadBalancingScheme = "",
            NoAutomateDnsZone = false,
        }, new CustomResourceOptions
        {
            Provider = google_beta,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{
    			Project:               pulumi.String("my-project-name"),
    			AutoCreateSubnetworks: pulumi.Bool(false),
    		}, pulumi.Provider(google_beta))
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewSubnetwork(ctx, "vpcSubnetwork", &compute.SubnetworkArgs{
    			Project:               network.Project,
    			IpCidrRange:           pulumi.String("10.2.0.0/16"),
    			Region:                pulumi.String("us-central1"),
    			Network:               network.ID(),
    			PrivateIpGoogleAccess: pulumi.Bool(true),
    		}, pulumi.Provider(google_beta))
    		if err != nil {
    			return err
    		}
    		defaultGlobalAddress, err := compute.NewGlobalAddress(ctx, "defaultGlobalAddress", &compute.GlobalAddressArgs{
    			Project:     network.Project,
    			AddressType: pulumi.String("INTERNAL"),
    			Purpose:     pulumi.String("PRIVATE_SERVICE_CONNECT"),
    			Network:     network.ID(),
    			Address:     pulumi.String("100.100.100.106"),
    		}, pulumi.Provider(google_beta))
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewGlobalForwardingRule(ctx, "defaultGlobalForwardingRule", &compute.GlobalForwardingRuleArgs{
    			Project:             network.Project,
    			Target:              pulumi.String("all-apis"),
    			Network:             network.ID(),
    			IpAddress:           defaultGlobalAddress.ID(),
    			LoadBalancingScheme: pulumi.String(""),
    			NoAutomateDnsZone:   pulumi.Bool(false),
    		}, pulumi.Provider(google_beta))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.GlobalAddress;
    import com.pulumi.gcp.compute.GlobalAddressArgs;
    import com.pulumi.gcp.compute.GlobalForwardingRule;
    import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var network = new Network("network", NetworkArgs.builder()        
                .project("my-project-name")
                .autoCreateSubnetworks(false)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var vpcSubnetwork = new Subnetwork("vpcSubnetwork", SubnetworkArgs.builder()        
                .project(network.project())
                .ipCidrRange("10.2.0.0/16")
                .region("us-central1")
                .network(network.id())
                .privateIpGoogleAccess(true)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress", GlobalAddressArgs.builder()        
                .project(network.project())
                .addressType("INTERNAL")
                .purpose("PRIVATE_SERVICE_CONNECT")
                .network(network.id())
                .address("100.100.100.106")
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()        
                .project(network.project())
                .target("all-apis")
                .network(network.id())
                .ipAddress(defaultGlobalAddress.id())
                .loadBalancingScheme("")
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
        }
    }
    
    import pulumi
    import pulumi_gcp as gcp
    
    network = gcp.compute.Network("network",
        project="my-project-name",
        auto_create_subnetworks=False,
        opts=pulumi.ResourceOptions(provider=google_beta))
    vpc_subnetwork = gcp.compute.Subnetwork("vpcSubnetwork",
        project=network.project,
        ip_cidr_range="10.2.0.0/16",
        region="us-central1",
        network=network.id,
        private_ip_google_access=True,
        opts=pulumi.ResourceOptions(provider=google_beta))
    default_global_address = gcp.compute.GlobalAddress("defaultGlobalAddress",
        project=network.project,
        address_type="INTERNAL",
        purpose="PRIVATE_SERVICE_CONNECT",
        network=network.id,
        address="100.100.100.106",
        opts=pulumi.ResourceOptions(provider=google_beta))
    default_global_forwarding_rule = gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule",
        project=network.project,
        target="all-apis",
        network=network.id,
        ip_address=default_global_address.id,
        load_balancing_scheme="",
        no_automate_dns_zone=False,
        opts=pulumi.ResourceOptions(provider=google_beta))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const network = new gcp.compute.Network("network", {
        project: "my-project-name",
        autoCreateSubnetworks: false,
    }, {
        provider: google_beta,
    });
    const vpcSubnetwork = new gcp.compute.Subnetwork("vpcSubnetwork", {
        project: network.project,
        ipCidrRange: "10.2.0.0/16",
        region: "us-central1",
        network: network.id,
        privateIpGoogleAccess: true,
    }, {
        provider: google_beta,
    });
    const defaultGlobalAddress = new gcp.compute.GlobalAddress("defaultGlobalAddress", {
        project: network.project,
        addressType: "INTERNAL",
        purpose: "PRIVATE_SERVICE_CONNECT",
        network: network.id,
        address: "100.100.100.106",
    }, {
        provider: google_beta,
    });
    const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule", {
        project: network.project,
        target: "all-apis",
        network: network.id,
        ipAddress: defaultGlobalAddress.id,
        loadBalancingScheme: "",
        noAutomateDnsZone: false,
    }, {
        provider: google_beta,
    });
    
