1. Docs
  2. Reference
  3. API
  4. @pulumi/gcp
  5. compute

Module compute

This page documents the language specification for the gcp package. If you're looking for help working with the inputs, outputs, or functions of gcp resources in a Pulumi program, please see the resource documentation for examples and API reference.

Resources

Functions

Others

Resources

Resource Address

class Address extends CustomResource

Represents an Address resource.

Each virtual machine instance has an ephemeral internal IP address and, optionally, an external IP address. To communicate between instances on the same network, you can use an instance’s internal IP address. To communicate with the Internet and instances outside of the same network, you must specify the instance’s external IP address.

Internal IP addresses are ephemeral and only belong to an instance for the lifetime of the instance; if the instance is deleted and recreated, the instance is assigned a new internal IP address, either by Compute Engine or by you. External IP addresses can be either ephemeral or static.

To get more information about Address, see:

Example Usage - Address Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const ipAddress = new gcp.compute.Address("ipAddress", {});

Example Usage - Address With Subnetwork

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultNetwork = new gcp.compute.Network("defaultNetwork", {});
const defaultSubnetwork = new gcp.compute.Subnetwork("defaultSubnetwork", {
    ipCidrRange: "10.0.0.0/16",
    region: "us-central1",
    network: defaultNetwork.id,
});
const internalWithSubnetAndAddress = new gcp.compute.Address("internalWithSubnetAndAddress", {
    subnetwork: defaultSubnetwork.id,
    addressType: "INTERNAL",
    address: "10.0.42.42",
    region: "us-central1",
});

Example Usage - Address With Gce Endpoint

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const internalWithGceEndpoint = new gcp.compute.Address("internalWithGceEndpoint", {
    addressType: "INTERNAL",
    purpose: "GCE_ENDPOINT",
});

Example Usage - Instance With Ip

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const static = new gcp.compute.Address("static", {});
const debianImage = gcp.compute.getImage({
    family: "debian-9",
    project: "debian-cloud",
});
const instanceWithIp = new gcp.compute.Instance("instanceWithIp", {
    machineType: "f1-micro",
    zone: "us-central1-a",
    boot_disk: {
        initialize_params: {
            image: debianImage.then(debianImage => debianImage.selfLink),
        },
    },
    network_interface: [{
        network: "default",
        access_config: [{
            natIp: static.address,
        }],
    }],
});

constructor

new Address(name: string, args?: AddressArgs, opts?: pulumi.CustomResourceOptions)

Create a Address resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AddressState, opts?: pulumi.CustomResourceOptions): Address

Get an existing Address resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Address

Returns true if the given object is an instance of Address. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property address

public address: pulumi.Output<string>;

The static external IP address represented by this resource. Only IPv4 is supported. An address may only be specified for INTERNAL address types. The IP address must be inside the specified subnetwork, if any.

property addressType

public addressType: pulumi.Output<string | undefined>;

The type of address to reserve.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;

Labels to apply to this address. A list of key->value pairs.

property name

public name: pulumi.Output<string>;

Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property networkTier

public networkTier: pulumi.Output<string>;

The networking tier used for configuring this address. If this field is not specified, it is assumed to be PREMIUM.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property purpose

public purpose: pulumi.Output<string>;

The purpose of this resource, which can be one of the following values: - GCE_ENDPOINT for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. This should only be set when using an Internal address.

property region

public region: pulumi.Output<string>;

The Region in which the created address should reside. If it is not provided, the provider region is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property subnetwork

public subnetwork: pulumi.Output<string>;

The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork’s IP range. This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property users

public users: pulumi.Output<string[]>;

The URLs of the resources that are using this address.

Resource AttachedDisk

class AttachedDisk extends CustomResource

Persistent disks can be attached to a compute instance using the attachedDisk section within the compute instance configuration. However there may be situations where managing the attached disks via the compute instance config isn’t preferable or possible, such as attaching dynamic numbers of disks using the count variable.

To get more information about attaching disks, see:

Note: When using gcp.compute.AttachedDisk you must use lifecycle.ignore_changes = ["attachedDisk"] on the gcp.compute.Instance resource that has the disks attached. Otherwise the two resources will fight for control of the attached disk block.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultInstance = new gcp.compute.Instance("defaultInstance", {
    machineType: "n1-standard-1",
    zone: "us-west1-a",
    boot_disk: {
        initialize_params: {
            image: "debian-cloud/debian-9",
        },
    },
    network_interface: [{
        network: "default",
    }],
});
const defaultAttachedDisk = new gcp.compute.AttachedDisk("defaultAttachedDisk", {
    disk: google_compute_disk["default"].id,
    instance: defaultInstance.id,
});

constructor

new AttachedDisk(name: string, args: AttachedDiskArgs, opts?: pulumi.CustomResourceOptions)

Create a AttachedDisk resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AttachedDiskState, opts?: pulumi.CustomResourceOptions): AttachedDisk

Get an existing AttachedDisk resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is AttachedDisk

Returns true if the given object is an instance of AttachedDisk. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property deviceName

public deviceName: pulumi.Output<string>;

Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.

property disk

public disk: pulumi.Output<string>;

name or selfLink of the disk that will be attached.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instance

public instance: pulumi.Output<string>;

name or selfLink of the compute instance that the disk will be attached to. If the selfLink is provided then zone and project are extracted from the self link. If only the name is used then zone and project must be defined as properties on the resource or provider.

property mode

public mode: pulumi.Output<string | undefined>;

The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.

property project

public project: pulumi.Output<string>;

The project that the referenced compute instance is a part of. If instance is referenced by its selfLink the project defined in the link will take precedence.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;

The zone that the referenced compute instance is located within. If instance is referenced by its selfLink the zone defined in the link will take precedence.

Resource Autoscalar

DEPRECATED gcp.compute.Autoscalar has been deprecated in favor of gcp.compute.Autoscaler
class Autoscalar extends CustomResource
Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. To get more information about Autoscaler, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/autoscalers) * How-to Guides * [Autoscaling Groups of Instances](https://cloud.google.com/compute/docs/autoscaler/) #### Example Usage - Autoscaler Single Instance ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const debian9 = gcp.compute.getImage({ family: "debian-9", project: "debian-cloud", }); const defaultInstanceTemplate = new gcp.compute.InstanceTemplate("defaultInstanceTemplate", { machineType: "n1-standard-1", canIpForward: false, tags: [ "foo", "bar", ], disk: [{ sourceImage: debian9.then(debian9 => debian9.selfLink), }], network_interface: [{ network: "default", }], metadata: { foo: "bar", }, service_account: { scopes: [ "userinfo-email", "compute-ro", "storage-ro", ], }, }); const defaultTargetPool = new gcp.compute.TargetPool("defaultTargetPool", {}); const defaultInstanceGroupManager = new gcp.compute.InstanceGroupManager("defaultInstanceGroupManager", { zone: "us-central1-f", version: [{ instanceTemplate: defaultInstanceTemplate.id, name: "primary", }], targetPools: [defaultTargetPool.id], baseInstanceName: "autoscaler-sample", }); const defaultAutoscaler = new gcp.compute.Autoscaler("defaultAutoscaler", { zone: "us-central1-f", target: defaultInstanceGroupManager.id, autoscaling_policy: { maxReplicas: 5, minReplicas: 1, cooldownPeriod: 60, metric: [{ name: "pubsub.googleapis.com/subscription/num_undelivered_messages", filter: "resource.type = pubsubSubscription AND resource.label.subscription_id = our-subscription", singleInstanceAssignment: 65535, }], }, }); ``` #### Example Usage - Autoscaler Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const debian9 = gcp.compute.getImage({ family: "debian-9", project: "debian-cloud", }); const foobarInstanceTemplate = new gcp.compute.InstanceTemplate("foobarInstanceTemplate", { machineType: "n1-standard-1", canIpForward: false, tags: [ "foo", "bar", ], disk: [{ sourceImage: debian9.then(debian9 => debian9.selfLink), }], network_interface: [{ network: "default", }], metadata: { foo: "bar", }, service_account: { scopes: [ "userinfo-email", "compute-ro", "storage-ro", ], }, }); const foobarTargetPool = new gcp.compute.TargetPool("foobarTargetPool", {}); const foobarInstanceGroupManager = new gcp.compute.InstanceGroupManager("foobarInstanceGroupManager", { zone: "us-central1-f", version: [{ instanceTemplate: foobarInstanceTemplate.id, name: "primary", }], targetPools: [foobarTargetPool.id], baseInstanceName: "foobar", }); const foobarAutoscaler = new gcp.compute.Autoscaler("foobarAutoscaler", { zone: "us-central1-f", target: foobarInstanceGroupManager.id, autoscaling_policy: { maxReplicas: 5, minReplicas: 1, cooldownPeriod: 60, cpu_utilization: { target: 0.5, }, }, }); ```

constructor

DEPRECATED gcp.compute.Autoscalar has been deprecated in favor of gcp.compute.Autoscaler
DEPRECATED gcp.compute.Autoscalar has been deprecated in favor of gcp.compute.Autoscaler
new Autoscalar(name: string, args: AutoscalarArgs, opts?: pulumi.CustomResourceOptions)

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AutoscalarState, opts?: pulumi.CustomResourceOptions): Autoscalar
Get an existing Autoscalar resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Autoscalar
Returns true if the given object is an instance of Autoscalar. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoscalingPolicy

public autoscalingPolicy: pulumi.Output<AutoscalarAutoscalingPolicy>;
The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%. Structure is documented below.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;
The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property target

public target: pulumi.Output<string>;
Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;
URL of the zone where the instance group resides.

Resource Autoscaler

class Autoscaler extends CustomResource
Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. To get more information about Autoscaler, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/autoscalers) * How-to Guides * [Autoscaling Groups of Instances](https://cloud.google.com/compute/docs/autoscaler/) #### Example Usage - Autoscaler Single Instance ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const debian9 = gcp.compute.getImage({ family: "debian-9", project: "debian-cloud", }); const defaultInstanceTemplate = new gcp.compute.InstanceTemplate("defaultInstanceTemplate", { machineType: "n1-standard-1", canIpForward: false, tags: [ "foo", "bar", ], disk: [{ sourceImage: debian9.then(debian9 => debian9.selfLink), }], network_interface: [{ network: "default", }], metadata: { foo: "bar", }, service_account: { scopes: [ "userinfo-email", "compute-ro", "storage-ro", ], }, }); const defaultTargetPool = new gcp.compute.TargetPool("defaultTargetPool", {}); const defaultInstanceGroupManager = new gcp.compute.InstanceGroupManager("defaultInstanceGroupManager", { zone: "us-central1-f", version: [{ instanceTemplate: defaultInstanceTemplate.id, name: "primary", }], targetPools: [defaultTargetPool.id], baseInstanceName: "autoscaler-sample", }); const defaultAutoscaler = new gcp.compute.Autoscaler("defaultAutoscaler", { zone: "us-central1-f", target: defaultInstanceGroupManager.id, autoscaling_policy: { maxReplicas: 5, minReplicas: 1, cooldownPeriod: 60, metric: [{ name: "pubsub.googleapis.com/subscription/num_undelivered_messages", filter: "resource.type = pubsubSubscription AND resource.label.subscription_id = our-subscription", singleInstanceAssignment: 65535, }], }, }); ``` #### Example Usage - Autoscaler Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const debian9 = gcp.compute.getImage({ family: "debian-9", project: "debian-cloud", }); const foobarInstanceTemplate = new gcp.compute.InstanceTemplate("foobarInstanceTemplate", { machineType: "n1-standard-1", canIpForward: false, tags: [ "foo", "bar", ], disk: [{ sourceImage: debian9.then(debian9 => debian9.selfLink), }], network_interface: [{ network: "default", }], metadata: { foo: "bar", }, service_account: { scopes: [ "userinfo-email", "compute-ro", "storage-ro", ], }, }); const foobarTargetPool = new gcp.compute.TargetPool("foobarTargetPool", {}); const foobarInstanceGroupManager = new gcp.compute.InstanceGroupManager("foobarInstanceGroupManager", { zone: "us-central1-f", version: [{ instanceTemplate: foobarInstanceTemplate.id, name: "primary", }], targetPools: [foobarTargetPool.id], baseInstanceName: "foobar", }); const foobarAutoscaler = new gcp.compute.Autoscaler("foobarAutoscaler", { zone: "us-central1-f", target: foobarInstanceGroupManager.id, autoscaling_policy: { maxReplicas: 5, minReplicas: 1, cooldownPeriod: 60, cpu_utilization: { target: 0.5, }, }, }); ```

constructor

new Autoscaler(name: string, args: AutoscalerArgs, opts?: pulumi.CustomResourceOptions)
Create a Autoscaler resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AutoscalerState, opts?: pulumi.CustomResourceOptions): Autoscaler
Get an existing Autoscaler resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Autoscaler
Returns true if the given object is an instance of Autoscaler. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoscalingPolicy

public autoscalingPolicy: pulumi.Output<AutoscalerAutoscalingPolicy>;
The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%. Structure is documented below.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;
The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property target

public target: pulumi.Output<string>;
Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;
URL of the zone where the instance group resides.

Resource BackendBucket

class BackendBucket extends CustomResource
Backend buckets allow you to use Google Cloud Storage buckets with HTTP(S) load balancing. An HTTP(S) load balancer can direct traffic to specified URLs to a backend bucket rather than a backend service. It can send requests for static content to a Cloud Storage bucket and requests for dynamic content to a virtual machine instance. To get more information about BackendBucket, see: * [API documentation](https://cloud.google.com/compute/docs/reference/v1/backendBuckets) * How-to Guides * [Using a Cloud Storage bucket as a load balancer backend](https://cloud.google.com/compute/docs/load-balancing/http/backend-bucket) #### Example Usage - Backend Bucket Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const imageBucket = new gcp.storage.Bucket("imageBucket", {location: "EU"}); const imageBackend = new gcp.compute.BackendBucket("imageBackend", { description: "Contains beautiful images", bucketName: imageBucket.name, enableCdn: true, }); ```

constructor

new BackendBucket(name: string, args: BackendBucketArgs, opts?: pulumi.CustomResourceOptions)
Create a BackendBucket resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BackendBucketState, opts?: pulumi.CustomResourceOptions): BackendBucket
Get an existing BackendBucket resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is BackendBucket
Returns true if the given object is an instance of BackendBucket. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bucketName

public bucketName: pulumi.Output<string>;
Cloud Storage bucket name.

property cdnPolicy

public cdnPolicy: pulumi.Output<BackendBucketCdnPolicy>;
Cloud CDN configuration for this Backend Bucket. Structure is documented below.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;
An optional textual description of the resource; provided by the client when the resource is created.

property enableCdn

public enableCdn: pulumi.Output<boolean | undefined>;
If true, enable Cloud CDN for this BackendBucket.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource BackendBucketSignedUrlKey

class BackendBucketSignedUrlKey extends CustomResource
A key for signing Cloud CDN signed URLs for BackendBuckets. To get more information about BackendBucketSignedUrlKey, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/backendBuckets) * How-to Guides * [Using Signed URLs](https://cloud.google.com/cdn/docs/using-signed-urls/) > **Warning:** All arguments including `keyValue` will be stored in the raw state as plain-text. #### Example Usage - Backend Bucket Signed Url Key ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const bucket = new gcp.storage.Bucket("bucket", {location: "EU"}); const testBackend = new gcp.compute.BackendBucket("testBackend", { description: "Contains beautiful images", bucketName: bucket.name, enableCdn: true, }); const backendKey = new gcp.compute.BackendBucketSignedUrlKey("backendKey", { keyValue: "pPsVemX8GM46QVeezid6Rw==", backendBucket: testBackend.name, }); ```

constructor

new BackendBucketSignedUrlKey(name: string, args: BackendBucketSignedUrlKeyArgs, opts?: pulumi.CustomResourceOptions)
Create a BackendBucketSignedUrlKey resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BackendBucketSignedUrlKeyState, opts?: pulumi.CustomResourceOptions): BackendBucketSignedUrlKey
Get an existing BackendBucketSignedUrlKey resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is BackendBucketSignedUrlKey
Returns true if the given object is an instance of BackendBucketSignedUrlKey. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property backendBucket

public backendBucket: pulumi.Output<string>;
The backend bucket this signed URL key belongs.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property keyValue

public keyValue: pulumi.Output<string>;
128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string. **Note**: This property is sensitive and will not be displayed in the plan.

property name

public name: pulumi.Output<string>;
Name of the signed URL key.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource BackendService

class BackendService extends CustomResource
A Backend Service defines a group of virtual machines that will serve traffic for load balancing. This resource is a global backend service, appropriate for external load balancing or self-managed internal load balancing. For managed internal load balancing, use a regional backend service instead. Currently self-managed internal load balancing is only available in beta. To get more information about BackendService, see: * [API documentation](https://cloud.google.com/compute/docs/reference/v1/backendServices) * How-to Guides * [Official Documentation](https://cloud.google.com/compute/docs/load-balancing/http/backend-service) #### Example Usage - Backend Service Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("defaultHttpHealthCheck", { requestPath: "/", checkIntervalSec: 1, timeoutSec: 1, }); const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", {healthChecks: [defaultHttpHealthCheck.id]}); ``` #### Example Usage - Backend Service Traffic Director Round Robin ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const healthCheck = new gcp.compute.HealthCheck("healthCheck", {http_health_check: { port: 80, }}); const _default = new gcp.compute.BackendService("default", { healthChecks: [healthCheck.id], loadBalancingScheme: "INTERNAL_SELF_MANAGED", localityLbPolicy: "ROUND_ROBIN", }); ``` #### Example Usage - Backend Service Traffic Director Ring Hash ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const healthCheck = new gcp.compute.HealthCheck("healthCheck", {http_health_check: { port: 80, }}); const _default = new gcp.compute.BackendService("default", { healthChecks: [healthCheck.id], loadBalancingScheme: "INTERNAL_SELF_MANAGED", localityLbPolicy: "RING_HASH", sessionAffinity: "HTTP_COOKIE", circuit_breakers: { maxConnections: 10, }, consistent_hash: { http_cookie: { ttl: { seconds: 11, nanos: 1111, }, name: "mycookie", }, }, outlier_detection: { consecutiveErrors: 2, }, }); ```

constructor

new BackendService(name: string, args: BackendServiceArgs, opts?: pulumi.CustomResourceOptions)
Create a BackendService resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BackendServiceState, opts?: pulumi.CustomResourceOptions): BackendService
Get an existing BackendService resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is BackendService
Returns true if the given object is an instance of BackendService. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property affinityCookieTtlSec

public affinityCookieTtlSec: pulumi.Output<number | undefined>;
Lifetime of cookies in seconds if sessionAffinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.

property backends

public backends: pulumi.Output<BackendServiceBackend[] | undefined>;
The set of backends that serve this BackendService. Structure is documented below.

property cdnPolicy

public cdnPolicy: pulumi.Output<BackendServiceCdnPolicy>;
Cloud CDN configuration for this BackendService. Structure is documented below.

property circuitBreakers

public circuitBreakers: pulumi.Output<BackendServiceCircuitBreakers | undefined>;
Settings controlling the volume of connections to a backend service. This field is applicable only when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.

property connectionDrainingTimeoutSec

public connectionDrainingTimeoutSec: pulumi.Output<number | undefined>;
Time for which instance will be drained (not accept new connections, but still work to finish started).

property consistentHash

public consistentHash: pulumi.Output<BackendServiceConsistentHash | undefined>;
Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. Structure is documented below.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property customRequestHeaders

public customRequestHeaders: pulumi.Output<string[] | undefined>;
Headers that the HTTP/S load balancer should add to proxied requests.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource. Provide this property when you create the resource.

property enableCdn

public enableCdn: pulumi.Output<boolean | undefined>;
If true, enable Cloud CDN for this BackendService.

property fingerprint

public fingerprint: pulumi.Output<string>;
Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.

property healthChecks

public healthChecks: pulumi.Output<string>;
The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified, and a health check is required. For internal load balancing, a URL to a HealthCheck resource must be specified instead.

property iap

public iap: pulumi.Output<BackendServiceIap | undefined>;
Settings for enabling Cloud Identity Aware Proxy Structure is documented below.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property loadBalancingScheme

public loadBalancingScheme: pulumi.Output<string | undefined>;
Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other.

property localityLbPolicy

public localityLbPolicy: pulumi.Output<string | undefined>;
The load balancing algorithm used within the scope of the locality. The possible values are - ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. RANDOM - The load balancer selects a random healthy host. ORIGINAL_DESTINATION - Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. MAGLEV - used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 This field is applicable only when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.

property logConfig

public logConfig: pulumi.Output<BackendServiceLogConfig>;
This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.

property name

public name: pulumi.Output<string>;
Name of the cookie.

property outlierDetection

public outlierDetection: pulumi.Output<BackendServiceOutlierDetection | undefined>;
Settings controlling eviction of unhealthy hosts from the load balancing pool. This field is applicable only when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.

property portName

public portName: pulumi.Output<string>;
Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property protocol

public protocol: pulumi.Output<string>;
The protocol this BackendService uses to communicate with backends. The default is HTTP. **NOTE**: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API.

property securityPolicy

public securityPolicy: pulumi.Output<string | undefined>;
The security policy associated with this backend service.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property sessionAffinity

public sessionAffinity: pulumi.Output<string>;
Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP.

property timeoutSec

public timeoutSec: pulumi.Output<number>;
How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds. Valid range is [1, 86400].

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource BackendServiceSignedUrlKey

class BackendServiceSignedUrlKey extends CustomResource
A key for signing Cloud CDN signed URLs for Backend Services. To get more information about BackendServiceSignedUrlKey, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices) * How-to Guides * [Using Signed URLs](https://cloud.google.com/cdn/docs/using-signed-urls/) > **Warning:** All arguments including `keyValue` will be stored in the raw state as plain-text. #### Example Usage - Backend Service Signed Url Key ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const webserver = new gcp.compute.InstanceTemplate("webserver", { machineType: "n1-standard-1", network_interface: [{ network: "default", }], disk: [{ sourceImage: "debian-cloud/debian-9", autoDelete: true, boot: true, }], }); const webservers = new gcp.compute.InstanceGroupManager("webservers", { version: [{ instanceTemplate: webserver.id, name: "primary", }], baseInstanceName: "webserver", zone: "us-central1-f", targetSize: 1, }); const _default = new gcp.compute.HttpHealthCheck("default", { requestPath: "/", checkIntervalSec: 1, timeoutSec: 1, }); const exampleBackend = new gcp.compute.BackendService("exampleBackend", { description: "Our company website", portName: "http", protocol: "HTTP", timeoutSec: 10, enableCdn: true, backend: [{ group: webservers.instanceGroup, }], healthChecks: [_default.id], }); const backendKey = new gcp.compute.BackendServiceSignedUrlKey("backendKey", { keyValue: "pPsVemX8GM46QVeezid6Rw==", backendService: exampleBackend.name, }); ```

constructor

new BackendServiceSignedUrlKey(name: string, args: BackendServiceSignedUrlKeyArgs, opts?: pulumi.CustomResourceOptions)
Create a BackendServiceSignedUrlKey resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BackendServiceSignedUrlKeyState, opts?: pulumi.CustomResourceOptions): BackendServiceSignedUrlKey
Get an existing BackendServiceSignedUrlKey resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is BackendServiceSignedUrlKey
Returns true if the given object is an instance of BackendServiceSignedUrlKey. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property backendService

public backendService: pulumi.Output<string>;
The backend service this signed URL key belongs.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property keyValue

public keyValue: pulumi.Output<string>;
128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string. **Note**: This property is sensitive and will not be displayed in the plan.

property name

public name: pulumi.Output<string>;
Name of the signed URL key.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Disk

class Disk extends CustomResource
Persistent disks are durable storage devices that function similarly to the physical disks in a desktop or a server. Compute Engine manages the hardware behind these devices to ensure data redundancy and optimize performance for you. Persistent disks are available as either standard hard disk drives (HDD) or solid-state drives (SSD). Persistent disks are located independently from your virtual machine instances, so you can detach or move persistent disks to keep your data even after you delete your instances. Persistent disk performance scales automatically with size, so you can resize your existing persistent disks or add more persistent disks to an instance to meet your performance and storage space requirements. Add a persistent disk to your instance when you need reliable and affordable storage with consistent performance characteristics. To get more information about Disk, see: * [API documentation](https://cloud.google.com/compute/docs/reference/v1/disks) * How-to Guides * [Adding a persistent disk](https://cloud.google.com/compute/docs/disks/add-persistent-disk) > **Warning:** All arguments including `disk_encryption_key.raw_key` will be stored in the raw state as plain-text. [Read more about secrets in state](https://www.pulumi.com/docs/intro/concepts/programming-model/#secrets). #### Example Usage - Disk Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const defaultDisk = new gcp.compute.Disk("default", { image: "debian-8-jessie-v20170523", labels: { environment: "dev", }, physicalBlockSizeBytes: 4096, type: "pd-ssd", zone: "us-central1-a", }); ```

constructor

new Disk(name: string, args?: DiskArgs, opts?: pulumi.CustomResourceOptions)
Create a Disk resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DiskState, opts?: pulumi.CustomResourceOptions): Disk
Get an existing Disk resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Disk
Returns true if the given object is an instance of Disk. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource. Provide this property when you create the resource.

property diskEncryptionKey

public diskEncryptionKey: pulumi.Output<DiskDiskEncryptionKey | undefined>;
Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Structure is documented below.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property image

public image: pulumi.Output<string | undefined>;
The image from which to initialize this disk. This can be one of: the image's `selfLink`, `projects/{project}/global/images/{image}`, `projects/{project}/global/images/family/{family}`, `global/images/{image}`, `global/images/family/{family}`, `family/{family}`, `{project}/{family}`, `{project}/{image}`, `{family}`, or `{image}`. If referred by family, the images names must include the family name. If they don't, use the [gcp.compute.Image data source](https://www.terraform.io/docs/providers/google/d/datasource_compute_image.html). For instance, the image `centos-6-v20180104` includes its family name `centos-6`. These images can be referred by family name here.

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;
The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;
Labels to apply to this disk. A list of key->value pairs.

property lastAttachTimestamp

public lastAttachTimestamp: pulumi.Output<string>;
Last attach timestamp in RFC3339 text format.

property lastDetachTimestamp

public lastDetachTimestamp: pulumi.Output<string>;
Last detach timestamp in RFC3339 text format.

property name

public name: pulumi.Output<string>;
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property physicalBlockSizeBytes

public physicalBlockSizeBytes: pulumi.Output<number>;
Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Currently supported sizes are 4096 and 16384, other sizes may be added in the future. If an unsupported value is requested, the error message will list the supported values for the caller's project.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property resourcePolicies

public resourcePolicies: pulumi.Output<string[]>;
Resource policies applied to this disk for automatic snapshot creations.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property size

public size: pulumi.Output<number>;
Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the `image` or `snapshot` parameter, or specify it alone to create an empty persistent disk. If you specify this field along with `image` or `snapshot`, the value must not be less than the size of the image or the size of the snapshot.

property snapshot

public snapshot: pulumi.Output<string | undefined>;
The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. If the snapshot is in another project than this disk, you must supply a full URL. For example, the following are valid values: * `https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot` * `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot` * `snapshot`

property sourceImageEncryptionKey

public sourceImageEncryptionKey: pulumi.Output<DiskSourceImageEncryptionKey | undefined>;
The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Structure is documented below.

property sourceImageId

public sourceImageId: pulumi.Output<string>;
The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.

property sourceSnapshotEncryptionKey

public sourceSnapshotEncryptionKey: pulumi.Output<DiskSourceSnapshotEncryptionKey | undefined>;
The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

property sourceSnapshotId

public sourceSnapshotId: pulumi.Output<string>;
The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.

property type

public type: pulumi.Output<string | undefined>;
URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property users

public users: pulumi.Output<string[]>;
Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance

property zone

public zone: pulumi.Output<string>;
A reference to the zone where the disk resides.

Resource DiskResourcePolicyAttachment

class DiskResourcePolicyAttachment extends CustomResource
Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation. > **Note:** This resource does not support regional disks (`gcp.compute.RegionDisk`). For regional disks, please refer to the `gcp.compute.RegionDiskResourcePolicyAttachment` resource. #### Example Usage ##### Disk Resource Policy Attachment Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const myImage = gcp.compute.getImage({ family: "debian-9", project: "debian-cloud", }); const ssd = new gcp.compute.Disk("ssd", { image: myImage.then(myImage => myImage.selfLink), size: 50, type: "pd-ssd", zone: "us-central1-a", }); const attachment = new gcp.compute.DiskResourcePolicyAttachment("attachment", { disk: ssd.name, zone: "us-central1-a", }); const policy = new gcp.compute.ResourcePolicy("policy", { region: "us-central1", snapshot_schedule_policy: { schedule: { daily_schedule: { daysInCycle: 1, startTime: "04:00", }, }, }, }); ```

constructor

new DiskResourcePolicyAttachment(name: string, args: DiskResourcePolicyAttachmentArgs, opts?: pulumi.CustomResourceOptions)
Create a DiskResourcePolicyAttachment resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DiskResourcePolicyAttachmentState, opts?: pulumi.CustomResourceOptions): DiskResourcePolicyAttachment
Get an existing DiskResourcePolicyAttachment resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is DiskResourcePolicyAttachment
Returns true if the given object is an instance of DiskResourcePolicyAttachment. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property disk

public disk: pulumi.Output<string>;
The name of the disk in which the resource policies are attached to.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;
The resource policy to be attached to the disk for scheduling snapshot creation. Do not specify the self link.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;
A reference to the zone where the disk resides.

Resource ExternalVpnGateway

class ExternalVpnGateway extends CustomResource
Represents a VPN gateway managed outside of GCP. To get more information about ExternalVpnGateway, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/externalVpnGateways) #### Example Usage - External Vpn Gateway ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const network = new gcp.compute.Network("network", { routingMode: "GLOBAL", autoCreateSubnetworks: false, }); const haGateway = new gcp.compute.HaVpnGateway("haGateway", { region: "us-central1", network: network.id, }); const externalGateway = new gcp.compute.ExternalVpnGateway("externalGateway", { redundancyType: "SINGLE_IP_INTERNALLY_REDUNDANT", description: "An externally managed VPN gateway", "interface": [{ id: 0, ipAddress: "8.8.8.8", }], }); const networkSubnet1 = new gcp.compute.Subnetwork("networkSubnet1", { ipCidrRange: "10.0.1.0/24", region: "us-central1", network: network.id, }); const networkSubnet2 = new gcp.compute.Subnetwork("networkSubnet2", { ipCidrRange: "10.0.2.0/24", region: "us-west1", network: network.id, }); const router1 = new gcp.compute.Router("router1", { network: network.name, bgp: { asn: 64514, }, }); const tunnel1 = new gcp.compute.VPNTunnel("tunnel1", { region: "us-central1", vpnGateway: haGateway.id, peerExternalGateway: externalGateway.id, peerExternalGatewayInterface: 0, sharedSecret: "a secret message", router: router1.id, vpnGatewayInterface: 0, }); const tunnel2 = new gcp.compute.VPNTunnel("tunnel2", { region: "us-central1", vpnGateway: haGateway.id, peerExternalGateway: externalGateway.id, peerExternalGatewayInterface: 0, sharedSecret: "a secret message", router: pulumi.interpolate` ${router1.id}`, vpnGatewayInterface: 1, }); const router1Interface1 = new gcp.compute.RouterInterface("router1Interface1", { router: router1.name, region: "us-central1", ipRange: "169.254.0.1/30", vpnTunnel: tunnel1.name, }); const router1Peer1 = new gcp.compute.RouterPeer("router1Peer1", { router: router1.name, region: "us-central1", peerIpAddress: "169.254.0.2", peerAsn: 64515, advertisedRoutePriority: 100, "interface": router1Interface1.name, }); const router1Interface2 = new gcp.compute.RouterInterface("router1Interface2", { router: router1.name, region: "us-central1", ipRange: "169.254.1.1/30", vpnTunnel: tunnel2.name, }); const router1Peer2 = new gcp.compute.RouterPeer("router1Peer2", { router: router1.name, region: "us-central1", peerIpAddress: "169.254.1.2", peerAsn: 64515, advertisedRoutePriority: 100, "interface": router1Interface2.name, }); ```

constructor

new ExternalVpnGateway(name: string, args?: ExternalVpnGatewayArgs, opts?: pulumi.CustomResourceOptions)
Create a ExternalVpnGateway resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ExternalVpnGatewayState, opts?: pulumi.CustomResourceOptions): ExternalVpnGateway
Get an existing ExternalVpnGateway resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ExternalVpnGateway
Returns true if the given object is an instance of ExternalVpnGateway. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property interfaces

public interfaces: pulumi.Output<ExternalVpnGatewayInterface[] | undefined>;
A list of interfaces on this external VPN gateway. Structure is documented below.

property name

public name: pulumi.Output<string>;
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property redundancyType

public redundancyType: pulumi.Output<string | undefined>;
Indicates the redundancy type of this external VPN gateway
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Firewall

class Firewall extends CustomResource
Each network has its own firewall controlling access to and from the instances. All traffic to instances, even from other instances, is blocked by the firewall unless firewall rules are created to allow it. The default network has automatically created firewall rules that are shown in default firewall rules. No manually created network has automatically created firewall rules except for a default "allow" rule for outgoing traffic and a default "deny" for incoming traffic. For all networks except the default network, you must create any firewall rules you need. To get more information about Firewall, see: * [API documentation](https://cloud.google.com/compute/docs/reference/v1/firewalls) * How-to Guides * [Official Documentation](https://cloud.google.com/vpc/docs/firewalls) #### Example Usage - Firewall Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const defaultNetwork = new gcp.compute.Network("defaultNetwork", {}); const defaultFirewall = new gcp.compute.Firewall("defaultFirewall", { network: defaultNetwork.name, allow: [ { protocol: "icmp", }, { protocol: "tcp", ports: [ "80", "8080", "1000-2000", ], }, ], sourceTags: ["web"], }); ```

constructor

new Firewall(name: string, args: FirewallArgs, opts?: pulumi.CustomResourceOptions)
Create a Firewall resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FirewallState, opts?: pulumi.CustomResourceOptions): Firewall
Get an existing Firewall resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Firewall
Returns true if the given object is an instance of Firewall. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allows

public allows: pulumi.Output<FirewallAllow[] | undefined>;
The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection. Structure is documented below.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property denies

public denies: pulumi.Output<FirewallDeny[] | undefined>;
The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection. Structure is documented below.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource. Provide this property when you create the resource.

property destinationRanges

public destinationRanges: pulumi.Output<string[]>;
If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.

property direction

public direction: pulumi.Output<string>;
Direction of traffic to which this firewall applies; default is INGRESS. Note: For INGRESS traffic, it is NOT supported to specify destinationRanges; For EGRESS traffic, it is NOT supported to specify sourceRanges OR sourceTags.

property disabled

public disabled: pulumi.Output<boolean | undefined>;
Denotes whether the firewall rule is disabled, i.e not applied to the network it is associated with. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.

property enableLogging

public enableLogging: pulumi.Output<boolean | undefined>;
This field denotes whether to enable logging for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

public network: pulumi.Output<string>;
The name or selfLink of the network to attach this firewall to.

property priority

public priority: pulumi.Output<number | undefined>;
Priority for this rule. This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative priorities determine precedence of conflicting rules. Lower value of priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property sourceRanges

public sourceRanges: pulumi.Output<string[]>;
If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. Only IPv4 is supported.

property sourceServiceAccounts

public sourceServiceAccounts: pulumi.Output<string[] | undefined>;
If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.

property sourceTags

public sourceTags: pulumi.Output<string[] | undefined>;
If source tags are specified, the firewall will apply only to traffic with source IP that belongs to a tag listed in source tags. Source tags cannot be used to control traffic to an instance's external IP address. Because tags are associated with an instance, not an IP address. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply.

property targetServiceAccounts

public targetServiceAccounts: pulumi.Output<string[] | undefined>;
A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.

property targetTags

public targetTags: pulumi.Output<string[] | undefined>;
A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[]. If no targetTags are specified, the firewall rule applies to all instances on the specified network.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ForwardingRule

class ForwardingRule extends CustomResource
A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given [IPAddress, IPProtocol, portRange] tuple. To get more information about ForwardingRule, see: * [API documentation](https://cloud.google.com/compute/docs/reference/v1/forwardingRules) * How-to Guides * [Official Documentation](https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules) #### Example Usage - Forwarding Rule Global Internallb ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const hc = new gcp.compute.HealthCheck("hc", { checkIntervalSec: 1, timeoutSec: 1, tcp_health_check: { port: "80", }, }); const backend = new gcp.compute.RegionBackendService("backend", { region: "us-central1", healthChecks: [hc.id], }); const defaultNetwork = new gcp.compute.Network("defaultNetwork", {autoCreateSubnetworks: false}); const defaultSubnetwork = new gcp.compute.Subnetwork("defaultSubnetwork", { ipCidrRange: "10.0.0.0/16", region: "us-central1", network: defaultNetwork.id, }); // Forwarding rule for Internal Load Balancing const defaultForwardingRule = new gcp.compute.ForwardingRule("defaultForwardingRule", { region: "us-central1", loadBalancingScheme: "INTERNAL", backendService: backend.id, allPorts: true, allowGlobalAccess: true, network: defaultNetwork.name, subnetwork: defaultSubnetwork.name, }); ``` #### Example Usage - Forwarding Rule Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const defaultTargetPool = new gcp.compute.TargetPool("defaultTargetPool", {}); const defaultForwardingRule = new gcp.compute.ForwardingRule("defaultForwardingRule", { target: defaultTargetPool.id, portRange: "80", }); ``` #### Example Usage - Forwarding Rule Internallb ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const hc = new gcp.compute.HealthCheck("hc", { checkIntervalSec: 1, timeoutSec: 1, tcp_health_check: { port: "80", }, }); const backend = new gcp.compute.RegionBackendService("backend", { region: "us-central1", healthChecks: [hc.id], }); const defaultNetwork = new gcp.compute.Network("defaultNetwork", {autoCreateSubnetworks: false}); const defaultSubnetwork = new gcp.compute.Subnetwork("defaultSubnetwork", { ipCidrRange: "10.0.0.0/16", region: "us-central1", network: defaultNetwork.id, }); // Forwarding rule for Internal Load Balancing const defaultForwardingRule = new gcp.compute.ForwardingRule("defaultForwardingRule", { region: "us-central1", loadBalancingScheme: "INTERNAL", backendService: backend.id, allPorts: true, network: defaultNetwork.name, subnetwork: defaultSubnetwork.name, }); ``` #### Example Usage - Forwarding Rule Http Lb ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const debianImage = gcp.compute.getImage({ family: "debian-9", project: "debian-cloud", }); const defaultNetwork = new gcp.compute.Network("defaultNetwork", { autoCreateSubnetworks: false, routingMode: "REGIONAL", }); const defaultSubnetwork = new gcp.compute.Subnetwork("defaultSubnetwork", { ipCidrRange: "10.1.2.0/24", region: "us-central1", network: defaultNetwork.id, }); const instanceTemplate = new gcp.compute.InstanceTemplate("instanceTemplate", { machineType: "n1-standard-1", network_interface: [{ network: defaultNetwork.id, subnetwork: defaultSubnetwork.id, }], disk: [{ sourceImage: debianImage.then(debianImage => debianImage.selfLink), autoDelete: true, boot: true, }], tags: [ "allow-ssh", "load-balanced-backend", ], }); const rigm = new gcp.compute.RegionInstanceGroupManager("rigm", { region: "us-central1", version: [{ instanceTemplate: instanceTemplate.selfLink, name: "primary", }], baseInstanceName: "internal-glb", targetSize: 1, }); const fw1 = new gcp.compute.Firewall("fw1", { network: defaultNetwork.id, sourceRanges: ["10.1.2.0/24"], allow: [ { protocol: "tcp", }, { protocol: "udp", }, { protocol: "icmp", }, ], direction: "INGRESS", }); const fw2 = new gcp.compute.Firewall("fw2", { network: defaultNetwork.id, sourceRanges: ["0.0.0.0/0"], allow: [{ protocol: "tcp", ports: ["22"], }], targetTags: ["allow-ssh"], direction: "INGRESS", }); const fw3 = new gcp.compute.Firewall("fw3", { network: defaultNetwork.id, sourceRanges: [ "130.211.0.0/22", "35.191.0.0/16", ], allow: [{ protocol: "tcp", }], targetTags: ["load-balanced-backend"], direction: "INGRESS", }); const fw4 = new gcp.compute.Firewall("fw4", { network: defaultNetwork.id, sourceRanges: ["10.129.0.0/26"], targetTags: ["load-balanced-backend"], allow: [ { protocol: "tcp", ports: ["80"], }, { protocol: "tcp", ports: ["443"], }, { protocol: "tcp", ports: ["8000"], }, ], direction: "INGRESS", }); const defaultRegionHealthCheck = new gcp.compute.RegionHealthCheck("defaultRegionHealthCheck", { region: "us-central1", http_health_check: { portSpecification: "USE_SERVING_PORT", }, }); const defaultRegionBackendService = new gcp.compute.RegionBackendService("defaultRegionBackendService", { loadBalancingScheme: "INTERNAL_MANAGED", backend: [{ group: rigm.instanceGroup, balancingMode: "UTILIZATION", capacityScaler: 1, }], region: "us-central1", protocol: "HTTP", timeoutSec: 10, healthChecks: [defaultRegionHealthCheck.id], }); const defaultRegionUrlMap = new gcp.compute.RegionUrlMap("defaultRegionUrlMap", { region: "us-central1", defaultService: defaultRegionBackendService.id, }); const defaultRegionTargetHttpProxy = new gcp.compute.RegionTargetHttpProxy("defaultRegionTargetHttpProxy", { region: "us-central1", urlMap: defaultRegionUrlMap.id, }); const proxy = new gcp.compute.Subnetwork("proxy", { ipCidrRange: "10.129.0.0/26", region: "us-central1", network: defaultNetwork.id, purpose: "INTERNAL_HTTPS_LOAD_BALANCER", role: "ACTIVE", }); // Forwarding rule for Internal Load Balancing const defaultForwardingRule = new gcp.compute.ForwardingRule("defaultForwardingRule", { region: "us-central1", ipProtocol: "TCP", loadBalancingScheme: "INTERNAL_MANAGED", portRange: "80", target: defaultRegionTargetHttpProxy.id, network: defaultNetwork.id, subnetwork: defaultSubnetwork.id, networkTier: "PREMIUM", }); ```

constructor

new ForwardingRule(name: string, args?: ForwardingRuleArgs, opts?: pulumi.CustomResourceOptions)
Create a ForwardingRule resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ForwardingRuleState, opts?: pulumi.CustomResourceOptions): ForwardingRule
Get an existing ForwardingRule resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ForwardingRule
Returns true if the given object is an instance of ForwardingRule. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allPorts

public allPorts: pulumi.Output<boolean | undefined>;
For internal TCP/UDP load balancing (i.e. load balancing scheme is INTERNAL and protocol is TCP/UDP), set this to true to allow packets addressed to any ports to be forwarded to the backends configured with this forwarding rule. Used with backend service. Cannot be set if port or portRange are set.

property allowGlobalAccess

public allowGlobalAccess: pulumi.Output<boolean | undefined>;
If true, clients can access ILB from all regions. Otherwise only allows from the local region the ILB is located at.

property backendService

public backendService: pulumi.Output<string | undefined>;
A BackendService to receive the matched traffic. This is used only for INTERNAL load balancing.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource. Provide this property when you create the resource.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipAddress

public ipAddress: pulumi.Output<string>;
The IP address that this forwarding rule is serving on behalf of. Addresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional). When the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule. An address must be specified by a literal IP address. > **NOTE**: While the API allows you to specify various resource paths for an address resource instead, this provider requires this to specifically be an IP address to avoid needing to fetching the IP address from resource paths on refresh or unnecessary diffs.

property ipProtocol

public ipProtocol: pulumi.Output<string>;
The IP protocol to which this rule applies. When the load balancing scheme is INTERNAL, only TCP and UDP are valid.

property isMirroringCollector

public isMirroringCollector: pulumi.Output<boolean | undefined>;
Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;
The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;
Labels to apply to this forwarding rule. A list of key->value pairs.

property loadBalancingScheme

public loadBalancingScheme: pulumi.Output<string | undefined>;
This signifies what the ForwardingRule will be used for and can be EXTERNAL, INTERNAL, or INTERNAL_MANAGED. EXTERNAL is used for Classic Cloud VPN gateways, protocol forwarding to VMs from an external IP address, and HTTP(S), SSL Proxy, TCP Proxy, and Network TCP/UDP load balancers. INTERNAL is used for protocol forwarding to VMs from an internal IP address, and internal TCP/UDP load balancers. INTERNAL_MANAGED is used for internal HTTP(S) load balancers.

property name

public name: pulumi.Output<string>;
Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

public network: pulumi.Output<string>;
For internal load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. This field is only used for INTERNAL load balancing.

property networkTier

public networkTier: pulumi.Output<string>;
The networking tier used for configuring this address. If this field is not specified, it is assumed to be PREMIUM.

property portRange

public portRange: pulumi.Output<string | undefined>;
This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges. Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 500, 4500

property ports

public ports: pulumi.Output<string[] | undefined>;
This field is used along with the backendService field for internal load balancing. When the load balancing scheme is INTERNAL, a single port or a comma separated list of ports can be configured. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule. You may specify a maximum of up to 5 ports.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;
A reference to the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property serviceLabel

public serviceLabel: pulumi.Output<string | undefined>;
An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for INTERNAL load balancing.

property serviceName

public serviceName: pulumi.Output<string>;
The internal fully qualified service name for this Forwarding Rule. This field is only used for INTERNAL load balancing.

property subnetwork

public subnetwork: pulumi.Output<string>;
The subnetwork that the load balanced IP should belong to for this Forwarding Rule. This field is only used for INTERNAL load balancing. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.

property target

public target: pulumi.Output<string | undefined>;
The URL of the target resource to receive the matched traffic. The target must live in the same region as the forwarding rule. The forwarded traffic must be of a type appropriate to the target object.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource GlobalAddress

class GlobalAddress extends CustomResource
Represents a Global Address resource. Global addresses are used for HTTP(S) load balancing. To get more information about GlobalAddress, see: * [API documentation](https://cloud.google.com/compute/docs/reference/v1/globalAddresses) * How-to Guides * [Reserving a Static External IP Address](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address) #### Example Usage - Global Address Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const defaultGlobalAddress = new gcp.compute.GlobalAddress("default", {}); ```

constructor

new GlobalAddress(name: string, args?: GlobalAddressArgs, opts?: pulumi.CustomResourceOptions)
Create a GlobalAddress resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GlobalAddressState, opts?: pulumi.CustomResourceOptions): GlobalAddress
Get an existing GlobalAddress resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is GlobalAddress
Returns true if the given object is an instance of GlobalAddress. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property address

public address: pulumi.Output<string>;
The IP address or beginning of the address range represented by this resource. This can be supplied as an input to reserve a specific address or omitted to allow GCP to choose a valid one for you.

property addressType

public addressType: pulumi.Output<string | undefined>;
The type of the address to reserve. * EXTERNAL indicates public/external single IP address. * INTERNAL indicates internal IP ranges belonging to some network.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipVersion

public ipVersion: pulumi.Output<string | undefined>;
The IP Version that will be used by this address. The default value is `IPV4`.