    resources:
      network:
        type: gcp:compute:Network
        properties:
          project: my-project-name
          autoCreateSubnetworks: false
        options:
          provider: ${["google-beta"]}
      vpcSubnetwork:
        type: gcp:compute:Subnetwork
        properties:
          project: ${network.project}
          ipCidrRange: 10.2.0.0/16
          region: us-central1
          network: ${network.id}
          privateIpGoogleAccess: true
        options:
          provider: ${["google-beta"]}
      defaultGlobalAddress:
        type: gcp:compute:GlobalAddress
        properties:
          project: ${network.project}
          addressType: INTERNAL
          purpose: PRIVATE_SERVICE_CONNECT
          network: ${network.id}
          address: 100.100.100.106
        options:
          provider: ${["google-beta"]}
      defaultGlobalForwardingRule:
        type: gcp:compute:GlobalForwardingRule
        properties:
          project: ${network.project}
          target: all-apis
          network: ${network.id}
          ipAddress: ${defaultGlobalAddress.id}
          loadBalancingScheme:
        options:
          provider: ${["google-beta"]}
    

    Private Service Connect Google Apis No Automate Dns

    Coming soon!

    Coming soon!

    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.Network;
    import com.pulumi.gcp.compute.NetworkArgs;
    import com.pulumi.gcp.compute.Subnetwork;
    import com.pulumi.gcp.compute.SubnetworkArgs;
    import com.pulumi.gcp.compute.GlobalAddress;
    import com.pulumi.gcp.compute.GlobalAddressArgs;
    import com.pulumi.gcp.compute.GlobalForwardingRule;
    import com.pulumi.gcp.compute.GlobalForwardingRuleArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var network = new Network("network", NetworkArgs.builder()        
                .project("my-project-name")
                .autoCreateSubnetworks(false)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var vpcSubnetwork = new Subnetwork("vpcSubnetwork", SubnetworkArgs.builder()        
                .project(network.project())
                .ipCidrRange("10.2.0.0/16")
                .region("us-central1")
                .network(network.id())
                .privateIpGoogleAccess(true)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultGlobalAddress = new GlobalAddress("defaultGlobalAddress", GlobalAddressArgs.builder()        
                .project(network.project())
                .addressType("INTERNAL")
                .purpose("PRIVATE_SERVICE_CONNECT")
                .network(network.id())
                .address("100.100.100.106")
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
            var defaultGlobalForwardingRule = new GlobalForwardingRule("defaultGlobalForwardingRule", GlobalForwardingRuleArgs.builder()        
                .project(network.project())
                .target("all-apis")
                .network(network.id())
                .ipAddress(defaultGlobalAddress.id())
                .loadBalancingScheme("")
                .noAutomateDnsZone(false)
                .build(), CustomResourceOptions.builder()
                    .provider(google_beta)
                    .build());
    
        }
    }
    

    Coming soon!

    Coming soon!

    resources:
      network:
        type: gcp:compute:Network
        properties:
          project: my-project-name
          autoCreateSubnetworks: false
        options:
          provider: ${["google-beta"]}
      vpcSubnetwork:
        type: gcp:compute:Subnetwork
        properties:
          project: ${network.project}
          ipCidrRange: 10.2.0.0/16
          region: us-central1
          network: ${network.id}
          privateIpGoogleAccess: true
        options:
          provider: ${["google-beta"]}
      defaultGlobalAddress:
        type: gcp:compute:GlobalAddress
        properties:
          project: ${network.project}
          addressType: INTERNAL
          purpose: PRIVATE_SERVICE_CONNECT
          network: ${network.id}
          address: 100.100.100.106
        options:
          provider: ${["google-beta"]}
      defaultGlobalForwardingRule:
        type: gcp:compute:GlobalForwardingRule
        properties:
          project: ${network.project}
          target: all-apis
          network: ${network.id}
          ipAddress: ${defaultGlobalAddress.id}
          loadBalancingScheme:
          noAutomateDnsZone: false
        options:
          provider: ${["google-beta"]}
    

    Create GlobalForwardingRule Resource

    new GlobalForwardingRule(name: string, args: GlobalForwardingRuleArgs, opts?: CustomResourceOptions);
    @overload
    def GlobalForwardingRule(resource_name: str,
                             opts: Optional[ResourceOptions] = None,
                             allow_psc_global_access: Optional[bool] = None,
                             description: Optional[str] = None,
                             ip_address: Optional[str] = None,
                             ip_protocol: Optional[str] = None,
                             ip_version: Optional[str] = None,
                             labels: Optional[Mapping[str, str]] = None,
                             load_balancing_scheme: Optional[str] = None,
                             metadata_filters: Optional[Sequence[GlobalForwardingRuleMetadataFilterArgs]] = None,
                             name: Optional[str] = None,
                             network: Optional[str] = None,
                             no_automate_dns_zone: Optional[bool] = None,
                             port_range: Optional[str] = None,
                             project: Optional[str] = None,
                             source_ip_ranges: Optional[Sequence[str]] = None,
                             subnetwork: Optional[str] = None,
                             target: Optional[str] = None)
    @overload
    def GlobalForwardingRule(resource_name: str,
                             args: GlobalForwardingRuleArgs,
                             opts: Optional[ResourceOptions] = None)
    func NewGlobalForwardingRule(ctx *Context, name string, args GlobalForwardingRuleArgs, opts ...ResourceOption) (*GlobalForwardingRule, error)
    public GlobalForwardingRule(string name, GlobalForwardingRuleArgs args, CustomResourceOptions? opts = null)
    public GlobalForwardingRule(String name, GlobalForwardingRuleArgs args)
    public GlobalForwardingRule(String name, GlobalForwardingRuleArgs args, CustomResourceOptions options)
    
    type: gcp:compute:GlobalForwardingRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args GlobalForwardingRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args GlobalForwardingRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args GlobalForwardingRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args GlobalForwardingRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args GlobalForwardingRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    GlobalForwardingRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The GlobalForwardingRule resource accepts the following input properties:

    Target string

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    AllowPscGlobalAccess bool

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    Description string

    An optional description of this resource. Provide this property when you create the resource.

    IpAddress string

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    IpProtocol string

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    IpVersion string

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    Labels Dictionary<string, string>

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    LoadBalancingScheme string

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    MetadataFilters List<GlobalForwardingRuleMetadataFilter>

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    Name string

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    Network string

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    NoAutomateDnsZone bool

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    PortRange string

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    Project string

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    SourceIpRanges List<string>

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    Subnetwork string

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    Target string

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    AllowPscGlobalAccess bool

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    Description string

    An optional description of this resource. Provide this property when you create the resource.

    IpAddress string

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    IpProtocol string

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    IpVersion string

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    Labels map[string]string

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    LoadBalancingScheme string

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    MetadataFilters []GlobalForwardingRuleMetadataFilterArgs

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    Name string

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    Network string

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    NoAutomateDnsZone bool

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    PortRange string

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    Project string

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    SourceIpRanges []string

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    Subnetwork string

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    target String

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    allowPscGlobalAccess Boolean

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    description String

    An optional description of this resource. Provide this property when you create the resource.

    ipAddress String

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    ipProtocol String

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    ipVersion String

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    labels Map<String,String>

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    loadBalancingScheme String

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    metadataFilters List<GlobalForwardingRuleMetadataFilter>

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    name String

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    network String

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    noAutomateDnsZone Boolean

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    portRange String

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    project String

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    sourceIpRanges List<String>

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    subnetwork String

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    target string

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    allowPscGlobalAccess boolean

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    description string

    An optional description of this resource. Provide this property when you create the resource.

    ipAddress string

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    ipProtocol string

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    ipVersion string

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    labels {[key: string]: string}