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;
The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;
Labels to apply to this address. A list of key->value pairs.

property name

public name: pulumi.Output<string>;
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

public network: pulumi.Output<string | undefined>;
The URL of the network in which to reserve the IP range. The IP range must be in RFC1918 space. The network cannot be deleted if there are any reserved IP ranges referring to it. This should only be set when using an Internal address.

property prefixLength

public prefixLength: pulumi.Output<number | undefined>;
The prefix length of the IP range. If not present, it means the address field is a single IP address. This field is not applicable to addresses with addressType=EXTERNAL.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property purpose

public purpose: pulumi.Output<string | undefined>;
The purpose of the resource. For global internal addresses it can be * VPC_PEERING - for peer networks This should only be set when using an Internal address.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource GlobalForwardingRule

class GlobalForwardingRule extends CustomResource
Represents a GlobalForwardingRule resource. Global forwarding rules are used to forward traffic to the correct load balancer for HTTP load balancing. Global forwarding rules can only be used for HTTP load balancing. For more information, see https://cloud.google.com/compute/docs/load-balancing/http/ #### Example Usage - Global Forwarding Rule Http ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("defaultHttpHealthCheck", { requestPath: "/", checkIntervalSec: 1, timeoutSec: 1, }); const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", { portName: "http", protocol: "HTTP", timeoutSec: 10, healthChecks: [defaultHttpHealthCheck.id], }); const defaultURLMap = new gcp.compute.URLMap("defaultURLMap", { description: "a description", defaultService: defaultBackendService.id, host_rule: [{ hosts: ["mysite.com"], pathMatcher: "allpaths", }], path_matcher: [{ name: "allpaths", defaultService: defaultBackendService.id, path_rule: [{ paths: ["/*"], service: defaultBackendService.id, }], }], }); const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("defaultTargetHttpProxy", { description: "a description", urlMap: defaultURLMap.id, }); const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule", { target: defaultTargetHttpProxy.id, portRange: "80", }); ``` #### Example Usage - Global Forwarding Rule Internal ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const debianImage = gcp.compute.getImage({ family: "debian-9", project: "debian-cloud", }); const instanceTemplate = new gcp.compute.InstanceTemplate("instanceTemplate", { machineType: "n1-standard-1", network_interface: [{ network: "default", }], disk: [{ sourceImage: debianImage.then(debianImage => debianImage.selfLink), autoDelete: true, boot: true, }], }); const igm = new gcp.compute.InstanceGroupManager("igm", { version: [{ instanceTemplate: instanceTemplate.selfLink, name: "primary", }], baseInstanceName: "internal-glb", zone: "us-central1-f", targetSize: 1, }); const defaultHealthCheck = new gcp.compute.HealthCheck("defaultHealthCheck", { checkIntervalSec: 1, timeoutSec: 1, tcp_health_check: { port: "80", }, }); const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", { portName: "http", protocol: "HTTP", timeoutSec: 10, loadBalancingScheme: "INTERNAL_SELF_MANAGED", backend: [{ group: igm.instanceGroup, balancingMode: "RATE", capacityScaler: 0.4, maxRatePerInstance: 50, }], healthChecks: [defaultHealthCheck.id], }); const defaultURLMap = new gcp.compute.URLMap("defaultURLMap", { description: "a description", defaultService: defaultBackendService.id, host_rule: [{ hosts: ["mysite.com"], pathMatcher: "allpaths", }], path_matcher: [{ name: "allpaths", defaultService: defaultBackendService.id, path_rule: [{ paths: ["/*"], service: defaultBackendService.id, }], }], }); const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("defaultTargetHttpProxy", { description: "a description", urlMap: defaultURLMap.id, }); const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule", { target: defaultTargetHttpProxy.id, portRange: "80", loadBalancingScheme: "INTERNAL_SELF_MANAGED", ipAddress: "0.0.0.0", metadata_filters: [{ filterMatchCriteria: "MATCH_ANY", filter_labels: [{ name: "PLANET", value: "MARS", }], }], }); ```

constructor

new GlobalForwardingRule(name: string, args: GlobalForwardingRuleArgs, opts?: pulumi.CustomResourceOptions)
Create a GlobalForwardingRule resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GlobalForwardingRuleState, opts?: pulumi.CustomResourceOptions): GlobalForwardingRule
Get an existing GlobalForwardingRule resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is GlobalForwardingRule
Returns true if the given object is an instance of GlobalForwardingRule. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource. Provide this property when you create the resource.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipAddress

public ipAddress: pulumi.Output<string>;
The IP address that this forwarding rule is serving on behalf of. Addresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional). When the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule. An address must be specified by a literal IP address. > **NOTE**: While the API allows you to specify various resource paths for an address resource instead, this provider requires this to specifically be an IP address to avoid needing to fetching the IP address from resource paths on refresh or unnecessary diffs.

property ipProtocol

public ipProtocol: pulumi.Output<string>;
The IP protocol to which this rule applies. When the load balancing scheme is INTERNAL_SELF_MANAGED, only TCP is valid.

property ipVersion

public ipVersion: pulumi.Output<string | undefined>;
The IP Version that will be used by this global forwarding rule.

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;
The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;
Labels to apply to this forwarding rule. A list of key->value pairs.

property loadBalancingScheme

public loadBalancingScheme: pulumi.Output<string | undefined>;
This signifies what the GlobalForwardingRule will be used for. The value of INTERNAL_SELF_MANAGED means that this will be used for Internal Global HTTP(S) LB. The value of EXTERNAL means that this will be used for External Global Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy) NOTE: Currently global forwarding rules cannot be used for INTERNAL load balancing.

property metadataFilters

public metadataFilters: pulumi.Output<GlobalForwardingRuleMetadataFilter[] | undefined>;
Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

property name

public name: pulumi.Output<string>;
Name of the metadata label. The length must be between 1 and 1024 characters, inclusive.

property network

public network: pulumi.Output<string>;
This field is not used for external load balancing. For INTERNAL_SELF_MANAGED load balancing, this field identifies the network that the load balanced IP should belong to for this global forwarding rule. If this field is not specified, the default network will be used.

property portRange

public portRange: pulumi.Output<string | undefined>;
This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges. Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 500, 4500

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property target

public target: pulumi.Output<string>;
The URL of the target resource to receive the matched traffic. The forwarded traffic must be of a type appropriate to the target object. For INTERNAL_SELF_MANAGED load balancing, only HTTP and HTTPS targets are valid.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource GlobalNetworkEndpoint

class GlobalNetworkEndpoint extends CustomResource
A Global Network endpoint represents a IP address and port combination that exists outside of GCP. **NOTE**: Global network endpoints cannot be created outside of a global network endpoint group. To get more information about GlobalNetworkEndpoint, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups) * How-to Guides * [Official Documentation](https://cloud.google.com/load-balancing/docs/negs/) #### Example Usage - Global Network Endpoint ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const defaultEndpoint = new gcp.compute.GlobalNetworkEndpoint("default-endpoint", { globalNetworkEndpointGroup: google_compute_network_endpoint_group.neg.name, fqdn: "www.example.com", port: google_compute_network_endpoint_group.neg.default_port, ipAddress: google_compute_instance["endpoint-instance"].network_interface[0].network_ip, }); const _default = new gcp.compute.Network("default", {autoCreateSubnetworks: false}); const group = new gcp.compute.GlobalNetworkEndpointGroup("group", { network: _default.id, defaultPort: "90", }); ```

constructor

new GlobalNetworkEndpoint(name: string, args: GlobalNetworkEndpointArgs, opts?: pulumi.CustomResourceOptions)
Create a GlobalNetworkEndpoint resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GlobalNetworkEndpointState, opts?: pulumi.CustomResourceOptions): GlobalNetworkEndpoint
Get an existing GlobalNetworkEndpoint resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is GlobalNetworkEndpoint
Returns true if the given object is an instance of GlobalNetworkEndpoint. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property fqdn

public fqdn: pulumi.Output<string | undefined>;
Fully qualified domain name of network endpoint. This can only be specified when networkEndpointType of the NEG is INTERNET_FQDN_PORT.

property globalNetworkEndpointGroup

public globalNetworkEndpointGroup: pulumi.Output<string>;
The global network endpoint group this endpoint is part of.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipAddress

public ipAddress: pulumi.Output<string | undefined>;
IPv4 address external endpoint.

property port

public port: pulumi.Output<number>;
Port number of the external endpoint.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource GlobalNetworkEndpointGroup

class GlobalNetworkEndpointGroup extends CustomResource
A global network endpoint group contains endpoints that reside outside of Google Cloud. Currently a global network endpoint group can only support a single endpoint. To get more information about GlobalNetworkEndpointGroup, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups) * How-to Guides * [Official Documentation](https://cloud.google.com/load-balancing/docs/negs/internet-neg-concepts) #### Example Usage - Global Network Endpoint Group ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const neg = new gcp.compute.GlobalNetworkEndpointGroup("neg", { defaultPort: 90, networkEndpointType: "INTERNET_FQDN_PORT", }); ``` #### Example Usage - Global Network Endpoint Group Ip Address ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const neg = new gcp.compute.GlobalNetworkEndpointGroup("neg", { defaultPort: 90, networkEndpointType: "INTERNET_IP_PORT", }); ```

constructor

new GlobalNetworkEndpointGroup(name: string, args: GlobalNetworkEndpointGroupArgs, opts?: pulumi.CustomResourceOptions)
Create a GlobalNetworkEndpointGroup resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GlobalNetworkEndpointGroupState, opts?: pulumi.CustomResourceOptions): GlobalNetworkEndpointGroup
Get an existing GlobalNetworkEndpointGroup resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is GlobalNetworkEndpointGroup
Returns true if the given object is an instance of GlobalNetworkEndpointGroup. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property defaultPort

public defaultPort: pulumi.Output<number | undefined>;
The default port used if the port number is not specified in the network endpoint.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource. Provide this property when you create the resource.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;
Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property networkEndpointType

public networkEndpointType: pulumi.Output<string>;
Type of network endpoints in this network endpoint group.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource HaVpnGateway

class HaVpnGateway extends CustomResource
Represents a VPN gateway running in GCP. This virtual device is managed by Google, but used only by you. This type of VPN Gateway allows for the creation of VPN solutions with higher availability than classic Target VPN Gateways. To get more information about HaVpnGateway, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/vpnGateways) * How-to Guides * [Choosing a VPN](https://cloud.google.com/vpn/docs/how-to/choosing-a-vpn) * [Cloud VPN Overview](https://cloud.google.com/vpn/docs/concepts/overview) #### Example Usage - Ha Vpn Gateway Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const network1 = new gcp.compute.Network("network1", {autoCreateSubnetworks: false}); const haGateway1 = new gcp.compute.HaVpnGateway("haGateway1", { region: "us-central1", network: network1.id, }); ``` #### Example Usage - Ha Vpn Gateway Gcp To Gcp ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const network1 = new gcp.compute.Network("network1", { routingMode: "GLOBAL", autoCreateSubnetworks: false, }); const haGateway1 = new gcp.compute.HaVpnGateway("haGateway1", { region: "us-central1", network: network1.id, }); const network2 = new gcp.compute.Network("network2", { routingMode: "GLOBAL", autoCreateSubnetworks: false, }); const haGateway2 = new gcp.compute.HaVpnGateway("haGateway2", { region: "us-central1", network: network2.id, }); const network1Subnet1 = new gcp.compute.Subnetwork("network1Subnet1", { ipCidrRange: "10.0.1.0/24", region: "us-central1", network: network1.id, }); const network1Subnet2 = new gcp.compute.Subnetwork("network1Subnet2", { ipCidrRange: "10.0.2.0/24", region: "us-west1", network: network1.id, }); const network2Subnet1 = new gcp.compute.Subnetwork("network2Subnet1", { ipCidrRange: "192.168.1.0/24", region: "us-central1", network: network2.id, }); const network2Subnet2 = new gcp.compute.Subnetwork("network2Subnet2", { ipCidrRange: "192.168.2.0/24", region: "us-east1", network: network2.id, }); const router1 = new gcp.compute.Router("router1", { network: network1.name, bgp: { asn: 64514, }, }); const router2 = new gcp.compute.Router("router2", { network: network2.name, bgp: { asn: 64515, }, }); const tunnel1 = new gcp.compute.VPNTunnel("tunnel1", { region: "us-central1", vpnGateway: haGateway1.id, peerGcpGateway: haGateway2.id, sharedSecret: "a secret message", router: router1.id, vpnGatewayInterface: 0, }); const tunnel2 = new gcp.compute.VPNTunnel("tunnel2", { region: "us-central1", vpnGateway: haGateway1.id, peerGcpGateway: haGateway2.id, sharedSecret: "a secret message", router: router1.id, vpnGatewayInterface: 1, }); const tunnel3 = new gcp.compute.VPNTunnel("tunnel3", { region: "us-central1", vpnGateway: haGateway2.id, peerGcpGateway: haGateway1.id, sharedSecret: "a secret message", router: router2.id, vpnGatewayInterface: 0, }); const tunnel4 = new gcp.compute.VPNTunnel("tunnel4", { region: "us-central1", vpnGateway: haGateway2.id, peerGcpGateway: haGateway1.id, sharedSecret: "a secret message", router: router2.id, vpnGatewayInterface: 1, }); const router1Interface1 = new gcp.compute.RouterInterface("router1Interface1", { router: router1.name, region: "us-central1", ipRange: "169.254.0.1/30", vpnTunnel: tunnel1.name, }); const router1Peer1 = new gcp.compute.RouterPeer("router1Peer1", { router: router1.name, region: "us-central1", peerIpAddress: "169.254.0.2", peerAsn: 64515, advertisedRoutePriority: 100, "interface": router1Interface1.name, }); const router1Interface2 = new gcp.compute.RouterInterface("router1Interface2", { router: router1.name, region: "us-central1", ipRange: "169.254.1.1/30", vpnTunnel: tunnel2.name, }); const router1Peer2 = new gcp.compute.RouterPeer("router1Peer2", { router: router1.name, region: "us-central1", peerIpAddress: "169.254.1.2", peerAsn: 64515, advertisedRoutePriority: 100, "interface": router1Interface2.name, }); const router2Interface1 = new gcp.compute.RouterInterface("router2Interface1", { router: router2.name, region: "us-central1", ipRange: "169.254.0.1/30", vpnTunnel: tunnel3.name, }); const router2Peer1 = new gcp.compute.RouterPeer("router2Peer1", { router: router2.name, region: "us-central1", peerIpAddress: "169.254.0.2", peerAsn: 64514, advertisedRoutePriority: 100, "interface": router2Interface1.name, }); const router2Interface2 = new gcp.compute.RouterInterface("router2Interface2", { router: router2.name, region: "us-central1", ipRange: "169.254.1.1/30", vpnTunnel: tunnel4.name, }); const router2Peer2 = new gcp.compute.RouterPeer("router2Peer2", { router: router2.name, region: "us-central1", peerIpAddress: "169.254.1.2", peerAsn: 64514, advertisedRoutePriority: 100, "interface": router2Interface2.name, }); ```

constructor

new HaVpnGateway(name: string, args: HaVpnGatewayArgs, opts?: pulumi.CustomResourceOptions)
Create a HaVpnGateway resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: HaVpnGatewayState, opts?: pulumi.CustomResourceOptions): HaVpnGateway
Get an existing HaVpnGateway resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is HaVpnGateway
Returns true if the given object is an instance of HaVpnGateway. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

public network: pulumi.Output<string>;
The network this VPN gateway is accepting traffic for.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;
The region this gateway should sit in.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpnInterfaces

public vpnInterfaces: pulumi.Output<HaVpnGatewayVpnInterface[]>;
A list of interfaces on this VPN gateway.

Resource HealthCheck

class HealthCheck extends CustomResource
Health Checks determine whether instances are responsive and able to do work. They are an important part of a comprehensive load balancing configuration, as they enable monitoring instances behind load balancers. Health Checks poll instances at a specified interval. Instances that do not respond successfully to some number of probes in a row are marked as unhealthy. No new connections are sent to unhealthy instances, though existing connections will continue. The health check will continue to poll unhealthy instances. If an instance later responds successfully to some number of consecutive probes, it is marked healthy again and can receive new connections. To get more information about HealthCheck, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/healthChecks) * How-to Guides * [Official Documentation](https://cloud.google.com/load-balancing/docs/health-checks) #### Example Usage - Health Check Tcp ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const tcpHealthCheck = new gcp.compute.HealthCheck("tcp-health-check", { checkIntervalSec: 1, tcpHealthCheck: { port: 80, }, timeoutSec: 1, }); ``` #### Example Usage - Health Check Tcp Full ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const tcpHealthCheck = new gcp.compute.HealthCheck("tcp-health-check", { checkIntervalSec: 1, description: "Health check via tcp", healthyThreshold: 4, tcpHealthCheck: { portName: "health-check-port", portSpecification: "USE_NAMED_PORT", proxyHeader: "NONE", request: "ARE YOU HEALTHY?", response: "I AM HEALTHY", }, timeoutSec: 1, unhealthyThreshold: 5, }); ``` #### Example Usage - Health Check Ssl ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const sslHealthCheck = new gcp.compute.HealthCheck("ssl-health-check", { checkIntervalSec: 1, sslHealthCheck: { port: 443, }, timeoutSec: 1, }); ``` #### Example Usage - Health Check Ssl Full ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const sslHealthCheck = new gcp.compute.HealthCheck("ssl-health-check", { checkIntervalSec: 1, description: "Health check via ssl", healthyThreshold: 4, sslHealthCheck: { portName: "health-check-port", portSpecification: "USE_NAMED_PORT", proxyHeader: "NONE", request: "ARE YOU HEALTHY?", response: "I AM HEALTHY", }, timeoutSec: 1, unhealthyThreshold: 5, }); ``` #### Example Usage - Health Check Http ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const httpHealthCheck = new gcp.compute.HealthCheck("http-health-check", { checkIntervalSec: 1, httpHealthCheck: { port: 80, }, timeoutSec: 1, }); ``` #### Example Usage - Health Check Http Full ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const httpHealthCheck = new gcp.compute.HealthCheck("http-health-check", { checkIntervalSec: 1, description: "Health check via http", healthyThreshold: 4, httpHealthCheck: { host: "1.2.3.4", portName: "health-check-port", portSpecification: "USE_NAMED_PORT", proxyHeader: "NONE", requestPath: "/mypath", response: "I AM HEALTHY", }, timeoutSec: 1, unhealthyThreshold: 5, }); ``` #### Example Usage - Health Check Https ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const httpsHealthCheck = new gcp.compute.HealthCheck("https-health-check", { checkIntervalSec: 1, httpsHealthCheck: { port: 443, }, timeoutSec: 1, }); ``` #### Example Usage - Health Check Https Full ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const httpsHealthCheck = new gcp.compute.HealthCheck("https-health-check", { checkIntervalSec: 1, description: "Health check via https", healthyThreshold: 4, httpsHealthCheck: { host: "1.2.3.4", portName: "health-check-port", portSpecification: "USE_NAMED_PORT", proxyHeader: "NONE", requestPath: "/mypath", response: "I AM HEALTHY", }, timeoutSec: 1, unhealthyThreshold: 5, }); ``` #### Example Usage - Health Check Http2 ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const http2HealthCheck = new gcp.compute.HealthCheck("http2-health-check", { checkIntervalSec: 1, http2HealthCheck: { port: 443, }, timeoutSec: 1, }); ``` #### Example Usage - Health Check Http2 Full ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const http2HealthCheck = new gcp.compute.HealthCheck("http2-health-check", { checkIntervalSec: 1, description: "Health check via http2", healthyThreshold: 4, http2HealthCheck: { host: "1.2.3.4", portName: "health-check-port", portSpecification: "USE_NAMED_PORT", proxyHeader: "NONE", requestPath: "/mypath", response: "I AM HEALTHY", }, timeoutSec: 1, unhealthyThreshold: 5, }); ``` #### Example Usage - Health Check With Logging ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const healthCheckWithLogging = new gcp.compute.HealthCheck("health-check-with-logging", { timeoutSec: 1, checkIntervalSec: 1, tcp_health_check: { port: "22", }, log_config: { enable: true, }, }); ```

constructor

new HealthCheck(name: string, args?: HealthCheckArgs, opts?: pulumi.CustomResourceOptions)
Create a HealthCheck resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: HealthCheckState, opts?: pulumi.CustomResourceOptions): HealthCheck
Get an existing HealthCheck resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is HealthCheck
Returns true if the given object is an instance of HealthCheck. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property checkIntervalSec

public checkIntervalSec: pulumi.Output<number | undefined>;
How often (in seconds) to send a health check. The default value is 5 seconds.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

public healthyThreshold: pulumi.Output<number | undefined>;
A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property http2HealthCheck

public http2HealthCheck: pulumi.Output<HealthCheckHttp2HealthCheck | undefined>;
A nested object resource Structure is documented below.

property httpHealthCheck

public httpHealthCheck: pulumi.Output<HealthCheckHttpHealthCheck | undefined>;
A nested object resource Structure is documented below.

property httpsHealthCheck

public httpsHealthCheck: pulumi.Output<HealthCheckHttpsHealthCheck | undefined>;
A nested object resource Structure is documented below.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property logConfig

public logConfig: pulumi.Output<HealthCheckLogConfig | undefined>;
Configure logging on this health check. Structure is documented below.

property name

public name: pulumi.Output<string>;
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property sslHealthCheck

public sslHealthCheck: pulumi.Output<HealthCheckSslHealthCheck | undefined>;
A nested object resource Structure is documented below.

property tcpHealthCheck

public tcpHealthCheck: pulumi.Output<HealthCheckTcpHealthCheck | undefined>;
A nested object resource Structure is documented below.

property timeoutSec

public timeoutSec: pulumi.Output<number | undefined>;
How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property type

public type: pulumi.Output<string>;
The type of the health check. One of HTTP, HTTPS, TCP, or SSL.

property unhealthyThreshold

public unhealthyThreshold: pulumi.Output<number | undefined>;
A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource HttpHealthCheck

class HttpHealthCheck extends CustomResource
An HttpHealthCheck resource. This resource defines a template for how individual VMs should be checked for health, via HTTP. > **Note:** gcp.compute.HttpHealthCheck is a legacy health check. The newer [gcp.compute.HealthCheck](https://www.terraform.io/docs/providers/google/r/compute_health_check.html) should be preferred for all uses except [Network Load Balancers](https://cloud.google.com/compute/docs/load-balancing/network/) which still require the legacy version. To get more information about HttpHealthCheck, see: * [API documentation](https://cloud.google.com/compute/docs/reference/v1/httpHealthChecks) * How-to Guides * [Adding Health Checks](https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks) #### Example Usage - Http Health Check Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", { checkIntervalSec: 1, requestPath: "/health_check", timeoutSec: 1, }); ```

constructor

new HttpHealthCheck(name: string, args?: HttpHealthCheckArgs, opts?: pulumi.CustomResourceOptions)
Create a HttpHealthCheck resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: HttpHealthCheckState, opts?: pulumi.CustomResourceOptions): HttpHealthCheck
Get an existing HttpHealthCheck resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is HttpHealthCheck
Returns true if the given object is an instance of HttpHealthCheck. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property checkIntervalSec

public checkIntervalSec: pulumi.Output<number | undefined>;
How often (in seconds) to send a health check. The default value is 5 seconds.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

public healthyThreshold: pulumi.Output<number | undefined>;
A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property host

public host: pulumi.Output<string | undefined>;
The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property port

public port: pulumi.Output<number | undefined>;
The TCP port number for the HTTP health check request. The default value is 80.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property requestPath

public requestPath: pulumi.Output<string | undefined>;
The request path of the HTTP health check request. The default value is /.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property timeoutSec

public timeoutSec: pulumi.Output<number | undefined>;
How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property unhealthyThreshold

public unhealthyThreshold: pulumi.Output<number | undefined>;
A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource HttpsHealthCheck

class HttpsHealthCheck extends CustomResource
An HttpsHealthCheck resource. This resource defines a template for how individual VMs should be checked for health, via HTTPS. > **Note:** gcp.compute.HttpsHealthCheck is a legacy health check. The newer [gcp.compute.HealthCheck](https://www.terraform.io/docs/providers/google/r/compute_health_check.html) should be preferred for all uses except [Network Load Balancers](https://cloud.google.com/compute/docs/load-balancing/network/) which still require the legacy version. To get more information about HttpsHealthCheck, see: * [API documentation](https://cloud.google.com/compute/docs/reference/v1/httpsHealthChecks) * How-to Guides * [Adding Health Checks](https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks) #### Example Usage - Https Health Check Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const defaultHttpsHealthCheck = new gcp.compute.HttpsHealthCheck("default", { checkIntervalSec: 1, requestPath: "/health_check", timeoutSec: 1, }); ```

constructor

new HttpsHealthCheck(name: string, args?: HttpsHealthCheckArgs, opts?: pulumi.CustomResourceOptions)
Create a HttpsHealthCheck resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: HttpsHealthCheckState, opts?: pulumi.CustomResourceOptions): HttpsHealthCheck
Get an existing HttpsHealthCheck resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is HttpsHealthCheck
Returns true if the given object is an instance of HttpsHealthCheck. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property checkIntervalSec

public checkIntervalSec: pulumi.Output<number | undefined>;
How often (in seconds) to send a health check. The default value is 5 seconds.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

public healthyThreshold: pulumi.Output<number | undefined>;
A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property host

public host: pulumi.Output<string | undefined>;
The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property port

public port: pulumi.Output<number | undefined>;
The TCP port number for the HTTPS health check request. The default value is 80.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property requestPath

public requestPath: pulumi.Output<string | undefined>;
The request path of the HTTPS health check request. The default value is /.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property timeoutSec

public timeoutSec: pulumi.Output<number | undefined>;
How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property unhealthyThreshold

public unhealthyThreshold: pulumi.Output<number | undefined>;
A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Image

class Image extends CustomResource
Represents an Image resource. Google Compute Engine uses operating system images to create the root persistent disks for your instances. You specify an image when you create an instance. Images contain a boot loader, an operating system, and a root file system. Linux operating system images are also capable of running containers on Compute Engine. Images can be either public or custom. Public images are provided and maintained by Google, open-source communities, and third-party vendors. By default, all projects have access to these images and can use them to create instances. Custom images are available only to your project. You can create a custom image from root persistent disks and other images. Then, use the custom image to create an instance. To get more information about Image, see: * [API documentation](https://cloud.google.com/compute/docs/reference/v1/images) * How-to Guides * [Official Documentation](https://cloud.google.com/compute/docs/images) #### Example Usage - Image Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const example = new gcp.compute.Image("example", { rawDisk: { source: "https://storage.googleapis.com/bosh-cpi-artifacts/bosh-stemcell-3262.4-google-kvm-ubuntu-trusty-go_agent-raw.tar.gz", }, }); ``` #### Example Usage - Image Guest Os ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const example = new gcp.compute.Image("example", { guestOsFeatures: [ { type: "SECURE_BOOT", }, { type: "MULTI_IP_SUBNET", }, ], rawDisk: { source: "https://storage.googleapis.com/bosh-cpi-artifacts/bosh-stemcell-3262.4-google-kvm-ubuntu-trusty-go_agent-raw.tar.gz", }, }); ```

constructor

new Image(name: string, args?: ImageArgs, opts?: pulumi.CustomResourceOptions)
Create a Image resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ImageState, opts?: pulumi.CustomResourceOptions): Image
Get an existing Image resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Image
Returns true if the given object is an instance of Image. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property archiveSizeBytes

public archiveSizeBytes: pulumi.Output<number>;
Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource. Provide this property when you create the resource.

property diskSizeGb

public diskSizeGb: pulumi.Output<number>;
Size of the image when restored onto a persistent disk (in GB).

property family

public family: pulumi.Output<string | undefined>;
The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.

property guestOsFeatures

public guestOsFeatures: pulumi.Output<ImageGuestOsFeature[]>;
A list of features to enable on the guest operating system. Applicable only for bootable images. Structure is documented below.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;
The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;
Labels to apply to this Image.

property licenses

public licenses: pulumi.Output<string[]>;
Any applicable license URI.

property name

public name: pulumi.Output<string>;
Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property rawDisk

public rawDisk: pulumi.Output<ImageRawDisk | undefined>;
The parameters of the raw disk image. Structure is documented below.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property sourceDisk

public sourceDisk: pulumi.Output<string | undefined>;
The source disk to create this image based on. You must provide either this property or the rawDisk.source property but not both to create an image.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Instance

class Instance extends CustomResource
Manages a VM instance resource within GCE. For more information see [the official documentation](https://cloud.google.com/compute/docs/instances) and [API](https://cloud.google.com/compute/docs/reference/latest/instances). #### Example Usage ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const defaultInstance = new gcp.compute.Instance("default", { bootDisk: { initializeParams: { image: "debian-cloud/debian-9", }, }, machineType: "n1-standard-1", metadata: { foo: "bar", }, metadataStartupScript: "echo hi > /test.txt", networkInterfaces: [{ accessConfigs: [{}], network: "default", }], // Local SSD disk scratchDisks: [{ interface: "SCSI", }], serviceAccount: { scopes: [ "userinfo-email", "compute-ro", "storage-ro", ], }, tags: [ "foo", "bar", ], zone: "us-central1-a", }); ```

constructor

new Instance(name: string, args: InstanceArgs, opts?: pulumi.CustomResourceOptions)
Create a Instance resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceState, opts?: pulumi.CustomResourceOptions): Instance
Get an existing Instance resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Instance
Returns true if the given object is an instance of Instance. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allowStoppingForUpdate

public allowStoppingForUpdate: pulumi.Output<boolean | undefined>;
If true, allows this prvider to stop the instance to update its properties. If you try to update a property that requires stopping the instance without setting this field, the update will fail.

property attachedDisks

public attachedDisks: pulumi.Output<InstanceAttachedDisk[] | undefined>;
Additional disks to attach to the instance. Can be repeated multiple times for multiple disks. Structure is documented below.

property bootDisk

public bootDisk: pulumi.Output<InstanceBootDisk>;
The boot disk for the instance. Structure is documented below.

property canIpForward

public canIpForward: pulumi.Output<boolean | undefined>;
Whether to allow sending and receiving of packets with non-matching source or destination IPs. This defaults to false.

property cpuPlatform

public cpuPlatform: pulumi.Output<string>;
The CPU platform used by this instance.

property currentStatus

public currentStatus: pulumi.Output<string>;

property deletionProtection

public deletionProtection: pulumi.Output<boolean | undefined>;
Enable deletion protection on this instance. Defaults to false. **Note:** you must disable deletion protection before removing the resource (e.g., via `pulumi destroy`), or the instance cannot be deleted and the provider run will not complete successfully.

property description

public description: pulumi.Output<string | undefined>;
A brief description of this resource.

property desiredStatus

public desiredStatus: pulumi.Output<string | undefined>;
Desired status of the instance. Either `"RUNNING"` or `"TERMINATED"`.

property enableDisplay

public enableDisplay: pulumi.Output<boolean | undefined>;
Enable [Virtual Displays](https://cloud.google.com/compute/docs/instances/enable-instance-virtual-display#verify_display_driver) on this instance. **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field.

property guestAccelerators

public guestAccelerators: pulumi.Output<InstanceGuestAccelerator[]>;
List of the type and count of accelerator cards attached to the instance. Structure documented below. **Note:** GPU accelerators can only be used with `onHostMaintenance` option set to TERMINATE.

property hostname

public hostname: pulumi.Output<string | undefined>;
A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid. Valid format is a series of labels 1-63 characters long matching the regular expression `a-z`, concatenated with periods. The entire hostname must not exceed 253 characters. Changing this forces a new resource to be created.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceId

public instanceId: pulumi.Output<string>;
The server-assigned unique identifier of this instance.

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;
The unique fingerprint of the labels.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;
A map of key/value label pairs to assign to the instance.

property machineType

public machineType: pulumi.Output<string>;
The machine type to create.

property metadata

public metadata: pulumi.Output<{[key: string]: string} | undefined>;
Metadata key/value pairs to make available from within the instance. Ssh keys attached in the Cloud Console will be removed. Add them to your config in order to keep them attached to your instance.

property metadataFingerprint

public metadataFingerprint: pulumi.Output<string>;
The unique fingerprint of the metadata.

property metadataStartupScript

public metadataStartupScript: pulumi.Output<string | undefined>;
An alternative to using the startup-script metadata key, except this one forces the instance to be recreated (thus re-running the script) if it is changed. This replaces the startup-script metadata key on the created instance and thus the two mechanisms are not allowed to be used simultaneously. Users are free to use either mechanism - the only distinction is that this separate attribute willl cause a recreate on modification. On import, `metadataStartupScript` will be set, but `metadata.startup-script` will not - if you choose to use the other mechanism, you will see a diff immediately after import, which will cause a destroy/recreate operation. You may want to modify your state file manually using `pulumi stack` commands, depending on your use case.

property minCpuPlatform

public minCpuPlatform: pulumi.Output<string>;
Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as `Intel Haswell` or `Intel Skylake`. See the complete list [here](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field.

property name

public name: pulumi.Output<string>;
A unique name for the resource, required by GCE. Changing this forces a new resource to be created.

property networkInterfaces

public networkInterfaces: pulumi.Output<InstanceNetworkInterface[]>;
Networks to attach to the instance. This can be specified multiple times. Structure is documented below.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property resourcePolicies

public resourcePolicies: pulumi.Output<string | undefined>;
-- A list of short names or selfLinks of resource policies to attach to the instance. Modifying this list will cause the instance to recreate. Currently a max of 1 resource policy is supported.

property scheduling

public scheduling: pulumi.Output<InstanceScheduling>;
The scheduling strategy to use. More details about this configuration option are detailed below.

property scratchDisks

public scratchDisks: pulumi.Output<InstanceScratchDisk[] | undefined>;
Scratch disks to attach to the instance. This can be specified multiple times for multiple scratch disks. Structure is documented below.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property serviceAccount

public serviceAccount: pulumi.Output<InstanceServiceAccount | undefined>;
Service account to attach to the instance. Structure is documented below. **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field.

property shieldedInstanceConfig

public shieldedInstanceConfig: pulumi.Output<InstanceShieldedInstanceConfig>;
Enable [Shielded VM](https://cloud.google.com/security/shielded-cloud/shielded-vm) on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. **Note**: `shieldedInstanceConfig` can only be used with boot images with shielded vm support. See the complete list [here](https://cloud.google.com/compute/docs/images#shielded-images).

property tags

public tags: pulumi.Output<string[] | undefined>;
A list of tags to attach to the instance.

property tagsFingerprint

public tagsFingerprint: pulumi.Output<string>;
The unique fingerprint of the tags.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;
The zone that the machine should be created in.

Resource InstanceFromTemplate

class InstanceFromTemplate extends CustomResource
Manages a VM instance resource within GCE. For more information see [the official documentation](https://cloud.google.com/compute/docs/instances) and [API](https://cloud.google.com/compute/docs/reference/latest/instances). This resource is specifically to create a compute instance from a given `sourceInstanceTemplate`. To create an instance without a template, use the `gcp.compute.Instance` resource. #### Example Usage ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const tplInstanceTemplate = new gcp.compute.InstanceTemplate("tplInstanceTemplate", { machineType: "n1-standard-1", disk: [{ sourceImage: "debian-cloud/debian-9", autoDelete: true, diskSizeGb: 100, boot: true, }], network_interface: [{ network: "default", }], metadata: { foo: "bar", }, canIpForward: true, }); const tplInstanceFromTemplate = new gcp.compute.InstanceFromTemplate("tplInstanceFromTemplate", { zone: "us-central1-a", sourceInstanceTemplate: tplInstanceTemplate.id, canIpForward: false, labels: { my_key: "myValue", }, }); ```

constructor

new InstanceFromTemplate(name: string, args: InstanceFromTemplateArgs, opts?: pulumi.CustomResourceOptions)
Create a InstanceFromTemplate resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceFromTemplateState, opts?: pulumi.CustomResourceOptions): InstanceFromTemplate
Get an existing InstanceFromTemplate resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is InstanceFromTemplate
Returns true if the given object is an instance of InstanceFromTemplate. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allowStoppingForUpdate

public allowStoppingForUpdate: pulumi.Output<boolean>;

property attachedDisks

public attachedDisks: pulumi.Output<InstanceFromTemplateAttachedDisk[]>;

property bootDisk

public bootDisk: pulumi.Output<InstanceFromTemplateBootDisk>;

property canIpForward

public canIpForward: pulumi.Output<boolean>;

property cpuPlatform

public cpuPlatform: pulumi.Output<string>;

property currentStatus

public currentStatus: pulumi.Output<string>;

property deletionProtection

public deletionProtection: pulumi.Output<boolean>;

property description

public description: pulumi.Output<string>;

property desiredStatus

public desiredStatus: pulumi.Output<string>;

property enableDisplay

public enableDisplay: pulumi.Output<boolean>;

property guestAccelerators

public guestAccelerators: pulumi.Output<InstanceFromTemplateGuestAccelerator[]>;

property hostname

public hostname: pulumi.Output<string>;

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceId

public instanceId: pulumi.Output<string>;

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;

property labels

public labels: pulumi.Output<{[key: string]: string}>;

property machineType

public machineType: pulumi.Output<string>;

property metadata

public metadata: pulumi.Output<{[key: string]: string}>;

property metadataFingerprint

public metadataFingerprint: pulumi.Output<string>;

property metadataStartupScript

public metadataStartupScript: pulumi.Output<string>;

property minCpuPlatform

public minCpuPlatform: pulumi.Output<string>;

property name

public name: pulumi.Output<string>;
A unique name for the resource, required by GCE. Changing this forces a new resource to be created.

property networkInterfaces

public networkInterfaces: pulumi.Output<InstanceFromTemplateNetworkInterface[]>;

property project

public project: pulumi.Output<string>;

property resourcePolicies

public resourcePolicies: pulumi.Output<string>;

property scheduling

public scheduling: pulumi.Output<InstanceFromTemplateScheduling>;

property scratchDisks

public scratchDisks: pulumi.Output<InstanceFromTemplateScratchDisk[]>;
public selfLink: pulumi.Output<string>;

property serviceAccount

public serviceAccount: pulumi.Output<InstanceFromTemplateServiceAccount>;

property shieldedInstanceConfig

public shieldedInstanceConfig: pulumi.Output<InstanceFromTemplateShieldedInstanceConfig>;

property sourceInstanceTemplate

public sourceInstanceTemplate: pulumi.Output<string>;
Name or self link of an instance template to create the instance based on.

property tags

public tags: pulumi.Output<string[]>;

property tagsFingerprint

public tagsFingerprint: pulumi.Output<string>;

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;
The zone that the machine should be created in. If not set, the provider zone is used.

Resource InstanceGroup

class InstanceGroup extends CustomResource
Creates a group of dissimilar Compute Engine virtual machine instances. For more information, see [the official documentation](https://cloud.google.com/compute/docs/instance-groups/#unmanaged_instance_groups) and [API](https://cloud.google.com/compute/docs/reference/latest/instanceGroups) #### Example Usage - Empty instance group ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const test = new gcp.compute.InstanceGroup("test", { description: "Test instance group", zone: "us-central1-a", network: google_compute_network["default"].id, }); ``` ##### Example Usage - With instances and named ports ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const webservers = new gcp.compute.InstanceGroup("webservers", { description: "Test instance group", instances: [ google_compute_instance.test.id, google_compute_instance.test2.id, ], named_port: [ { name: "http", port: "8080", }, { name: "https", port: "8443", }, ], zone: "us-central1-a", }); ``` ##### Example Usage - Recreating an instance group in use Recreating an instance group that's in use by another resource will give a `resourceInUseByAnotherResource` error. Use `lifecycle.create_before_destroy` as shown in this example to avoid this type of error. ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const debianImage = gcp.compute.getImage({ family: "debian-9", project: "debian-cloud", }); const stagingVm = new gcp.compute.Instance("stagingVm", { machineType: "n1-standard-1", zone: "us-central1-c", boot_disk: { initialize_params: { image: debianImage.then(debianImage => debianImage.selfLink), }, }, network_interface: [{ network: "default", }], }); const stagingGroup = new gcp.compute.InstanceGroup("stagingGroup", { zone: "us-central1-c", instances: [stagingVm.id], named_port: [ { name: "http", port: "8080", }, { name: "https", port: "8443", }, ], }); const stagingHealth = new gcp.compute.HttpsHealthCheck("stagingHealth", {requestPath: "/health_check"}); const stagingService = new gcp.compute.BackendService("stagingService", { portName: "https", protocol: "HTTPS", backend: [{ group: stagingGroup.id, }], healthChecks: [stagingHealth.id], }); ```

constructor

new InstanceGroup(name: string, args?: InstanceGroupArgs, opts?: pulumi.CustomResourceOptions)
Create a InstanceGroup resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceGroupState, opts?: pulumi.CustomResourceOptions): InstanceGroup
Get an existing InstanceGroup resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is InstanceGroup
Returns true if the given object is an instance of InstanceGroup. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property description

public description: pulumi.Output<string | undefined>;
An optional textual description of the instance group.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instances

public instances: pulumi.Output<string[]>;
List of instances in the group. They should be given as selfLink URLs. When adding instances they must all be in the same network and zone as the instance group.

property name

public name: pulumi.Output<string>;
The name which the port will be mapped to.

property namedPorts

public namedPorts: pulumi.Output<InstanceGroupNamedPort[] | undefined>;
The named port configuration. See the section below for details on configuration.

property network

public network: pulumi.Output<string>;
The URL of the network the instance group is in. If this is different from the network where the instances are in, the creation fails. Defaults to the network where the instances are in (if neither `network` nor `instances` is specified, this field will be blank).

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property size

public size: pulumi.Output<number>;
The number of instances in the group.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;
The zone that this instance group should be created in.

Resource InstanceGroupManager

class InstanceGroupManager extends CustomResource
The Google Compute Engine Instance Group Manager API creates and manages pools of homogeneous Compute Engine virtual machine instances from a common instance template. For more information, see [the official documentation](https://cloud.google.com/compute/docs/instance-groups/manager) and [API](https://cloud.google.com/compute/docs/reference/latest/instanceGroupManagers) > **Note:** Use [gcp.compute.RegionInstanceGroupManager](https://www.terraform.io/docs/providers/google/r/compute_region_instance_group_manager.html) to create a regional (multi-zone) instance group manager. #### Example Usage with top level instance template (`google` provider) ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const autohealing = new gcp.compute.HealthCheck("autohealing", { checkIntervalSec: 5, timeoutSec: 5, healthyThreshold: 2, unhealthyThreshold: 10, http_health_check: { requestPath: "/healthz", port: "8080", }, }); const appserver = new gcp.compute.InstanceGroupManager("appserver", { baseInstanceName: "app", zone: "us-central1-a", version: [{ instanceTemplate: google_compute_instance_template.appserver.id, }], targetPools: [google_compute_target_pool.appserver.id], targetSize: 2, named_port: [{ name: "customHTTP", port: 8888, }], auto_healing_policies: { healthCheck: autohealing.id, initialDelaySec: 300, }, }); ``` #### Example Usage with multiple versions (`google-beta` provider) ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const appserver = new gcp.compute.InstanceGroupManager("appserver", { baseInstanceName: "app", zone: "us-central1-a", targetSize: 5, version: [ { name: "appserver", instanceTemplate: google_compute_instance_template.appserver.id, }, { name: "appserver-canary", instanceTemplate: google_compute_instance_template["appserver-canary"].id, target_size: { fixed: 1, }, }, ], }); ```

constructor

new InstanceGroupManager(name: string, args: InstanceGroupManagerArgs, opts?: pulumi.CustomResourceOptions)
Create a InstanceGroupManager resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceGroupManagerState, opts?: pulumi.CustomResourceOptions): InstanceGroupManager
Get an existing InstanceGroupManager resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is InstanceGroupManager
Returns true if the given object is an instance of InstanceGroupManager. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoHealingPolicies

public autoHealingPolicies: pulumi.Output<InstanceGroupManagerAutoHealingPolicies | undefined>;
The autohealing policies for this managed instance group. You can specify only one value. Structure is documented below. For more information, see the [official documentation](https://cloud.google.com/compute/docs/instance-groups/creating-groups-of-managed-instances#monitoring_groups).

property baseInstanceName

public baseInstanceName: pulumi.Output<string>;
The base instance name to use for instances in this group. The value must be a valid [RFC1035](https://www.ietf.org/rfc/rfc1035.txt) name. Supported characters are lowercase letters, numbers, and hyphens (-). Instances are named by appending a hyphen and a random four-character string to the base instance name.

property description

public description: pulumi.Output<string | undefined>;
An optional textual description of the instance group manager.

property fingerprint

public fingerprint: pulumi.Output<string>;
The fingerprint of the instance group manager.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceGroup

public instanceGroup: pulumi.Output<string>;
The full URL of the instance group created by the manager.

property name

public name: pulumi.Output<string>;
- Version name.

property namedPorts

public namedPorts: pulumi.Output<InstanceGroupManagerNamedPort[] | undefined>;
The named port configuration. See the section below for details on configuration.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
public selfLink: pulumi.Output<string>;
The URL of the created resource.

property statefulDisks

public statefulDisks: pulumi.Output<InstanceGroupManagerStatefulDisk[] | undefined>;
Disks created on the instances that will be preserved on instance delete, update, etc. Structure is documented below. For more information see the [official documentation](https://cloud.google.com/compute/docs/instance-groups/configuring-stateful-disks-in-migs).

property targetPools

public targetPools: pulumi.Output<string[] | undefined>;
The full URL of all target pools to which new instances in the group are added. Updating the target pools attribute does not affect existing instances.

property targetSize

public targetSize: pulumi.Output<number>;
- The number of instances calculated as a fixed number or a percentage depending on the settings. Structure is documented below.

property updatePolicy

public updatePolicy: pulumi.Output<InstanceGroupManagerUpdatePolicy>;
The update policy for this managed instance group. Structure is documented below. For more information, see the [official documentation](https://cloud.google.com/compute/docs/instance-groups/updating-managed-instance-groups) and [API](https://cloud.google.com/compute/docs/reference/rest/beta/instanceGroupManagers/patch)

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property versions

public versions: pulumi.Output<InstanceGroupManagerVersion[]>;
Application versions managed by this instance group. Each version deals with a specific instance template, allowing canary release scenarios. Structure is documented below.

property waitForInstances

public waitForInstances: pulumi.Output<boolean | undefined>;
Whether to wait for all instances to be created/updated before returning. Note that if this is set to true and the operation does not succeed, this provider will continue trying until it times out.

property zone

public zone: pulumi.Output<string>;
The zone that instances in this group should be created in.

Resource InstanceGroupNamedPort

class InstanceGroupNamedPort extends CustomResource
Mange the named ports setting for a managed instance group without managing the group as whole. This resource is primarily intended for use with GKE-generated groups that shouldn't otherwise be managed by other tools. To get more information about InstanceGroupNamedPort, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroup) * How-to Guides * [Official Documentation](https://cloud.google.com/compute/docs/instance-groups/) #### Example Usage - Instance Group Named Port Gke ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const containerNetwork = new gcp.compute.Network("containerNetwork", {autoCreateSubnetworks: false}); const containerSubnetwork = new gcp.compute.Subnetwork("containerSubnetwork", { region: "us-central1", network: containerNetwork.name, ipCidrRange: "10.0.36.0/24", }); const myCluster = new gcp.container.Cluster("myCluster", { location: "us-central1-a", initialNodeCount: 1, network: containerNetwork.name, subnetwork: containerSubnetwork.name, ip_allocation_policy: { clusterIpv4CidrBlock: "/19", servicesIpv4CidrBlock: "/22", }, }); const myPort = new gcp.compute.InstanceGroupNamedPort("myPort", { group: myCluster.instanceGroupUrls[0], zone: "us-central1-a", port: 8080, }); const myPorts = new gcp.compute.InstanceGroupNamedPort("myPorts", { group: myCluster.instanceGroupUrls[0], zone: "us-central1-a", port: 4443, }); ```

constructor

new InstanceGroupNamedPort(name: string, args: InstanceGroupNamedPortArgs, opts?: pulumi.CustomResourceOptions)
Create a InstanceGroupNamedPort resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceGroupNamedPortState, opts?: pulumi.CustomResourceOptions): InstanceGroupNamedPort
Get an existing InstanceGroupNamedPort resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is InstanceGroupNamedPort
Returns true if the given object is an instance of InstanceGroupNamedPort. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property group

public group: pulumi.Output<string>;
The name of the instance group.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;
The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.

property port

public port: pulumi.Output<number>;
The port number, which can be a value between 1 and 65535.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;
The zone of the instance group.

Resource InstanceIAMBinding

class InstanceIAMBinding extends CustomResource
Three different resources help you manage your IAM policy for Compute Engine Instance. Each of these resources serves a different use case: * `gcp.compute.InstanceIAMPolicy`: Authoritative. Sets the IAM policy for the instance and replaces any existing policy already attached. * `gcp.compute.InstanceIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instance are preserved. * `gcp.compute.InstanceIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instance are preserved. > **Note:** `gcp.compute.InstanceIAMPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceIAMBinding` and `gcp.compute.InstanceIAMMember` or they will fight over what your policy should be. > **Note:** `gcp.compute.InstanceIAMBinding` resources **can be** used in conjunction with `gcp.compute.InstanceIAMMember` resources **only if** they do not grant privilege to the same role. #### google\_compute\_instance\_iam\_policy ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const admin = gcp.organizations.getIAMPolicy({ binding: [{ role: "roles/compute.osLogin", members: ["user:jane@example.com"], }], }); const policy = new gcp.compute.InstanceIAMPolicy("policy", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, policyData: admin.then(admin => admin.policyData), }); ``` With IAM Conditions: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const admin = gcp.organizations.getIAMPolicy({ binding: [{ role: "roles/compute.osLogin", members: ["user:jane@example.com"], condition: { title: "expiresAfter20191231", description: "Expiring at midnight of 2019-12-31", expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }], }); const policy = new gcp.compute.InstanceIAMPolicy("policy", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, policyData: admin.then(admin => admin.policyData), }); ``` #### google\_compute\_instance\_iam\_binding ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const binding = new gcp.compute.InstanceIAMBinding("binding", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", members: ["user:jane@example.com"], }); ``` With IAM Conditions: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const binding = new gcp.compute.InstanceIAMBinding("binding", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", members: ["user:jane@example.com"], condition: { title: "expiresAfter20191231", description: "Expiring at midnight of 2019-12-31", expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }); ``` #### google\_compute\_instance\_iam\_member ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const member = new gcp.compute.InstanceIAMMember("member", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", member: "user:jane@example.com", }); ``` With IAM Conditions: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const member = new gcp.compute.InstanceIAMMember("member", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", member: "user:jane@example.com", condition: { title: "expiresAfter20191231", description: "Expiring at midnight of 2019-12-31", expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }); ```

constructor

new InstanceIAMBinding(name: string, args: InstanceIAMBindingArgs, opts?: pulumi.CustomResourceOptions)
Create a InstanceIAMBinding resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceIAMBindingState, opts?: pulumi.CustomResourceOptions): InstanceIAMBinding
Get an existing InstanceIAMBinding resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is InstanceIAMBinding
Returns true if the given object is an instance of InstanceIAMBinding. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property condition

public condition: pulumi.Output<InstanceIAMBindingCondition | undefined>;
) An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.

property etag

public etag: pulumi.Output<string>;
(Computed) The etag of the IAM policy.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceName

public instanceName: pulumi.Output<string>;
Used to find the parent resource to bind the IAM policy to

property members

public members: pulumi.Output<string[]>;

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property role

public role: pulumi.Output<string>;
The role that should be applied. Only one `gcp.compute.InstanceIAMBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;
A reference to the zone where the machine resides. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no zone is provided in the parent identifier and no zone is specified, it is taken from the provider configuration.

Resource InstanceIAMMember

class InstanceIAMMember extends CustomResource
Three different resources help you manage your IAM policy for Compute Engine Instance. Each of these resources serves a different use case: * `gcp.compute.InstanceIAMPolicy`: Authoritative. Sets the IAM policy for the instance and replaces any existing policy already attached. * `gcp.compute.InstanceIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instance are preserved. * `gcp.compute.InstanceIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instance are preserved. > **Note:** `gcp.compute.InstanceIAMPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceIAMBinding` and `gcp.compute.InstanceIAMMember` or they will fight over what your policy should be. > **Note:** `gcp.compute.InstanceIAMBinding` resources **can be** used in conjunction with `gcp.compute.InstanceIAMMember` resources **only if** they do not grant privilege to the same role. #### google\_compute\_instance\_iam\_policy ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const admin = gcp.organizations.getIAMPolicy({ binding: [{ role: "roles/compute.osLogin", members: ["user:jane@example.com"], }], }); const policy = new gcp.compute.InstanceIAMPolicy("policy", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, policyData: admin.then(admin => admin.policyData), }); ``` With IAM Conditions: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const admin = gcp.organizations.getIAMPolicy({ binding: [{ role: "roles/compute.osLogin", members: ["user:jane@example.com"], condition: { title: "expiresAfter20191231", description: "Expiring at midnight of 2019-12-31", expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }], }); const policy = new gcp.compute.InstanceIAMPolicy("policy", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, policyData: admin.then(admin => admin.policyData), }); ``` #### google\_compute\_instance\_iam\_binding ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const binding = new gcp.compute.InstanceIAMBinding("binding", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", members: ["user:jane@example.com"], }); ``` With IAM Conditions: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const binding = new gcp.compute.InstanceIAMBinding("binding", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", members: ["user:jane@example.com"], condition: { title: "expiresAfter20191231", description: "Expiring at midnight of 2019-12-31", expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }); ``` #### google\_compute\_instance\_iam\_member ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const member = new gcp.compute.InstanceIAMMember("member", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", member: "user:jane@example.com", }); ``` With IAM Conditions: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const member = new gcp.compute.InstanceIAMMember("member", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", member: "user:jane@example.com", condition: { title: "expiresAfter20191231", description: "Expiring at midnight of 2019-12-31", expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }); ```

constructor

new InstanceIAMMember(name: string, args: InstanceIAMMemberArgs, opts?: pulumi.CustomResourceOptions)
Create a InstanceIAMMember resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceIAMMemberState, opts?: pulumi.CustomResourceOptions): InstanceIAMMember
Get an existing InstanceIAMMember resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is InstanceIAMMember
Returns true if the given object is an instance of InstanceIAMMember. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property condition

public condition: pulumi.Output<InstanceIAMMemberCondition | undefined>;
) An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.

property etag

public etag: pulumi.Output<string>;
(Computed) The etag of the IAM policy.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceName

public instanceName: pulumi.Output<string>;
Used to find the parent resource to bind the IAM policy to

property member

public member: pulumi.Output<string>;

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property role

public role: pulumi.Output<string>;
The role that should be applied. Only one `gcp.compute.InstanceIAMBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;
A reference to the zone where the machine resides. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no zone is provided in the parent identifier and no zone is specified, it is taken from the provider configuration.

Resource InstanceIAMPolicy

class InstanceIAMPolicy extends CustomResource
Three different resources help you manage your IAM policy for Compute Engine Instance. Each of these resources serves a different use case: * `gcp.compute.InstanceIAMPolicy`: Authoritative. Sets the IAM policy for the instance and replaces any existing policy already attached. * `gcp.compute.InstanceIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instance are preserved. * `gcp.compute.InstanceIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instance are preserved. > **Note:** `gcp.compute.InstanceIAMPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceIAMBinding` and `gcp.compute.InstanceIAMMember` or they will fight over what your policy should be. > **Note:** `gcp.compute.InstanceIAMBinding` resources **can be** used in conjunction with `gcp.compute.InstanceIAMMember` resources **only if** they do not grant privilege to the same role. #### google\_compute\_instance\_iam\_policy ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const admin = gcp.organizations.getIAMPolicy({ binding: [{ role: "roles/compute.osLogin", members: ["user:jane@example.com"], }], }); const policy = new gcp.compute.InstanceIAMPolicy("policy", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, policyData: admin.then(admin => admin.policyData), }); ``` With IAM Conditions: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const admin = gcp.organizations.getIAMPolicy({ binding: [{ role: "roles/compute.osLogin", members: ["user:jane@example.com"], condition: { title: "expiresAfter20191231", description: "Expiring at midnight of 2019-12-31", expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }], }); const policy = new gcp.compute.InstanceIAMPolicy("policy", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, policyData: admin.then(admin => admin.policyData), }); ``` #### google\_compute\_instance\_iam\_binding ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const binding = new gcp.compute.InstanceIAMBinding("binding", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", members: ["user:jane@example.com"], }); ``` With IAM Conditions: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const binding = new gcp.compute.InstanceIAMBinding("binding", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", members: ["user:jane@example.com"], condition: { title: "expiresAfter20191231", description: "Expiring at midnight of 2019-12-31", expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }); ``` #### google\_compute\_instance\_iam\_member ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const member = new gcp.compute.InstanceIAMMember("member", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", member: "user:jane@example.com", }); ``` With IAM Conditions: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const member = new gcp.compute.InstanceIAMMember("member", { project: google_compute_instance["default"].project, zone: google_compute_instance["default"].zone, instanceName: google_compute_instance["default"].name, role: "roles/compute.osLogin", member: "user:jane@example.com", condition: { title: "expiresAfter20191231", description: "Expiring at midnight of 2019-12-31", expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }); ```

constructor

new InstanceIAMPolicy(name: string, args: InstanceIAMPolicyArgs, opts?: pulumi.CustomResourceOptions)
Create a InstanceIAMPolicy resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceIAMPolicyState, opts?: pulumi.CustomResourceOptions): InstanceIAMPolicy
Get an existing InstanceIAMPolicy resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is InstanceIAMPolicy
Returns true if the given object is an instance of InstanceIAMPolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property etag

public etag: pulumi.Output<string>;
(Computed) The etag of the IAM policy.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceName

public instanceName: pulumi.Output<string>;
Used to find the parent resource to bind the IAM policy to

property policyData

public policyData: pulumi.Output<string>;
The policy data generated by a `gcp.organizations.getIAMPolicy` data source.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;
A reference to the zone where the machine resides. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no zone is provided in the parent identifier and no zone is specified, it is taken from the provider configuration.

Resource InstanceTemplate

class InstanceTemplate extends CustomResource
Manages a VM instance template resource within GCE. For more information see [the official documentation](https://cloud.google.com/compute/docs/instance-templates) and [API](https://cloud.google.com/compute/docs/reference/latest/instanceTemplates). #### Example Usage ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const myImage = gcp.compute.getImage({ family: "debian-9", project: "debian-cloud", }); const foobar = new gcp.compute.Disk("foobar", { image: myImage.then(myImage => myImage.selfLink), size: 10, type: "pd-ssd", zone: "us-central1-a", }); const _default = new gcp.compute.InstanceTemplate("default", { description: "This template is used to create app server instances.", tags: [ "foo", "bar", ], labels: { environment: "dev", }, instanceDescription: "description assigned to instances", machineType: "n1-standard-1", canIpForward: false, scheduling: { automaticRestart: true, onHostMaintenance: "MIGRATE", }, disk: [ { sourceImage: "debian-cloud/debian-9", autoDelete: true, boot: true, }, { source: foobar.name, autoDelete: false, boot: false, }, ], network_interface: [{ network: "default", }], metadata: { foo: "bar", }, service_account: { scopes: [ "userinfo-email", "compute-ro", "storage-ro", ], }, }); ``` #### Using with Instance Group Manager Instance Templates cannot be updated after creation with the Google Cloud Platform API. In order to update an Instance Template, this provider will create a replacement. In order to effectively use an Instance Template resource with an [Instance Group Manager resource](https://www.terraform.io/docs/providers/google/r/compute_instance_group_manager.html). Either omit the Instance Template `name` attribute, or specify a partial name with `namePrefix`. Example: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const instanceTemplate = new gcp.compute.InstanceTemplate("instanceTemplate", { namePrefix: "instance-template-", machineType: "n1-standard-1", region: "us-central1", disk: [{}], network_interface: [{}], }); const instanceGroupManager = new gcp.compute.InstanceGroupManager("instanceGroupManager", { instanceTemplate: instanceTemplate.id, baseInstanceName: "instance-group-manager", zone: "us-central1-f", targetSize: "1", }); ``` With this setup, this provider generates a unique name for your Instance Template and can then update the Instance Group manager without conflict before destroying the previous Instance Template. #### Deploying the Latest Image A common way to use instance templates and managed instance groups is to deploy the latest image in a family, usually the latest build of your application. There are two ways to do this in the provider, and they have their pros and cons. The difference ends up being in how "latest" is interpreted. You can either deploy the latest image available when the provider runs, or you can have each instance check what the latest image is when it's being created, either as part of a scaling event or being rebuilt by the instance group manager. If you're not sure, we recommend deploying the latest image available when the provider runs, because this means all the instances in your group will be based on the same image, always, and means that no upgrades or changes to your instances happen outside of a `pulumi up`. You can achieve this by using the `gcp.compute.Image` data source, which will retrieve the latest image on every `pulumi apply`, and will update the template to use that specific image: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const myImage = gcp.compute.getImage({ family: "debian-9", project: "debian-cloud", }); const instanceTemplate = new gcp.compute.InstanceTemplate("instanceTemplate", { namePrefix: "instance-template-", machineType: "n1-standard-1", region: "us-central1", disk: [{ sourceImage: google_compute_image.my_image.self_link, }], }); ``` To have instances update to the latest on every scaling event or instance re-creation, use the family as the image for the disk, and it will use GCP's default behavior, setting the image for the template to the family: ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const instanceTemplate = new gcp.compute.InstanceTemplate("instanceTemplate", { // boot disk disks: [{ sourceImage: "debian-cloud/debian-9", }], machineType: "n1-standard-1", namePrefix: "instance-template-", region: "us-central1", }); ```

constructor

new InstanceTemplate(name: string, args: InstanceTemplateArgs, opts?: pulumi.CustomResourceOptions)
Create a InstanceTemplate resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceTemplateState, opts?: pulumi.CustomResourceOptions): InstanceTemplate
Get an existing InstanceTemplate resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is InstanceTemplate
Returns true if the given object is an instance of InstanceTemplate. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property canIpForward

public canIpForward: pulumi.Output<boolean | undefined>;
Whether to allow sending and receiving of packets with non-matching source or destination IPs. This defaults to false.

property description

public description: pulumi.Output<string | undefined>;
A brief description of this resource.

property disks

public disks: pulumi.Output<InstanceTemplateDisk[]>;
Disks to attach to instances created from this template. This can be specified multiple times for multiple disks. Structure is documented below.

property enableDisplay

public enableDisplay: pulumi.Output<boolean | undefined>;
Enable [Virtual Displays](https://cloud.google.com/compute/docs/instances/enable-instance-virtual-display#verify_display_driver) on this instance. **Note**: `allowStoppingForUpdate` must be set to true in order to update this field.

property guestAccelerators

public guestAccelerators: pulumi.Output<InstanceTemplateGuestAccelerator[] | undefined>;
List of the type and count of accelerator cards attached to the instance. Structure documented below.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceDescription

public instanceDescription: pulumi.Output<string | undefined>;
A brief description to use for instances created from this template.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;
A set of key/value label pairs to assign to instances created from this template,

property machineType

public machineType: pulumi.Output<string>;
The machine type to create.

property metadata

public metadata: pulumi.Output<{[key: string]: any} | undefined>;
Metadata key/value pairs to make available from within instances created from this template.

property metadataFingerprint

public metadataFingerprint: pulumi.Output<string>;
The unique fingerprint of the metadata.

property metadataStartupScript

public metadataStartupScript: pulumi.Output<string | undefined>;
An alternative to using the startup-script metadata key, mostly to match the computeInstance resource. This replaces the startup-script metadata key on the created instance and thus the two mechanisms are not allowed to be used simultaneously.

property minCpuPlatform

public minCpuPlatform: pulumi.Output<string | undefined>;
Specifies a minimum CPU platform. Applicable values are the friendly names of CPU platforms, such as `Intel Haswell` or `Intel Skylake`. See the complete list [here](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform).

property name

public name: pulumi.Output<string>;
The name of the instance template. If you leave this blank, the provider will auto-generate a unique name.

property namePrefix

public namePrefix: pulumi.Output<string>;
Creates a unique name beginning with the specified prefix. Conflicts with `name`.

property networkInterfaces

public networkInterfaces: pulumi.Output<InstanceTemplateNetworkInterface[] | undefined>;
Networks to attach to instances created from this template. This can be specified multiple times for multiple networks. Structure is documented below.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;
An instance template is a global resource that is not bound to a zone or a region. However, you can still specify some regional resources in an instance template, which restricts the template to the region where that resource resides. For example, a custom `subnetwork` resource is tied to a specific region. Defaults to the region of the Provider if no value is given.

property scheduling

public scheduling: pulumi.Output<InstanceTemplateScheduling>;
The scheduling strategy to use. More details about this configuration option are detailed below.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property serviceAccount

public serviceAccount: pulumi.Output<InstanceTemplateServiceAccount | undefined>;
Service account to attach to the instance. Structure is documented below.

property shieldedInstanceConfig

public shieldedInstanceConfig: pulumi.Output<InstanceTemplateShieldedInstanceConfig>;
Enable [Shielded VM](https://cloud.google.com/security/shielded-cloud/shielded-vm) on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. **Note**: `shieldedInstanceConfig` can only be used with boot images with shielded vm support. See the complete list [here](https://cloud.google.com/compute/docs/images#shielded-images).

property tags

public tags: pulumi.Output<string[] | undefined>;
Tags to attach to the instance.

property tagsFingerprint

public tagsFingerprint: pulumi.Output<string>;
The unique fingerprint of the tags.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource InterconnectAttachment

class InterconnectAttachment extends CustomResource
Represents an InterconnectAttachment (VLAN attachment) resource. For more information, see Creating VLAN Attachments. #### Example Usage - Interconnect Attachment Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const foobar = new gcp.compute.Router("foobar", {network: google_compute_network.foobar.name}); const onPrem = new gcp.compute.InterconnectAttachment("onPrem", { interconnect: "my-interconnect-id", router: foobar.id, }); ```

constructor

new InterconnectAttachment(name: string, args: InterconnectAttachmentArgs, opts?: pulumi.CustomResourceOptions)
Create a InterconnectAttachment resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InterconnectAttachmentState, opts?: pulumi.CustomResourceOptions): InterconnectAttachment
Get an existing InterconnectAttachment resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is InterconnectAttachment
Returns true if the given object is an instance of InterconnectAttachment. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property adminEnabled

public adminEnabled: pulumi.Output<boolean | undefined>;
Whether the VLAN attachment is enabled or disabled. When using PARTNER type this will Pre-Activate the interconnect attachment

property bandwidth

public bandwidth: pulumi.Output<string>;
Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, Defaults to BPS_10G

property candidateSubnets

public candidateSubnets: pulumi.Output<string[] | undefined>;
Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.

property cloudRouterIpAddress

public cloudRouterIpAddress: pulumi.Output<string>;
IPv4 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property customerRouterIpAddress

public customerRouterIpAddress: pulumi.Output<string>;
IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource.

property edgeAvailabilityDomain

public edgeAvailabilityDomain: pulumi.Output<string>;
Desired availability domain for the attachment. Only available for type PARTNER, at creation time. For improved reliability, customers should configure a pair of attachments with one per availability domain. The selected availability domain will be provided to the Partner via the pairing key so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.

property googleReferenceId

public googleReferenceId: pulumi.Output<string>;
Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property interconnect

public interconnect: pulumi.Output<string | undefined>;
URL of the underlying Interconnect object that this attachment's traffic will traverse through. Required if type is DEDICATED, must not be set if type is PARTNER.

property name

public name: pulumi.Output<string>;
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property pairingKey

public pairingKey: pulumi.Output<string>;
[Output only for type PARTNER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"

property partnerAsn

public partnerAsn: pulumi.Output<string>;
[Output only for type PARTNER. Not present for DEDICATED]. Optional BGP ASN for the router that should be supplied by a layer 3 Partner if they configured BGP on behalf of the customer.

property privateInterconnectInfo

public privateInterconnectInfo: pulumi.Output<InterconnectAttachmentPrivateInterconnectInfo>;
Information specific to an InterconnectAttachment. This property is populated if the interconnect that this is attached to is of type DEDICATED.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;
Region where the regional interconnect attachment resides.

property router

public router: pulumi.Output<string>;
URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property state

public state: pulumi.Output<string>;
[Output Only] The current state of this attachment's functionality.

property type

public type: pulumi.Output<string>;
The type of InterconnectAttachment you wish to create. Defaults to DEDICATED.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vlanTag8021q

public vlanTag8021q: pulumi.Output<number>;
The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. When using PARTNER type this will be managed upstream.

Resource MachineImage

class MachineImage extends CustomResource
Represents a MachineImage resource. Machine images store all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. To get more information about MachineImage, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/machineImages) * How-to Guides * [Official Documentation](https://cloud.google.com/compute/docs/machine-images) #### Example Usage - Machine Image Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const vm = new gcp.compute.Instance("vm", { machineType: "n1-standard-1", boot_disk: { initialize_params: { image: "debian-cloud/debian-9", }, }, network_interface: [{ network: "default", }], }); const image = new gcp.compute.MachineImage("image", {sourceInstance: vm.selfLink}); ```

constructor

new MachineImage(name: string, args: MachineImageArgs, opts?: pulumi.CustomResourceOptions)
Create a MachineImage resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: MachineImageState, opts?: pulumi.CustomResourceOptions): MachineImage
Get an existing MachineImage resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is MachineImage
Returns true if the given object is an instance of MachineImage. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property description

public description: pulumi.Output<string | undefined>;
A text description of the resource.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;
Name of the resource.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property sourceInstance

public sourceInstance: pulumi.Output<string>;
The source instance used to create the machine image. You can provide this as a partial or full URL to the resource.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ManagedSslCertificate

class ManagedSslCertificate extends CustomResource
An SslCertificate resource, used for HTTPS load balancing. This resource represents a certificate for which the certificate secrets are created and managed by Google. For a resource where you provide the key, see the SSL Certificate resource. To get more information about ManagedSslCertificate, see: * [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates) * How-to Guides * [Official Documentation](https://cloud.google.com/load-balancing/docs/ssl-certificates) > **Warning:** This resource should be used with extreme caution! Provisioning an SSL certificate is complex. Ensure that you understand the lifecycle of a certificate before attempting complex tasks like cert rotation automatically. This resource will "return" as soon as the certificate object is created, but post-creation the certificate object will go through a "provisioning" process. The provisioning process can complete only when the domain name for which the certificate is created points to a target pool which, itself, points at the certificate. Depending on your DNS provider, this may take some time, and migrating from self-managed certificates to Google-managed certificates may entail some downtime while the certificate provisions. In conclusion: Be extremely cautious. #### Example Usage - Managed Ssl Certificate Basic ```typescript import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; const defaultManagedSslCertificate = new gcp.compute.ManagedSslCertificate("defaultManagedSslCertificate", {managed: { domains: ["sslcert.tf-test.club."], }}); const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("defaultHttpHealthCheck", { requestPath: "/", checkIntervalSec: 1, timeoutSec: 1, }); const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", { portName: "http", protocol: "HTTP", timeoutSec: 10, healthChecks: [defaultHttpHealthCheck.id], }); const defaultURLMap = new gcp.compute.URLMap("defaultURLMap", { description: "a description", defaultService: defaultBackendService.id, host_rule: [{ hosts: ["sslcert.tf-test.club"], pathMatcher: "allpaths", }], path_matcher: [{ name: "allpaths", defaultService: defaultBackendService.id, path_rule: [{ paths: ["/*"], service: defaultBackendService.id, }], }], }); const defaultTargetHttpsProxy = new gcp.compute.TargetHttpsProxy("defaultTargetHttpsProxy", { urlMap: defaultURLMap.id, sslCertificates: [defaultManagedSslCertificate.id], }); const zone = new gcp.dns.ManagedZone("zone", {dnsName: "sslcert.tf-test.club."}); const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule", { target: defaultTargetHttpsProxy.id, portRange: 443, }); const set = new gcp.dns.RecordSet("set", { type: "A", ttl: 3600, managedZone: zone.name, rrdatas: [defaultGlobalForwardingRule.ipAddress], }); ```

constructor

new ManagedSslCertificate(name: string, args?: ManagedSslCertificateArgs, opts?: pulumi.CustomResourceOptions)
Create a ManagedSslCertificate resource with the given unique name, arguments, and options. * `name` The _unique_ name of the resource. * `args` The arguments to use to populate this resource's properties. * `opts` A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ManagedSslCertificateState, opts?: pulumi.CustomResourceOptions): ManagedSslCertificate
Get an existing ManagedSslCertificate resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ManagedSslCertificate
Returns true if the given object is an instance of ManagedSslCertificate. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property certificateId

public certificateId: pulumi.Output<number>;
The unique identifier for the resource.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;
Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;
An optional description of this resource.

property expireTime

public expireTime: pulumi.Output<string>;
Expire time of the certificate.

property id

id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property managed

public managed: pulumi.Output<ManagedSslCertificateManaged | undefined>;
Properties relevant to a managed certificate. These will be used if the certificate is managed (as indicated by a value of `MANAGED` in `type`). Structure is documented below.

property name

public name: pulumi.Output<string>;
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `a-z?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
public selfLink: pulumi.Output<string>;
The URI of the created resource.

property subjectAlternativeNames

public subjectAlternativeNames: pulumi.Output<string[]>;
Domains associated with the certificate via Subject Alternative Name.

property type

public type: pulumi.Output<string | undefined>;
Enum field whose value is always `MANAGED` - used to signal to the API which type this is.

property urn

urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource MangedSslCertificate

DEPRECATED gcp.compute.MangedSslCertificate has been deprecated in favor of gcp.compute.ManagedSslCertificate
class MangedSslCertificate extends CustomResource

constructor

DEPRECATED gcp.compute.MangedSslCertificate has been deprecated in favor of gcp.compute.ManagedSslCertificate

DEPRECATED gcp.compute.MangedSslCertificate has been deprecated in favor of gcp.compute.ManagedSslCertificate
new MangedSslCertificate(name: string, args?: MangedSslCertificateArgs, opts?: pulumi.CustomResourceOptions)

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: MangedSslCertificateState, opts?: pulumi.CustomResourceOptions): MangedSslCertificate

Get an existing MangedSslCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is MangedSslCertificate

Returns true if the given object is an instance of MangedSslCertificate. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property certificateId

public certificateId: pulumi.Output<number>;

The unique identifier for the resource.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property expireTime

public expireTime: pulumi.Output<string>;

Expire time of the certificate.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property managed

public managed: pulumi.Output<MangedSslCertificateManaged | undefined>;

Properties relevant to a managed certificate. These will be used if the certificate is managed (as indicated by a value of ‘MANAGED’ in ‘type’).

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression ‘a-z?’ which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. These are in the same namespace as the managed SSL certificates.

property project

public project: pulumi.Output<string>;
public selfLink: pulumi.Output<string>;

property subjectAlternativeNames

public subjectAlternativeNames: pulumi.Output<string[]>;

Domains associated with the certificate via Subject Alternative Name.

property type

public type: pulumi.Output<string | undefined>;

Enum field whose value is always ‘MANAGED’ - used to signal to the API which type this is. Default value: “MANAGED” Possible values: [“MANAGED”]

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Network

class Network extends CustomResource

Manages a VPC network or legacy network resource on GCP.

To get more information about Network, see:

Example Usage - Network Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const vpcNetwork = new gcp.compute.Network("vpcNetwork", {});

constructor

new Network(name: string, args?: NetworkArgs, opts?: pulumi.CustomResourceOptions)

Create a Network resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkState, opts?: pulumi.CustomResourceOptions): Network

Get an existing Network resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Network

Returns true if the given object is an instance of Network. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoCreateSubnetworks

public autoCreateSubnetworks: pulumi.Output<boolean | undefined>;

When set to true, the network is created in “auto subnet mode” and it will create a subnet for each region automatically across the 10.128.0.0/9 address range. When set to false, the network is created in “custom subnet mode” so the user can explicitly connect subnetwork resources.

property deleteDefaultRoutesOnCreate

public deleteDefaultRoutesOnCreate: pulumi.Output<boolean | undefined>;

If set to true, default routes (0.0.0.0/0) will be deleted immediately after network creation. Defaults to false.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource. The resource must be recreated to modify this field.

property gatewayIpv4

public gatewayIpv4: pulumi.Output<string>;

The gateway address for default routing out of the network. This value is selected by GCP.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property routingMode

public routingMode: pulumi.Output<string>;

The network-wide routing mode to use. If set to REGIONAL, this network’s cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to GLOBAL, this network’s cloud routers will advertise routes with all subnetworks of this network, across regions.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource NetworkEndpoint

class NetworkEndpoint extends CustomResource

A Network endpoint represents a IP address and port combination that is part of a specific network endpoint group (NEG). NEGs are zonals collection of these endpoints for GCP resources within a single subnet. NOTE: Network endpoints cannot be created outside of a network endpoint group.

To get more information about NetworkEndpoint, see:

Example Usage - Network Endpoint

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const myImage = gcp.compute.getImage({
    family: "debian-9",
    project: "debian-cloud",
});
const defaultNetwork = new gcp.compute.Network("defaultNetwork", {autoCreateSubnetworks: false});
const defaultSubnetwork = new gcp.compute.Subnetwork("defaultSubnetwork", {
    ipCidrRange: "10.0.0.1/16",
    region: "us-central1",
    network: defaultNetwork.id,
});
const endpointInstance = new gcp.compute.Instance("endpoint-instance", {
    machineType: "n1-standard-1",
    boot_disk: {
        initialize_params: {
            image: myImage.then(myImage => myImage.selfLink),
        },
    },
    network_interface: [{
        subnetwork: defaultSubnetwork.id,
        access_config: [{}],
    }],
});
const defaultEndpoint = new gcp.compute.NetworkEndpoint("default-endpoint", {
    networkEndpointGroup: google_compute_network_endpoint_group.neg.name,
    instance: endpoint_instance.name,
    port: google_compute_network_endpoint_group.neg.default_port,
    ipAddress: endpoint_instance.networkInterfaces.apply(networkInterfaces => networkInterfaces[0].networkIp),
});
const group = new gcp.compute.NetworkEndpointGroup("group", {
    network: defaultNetwork.id,
    subnetwork: defaultSubnetwork.id,
    defaultPort: "90",
    zone: "us-central1-a",
});

constructor

new NetworkEndpoint(name: string, args: NetworkEndpointArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkEndpoint resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkEndpointState, opts?: pulumi.CustomResourceOptions): NetworkEndpoint

Get an existing NetworkEndpoint resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is NetworkEndpoint

Returns true if the given object is an instance of NetworkEndpoint. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instance

public instance: pulumi.Output<string>;

The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.

property ipAddress

public ipAddress: pulumi.Output<string>;

IPv4 address of network endpoint. The IP address must belong to a VM in GCE (either the primary IP or as part of an aliased IP range).

property networkEndpointGroup

public networkEndpointGroup: pulumi.Output<string>;

The network endpoint group this endpoint is part of.

property port

public port: pulumi.Output<number>;

Port number of network endpoint.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;

Zone where the containing network endpoint group is located.

Resource NetworkEndpointGroup

class NetworkEndpointGroup extends CustomResource

Network endpoint groups (NEGs) are zonal resources that represent collections of IP address and port combinations for GCP resources within a single subnet. Each IP address and port combination is called a network endpoint.

Network endpoint groups can be used as backends in backend services for HTTP(S), TCP proxy, and SSL proxy load balancers. You cannot use NEGs as a backend with internal load balancers. Because NEG backends allow you to specify IP addresses and ports, you can distribute traffic in a granular fashion among applications or containers running within VM instances.

To get more information about NetworkEndpointGroup, see:

Example Usage - Network Endpoint Group

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultNetwork = new gcp.compute.Network("defaultNetwork", {autoCreateSubnetworks: false});
const defaultSubnetwork = new gcp.compute.Subnetwork("defaultSubnetwork", {
    ipCidrRange: "10.0.0.0/16",
    region: "us-central1",
    network: defaultNetwork.id,
});
const neg = new gcp.compute.NetworkEndpointGroup("neg", {
    network: defaultNetwork.id,
    subnetwork: defaultSubnetwork.id,
    defaultPort: "90",
    zone: "us-central1-a",
});

constructor

new NetworkEndpointGroup(name: string, args: NetworkEndpointGroupArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkEndpointGroup resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkEndpointGroupState, opts?: pulumi.CustomResourceOptions): NetworkEndpointGroup

Get an existing NetworkEndpointGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is NetworkEndpointGroup

Returns true if the given object is an instance of NetworkEndpointGroup. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property defaultPort

public defaultPort: pulumi.Output<number | undefined>;

The default port used if the port number is not specified in the network endpoint.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource. Provide this property when you create the resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

public network: pulumi.Output<string>;

The network to which all network endpoints in the NEG belong. Uses “default” project network if unspecified.

property networkEndpointType

public networkEndpointType: pulumi.Output<string | undefined>;

Type of network endpoints in this network endpoint group.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property size

public size: pulumi.Output<number>;

Number of network endpoints in the network endpoint group.

property subnetwork

public subnetwork: pulumi.Output<string | undefined>;

Optional subnetwork to which all network endpoints in the NEG belong.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;

Zone where the network endpoint group is located.

Resource NetworkPeering

class NetworkPeering extends CustomResource

Manages a network peering within GCE. For more information see the official documentation and API.

Both network must create a peering with each other for the peering to be functional.

Subnets IP ranges across peered VPC networks cannot overlap.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.compute.Network("default", {autoCreateSubnetworks: "false"});
const other = new gcp.compute.Network("other", {autoCreateSubnetworks: "false"});
const peering1 = new gcp.compute.NetworkPeering("peering1", {
    network: _default.id,
    peerNetwork: other.id,
});
const peering2 = new gcp.compute.NetworkPeering("peering2", {
    network: other.id,
    peerNetwork: _default.id,
});

constructor

new NetworkPeering(name: string, args: NetworkPeeringArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkPeering resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkPeeringState, opts?: pulumi.CustomResourceOptions): NetworkPeering

Get an existing NetworkPeering resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is NetworkPeering

Returns true if the given object is an instance of NetworkPeering. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property exportCustomRoutes

public exportCustomRoutes: pulumi.Output<boolean | undefined>;

Whether to export the custom routes to the peer network. Defaults to false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property importCustomRoutes

public importCustomRoutes: pulumi.Output<boolean | undefined>;

Whether to export the custom routes from the peer network. Defaults to false.

property name

public name: pulumi.Output<string>;

Name of the peering.

property network

public network: pulumi.Output<string>;

The primary network of the peering.

property peerNetwork

public peerNetwork: pulumi.Output<string>;

The peer network in the peering. The peer network may belong to a different project.

property state

public state: pulumi.Output<string>;

State for the peering, either ACTIVE or INACTIVE. The peering is ACTIVE when there’s a matching configuration in the peer network.

property stateDetails

public stateDetails: pulumi.Output<string>;

Details about the current state of the peering.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource NetworkPeeringRoutesConfig

class NetworkPeeringRoutesConfig extends CustomResource

Manage a network peering’s route settings without managing the peering as a whole. This resource is primarily intended for use with GCP-generated peerings that shouldn’t otherwise be managed by other tools. Deleting this resource is a no-op and the peering will not be modified.

To get more information about NetworkPeeringRoutesConfig, see:

Example Usage - Network Peering Routes Config Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const networkPrimary = new gcp.compute.Network("networkPrimary", {autoCreateSubnetworks: "false"});
const networkSecondary = new gcp.compute.Network("networkSecondary", {autoCreateSubnetworks: "false"});
const peeringPrimary = new gcp.compute.NetworkPeering("peeringPrimary", {
    network: networkPrimary.id,
    peerNetwork: networkSecondary.id,
    importCustomRoutes: true,
    exportCustomRoutes: true,
});
const peeringPrimaryRoutes = new gcp.compute.NetworkPeeringRoutesConfig("peeringPrimaryRoutes", {
    peering: peeringPrimary.name,
    network: networkPrimary.name,
    importCustomRoutes: true,
    exportCustomRoutes: true,
});
const peeringSecondary = new gcp.compute.NetworkPeering("peeringSecondary", {
    network: networkSecondary.id,
    peerNetwork: networkPrimary.id,
});

constructor

new NetworkPeeringRoutesConfig(name: string, args: NetworkPeeringRoutesConfigArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkPeeringRoutesConfig resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkPeeringRoutesConfigState, opts?: pulumi.CustomResourceOptions): NetworkPeeringRoutesConfig

Get an existing NetworkPeeringRoutesConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is NetworkPeeringRoutesConfig

Returns true if the given object is an instance of NetworkPeeringRoutesConfig. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property exportCustomRoutes

public exportCustomRoutes: pulumi.Output<boolean>;

Whether to export the custom routes to the peer network.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property importCustomRoutes

public importCustomRoutes: pulumi.Output<boolean>;

Whether to import the custom routes to the peer network.

property network

public network: pulumi.Output<string>;

The name of the primary network for the peering.

property peering

public peering: pulumi.Output<string>;

Name of the peering.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource NodeGroup

class NodeGroup extends CustomResource

Represents a NodeGroup resource to manage a group of sole-tenant nodes.

To get more information about NodeGroup, see:

Warning: Due to limitations of the API, this provider cannot update the number of nodes in a node group and changes to node group size either through provider config or through external changes will cause the provider to delete and recreate the node group.

Example Usage - Node Group Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const central1a = gcp.compute.getNodeTypes({
    zone: "us-central1-a",
});
const soletenantTmpl = new gcp.compute.NodeTemplate("soletenant-tmpl", {
    region: "us-central1",
    nodeType: central1a.then(central1a => central1a.names[0]),
});
const nodes = new gcp.compute.NodeGroup("nodes", {
    zone: "us-central1-a",
    description: "example gcp.compute.NodeGroup for the Google Provider",
    size: 1,
    nodeTemplate: soletenant_tmpl.id,
});

Example Usage - Node Group Autoscaling Policy

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const central1a = gcp.compute.getNodeTypes({
    zone: "us-central1-a",
});
const soletenantTmpl = new gcp.compute.NodeTemplate("soletenant-tmpl", {
    region: "us-central1",
    nodeType: central1a.then(central1a => central1a.names[0]),
});
const nodes = new gcp.compute.NodeGroup("nodes", {
    zone: "us-central1-a",
    description: "example gcp.compute.NodeGroup for the Google Provider",
    size: 1,
    nodeTemplate: soletenant_tmpl.id,
    autoscaling_policy: {
        mode: "ON",
        minNodes: 1,
        maxNodes: 10,
    },
});

constructor

new NodeGroup(name: string, args: NodeGroupArgs, opts?: pulumi.CustomResourceOptions)

Create a NodeGroup resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NodeGroupState, opts?: pulumi.CustomResourceOptions): NodeGroup

Get an existing NodeGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is NodeGroup

Returns true if the given object is an instance of NodeGroup. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoscalingPolicy

public autoscalingPolicy: pulumi.Output<NodeGroupAutoscalingPolicy>;

- If you use sole-tenant nodes for your workloads, you can use the node group autoscaler to automatically manage the sizes of your node groups. Structure is documented below.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional textual description of the resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource.

property nodeTemplate

public nodeTemplate: pulumi.Output<string>;

The URL of the node template to which this node group belongs.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property size

public size: pulumi.Output<number>;

The total number of nodes in the node group.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;

Zone where this node group is located

Resource NodeTemplate

class NodeTemplate extends CustomResource

Represents a NodeTemplate resource. Node templates specify properties for creating sole-tenant nodes, such as node type, vCPU and memory requirements, node affinity labels, and region.