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    loadBalancingScheme string

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    metadataFilters GlobalForwardingRuleMetadataFilter[]

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    name string

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    network string

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    noAutomateDnsZone boolean

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    portRange string

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    project string

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    sourceIpRanges string[]

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    subnetwork string

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    target str

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    allow_psc_global_access bool

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    description str

    An optional description of this resource. Provide this property when you create the resource.

    ip_address str

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    ip_protocol str

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    ip_version str

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    labels Mapping[str, str]

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    load_balancing_scheme str

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    metadata_filters Sequence[GlobalForwardingRuleMetadataFilterArgs]

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    name str

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    network str

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    no_automate_dns_zone bool

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    port_range str

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    project str

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    source_ip_ranges Sequence[str]

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    subnetwork str

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    target String

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    allowPscGlobalAccess Boolean

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    description String

    An optional description of this resource. Provide this property when you create the resource.

    ipAddress String

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    ipProtocol String

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    ipVersion String

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    labels Map<String>

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    loadBalancingScheme String

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    metadataFilters List<Property Map>

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    name String

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    network String

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    noAutomateDnsZone Boolean

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    portRange String

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    project String

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    sourceIpRanges List<String>

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    subnetwork String

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the GlobalForwardingRule resource produces the following output properties:

    BaseForwardingRule string

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    EffectiveLabels Dictionary<string, string>

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    Id string

    The provider-assigned unique ID for this managed resource.

    LabelFingerprint string

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    PscConnectionId string

    The PSC connection id of the PSC Forwarding Rule.

    PscConnectionStatus string

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    PulumiLabels Dictionary<string, string>

    The combination of labels configured directly on the resource and default labels configured on the provider.

    SelfLink string

    The URI of the created resource.

    BaseForwardingRule string

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    EffectiveLabels map[string]string

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    Id string

    The provider-assigned unique ID for this managed resource.

    LabelFingerprint string

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    PscConnectionId string

    The PSC connection id of the PSC Forwarding Rule.

    PscConnectionStatus string

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    PulumiLabels map[string]string

    The combination of labels configured directly on the resource and default labels configured on the provider.

    SelfLink string

    The URI of the created resource.

    baseForwardingRule String

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    effectiveLabels Map<String,String>

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    id String

    The provider-assigned unique ID for this managed resource.

    labelFingerprint String

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    pscConnectionId String

    The PSC connection id of the PSC Forwarding Rule.

    pscConnectionStatus String

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    pulumiLabels Map<String,String>

    The combination of labels configured directly on the resource and default labels configured on the provider.

    selfLink String

    The URI of the created resource.

    baseForwardingRule string

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    effectiveLabels {[key: string]: string}

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    id string

    The provider-assigned unique ID for this managed resource.

    labelFingerprint string

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    pscConnectionId string

    The PSC connection id of the PSC Forwarding Rule.

    pscConnectionStatus string

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    pulumiLabels {[key: string]: string}

    The combination of labels configured directly on the resource and default labels configured on the provider.

    selfLink string

    The URI of the created resource.

    base_forwarding_rule str

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    effective_labels Mapping[str, str]

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    id str

    The provider-assigned unique ID for this managed resource.

    label_fingerprint str

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    psc_connection_id str

    The PSC connection id of the PSC Forwarding Rule.

    psc_connection_status str

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    pulumi_labels Mapping[str, str]

    The combination of labels configured directly on the resource and default labels configured on the provider.

    self_link str

    The URI of the created resource.

    baseForwardingRule String

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    effectiveLabels Map<String>

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    id String

    The provider-assigned unique ID for this managed resource.

    labelFingerprint String

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    pscConnectionId String

    The PSC connection id of the PSC Forwarding Rule.

    pscConnectionStatus String

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    pulumiLabels Map<String>

    The combination of labels configured directly on the resource and default labels configured on the provider.

    selfLink String

    The URI of the created resource.

    Look up Existing GlobalForwardingRule Resource

    Get an existing GlobalForwardingRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: GlobalForwardingRuleState, opts?: CustomResourceOptions): GlobalForwardingRule
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            allow_psc_global_access: Optional[bool] = None,
            base_forwarding_rule: Optional[str] = None,
            description: Optional[str] = None,
            effective_labels: Optional[Mapping[str, str]] = None,
            ip_address: Optional[str] = None,
            ip_protocol: Optional[str] = None,
            ip_version: Optional[str] = None,
            label_fingerprint: Optional[str] = None,
            labels: Optional[Mapping[str, str]] = None,
            load_balancing_scheme: Optional[str] = None,
            metadata_filters: Optional[Sequence[GlobalForwardingRuleMetadataFilterArgs]] = None,
            name: Optional[str] = None,
            network: Optional[str] = None,
            no_automate_dns_zone: Optional[bool] = None,
            port_range: Optional[str] = None,
            project: Optional[str] = None,
            psc_connection_id: Optional[str] = None,
            psc_connection_status: Optional[str] = None,
            pulumi_labels: Optional[Mapping[str, str]] = None,
            self_link: Optional[str] = None,
            source_ip_ranges: Optional[Sequence[str]] = None,
            subnetwork: Optional[str] = None,
            target: Optional[str] = None) -> GlobalForwardingRule
    func GetGlobalForwardingRule(ctx *Context, name string, id IDInput, state *GlobalForwardingRuleState, opts ...ResourceOption) (*GlobalForwardingRule, error)
    public static GlobalForwardingRule Get(string name, Input<string> id, GlobalForwardingRuleState? state, CustomResourceOptions? opts = null)
    public static GlobalForwardingRule get(String name, Output<String> id, GlobalForwardingRuleState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AllowPscGlobalAccess bool

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    BaseForwardingRule string

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    Description string

    An optional description of this resource. Provide this property when you create the resource.

    EffectiveLabels Dictionary<string, string>

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    IpAddress string

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    IpProtocol string

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    IpVersion string

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    LabelFingerprint string

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    Labels Dictionary<string, string>

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    LoadBalancingScheme string

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    MetadataFilters List<GlobalForwardingRuleMetadataFilter>

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    Name string

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    Network string

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    NoAutomateDnsZone bool

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    PortRange string

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    Project string

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    PscConnectionId string

    The PSC connection id of the PSC Forwarding Rule.

    PscConnectionStatus string

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    PulumiLabels Dictionary<string, string>

    The combination of labels configured directly on the resource and default labels configured on the provider.

    SelfLink string

    The URI of the created resource.

    SourceIpRanges List<string>

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    Subnetwork string

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    Target string

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    AllowPscGlobalAccess bool

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    BaseForwardingRule string

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    Description string

    An optional description of this resource. Provide this property when you create the resource.

    EffectiveLabels map[string]string

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    IpAddress string

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    IpProtocol string

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    IpVersion string

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    LabelFingerprint string

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    Labels map[string]string

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    LoadBalancingScheme string

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    MetadataFilters []GlobalForwardingRuleMetadataFilterArgs

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    Name string

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    Network string

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    NoAutomateDnsZone bool

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    PortRange string

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    Project string

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    PscConnectionId string

    The PSC connection id of the PSC Forwarding Rule.

    PscConnectionStatus string

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    PulumiLabels map[string]string

    The combination of labels configured directly on the resource and default labels configured on the provider.

    SelfLink string

    The URI of the created resource.

    SourceIpRanges []string

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    Subnetwork string

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    Target string

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    allowPscGlobalAccess Boolean

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    baseForwardingRule String

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    description String

    An optional description of this resource. Provide this property when you create the resource.

    effectiveLabels Map<String,String>

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    ipAddress String

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    ipProtocol String

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    ipVersion String

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    labelFingerprint String

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    labels Map<String,String>

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    loadBalancingScheme String

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    metadataFilters List<GlobalForwardingRuleMetadataFilter>

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    name String

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    network String

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    noAutomateDnsZone Boolean

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    portRange String

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    project String

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    pscConnectionId String

    The PSC connection id of the PSC Forwarding Rule.

    pscConnectionStatus String

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    pulumiLabels Map<String,String>

    The combination of labels configured directly on the resource and default labels configured on the provider.

    selfLink String

    The URI of the created resource.

    sourceIpRanges List<String>

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    subnetwork String

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    target String

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    allowPscGlobalAccess boolean

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    baseForwardingRule string