To get more information about NodeTemplate, see:

Example Usage - Node Template Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const central1a = gcp.compute.getNodeTypes({
    zone: "us-central1-a",
});
const template = new gcp.compute.NodeTemplate("template", {
    region: "us-central1",
    nodeType: central1a.then(central1a => central1a.names[0]),
});

Example Usage - Node Template Server Binding

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const central1a = gcp.compute.getNodeTypes({
    zone: "us-central1-a",
});
const template = new gcp.compute.NodeTemplate("template", {
    region: "us-central1",
    nodeType: central1a.then(central1a => central1a.names[0]),
    nodeAffinityLabels: {
        foo: "baz",
    },
    server_binding: {
        type: "RESTART_NODE_ON_MINIMAL_SERVERS",
    },
});

constructor

new NodeTemplate(name: string, args?: NodeTemplateArgs, opts?: pulumi.CustomResourceOptions)

Create a NodeTemplate resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NodeTemplateState, opts?: pulumi.CustomResourceOptions): NodeTemplate

Get an existing NodeTemplate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is NodeTemplate

Returns true if the given object is an instance of NodeTemplate. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional textual description of the resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource.

property nodeAffinityLabels

public nodeAffinityLabels: pulumi.Output<{[key: string]: string} | undefined>;

Labels to use for node affinity, which will be used in instance scheduling.

property nodeType

public nodeType: pulumi.Output<string | undefined>;

Node type to use for nodes group that are created from this template. Only one of nodeTypeFlexibility and nodeType can be specified.

property nodeTypeFlexibility

public nodeTypeFlexibility: pulumi.Output<NodeTemplateNodeTypeFlexibility | undefined>;

Flexible properties for the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. Only one of nodeTypeFlexibility and nodeType can be specified. Structure is documented below.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

Region where nodes using the node template will be created. If it is not provided, the provider region is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property serverBinding

public serverBinding: pulumi.Output<NodeTemplateServerBinding>;

The server binding policy for nodes using this template. Determines where the nodes should restart following a maintenance event. Structure is documented below.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource PacketMirroring

class PacketMirroring extends CustomResource

Packet Mirroring mirrors traffic to and from particular VM instances. You can use the collected traffic to help you detect security threats and monitor application performance.

To get more information about PacketMirroring, see:

Example Usage - Compute Packet Mirroring Full

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultNetwork = new gcp.compute.Network("defaultNetwork", {});
const mirror = new gcp.compute.Instance("mirror", {
    machineType: "n1-standard-1",
    boot_disk: {
        initialize_params: {
            image: "debian-cloud/debian-9",
        },
    },
    network_interface: [{
        network: defaultNetwork.id,
        access_config: [{}],
    }],
});
const defaultSubnetwork = new gcp.compute.Subnetwork("defaultSubnetwork", {
    network: defaultNetwork.id,
    ipCidrRange: "10.2.0.0/16",
});
const defaultHealthCheck = new gcp.compute.HealthCheck("defaultHealthCheck", {
    checkIntervalSec: 1,
    timeoutSec: 1,
    tcp_health_check: {
        port: "80",
    },
});
const defaultRegionBackendService = new gcp.compute.RegionBackendService("defaultRegionBackendService", {healthChecks: [defaultHealthCheck.id]});
const defaultForwardingRule = new gcp.compute.ForwardingRule("defaultForwardingRule", {
    isMirroringCollector: true,
    ipProtocol: "TCP",
    loadBalancingScheme: "INTERNAL",
    backendService: defaultRegionBackendService.id,
    allPorts: true,
    network: defaultNetwork.id,
    subnetwork: defaultSubnetwork.id,
    networkTier: "PREMIUM",
});
const foobar = new gcp.compute.PacketMirroring("foobar", {
    description: "bar",
    network: {
        url: defaultNetwork.id,
    },
    collector_ilb: {
        url: defaultForwardingRule.id,
    },
    mirrored_resources: {
        tags: ["foo"],
        instances: [{
            url: mirror.id,
        }],
    },
    filter: {
        ipProtocols: ["tcp"],
        cidrRanges: ["0.0.0.0/0"],
    },
});

constructor

new PacketMirroring(name: string, args: PacketMirroringArgs, opts?: pulumi.CustomResourceOptions)

Create a PacketMirroring resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PacketMirroringState, opts?: pulumi.CustomResourceOptions): PacketMirroring

Get an existing PacketMirroring resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is PacketMirroring

Returns true if the given object is an instance of PacketMirroring. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property collectorIlb

public collectorIlb: pulumi.Output<PacketMirroringCollectorIlb>;

The Forwarding Rule resource (of type load_balancing_scheme=INTERNAL) that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true. Structure is documented below.

property description

public description: pulumi.Output<string | undefined>;

A human-readable description of the rule.

property filter

public filter: pulumi.Output<PacketMirroringFilter | undefined>;

A filter for mirrored traffic. If unset, all traffic is mirrored. Structure is documented below.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property mirroredResources

public mirroredResources: pulumi.Output<PacketMirroringMirroredResources>;

A means of specifying which resources to mirror. Structure is documented below.

property name

public name: pulumi.Output<string>;

The name of the packet mirroring rule

property network

public network: pulumi.Output<PacketMirroringNetwork>;

Specifies the mirrored VPC network. Only packets in this network will be mirrored. All mirrored VMs should have a NIC in the given network. All mirrored subnetworks should belong to the given network. Structure is documented below.

property priority

public priority: pulumi.Output<number>;

Since only one rule can be active at a time, priority is used to break ties in the case of two rules that apply to the same instances.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

The Region in which the created address should reside. If it is not provided, the provider region is used.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource PerInstanceConfig

class PerInstanceConfig extends CustomResource

A config defined for a single managed instance that belongs to an instance group manager. It preserves the instance name across instance group manager operations and can define stateful disks or metadata that are unique to the instance.

To get more information about PerInstanceConfig, see:

constructor

new PerInstanceConfig(name: string, args: PerInstanceConfigArgs, opts?: pulumi.CustomResourceOptions)

Create a PerInstanceConfig resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PerInstanceConfigState, opts?: pulumi.CustomResourceOptions): PerInstanceConfig

Get an existing PerInstanceConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is PerInstanceConfig

Returns true if the given object is an instance of PerInstanceConfig. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceGroupManager

public instanceGroupManager: pulumi.Output<string>;

The instance group manager this instance config is part of.

property minimalAction

public minimalAction: pulumi.Output<string | undefined>;

The minimal action to perform on the instance during an update. Default is NONE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property mostDisruptiveAllowedAction

public mostDisruptiveAllowedAction: pulumi.Output<string | undefined>;

The most disruptive action to perform on the instance during an update. Default is REPLACE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property name

public name: pulumi.Output<string>;

The name for this per-instance config and its corresponding instance.

property preservedState

public preservedState: pulumi.Output<PerInstanceConfigPreservedState | undefined>;

The preserved state for this instance. Structure is documented below.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;

Zone where the containing instance group manager is located

Resource ProjectDefaultNetworkTier

class ProjectDefaultNetworkTier extends CustomResource

Configures the Google Compute Engine Default Network Tier for a project.

For more information, see, the Project API documentation.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultProjectDefaultNetworkTier = new gcp.compute.ProjectDefaultNetworkTier("default", {
    networkTier: "PREMIUM",
});

constructor

new ProjectDefaultNetworkTier(name: string, args: ProjectDefaultNetworkTierArgs, opts?: pulumi.CustomResourceOptions)

Create a ProjectDefaultNetworkTier resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ProjectDefaultNetworkTierState, opts?: pulumi.CustomResourceOptions): ProjectDefaultNetworkTier

Get an existing ProjectDefaultNetworkTier resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ProjectDefaultNetworkTier

Returns true if the given object is an instance of ProjectDefaultNetworkTier. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property networkTier

public networkTier: pulumi.Output<string>;

The default network tier to be configured for the project. This field can take the following values: PREMIUM or STANDARD.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ProjectMetadata

class ProjectMetadata extends CustomResource

Authoritatively manages metadata common to all instances for a project in GCE. For more information see the official documentation and API.

Note: This resource manages all project-level metadata including project-level ssh keys. Keys unset in config but set on the server will be removed. If you want to manage only single key/value pairs within the project metadata rather than the entire set, then use google_compute_project_metadata_item.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultProjectMetadata = new gcp.compute.ProjectMetadata("default", {
    metadata: {
        "13": "42",
        fizz: "buzz",
        foo: "bar",
    },
});

constructor

new ProjectMetadata(name: string, args: ProjectMetadataArgs, opts?: pulumi.CustomResourceOptions)

Create a ProjectMetadata resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ProjectMetadataState, opts?: pulumi.CustomResourceOptions): ProjectMetadata

Get an existing ProjectMetadata resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ProjectMetadata

Returns true if the given object is an instance of ProjectMetadata. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property metadata

public metadata: pulumi.Output<{[key: string]: string}>;

A series of key value pairs.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ProjectMetadataItem

class ProjectMetadataItem extends CustomResource

Manages a single key/value pair on metadata common to all instances for a project in GCE. Using gcp.compute.ProjectMetadataItem lets you manage a single key/value setting in the provider rather than the entire project metadata map.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultProjectMetadataItem = new gcp.compute.ProjectMetadataItem("default", {
    key: "myMetadata",
    value: "myValue",
});

constructor

new ProjectMetadataItem(name: string, args: ProjectMetadataItemArgs, opts?: pulumi.CustomResourceOptions)

Create a ProjectMetadataItem resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ProjectMetadataItemState, opts?: pulumi.CustomResourceOptions): ProjectMetadataItem

Get an existing ProjectMetadataItem resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ProjectMetadataItem

Returns true if the given object is an instance of ProjectMetadataItem. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property key

public key: pulumi.Output<string>;

The metadata key to set.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property value

public value: pulumi.Output<string>;

The value to set for the given metadata key.

Resource RegionAutoscaler

class RegionAutoscaler extends CustomResource

Represents an Autoscaler resource.

Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define.

To get more information about RegionAutoscaler, see:

Example Usage - Region Autoscaler Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const debian9 = gcp.compute.getImage({
    family: "debian-9",
    project: "debian-cloud",
});
const foobarInstanceTemplate = new gcp.compute.InstanceTemplate("foobarInstanceTemplate", {
    machineType: "n1-standard-1",
    canIpForward: false,
    tags: [
        "foo",
        "bar",
    ],
    disk: [{
        sourceImage: debian9.then(debian9 => debian9.selfLink),
    }],
    network_interface: [{
        network: "default",
    }],
    metadata: {
        foo: "bar",
    },
    service_account: {
        scopes: [
            "userinfo-email",
            "compute-ro",
            "storage-ro",
        ],
    },
});
const foobarTargetPool = new gcp.compute.TargetPool("foobarTargetPool", {});
const foobarRegionInstanceGroupManager = new gcp.compute.RegionInstanceGroupManager("foobarRegionInstanceGroupManager", {
    region: "us-central1",
    version: [{
        instanceTemplate: foobarInstanceTemplate.id,
        name: "primary",
    }],
    targetPools: [foobarTargetPool.id],
    baseInstanceName: "foobar",
});
const foobarRegionAutoscaler = new gcp.compute.RegionAutoscaler("foobarRegionAutoscaler", {
    region: "us-central1",
    target: foobarRegionInstanceGroupManager.id,
    autoscaling_policy: {
        maxReplicas: 5,
        minReplicas: 1,
        cooldownPeriod: 60,
        cpu_utilization: {
            target: 0.5,
        },
    },
});

constructor

new RegionAutoscaler(name: string, args: RegionAutoscalerArgs, opts?: pulumi.CustomResourceOptions)

Create a RegionAutoscaler resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegionAutoscalerState, opts?: pulumi.CustomResourceOptions): RegionAutoscaler

Get an existing RegionAutoscaler resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RegionAutoscaler

Returns true if the given object is an instance of RegionAutoscaler. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoscalingPolicy

public autoscalingPolicy: pulumi.Output<RegionAutoscalerAutoscalingPolicy>;

The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%. Structure is documented below.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

URL of the region where the instance group resides.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property target

public target: pulumi.Output<string>;

Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RegionBackendService

class RegionBackendService extends CustomResource

A Region Backend Service defines a regionally-scoped group of virtual machines that will serve traffic for load balancing.

To get more information about RegionBackendService, see:

Example Usage - Region Backend Service Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultHealthCheck = new gcp.compute.HealthCheck("defaultHealthCheck", {
    checkIntervalSec: 1,
    timeoutSec: 1,
    tcp_health_check: {
        port: "80",
    },
});
const defaultRegionBackendService = new gcp.compute.RegionBackendService("defaultRegionBackendService", {
    region: "us-central1",
    healthChecks: [defaultHealthCheck.id],
    connectionDrainingTimeoutSec: 10,
    sessionAffinity: "CLIENT_IP",
});

Example Usage - Region Backend Service Ilb Round Robin

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const healthCheck = new gcp.compute.HealthCheck("healthCheck", {http_health_check: {
    port: 80,
}});
const _default = new gcp.compute.RegionBackendService("default", {
    region: "us-central1",
    healthChecks: [healthCheck.id],
    protocol: "HTTP",
    loadBalancingScheme: "INTERNAL_MANAGED",
    localityLbPolicy: "ROUND_ROBIN",
});

Example Usage - Region Backend Service Ilb Ring Hash

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const healthCheck = new gcp.compute.HealthCheck("healthCheck", {http_health_check: {
    port: 80,
}});
const _default = new gcp.compute.RegionBackendService("default", {
    region: "us-central1",
    healthChecks: [healthCheck.id],
    loadBalancingScheme: "INTERNAL_MANAGED",
    localityLbPolicy: "RING_HASH",
    sessionAffinity: "HTTP_COOKIE",
    protocol: "HTTP",
    circuit_breakers: {
        maxConnections: 10,
    },
    consistent_hash: {
        http_cookie: {
            ttl: {
                seconds: 11,
                nanos: 1111,
            },
            name: "mycookie",
        },
    },
    outlier_detection: {
        consecutiveErrors: 2,
    },
});

Example Usage - Region Backend Service Balancing Mode

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const debianImage = gcp.compute.getImage({
    family: "debian-9",
    project: "debian-cloud",
});
const defaultNetwork = new gcp.compute.Network("defaultNetwork", {
    autoCreateSubnetworks: false,
    routingMode: "REGIONAL",
});
const defaultSubnetwork = new gcp.compute.Subnetwork("defaultSubnetwork", {
    ipCidrRange: "10.1.2.0/24",
    region: "us-central1",
    network: defaultNetwork.id,
});
const instanceTemplate = new gcp.compute.InstanceTemplate("instanceTemplate", {
    machineType: "n1-standard-1",
    network_interface: [{
        network: defaultNetwork.id,
        subnetwork: defaultSubnetwork.id,
    }],
    disk: [{
        sourceImage: debianImage.then(debianImage => debianImage.selfLink),
        autoDelete: true,
        boot: true,
    }],
    tags: [
        "allow-ssh",
        "load-balanced-backend",
    ],
});
const rigm = new gcp.compute.RegionInstanceGroupManager("rigm", {
    region: "us-central1",
    version: [{
        instanceTemplate: instanceTemplate.selfLink,
        name: "primary",
    }],
    baseInstanceName: "internal-glb",
    targetSize: 1,
});
const defaultRegionHealthCheck = new gcp.compute.RegionHealthCheck("defaultRegionHealthCheck", {
    region: "us-central1",
    http_health_check: {
        portSpecification: "USE_SERVING_PORT",
    },
});
const defaultRegionBackendService = new gcp.compute.RegionBackendService("defaultRegionBackendService", {
    loadBalancingScheme: "INTERNAL_MANAGED",
    backend: [{
        group: rigm.instanceGroup,
        balancingMode: "UTILIZATION",
        capacityScaler: 1,
    }],
    region: "us-central1",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [defaultRegionHealthCheck.id],
});

constructor

new RegionBackendService(name: string, args: RegionBackendServiceArgs, opts?: pulumi.CustomResourceOptions)

Create a RegionBackendService resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegionBackendServiceState, opts?: pulumi.CustomResourceOptions): RegionBackendService

Get an existing RegionBackendService resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RegionBackendService

Returns true if the given object is an instance of RegionBackendService. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property affinityCookieTtlSec

public affinityCookieTtlSec: pulumi.Output<number | undefined>;

Lifetime of cookies in seconds if sessionAffinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.

property backends

public backends: pulumi.Output<RegionBackendServiceBackend[] | undefined>;

The set of backends that serve this RegionBackendService. Structure is documented below.

property circuitBreakers

public circuitBreakers: pulumi.Output<RegionBackendServiceCircuitBreakers | undefined>;

Settings controlling the volume of connections to a backend service. This field is applicable only when the loadBalancingScheme is set to INTERNAL_MANAGED and the protocol is set to HTTP, HTTPS, or HTTP2. Structure is documented below.

property connectionDrainingTimeoutSec

public connectionDrainingTimeoutSec: pulumi.Output<number | undefined>;

Time for which instance will be drained (not accept new connections, but still work to finish started).

property consistentHash

public consistentHash: pulumi.Output<RegionBackendServiceConsistentHash | undefined>;

Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies when all of the following are true -

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource. Provide this property when you create the resource.

property failoverPolicy

public failoverPolicy: pulumi.Output<RegionBackendServiceFailoverPolicy | undefined>;

Policy for failovers. Structure is documented below.

property fingerprint

public fingerprint: pulumi.Output<string>;

Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.

property healthChecks

public healthChecks: pulumi.Output<string>;

The set of URLs to HealthCheck resources for health checking this RegionBackendService. Currently at most one health check can be specified, and a health check is required.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property loadBalancingScheme

public loadBalancingScheme: pulumi.Output<string | undefined>;

Indicates what kind of load balancing this regional backend service will be used for. A backend service created for one type of load balancing cannot be used with the other(s).

property localityLbPolicy

public localityLbPolicy: pulumi.Output<string | undefined>;

The load balancing algorithm used within the scope of the locality. The possible values are - ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. RANDOM - The load balancer selects a random healthy host. ORIGINAL_DESTINATION - Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. MAGLEV - used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 This field is applicable only when the loadBalancingScheme is set to INTERNAL_MANAGED and the protocol is set to HTTP, HTTPS, or HTTP2.

property logConfig

public logConfig: pulumi.Output<RegionBackendServiceLogConfig | undefined>;

This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.

property name

public name: pulumi.Output<string>;

Name of the cookie.

property network

public network: pulumi.Output<string | undefined>;

The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.

property outlierDetection

public outlierDetection: pulumi.Output<RegionBackendServiceOutlierDetection | undefined>;

Settings controlling eviction of unhealthy hosts from the load balancing pool. This field is applicable only when the loadBalancingScheme is set to INTERNAL_MANAGED and the protocol is set to HTTP, HTTPS, or HTTP2. Structure is documented below.

property portName

public portName: pulumi.Output<string>;

A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL, INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. API sets a default of “http” if not given. Must be omitted when the loadBalancingScheme is INTERNAL (Internal TCP/UDP Load Balancing).

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property protocol

public protocol: pulumi.Output<string>;

The protocol this RegionBackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API.

property region

public region: pulumi.Output<string>;

The Region in which the created backend service should reside. If it is not provided, the provider region is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property sessionAffinity

public sessionAffinity: pulumi.Output<string>;

Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP.

property timeoutSec

public timeoutSec: pulumi.Output<number>;

How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds. Valid range is [1, 86400].

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RegionDisk

class RegionDisk extends CustomResource

Persistent disks are durable storage devices that function similarly to the physical disks in a desktop or a server. Compute Engine manages the hardware behind these devices to ensure data redundancy and optimize performance for you. Persistent disks are available as either standard hard disk drives (HDD) or solid-state drives (SSD).

Persistent disks are located independently from your virtual machine instances, so you can detach or move persistent disks to keep your data even after you delete your instances. Persistent disk performance scales automatically with size, so you can resize your existing persistent disks or add more persistent disks to an instance to meet your performance and storage space requirements.

Add a persistent disk to your instance when you need reliable and affordable storage with consistent performance characteristics.

To get more information about RegionDisk, see:

Warning: All arguments including disk_encryption_key.raw_key will be stored in the raw state as plain-text. Read more about secrets in state.

Example Usage - Region Disk Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const disk = new gcp.compute.Disk("disk", {
    image: "debian-cloud/debian-9",
    size: 50,
    type: "pd-ssd",
    zone: "us-central1-a",
});
const snapdisk = new gcp.compute.Snapshot("snapdisk", {
    sourceDisk: disk.name,
    zone: "us-central1-a",
});
const regiondisk = new gcp.compute.RegionDisk("regiondisk", {
    snapshot: snapdisk.id,
    type: "pd-ssd",
    region: "us-central1",
    physicalBlockSizeBytes: 4096,
    replicaZones: [
        "us-central1-a",
        "us-central1-f",
    ],
});

constructor

new RegionDisk(name: string, args: RegionDiskArgs, opts?: pulumi.CustomResourceOptions)

Create a RegionDisk resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegionDiskState, opts?: pulumi.CustomResourceOptions): RegionDisk

Get an existing RegionDisk resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RegionDisk

Returns true if the given object is an instance of RegionDisk. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource. Provide this property when you create the resource.

property diskEncryptionKey

public diskEncryptionKey: pulumi.Output<RegionDiskDiskEncryptionKey | undefined>;

Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Structure is documented below.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;

Labels to apply to this disk. A list of key->value pairs.

property lastAttachTimestamp

public lastAttachTimestamp: pulumi.Output<string>;

Last attach timestamp in RFC3339 text format.

property lastDetachTimestamp

public lastDetachTimestamp: pulumi.Output<string>;

Last detach timestamp in RFC3339 text format.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property physicalBlockSizeBytes

public physicalBlockSizeBytes: pulumi.Output<number>;

Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Currently supported sizes are 4096 and 16384, other sizes may be added in the future. If an unsupported value is requested, the error message will list the supported values for the caller’s project.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

A reference to the region where the disk resides.

property replicaZones

public replicaZones: pulumi.Output<string[]>;

URLs of the zones where the disk should be replicated to.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property size

public size: pulumi.Output<number>;

Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the sourceImage or sourceSnapshot parameter, or specify it alone to create an empty persistent disk. If you specify this field along with sourceImage or sourceSnapshot, the value of sizeGb must not be less than the size of the sourceImage or the size of the snapshot.

property snapshot

public snapshot: pulumi.Output<string | undefined>;

The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: * https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot * projects/project/global/snapshots/snapshot * global/snapshots/snapshot * snapshot

property sourceSnapshotEncryptionKey

public sourceSnapshotEncryptionKey: pulumi.Output<RegionDiskSourceSnapshotEncryptionKey | undefined>;

The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

property sourceSnapshotId

public sourceSnapshotId: pulumi.Output<string>;

The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.

property type

public type: pulumi.Output<string | undefined>;

URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property users

public users: pulumi.Output<string[]>;

Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance

Resource RegionDiskResourcePolicyAttachment

class RegionDiskResourcePolicyAttachment extends CustomResource

Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.

Note: This resource does not support zonal disks (gcp.compute.Disk). For zonal disks, please refer to the gcp.compute.DiskResourcePolicyAttachment resource.

Example Usage

Region Disk Resource Policy Attachment Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const disk = new gcp.compute.Disk("disk", {
    image: "debian-cloud/debian-9",
    size: 50,
    type: "pd-ssd",
    zone: "us-central1-a",
});
const snapdisk = new gcp.compute.Snapshot("snapdisk", {
    sourceDisk: disk.name,
    zone: "us-central1-a",
});
const ssd = new gcp.compute.RegionDisk("ssd", {
    replicaZones: [
        "us-central1-a",
        "us-central1-f",
    ],
    snapshot: snapdisk.id,
    size: 50,
    type: "pd-ssd",
    region: "us-central1",
});
const attachment = new gcp.compute.RegionDiskResourcePolicyAttachment("attachment", {
    disk: ssd.name,
    region: "us-central1",
});
const policy = new gcp.compute.ResourcePolicy("policy", {
    region: "us-central1",
    snapshot_schedule_policy: {
        schedule: {
            daily_schedule: {
                daysInCycle: 1,
                startTime: "04:00",
            },
        },
    },
});
const myImage = gcp.compute.getImage({
    family: "debian-9",
    project: "debian-cloud",
});

constructor

new RegionDiskResourcePolicyAttachment(name: string, args: RegionDiskResourcePolicyAttachmentArgs, opts?: pulumi.CustomResourceOptions)

Create a RegionDiskResourcePolicyAttachment resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegionDiskResourcePolicyAttachmentState, opts?: pulumi.CustomResourceOptions): RegionDiskResourcePolicyAttachment

Get an existing RegionDiskResourcePolicyAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RegionDiskResourcePolicyAttachment

Returns true if the given object is an instance of RegionDiskResourcePolicyAttachment. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property disk

public disk: pulumi.Output<string>;

The name of the regional disk in which the resource policies are attached to.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The resource policy to be attached to the disk for scheduling snapshot creation. Do not specify the self link.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

A reference to the region where the disk resides.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RegionHealthCheck

class RegionHealthCheck extends CustomResource

Health Checks determine whether instances are responsive and able to do work. They are an important part of a comprehensive load balancing configuration, as they enable monitoring instances behind load balancers.

Health Checks poll instances at a specified interval. Instances that do not respond successfully to some number of probes in a row are marked as unhealthy. No new connections are sent to unhealthy instances, though existing connections will continue. The health check will continue to poll unhealthy instances. If an instance later responds successfully to some number of consecutive probes, it is marked healthy again and can receive new connections.

To get more information about RegionHealthCheck, see:

Example Usage - Region Health Check Tcp

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const tcpRegionHealthCheck = new gcp.compute.RegionHealthCheck("tcp-region-health-check", {
    checkIntervalSec: 1,
    tcpHealthCheck: {
        port: 80,
    },
    timeoutSec: 1,
});

Example Usage - Region Health Check Tcp Full

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const tcpRegionHealthCheck = new gcp.compute.RegionHealthCheck("tcp-region-health-check", {
    checkIntervalSec: 1,
    description: "Health check via tcp",
    healthyThreshold: 4,
    tcpHealthCheck: {
        portName: "health-check-port",
        portSpecification: "USE_NAMED_PORT",
        proxyHeader: "NONE",
        request: "ARE YOU HEALTHY?",
        response: "I AM HEALTHY",
    },
    timeoutSec: 1,
    unhealthyThreshold: 5,
});

Example Usage - Region Health Check Ssl

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const sslRegionHealthCheck = new gcp.compute.RegionHealthCheck("ssl-region-health-check", {
    checkIntervalSec: 1,
    sslHealthCheck: {
        port: 443,
    },
    timeoutSec: 1,
});

Example Usage - Region Health Check Ssl Full

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const sslRegionHealthCheck = new gcp.compute.RegionHealthCheck("ssl-region-health-check", {
    checkIntervalSec: 1,
    description: "Health check via ssl",
    healthyThreshold: 4,
    sslHealthCheck: {
        portName: "health-check-port",
        portSpecification: "USE_NAMED_PORT",
        proxyHeader: "NONE",
        request: "ARE YOU HEALTHY?",
        response: "I AM HEALTHY",
    },
    timeoutSec: 1,
    unhealthyThreshold: 5,
});

Example Usage - Region Health Check Http

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const httpRegionHealthCheck = new gcp.compute.RegionHealthCheck("http-region-health-check", {
    checkIntervalSec: 1,
    httpHealthCheck: {
        port: 80,
    },
    timeoutSec: 1,
});

Example Usage - Region Health Check Http Logs

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const httpRegionHealthCheck = new gcp.compute.RegionHealthCheck("http-region-health-check", {
    timeoutSec: 1,
    checkIntervalSec: 1,
    http_health_check: {
        port: "80",
    },
    log_config: {
        enable: true,
    },
});

Example Usage - Region Health Check Http Full

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const httpRegionHealthCheck = new gcp.compute.RegionHealthCheck("http-region-health-check", {
    checkIntervalSec: 1,
    description: "Health check via http",
    healthyThreshold: 4,
    httpHealthCheck: {
        host: "1.2.3.4",
        portName: "health-check-port",
        portSpecification: "USE_NAMED_PORT",
        proxyHeader: "NONE",
        requestPath: "/mypath",
        response: "I AM HEALTHY",
    },
    timeoutSec: 1,
    unhealthyThreshold: 5,
});

Example Usage - Region Health Check Https

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const httpsRegionHealthCheck = new gcp.compute.RegionHealthCheck("https-region-health-check", {
    checkIntervalSec: 1,
    httpsHealthCheck: {
        port: 443,
    },
    timeoutSec: 1,
});

Example Usage - Region Health Check Https Full

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const httpsRegionHealthCheck = new gcp.compute.RegionHealthCheck("https-region-health-check", {
    checkIntervalSec: 1,
    description: "Health check via https",
    healthyThreshold: 4,
    httpsHealthCheck: {
        host: "1.2.3.4",
        portName: "health-check-port",
        portSpecification: "USE_NAMED_PORT",
        proxyHeader: "NONE",
        requestPath: "/mypath",
        response: "I AM HEALTHY",
    },
    timeoutSec: 1,
    unhealthyThreshold: 5,
});

Example Usage - Region Health Check Http2

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const http2RegionHealthCheck = new gcp.compute.RegionHealthCheck("http2-region-health-check", {
    checkIntervalSec: 1,
    http2HealthCheck: {
        port: 443,
    },
    timeoutSec: 1,
});

Example Usage - Region Health Check Http2 Full

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const http2RegionHealthCheck = new gcp.compute.RegionHealthCheck("http2-region-health-check", {
    checkIntervalSec: 1,
    description: "Health check via http2",
    healthyThreshold: 4,
    http2HealthCheck: {
        host: "1.2.3.4",
        portName: "health-check-port",
        portSpecification: "USE_NAMED_PORT",
        proxyHeader: "NONE",
        requestPath: "/mypath",
        response: "I AM HEALTHY",
    },
    timeoutSec: 1,
    unhealthyThreshold: 5,
});

constructor

new RegionHealthCheck(name: string, args?: RegionHealthCheckArgs, opts?: pulumi.CustomResourceOptions)

Create a RegionHealthCheck resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegionHealthCheckState, opts?: pulumi.CustomResourceOptions): RegionHealthCheck

Get an existing RegionHealthCheck resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RegionHealthCheck

Returns true if the given object is an instance of RegionHealthCheck. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property checkIntervalSec

public checkIntervalSec: pulumi.Output<number | undefined>;

How often (in seconds) to send a health check. The default value is 5 seconds.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

public healthyThreshold: pulumi.Output<number | undefined>;

A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property http2HealthCheck

public http2HealthCheck: pulumi.Output<RegionHealthCheckHttp2HealthCheck | undefined>;

A nested object resource Structure is documented below.

property httpHealthCheck

public httpHealthCheck: pulumi.Output<RegionHealthCheckHttpHealthCheck | undefined>;

A nested object resource Structure is documented below.

property httpsHealthCheck

public httpsHealthCheck: pulumi.Output<RegionHealthCheckHttpsHealthCheck | undefined>;

A nested object resource Structure is documented below.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property logConfig

public logConfig: pulumi.Output<RegionHealthCheckLogConfig | undefined>;

Configure logging on this health check. Structure is documented below.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

The Region in which the created health check should reside. If it is not provided, the provider region is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property sslHealthCheck

public sslHealthCheck: pulumi.Output<RegionHealthCheckSslHealthCheck | undefined>;

A nested object resource Structure is documented below.

property tcpHealthCheck

public tcpHealthCheck: pulumi.Output<RegionHealthCheckTcpHealthCheck | undefined>;

A nested object resource Structure is documented below.

property timeoutSec

public timeoutSec: pulumi.Output<number | undefined>;

How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property type

public type: pulumi.Output<string>;

The type of the health check. One of HTTP, HTTP2, HTTPS, TCP, or SSL.

property unhealthyThreshold

public unhealthyThreshold: pulumi.Output<number | undefined>;

A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RegionInstanceGroupManager

class RegionInstanceGroupManager extends CustomResource

The Google Compute Engine Regional Instance Group Manager API creates and manages pools of homogeneous Compute Engine virtual machine instances from a common instance template. For more information, see the official documentation and API

Note: Use gcp.compute.InstanceGroupManager to create a single-zone instance group manager.

Example Usage with top level instance template (google provider)

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const autohealing = new gcp.compute.HealthCheck("autohealing", {
    checkIntervalSec: 5,
    timeoutSec: 5,
    healthyThreshold: 2,
    unhealthyThreshold: 10,
    http_health_check: {
        requestPath: "/healthz",
        port: "8080",
    },
});
const appserver = new gcp.compute.RegionInstanceGroupManager("appserver", {
    baseInstanceName: "app",
    region: "us-central1",
    distributionPolicyZones: [
        "us-central1-a",
        "us-central1-f",
    ],
    version: [{
        instanceTemplate: google_compute_instance_template.appserver.id,
    }],
    targetPools: [google_compute_target_pool.appserver.id],
    targetSize: 2,
    named_port: [{
        name: "custom",
        port: 8888,
    }],
    auto_healing_policies: {
        healthCheck: autohealing.id,
        initialDelaySec: 300,
    },
});

Example Usage with multiple versions

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const appserver = new gcp.compute.RegionInstanceGroupManager("appserver", {
    baseInstanceName: "app",
    region: "us-central1",
    targetSize: 5,
    version: [
        {
            instanceTemplate: google_compute_instance_template.appserver.id,
        },
        {
            instanceTemplate: google_compute_instance_template["appserver-canary"].id,
            target_size: {
                fixed: 1,
            },
        },
    ],
});

constructor

new RegionInstanceGroupManager(name: string, args: RegionInstanceGroupManagerArgs, opts?: pulumi.CustomResourceOptions)

Create a RegionInstanceGroupManager resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegionInstanceGroupManagerState, opts?: pulumi.CustomResourceOptions): RegionInstanceGroupManager

Get an existing RegionInstanceGroupManager resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RegionInstanceGroupManager

Returns true if the given object is an instance of RegionInstanceGroupManager. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoHealingPolicies

public autoHealingPolicies: pulumi.Output<RegionInstanceGroupManagerAutoHealingPolicies | undefined>;

The autohealing policies for this managed instance group. You can specify only one value. Structure is documented below. For more information, see the official documentation.

property baseInstanceName

public baseInstanceName: pulumi.Output<string>;

The base instance name to use for instances in this group. The value must be a valid RFC1035 name. Supported characters are lowercase letters, numbers, and hyphens (-). Instances are named by appending a hyphen and a random four-character string to the base instance name.

property description

public description: pulumi.Output<string | undefined>;

An optional textual description of the instance group manager.

property distributionPolicyZones

public distributionPolicyZones: pulumi.Output<string[]>;

The distribution policy for this managed instance group. You can specify one or more values. For more information, see the official documentation.

property fingerprint

public fingerprint: pulumi.Output<string>;

The fingerprint of the instance group manager.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceGroup

public instanceGroup: pulumi.Output<string>;

The full URL of the instance group created by the manager.

property name

public name: pulumi.Output<string>;
  • Version name.

property namedPorts

public namedPorts: pulumi.Output<RegionInstanceGroupManagerNamedPort[] | undefined>;

The named port configuration. See the section below for details on configuration.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

The region where the managed instance group resides.

public selfLink: pulumi.Output<string>;

The URL of the created resource.

property statefulDisks

public statefulDisks: pulumi.Output<RegionInstanceGroupManagerStatefulDisk[] | undefined>;

Disks created on the instances that will be preserved on instance delete, update, etc. Structure is documented below. For more information see the official documentation. Proactive cross zone instance redistribution must be disabled before you can update stateful disks on existing instance group managers. This can be controlled via the updatePolicy.

property targetPools

public targetPools: pulumi.Output<string[] | undefined>;

The full URL of all target pools to which new instances in the group are added. Updating the target pools attribute does not affect existing instances.

property targetSize

public targetSize: pulumi.Output<number>;
  • The number of instances calculated as a fixed number or a percentage depending on the settings. Structure is documented below.

property updatePolicy

public updatePolicy: pulumi.Output<RegionInstanceGroupManagerUpdatePolicy>;

The update policy for this managed instance group. Structure is documented below. For more information, see the official documentation and API

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property versions

public versions: pulumi.Output<RegionInstanceGroupManagerVersion[]>;

Application versions managed by this instance group. Each version deals with a specific instance template, allowing canary release scenarios. Structure is documented below.

property waitForInstances

public waitForInstances: pulumi.Output<boolean | undefined>;

Whether to wait for all instances to be created/updated before returning. Note that if this is set to true and the operation does not succeed, the provider will continue trying until it times out.

Resource RegionPerInstanceConfig

class RegionPerInstanceConfig extends CustomResource

A config defined for a single managed instance that belongs to an instance group manager. It preserves the instance name across instance group manager operations and can define stateful disks or metadata that are unique to the instance. This resource works with regional instance group managers.

To get more information about RegionPerInstanceConfig, see:

constructor

new RegionPerInstanceConfig(name: string, args: RegionPerInstanceConfigArgs, opts?: pulumi.CustomResourceOptions)

Create a RegionPerInstanceConfig resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegionPerInstanceConfigState, opts?: pulumi.CustomResourceOptions): RegionPerInstanceConfig

Get an existing RegionPerInstanceConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RegionPerInstanceConfig

Returns true if the given object is an instance of RegionPerInstanceConfig. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property minimalAction

public minimalAction: pulumi.Output<string | undefined>;

The minimal action to perform on the instance during an update. Default is NONE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property mostDisruptiveAllowedAction

public mostDisruptiveAllowedAction: pulumi.Output<string | undefined>;

The most disruptive action to perform on the instance during an update. Default is REPLACE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property name

public name: pulumi.Output<string>;

The name for this per-instance config and its corresponding instance.

property preservedState

public preservedState: pulumi.Output<RegionPerInstanceConfigPreservedState | undefined>;

The preserved state for this instance. Structure is documented below.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

Region where the containing instance group manager is located

property regionInstanceGroupManager

public regionInstanceGroupManager: pulumi.Output<string>;

The region instance group manager this instance config is part of.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RegionSslCertificate

class RegionSslCertificate extends CustomResource

A RegionSslCertificate resource, used for HTTPS load balancing. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user.

To get more information about RegionSslCertificate, see:

Warning: All arguments including certificate and privateKey will be stored in the raw state as plain-text. Read more about secrets in state.

Example Usage - Region Ssl Certificate Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * from "fs";

const _default = new gcp.compute.RegionSslCertificate("default", {
    region: "us-central1",
    namePrefix: "my-certificate-",
    description: "a description",
    privateKey: fs.readFileSync("path/to/private.key"),
    certificate: fs.readFileSync("path/to/certificate.crt"),
});

Example Usage - Region Ssl Certificate Target Https Proxies

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * from "fs";

// Using with Region Target HTTPS Proxies
//
// SSL certificates cannot be updated after creation. In order to apply
// the specified configuration, the provider will destroy the existing
// resource and create a replacement. To effectively use an SSL
// certificate resource with a Target HTTPS Proxy resource, it's
// recommended to specify createBeforeDestroy in a lifecycle block.
// Either omit the Instance Template name attribute, specify a partial
// name with name_prefix, or use randomId resource. Example:
const defaultRegionSslCertificate = new gcp.compute.RegionSslCertificate("defaultRegionSslCertificate", {
    region: "us-central1",
    namePrefix: "my-certificate-",
    privateKey: fs.readFileSync("path/to/private.key"),
    certificate: fs.readFileSync("path/to/certificate.crt"),
});
const defaultRegionHealthCheck = new gcp.compute.RegionHealthCheck("defaultRegionHealthCheck", {
    region: "us-central1",
    http_health_check: {
        port: 80,
    },
});
const defaultRegionBackendService = new gcp.compute.RegionBackendService("defaultRegionBackendService", {
    region: "us-central1",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [defaultRegionHealthCheck.id],
});
const defaultRegionUrlMap = new gcp.compute.RegionUrlMap("defaultRegionUrlMap", {
    region: "us-central1",
    description: "a description",
    defaultService: defaultRegionBackendService.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: defaultRegionBackendService.id,
        path_rule: [{
            paths: ["/*"],
            service: defaultRegionBackendService.id,
        }],
    }],
});
const defaultRegionTargetHttpsProxy = new gcp.compute.RegionTargetHttpsProxy("defaultRegionTargetHttpsProxy", {
    region: "us-central1",
    urlMap: defaultRegionUrlMap.id,
    sslCertificates: [defaultRegionSslCertificate.id],
});

constructor

new RegionSslCertificate(name: string, args: RegionSslCertificateArgs, opts?: pulumi.CustomResourceOptions)

Create a RegionSslCertificate resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegionSslCertificateState, opts?: pulumi.CustomResourceOptions): RegionSslCertificate

Get an existing RegionSslCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RegionSslCertificate

Returns true if the given object is an instance of RegionSslCertificate. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property certificate

public certificate: pulumi.Output<string>;

The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.

property certificateId

public certificateId: pulumi.Output<number>;

The unique identifier for the resource.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property namePrefix

public namePrefix: pulumi.Output<string>;

Creates a unique name beginning with the specified prefix. Conflicts with name.

property privateKey

public privateKey: pulumi.Output<string>;

The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

The Region in which the created regional ssl certificate should reside. If it is not provided, the provider region is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RegionTargetHttpProxy

class RegionTargetHttpProxy extends CustomResource

Represents a RegionTargetHttpProxy resource, which is used by one or more forwarding rules to route incoming HTTP requests to a URL map.

To get more information about RegionTargetHttpProxy, see:

Example Usage - Region Target Http Proxy Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultRegionHealthCheck = new gcp.compute.RegionHealthCheck("defaultRegionHealthCheck", {
    region: "us-central1",
    http_health_check: {
        port: 80,
    },
});
const defaultRegionBackendService = new gcp.compute.RegionBackendService("defaultRegionBackendService", {
    region: "us-central1",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [defaultRegionHealthCheck.id],
});
const defaultRegionUrlMap = new gcp.compute.RegionUrlMap("defaultRegionUrlMap", {
    region: "us-central1",
    defaultService: defaultRegionBackendService.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: defaultRegionBackendService.id,
        path_rule: [{
            paths: ["/*"],
            service: defaultRegionBackendService.id,
        }],
    }],
});
const defaultRegionTargetHttpProxy = new gcp.compute.RegionTargetHttpProxy("defaultRegionTargetHttpProxy", {
    region: "us-central1",
    urlMap: defaultRegionUrlMap.id,
});

Example Usage - Region Target Http Proxy Https Redirect

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultRegionUrlMap = new gcp.compute.RegionUrlMap("defaultRegionUrlMap", {
    region: "us-central1",
    default_url_redirect: {
        httpsRedirect: true,
        stripQuery: false,
    },
});
const defaultRegionTargetHttpProxy = new gcp.compute.RegionTargetHttpProxy("defaultRegionTargetHttpProxy", {
    region: "us-central1",
    urlMap: defaultRegionUrlMap.selfLink,
});

constructor

new RegionTargetHttpProxy(name: string, args: RegionTargetHttpProxyArgs, opts?: pulumi.CustomResourceOptions)

Create a RegionTargetHttpProxy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegionTargetHttpProxyState, opts?: pulumi.CustomResourceOptions): RegionTargetHttpProxy

Get an existing RegionTargetHttpProxy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RegionTargetHttpProxy

Returns true if the given object is an instance of RegionTargetHttpProxy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyId

public proxyId: pulumi.Output<number>;

The unique identifier for the resource.

property region

public region: pulumi.Output<string>;

The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urlMap

public urlMap: pulumi.Output<string>;

A reference to the RegionUrlMap resource that defines the mapping from URL to the BackendService.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RegionTargetHttpsProxy

class RegionTargetHttpsProxy extends CustomResource

Represents a RegionTargetHttpsProxy resource, which is used by one or more forwarding rules to route incoming HTTPS requests to a URL map.

To get more information about RegionTargetHttpsProxy, see:

Example Usage - Region Target Https Proxy Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * from "fs";

const defaultRegionSslCertificate = new gcp.compute.RegionSslCertificate("defaultRegionSslCertificate", {
    region: "us-central1",
    privateKey: fs.readFileSync("path/to/private.key"),
    certificate: fs.readFileSync("path/to/certificate.crt"),
});
const defaultRegionHealthCheck = new gcp.compute.RegionHealthCheck("defaultRegionHealthCheck", {
    region: "us-central1",
    http_health_check: {
        port: 80,
    },
});
const defaultRegionBackendService = new gcp.compute.RegionBackendService("defaultRegionBackendService", {
    region: "us-central1",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [defaultRegionHealthCheck.id],
});
const defaultRegionUrlMap = new gcp.compute.RegionUrlMap("defaultRegionUrlMap", {
    region: "us-central1",
    description: "a description",
    defaultService: defaultRegionBackendService.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: defaultRegionBackendService.id,
        path_rule: [{
            paths: ["/*"],
            service: defaultRegionBackendService.id,
        }],
    }],
});
const defaultRegionTargetHttpsProxy = new gcp.compute.RegionTargetHttpsProxy("defaultRegionTargetHttpsProxy", {
    region: "us-central1",
    urlMap: defaultRegionUrlMap.id,
    sslCertificates: [defaultRegionSslCertificate.id],
});

constructor

new RegionTargetHttpsProxy(name: string, args: RegionTargetHttpsProxyArgs, opts?: pulumi.CustomResourceOptions)

Create a RegionTargetHttpsProxy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegionTargetHttpsProxyState, opts?: pulumi.CustomResourceOptions): RegionTargetHttpsProxy

Get an existing RegionTargetHttpsProxy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RegionTargetHttpsProxy

Returns true if the given object is an instance of RegionTargetHttpsProxy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyId

public proxyId: pulumi.Output<number>;

The unique identifier for the resource.

property region

public region: pulumi.Output<string>;

The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property sslCertificates

public sslCertificates: pulumi.Output<string[]>;

A list of RegionSslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.

property urlMap

public urlMap: pulumi.Output<string>;

A reference to the RegionUrlMap resource that defines the mapping from URL to the RegionBackendService.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RegionUrlMap

class RegionUrlMap extends CustomResource

UrlMaps are used to route requests to a backend service based on rules that you define for the host and path of an incoming URL.