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    description string

    An optional description of this resource. Provide this property when you create the resource.

    effectiveLabels {[key: string]: string}

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    ipAddress string

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    ipProtocol string

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    ipVersion string

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    labelFingerprint string

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    labels {[key: string]: string}

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    loadBalancingScheme string

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    metadataFilters GlobalForwardingRuleMetadataFilter[]

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    name string

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    network string

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    noAutomateDnsZone boolean

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    portRange string

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    project string

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    pscConnectionId string

    The PSC connection id of the PSC Forwarding Rule.

    pscConnectionStatus string

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    pulumiLabels {[key: string]: string}

    The combination of labels configured directly on the resource and default labels configured on the provider.

    selfLink string

    The URI of the created resource.

    sourceIpRanges string[]

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    subnetwork string

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    target string

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    allow_psc_global_access bool

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    base_forwarding_rule str

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    description str

    An optional description of this resource. Provide this property when you create the resource.

    effective_labels Mapping[str, str]

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    ip_address str

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    ip_protocol str

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    ip_version str

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    label_fingerprint str

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    labels Mapping[str, str]

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    load_balancing_scheme str

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    metadata_filters Sequence[GlobalForwardingRuleMetadataFilterArgs]

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    name str

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    network str

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    no_automate_dns_zone bool

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    port_range str

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    project str

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    psc_connection_id str

    The PSC connection id of the PSC Forwarding Rule.

    psc_connection_status str

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    pulumi_labels Mapping[str, str]

    The combination of labels configured directly on the resource and default labels configured on the provider.

    self_link str

    The URI of the created resource.

    source_ip_ranges Sequence[str]

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    subnetwork str

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    target str

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    allowPscGlobalAccess Boolean

    This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.

    baseForwardingRule String

    [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.

    description String

    An optional description of this resource. Provide this property when you create the resource.

    effectiveLabels Map<String>

    All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

    ipAddress String

    IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances:

    • When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0.
    • When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress.

    Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule:

    • IP address number, as in 100.1.2.3
    • IPv6 address range, as in 2600:1234::/96
    • Full resource URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name
    • Partial URL or by name, as in:
    • projects/project_id/regions/region/addresses/address-name
    • regions/region/addresses/address-name
    • global/addresses/address-name
    • address-name

    The forwarding rule's target, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.

    ipProtocol String

    The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features. Possible values are: TCP, UDP, ESP, AH, SCTP, ICMP.

    ipVersion String

    The IP Version that will be used by this global forwarding rule. Possible values are: IPV4, IPV6.

    labelFingerprint String

    The fingerprint used for optimistic locking of this resource. Used internally during updates.

    labels Map<String>

    Labels to apply to this forwarding rule. A list of key->value pairs.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

    loadBalancingScheme String

    Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts. Default value is EXTERNAL. Possible values are: EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED.

    metadataFilters List<Property Map>

    Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

    name String

    Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.

    network String

    This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.

    noAutomateDnsZone Boolean

    This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.

    portRange String

    The portRange field has the following limitations:

    • It requires that the forwarding rule IPProtocol be TCP, UDP, or SCTP, and
    • It's applicable only to the following products: external passthrough Network Load Balancers, internal and external proxy Network Load Balancers, internal and external Application Load Balancers, external protocol forwarding, and Classic VPN.
    • Some products have restrictions on what ports can be used. See port specifications for details. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges.
    project String

    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    pscConnectionId String

    The PSC connection id of the PSC Forwarding Rule.

    pscConnectionStatus String

    The PSC connection status of the PSC Forwarding Rule. Possible values: STATUS_UNSPECIFIED, PENDING, ACCEPTED, REJECTED, CLOSED

    pulumiLabels Map<String>

    The combination of labels configured directly on the resource and default labels configured on the provider.

    selfLink String

    The URI of the created resource.

    sourceIpRanges List<String>

    If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each sourceIpRange entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).

    subnetwork String

    This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.

    target String

    The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.

    For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.


    Supporting Types

    GlobalForwardingRuleMetadataFilter, GlobalForwardingRuleMetadataFilterArgs

    FilterLabels List<GlobalForwardingRuleMetadataFilterFilterLabel>

    The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. Structure is documented below.