Example Usage - Region Url Map Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.compute.RegionHealthCheck("default", {
    region: "us-central1",
    checkIntervalSec: 1,
    timeoutSec: 1,
    http_health_check: {
        port: 80,
        requestPath: "/",
    },
});
const login = new gcp.compute.RegionBackendService("login", {
    region: "us-central1",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
});
const home = new gcp.compute.RegionBackendService("home", {
    region: "us-central1",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
});
const regionurlmap = new gcp.compute.RegionUrlMap("regionurlmap", {
    region: "us-central1",
    description: "a description",
    defaultService: home.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: home.id,
        path_rule: [
            {
                paths: ["/home"],
                service: home.id,
            },
            {
                paths: ["/login"],
                service: login.id,
            },
        ],
    }],
    test: [{
        service: home.id,
        host: "hi.com",
        path: "/home",
    }],
});

Example Usage - Region Url Map L7 Ilb Path

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.compute.RegionHealthCheck("default", {http_health_check: {
    port: 80,
}});
const home = new gcp.compute.RegionBackendService("home", {
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
    loadBalancingScheme: "INTERNAL_MANAGED",
});
const regionurlmap = new gcp.compute.RegionUrlMap("regionurlmap", {
    description: "a description",
    defaultService: home.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: home.id,
        path_rule: [{
            paths: ["/home"],
            route_action: {
                cors_policy: {
                    allowCredentials: true,
                    allowHeaders: ["Allowed content"],
                    allowMethods: ["GET"],
                    allowOrigins: ["Allowed origin"],
                    exposeHeaders: ["Exposed header"],
                    maxAge: 30,
                    disabled: false,
                },
                fault_injection_policy: {
                    abort: {
                        httpStatus: 234,
                        percentage: 5.6,
                    },
                    delay: {
                        fixed_delay: {
                            seconds: 0,
                            nanos: 50000,
                        },
                        percentage: 7.8,
                    },
                },
                request_mirror_policy: {
                    backendService: home.id,
                },
                retry_policy: {
                    numRetries: 4,
                    per_try_timeout: {
                        seconds: 30,
                    },
                    retryConditions: [
                        "5xx",
                        "deadline-exceeded",
                    ],
                },
                timeout: {
                    seconds: 20,
                    nanos: 750000000,
                },
                url_rewrite: {
                    hostRewrite: "A replacement header",
                    pathPrefixRewrite: "A replacement path",
                },
                weighted_backend_services: [{
                    backendService: home.id,
                    weight: 400,
                    header_action: {
                        requestHeadersToRemoves: ["RemoveMe"],
                        request_headers_to_add: [{
                            headerName: "AddMe",
                            headerValue: "MyValue",
                            replace: true,
                        }],
                        responseHeadersToRemoves: ["RemoveMe"],
                        response_headers_to_add: [{
                            headerName: "AddMe",
                            headerValue: "MyValue",
                            replace: false,
                        }],
                    },
                }],
            },
        }],
    }],
    test: [{
        service: home.id,
        host: "hi.com",
        path: "/home",
    }],
});

Example Usage - Region Url Map L7 Ilb Path Partial

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.compute.RegionHealthCheck("default", {http_health_check: {
    port: 80,
}});
const home = new gcp.compute.RegionBackendService("home", {
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
    loadBalancingScheme: "INTERNAL_MANAGED",
});
const regionurlmap = new gcp.compute.RegionUrlMap("regionurlmap", {
    description: "a description",
    defaultService: home.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: home.id,
        path_rule: [{
            paths: ["/home"],
            route_action: {
                retry_policy: {
                    numRetries: 4,
                    per_try_timeout: {
                        seconds: 30,
                    },
                    retryConditions: [
                        "5xx",
                        "deadline-exceeded",
                    ],
                },
                timeout: {
                    seconds: 20,
                    nanos: 750000000,
                },
                url_rewrite: {
                    hostRewrite: "A replacement header",
                    pathPrefixRewrite: "A replacement path",
                },
                weighted_backend_services: [{
                    backendService: home.id,
                    weight: 400,
                    header_action: {
                        response_headers_to_add: [{
                            headerName: "AddMe",
                            headerValue: "MyValue",
                            replace: false,
                        }],
                    },
                }],
            },
        }],
    }],
    test: [{
        service: home.id,
        host: "hi.com",
        path: "/home",
    }],
});

Example Usage - Region Url Map L7 Ilb Route

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.compute.RegionHealthCheck("default", {http_health_check: {
    port: 80,
}});
const home = new gcp.compute.RegionBackendService("home", {
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
    loadBalancingScheme: "INTERNAL_MANAGED",
});
const regionurlmap = new gcp.compute.RegionUrlMap("regionurlmap", {
    description: "a description",
    defaultService: home.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: home.id,
        route_rules: [{
            priority: 1,
            header_action: {
                requestHeadersToRemoves: ["RemoveMe2"],
                request_headers_to_add: [{
                    headerName: "AddSomethingElse",
                    headerValue: "MyOtherValue",
                    replace: true,
                }],
                responseHeadersToRemoves: ["RemoveMe3"],
                response_headers_to_add: [{
                    headerName: "AddMe",
                    headerValue: "MyValue",
                    replace: false,
                }],
            },
            match_rules: [{
                fullPathMatch: "a full path",
                header_matches: [{
                    headerName: "someheader",
                    exactMatch: "match this exactly",
                    invertMatch: true,
                }],
                ignoreCase: true,
                metadata_filters: [{
                    filterMatchCriteria: "MATCH_ANY",
                    filter_labels: [{
                        name: "PLANET",
                        value: "MARS",
                    }],
                }],
                query_parameter_matches: [{
                    name: "a query parameter",
                    presentMatch: true,
                }],
            }],
            url_redirect: {
                hostRedirect: "A host",
                httpsRedirect: false,
                pathRedirect: "some/path",
                redirectResponseCode: "TEMPORARY_REDIRECT",
                stripQuery: true,
            },
        }],
    }],
    test: [{
        service: home.id,
        host: "hi.com",
        path: "/home",
    }],
});

Example Usage - Region Url Map L7 Ilb Route Partial

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.compute.RegionHealthCheck("default", {http_health_check: {
    port: 80,
}});
const home = new gcp.compute.RegionBackendService("home", {
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
    loadBalancingScheme: "INTERNAL_MANAGED",
});
const regionurlmap = new gcp.compute.RegionUrlMap("regionurlmap", {
    description: "a description",
    defaultService: home.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: home.id,
        route_rules: [{
            priority: 1,
            service: home.id,
            header_action: {
                requestHeadersToRemoves: ["RemoveMe2"],
            },
            match_rules: [{
                fullPathMatch: "a full path",
                header_matches: [{
                    headerName: "someheader",
                    exactMatch: "match this exactly",
                    invertMatch: true,
                }],
                query_parameter_matches: [{
                    name: "a query parameter",
                    presentMatch: true,
                }],
            }],
        }],
    }],
    test: [{
        service: home.id,
        host: "hi.com",
        path: "/home",
    }],
});

constructor

new RegionUrlMap(name: string, args?: RegionUrlMapArgs, opts?: pulumi.CustomResourceOptions)

Create a RegionUrlMap resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegionUrlMapState, opts?: pulumi.CustomResourceOptions): RegionUrlMap

Get an existing RegionUrlMap resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RegionUrlMap

Returns true if the given object is an instance of RegionUrlMap. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property defaultService

public defaultService: pulumi.Output<string | undefined>;

A reference to a RegionBackendService resource. This will be used if none of the pathRules defined by this PathMatcher is matched by the URL’s path portion.

property defaultUrlRedirect

public defaultUrlRedirect: pulumi.Output<RegionUrlMapDefaultUrlRedirect | undefined>;

When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Structure is documented below.

property description

public description: pulumi.Output<string | undefined>;

Description of this test case.

property fingerprint

public fingerprint: pulumi.Output<string>;

Fingerprint of this resource. This field is used internally during updates of this resource.

property hostRules

public hostRules: pulumi.Output<RegionUrlMapHostRule[] | undefined>;

The list of HostRules to use against the URL. Structure is documented below.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property mapId

public mapId: pulumi.Output<number>;

The unique identifier for the resource.

property name

public name: pulumi.Output<string>;

The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.

property pathMatchers

public pathMatchers: pulumi.Output<RegionUrlMapPathMatcher[] | undefined>;

The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL’s host portion.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

The Region in which the url map should reside. If it is not provided, the provider region is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property tests

public tests: pulumi.Output<RegionUrlMapTest[] | undefined>;

The list of expected URL mappings. Requests to update this UrlMap will succeed only if all of the test cases pass. Structure is documented below.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Reservation

class Reservation extends CustomResource

Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running.

Reservations apply only to Compute Engine, Cloud Dataproc, and Google Kubernetes Engine VM usage.Reservations do not apply to f1-micro or g1-small machine types, preemptible VMs, sole tenant nodes, or other services not listed above like Cloud SQL and Dataflow.

To get more information about Reservation, see:

Example Usage - Reservation Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const gceReservation = new gcp.compute.Reservation("gceReservation", {
    specificReservation: {
        count: 1,
        instanceProperties: {
            machineType: "n2-standard-2",
            minCpuPlatform: "Intel Cascade Lake",
        },
    },
    zone: "us-central1-a",
});

constructor

new Reservation(name: string, args: ReservationArgs, opts?: pulumi.CustomResourceOptions)

Create a Reservation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ReservationState, opts?: pulumi.CustomResourceOptions): Reservation

Get an existing Reservation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Reservation

Returns true if the given object is an instance of Reservation. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property commitment

public commitment: pulumi.Output<string>;

Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property specificReservation

public specificReservation: pulumi.Output<ReservationSpecificReservation>;

Reservation for instances with specific machine shapes. Structure is documented below.

property specificReservationRequired

public specificReservationRequired: pulumi.Output<boolean | undefined>;

When set to true, only VMs that target this reservation by name can consume this reservation. Otherwise, it can be consumed by VMs with affinity for any reservation. Defaults to false.

property status

public status: pulumi.Output<string>;

The status of the reservation.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;

The zone where the reservation is made.

Resource ResourcePolicy

class ResourcePolicy extends CustomResource

A policy that can be attached to a resource to specify or schedule actions on that resource.

Example Usage - Resource Policy Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const foo = new gcp.compute.ResourcePolicy("foo", {
    region: "us-central1",
    snapshotSchedulePolicy: {
        schedule: {
            dailySchedule: {
                daysInCycle: 1,
                startTime: "04:00",
            },
        },
    },
});

Example Usage - Resource Policy Full

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const bar = new gcp.compute.ResourcePolicy("bar", {
    region: "us-central1",
    snapshotSchedulePolicy: {
        retentionPolicy: {
            maxRetentionDays: 10,
            onSourceDiskDelete: "KEEP_AUTO_SNAPSHOTS",
        },
        schedule: {
            hourlySchedule: {
                hoursInCycle: 20,
                startTime: "23:00",
            },
        },
        snapshotProperties: {
            guestFlush: true,
            labels: {
                my_label: "value",
            },
            storageLocations: "us",
        },
    },
});

Example Usage - Resource Policy Placement Policy

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const baz = new gcp.compute.ResourcePolicy("baz", {
    groupPlacementPolicy: {
        collocation: "COLLOCATED",
        vmCount: 2,
    },
    region: "us-central1",
});

constructor

new ResourcePolicy(name: string, args?: ResourcePolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a ResourcePolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ResourcePolicyState, opts?: pulumi.CustomResourceOptions): ResourcePolicy

Get an existing ResourcePolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ResourcePolicy

Returns true if the given object is an instance of ResourcePolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property groupPlacementPolicy

public groupPlacementPolicy: pulumi.Output<ResourcePolicyGroupPlacementPolicy | undefined>;

Policy for creating snapshots of persistent disks. Structure is documented below.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

Region where resource policy resides.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property snapshotSchedulePolicy

public snapshotSchedulePolicy: pulumi.Output<ResourcePolicySnapshotSchedulePolicy | undefined>;

Policy for creating snapshots of persistent disks. Structure is documented below.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Route

class Route extends CustomResource

Represents a Route resource.

A route is a rule that specifies how certain packets should be handled by the virtual network. Routes are associated with virtual machines by tag, and the set of routes for a particular virtual machine is called its routing table. For each packet leaving a virtual machine, the system searches that virtual machine’s routing table for a single best matching route.

Routes match packets by destination IP address, preferring smaller or more specific ranges over larger ones. If there is a tie, the system selects the route with the smallest priority value. If there is still a tie, it uses the layer three and four packet headers to select just one of the remaining matching routes. The packet is then forwarded as specified by the nextHop field of the winning route – either to another virtual machine destination, a virtual machine gateway or a Compute Engine-operated gateway. Packets that do not match any route in the sending virtual machine’s routing table will be dropped.

A Route resource must have exactly one specification of either nextHopGateway, nextHopInstance, nextHopIp, nextHopVpnTunnel, or nextHopIlb.

To get more information about Route, see:

Example Usage - Route Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultNetwork = new gcp.compute.Network("defaultNetwork", {});
const defaultRoute = new gcp.compute.Route("defaultRoute", {
    destRange: "15.0.0.0/24",
    network: defaultNetwork.name,
    nextHopIp: "10.132.1.5",
    priority: 100,
});

Example Usage - Route Ilb

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultNetwork = new gcp.compute.Network("defaultNetwork", {autoCreateSubnetworks: false});
const defaultSubnetwork = new gcp.compute.Subnetwork("defaultSubnetwork", {
    ipCidrRange: "10.0.1.0/24",
    region: "us-central1",
    network: defaultNetwork.id,
});
const hc = new gcp.compute.HealthCheck("hc", {
    checkIntervalSec: 1,
    timeoutSec: 1,
    tcp_health_check: {
        port: "80",
    },
});
const backend = new gcp.compute.RegionBackendService("backend", {
    region: "us-central1",
    healthChecks: [hc.id],
});
const defaultForwardingRule = new gcp.compute.ForwardingRule("defaultForwardingRule", {
    region: "us-central1",
    loadBalancingScheme: "INTERNAL",
    backendService: backend.id,
    allPorts: true,
    network: defaultNetwork.name,
    subnetwork: defaultSubnetwork.name,
});
const routeIlb = new gcp.compute.Route("route-ilb", {
    destRange: "0.0.0.0/0",
    network: defaultNetwork.name,
    nextHopIlb: defaultForwardingRule.id,
    priority: 2000,
});

constructor

new Route(name: string, args: RouteArgs, opts?: pulumi.CustomResourceOptions)

Create a Route resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RouteState, opts?: pulumi.CustomResourceOptions): Route

Get an existing Route resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Route

Returns true if the given object is an instance of Route. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource. Provide this property when you create the resource.

property destRange

public destRange: pulumi.Output<string>;

The destination range of outgoing packets that this route applies to. Only IPv4 is supported.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

public network: pulumi.Output<string>;

The network that this route applies to.

property nextHopGateway

public nextHopGateway: pulumi.Output<string | undefined>;

URL to a gateway that should handle matching packets. Currently, you can only specify the internet gateway, using a full or partial valid URL: * https://www.googleapis.com/compute/v1/projects/project/global/gateways/default-internet-gateway * projects/project/global/gateways/default-internet-gateway * global/gateways/default-internet-gateway * The string default-internet-gateway.

property nextHopIlb

public nextHopIlb: pulumi.Output<string | undefined>;

The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets. You can only specify the forwarding rule as a partial or full URL. For example, the following are all valid URLs: https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule regions/region/forwardingRules/forwardingRule Note that this can only be used when the destinationRange is a public (non-RFC 1918) IP CIDR range.

property nextHopInstance

public nextHopInstance: pulumi.Output<string | undefined>;

URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: * https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance * projects/project/zones/zone/instances/instance * zones/zone/instances/instance * Just the instance name, with the zone in nextHopInstanceZone.

property nextHopInstanceZone

public nextHopInstanceZone: pulumi.Output<string | undefined>;

(Optional when nextHopInstance is specified) The zone of the instance specified in nextHopInstance. Omit if nextHopInstance is specified as a URL.

property nextHopIp

public nextHopIp: pulumi.Output<string>;

Network IP address of an instance that should handle matching packets.

property nextHopNetwork

public nextHopNetwork: pulumi.Output<string>;

URL to a Network that should handle matching packets.

property nextHopVpnTunnel

public nextHopVpnTunnel: pulumi.Output<string | undefined>;

URL to a VpnTunnel that should handle matching packets.

property priority

public priority: pulumi.Output<number | undefined>;

The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In the case of two routes with equal prefix length, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property tags

public tags: pulumi.Output<string[] | undefined>;

A list of instance tags to which this route applies.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Router

class Router extends CustomResource

Represents a Router resource.

To get more information about Router, see:

Example Usage - Router Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const foobarNetwork = new gcp.compute.Network("foobarNetwork", {autoCreateSubnetworks: false});
const foobarRouter = new gcp.compute.Router("foobarRouter", {
    network: foobarNetwork.name,
    bgp: {
        asn: 64514,
        advertiseMode: "CUSTOM",
        advertisedGroups: ["ALL_SUBNETS"],
        advertised_ip_ranges: [
            {
                range: "1.2.3.4",
            },
            {
                range: "6.7.0.0/16",
            },
        ],
    },
});

constructor

new Router(name: string, args: RouterArgs, opts?: pulumi.CustomResourceOptions)

Create a Router resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RouterState, opts?: pulumi.CustomResourceOptions): Router

Get an existing Router resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Router

Returns true if the given object is an instance of Router. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bgp

public bgp: pulumi.Output<RouterBgp | undefined>;

BGP information specific to this router. Structure is documented below.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

User-specified description for the IP range.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

public network: pulumi.Output<string>;

A reference to the network to which this router belongs.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

Region where the router resides.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RouterInterface

class RouterInterface extends CustomResource

Manages a Cloud Router interface. For more information see the official documentation and API.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const foobar = new gcp.compute.RouterInterface("foobar", {
    ipRange: "169.254.1.1/30",
    region: "us-central1",
    router: "router-1",
    vpnTunnel: "tunnel-1",
});

constructor

new RouterInterface(name: string, args: RouterInterfaceArgs, opts?: pulumi.CustomResourceOptions)

Create a RouterInterface resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RouterInterfaceState, opts?: pulumi.CustomResourceOptions): RouterInterface

Get an existing RouterInterface resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RouterInterface

Returns true if the given object is an instance of RouterInterface. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property interconnectAttachment

public interconnectAttachment: pulumi.Output<string | undefined>;

The name or resource link to the VLAN interconnect for this interface. Changing this forces a new interface to be created. Only one of vpnTunnel and interconnectAttachment can be specified.

property ipRange

public ipRange: pulumi.Output<string | undefined>;

IP address and range of the interface. The IP range must be in the RFC3927 link-local IP space. Changing this forces a new interface to be created.

property name

public name: pulumi.Output<string>;

A unique name for the interface, required by GCE. Changing this forces a new interface to be created.

property project

public project: pulumi.Output<string>;

The ID of the project in which this interface’s router belongs. If it is not provided, the provider project is used. Changing this forces a new interface to be created.

property region

public region: pulumi.Output<string>;

The region this interface’s router sits in. If not specified, the project region will be used. Changing this forces a new interface to be created.

property router

public router: pulumi.Output<string>;

The name of the router this interface will be attached to. Changing this forces a new interface to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpnTunnel

public vpnTunnel: pulumi.Output<string | undefined>;

The name or resource link to the VPN tunnel this interface will be linked to. Changing this forces a new interface to be created. Only one of vpnTunnel and interconnectAttachment can be specified.

Resource RouterNat

class RouterNat extends CustomResource

A NAT service created in a router.

To get more information about RouterNat, see:

Example Usage - Router Nat Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const net = new gcp.compute.Network("net", {});
const subnet = new gcp.compute.Subnetwork("subnet", {
    network: net.id,
    ipCidrRange: "10.0.0.0/16",
    region: "us-central1",
});
const router = new gcp.compute.Router("router", {
    region: subnet.region,
    network: net.id,
    bgp: {
        asn: 64514,
    },
});
const nat = new gcp.compute.RouterNat("nat", {
    router: router.name,
    region: router.region,
    natIpAllocateOption: "AUTO_ONLY",
    sourceSubnetworkIpRangesToNat: "ALL_SUBNETWORKS_ALL_IP_RANGES",
    log_config: {
        enable: true,
        filter: "ERRORS_ONLY",
    },
});

Example Usage - Router Nat Manual Ips

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const net = new gcp.compute.Network("net", {});
const subnet = new gcp.compute.Subnetwork("subnet", {
    network: net.id,
    ipCidrRange: "10.0.0.0/16",
    region: "us-central1",
});
const router = new gcp.compute.Router("router", {
    region: subnet.region,
    network: net.id,
});
const address: gcp.compute.Address[];
for (const range = {value: 0}; range.value < 2; range.value++) {
    address.push(new gcp.compute.Address(`address-${range.value}`, {region: subnet.region}));
}
const natManual = new gcp.compute.RouterNat("natManual", {
    router: router.name,
    region: router.region,
    natIpAllocateOption: "MANUAL_ONLY",
    natIps: address.map(__item => __item.id),
    sourceSubnetworkIpRangesToNat: "LIST_OF_SUBNETWORKS",
    subnetwork: [{
        name: subnet.id,
        sourceIpRangesToNats: ["ALL_IP_RANGES"],
    }],
});

constructor

new RouterNat(name: string, args: RouterNatArgs, opts?: pulumi.CustomResourceOptions)

Create a RouterNat resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RouterNatState, opts?: pulumi.CustomResourceOptions): RouterNat

Get an existing RouterNat resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RouterNat

Returns true if the given object is an instance of RouterNat. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property drainNatIps

public drainNatIps: pulumi.Output<string[] | undefined>;

A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.

property icmpIdleTimeoutSec

public icmpIdleTimeoutSec: pulumi.Output<number | undefined>;

Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property logConfig

public logConfig: pulumi.Output<RouterNatLogConfig | undefined>;

Configuration for logging on NAT Structure is documented below.

property minPortsPerVm

public minPortsPerVm: pulumi.Output<number | undefined>;

Minimum number of ports allocated to a VM from this NAT.

property name

public name: pulumi.Output<string>;

Self-link of subnetwork to NAT

property natIpAllocateOption

public natIpAllocateOption: pulumi.Output<string>;

How external IPs should be allocated for this NAT. Valid values are AUTO_ONLY for only allowing NAT IPs allocated by Google Cloud Platform, or MANUAL_ONLY for only user-allocated NAT IP addresses.

property natIps

public natIps: pulumi.Output<string[] | undefined>;

Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

Region where the router and NAT reside.

property router

public router: pulumi.Output<string>;

The name of the Cloud Router in which this NAT will be configured.

property sourceSubnetworkIpRangesToNat

public sourceSubnetworkIpRangesToNat: pulumi.Output<string>;

How NAT should be configured per Subnetwork. If ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. If ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat. LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region.

property subnetworks

public subnetworks: pulumi.Output<RouterNatSubnetwork[] | undefined>;

One or more subnetwork NAT configurations. Only used if sourceSubnetworkIpRangesToNat is set to LIST_OF_SUBNETWORKS Structure is documented below.

property tcpEstablishedIdleTimeoutSec

public tcpEstablishedIdleTimeoutSec: pulumi.Output<number | undefined>;

Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.

property tcpTransitoryIdleTimeoutSec

public tcpTransitoryIdleTimeoutSec: pulumi.Output<number | undefined>;

Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.

property udpIdleTimeoutSec

public udpIdleTimeoutSec: pulumi.Output<number | undefined>;

Timeout (in seconds) for UDP connections. Defaults to 30s if not set.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RouterPeer

class RouterPeer extends CustomResource

BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.

To get more information about RouterBgpPeer, see:

Example Usage - Router Peer Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const peer = new gcp.compute.RouterPeer("peer", {
    advertisedRoutePriority: 100,
    interface: "interface-1",
    peerAsn: 65513,
    peerIpAddress: "169.254.1.2",
    region: "us-central1",
    router: "my-router",
});

constructor

new RouterPeer(name: string, args: RouterPeerArgs, opts?: pulumi.CustomResourceOptions)

Create a RouterPeer resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RouterPeerState, opts?: pulumi.CustomResourceOptions): RouterPeer

Get an existing RouterPeer resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RouterPeer

Returns true if the given object is an instance of RouterPeer. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property advertiseMode

public advertiseMode: pulumi.Output<string | undefined>;

User-specified flag to indicate which mode to use for advertisement. Valid values of this enum field are: DEFAULT, CUSTOM

property advertisedGroups

public advertisedGroups: pulumi.Output<string[] | undefined>;

User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: * ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. * ALL_VPC_SUBNETS: Advertises the router’s own VPC subnets. * ALL_PEER_VPC_SUBNETS: Advertises peer subnets of the router’s VPC network.

property advertisedIpRanges

public advertisedIpRanges: pulumi.Output<RouterPeerAdvertisedIpRange[] | undefined>;

User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges. Structure is documented below.

property advertisedRoutePriority

public advertisedRoutePriority: pulumi.Output<number | undefined>;

The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property interface

public interface: pulumi.Output<string>;

Name of the interface the BGP peer is associated with.

property ipAddress

public ipAddress: pulumi.Output<string>;

IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.

property managementType

public managementType: pulumi.Output<string>;

The resource that configures and manages this BGP peer. * ‘MANAGED_BY_USER’ is the default value and can be managed by you or other users * ‘MANAGED_BY_ATTACHMENT’ is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.

property name

public name: pulumi.Output<string>;

Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property peerAsn

public peerAsn: pulumi.Output<number>;

Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.

property peerIpAddress

public peerIpAddress: pulumi.Output<string>;

IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

Region where the router and BgpPeer reside. If it is not provided, the provider region is used.

property router

public router: pulumi.Output<string>;

The name of the Cloud Router in which this BgpPeer will be configured.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SecurityPolicy

class SecurityPolicy extends CustomResource

A Security Policy defines an IP blacklist or whitelist that protects load balanced Google Cloud services by denying or permitting traffic from specified IP ranges. For more information see the official documentation and the API.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const policy = new gcp.compute.SecurityPolicy("policy", {
    rules: [
        {
            action: "deny(403)",
            description: "Deny access to IPs in 9.9.9.0/24",
            match: {
                config: {
                    srcIpRanges: ["9.9.9.0/24"],
                },
                versionedExpr: "SRC_IPS_V1",
            },
            priority: 1000,
        },
        {
            action: "allow",
            description: "default rule",
            match: {
                config: {
                    srcIpRanges: ["*"],
                },
                versionedExpr: "SRC_IPS_V1",
            },
            priority: 2147483647,
        },
    ],
});

constructor

new SecurityPolicy(name: string, args?: SecurityPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a SecurityPolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SecurityPolicyState, opts?: pulumi.CustomResourceOptions): SecurityPolicy

Get an existing SecurityPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is SecurityPolicy

Returns true if the given object is an instance of SecurityPolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this rule. Max size is 64.

property fingerprint

public fingerprint: pulumi.Output<string>;

Fingerprint of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the security policy.

property project

public project: pulumi.Output<string>;

The project in which the resource belongs. If it is not provided, the provider project is used.

property rules

public rules: pulumi.Output<SecurityPolicyRule[]>;

The set of rules that belong to this policy. There must always be a default rule (rule with priority 2147483647 and match “*”). If no rules are provided when creating a security policy, a default rule with action “allow” will be added. Structure is documented below.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SecurityScanConfig

class SecurityScanConfig extends CustomResource

A ScanConfig resource contains the configurations to launch a scan.

To get more information about ScanConfig, see:

Warning: All arguments including authentication.google_account.password and authentication.custom_account.password will be stored in the raw state as plain-text.Read more about secrets in state

Example Usage - Scan Config Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const scannerStaticIp = new gcp.compute.Address("scannerStaticIp", {});
const scanConfig = new gcp.compute.SecurityScanConfig("scan-config", {
    displayName: "scan-config",
    startingUrls: [pulumi.interpolate`http://${scannerStaticIp.address}`],
    targetPlatforms: ["COMPUTE"],
});

constructor

new SecurityScanConfig(name: string, args: SecurityScanConfigArgs, opts?: pulumi.CustomResourceOptions)

Create a SecurityScanConfig resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SecurityScanConfigState, opts?: pulumi.CustomResourceOptions): SecurityScanConfig

Get an existing SecurityScanConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is SecurityScanConfig

Returns true if the given object is an instance of SecurityScanConfig. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property authentication

public authentication: pulumi.Output<SecurityScanConfigAuthentication | undefined>;

The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.

property blacklistPatterns

public blacklistPatterns: pulumi.Output<string[] | undefined>;

The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls

property displayName

public displayName: pulumi.Output<string>;

The user provider display name of the ScanConfig.

property exportToSecurityCommandCenter

public exportToSecurityCommandCenter: pulumi.Output<string | undefined>;

Controls export of scan configurations and results to Cloud Security Command Center.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property maxQps

public maxQps: pulumi.Output<number | undefined>;

The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.

property name

public name: pulumi.Output<string>;

A server defined name for this index. Format: ‘projects/{{project}}/scanConfigs/{{server_generated_id}}’

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property schedule

public schedule: pulumi.Output<SecurityScanConfigSchedule | undefined>;

The schedule of the ScanConfig Structure is documented below.

property startingUrls

public startingUrls: pulumi.Output<string[]>;

The starting URLs from which the scanner finds site pages.

property targetPlatforms

public targetPlatforms: pulumi.Output<string[] | undefined>;

Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userAgent

public userAgent: pulumi.Output<string | undefined>;

Type of the user agents used for scanning

Resource SharedVPCHostProject

class SharedVPCHostProject extends CustomResource

Enables the Google Compute Engine Shared VPC feature for a project, assigning it as a Shared VPC host project.

For more information, see, the Project API documentation, where the Shared VPC feature is referred to by its former name “XPN”.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

// A host project provides network resources to associated service projects.
const host = new gcp.compute.SharedVPCHostProject("host", {project: "host-project-id"});
// A service project gains access to network resources provided by its
// associated host project.
const service1 = new gcp.compute.SharedVPCServiceProject("service1", {
    hostProject: host.project,
    serviceProject: "service-project-id-1",
});
const service2 = new gcp.compute.SharedVPCServiceProject("service2", {
    hostProject: host.project,
    serviceProject: "service-project-id-2",
});

constructor

new SharedVPCHostProject(name: string, args: SharedVPCHostProjectArgs, opts?: pulumi.CustomResourceOptions)

Create a SharedVPCHostProject resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SharedVPCHostProjectState, opts?: pulumi.CustomResourceOptions): SharedVPCHostProject

Get an existing SharedVPCHostProject resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is SharedVPCHostProject

Returns true if the given object is an instance of SharedVPCHostProject. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property project

public project: pulumi.Output<string>;

The ID of the project that will serve as a Shared VPC host project

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SharedVPCServiceProject

class SharedVPCServiceProject extends CustomResource

Enables the Google Compute Engine Shared VPC feature for a project, assigning it as a Shared VPC service project associated with a given host project.

For more information, see, the Project API documentation, where the Shared VPC feature is referred to by its former name “XPN”.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const service1 = new gcp.compute.SharedVPCServiceProject("service1", {
    hostProject: "host-project-id",
    serviceProject: "service-project-id-1",
});

constructor

new SharedVPCServiceProject(name: string, args: SharedVPCServiceProjectArgs, opts?: pulumi.CustomResourceOptions)

Create a SharedVPCServiceProject resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SharedVPCServiceProjectState, opts?: pulumi.CustomResourceOptions): SharedVPCServiceProject

Get an existing SharedVPCServiceProject resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is SharedVPCServiceProject

Returns true if the given object is an instance of SharedVPCServiceProject. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property hostProject

public hostProject: pulumi.Output<string>;

The ID of a host project to associate.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property serviceProject

public serviceProject: pulumi.Output<string>;

The ID of the project that will serve as a Shared VPC service project.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Snapshot

class Snapshot extends CustomResource

Represents a Persistent Disk Snapshot resource.

Use snapshots to back up data from your persistent disks. Snapshots are different from public images and custom images, which are used primarily to create instances or configure instance templates. Snapshots are useful for periodic backup of the data on your persistent disks. You can create snapshots from persistent disks even while they are attached to running instances.

Snapshots are incremental, so you can create regular snapshots on a persistent disk faster and at a much lower cost than if you regularly created a full image of the disk.

To get more information about Snapshot, see:

Warning: All arguments including snapshot_encryption_key.raw_key and source_disk_encryption_key.raw_key will be stored in the raw state as plain-text. Read more about secrets in state.

Example Usage - Snapshot Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const debian = gcp.compute.getImage({
    family: "debian-9",
    project: "debian-cloud",
});
const persistent = new gcp.compute.Disk("persistent", {
    image: debian.then(debian => debian.selfLink),
    size: 10,
    type: "pd-ssd",
    zone: "us-central1-a",
});
const snapshot = new gcp.compute.Snapshot("snapshot", {
    sourceDisk: persistent.name,
    zone: "us-central1-a",
    labels: {
        my_label: "value",
    },
});

constructor

new Snapshot(name: string, args: SnapshotArgs, opts?: pulumi.CustomResourceOptions)

Create a Snapshot resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SnapshotState, opts?: pulumi.CustomResourceOptions): Snapshot

Get an existing Snapshot resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Snapshot

Returns true if the given object is an instance of Snapshot. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property diskSizeGb

public diskSizeGb: pulumi.Output<number>;

Size of the snapshot, specified in GB.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;

Labels to apply to this Snapshot.

property licenses

public licenses: pulumi.Output<string[]>;

A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image). snapshotEncryptionKey nested object Encrypts the snapshot using a customer-supplied encryption key.

property name

public name: pulumi.Output<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property snapshotEncryptionKey

public snapshotEncryptionKey: pulumi.Output<SnapshotSnapshotEncryptionKey | undefined>;

The customer-supplied encryption key of the snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

property snapshotId

public snapshotId: pulumi.Output<number>;

The unique identifier for the resource.

property sourceDisk

public sourceDisk: pulumi.Output<string>;

A reference to the disk used to create this snapshot.

property sourceDiskEncryptionKey

public sourceDiskEncryptionKey: pulumi.Output<SnapshotSourceDiskEncryptionKey | undefined>;

The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

public sourceDiskLink: pulumi.Output<string>;

property storageBytes

public storageBytes: pulumi.Output<number>;

A size of the the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;

A reference to the zone where the disk is hosted.

Resource SSLCertificate

class SSLCertificate extends CustomResource

An SslCertificate resource, used for HTTPS load balancing. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user.

To get more information about SslCertificate, see:

Warning: All arguments including certificate and privateKey will be stored in the raw state as plain-text. Read more about secrets in state.

Example Usage - Ssl Certificate Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * from "fs";

const _default = new gcp.compute.SSLCertificate("default", {
    namePrefix: "my-certificate-",
    description: "a description",
    privateKey: fs.readFileSync("path/to/private.key"),
    certificate: fs.readFileSync("path/to/certificate.crt"),
});

Example Usage - Ssl Certificate Target Https Proxies

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * from "fs";

// Using with Target HTTPS Proxies
//
// SSL certificates cannot be updated after creation. In order to apply
// the specified configuration, the provider will destroy the existing
// resource and create a replacement. Example:
const defaultSSLCertificate = new gcp.compute.SSLCertificate("defaultSSLCertificate", {
    namePrefix: "my-certificate-",
    privateKey: fs.readFileSync("path/to/private.key"),
    certificate: fs.readFileSync("path/to/certificate.crt"),
});
const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("defaultHttpHealthCheck", {
    requestPath: "/",
    checkIntervalSec: 1,
    timeoutSec: 1,
});
const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", {
    portName: "http",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [defaultHttpHealthCheck.id],
});
const defaultURLMap = new gcp.compute.URLMap("defaultURLMap", {
    description: "a description",
    defaultService: defaultBackendService.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: defaultBackendService.id,
        path_rule: [{
            paths: ["/*"],
            service: defaultBackendService.id,
        }],
    }],
});
const defaultTargetHttpsProxy = new gcp.compute.TargetHttpsProxy("defaultTargetHttpsProxy", {
    urlMap: defaultURLMap.id,
    sslCertificates: [defaultSSLCertificate.id],
});

constructor

new SSLCertificate(name: string, args: SSLCertificateArgs, opts?: pulumi.CustomResourceOptions)

Create a SSLCertificate resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SSLCertificateState, opts?: pulumi.CustomResourceOptions): SSLCertificate

Get an existing SSLCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is SSLCertificate

Returns true if the given object is an instance of SSLCertificate. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property certificate

public certificate: pulumi.Output<string>;

The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.

property certificateId

public certificateId: pulumi.Output<number>;

The unique identifier for the resource.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property namePrefix

public namePrefix: pulumi.Output<string>;

Creates a unique name beginning with the specified prefix. Conflicts with name.

property privateKey

public privateKey: pulumi.Output<string>;

The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SSLPolicy

class SSLPolicy extends CustomResource

Represents a SSL policy. SSL policies give you the ability to control the features of SSL that your SSL proxy or HTTPS load balancer negotiates.

To get more information about SslPolicy, see:

Example Usage - Ssl Policy Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const prodSslPolicy = new gcp.compute.SSLPolicy("prod-ssl-policy", {
    profile: "MODERN",
});
const nonprodSslPolicy = new gcp.compute.SSLPolicy("nonprod-ssl-policy", {
    minTlsVersion: "TLS_1_2",
    profile: "MODERN",
});
const customSslPolicy = new gcp.compute.SSLPolicy("custom-ssl-policy", {
    customFeatures: [
        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
    ],
    minTlsVersion: "TLS_1_2",
    profile: "CUSTOM",
});

constructor

new SSLPolicy(name: string, args?: SSLPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a SSLPolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SSLPolicyState, opts?: pulumi.CustomResourceOptions): SSLPolicy

Get an existing SSLPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is SSLPolicy

Returns true if the given object is an instance of SSLPolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property customFeatures

public customFeatures: pulumi.Output<string[] | undefined>;

Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property enabledFeatures

public enabledFeatures: pulumi.Output<string[]>;

The list of features enabled in the SSL policy.

property fingerprint

public fingerprint: pulumi.Output<string>;

Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property minTlsVersion

public minTlsVersion: pulumi.Output<string | undefined>;

The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property profile

public profile: pulumi.Output<string | undefined>;

Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the customFeatures attribute must be set.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Subnetwork

class Subnetwork extends CustomResource

A VPC network is a virtual version of the traditional physical networks that exist within and between physical data centers. A VPC network provides connectivity for your Compute Engine virtual machine (VM) instances, Container Engine containers, App Engine Flex services, and other network-related resources.

Each GCP project contains one or more VPC networks. Each VPC network is a global entity spanning all GCP regions. This global VPC network allows VM instances and other resources to communicate with each other via internal, private IP addresses.

Each VPC network is subdivided into subnets, and each subnet is contained within a single region. You can have more than one subnet in a region for a given VPC network. Each subnet has a contiguous private RFC1918 IP space. You create instances, containers, and the like in these subnets. When you create an instance, you must create it in a subnet, and the instance draws its internal IP address from that subnet.

Virtual machine (VM) instances in a VPC network can communicate with instances in all other subnets of the same VPC network, regardless of region, using their RFC1918 private IP addresses. You can isolate portions of the network, even entire subnets, using firewall rules.

To get more information about Subnetwork, see:

Example Usage - Subnetwork Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const customTest = new gcp.compute.Network("custom-test", {autoCreateSubnetworks: false});
const networkWithPrivateSecondaryIpRanges = new gcp.compute.Subnetwork("network-with-private-secondary-ip-ranges", {
    ipCidrRange: "10.2.0.0/16",
    region: "us-central1",
    network: custom_test.id,
    secondary_ip_range: [{
        rangeName: "tf-test-secondary-range-update1",
        ipCidrRange: "192.168.10.0/24",
    }],
});

Example Usage - Subnetwork Logging Config

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const customTest = new gcp.compute.Network("custom-test", {autoCreateSubnetworks: false});
const subnetWithLogging = new gcp.compute.Subnetwork("subnet-with-logging", {
    ipCidrRange: "10.2.0.0/16",
    region: "us-central1",
    network: custom_test.id,
    log_config: {
        aggregationInterval: "INTERVAL_10_MIN",
        flowSampling: 0.5,
        metadata: "INCLUDE_ALL_METADATA",
    },
});

Example Usage - Subnetwork Internal L7lb

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const customTest = new gcp.compute.Network("custom-test", {autoCreateSubnetworks: false});
const networkForL7lb = new gcp.compute.Subnetwork("network-for-l7lb", {
    ipCidrRange: "10.0.0.0/22",
    region: "us-central1",
    purpose: "INTERNAL_HTTPS_LOAD_BALANCER",
    role: "ACTIVE",
    network: custom_test.id,
});

constructor

new Subnetwork(name: string, args: SubnetworkArgs, opts?: pulumi.CustomResourceOptions)

Create a Subnetwork resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SubnetworkState, opts?: pulumi.CustomResourceOptions): Subnetwork

Get an existing Subnetwork resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Subnetwork

Returns true if the given object is an instance of Subnetwork. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.

property fingerprint

DEPRECATED This field is not useful for users, and has been removed as an output.
public fingerprint: pulumi.Output<string>;

Fingerprint of this resource. This field is used internally during updates of this resource.

property gatewayAddress

public gatewayAddress: pulumi.Output<string>;

The gateway address for default routes to reach destination addresses outside this subnetwork.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipCidrRange

public ipCidrRange: pulumi.Output<string>;

The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported.

property logConfig

public logConfig: pulumi.Output<SubnetworkLogConfig | undefined>;

Denotes the logging options for the subnetwork flow logs. If logging is enabled logs will be exported to Stackdriver. This field cannot be set if the purpose of this subnetwork is INTERNAL_HTTPS_LOAD_BALANCER Structure is documented below.

property name

public name: pulumi.Output<string>;

The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

public network: pulumi.Output<string>;

The network this subnet belongs to. Only networks that are in the distributed mode can have subnetworks.

property privateIpGoogleAccess

public privateIpGoogleAccess: pulumi.Output<boolean | undefined>;

When enabled, VMs in this subnetwork without external IP addresses can access Google APIs and services by using Private Google Access.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property purpose

public purpose: pulumi.Output<string>;

The purpose of the resource. This field can be either PRIVATE or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE. If set to INTERNAL_HTTPS_LOAD_BALANCER you must also set the role.

property region

public region: pulumi.Output<string>;

URL of the GCP region for this subnetwork.

property role

public role: pulumi.Output<string | undefined>;

The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining.

property secondaryIpRanges

public secondaryIpRanges: pulumi.Output<SubnetworkSecondaryIpRange[]>;

An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange of the subnetwork. The alias IPs may belong to either primary or secondary ranges. Structure is documented below.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SubnetworkIAMBinding

class SubnetworkIAMBinding extends CustomResource

Three different resources help you manage your IAM policy for Compute Engine Subnetwork. Each of these resources serves a different use case:

  • gcp.compute.SubnetworkIAMPolicy: Authoritative. Sets the IAM policy for the subnetwork and replaces any existing policy already attached.
  • gcp.compute.SubnetworkIAMBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the subnetwork are preserved.
  • gcp.compute.SubnetworkIAMMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the subnetwork are preserved.

Note: gcp.compute.SubnetworkIAMPolicy cannot be used in conjunction with gcp.compute.SubnetworkIAMBinding and gcp.compute.SubnetworkIAMMember or they will fight over what your policy should be.

Note: gcp.compute.SubnetworkIAMBinding resources can be used in conjunction with gcp.compute.SubnetworkIAMMember resources only if they do not grant privilege to the same role.

google_compute_subnetwork_iam_policy

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/compute.networkUser",
        members: ["user:jane@example.com"],
    }],
});
const policy = new gcp.compute.SubnetworkIAMPolicy("policy", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    policyData: admin.then(admin => admin.policyData),
});

With IAM Conditions:

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/compute.networkUser",
        members: ["user:jane@example.com"],
        condition: {
            title: "expiresAfter20191231",
            description: "Expiring at midnight of 2019-12-31",
            expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
        },
    }],
});
const policy = new gcp.compute.SubnetworkIAMPolicy("policy", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    policyData: admin.then(admin => admin.policyData),
});

google_compute_subnetwork_iam_binding

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.compute.SubnetworkIAMBinding("binding", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    members: ["user:jane@example.com"],
});

With IAM Conditions:

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.compute.SubnetworkIAMBinding("binding", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    members: ["user:jane@example.com"],
    condition: {
        title: "expiresAfter20191231",
        description: "Expiring at midnight of 2019-12-31",
        expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
    },
});

google_compute_subnetwork_iam_member

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.compute.SubnetworkIAMMember("member", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    member: "user:jane@example.com",
});

With IAM Conditions:

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.compute.SubnetworkIAMMember("member", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    member: "user:jane@example.com",
    condition: {
        title: "expiresAfter20191231",
        description: "Expiring at midnight of 2019-12-31",
        expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
    },
});

constructor

new SubnetworkIAMBinding(name: string, args: SubnetworkIAMBindingArgs, opts?: pulumi.CustomResourceOptions)

Create a SubnetworkIAMBinding resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SubnetworkIAMBindingState, opts?: pulumi.CustomResourceOptions): SubnetworkIAMBinding

Get an existing SubnetworkIAMBinding resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is SubnetworkIAMBinding

Returns true if the given object is an instance of SubnetworkIAMBinding. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property condition

public condition: pulumi.Output<SubnetworkIAMBindingCondition | undefined>;

) An IAM Condition for a given binding. Structure is documented below.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property members

public members: pulumi.Output<string[]>;

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property region

public region: pulumi.Output<string>;

URL of the GCP region for this subnetwork. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no region is specified, it is taken from the provider configuration.

property role

public role: pulumi.Output<string>;

The role that should be applied. Only one gcp.compute.SubnetworkIAMBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property subnetwork

public subnetwork: pulumi.Output<string>;

Used to find the parent resource to bind the IAM policy to

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SubnetworkIAMMember

class SubnetworkIAMMember extends CustomResource

Three different resources help you manage your IAM policy for Compute Engine Subnetwork. Each of these resources serves a different use case:

  • gcp.compute.SubnetworkIAMPolicy: Authoritative. Sets the IAM policy for the subnetwork and replaces any existing policy already attached.
  • gcp.compute.SubnetworkIAMBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the subnetwork are preserved.
  • gcp.compute.SubnetworkIAMMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the subnetwork are preserved.

Note: gcp.compute.SubnetworkIAMPolicy cannot be used in conjunction with gcp.compute.SubnetworkIAMBinding and gcp.compute.SubnetworkIAMMember or they will fight over what your policy should be.

Note: gcp.compute.SubnetworkIAMBinding resources can be used in conjunction with gcp.compute.SubnetworkIAMMember resources only if they do not grant privilege to the same role.

google_compute_subnetwork_iam_policy

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/compute.networkUser",
        members: ["user:jane@example.com"],
    }],
});
const policy = new gcp.compute.SubnetworkIAMPolicy("policy", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    policyData: admin.then(admin => admin.policyData),
});

With IAM Conditions:

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/compute.networkUser",
        members: ["user:jane@example.com"],
        condition: {
            title: "expiresAfter20191231",
            description: "Expiring at midnight of 2019-12-31",
            expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
        },
    }],
});
const policy = new gcp.compute.SubnetworkIAMPolicy("policy", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    policyData: admin.then(admin => admin.policyData),
});

google_compute_subnetwork_iam_binding

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.compute.SubnetworkIAMBinding("binding", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    members: ["user:jane@example.com"],
});

With IAM Conditions:

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.compute.SubnetworkIAMBinding("binding", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    members: ["user:jane@example.com"],
    condition: {
        title: "expiresAfter20191231",
        description: "Expiring at midnight of 2019-12-31",
        expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
    },
});

google_compute_subnetwork_iam_member

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.compute.SubnetworkIAMMember("member", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    member: "user:jane@example.com",
});

With IAM Conditions:

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.compute.SubnetworkIAMMember("member", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    member: "user:jane@example.com",
    condition: {
        title: "expiresAfter20191231",
        description: "Expiring at midnight of 2019-12-31",
        expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
    },
});

constructor

new SubnetworkIAMMember(name: string, args: SubnetworkIAMMemberArgs, opts?: pulumi.CustomResourceOptions)

Create a SubnetworkIAMMember resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SubnetworkIAMMemberState, opts?: pulumi.CustomResourceOptions): SubnetworkIAMMember

Get an existing SubnetworkIAMMember resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is SubnetworkIAMMember

Returns true if the given object is an instance of SubnetworkIAMMember. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property condition

public condition: pulumi.Output<SubnetworkIAMMemberCondition | undefined>;

) An IAM Condition for a given binding. Structure is documented below.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property member

public member: pulumi.Output<string>;

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property region

public region: pulumi.Output<string>;

URL of the GCP region for this subnetwork. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no region is specified, it is taken from the provider configuration.

property role

public role: pulumi.Output<string>;

The role that should be applied. Only one gcp.compute.SubnetworkIAMBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property subnetwork

public subnetwork: pulumi.Output<string>;

Used to find the parent resource to bind the IAM policy to

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SubnetworkIAMPolicy

class SubnetworkIAMPolicy extends CustomResource

Three different resources help you manage your IAM policy for Compute Engine Subnetwork. Each of these resources serves a different use case:

  • gcp.compute.SubnetworkIAMPolicy: Authoritative. Sets the IAM policy for the subnetwork and replaces any existing policy already attached.
  • gcp.compute.SubnetworkIAMBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the subnetwork are preserved.
  • gcp.compute.SubnetworkIAMMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the subnetwork are preserved.

Note: gcp.compute.SubnetworkIAMPolicy cannot be used in conjunction with gcp.compute.SubnetworkIAMBinding and gcp.compute.SubnetworkIAMMember or they will fight over what your policy should be.

Note: gcp.compute.SubnetworkIAMBinding resources can be used in conjunction with gcp.compute.SubnetworkIAMMember resources only if they do not grant privilege to the same role.

google_compute_subnetwork_iam_policy

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/compute.networkUser",
        members: ["user:jane@example.com"],
    }],
});
const policy = new gcp.compute.SubnetworkIAMPolicy("policy", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    policyData: admin.then(admin => admin.policyData),
});

With IAM Conditions:

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/compute.networkUser",
        members: ["user:jane@example.com"],
        condition: {
            title: "expiresAfter20191231",
            description: "Expiring at midnight of 2019-12-31",
            expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
        },
    }],
});
const policy = new gcp.compute.SubnetworkIAMPolicy("policy", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    policyData: admin.then(admin => admin.policyData),
});

google_compute_subnetwork_iam_binding

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.compute.SubnetworkIAMBinding("binding", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    members: ["user:jane@example.com"],
});

With IAM Conditions:

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.compute.SubnetworkIAMBinding("binding", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    members: ["user:jane@example.com"],
    condition: {
        title: "expiresAfter20191231",
        description: "Expiring at midnight of 2019-12-31",
        expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
    },
});

google_compute_subnetwork_iam_member

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.compute.SubnetworkIAMMember("member", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    member: "user:jane@example.com",
});

With IAM Conditions:

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.compute.SubnetworkIAMMember("member", {
    project: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].project,
    region: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].region,
    subnetwork: google_compute_subnetwork["network-with-private-secondary-ip-ranges"].name,
    role: "roles/compute.networkUser",
    member: "user:jane@example.com",
    condition: {
        title: "expiresAfter20191231",
        description: "Expiring at midnight of 2019-12-31",
        expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
    },
});

constructor

new SubnetworkIAMPolicy(name: string, args: SubnetworkIAMPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a SubnetworkIAMPolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SubnetworkIAMPolicyState, opts?: pulumi.CustomResourceOptions): SubnetworkIAMPolicy

Get an existing SubnetworkIAMPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is SubnetworkIAMPolicy

Returns true if the given object is an instance of SubnetworkIAMPolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property policyData

public policyData: pulumi.Output<string>;

The policy data generated by a gcp.organizations.getIAMPolicy data source.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property region

public region: pulumi.Output<string>;

URL of the GCP region for this subnetwork. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no region is specified, it is taken from the provider configuration.

property subnetwork

public subnetwork: pulumi.Output<string>;

Used to find the parent resource to bind the IAM policy to

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource TargetHttpProxy

class TargetHttpProxy extends CustomResource

Represents a TargetHttpProxy resource, which is used by one or more global forwarding rule to route incoming HTTP requests to a URL map.

To get more information about TargetHttpProxy, see:

Example Usage - Target Http Proxy Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("defaultHttpHealthCheck", {
    requestPath: "/",
    checkIntervalSec: 1,
    timeoutSec: 1,
});
const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", {
    portName: "http",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [defaultHttpHealthCheck.id],
});
const defaultURLMap = new gcp.compute.URLMap("defaultURLMap", {
    defaultService: defaultBackendService.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: defaultBackendService.id,
        path_rule: [{
            paths: ["/*"],
            service: defaultBackendService.id,
        }],
    }],
});
const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("defaultTargetHttpProxy", {urlMap: defaultURLMap.id});

Example Usage - Target Http Proxy Https Redirect

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultURLMap = new gcp.compute.URLMap("defaultURLMap", {default_url_redirect: {
    httpsRedirect: true,
    stripQuery: false,
}});
const defaultTargetHttpProxy = new gcp.compute.TargetHttpProxy("defaultTargetHttpProxy", {urlMap: defaultURLMap.selfLink});

constructor

new TargetHttpProxy(name: string, args: TargetHttpProxyArgs, opts?: pulumi.CustomResourceOptions)

Create a TargetHttpProxy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: TargetHttpProxyState, opts?: pulumi.CustomResourceOptions): TargetHttpProxy

Get an existing TargetHttpProxy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is TargetHttpProxy

Returns true if the given object is an instance of TargetHttpProxy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyId

public proxyId: pulumi.Output<number>;

The unique identifier for the resource.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urlMap

public urlMap: pulumi.Output<string>;

A reference to the UrlMap resource that defines the mapping from URL to the BackendService.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource TargetHttpsProxy

class TargetHttpsProxy extends CustomResource

Represents a TargetHttpsProxy resource, which is used by one or more global forwarding rule to route incoming HTTPS requests to a URL map.

To get more information about TargetHttpsProxy, see:

Example Usage - Target Https Proxy Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * from "fs";

const defaultSSLCertificate = new gcp.compute.SSLCertificate("defaultSSLCertificate", {
    privateKey: fs.readFileSync("path/to/private.key"),
    certificate: fs.readFileSync("path/to/certificate.crt"),
});
const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("defaultHttpHealthCheck", {
    requestPath: "/",
    checkIntervalSec: 1,
    timeoutSec: 1,
});
const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", {
    portName: "http",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [defaultHttpHealthCheck.id],
});
const defaultURLMap = new gcp.compute.URLMap("defaultURLMap", {
    description: "a description",
    defaultService: defaultBackendService.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: defaultBackendService.id,
        path_rule: [{
            paths: ["/*"],
            service: defaultBackendService.id,
        }],
    }],
});
const defaultTargetHttpsProxy = new gcp.compute.TargetHttpsProxy("defaultTargetHttpsProxy", {
    urlMap: defaultURLMap.id,
    sslCertificates: [defaultSSLCertificate.id],
});

constructor

new TargetHttpsProxy(name: string, args: TargetHttpsProxyArgs, opts?: pulumi.CustomResourceOptions)

Create a TargetHttpsProxy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: TargetHttpsProxyState, opts?: pulumi.CustomResourceOptions): TargetHttpsProxy

Get an existing TargetHttpsProxy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is TargetHttpsProxy

Returns true if the given object is an instance of TargetHttpsProxy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyId

public proxyId: pulumi.Output<number>;

The unique identifier for the resource.

property quicOverride

public quicOverride: pulumi.Output<string | undefined>;

Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with no user overrides, which is equivalent to DISABLE.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property sslCertificates

public sslCertificates: pulumi.Output<string[]>;

A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified.

property sslPolicy

public sslPolicy: pulumi.Output<string | undefined>;

A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.

property urlMap

public urlMap: pulumi.Output<string>;

A reference to the UrlMap resource that defines the mapping from URL to the BackendService.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource TargetInstance

class TargetInstance extends CustomResource

Represents a TargetInstance resource which defines an endpoint instance that terminates traffic of certain protocols. In particular, they are used in Protocol Forwarding, where forwarding rules can send packets to a non-NAT’ed target instance. Each target instance contains a single virtual machine instance that receives and handles traffic from the corresponding forwarding rules.

To get more information about TargetInstance, see:

Example Usage - Target Instance Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const vmimage = gcp.compute.getImage({
    family: "debian-9",
    project: "debian-cloud",
});
const targetVm = new gcp.compute.Instance("target-vm", {
    machineType: "n1-standard-1",
    zone: "us-central1-a",
    boot_disk: {
        initialize_params: {
            image: vmimage.then(vmimage => vmimage.selfLink),
        },
    },
    network_interface: [{
        network: "default",
    }],
});
const _default = new gcp.compute.TargetInstance("default", {instance: target_vm.id});

constructor

new TargetInstance(name: string, args: TargetInstanceArgs, opts?: pulumi.CustomResourceOptions)

Create a TargetInstance resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: TargetInstanceState, opts?: pulumi.CustomResourceOptions): TargetInstance

Get an existing TargetInstance resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is TargetInstance

Returns true if the given object is an instance of TargetInstance. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instance

public instance: pulumi.Output<string>;

The Compute instance VM handling traffic for this target instance. Accepts the instance self-link, relative path (e.g. projects/project/zones/zone/instances/instance) or name. If name is given, the zone will default to the given zone or the provider-default zone and the project will default to the provider-level project.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property natPolicy

public natPolicy: pulumi.Output<string | undefined>;

NAT option controlling how IPs are NAT’ed to the instance. Currently only NO_NAT (default value) is supported.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property zone

public zone: pulumi.Output<string>;

URL of the zone where the target instance resides.

Resource TargetPool

class TargetPool extends CustomResource

Manages a Target Pool within GCE. This is a collection of instances used as target of a network load balancer (Forwarding Rule). For more information see the official documentation and API.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("defaultHttpHealthCheck", {
    requestPath: "/",
    checkIntervalSec: 1,
    timeoutSec: 1,
});
const defaultTargetPool = new gcp.compute.TargetPool("defaultTargetPool", {
    instances: [
        "us-central1-a/myinstance1",
        "us-central1-b/myinstance2",
    ],
    healthChecks: [defaultHttpHealthCheck.name],
});

constructor

new TargetPool(name: string, args?: TargetPoolArgs, opts?: pulumi.CustomResourceOptions)

Create a TargetPool resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: TargetPoolState, opts?: pulumi.CustomResourceOptions): TargetPool

Get an existing TargetPool resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is TargetPool

Returns true if the given object is an instance of TargetPool. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property backupPool

public backupPool: pulumi.Output<string | undefined>;

URL to the backup target pool. Must also set failover_ratio.

property description

public description: pulumi.Output<string | undefined>;

Textual description field.

property failoverRatio

public failoverRatio: pulumi.Output<number | undefined>;

Ratio (0 to 1) of failed nodes before using the backup pool (which must also be set).

property healthChecks

public healthChecks: pulumi.Output<string | undefined>;

List of zero or one health check name or self_link. Only legacy gcp.compute.HttpHealthCheck is supported.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instances

public instances: pulumi.Output<string[]>;

List of instances in the pool. They can be given as URLs, or in the form of “zone/name”. Note that the instances need not exist at the time of target pool creation, so there is no need to use the interpolation to create a dependency on the instances from the target pool.

property name

public name: pulumi.Output<string>;

A unique name for the resource, required by GCE. Changing this forces a new resource to be created.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

Where the target pool resides. Defaults to project region.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property sessionAffinity

public sessionAffinity: pulumi.Output<string | undefined>;

How to distribute load. Options are “NONE” (no affinity). “CLIENT_IP” (hash of the source/dest addresses / ports), and “CLIENT_IP_PROTO” also includes the protocol (default “NONE”).

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource TargetSSLProxy

class TargetSSLProxy extends CustomResource

Represents a TargetSslProxy resource, which is used by one or more global forwarding rule to route incoming SSL requests to a backend service.

To get more information about TargetSslProxy, see:

Example Usage - Target Ssl Proxy Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * from "fs";

const defaultSSLCertificate = new gcp.compute.SSLCertificate("defaultSSLCertificate", {
    privateKey: fs.readFileSync("path/to/private.key"),
    certificate: fs.readFileSync("path/to/certificate.crt"),
});
const defaultHealthCheck = new gcp.compute.HealthCheck("defaultHealthCheck", {
    checkIntervalSec: 1,
    timeoutSec: 1,
    tcp_health_check: {
        port: "443",
    },
});
const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", {
    protocol: "SSL",
    healthChecks: [defaultHealthCheck.id],
});
const defaultTargetSSLProxy = new gcp.compute.TargetSSLProxy("defaultTargetSSLProxy", {
    backendService: defaultBackendService.id,
    sslCertificates: [defaultSSLCertificate.id],
});

constructor

new TargetSSLProxy(name: string, args: TargetSSLProxyArgs, opts?: pulumi.CustomResourceOptions)

Create a TargetSSLProxy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: TargetSSLProxyState, opts?: pulumi.CustomResourceOptions): TargetSSLProxy

Get an existing TargetSSLProxy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is TargetSSLProxy

Returns true if the given object is an instance of TargetSSLProxy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property backendService

public backendService: pulumi.Output<string>;

A reference to the BackendService resource.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyHeader

public proxyHeader: pulumi.Output<string | undefined>;

Specifies the type of proxy header to append before sending data to the backend.

property proxyId

public proxyId: pulumi.Output<number>;

The unique identifier for the resource.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property sslCertificates

public sslCertificates: pulumi.Output<string>;

A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.

property sslPolicy

public sslPolicy: pulumi.Output<string | undefined>;

A reference to the SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource TargetTCPProxy

class TargetTCPProxy extends CustomResource

Represents a TargetTcpProxy resource, which is used by one or more global forwarding rule to route incoming TCP requests to a Backend service.

To get more information about TargetTcpProxy, see:

Example Usage - Target Tcp Proxy Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultHealthCheck = new gcp.compute.HealthCheck("defaultHealthCheck", {
    timeoutSec: 1,
    checkIntervalSec: 1,
    tcp_health_check: {
        port: "443",
    },
});
const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", {
    protocol: "TCP",
    timeoutSec: 10,
    healthChecks: [defaultHealthCheck.id],
});
const defaultTargetTCPProxy = new gcp.compute.TargetTCPProxy("defaultTargetTCPProxy", {backendService: defaultBackendService.id});

constructor

new TargetTCPProxy(name: string, args: TargetTCPProxyArgs, opts?: pulumi.CustomResourceOptions)

Create a TargetTCPProxy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: TargetTCPProxyState, opts?: pulumi.CustomResourceOptions): TargetTCPProxy

Get an existing TargetTCPProxy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is TargetTCPProxy

Returns true if the given object is an instance of TargetTCPProxy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property backendService

public backendService: pulumi.Output<string>;

A reference to the BackendService resource.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyHeader

public proxyHeader: pulumi.Output<string | undefined>;

Specifies the type of proxy header to append before sending data to the backend.

property proxyId

public proxyId: pulumi.Output<number>;

The unique identifier for the resource.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource URLMap

class URLMap extends CustomResource

UrlMaps are used to route requests to a backend service based on rules that you define for the host and path of an incoming URL.

To get more information about UrlMap, see:

Example Usage - Url Map Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.compute.HttpHealthCheck("default", {
    requestPath: "/",
    checkIntervalSec: 1,
    timeoutSec: 1,
});
const login = new gcp.compute.BackendService("login", {
    portName: "http",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
});
const home = new gcp.compute.BackendService("home", {
    portName: "http",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
});
const staticBucket = new gcp.storage.Bucket("staticBucket", {location: "US"});
const staticBackendBucket = new gcp.compute.BackendBucket("staticBackendBucket", {
    bucketName: staticBucket.name,
    enableCdn: true,
});
const urlmap = new gcp.compute.URLMap("urlmap", {
    description: "a description",
    defaultService: home.id,
    host_rule: [
        {
            hosts: ["mysite.com"],
            pathMatcher: "mysite",
        },
        {
            hosts: ["myothersite.com"],
            pathMatcher: "otherpaths",
        },
    ],
    path_matcher: [
        {
            name: "mysite",
            defaultService: home.id,
            path_rule: [
                {
                    paths: ["/home"],
                    service: home.id,
                },
                {
                    paths: ["/login"],
                    service: login.id,
                },
                {
                    paths: ["/static"],
                    service: staticBackendBucket.id,
                },
            ],
        },
        {
            name: "otherpaths",
            defaultService: home.id,
        },
    ],
    test: [{
        service: home.id,
        host: "hi.com",
        path: "/home",
    }],
});

Example Usage - Url Map Traffic Director Route

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.compute.HealthCheck("default", {http_health_check: {
    port: 80,
}});
const home = new gcp.compute.BackendService("home", {
    portName: "http",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
    loadBalancingScheme: "INTERNAL_SELF_MANAGED",
});
const urlmap = new gcp.compute.URLMap("urlmap", {
    description: "a description",
    defaultService: home.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: home.id,
        route_rules: [{
            priority: 1,
            header_action: {
                requestHeadersToRemoves: ["RemoveMe2"],
                request_headers_to_add: [{
                    headerName: "AddSomethingElse",
                    headerValue: "MyOtherValue",
                    replace: true,
                }],
                responseHeadersToRemoves: ["RemoveMe3"],
                response_headers_to_add: [{
                    headerName: "AddMe",
                    headerValue: "MyValue",
                    replace: false,
                }],
            },
            match_rules: [{
                fullPathMatch: "a full path",
                header_matches: [{
                    headerName: "someheader",
                    exactMatch: "match this exactly",
                    invertMatch: true,
                }],
                ignoreCase: true,
                metadata_filters: [{
                    filterMatchCriteria: "MATCH_ANY",
                    filter_labels: [{
                        name: "PLANET",
                        value: "MARS",
                    }],
                }],
                query_parameter_matches: [{
                    name: "a query parameter",
                    presentMatch: true,
                }],
            }],
            url_redirect: {
                hostRedirect: "A host",
                httpsRedirect: false,
                pathRedirect: "some/path",
                redirectResponseCode: "TEMPORARY_REDIRECT",
                stripQuery: true,
            },
        }],
    }],
    test: [{
        service: home.id,
        host: "hi.com",
        path: "/home",
    }],
});

Example Usage - Url Map Traffic Director Route Partial

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.compute.HealthCheck("default", {http_health_check: {
    port: 80,
}});
const home = new gcp.compute.BackendService("home", {
    portName: "http",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
    loadBalancingScheme: "INTERNAL_SELF_MANAGED",
});
const urlmap = new gcp.compute.URLMap("urlmap", {
    description: "a description",
    defaultService: home.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: home.id,
        route_rules: [{
            priority: 1,
            match_rules: [{
                prefixMatch: "/someprefix",
                header_matches: [{
                    headerName: "someheader",
                    exactMatch: "match this exactly",
                    invertMatch: true,
                }],
            }],
            url_redirect: {
                pathRedirect: "some/path",
                redirectResponseCode: "TEMPORARY_REDIRECT",
            },
        }],
    }],
    test: [{
        service: home.id,
        host: "hi.com",
        path: "/home",
    }],
});

Example Usage - Url Map Traffic Director Path

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.compute.HealthCheck("default", {http_health_check: {
    port: 80,
}});
const home = new gcp.compute.BackendService("home", {
    portName: "http",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
    loadBalancingScheme: "INTERNAL_SELF_MANAGED",
});
const urlmap = new gcp.compute.URLMap("urlmap", {
    description: "a description",
    defaultService: home.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: home.id,
        path_rule: [{
            paths: ["/home"],
            route_action: {
                cors_policy: {
                    allowCredentials: true,
                    allowHeaders: ["Allowed content"],
                    allowMethods: ["GET"],
                    allowOriginRegexes: ["abc.*"],
                    allowOrigins: ["Allowed origin"],
                    exposeHeaders: ["Exposed header"],
                    maxAge: 30,
                    disabled: false,
                },
                fault_injection_policy: {
                    abort: {
                        httpStatus: 234,
                        percentage: 5.6,
                    },
                    delay: {
                        fixed_delay: {
                            seconds: 0,
                            nanos: 50000,
                        },
                        percentage: 7.8,
                    },
                },
                request_mirror_policy: {
                    backendService: home.id,
                },
                retry_policy: {
                    numRetries: 4,
                    per_try_timeout: {
                        seconds: 30,
                    },
                    retryConditions: [
                        "5xx",
                        "deadline-exceeded",
                    ],
                },
                timeout: {
                    seconds: 20,
                    nanos: 750000000,
                },
                url_rewrite: {
                    hostRewrite: "A replacement header",
                    pathPrefixRewrite: "A replacement path",
                },
                weighted_backend_services: [{
                    backendService: home.id,
                    weight: 400,
                    header_action: {
                        requestHeadersToRemoves: ["RemoveMe"],
                        request_headers_to_add: [{
                            headerName: "AddMe",
                            headerValue: "MyValue",
                            replace: true,
                        }],
                        responseHeadersToRemoves: ["RemoveMe"],
                        response_headers_to_add: [{
                            headerName: "AddMe",
                            headerValue: "MyValue",
                            replace: false,
                        }],
                    },
                }],
            },
        }],
    }],
    test: [{
        service: home.id,
        host: "hi.com",
        path: "/home",
    }],
});

Example Usage - Url Map Traffic Director Path Partial

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.compute.HealthCheck("default", {http_health_check: {
    port: 80,
}});
const home = new gcp.compute.BackendService("home", {
    portName: "http",
    protocol: "HTTP",
    timeoutSec: 10,
    healthChecks: [_default.id],
    loadBalancingScheme: "INTERNAL_SELF_MANAGED",
});
const urlmap = new gcp.compute.URLMap("urlmap", {
    description: "a description",
    defaultService: home.id,
    host_rule: [{
        hosts: ["mysite.com"],
        pathMatcher: "allpaths",
    }],
    path_matcher: [{
        name: "allpaths",
        defaultService: home.id,
        path_rule: [{
            paths: ["/home"],
            route_action: {
                cors_policy: {
                    allowCredentials: true,
                    allowHeaders: ["Allowed content"],
                    allowMethods: ["GET"],
                    allowOriginRegexes: ["abc.*"],
                    allowOrigins: ["Allowed origin"],
                    exposeHeaders: ["Exposed header"],
                    maxAge: 30,
                    disabled: false,
                },
                weighted_backend_services: [{
                    backendService: home.id,
                    weight: 400,
                    header_action: {
                        requestHeadersToRemoves: ["RemoveMe"],
                        request_headers_to_add: [{
                            headerName: "AddMe",
                            headerValue: "MyValue",
                            replace: true,
                        }],
                        responseHeadersToRemoves: ["RemoveMe"],
                        response_headers_to_add: [{
                            headerName: "AddMe",
                            headerValue: "MyValue",
                            replace: false,
                        }],
                    },
                }],
            },
        }],
    }],
    test: [{
        service: home.id,
        host: "hi.com",
        path: "/home",
    }],
});

constructor

new URLMap(name: string, args?: URLMapArgs, opts?: pulumi.CustomResourceOptions)

Create a URLMap resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: URLMapState, opts?: pulumi.CustomResourceOptions): URLMap

Get an existing URLMap resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is URLMap

Returns true if the given object is an instance of URLMap. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property defaultService

public defaultService: pulumi.Output<string | undefined>;

The backend service or backend bucket to use when none of the given paths match.

property defaultUrlRedirect

public defaultUrlRedirect: pulumi.Output<URLMapDefaultUrlRedirect | undefined>;

When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Structure is documented below.

property description

public description: pulumi.Output<string | undefined>;

Description of this test case.

property fingerprint

public fingerprint: pulumi.Output<string>;

Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.

property headerAction

public headerAction: pulumi.Output<URLMapHeaderAction | undefined>;

Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Structure is documented below.

property hostRules

public hostRules: pulumi.Output<URLMapHostRule[] | undefined>;

The list of HostRules to use against the URL. Structure is documented below.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property mapId

public mapId: pulumi.Output<number>;

The unique identifier for the resource.

property name

public name: pulumi.Output<string>;

The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.

property pathMatchers

public pathMatchers: pulumi.Output<URLMapPathMatcher[] | undefined>;

The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL’s host portion.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property tests

public tests: pulumi.Output<URLMapTest[] | undefined>;

The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Structure is documented below.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource VPNGateway

class VPNGateway extends CustomResource

Represents a VPN gateway running in GCP. This virtual device is managed by Google, but used only by you.

To get more information about VpnGateway, see:

Example Usage - Target Vpn Gateway Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const network1 = new gcp.compute.Network("network1", {});
const targetGateway = new gcp.compute.VPNGateway("targetGateway", {network: network1.id});
const vpnStaticIp = new gcp.compute.Address("vpnStaticIp", {});
const frEsp = new gcp.compute.ForwardingRule("frEsp", {
    ipProtocol: "ESP",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const frUdp500 = new gcp.compute.ForwardingRule("frUdp500", {
    ipProtocol: "UDP",
    portRange: "500",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const frUdp4500 = new gcp.compute.ForwardingRule("frUdp4500", {
    ipProtocol: "UDP",
    portRange: "4500",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const tunnel1 = new gcp.compute.VPNTunnel("tunnel1", {
    peerIp: "15.0.0.120",
    sharedSecret: "a secret message",
    targetVpnGateway: targetGateway.id,
});
const route1 = new gcp.compute.Route("route1", {
    network: network1.name,
    destRange: "15.0.0.0/24",
    priority: 1000,
    nextHopVpnTunnel: tunnel1.id,
});

constructor

new VPNGateway(name: string, args: VPNGatewayArgs, opts?: pulumi.CustomResourceOptions)

Create a VPNGateway resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VPNGatewayState, opts?: pulumi.CustomResourceOptions): VPNGateway

Get an existing VPNGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is VPNGateway

Returns true if the given object is an instance of VPNGateway. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property gatewayId

public gatewayId: pulumi.Output<number>;

The unique identifier for the resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

public network: pulumi.Output<string>;

The network this VPN gateway is accepting traffic for.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

The region this gateway should sit in.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource VPNTunnel

class VPNTunnel extends CustomResource

VPN tunnel resource.

To get more information about VpnTunnel, see:

Warning: All arguments including sharedSecret will be stored in the raw state as plain-text.

Example Usage - Vpn Tunnel Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const network1 = new gcp.compute.Network("network1", {});
const targetGateway = new gcp.compute.VPNGateway("targetGateway", {network: network1.id});
const vpnStaticIp = new gcp.compute.Address("vpnStaticIp", {});
const frEsp = new gcp.compute.ForwardingRule("frEsp", {
    ipProtocol: "ESP",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const frUdp500 = new gcp.compute.ForwardingRule("frUdp500", {
    ipProtocol: "UDP",
    portRange: "500",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const frUdp4500 = new gcp.compute.ForwardingRule("frUdp4500", {
    ipProtocol: "UDP",
    portRange: "4500",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const tunnel1 = new gcp.compute.VPNTunnel("tunnel1", {
    peerIp: "15.0.0.120",
    sharedSecret: "a secret message",
    targetVpnGateway: targetGateway.id,
});
const route1 = new gcp.compute.Route("route1", {
    network: network1.name,
    destRange: "15.0.0.0/24",
    priority: 1000,
    nextHopVpnTunnel: tunnel1.id,
});

Example Usage - Vpn Tunnel Beta

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const network1 = new gcp.compute.Network("network1", {});
const targetGateway = new gcp.compute.VPNGateway("targetGateway", {network: network1.id});
const vpnStaticIp = new gcp.compute.Address("vpnStaticIp", {});
const frEsp = new gcp.compute.ForwardingRule("frEsp", {
    ipProtocol: "ESP",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const frUdp500 = new gcp.compute.ForwardingRule("frUdp500", {
    ipProtocol: "UDP",
    portRange: "500",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const frUdp4500 = new gcp.compute.ForwardingRule("frUdp4500", {
    ipProtocol: "UDP",
    portRange: "4500",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const tunnel1 = new gcp.compute.VPNTunnel("tunnel1", {
    peerIp: "15.0.0.120",
    sharedSecret: "a secret message",
    targetVpnGateway: targetGateway.id,
    labels: {
        foo: "bar",
    },
});
const route1 = new gcp.compute.Route("route1", {
    network: network1.name,
    destRange: "15.0.0.0/24",
    priority: 1000,
    nextHopVpnTunnel: tunnel1.id,
});

constructor

new VPNTunnel(name: string, args: VPNTunnelArgs, opts?: pulumi.CustomResourceOptions)

Create a VPNTunnel resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VPNTunnelState, opts?: pulumi.CustomResourceOptions): VPNTunnel

Get an existing VPNTunnel resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is VPNTunnel

Returns true if the given object is an instance of VPNTunnel. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property creationTimestamp

public creationTimestamp: pulumi.Output<string>;

Creation timestamp in RFC3339 text format.

property description

public description: pulumi.Output<string | undefined>;

An optional description of this resource.

property detailedStatus

public detailedStatus: pulumi.Output<string>;

Detailed status message for the VPN tunnel.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ikeVersion

public ikeVersion: pulumi.Output<number | undefined>;

IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;

Labels to apply to this VpnTunnel.

property localTrafficSelectors

public localTrafficSelectors: pulumi.Output<string[]>;

Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.

property name

public name: pulumi.Output<string>;

Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property peerExternalGateway

public peerExternalGateway: pulumi.Output<string | undefined>;

URL of the peer side external VPN gateway to which this VPN tunnel is connected.

property peerExternalGatewayInterface

public peerExternalGatewayInterface: pulumi.Output<number | undefined>;

The interface ID of the external VPN gateway to which this VPN tunnel is connected.

property peerGcpGateway

public peerGcpGateway: pulumi.Output<string | undefined>;

URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpnGatewayInterface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.

property peerIp

public peerIp: pulumi.Output<string>;

IP address of the peer VPN gateway. Only IPv4 is supported.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

public region: pulumi.Output<string>;

The region where the tunnel is located. If unset, is set to the region of targetVpnGateway.

property remoteTrafficSelectors

public remoteTrafficSelectors: pulumi.Output<string[]>;

Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.

property router

public router: pulumi.Output<string | undefined>;

URL of router resource to be used for dynamic routing.

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property sharedSecret

public sharedSecret: pulumi.Output<string>;

Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.

property sharedSecretHash

public sharedSecretHash: pulumi.Output<string>;

Hash of the shared secret.

property targetVpnGateway

public targetVpnGateway: pulumi.Output<string | undefined>;

URL of the Target VPN gateway with which this VPN tunnel is associated.

property tunnelId

public tunnelId: pulumi.Output<string>;

The unique identifier for the resource. This identifier is defined by the server.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpnGateway

public vpnGateway: pulumi.Output<string | undefined>;

URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.

property vpnGatewayInterface

public vpnGatewayInterface: pulumi.Output<number | undefined>;

The interface ID of the VPN gateway with which this VPN tunnel is associated.

Functions

Function getAddress

getAddress(args: GetAddressArgs, opts?: pulumi.InvokeOptions): Promise<GetAddressResult>

Get the IP address from a static address. For more information see the official API documentation.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const myAddress = gcp.compute.getAddress({
    name: "foobar",
});
const prod = new gcp.dns.ManagedZone("prod", {dnsName: "prod.mydomain.com."});
const frontend = new gcp.dns.RecordSet("frontend", {
    type: "A",
    ttl: 300,
    managedZone: prod.name,
    rrdatas: [myAddress.then(myAddress => myAddress.address)],
});

Function getBackendBucket

getBackendBucket(args: GetBackendBucketArgs, opts?: pulumi.InvokeOptions): Promise<GetBackendBucketResult>

Get information about a BackendBucket.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const myBackendBucket = pulumi.output(gcp.compute.getBackendBucket({
    name: "my-backend",
}, { async: true }));

Function getBackendService

getBackendService(args: GetBackendServiceArgs, opts?: pulumi.InvokeOptions): Promise<GetBackendServiceResult>

Provide access to a Backend Service’s attribute. For more information see the official documentation and the API.

Function getCertificate

getCertificate(args: GetCertificateArgs, opts?: pulumi.InvokeOptions): Promise<GetCertificateResult>

Get info about a Google Compute SSL Certificate from its name.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const myCert = gcp.compute.getCertificate({
    name: "my-cert",
});
export const certificate = myCert.then(myCert => myCert.certificate);
export const certificateId = myCert.then(myCert => myCert.certificateId);
export const selfLink = myCert.then(myCert => myCert.selfLink);

Function getDefaultServiceAccount

getDefaultServiceAccount(args?: GetDefaultServiceAccountArgs, opts?: pulumi.InvokeOptions): Promise<GetDefaultServiceAccountResult>

Use this data source to retrieve default service account for this project

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const default = gcp.compute.getDefaultServiceAccount({});
export const defaultAccount = _default.then(_default => _default.email);

Function getForwardingRule

getForwardingRule(args: GetForwardingRuleArgs, opts?: pulumi.InvokeOptions): Promise<GetForwardingRuleResult>

Get a forwarding rule within GCE from its name.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const myForwardingRule = pulumi.output(gcp.compute.getForwardingRule({
    name: "forwarding-rule-us-east1",
}, { async: true }));

Function getGlobalAddress

getGlobalAddress(args: GetGlobalAddressArgs, opts?: pulumi.InvokeOptions): Promise<GetGlobalAddressResult>

Get the IP address from a static address reserved for a Global Forwarding Rule which are only used for HTTP load balancing. For more information see the official API documentation.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const myAddress = gcp.compute.getGlobalAddress({
    name: "foobar",
});
const prod = new gcp.dns.ManagedZone("prod", {dnsName: "prod.mydomain.com."});
const frontend = new gcp.dns.RecordSet("frontend", {
    type: "A",
    ttl: 300,
    managedZone: prod.name,
    rrdatas: [myAddress.then(myAddress => myAddress.address)],
});

Function getImage

getImage(args?: GetImageArgs, opts?: pulumi.InvokeOptions): Promise<GetImageResult>

Get information about a Google Compute Image. Check that your service account has the compute.imageUser role if you want to share custom images from another project. If you want to use [public images][pubimg], do not forget to specify the dedicated project. For more information see the official documentation and its API.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const myImage = gcp.compute.getImage({
    family: "debian-9",
    project: "debian-cloud",
});
// ...
const _default = new gcp.compute.Instance("default", {boot_disk: {
    initialize_params: {
        image: myImage.then(myImage => myImage.selfLink),
    },
}});

Function getInstance

getInstance(args?: GetInstanceArgs, opts?: pulumi.InvokeOptions): Promise<GetInstanceResult>

Get information about a VM instance resource within GCE. For more information see the official documentation and API.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const appserver = pulumi.output(gcp.compute.getInstance({
    name: "primary-application-server",
    zone: "us-central1-a",
}, { async: true }));

Function getInstanceGroup

getInstanceGroup(args?: GetInstanceGroupArgs, opts?: pulumi.InvokeOptions): Promise<GetInstanceGroupResult>

Get a Compute Instance Group within GCE. For more information, see the official documentation and API

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const all = pulumi.output(gcp.compute.getInstanceGroup({
    name: "instance-group-name",
    zone: "us-central1-a",
}, { async: true }));

Function getInstanceSerialPort

getInstanceSerialPort(args: GetInstanceSerialPortArgs, opts?: pulumi.InvokeOptions): Promise<GetInstanceSerialPortResult>

Get the serial port output from a Compute Instance. For more information see the official API documentation.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const serial = gcp.compute.getInstanceSerialPort({
    instance: "my-instance",
    zone: "us-central1-a",
    port: 1,
});
export const serialOut = serial.then(serial => serial.contents);

Function getLBIPRanges

getLBIPRanges(opts?: pulumi.InvokeOptions): Promise<GetLBIPRangesResult>

Use this data source to access IP ranges in your firewall rules.

https://cloud.google.com/compute/docs/load-balancing/health-checks#health_check_source_ips_and_firewall_rules

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const ranges = gcp.compute.getLBIPRanges({});
const lb = new gcp.compute.Firewall("lb", {
    network: google_compute_network.main.name,
    allow: [{
        protocol: "tcp",
        ports: ["80"],
    }],
    sourceRanges: ranges.then(ranges => ranges.networks),
    targetTags: ["InstanceBehindLoadBalancer"],
});

Function getNetblockIPRanges

getNetblockIPRanges(args?: GetNetblockIPRangesArgs, opts?: pulumi.InvokeOptions): Promise<GetNetblockIPRangesResult>

Use this data source to get the IP addresses from different special IP ranges on Google Cloud Platform.

Example Usage - Cloud Ranges

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const netblock = gcp.compute.getNetblockIPRanges({});
export const cidrBlocks = netblock.then(netblock => netblock.cidrBlocks);
export const cidrBlocksIpv4 = netblock.then(netblock => netblock.cidrBlocksIpv4s);
export const cidrBlocksIpv6 = netblock.then(netblock => netblock.cidrBlocksIpv6s);

Example Usage - Allow Health Checks

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const legacy-hcs = gcp.compute.getNetblockIPRanges({
    rangeType: "legacy-health-checkers",
});
const _default = new gcp.compute.Network("default", {});
const allowHcs = new gcp.compute.Firewall("allow-hcs", {
    network: _default.name,
    allow: [{
        protocol: "tcp",
        ports: ["80"],
    }],
    sourceRanges: legacy_hcs.then(legacy_hcs => legacy_hcs.cidrBlocksIpv4s),
});

Function getNetwork

getNetwork(args: GetNetworkArgs, opts?: pulumi.InvokeOptions): Promise<GetNetworkResult>

Get a network within GCE from its name.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const myNetwork = pulumi.output(gcp.compute.getNetwork({
    name: "default-us-east1",
}, { async: true }));

Function getNetworkEndpointGroup

getNetworkEndpointGroup(args?: GetNetworkEndpointGroupArgs, opts?: pulumi.InvokeOptions): Promise<GetNetworkEndpointGroupResult>

Use this data source to access a Network Endpoint Group’s attributes.

The NEG may be found by providing either a selfLink, or a name and a zone.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const neg1 = pulumi.output(gcp.compute.getNetworkEndpointGroup({
    name: "k8s1-abcdef01-myns-mysvc-8080-4b6bac43",
    zone: "us-central1-a",
}, { async: true }));
const neg2 = pulumi.output(gcp.compute.getNetworkEndpointGroup({
    selfLink: "https://www.googleapis.com/compute/v1/projects/myproject/zones/us-central1-a/networkEndpointGroups/k8s1-abcdef01-myns-mysvc-8080-4b6bac43",
}, { async: true }));

Function getNodeTypes

getNodeTypes(args?: GetNodeTypesArgs, opts?: pulumi.InvokeOptions): Promise<GetNodeTypesResult>

Provides available node types for Compute Engine sole-tenant nodes in a zone for a given project. For more information, see the official documentation and API.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const central1b = gcp.compute.getNodeTypes({
    zone: "us-central1-b",
});
const tmpl = new gcp.compute.NodeTemplate("tmpl", {
    region: "us-central1",
    nodeType: data.google_compute_node_types.types.names[0],
});

Function getRegionInstanceGroup

getRegionInstanceGroup(args?: GetRegionInstanceGroupArgs, opts?: pulumi.InvokeOptions): Promise<GetRegionInstanceGroupResult>

Get a Compute Region Instance Group within GCE. For more information, see the official documentation and API.

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const group = pulumi.output(gcp.compute.getRegionInstanceGroup({
    name: "instance-group-name",
}, { async: true }));

The most common use of this datasource will be to fetch information about the instances inside regional managed instance groups, for instance:

Function getRegions

getRegions(args?: GetRegionsArgs, opts?: pulumi.InvokeOptions): Promise<GetRegionsResult>

Provides access to available Google Compute regions for a given project. See more about regions and zones in the upstream docs.

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

export = async () => {
    const available = await gcp.compute.getRegions({});
    const cluster: gcp.compute.Subnetwork[];
    for (const range = {value: 0}; range.value < available.names.length; range.value++) {
        cluster.push(new gcp.compute.Subnetwork(`cluster-${range.value}`, {
            ipCidrRange: `10.36.${range.value}.0/24`,
            network: "my-network",
            region: available.names[range.value],
        }));
    }
}

Function getResourcePolicy

getResourcePolicy(args: GetResourcePolicyArgs, opts?: pulumi.InvokeOptions): Promise<GetResourcePolicyResult>

Provide access to a Resource Policy’s attributes. For more information see the official documentation or the API.

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const daily = gcp.compute.getResourcePolicy({
    name: "daily",
    region: "us-central1",
});

Function getRouter

getRouter(args: GetRouterArgs, opts?: pulumi.InvokeOptions): Promise<GetRouterResult>

Get a router within GCE from its name and VPC.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const myRouter = pulumi.output(gcp.compute.getRouter({
    name: "myrouter-us-east1",
    network: "my-network",
}, { async: true }));

Function getSSLPolicy

getSSLPolicy(args: GetSSLPolicyArgs, opts?: pulumi.InvokeOptions): Promise<GetSSLPolicyResult>

Gets an SSL Policy within GCE from its name, for use with Target HTTPS and Target SSL Proxies. For more information see the official documentation.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const mySslPolicy = pulumi.output(gcp.compute.getSSLPolicy({
    name: "production-ssl-policy",
}, { async: true }));

Function getSubnetwork

getSubnetwork(args?: GetSubnetworkArgs, opts?: pulumi.InvokeOptions): Promise<GetSubnetworkResult>

Get a subnetwork within GCE from its name and region.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const mySubnetwork = pulumi.output(gcp.compute.getSubnetwork({
    name: "default-us-east1",
    region: "us-east1",
}, { async: true }));

Function getVPNGateway

getVPNGateway(args: GetVPNGatewayArgs, opts?: pulumi.InvokeOptions): Promise<GetVPNGatewayResult>

Get a VPN gateway within GCE from its name.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const myVpnGateway = pulumi.output(gcp.compute.getVPNGateway({
    name: "vpn-gateway-us-east1",
}, { async: true }));

Function getZones

getZones(args?: GetZonesArgs, opts?: pulumi.InvokeOptions): Promise<GetZonesResult>

Provides access to available Google Compute zones in a region for a given project. See more about regions and zones in the upstream docs.