    FilterMatchCriteria string

    Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. MATCH_ANY - At least one of the filterLabels must have a matching label in the provided metadata. MATCH_ALL - All filterLabels must have matching labels in the provided metadata. Possible values are: MATCH_ANY, MATCH_ALL.

    FilterLabels []GlobalForwardingRuleMetadataFilterFilterLabel

    The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. Structure is documented below.

    FilterMatchCriteria string

    Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. MATCH_ANY - At least one of the filterLabels must have a matching label in the provided metadata. MATCH_ALL - All filterLabels must have matching labels in the provided metadata. Possible values are: MATCH_ANY, MATCH_ALL.

    filterLabels List<GlobalForwardingRuleMetadataFilterFilterLabel>

    The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. Structure is documented below.

    filterMatchCriteria String

    Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. MATCH_ANY - At least one of the filterLabels must have a matching label in the provided metadata. MATCH_ALL - All filterLabels must have matching labels in the provided metadata. Possible values are: MATCH_ANY, MATCH_ALL.

    filterLabels GlobalForwardingRuleMetadataFilterFilterLabel[]

    The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. Structure is documented below.

    filterMatchCriteria string

    Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. MATCH_ANY - At least one of the filterLabels must have a matching label in the provided metadata. MATCH_ALL - All filterLabels must have matching labels in the provided metadata. Possible values are: MATCH_ANY, MATCH_ALL.

    filter_labels Sequence[GlobalForwardingRuleMetadataFilterFilterLabel]

    The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. Structure is documented below.

    filter_match_criteria str

    Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. MATCH_ANY - At least one of the filterLabels must have a matching label in the provided metadata. MATCH_ALL - All filterLabels must have matching labels in the provided metadata. Possible values are: MATCH_ANY, MATCH_ALL.

    filterLabels List<Property Map>

    The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries. Structure is documented below.

    filterMatchCriteria String

    Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. MATCH_ANY - At least one of the filterLabels must have a matching label in the provided metadata. MATCH_ALL - All filterLabels must have matching labels in the provided metadata. Possible values are: MATCH_ANY, MATCH_ALL.

    GlobalForwardingRuleMetadataFilterFilterLabel, GlobalForwardingRuleMetadataFilterFilterLabelArgs

    Name string

    Name of the metadata label. The length must be between 1 and 1024 characters, inclusive.

    Value string

    The value that the label must match. The value has a maximum length of 1024 characters.

    Name string

    Name of the metadata label. The length must be between 1 and 1024 characters, inclusive.

    Value string

    The value that the label must match. The value has a maximum length of 1024 characters.

    name String

    Name of the metadata label. The length must be between 1 and 1024 characters, inclusive.

    value String

    The value that the label must match. The value has a maximum length of 1024 characters.

    name string

    Name of the metadata label. The length must be between 1 and 1024 characters, inclusive.

    value string

    The value that the label must match. The value has a maximum length of 1024 characters.

    name str

    Name of the metadata label. The length must be between 1 and 1024 characters, inclusive.

    value str

    The value that the label must match. The value has a maximum length of 1024 characters.

    name String

    Name of the metadata label. The length must be between 1 and 1024 characters, inclusive.

    value String

    The value that the label must match. The value has a maximum length of 1024 characters.

    Import

    GlobalForwardingRule can be imported using any of these accepted formats* projects/{{project}}/global/forwardingRules/{{name}} * {{project}}/{{name}} * {{name}} In Terraform v1.5.0 and later, use an import block to import GlobalForwardingRule using one of the formats above. For exampletf import {

    id = “projects/{{project}}/global/forwardingRules/{{name}}”

    to = google_compute_global_forwarding_rule.default }

     $ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), GlobalForwardingRule can be imported using one of the formats above. For example
    
     $ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default projects/{{project}}/global/forwardingRules/{{name}}
    
     $ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default {{project}}/{{name}}
    
     $ pulumi import gcp:compute/globalForwardingRule:GlobalForwardingRule default {{name}}
    

    Package Details

    Repository
    Google Cloud (GCP) Classic pulumi/pulumi-gcp
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the google-beta Terraform Provider.

    gcp logo
    Google Cloud Classic v7.2.2 published on Monday, Jan 1, 0001 by Pulumi