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

export = async () => {
    const available = await gcp.compute.getZones({});
    const foo: gcp.compute.InstanceGroupManager[];
    for (const range = {value: 0}; range.value < available.names.length; range.value++) {
        foo.push(new gcp.compute.InstanceGroupManager(`foo-${range.value}`, {
            instanceTemplate: google_compute_instance_template.foobar.self_link,
            baseInstanceName: `foobar-${range.value}`,
            zone: available.names[range.value],
            targetSize: 1,
        }));
    }
}

Others

interface AddressArgs

interface AddressArgs

The set of arguments for constructing a Address resource.

property address

address?: pulumi.Input<string>;

The static external IP address represented by this resource. Only IPv4 is supported. An address may only be specified for INTERNAL address types. The IP address must be inside the specified subnetwork, if any.

property addressType

addressType?: pulumi.Input<string>;

The type of address to reserve.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this address. A list of key->value pairs.

property name

name?: pulumi.Input<string>;

Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property networkTier

networkTier?: pulumi.Input<string>;

The networking tier used for configuring this address. If this field is not specified, it is assumed to be PREMIUM.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property purpose

purpose?: pulumi.Input<string>;

The purpose of this resource, which can be one of the following values: - GCE_ENDPOINT for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. This should only be set when using an Internal address.

property region

region?: pulumi.Input<string>;

The Region in which the created address should reside. If it is not provided, the provider region is used.

property subnetwork

subnetwork?: pulumi.Input<string>;

The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork’s IP range. This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes.

interface AddressState

interface AddressState

Input properties used for looking up and filtering Address resources.

property address

address?: pulumi.Input<string>;

The static external IP address represented by this resource. Only IPv4 is supported. An address may only be specified for INTERNAL address types. The IP address must be inside the specified subnetwork, if any.

property addressType

addressType?: pulumi.Input<string>;

The type of address to reserve.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this address. A list of key->value pairs.

property name

name?: pulumi.Input<string>;

Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property networkTier

networkTier?: pulumi.Input<string>;

The networking tier used for configuring this address. If this field is not specified, it is assumed to be PREMIUM.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property purpose

purpose?: pulumi.Input<string>;

The purpose of this resource, which can be one of the following values: - GCE_ENDPOINT for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. This should only be set when using an Internal address.

property region

region?: pulumi.Input<string>;

The Region in which the created address should reside. If it is not provided, the provider region is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property subnetwork

subnetwork?: pulumi.Input<string>;

The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork’s IP range. This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes.

property users

users?: pulumi.Input<pulumi.Input<string>[]>;

The URLs of the resources that are using this address.

interface AttachedDiskArgs

interface AttachedDiskArgs

The set of arguments for constructing a AttachedDisk resource.

property deviceName

deviceName?: pulumi.Input<string>;

Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.

property disk

disk: pulumi.Input<string>;

name or selfLink of the disk that will be attached.

property instance

instance: pulumi.Input<string>;

name or selfLink of the compute instance that the disk will be attached to. If the selfLink is provided then zone and project are extracted from the self link. If only the name is used then zone and project must be defined as properties on the resource or provider.

property mode

mode?: pulumi.Input<string>;

The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.

property project

project?: pulumi.Input<string>;

The project that the referenced compute instance is a part of. If instance is referenced by its selfLink the project defined in the link will take precedence.

property zone

zone?: pulumi.Input<string>;

The zone that the referenced compute instance is located within. If instance is referenced by its selfLink the zone defined in the link will take precedence.

interface AttachedDiskState

interface AttachedDiskState

Input properties used for looking up and filtering AttachedDisk resources.

property deviceName

deviceName?: pulumi.Input<string>;

Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.

property disk

disk?: pulumi.Input<string>;

name or selfLink of the disk that will be attached.

property instance

instance?: pulumi.Input<string>;

name or selfLink of the compute instance that the disk will be attached to. If the selfLink is provided then zone and project are extracted from the self link. If only the name is used then zone and project must be defined as properties on the resource or provider.

property mode

mode?: pulumi.Input<string>;

The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.

property project

project?: pulumi.Input<string>;

The project that the referenced compute instance is a part of. If instance is referenced by its selfLink the project defined in the link will take precedence.

property zone

zone?: pulumi.Input<string>;

The zone that the referenced compute instance is located within. If instance is referenced by its selfLink the zone defined in the link will take precedence.

interface AutoscalarArgs

interface AutoscalarArgs

The set of arguments for constructing a Autoscalar resource.

property autoscalingPolicy

autoscalingPolicy: pulumi.Input<AutoscalarAutoscalingPolicy>;

The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%. Structure is documented below.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property target

target: pulumi.Input<string>;

Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.

property zone

zone?: pulumi.Input<string>;

URL of the zone where the instance group resides.

interface AutoscalarState

interface AutoscalarState

Input properties used for looking up and filtering Autoscalar resources.

property autoscalingPolicy

autoscalingPolicy?: pulumi.Input<AutoscalarAutoscalingPolicy>;

The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%. Structure is documented below.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property target

target?: pulumi.Input<string>;

Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.

property zone

zone?: pulumi.Input<string>;

URL of the zone where the instance group resides.

interface AutoscalerArgs

interface AutoscalerArgs

The set of arguments for constructing a Autoscaler resource.

property autoscalingPolicy

autoscalingPolicy: pulumi.Input<AutoscalerAutoscalingPolicy>;

The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%. Structure is documented below.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property target

target: pulumi.Input<string>;

Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.

property zone

zone?: pulumi.Input<string>;

URL of the zone where the instance group resides.

interface AutoscalerState

interface AutoscalerState

Input properties used for looking up and filtering Autoscaler resources.

property autoscalingPolicy

autoscalingPolicy?: pulumi.Input<AutoscalerAutoscalingPolicy>;

The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%. Structure is documented below.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property target

target?: pulumi.Input<string>;

Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.

property zone

zone?: pulumi.Input<string>;

URL of the zone where the instance group resides.

interface BackendBucketArgs

interface BackendBucketArgs

The set of arguments for constructing a BackendBucket resource.

property bucketName

bucketName: pulumi.Input<string>;

Cloud Storage bucket name.

property cdnPolicy

cdnPolicy?: pulumi.Input<BackendBucketCdnPolicy>;

Cloud CDN configuration for this Backend Bucket. Structure is documented below.

property description

description?: pulumi.Input<string>;

An optional textual description of the resource; provided by the client when the resource is created.

property enableCdn

enableCdn?: pulumi.Input<boolean>;

If true, enable Cloud CDN for this BackendBucket.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface BackendBucketSignedUrlKeyArgs

interface BackendBucketSignedUrlKeyArgs

The set of arguments for constructing a BackendBucketSignedUrlKey resource.

property backendBucket

backendBucket: pulumi.Input<string>;

The backend bucket this signed URL key belongs.

property keyValue

keyValue: pulumi.Input<string>;

128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string. Note: This property is sensitive and will not be displayed in the plan.

property name

name?: pulumi.Input<string>;

Name of the signed URL key.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface BackendBucketSignedUrlKeyState

interface BackendBucketSignedUrlKeyState

Input properties used for looking up and filtering BackendBucketSignedUrlKey resources.

property backendBucket

backendBucket?: pulumi.Input<string>;

The backend bucket this signed URL key belongs.

property keyValue

keyValue?: pulumi.Input<string>;

128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string. Note: This property is sensitive and will not be displayed in the plan.

property name

name?: pulumi.Input<string>;

Name of the signed URL key.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface BackendBucketState

interface BackendBucketState

Input properties used for looking up and filtering BackendBucket resources.

property bucketName

bucketName?: pulumi.Input<string>;

Cloud Storage bucket name.

property cdnPolicy

cdnPolicy?: pulumi.Input<BackendBucketCdnPolicy>;

Cloud CDN configuration for this Backend Bucket. Structure is documented below.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional textual description of the resource; provided by the client when the resource is created.

property enableCdn

enableCdn?: pulumi.Input<boolean>;

If true, enable Cloud CDN for this BackendBucket.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface BackendServiceArgs

interface BackendServiceArgs

The set of arguments for constructing a BackendService resource.

property affinityCookieTtlSec

affinityCookieTtlSec?: pulumi.Input<number>;

Lifetime of cookies in seconds if sessionAffinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.

property backends

backends?: pulumi.Input<pulumi.Input<BackendServiceBackend>[]>;

The set of backends that serve this BackendService. Structure is documented below.

property cdnPolicy

cdnPolicy?: pulumi.Input<BackendServiceCdnPolicy>;

Cloud CDN configuration for this BackendService. Structure is documented below.

property circuitBreakers

circuitBreakers?: pulumi.Input<BackendServiceCircuitBreakers>;

Settings controlling the volume of connections to a backend service. This field is applicable only when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.

property connectionDrainingTimeoutSec

connectionDrainingTimeoutSec?: pulumi.Input<number>;

Time for which instance will be drained (not accept new connections, but still work to finish started).

property consistentHash

consistentHash?: pulumi.Input<BackendServiceConsistentHash>;

Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. Structure is documented below.

property customRequestHeaders

customRequestHeaders?: pulumi.Input<pulumi.Input<string>[]>;

Headers that the HTTP/S load balancer should add to proxied requests.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property enableCdn

enableCdn?: pulumi.Input<boolean>;

If true, enable Cloud CDN for this BackendService.

property healthChecks

healthChecks: pulumi.Input<string>;

The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified, and a health check is required. For internal load balancing, a URL to a HealthCheck resource must be specified instead.

property iap

iap?: pulumi.Input<BackendServiceIap>;

Settings for enabling Cloud Identity Aware Proxy Structure is documented below.

property loadBalancingScheme

loadBalancingScheme?: pulumi.Input<string>;

Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other.

property localityLbPolicy

localityLbPolicy?: pulumi.Input<string>;

The load balancing algorithm used within the scope of the locality. The possible values are - ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. RANDOM - The load balancer selects a random healthy host. ORIGINAL_DESTINATION - Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. MAGLEV - used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 This field is applicable only when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.

property logConfig

logConfig?: pulumi.Input<BackendServiceLogConfig>;

This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the cookie.

property outlierDetection

outlierDetection?: pulumi.Input<BackendServiceOutlierDetection>;

Settings controlling eviction of unhealthy hosts from the load balancing pool. This field is applicable only when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.

property portName

portName?: pulumi.Input<string>;

Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property protocol

protocol?: pulumi.Input<string>;

The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API.

property securityPolicy

securityPolicy?: pulumi.Input<string>;

The security policy associated with this backend service.

property sessionAffinity

sessionAffinity?: pulumi.Input<string>;

Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds. Valid range is [1, 86400].

interface BackendServiceSignedUrlKeyArgs

interface BackendServiceSignedUrlKeyArgs

The set of arguments for constructing a BackendServiceSignedUrlKey resource.

property backendService

backendService: pulumi.Input<string>;

The backend service this signed URL key belongs.

property keyValue

keyValue: pulumi.Input<string>;

128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string. Note: This property is sensitive and will not be displayed in the plan.

property name

name?: pulumi.Input<string>;

Name of the signed URL key.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface BackendServiceSignedUrlKeyState

interface BackendServiceSignedUrlKeyState

Input properties used for looking up and filtering BackendServiceSignedUrlKey resources.

property backendService

backendService?: pulumi.Input<string>;

The backend service this signed URL key belongs.

property keyValue

keyValue?: pulumi.Input<string>;

128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string. Note: This property is sensitive and will not be displayed in the plan.

property name

name?: pulumi.Input<string>;

Name of the signed URL key.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface BackendServiceState

interface BackendServiceState

Input properties used for looking up and filtering BackendService resources.

property affinityCookieTtlSec

affinityCookieTtlSec?: pulumi.Input<number>;

Lifetime of cookies in seconds if sessionAffinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.

property backends

backends?: pulumi.Input<pulumi.Input<BackendServiceBackend>[]>;

The set of backends that serve this BackendService. Structure is documented below.

property cdnPolicy

cdnPolicy?: pulumi.Input<BackendServiceCdnPolicy>;

Cloud CDN configuration for this BackendService. Structure is documented below.

property circuitBreakers

circuitBreakers?: pulumi.Input<BackendServiceCircuitBreakers>;

Settings controlling the volume of connections to a backend service. This field is applicable only when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.

property connectionDrainingTimeoutSec

connectionDrainingTimeoutSec?: pulumi.Input<number>;

Time for which instance will be drained (not accept new connections, but still work to finish started).

property consistentHash

consistentHash?: pulumi.Input<BackendServiceConsistentHash>;

Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. Structure is documented below.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property customRequestHeaders

customRequestHeaders?: pulumi.Input<pulumi.Input<string>[]>;

Headers that the HTTP/S load balancer should add to proxied requests.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property enableCdn

enableCdn?: pulumi.Input<boolean>;

If true, enable Cloud CDN for this BackendService.

property fingerprint

fingerprint?: pulumi.Input<string>;

Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.

property healthChecks

healthChecks?: pulumi.Input<string>;

The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified, and a health check is required. For internal load balancing, a URL to a HealthCheck resource must be specified instead.

property iap

iap?: pulumi.Input<BackendServiceIap>;

Settings for enabling Cloud Identity Aware Proxy Structure is documented below.

property loadBalancingScheme

loadBalancingScheme?: pulumi.Input<string>;

Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other.

property localityLbPolicy

localityLbPolicy?: pulumi.Input<string>;

The load balancing algorithm used within the scope of the locality. The possible values are - ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. RANDOM - The load balancer selects a random healthy host. ORIGINAL_DESTINATION - Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. MAGLEV - used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 This field is applicable only when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.

property logConfig

logConfig?: pulumi.Input<BackendServiceLogConfig>;

This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the cookie.

property outlierDetection

outlierDetection?: pulumi.Input<BackendServiceOutlierDetection>;

Settings controlling eviction of unhealthy hosts from the load balancing pool. This field is applicable only when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.

property portName

portName?: pulumi.Input<string>;

Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property protocol

protocol?: pulumi.Input<string>;

The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API.

property securityPolicy

securityPolicy?: pulumi.Input<string>;

The security policy associated with this backend service.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sessionAffinity

sessionAffinity?: pulumi.Input<string>;

Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds. Valid range is [1, 86400].

interface DiskArgs

interface DiskArgs

The set of arguments for constructing a Disk resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property diskEncryptionKey

diskEncryptionKey?: pulumi.Input<DiskDiskEncryptionKey>;

Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Structure is documented below.

property image

image?: pulumi.Input<string>;

The image from which to initialize this disk. This can be one of: the image’s selfLink, projects/{project}/global/images/{image}, projects/{project}/global/images/family/{family}, global/images/{image}, global/images/family/{family}, family/{family}, {project}/{family}, {project}/{image}, {family}, or {image}. If referred by family, the images names must include the family name. If they don’t, use the gcp.compute.Image data source. For instance, the image centos-6-v20180104 includes its family name centos-6. These images can be referred by family name here.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this disk. A list of key->value pairs.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property physicalBlockSizeBytes

physicalBlockSizeBytes?: pulumi.Input<number>;

Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Currently supported sizes are 4096 and 16384, other sizes may be added in the future. If an unsupported value is requested, the error message will list the supported values for the caller’s project.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property resourcePolicies

resourcePolicies?: pulumi.Input<pulumi.Input<string>[]>;

Resource policies applied to this disk for automatic snapshot creations.

property size

size?: pulumi.Input<number>;

Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the image or snapshot parameter, or specify it alone to create an empty persistent disk. If you specify this field along with image or snapshot, the value must not be less than the size of the image or the size of the snapshot.

property snapshot

snapshot?: pulumi.Input<string>;

The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. If the snapshot is in another project than this disk, you must supply a full URL. For example, the following are valid values: * https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot * projects/project/global/snapshots/snapshot * global/snapshots/snapshot * snapshot

property sourceImageEncryptionKey

sourceImageEncryptionKey?: pulumi.Input<DiskSourceImageEncryptionKey>;

The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Structure is documented below.

property sourceSnapshotEncryptionKey

sourceSnapshotEncryptionKey?: pulumi.Input<DiskSourceSnapshotEncryptionKey>;

The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

property type

type?: pulumi.Input<string>;

URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk.

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the disk resides.

interface DiskResourcePolicyAttachmentArgs

interface DiskResourcePolicyAttachmentArgs

The set of arguments for constructing a DiskResourcePolicyAttachment resource.

property disk

disk: pulumi.Input<string>;

The name of the disk in which the resource policies are attached to.

property name

name?: pulumi.Input<string>;

The resource policy to be attached to the disk for scheduling snapshot creation. Do not specify the self link.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the disk resides.

interface DiskResourcePolicyAttachmentState

interface DiskResourcePolicyAttachmentState

Input properties used for looking up and filtering DiskResourcePolicyAttachment resources.

property disk

disk?: pulumi.Input<string>;

The name of the disk in which the resource policies are attached to.

property name

name?: pulumi.Input<string>;

The resource policy to be attached to the disk for scheduling snapshot creation. Do not specify the self link.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the disk resides.

interface DiskState

interface DiskState

Input properties used for looking up and filtering Disk resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property diskEncryptionKey

diskEncryptionKey?: pulumi.Input<DiskDiskEncryptionKey>;

Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Structure is documented below.

property image

image?: pulumi.Input<string>;

The image from which to initialize this disk. This can be one of: the image’s selfLink, projects/{project}/global/images/{image}, projects/{project}/global/images/family/{family}, global/images/{image}, global/images/family/{family}, family/{family}, {project}/{family}, {project}/{image}, {family}, or {image}. If referred by family, the images names must include the family name. If they don’t, use the gcp.compute.Image data source. For instance, the image centos-6-v20180104 includes its family name centos-6. These images can be referred by family name here.

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this disk. A list of key->value pairs.

property lastAttachTimestamp

lastAttachTimestamp?: pulumi.Input<string>;

Last attach timestamp in RFC3339 text format.

property lastDetachTimestamp

lastDetachTimestamp?: pulumi.Input<string>;

Last detach timestamp in RFC3339 text format.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property physicalBlockSizeBytes

physicalBlockSizeBytes?: pulumi.Input<number>;

Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Currently supported sizes are 4096 and 16384, other sizes may be added in the future. If an unsupported value is requested, the error message will list the supported values for the caller’s project.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property resourcePolicies

resourcePolicies?: pulumi.Input<pulumi.Input<string>[]>;

Resource policies applied to this disk for automatic snapshot creations.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property size

size?: pulumi.Input<number>;

Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the image or snapshot parameter, or specify it alone to create an empty persistent disk. If you specify this field along with image or snapshot, the value must not be less than the size of the image or the size of the snapshot.

property snapshot

snapshot?: pulumi.Input<string>;

The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. If the snapshot is in another project than this disk, you must supply a full URL. For example, the following are valid values: * https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot * projects/project/global/snapshots/snapshot * global/snapshots/snapshot * snapshot

property sourceImageEncryptionKey

sourceImageEncryptionKey?: pulumi.Input<DiskSourceImageEncryptionKey>;

The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Structure is documented below.

property sourceImageId

sourceImageId?: pulumi.Input<string>;

The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.

property sourceSnapshotEncryptionKey

sourceSnapshotEncryptionKey?: pulumi.Input<DiskSourceSnapshotEncryptionKey>;

The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

property sourceSnapshotId

sourceSnapshotId?: pulumi.Input<string>;

The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.

property type

type?: pulumi.Input<string>;

URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk.

property users

users?: pulumi.Input<pulumi.Input<string>[]>;

Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the disk resides.

interface ExternalVpnGatewayArgs

interface ExternalVpnGatewayArgs

The set of arguments for constructing a ExternalVpnGateway resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property interfaces

interfaces?: pulumi.Input<pulumi.Input<ExternalVpnGatewayInterface>[]>;

A list of interfaces on this external VPN gateway. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property redundancyType

redundancyType?: pulumi.Input<string>;

Indicates the redundancy type of this external VPN gateway

interface ExternalVpnGatewayState

interface ExternalVpnGatewayState

Input properties used for looking up and filtering ExternalVpnGateway resources.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property interfaces

interfaces?: pulumi.Input<pulumi.Input<ExternalVpnGatewayInterface>[]>;

A list of interfaces on this external VPN gateway. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property redundancyType

redundancyType?: pulumi.Input<string>;

Indicates the redundancy type of this external VPN gateway

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface FirewallArgs

interface FirewallArgs

The set of arguments for constructing a Firewall resource.

property allows

allows?: pulumi.Input<pulumi.Input<FirewallAllow>[]>;

The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection. Structure is documented below.

property denies

denies?: pulumi.Input<pulumi.Input<FirewallDeny>[]>;

The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection. Structure is documented below.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property destinationRanges

destinationRanges?: pulumi.Input<pulumi.Input<string>[]>;

If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.

property direction

direction?: pulumi.Input<string>;

Direction of traffic to which this firewall applies; default is INGRESS. Note: For INGRESS traffic, it is NOT supported to specify destinationRanges; For EGRESS traffic, it is NOT supported to specify sourceRanges OR sourceTags.

property disabled

disabled?: pulumi.Input<boolean>;

Denotes whether the firewall rule is disabled, i.e not applied to the network it is associated with. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.

property enableLogging

enableLogging?: pulumi.Input<boolean>;

This field denotes whether to enable logging for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network: pulumi.Input<string>;

The name or selfLink of the network to attach this firewall to.

property priority

priority?: pulumi.Input<number>;

Priority for this rule. This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative priorities determine precedence of conflicting rules. Lower value of priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property sourceRanges

sourceRanges?: pulumi.Input<pulumi.Input<string>[]>;

If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. Only IPv4 is supported.

property sourceServiceAccounts

sourceServiceAccounts?: pulumi.Input<pulumi.Input<string>[]>;

If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance’s external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.

property sourceTags

sourceTags?: pulumi.Input<pulumi.Input<string>[]>;

If source tags are specified, the firewall will apply only to traffic with source IP that belongs to a tag listed in source tags. Source tags cannot be used to control traffic to an instance’s external IP address. Because tags are associated with an instance, not an IP address. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply.

property targetServiceAccounts

targetServiceAccounts?: pulumi.Input<pulumi.Input<string>[]>;

A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.

property targetTags

targetTags?: pulumi.Input<pulumi.Input<string>[]>;

A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[]. If no targetTags are specified, the firewall rule applies to all instances on the specified network.

interface FirewallState

interface FirewallState

Input properties used for looking up and filtering Firewall resources.

property allows

allows?: pulumi.Input<pulumi.Input<FirewallAllow>[]>;

The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection. Structure is documented below.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property denies

denies?: pulumi.Input<pulumi.Input<FirewallDeny>[]>;

The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection. Structure is documented below.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property destinationRanges

destinationRanges?: pulumi.Input<pulumi.Input<string>[]>;

If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.

property direction

direction?: pulumi.Input<string>;

Direction of traffic to which this firewall applies; default is INGRESS. Note: For INGRESS traffic, it is NOT supported to specify destinationRanges; For EGRESS traffic, it is NOT supported to specify sourceRanges OR sourceTags.

property disabled

disabled?: pulumi.Input<boolean>;

Denotes whether the firewall rule is disabled, i.e not applied to the network it is associated with. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.

property enableLogging

enableLogging?: pulumi.Input<boolean>;

This field denotes whether to enable logging for a particular firewall rule. If logging is enabled, logs will be exported to Stackdriver.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network?: pulumi.Input<string>;

The name or selfLink of the network to attach this firewall to.

property priority

priority?: pulumi.Input<number>;

Priority for this rule. This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative priorities determine precedence of conflicting rules. Lower value of priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sourceRanges

sourceRanges?: pulumi.Input<pulumi.Input<string>[]>;

If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. Only IPv4 is supported.

property sourceServiceAccounts

sourceServiceAccounts?: pulumi.Input<pulumi.Input<string>[]>;

If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance’s external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.

property sourceTags

sourceTags?: pulumi.Input<pulumi.Input<string>[]>;

If source tags are specified, the firewall will apply only to traffic with source IP that belongs to a tag listed in source tags. Source tags cannot be used to control traffic to an instance’s external IP address. Because tags are associated with an instance, not an IP address. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply.

property targetServiceAccounts

targetServiceAccounts?: pulumi.Input<pulumi.Input<string>[]>;

A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.

property targetTags

targetTags?: pulumi.Input<pulumi.Input<string>[]>;

A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[]. If no targetTags are specified, the firewall rule applies to all instances on the specified network.

interface ForwardingRuleArgs

interface ForwardingRuleArgs

The set of arguments for constructing a ForwardingRule resource.

property allPorts

allPorts?: pulumi.Input<boolean>;

For internal TCP/UDP load balancing (i.e. load balancing scheme is INTERNAL and protocol is TCP/UDP), set this to true to allow packets addressed to any ports to be forwarded to the backends configured with this forwarding rule. Used with backend service. Cannot be set if port or portRange are set.

property allowGlobalAccess

allowGlobalAccess?: pulumi.Input<boolean>;

If true, clients can access ILB from all regions. Otherwise only allows from the local region the ILB is located at.

property backendService

backendService?: pulumi.Input<string>;

A BackendService to receive the matched traffic. This is used only for INTERNAL load balancing.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property ipAddress

ipAddress?: pulumi.Input<string>;

The IP address that this forwarding rule is serving on behalf of. Addresses are restricted based on the forwarding rule’s load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional). When the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule. An address must be specified by a literal IP address. > NOTE: While the API allows you to specify various resource paths for an address resource instead, this provider requires this to specifically be an IP address to avoid needing to fetching the IP address from resource paths on refresh or unnecessary diffs.

property ipProtocol

ipProtocol?: pulumi.Input<string>;

The IP protocol to which this rule applies. When the load balancing scheme is INTERNAL, only TCP and UDP are valid.

property isMirroringCollector

isMirroringCollector?: pulumi.Input<boolean>;

Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this forwarding rule. A list of key->value pairs.

property loadBalancingScheme

loadBalancingScheme?: pulumi.Input<string>;

This signifies what the ForwardingRule will be used for and can be EXTERNAL, INTERNAL, or INTERNAL_MANAGED. EXTERNAL is used for Classic Cloud VPN gateways, protocol forwarding to VMs from an external IP address, and HTTP(S), SSL Proxy, TCP Proxy, and Network TCP/UDP load balancers. INTERNAL is used for protocol forwarding to VMs from an internal IP address, and internal TCP/UDP load balancers. INTERNAL_MANAGED is used for internal HTTP(S) load balancers.

property name

name?: pulumi.Input<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network?: pulumi.Input<string>;

For internal load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. This field is only used for INTERNAL load balancing.

property networkTier

networkTier?: pulumi.Input<string>;

The networking tier used for configuring this address. If this field is not specified, it is assumed to be PREMIUM.

property portRange

portRange?: pulumi.Input<string>;

This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges. Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 500, 4500

property ports

ports?: pulumi.Input<pulumi.Input<string>[]>;

This field is used along with the backendService field for internal load balancing. When the load balancing scheme is INTERNAL, a single port or a comma separated list of ports can be configured. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule. You may specify a maximum of up to 5 ports.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

A reference to the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules.

property serviceLabel

serviceLabel?: pulumi.Input<string>;

An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for INTERNAL load balancing.

property subnetwork

subnetwork?: pulumi.Input<string>;

The subnetwork that the load balanced IP should belong to for this Forwarding Rule. This field is only used for INTERNAL load balancing. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.

property target

target?: pulumi.Input<string>;

The URL of the target resource to receive the matched traffic. The target must live in the same region as the forwarding rule. The forwarded traffic must be of a type appropriate to the target object.

interface ForwardingRuleState

interface ForwardingRuleState

Input properties used for looking up and filtering ForwardingRule resources.

property allPorts

allPorts?: pulumi.Input<boolean>;

For internal TCP/UDP load balancing (i.e. load balancing scheme is INTERNAL and protocol is TCP/UDP), set this to true to allow packets addressed to any ports to be forwarded to the backends configured with this forwarding rule. Used with backend service. Cannot be set if port or portRange are set.

property allowGlobalAccess

allowGlobalAccess?: pulumi.Input<boolean>;

If true, clients can access ILB from all regions. Otherwise only allows from the local region the ILB is located at.

property backendService

backendService?: pulumi.Input<string>;

A BackendService to receive the matched traffic. This is used only for INTERNAL load balancing.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property ipAddress

ipAddress?: pulumi.Input<string>;

The IP address that this forwarding rule is serving on behalf of. Addresses are restricted based on the forwarding rule’s load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional). When the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule. An address must be specified by a literal IP address. > NOTE: While the API allows you to specify various resource paths for an address resource instead, this provider requires this to specifically be an IP address to avoid needing to fetching the IP address from resource paths on refresh or unnecessary diffs.

property ipProtocol

ipProtocol?: pulumi.Input<string>;

The IP protocol to which this rule applies. When the load balancing scheme is INTERNAL, only TCP and UDP are valid.

property isMirroringCollector

isMirroringCollector?: pulumi.Input<boolean>;

Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this forwarding rule. A list of key->value pairs.

property loadBalancingScheme

loadBalancingScheme?: pulumi.Input<string>;

This signifies what the ForwardingRule will be used for and can be EXTERNAL, INTERNAL, or INTERNAL_MANAGED. EXTERNAL is used for Classic Cloud VPN gateways, protocol forwarding to VMs from an external IP address, and HTTP(S), SSL Proxy, TCP Proxy, and Network TCP/UDP load balancers. INTERNAL is used for protocol forwarding to VMs from an internal IP address, and internal TCP/UDP load balancers. INTERNAL_MANAGED is used for internal HTTP(S) load balancers.

property name

name?: pulumi.Input<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network?: pulumi.Input<string>;

For internal load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. This field is only used for INTERNAL load balancing.

property networkTier

networkTier?: pulumi.Input<string>;

The networking tier used for configuring this address. If this field is not specified, it is assumed to be PREMIUM.

property portRange

portRange?: pulumi.Input<string>;

This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges. Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 500, 4500

property ports

ports?: pulumi.Input<pulumi.Input<string>[]>;

This field is used along with the backendService field for internal load balancing. When the load balancing scheme is INTERNAL, a single port or a comma separated list of ports can be configured. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule. You may specify a maximum of up to 5 ports.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

A reference to the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property serviceLabel

serviceLabel?: pulumi.Input<string>;

An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for INTERNAL load balancing.

property serviceName

serviceName?: pulumi.Input<string>;

The internal fully qualified service name for this Forwarding Rule. This field is only used for INTERNAL load balancing.

property subnetwork

subnetwork?: pulumi.Input<string>;

The subnetwork that the load balanced IP should belong to for this Forwarding Rule. This field is only used for INTERNAL load balancing. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.

property target

target?: pulumi.Input<string>;

The URL of the target resource to receive the matched traffic. The target must live in the same region as the forwarding rule. The forwarded traffic must be of a type appropriate to the target object.

interface GetAddressArgs

interface GetAddressArgs

A collection of arguments for invoking getAddress.

property name

name: string;

A unique name for the resource, required by GCE.

property project

project?: undefined | string;

The project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: undefined | string;

The Region in which the created address reside. If it is not provided, the provider region is used.

interface GetAddressResult

interface GetAddressResult

A collection of values returned by getAddress.

property address

address: string;

The IP of the created resource.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property name

name: string;

property project

project: string;

property region

region: string;
selfLink: string;

The URI of the created resource.

property status

status: string;

Indicates if the address is used. Possible values are: RESERVED or IN_USE.

interface GetBackendBucketArgs

interface GetBackendBucketArgs

A collection of arguments for invoking getBackendBucket.

property name

name: string;

Name of the resource.

property project

project?: undefined | string;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface GetBackendBucketResult

interface GetBackendBucketResult

A collection of values returned by getBackendBucket.

property bucketName

bucketName: string;

Cloud Storage bucket name.

property cdnPolicies

cdnPolicies: GetBackendBucketCdnPolicy[];

Cloud CDN configuration for this Backend Bucket. Structure is documented below.

property creationTimestamp

creationTimestamp: string;

Creation timestamp in RFC3339 text format.

property description

description: string;

An optional textual description of the resource; provided by the client when the resource is created.

property enableCdn

enableCdn: boolean;

Whether Cloud CDN is enabled for this BackendBucket.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property name

name: string;

property project

project?: undefined | string;
selfLink: string;

The URI of the created resource.

interface GetBackendServiceArgs

interface GetBackendServiceArgs

A collection of arguments for invoking getBackendService.

property name

name: string;

The name of the Backend Service.

property project

project?: undefined | string;

The project in which the resource belongs. If it is not provided, the provider project is used.

interface GetBackendServiceResult

interface GetBackendServiceResult

A collection of values returned by getBackendService.

property affinityCookieTtlSec

affinityCookieTtlSec: number;

property backends

backends: GetBackendServiceBackend[];

The set of backends that serve this Backend Service.

property cdnPolicies

cdnPolicies: GetBackendServiceCdnPolicy[];

property circuitBreakers

circuitBreakers: GetBackendServiceCircuitBreaker[];

property connectionDrainingTimeoutSec

connectionDrainingTimeoutSec: number;

Time for which instance will be drained (not accept new connections, but still work to finish started ones).

property consistentHash

consistentHash: GetBackendServiceConsistentHash[];

property creationTimestamp

creationTimestamp: string;

property customRequestHeaders

customRequestHeaders: string[];

property description

description: string;

Textual description for the Backend Service.

property enableCdn

enableCdn: boolean;

Whether or not Cloud CDN is enabled on the Backend Service.

property fingerprint

fingerprint: string;

The fingerprint of the Backend Service.

property healthChecks

healthChecks: string[];

The set of HTTP/HTTPS health checks used by the Backend Service.

property iaps

iaps: GetBackendServiceIap[];

property id

id: string;

The provider-assigned unique ID for this managed resource.

property loadBalancingScheme

loadBalancingScheme: string;

property localityLbPolicy

localityLbPolicy: string;

property logConfigs

logConfigs: GetBackendServiceLogConfig[];

property name

name: string;

property outlierDetections

outlierDetections: GetBackendServiceOutlierDetection[];

property portName

portName: string;

The name of a service that has been added to an instance group in this backend.

property project

project?: undefined | string;

property protocol

protocol: string;

The protocol for incoming requests.

property securityPolicy

securityPolicy: string;
selfLink: string;

The URI of the Backend Service.

property sessionAffinity

sessionAffinity: string;

The Backend Service session stickiness configuration.

property timeoutSec

timeoutSec: number;

The number of seconds to wait for a backend to respond to a request before considering the request failed.

interface GetCertificateArgs

interface GetCertificateArgs

A collection of arguments for invoking getCertificate.

property name

name: string;

The name of the certificate.

property project

project?: undefined | string;

The project in which the resource belongs. If it is not provided, the provider project is used.

interface GetCertificateResult

interface GetCertificateResult

A collection of values returned by getCertificate.

property certificate

certificate: string;

property certificateId

certificateId: number;

property creationTimestamp

creationTimestamp: string;

property description

description: string;

property id

id: string;

The provider-assigned unique ID for this managed resource.

property name

name: string;

property namePrefix

namePrefix: string;

property privateKey

privateKey: string;

property project

project?: undefined | string;
selfLink: string;

interface GetDefaultServiceAccountArgs

interface GetDefaultServiceAccountArgs

A collection of arguments for invoking getDefaultServiceAccount.

property project

project?: undefined | string;

The project ID. If it is not provided, the provider project is used.

interface GetDefaultServiceAccountResult

interface GetDefaultServiceAccountResult

A collection of values returned by getDefaultServiceAccount.

property displayName

displayName: string;

The display name for the service account.

property email

email: string;

Email address of the default service account used by VMs running in this project

property id

id: string;

The provider-assigned unique ID for this managed resource.

property name

name: string;

The fully-qualified name of the service account.

property project

project: string;

property uniqueId

uniqueId: string;

The unique id of the service account.

interface GetForwardingRuleArgs

interface GetForwardingRuleArgs

A collection of arguments for invoking getForwardingRule.

property name

name: string;

The name of the forwarding rule.

property project

project?: undefined | string;

The project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: undefined | string;

The region in which the resource belongs. If it is not provided, the project region is used.

interface GetForwardingRuleResult

interface GetForwardingRuleResult

A collection of values returned by getForwardingRule.

property backendService

backendService: string;

Backend service, if this forwarding rule has one.

property description

description: string;

Description of this forwarding rule.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property ipAddress

ipAddress: string;

IP address of this forwarding rule.

property ipProtocol

ipProtocol: string;

IP protocol of this forwarding rule.

property loadBalancingScheme

loadBalancingScheme: string;

Type of load balancing of this forwarding rule.

property name

name: string;

property network

network: string;

Network of this forwarding rule.

property portRange

portRange: string;

Port range, if this forwarding rule has one.

property ports

ports: string[];

List of ports to use for internal load balancing, if this forwarding rule has any.

property project

project: string;

property region

region: string;

Region of this forwarding rule.

selfLink: string;

The URI of the resource.

property subnetwork

subnetwork: string;

Subnetwork of this forwarding rule.

property target

target: string;

URL of the target pool, if this forwarding rule has one.

interface GetGlobalAddressArgs

interface GetGlobalAddressArgs

A collection of arguments for invoking getGlobalAddress.

property name

name: string;

A unique name for the resource, required by GCE.

property project

project?: undefined | string;

The project in which the resource belongs. If it is not provided, the provider project is used.

interface GetGlobalAddressResult

interface GetGlobalAddressResult

A collection of values returned by getGlobalAddress.

property address

address: string;

The IP of the created resource.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property name

name: string;

property project

project: string;
selfLink: string;

The URI of the created resource.

property status

status: string;

Indicates if the address is used. Possible values are: RESERVED or IN_USE.

interface GetImageArgs

interface GetImageArgs

A collection of arguments for invoking getImage.

property family

family?: undefined | string;

The family name of the image.

property name

name?: undefined | string;

or family - (Required) The name of a specific image or a family. Exactly one of name of family must be specified. If name is specified, it will fetch the corresponding image. If family is specified, it will returns the latest image that is part of an image family and is not deprecated.

property project

project?: undefined | string;

The project in which the resource belongs. If it is not provided, the provider project is used. If you are using a [public base image][pubimg], be sure to specify the correct Image Project.

interface GetImageResult

interface GetImageResult

A collection of values returned by getImage.

property archiveSizeBytes

archiveSizeBytes: number;

The size of the image tar.gz archive stored in Google Cloud Storage in bytes.

property creationTimestamp

creationTimestamp: string;

The creation timestamp in RFC3339 text format.

property description

description: string;

An optional description of this image.

property diskSizeGb

diskSizeGb: number;

The size of the image when restored onto a persistent disk in gigabytes.

property family

family: string;

The family name of the image.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property imageEncryptionKeySha256

imageEncryptionKeySha256: string;

The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this image.

property imageId

imageId: string;

The unique identifier for the image.

property labelFingerprint

labelFingerprint: string;

A fingerprint for the labels being applied to this image.

property labels

labels: {[key: string]: string};

A map of labels applied to this image.

property licenses

licenses: string[];

A list of applicable license URI.

property name

name: string;

The name of the image.

property project

project: string;
selfLink: string;

The URI of the image.

property sourceDisk

sourceDisk: string;

The URL of the source disk used to create this image.

property sourceDiskEncryptionKeySha256

sourceDiskEncryptionKeySha256: string;

The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this image.

property sourceDiskId

sourceDiskId: string;

The ID value of the disk used to create this image.

property sourceImageId

sourceImageId: string;

The ID value of the image used to create this image.

property status

status: string;

The status of the image. Possible values are FAILED, PENDING, or READY.

interface GetInstanceArgs

interface GetInstanceArgs

A collection of arguments for invoking getInstance.

property name

name?: undefined | string;

The name of the instance. One of name or selfLink must be provided.

property project

project?: undefined | string;

The ID of the project in which the resource belongs. If selfLink is provided, this value is ignored. If neither selfLink nor project are provided, the provider project is used.

selfLink?: undefined | string;

The self link of the instance. One of name or selfLink must be provided.

property zone

zone?: undefined | string;

The zone of the instance. If selfLink is provided, this value is ignored. If neither selfLink nor zone are provided, the provider zone is used.

interface GetInstanceGroupArgs

interface GetInstanceGroupArgs

A collection of arguments for invoking getInstanceGroup.

property name

name?: undefined | string;

The name of the instance group. Either name or selfLink must be provided.

property project

project?: undefined | string;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: undefined | string;

The self link of the instance group. Either name or selfLink must be provided.

property zone

zone?: undefined | string;

The zone of the instance group. If referencing the instance group by name and zone is not provided, the provider zone is used.

interface GetInstanceGroupResult

interface GetInstanceGroupResult

A collection of values returned by getInstanceGroup.

property description

description: string;

Textual description of the instance group.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property instances

instances: string[];

List of instances in the group.

property name

name?: undefined | string;

property namedPorts

namedPorts: GetInstanceGroupNamedPort[];

List of named ports in the group.

property network

network: string;

The URL of the network the instance group is in.

property project

project: string;
selfLink: string;

The URI of the resource.

property size

size: number;

The number of instances in the group.

property zone

zone: string;

interface GetInstanceResult

interface GetInstanceResult

A collection of values returned by getInstance.

property allowStoppingForUpdate

allowStoppingForUpdate: boolean;

property attachedDisks

attachedDisks: GetInstanceAttachedDisk[];

List of disks attached to the instance. Structure is documented below.

property bootDisks

bootDisks: GetInstanceBootDisk[];

The boot disk for the instance. Structure is documented below.

property canIpForward

canIpForward: boolean;

Whether sending and receiving of packets with non-matching source or destination IPs is allowed.

property cpuPlatform

cpuPlatform: string;

The CPU platform used by this instance.

property currentStatus

currentStatus: string;

property deletionProtection

deletionProtection: boolean;

Whether deletion protection is enabled on this instance.

property description

description: string;

A brief description of the resource.

property desiredStatus

desiredStatus: string;

property enableDisplay

enableDisplay: boolean;

property guestAccelerators

guestAccelerators: GetInstanceGuestAccelerator[];

List of the type and count of accelerator cards attached to the instance. Structure is documented below.

property hostname

hostname: string;

property id

id: string;

The provider-assigned unique ID for this managed resource.

property instanceId

instanceId: string;

The server-assigned unique identifier of this instance.

property labelFingerprint

labelFingerprint: string;

The unique fingerprint of the labels.

property labels

labels: {[key: string]: string};

A set of key/value label pairs assigned to the instance.

property machineType

machineType: string;

The machine type to create.

property metadata

metadata: {[key: string]: string};

Metadata key/value pairs made available within the instance.

property metadataFingerprint

metadataFingerprint: string;

The unique fingerprint of the metadata.

property metadataStartupScript

metadataStartupScript: string;

property minCpuPlatform

minCpuPlatform: string;

The minimum CPU platform specified for the VM instance.

property name

name?: undefined | string;

property networkInterfaces

networkInterfaces: GetInstanceNetworkInterface[];

The networks attached to the instance. Structure is documented below.

property project

project?: undefined | string;

property resourcePolicies

resourcePolicies: string[];

property schedulings

schedulings: GetInstanceScheduling[];

The scheduling strategy being used by the instance.

property scratchDisks

scratchDisks: GetInstanceScratchDisk[];

The scratch disks attached to the instance. Structure is documented below.

selfLink?: undefined | string;

The URI of the created resource.

property serviceAccounts

serviceAccounts: GetInstanceServiceAccount[];

The service account to attach to the instance. Structure is documented below.

property shieldedInstanceConfigs

shieldedInstanceConfigs: GetInstanceShieldedInstanceConfig[];

The shielded vm config being used by the instance. Structure is documented below.

property tags

tags: string[];

The list of tags attached to the instance.

property tagsFingerprint

tagsFingerprint: string;

The unique fingerprint of the tags.

property zone

zone?: undefined | string;

interface GetInstanceSerialPortArgs

interface GetInstanceSerialPortArgs

A collection of arguments for invoking getInstanceSerialPort.

property instance

instance: string;

The name of the Compute Instance to read output from.

property port

port: number;

The number of the serial port to read output from. Possible values are 1-4.

property project

project?: undefined | string;

The project in which the Compute Instance exists. If it is not provided, the provider project is used.

property zone

zone?: undefined | string;

The zone in which the Compute Instance exists. If it is not provided, the provider zone is used.

interface GetInstanceSerialPortResult

interface GetInstanceSerialPortResult

A collection of values returned by getInstanceSerialPort.

property contents

contents: string;

The output of the serial port. Serial port output is available only when the VM instance is running, and logs are limited to the most recent 1 MB of output per port.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property instance

instance: string;

property port

port: number;

property project

project: string;

property zone

zone: string;

interface GetLBIPRangesResult

interface GetLBIPRangesResult

A collection of values returned by getLBIPRanges.

property httpSslTcpInternals

httpSslTcpInternals: string[];

The IP ranges used for health checks when HTTP(S), SSL proxy, TCP proxy, and Internal load balancing is used

property id

id: string;

The provider-assigned unique ID for this managed resource.

property networks

networks: string[];

The IP ranges used for health checks when Network load balancing is used

interface GetNetblockIPRangesArgs

interface GetNetblockIPRangesArgs

A collection of arguments for invoking getNetblockIPRanges.

property rangeType

rangeType?: undefined | string;

The type of range for which to provide results.

interface GetNetblockIPRangesResult

interface GetNetblockIPRangesResult

A collection of values returned by getNetblockIPRanges.

property cidrBlocks

cidrBlocks: string[];

Retrieve list of all CIDR blocks.

property cidrBlocksIpv4s

cidrBlocksIpv4s: string[];

Retrieve list of the IPv4 CIDR blocks

property cidrBlocksIpv6s

cidrBlocksIpv6s: string[];

Retrieve list of the IPv6 CIDR blocks, if available.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property rangeType

rangeType?: undefined | string;

interface GetNetworkArgs

interface GetNetworkArgs

A collection of arguments for invoking getNetwork.

property name

name: string;

The name of the network.

property project

project?: undefined | string;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface GetNetworkEndpointGroupArgs

interface GetNetworkEndpointGroupArgs

A collection of arguments for invoking getNetworkEndpointGroup.

property name

name?: undefined | string;

The Network Endpoint Group name. Provide either this or a selfLink.

selfLink?: undefined | string;

The Network Endpoint Group self_link.

property zone

zone?: undefined | string;

The Network Endpoint Group availability zone.

interface GetNetworkEndpointGroupResult

interface GetNetworkEndpointGroupResult

A collection of values returned by getNetworkEndpointGroup.

property defaultPort

defaultPort: number;

The NEG default port.

property description

description: string;

The NEG description.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property name

name?: undefined | string;

property network

network: string;

The network to which all network endpoints in the NEG belong.

property networkEndpointType

networkEndpointType: string;

Type of network endpoints in this network endpoint group.

property project

project: string;
selfLink?: undefined | string;

property size

size: number;

Number of network endpoints in the network endpoint group.

property subnetwork

subnetwork: string;

subnetwork to which all network endpoints in the NEG belong.

property zone

zone?: undefined | string;

interface GetNetworkResult

interface GetNetworkResult

A collection of values returned by getNetwork.

property description

description: string;

Description of this network.

property gatewayIpv4

gatewayIpv4: string;

The IP address of the gateway.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property name

name: string;

property project

project?: undefined | string;
selfLink: string;

The URI of the resource.

subnetworksSelfLinks: string[];

the list of subnetworks which belong to the network

interface GetNodeTypesArgs

interface GetNodeTypesArgs

A collection of arguments for invoking getNodeTypes.

property project

project?: undefined | string;

ID of the project to list available node types for. Should match the project the nodes of this type will be deployed to. Defaults to the project that the provider is authenticated with.

property zone

zone?: undefined | string;

The zone to list node types for. Should be in zone of intended node groups and region of referencing node template. If zone is not specified, the provider-level zone must be set and is used instead.

interface GetNodeTypesResult

interface GetNodeTypesResult

A collection of values returned by getNodeTypes.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property names

names: string[];

A list of node types available in the given zone and project.

property project

project: string;

property zone

zone: string;

interface GetRegionInstanceGroupArgs

interface GetRegionInstanceGroupArgs

A collection of arguments for invoking getRegionInstanceGroup.

property name

name?: undefined | string;

The name of the instance group. One of name or selfLink must be provided.

property project

project?: undefined | string;

The ID of the project in which the resource belongs. If selfLink is provided, this value is ignored. If neither selfLink nor project are provided, the provider project is used.

property region

region?: undefined | string;

The region in which the resource belongs. If selfLink is provided, this value is ignored. If neither selfLink nor region are provided, the provider region is used.

selfLink?: undefined | string;

The link to the instance group. One of name or selfLink must be provided.

interface GetRegionInstanceGroupResult

interface GetRegionInstanceGroupResult

A collection of values returned by getRegionInstanceGroup.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property instances

instances: GetRegionInstanceGroupInstance[];

List of instances in the group, as a list of resources, each containing:

property name

name: string;

String port name

property project

project: string;

property region

region: string;
selfLink: string;

property size

size: number;

The number of instances in the group.

interface GetRegionsArgs

interface GetRegionsArgs

A collection of arguments for invoking getRegions.

property project

project?: undefined | string;

Project from which to list available regions. Defaults to project declared in the provider.

property status

status?: undefined | string;

Allows to filter list of regions based on their current status. Status can be either UP or DOWN. Defaults to no filtering (all available regions - both UP and DOWN).

interface GetRegionsResult

interface GetRegionsResult

A collection of values returned by getRegions.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property names

names: string[];

A list of regions available in the given project

property project

project: string;

property status

status?: undefined | string;

interface GetResourcePolicyArgs

interface GetResourcePolicyArgs

A collection of arguments for invoking getResourcePolicy.

property name

name: string;

The name of the Resource Policy.

property project

project?: undefined | string;

Project from which to list the Resource Policy. Defaults to project declared in the provider.

property region

region: string;

Region where the Resource Policy resides.

interface GetResourcePolicyResult

interface GetResourcePolicyResult

A collection of values returned by getResourcePolicy.

property description

description: string;

Description of this Resource Policy.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property name

name: string;

property project

project?: undefined | string;

property region

region: string;
selfLink: string;

The URI of the resource.

interface GetRouterArgs

interface GetRouterArgs

A collection of arguments for invoking getRouter.

property name

name: string;

The name of the router.

property network

network: string;

The VPC network on which this router lives.

property project

project?: undefined | string;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: undefined | string;

The region this router has been created in. If unspecified, this defaults to the region configured in the provider.

interface GetRouterResult

interface GetRouterResult

A collection of values returned by getRouter.

property bgps

bgps: GetRouterBgp[];

property creationTimestamp

creationTimestamp: string;

property description

description: string;

property id

id: string;

The provider-assigned unique ID for this managed resource.

property name

name: string;

property network

network: string;

property project

project?: undefined | string;

property region

region?: undefined | string;
selfLink: string;

interface GetSSLPolicyArgs

interface GetSSLPolicyArgs

A collection of arguments for invoking getSSLPolicy.

property name

name: string;

The name of the SSL Policy.

property project

project?: undefined | string;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface GetSSLPolicyResult

interface GetSSLPolicyResult

A collection of values returned by getSSLPolicy.

property creationTimestamp

creationTimestamp: string;

property customFeatures

customFeatures: string[];

If the profile is CUSTOM, these are the custom encryption ciphers supported by the profile. If the profile is not CUSTOM, this attribute will be empty.

property description

description: string;

Description of this SSL Policy.

property enabledFeatures

enabledFeatures: string[];

The set of enabled encryption ciphers as a result of the policy config

property fingerprint

fingerprint: string;

Fingerprint of this resource.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property minTlsVersion

minTlsVersion: string;

The minimum supported TLS version of this policy.

property name

name: string;

property profile

profile: string;

The Google-curated or custom profile used by this policy.

property project

project?: undefined | string;
selfLink: string;

The URI of the created resource.

interface GetSubnetworkArgs

interface GetSubnetworkArgs

A collection of arguments for invoking getSubnetwork.

property name

name?: undefined | string;

The name of the subnetwork. One of name or selfLink must be specified.

property project

project?: undefined | string;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: undefined | string;

The region this subnetwork has been created in. If unspecified, this defaults to the region configured in the provider.

selfLink?: undefined | string;

The self link of the subnetwork. If selfLink is specified, name, project, and region are ignored.

interface GetSubnetworkResult

interface GetSubnetworkResult

A collection of values returned by getSubnetwork.

property description

description: string;

Description of this subnetwork.

property gatewayAddress

gatewayAddress: string;

The IP address of the gateway.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property ipCidrRange

ipCidrRange: string;

The range of IP addresses belonging to this subnetwork secondary range.

property name

name?: undefined | string;

property network

network: string;

The network name or resource link to the parent network of this subnetwork.

property privateIpGoogleAccess

privateIpGoogleAccess: boolean;

Whether the VMs in this subnet can access Google services without assigned external IP addresses.

property project

project: string;

property region

region: string;

property secondaryIpRanges

secondaryIpRanges: GetSubnetworkSecondaryIpRange[];

An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. Structure is documented below.

selfLink: string;

interface GetVPNGatewayArgs

interface GetVPNGatewayArgs

A collection of arguments for invoking getVPNGateway.

property name

name: string;

The name of the VPN gateway.

property project

project?: undefined | string;

The project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: undefined | string;

The region in which the resource belongs. If it is not provided, the project region is used.

interface GetVPNGatewayResult

interface GetVPNGatewayResult

A collection of values returned by getVPNGateway.

property description

description: string;

Description of this VPN gateway.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property name

name: string;

property network

network: string;

The network of this VPN gateway.

property project

project: string;

property region

region: string;

Region of this VPN gateway.

selfLink: string;

The URI of the resource.

interface GetZonesArgs

interface GetZonesArgs

A collection of arguments for invoking getZones.

property project

project?: undefined | string;

Project from which to list available zones. Defaults to project declared in the provider.

property region

region?: undefined | string;

Region from which to list available zones. Defaults to region declared in the provider.

property status

status?: undefined | string;

Allows to filter list of zones based on their current status. Status can be either UP or DOWN. Defaults to no filtering (all available zones - both UP and DOWN).

interface GetZonesResult

interface GetZonesResult

A collection of values returned by getZones.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property names

names: string[];

A list of zones available in the given region

property project

project: string;

property region

region?: undefined | string;

property status

status?: undefined | string;

interface GlobalAddressArgs

interface GlobalAddressArgs

The set of arguments for constructing a GlobalAddress resource.

property address

address?: pulumi.Input<string>;

The IP address or beginning of the address range represented by this resource. This can be supplied as an input to reserve a specific address or omitted to allow GCP to choose a valid one for you.

property addressType

addressType?: pulumi.Input<string>;

The type of the address to reserve. * EXTERNAL indicates public/external single IP address. * INTERNAL indicates internal IP ranges belonging to some network.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property ipVersion

ipVersion?: pulumi.Input<string>;

The IP Version that will be used by this address. The default value is IPV4.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this address. A list of key->value pairs.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network?: pulumi.Input<string>;

The URL of the network in which to reserve the IP range. The IP range must be in RFC1918 space. The network cannot be deleted if there are any reserved IP ranges referring to it. This should only be set when using an Internal address.

property prefixLength

prefixLength?: pulumi.Input<number>;

The prefix length of the IP range. If not present, it means the address field is a single IP address. This field is not applicable to addresses with addressType=EXTERNAL.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property purpose

purpose?: pulumi.Input<string>;

The purpose of the resource. For global internal addresses it can be * VPC_PEERING - for peer networks This should only be set when using an Internal address.

interface GlobalAddressState

interface GlobalAddressState

Input properties used for looking up and filtering GlobalAddress resources.

property address

address?: pulumi.Input<string>;

The IP address or beginning of the address range represented by this resource. This can be supplied as an input to reserve a specific address or omitted to allow GCP to choose a valid one for you.

property addressType

addressType?: pulumi.Input<string>;

The type of the address to reserve. * EXTERNAL indicates public/external single IP address. * INTERNAL indicates internal IP ranges belonging to some network.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property ipVersion

ipVersion?: pulumi.Input<string>;

The IP Version that will be used by this address. The default value is IPV4.

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this address. A list of key->value pairs.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network?: pulumi.Input<string>;

The URL of the network in which to reserve the IP range. The IP range must be in RFC1918 space. The network cannot be deleted if there are any reserved IP ranges referring to it. This should only be set when using an Internal address.

property prefixLength

prefixLength?: pulumi.Input<number>;

The prefix length of the IP range. If not present, it means the address field is a single IP address. This field is not applicable to addresses with addressType=EXTERNAL.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property purpose

purpose?: pulumi.Input<string>;

The purpose of the resource. For global internal addresses it can be * VPC_PEERING - for peer networks This should only be set when using an Internal address.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface GlobalForwardingRuleArgs

interface GlobalForwardingRuleArgs

The set of arguments for constructing a GlobalForwardingRule resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property ipAddress

ipAddress?: pulumi.Input<string>;

The IP address that this forwarding rule is serving on behalf of. Addresses are restricted based on the forwarding rule’s load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional). When the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule. An address must be specified by a literal IP address. > NOTE: While the API allows you to specify various resource paths for an address resource instead, this provider requires this to specifically be an IP address to avoid needing to fetching the IP address from resource paths on refresh or unnecessary diffs.

property ipProtocol

ipProtocol?: pulumi.Input<string>;

The IP protocol to which this rule applies. When the load balancing scheme is INTERNAL_SELF_MANAGED, only TCP is valid.

property ipVersion

ipVersion?: pulumi.Input<string>;

The IP Version that will be used by this global forwarding rule.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this forwarding rule. A list of key->value pairs.

property loadBalancingScheme

loadBalancingScheme?: pulumi.Input<string>;

This signifies what the GlobalForwardingRule will be used for. The value of INTERNAL_SELF_MANAGED means that this will be used for Internal Global HTTP(S) LB. The value of EXTERNAL means that this will be used for External Global Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy) NOTE: Currently global forwarding rules cannot be used for INTERNAL load balancing.

property metadataFilters

metadataFilters?: pulumi.Input<pulumi.Input<GlobalForwardingRuleMetadataFilter>[]>;

Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the metadata label. The length must be between 1 and 1024 characters, inclusive.

property network

network?: pulumi.Input<string>;

This field is not used for external load balancing. For INTERNAL_SELF_MANAGED load balancing, this field identifies the network that the load balanced IP should belong to for this global forwarding rule. If this field is not specified, the default network will be used.

property portRange

portRange?: pulumi.Input<string>;

This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges. Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 500, 4500

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property target

target: pulumi.Input<string>;

The URL of the target resource to receive the matched traffic. The forwarded traffic must be of a type appropriate to the target object. For INTERNAL_SELF_MANAGED load balancing, only HTTP and HTTPS targets are valid.

interface GlobalForwardingRuleState

interface GlobalForwardingRuleState

Input properties used for looking up and filtering GlobalForwardingRule resources.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property ipAddress

ipAddress?: pulumi.Input<string>;

The IP address that this forwarding rule is serving on behalf of. Addresses are restricted based on the forwarding rule’s load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional). When the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule. An address must be specified by a literal IP address. > NOTE: While the API allows you to specify various resource paths for an address resource instead, this provider requires this to specifically be an IP address to avoid needing to fetching the IP address from resource paths on refresh or unnecessary diffs.

property ipProtocol

ipProtocol?: pulumi.Input<string>;

The IP protocol to which this rule applies. When the load balancing scheme is INTERNAL_SELF_MANAGED, only TCP is valid.

property ipVersion

ipVersion?: pulumi.Input<string>;

The IP Version that will be used by this global forwarding rule.

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this forwarding rule. A list of key->value pairs.

property loadBalancingScheme

loadBalancingScheme?: pulumi.Input<string>;

This signifies what the GlobalForwardingRule will be used for. The value of INTERNAL_SELF_MANAGED means that this will be used for Internal Global HTTP(S) LB. The value of EXTERNAL means that this will be used for External Global Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy) NOTE: Currently global forwarding rules cannot be used for INTERNAL load balancing.

property metadataFilters

metadataFilters?: pulumi.Input<pulumi.Input<GlobalForwardingRuleMetadataFilter>[]>;

Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. If a match takes place, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels in the provided metadata. metadataFilters specified here can be overridden by those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the metadata label. The length must be between 1 and 1024 characters, inclusive.

property network

network?: pulumi.Input<string>;

This field is not used for external load balancing. For INTERNAL_SELF_MANAGED load balancing, this field identifies the network that the load balanced IP should belong to for this global forwarding rule. If this field is not specified, the default network will be used.

property portRange

portRange?: pulumi.Input<string>;

This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges. Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 500, 4500

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property target

target?: pulumi.Input<string>;

The URL of the target resource to receive the matched traffic. The forwarded traffic must be of a type appropriate to the target object. For INTERNAL_SELF_MANAGED load balancing, only HTTP and HTTPS targets are valid.

interface GlobalNetworkEndpointArgs

interface GlobalNetworkEndpointArgs

The set of arguments for constructing a GlobalNetworkEndpoint resource.

property fqdn

fqdn?: pulumi.Input<string>;

Fully qualified domain name of network endpoint. This can only be specified when networkEndpointType of the NEG is INTERNET_FQDN_PORT.

property globalNetworkEndpointGroup

globalNetworkEndpointGroup: pulumi.Input<string>;

The global network endpoint group this endpoint is part of.

property ipAddress

ipAddress?: pulumi.Input<string>;

IPv4 address external endpoint.

property port

port: pulumi.Input<number>;

Port number of the external endpoint.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface GlobalNetworkEndpointGroupArgs

interface GlobalNetworkEndpointGroupArgs

The set of arguments for constructing a GlobalNetworkEndpointGroup resource.

property defaultPort

defaultPort?: pulumi.Input<number>;

The default port used if the port number is not specified in the network endpoint.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property name

name?: pulumi.Input<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property networkEndpointType

networkEndpointType: pulumi.Input<string>;

Type of network endpoints in this network endpoint group.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface GlobalNetworkEndpointGroupState

interface GlobalNetworkEndpointGroupState

Input properties used for looking up and filtering GlobalNetworkEndpointGroup resources.

property defaultPort

defaultPort?: pulumi.Input<number>;

The default port used if the port number is not specified in the network endpoint.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property name

name?: pulumi.Input<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property networkEndpointType

networkEndpointType?: pulumi.Input<string>;

Type of network endpoints in this network endpoint group.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface GlobalNetworkEndpointState

interface GlobalNetworkEndpointState

Input properties used for looking up and filtering GlobalNetworkEndpoint resources.

property fqdn

fqdn?: pulumi.Input<string>;

Fully qualified domain name of network endpoint. This can only be specified when networkEndpointType of the NEG is INTERNET_FQDN_PORT.

property globalNetworkEndpointGroup

globalNetworkEndpointGroup?: pulumi.Input<string>;

The global network endpoint group this endpoint is part of.

property ipAddress

ipAddress?: pulumi.Input<string>;

IPv4 address external endpoint.

property port

port?: pulumi.Input<number>;

Port number of the external endpoint.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface HaVpnGatewayArgs

interface HaVpnGatewayArgs

The set of arguments for constructing a HaVpnGateway resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network: pulumi.Input<string>;

The network this VPN gateway is accepting traffic for.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The region this gateway should sit in.

interface HaVpnGatewayState

interface HaVpnGatewayState

Input properties used for looking up and filtering HaVpnGateway resources.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network?: pulumi.Input<string>;

The network this VPN gateway is accepting traffic for.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The region this gateway should sit in.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property vpnInterfaces

vpnInterfaces?: pulumi.Input<pulumi.Input<HaVpnGatewayVpnInterface>[]>;

A list of interfaces on this VPN gateway.

interface HealthCheckArgs

interface HealthCheckArgs

The set of arguments for constructing a HealthCheck resource.

property checkIntervalSec

checkIntervalSec?: pulumi.Input<number>;

How often (in seconds) to send a health check. The default value is 5 seconds.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

healthyThreshold?: pulumi.Input<number>;

A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property http2HealthCheck

http2HealthCheck?: pulumi.Input<HealthCheckHttp2HealthCheck>;

A nested object resource Structure is documented below.

property httpHealthCheck

httpHealthCheck?: pulumi.Input<HealthCheckHttpHealthCheck>;

A nested object resource Structure is documented below.

property httpsHealthCheck

httpsHealthCheck?: pulumi.Input<HealthCheckHttpsHealthCheck>;

A nested object resource Structure is documented below.

property logConfig

logConfig?: pulumi.Input<HealthCheckLogConfig>;

Configure logging on this health check. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property sslHealthCheck

sslHealthCheck?: pulumi.Input<HealthCheckSslHealthCheck>;

A nested object resource Structure is documented below.

property tcpHealthCheck

tcpHealthCheck?: pulumi.Input<HealthCheckTcpHealthCheck>;

A nested object resource Structure is documented below.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property unhealthyThreshold

unhealthyThreshold?: pulumi.Input<number>;

A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

interface HealthCheckState

interface HealthCheckState

Input properties used for looking up and filtering HealthCheck resources.

property checkIntervalSec

checkIntervalSec?: pulumi.Input<number>;

How often (in seconds) to send a health check. The default value is 5 seconds.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

healthyThreshold?: pulumi.Input<number>;

A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property http2HealthCheck

http2HealthCheck?: pulumi.Input<HealthCheckHttp2HealthCheck>;

A nested object resource Structure is documented below.

property httpHealthCheck

httpHealthCheck?: pulumi.Input<HealthCheckHttpHealthCheck>;

A nested object resource Structure is documented below.

property httpsHealthCheck

httpsHealthCheck?: pulumi.Input<HealthCheckHttpsHealthCheck>;

A nested object resource Structure is documented below.

property logConfig

logConfig?: pulumi.Input<HealthCheckLogConfig>;

Configure logging on this health check. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sslHealthCheck

sslHealthCheck?: pulumi.Input<HealthCheckSslHealthCheck>;

A nested object resource Structure is documented below.

property tcpHealthCheck

tcpHealthCheck?: pulumi.Input<HealthCheckTcpHealthCheck>;

A nested object resource Structure is documented below.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property type

type?: pulumi.Input<string>;

The type of the health check. One of HTTP, HTTPS, TCP, or SSL.

property unhealthyThreshold

unhealthyThreshold?: pulumi.Input<number>;

A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

interface HttpHealthCheckArgs

interface HttpHealthCheckArgs

The set of arguments for constructing a HttpHealthCheck resource.

property checkIntervalSec

checkIntervalSec?: pulumi.Input<number>;

How often (in seconds) to send a health check. The default value is 5 seconds.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

healthyThreshold?: pulumi.Input<number>;

A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property host

host?: pulumi.Input<string>;

The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property port

port?: pulumi.Input<number>;

The TCP port number for the HTTP health check request. The default value is 80.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property requestPath

requestPath?: pulumi.Input<string>;

The request path of the HTTP health check request. The default value is /.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property unhealthyThreshold

unhealthyThreshold?: pulumi.Input<number>;

A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

interface HttpHealthCheckState

interface HttpHealthCheckState

Input properties used for looking up and filtering HttpHealthCheck resources.

property checkIntervalSec

checkIntervalSec?: pulumi.Input<number>;

How often (in seconds) to send a health check. The default value is 5 seconds.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

healthyThreshold?: pulumi.Input<number>;

A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property host

host?: pulumi.Input<string>;

The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property port

port?: pulumi.Input<number>;

The TCP port number for the HTTP health check request. The default value is 80.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property requestPath

requestPath?: pulumi.Input<string>;

The request path of the HTTP health check request. The default value is /.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property unhealthyThreshold

unhealthyThreshold?: pulumi.Input<number>;

A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

interface HttpsHealthCheckArgs

interface HttpsHealthCheckArgs

The set of arguments for constructing a HttpsHealthCheck resource.

property checkIntervalSec

checkIntervalSec?: pulumi.Input<number>;

How often (in seconds) to send a health check. The default value is 5 seconds.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

healthyThreshold?: pulumi.Input<number>;

A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property host

host?: pulumi.Input<string>;

The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property port

port?: pulumi.Input<number>;

The TCP port number for the HTTPS health check request. The default value is 80.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property requestPath

requestPath?: pulumi.Input<string>;

The request path of the HTTPS health check request. The default value is /.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property unhealthyThreshold

unhealthyThreshold?: pulumi.Input<number>;

A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

interface HttpsHealthCheckState

interface HttpsHealthCheckState

Input properties used for looking up and filtering HttpsHealthCheck resources.

property checkIntervalSec

checkIntervalSec?: pulumi.Input<number>;

How often (in seconds) to send a health check. The default value is 5 seconds.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

healthyThreshold?: pulumi.Input<number>;

A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property host

host?: pulumi.Input<string>;

The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property port

port?: pulumi.Input<number>;

The TCP port number for the HTTPS health check request. The default value is 80.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property requestPath

requestPath?: pulumi.Input<string>;

The request path of the HTTPS health check request. The default value is /.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property unhealthyThreshold

unhealthyThreshold?: pulumi.Input<number>;

A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

interface ImageArgs

interface ImageArgs

The set of arguments for constructing a Image resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property diskSizeGb

diskSizeGb?: pulumi.Input<number>;

Size of the image when restored onto a persistent disk (in GB).

property family

family?: pulumi.Input<string>;

The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.

property guestOsFeatures

guestOsFeatures?: pulumi.Input<pulumi.Input<ImageGuestOsFeature>[]>;

A list of features to enable on the guest operating system. Applicable only for bootable images. Structure is documented below.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this Image.

property licenses

licenses?: pulumi.Input<pulumi.Input<string>[]>;

Any applicable license URI.

property name

name?: pulumi.Input<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property rawDisk

rawDisk?: pulumi.Input<ImageRawDisk>;

The parameters of the raw disk image. Structure is documented below.

property sourceDisk

sourceDisk?: pulumi.Input<string>;

The source disk to create this image based on. You must provide either this property or the rawDisk.source property but not both to create an image.

interface ImageState

interface ImageState

Input properties used for looking up and filtering Image resources.

property archiveSizeBytes

archiveSizeBytes?: pulumi.Input<number>;

Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property diskSizeGb

diskSizeGb?: pulumi.Input<number>;

Size of the image when restored onto a persistent disk (in GB).

property family

family?: pulumi.Input<string>;

The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.

property guestOsFeatures

guestOsFeatures?: pulumi.Input<pulumi.Input<ImageGuestOsFeature>[]>;

A list of features to enable on the guest operating system. Applicable only for bootable images. Structure is documented below.

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this Image.

property licenses

licenses?: pulumi.Input<pulumi.Input<string>[]>;

Any applicable license URI.

property name

name?: pulumi.Input<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property rawDisk

rawDisk?: pulumi.Input<ImageRawDisk>;

The parameters of the raw disk image. Structure is documented below.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sourceDisk

sourceDisk?: pulumi.Input<string>;

The source disk to create this image based on. You must provide either this property or the rawDisk.source property but not both to create an image.

interface InstanceArgs

interface InstanceArgs

The set of arguments for constructing a Instance resource.

property allowStoppingForUpdate

allowStoppingForUpdate?: pulumi.Input<boolean>;

If true, allows this prvider to stop the instance to update its properties. If you try to update a property that requires stopping the instance without setting this field, the update will fail.

property attachedDisks

attachedDisks?: pulumi.Input<pulumi.Input<InstanceAttachedDisk>[]>;

Additional disks to attach to the instance. Can be repeated multiple times for multiple disks. Structure is documented below.

property bootDisk

bootDisk: pulumi.Input<InstanceBootDisk>;

The boot disk for the instance. Structure is documented below.

property canIpForward

canIpForward?: pulumi.Input<boolean>;

Whether to allow sending and receiving of packets with non-matching source or destination IPs. This defaults to false.

property deletionProtection

deletionProtection?: pulumi.Input<boolean>;

Enable deletion protection on this instance. Defaults to false. Note: you must disable deletion protection before removing the resource (e.g., via pulumi destroy), or the instance cannot be deleted and the provider run will not complete successfully.

property description

description?: pulumi.Input<string>;

A brief description of this resource.

property desiredStatus

desiredStatus?: pulumi.Input<string>;

Desired status of the instance. Either "RUNNING" or "TERMINATED".

property enableDisplay

enableDisplay?: pulumi.Input<boolean>;

Enable Virtual Displays on this instance. Note: allowStoppingForUpdate must be set to true or your instance must have a desiredStatus of TERMINATED in order to update this field.

property guestAccelerators

guestAccelerators?: pulumi.Input<pulumi.Input<InstanceGuestAccelerator>[]>;

List of the type and count of accelerator cards attached to the instance. Structure documented below. Note: GPU accelerators can only be used with onHostMaintenance option set to TERMINATE.

property hostname

hostname?: pulumi.Input<string>;

A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid. Valid format is a series of labels 1-63 characters long matching the regular expression a-z, concatenated with periods. The entire hostname must not exceed 253 characters. Changing this forces a new resource to be created.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

A map of key/value label pairs to assign to the instance.

property machineType

machineType: pulumi.Input<string>;

The machine type to create.

property metadata

metadata?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Metadata key/value pairs to make available from within the instance. Ssh keys attached in the Cloud Console will be removed. Add them to your config in order to keep them attached to your instance.

property metadataStartupScript

metadataStartupScript?: pulumi.Input<string>;

An alternative to using the startup-script metadata key, except this one forces the instance to be recreated (thus re-running the script) if it is changed. This replaces the startup-script metadata key on the created instance and thus the two mechanisms are not allowed to be used simultaneously. Users are free to use either mechanism - the only distinction is that this separate attribute willl cause a recreate on modification. On import, metadataStartupScript will be set, but metadata.startup-script will not - if you choose to use the other mechanism, you will see a diff immediately after import, which will cause a destroy/recreate operation. You may want to modify your state file manually using pulumi stack commands, depending on your use case.

property minCpuPlatform

minCpuPlatform?: pulumi.Input<string>;

Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as Intel Haswell or Intel Skylake. See the complete list here. Note: allowStoppingForUpdate must be set to true or your instance must have a desiredStatus of TERMINATED in order to update this field.

property name

name?: pulumi.Input<string>;

A unique name for the resource, required by GCE. Changing this forces a new resource to be created.

property networkInterfaces

networkInterfaces: pulumi.Input<pulumi.Input<InstanceNetworkInterface>[]>;

Networks to attach to the instance. This can be specified multiple times. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property resourcePolicies

resourcePolicies?: pulumi.Input<string>;

– A list of short names or selfLinks of resource policies to attach to the instance. Modifying this list will cause the instance to recreate. Currently a max of 1 resource policy is supported.

property scheduling

scheduling?: pulumi.Input<InstanceScheduling>;

The scheduling strategy to use. More details about this configuration option are detailed below.

property scratchDisks

scratchDisks?: pulumi.Input<pulumi.Input<InstanceScratchDisk>[]>;

Scratch disks to attach to the instance. This can be specified multiple times for multiple scratch disks. Structure is documented below.

property serviceAccount

serviceAccount?: pulumi.Input<InstanceServiceAccount>;

Service account to attach to the instance. Structure is documented below. Note: allowStoppingForUpdate must be set to true or your instance must have a desiredStatus of TERMINATED in order to update this field.

property shieldedInstanceConfig

shieldedInstanceConfig?: pulumi.Input<InstanceShieldedInstanceConfig>;

Enable Shielded VM on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. Note: shieldedInstanceConfig can only be used with boot images with shielded vm support. See the complete list here.

property tags

tags?: pulumi.Input<pulumi.Input<string>[]>;

A list of tags to attach to the instance.

property zone

zone?: pulumi.Input<string>;

The zone that the machine should be created in.

interface InstanceFromTemplateArgs

interface InstanceFromTemplateArgs

The set of arguments for constructing a InstanceFromTemplate resource.

property allowStoppingForUpdate

allowStoppingForUpdate?: pulumi.Input<boolean>;

property attachedDisks

attachedDisks?: pulumi.Input<pulumi.Input<InstanceFromTemplateAttachedDisk>[]>;

property bootDisk

bootDisk?: pulumi.Input<InstanceFromTemplateBootDisk>;

property canIpForward

canIpForward?: pulumi.Input<boolean>;

property deletionProtection

deletionProtection?: pulumi.Input<boolean>;

property description

description?: pulumi.Input<string>;

property desiredStatus

desiredStatus?: pulumi.Input<string>;

property enableDisplay

enableDisplay?: pulumi.Input<boolean>;

property guestAccelerators

guestAccelerators?: pulumi.Input<pulumi.Input<InstanceFromTemplateGuestAccelerator>[]>;

property hostname

hostname?: pulumi.Input<string>;

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

property machineType

machineType?: pulumi.Input<string>;

property metadata

metadata?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

property metadataStartupScript

metadataStartupScript?: pulumi.Input<string>;

property minCpuPlatform

minCpuPlatform?: pulumi.Input<string>;

property name

name?: pulumi.Input<string>;

A unique name for the resource, required by GCE. Changing this forces a new resource to be created.

property networkInterfaces

networkInterfaces?: pulumi.Input<pulumi.Input<InstanceFromTemplateNetworkInterface>[]>;

property project

project?: pulumi.Input<string>;

property resourcePolicies

resourcePolicies?: pulumi.Input<string>;

property scheduling

scheduling?: pulumi.Input<InstanceFromTemplateScheduling>;

property scratchDisks

scratchDisks?: pulumi.Input<pulumi.Input<InstanceFromTemplateScratchDisk>[]>;

property serviceAccount

serviceAccount?: pulumi.Input<InstanceFromTemplateServiceAccount>;

property shieldedInstanceConfig

shieldedInstanceConfig?: pulumi.Input<InstanceFromTemplateShieldedInstanceConfig>;

property sourceInstanceTemplate

sourceInstanceTemplate: pulumi.Input<string>;

Name or self link of an instance template to create the instance based on.

property tags

tags?: pulumi.Input<pulumi.Input<string>[]>;

property zone

zone?: pulumi.Input<string>;

The zone that the machine should be created in. If not set, the provider zone is used.

interface InstanceFromTemplateState

interface InstanceFromTemplateState

Input properties used for looking up and filtering InstanceFromTemplate resources.

property allowStoppingForUpdate

allowStoppingForUpdate?: pulumi.Input<boolean>;

property attachedDisks

attachedDisks?: pulumi.Input<pulumi.Input<InstanceFromTemplateAttachedDisk>[]>;

property bootDisk

bootDisk?: pulumi.Input<InstanceFromTemplateBootDisk>;

property canIpForward

canIpForward?: pulumi.Input<boolean>;

property cpuPlatform

cpuPlatform?: pulumi.Input<string>;

property currentStatus

currentStatus?: pulumi.Input<string>;

property deletionProtection

deletionProtection?: pulumi.Input<boolean>;

property description

description?: pulumi.Input<string>;

property desiredStatus

desiredStatus?: pulumi.Input<string>;

property enableDisplay

enableDisplay?: pulumi.Input<boolean>;

property guestAccelerators

guestAccelerators?: pulumi.Input<pulumi.Input<InstanceFromTemplateGuestAccelerator>[]>;

property hostname

hostname?: pulumi.Input<string>;

property instanceId

instanceId?: pulumi.Input<string>;

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

property machineType

machineType?: pulumi.Input<string>;

property metadata

metadata?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

property metadataFingerprint

metadataFingerprint?: pulumi.Input<string>;

property metadataStartupScript

metadataStartupScript?: pulumi.Input<string>;

property minCpuPlatform

minCpuPlatform?: pulumi.Input<string>;

property name

name?: pulumi.Input<string>;

A unique name for the resource, required by GCE. Changing this forces a new resource to be created.

property networkInterfaces

networkInterfaces?: pulumi.Input<pulumi.Input<InstanceFromTemplateNetworkInterface>[]>;

property project

project?: pulumi.Input<string>;

property resourcePolicies

resourcePolicies?: pulumi.Input<string>;

property scheduling

scheduling?: pulumi.Input<InstanceFromTemplateScheduling>;

property scratchDisks

scratchDisks?: pulumi.Input<pulumi.Input<InstanceFromTemplateScratchDisk>[]>;
selfLink?: pulumi.Input<string>;

property serviceAccount

serviceAccount?: pulumi.Input<InstanceFromTemplateServiceAccount>;

property shieldedInstanceConfig

shieldedInstanceConfig?: pulumi.Input<InstanceFromTemplateShieldedInstanceConfig>;

property sourceInstanceTemplate

sourceInstanceTemplate?: pulumi.Input<string>;

Name or self link of an instance template to create the instance based on.

property tags

tags?: pulumi.Input<pulumi.Input<string>[]>;

property tagsFingerprint

tagsFingerprint?: pulumi.Input<string>;

property zone

zone?: pulumi.Input<string>;

The zone that the machine should be created in. If not set, the provider zone is used.

interface InstanceGroupArgs

interface InstanceGroupArgs

The set of arguments for constructing a InstanceGroup resource.

property description

description?: pulumi.Input<string>;

An optional textual description of the instance group.

property instances

instances?: pulumi.Input<pulumi.Input<string>[]>;

List of instances in the group. They should be given as selfLink URLs. When adding instances they must all be in the same network and zone as the instance group.

property name

name?: pulumi.Input<string>;

The name which the port will be mapped to.

property namedPorts

namedPorts?: pulumi.Input<pulumi.Input<InstanceGroupNamedPort>[]>;

The named port configuration. See the section below for details on configuration.

property network

network?: pulumi.Input<string>;

The URL of the network the instance group is in. If this is different from the network where the instances are in, the creation fails. Defaults to the network where the instances are in (if neither network nor instances is specified, this field will be blank).

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property zone

zone?: pulumi.Input<string>;

The zone that this instance group should be created in.

interface InstanceGroupManagerArgs

interface InstanceGroupManagerArgs

The set of arguments for constructing a InstanceGroupManager resource.

property autoHealingPolicies

autoHealingPolicies?: pulumi.Input<InstanceGroupManagerAutoHealingPolicies>;

The autohealing policies for this managed instance group. You can specify only one value. Structure is documented below. For more information, see the official documentation.

property baseInstanceName

baseInstanceName: pulumi.Input<string>;

The base instance name to use for instances in this group. The value must be a valid RFC1035 name. Supported characters are lowercase letters, numbers, and hyphens (-). Instances are named by appending a hyphen and a random four-character string to the base instance name.

property description

description?: pulumi.Input<string>;

An optional textual description of the instance group manager.

property name

name?: pulumi.Input<string>;
  • Version name.

property namedPorts

namedPorts?: pulumi.Input<pulumi.Input<InstanceGroupManagerNamedPort>[]>;

The named port configuration. See the section below for details on configuration.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property statefulDisks

statefulDisks?: pulumi.Input<pulumi.Input<InstanceGroupManagerStatefulDisk>[]>;

Disks created on the instances that will be preserved on instance delete, update, etc. Structure is documented below. For more information see the official documentation.

property targetPools

targetPools?: pulumi.Input<pulumi.Input<string>[]>;

The full URL of all target pools to which new instances in the group are added. Updating the target pools attribute does not affect existing instances.

property targetSize

targetSize?: pulumi.Input<number>;
  • The number of instances calculated as a fixed number or a percentage depending on the settings. Structure is documented below.

property updatePolicy

updatePolicy?: pulumi.Input<InstanceGroupManagerUpdatePolicy>;

The update policy for this managed instance group. Structure is documented below. For more information, see the official documentation and API

property versions

versions: pulumi.Input<pulumi.Input<InstanceGroupManagerVersion>[]>;

Application versions managed by this instance group. Each version deals with a specific instance template, allowing canary release scenarios. Structure is documented below.

property waitForInstances

waitForInstances?: pulumi.Input<boolean>;

Whether to wait for all instances to be created/updated before returning. Note that if this is set to true and the operation does not succeed, this provider will continue trying until it times out.

property zone

zone?: pulumi.Input<string>;

The zone that instances in this group should be created in.

interface InstanceGroupManagerState

interface InstanceGroupManagerState

Input properties used for looking up and filtering InstanceGroupManager resources.

property autoHealingPolicies

autoHealingPolicies?: pulumi.Input<InstanceGroupManagerAutoHealingPolicies>;

The autohealing policies for this managed instance group. You can specify only one value. Structure is documented below. For more information, see the official documentation.

property baseInstanceName

baseInstanceName?: pulumi.Input<string>;

The base instance name to use for instances in this group. The value must be a valid RFC1035 name. Supported characters are lowercase letters, numbers, and hyphens (-). Instances are named by appending a hyphen and a random four-character string to the base instance name.

property description

description?: pulumi.Input<string>;

An optional textual description of the instance group manager.

property fingerprint

fingerprint?: pulumi.Input<string>;

The fingerprint of the instance group manager.

property instanceGroup

instanceGroup?: pulumi.Input<string>;

The full URL of the instance group created by the manager.

property name

name?: pulumi.Input<string>;
  • Version name.

property namedPorts

namedPorts?: pulumi.Input<pulumi.Input<InstanceGroupManagerNamedPort>[]>;

The named port configuration. See the section below for details on configuration.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URL of the created resource.

property statefulDisks

statefulDisks?: pulumi.Input<pulumi.Input<InstanceGroupManagerStatefulDisk>[]>;

Disks created on the instances that will be preserved on instance delete, update, etc. Structure is documented below. For more information see the official documentation.

property targetPools

targetPools?: pulumi.Input<pulumi.Input<string>[]>;

The full URL of all target pools to which new instances in the group are added. Updating the target pools attribute does not affect existing instances.

property targetSize

targetSize?: pulumi.Input<number>;
  • The number of instances calculated as a fixed number or a percentage depending on the settings. Structure is documented below.

property updatePolicy

updatePolicy?: pulumi.Input<InstanceGroupManagerUpdatePolicy>;

The update policy for this managed instance group. Structure is documented below. For more information, see the official documentation and API

property versions

versions?: pulumi.Input<pulumi.Input<InstanceGroupManagerVersion>[]>;

Application versions managed by this instance group. Each version deals with a specific instance template, allowing canary release scenarios. Structure is documented below.

property waitForInstances

waitForInstances?: pulumi.Input<boolean>;

Whether to wait for all instances to be created/updated before returning. Note that if this is set to true and the operation does not succeed, this provider will continue trying until it times out.

property zone

zone?: pulumi.Input<string>;

The zone that instances in this group should be created in.

interface InstanceGroupNamedPortArgs

interface InstanceGroupNamedPortArgs

The set of arguments for constructing a InstanceGroupNamedPort resource.

property group

group: pulumi.Input<string>;

The name of the instance group.

property name

name?: pulumi.Input<string>;

The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.

property port

port: pulumi.Input<number>;

The port number, which can be a value between 1 and 65535.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property zone

zone?: pulumi.Input<string>;

The zone of the instance group.

interface InstanceGroupNamedPortState

interface InstanceGroupNamedPortState

Input properties used for looking up and filtering InstanceGroupNamedPort resources.

property group

group?: pulumi.Input<string>;

The name of the instance group.

property name

name?: pulumi.Input<string>;

The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.

property port

port?: pulumi.Input<number>;

The port number, which can be a value between 1 and 65535.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property zone

zone?: pulumi.Input<string>;

The zone of the instance group.

interface InstanceGroupState

interface InstanceGroupState

Input properties used for looking up and filtering InstanceGroup resources.

property description

description?: pulumi.Input<string>;

An optional textual description of the instance group.

property instances

instances?: pulumi.Input<pulumi.Input<string>[]>;

List of instances in the group. They should be given as selfLink URLs. When adding instances they must all be in the same network and zone as the instance group.

property name

name?: pulumi.Input<string>;

The name which the port will be mapped to.

property namedPorts

namedPorts?: pulumi.Input<pulumi.Input<InstanceGroupNamedPort>[]>;

The named port configuration. See the section below for details on configuration.

property network

network?: pulumi.Input<string>;

The URL of the network the instance group is in. If this is different from the network where the instances are in, the creation fails. Defaults to the network where the instances are in (if neither network nor instances is specified, this field will be blank).

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property size

size?: pulumi.Input<number>;

The number of instances in the group.

property zone

zone?: pulumi.Input<string>;

The zone that this instance group should be created in.

interface InstanceIAMBindingArgs

interface InstanceIAMBindingArgs

The set of arguments for constructing a InstanceIAMBinding resource.

property condition

condition?: pulumi.Input<InstanceIAMBindingCondition>;

) An IAM Condition for a given binding. Structure is documented below.

property instanceName

instanceName: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property members

members: pulumi.Input<pulumi.Input<string>[]>;

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property role

role: pulumi.Input<string>;

The role that should be applied. Only one gcp.compute.InstanceIAMBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the machine resides. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no zone is provided in the parent identifier and no zone is specified, it is taken from the provider configuration.

interface InstanceIAMBindingState

interface InstanceIAMBindingState

Input properties used for looking up and filtering InstanceIAMBinding resources.

property condition

condition?: pulumi.Input<InstanceIAMBindingCondition>;

) An IAM Condition for a given binding. Structure is documented below.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property instanceName

instanceName?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property members

members?: pulumi.Input<pulumi.Input<string>[]>;

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property role

role?: pulumi.Input<string>;

The role that should be applied. Only one gcp.compute.InstanceIAMBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the machine resides. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no zone is provided in the parent identifier and no zone is specified, it is taken from the provider configuration.

interface InstanceIAMMemberArgs

interface InstanceIAMMemberArgs

The set of arguments for constructing a InstanceIAMMember resource.

property condition

condition?: pulumi.Input<InstanceIAMMemberCondition>;

) An IAM Condition for a given binding. Structure is documented below.

property instanceName

instanceName: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property member

member: pulumi.Input<string>;

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property role

role: pulumi.Input<string>;

The role that should be applied. Only one gcp.compute.InstanceIAMBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the machine resides. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no zone is provided in the parent identifier and no zone is specified, it is taken from the provider configuration.

interface InstanceIAMMemberState

interface InstanceIAMMemberState

Input properties used for looking up and filtering InstanceIAMMember resources.

property condition

condition?: pulumi.Input<InstanceIAMMemberCondition>;

) An IAM Condition for a given binding. Structure is documented below.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property instanceName

instanceName?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property member

member?: pulumi.Input<string>;

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property role

role?: pulumi.Input<string>;

The role that should be applied. Only one gcp.compute.InstanceIAMBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the machine resides. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no zone is provided in the parent identifier and no zone is specified, it is taken from the provider configuration.

interface InstanceIAMPolicyArgs

interface InstanceIAMPolicyArgs

The set of arguments for constructing a InstanceIAMPolicy resource.

property instanceName

instanceName: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property policyData

policyData: pulumi.Input<string>;

The policy data generated by a gcp.organizations.getIAMPolicy data source.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the machine resides. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no zone is provided in the parent identifier and no zone is specified, it is taken from the provider configuration.

interface InstanceIAMPolicyState

interface InstanceIAMPolicyState

Input properties used for looking up and filtering InstanceIAMPolicy resources.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property instanceName

instanceName?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property policyData

policyData?: pulumi.Input<string>;

The policy data generated by a gcp.organizations.getIAMPolicy data source.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the machine resides. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no zone is provided in the parent identifier and no zone is specified, it is taken from the provider configuration.

interface InstanceState

interface InstanceState

Input properties used for looking up and filtering Instance resources.

property allowStoppingForUpdate

allowStoppingForUpdate?: pulumi.Input<boolean>;

If true, allows this prvider to stop the instance to update its properties. If you try to update a property that requires stopping the instance without setting this field, the update will fail.

property attachedDisks

attachedDisks?: pulumi.Input<pulumi.Input<InstanceAttachedDisk>[]>;

Additional disks to attach to the instance. Can be repeated multiple times for multiple disks. Structure is documented below.

property bootDisk

bootDisk?: pulumi.Input<InstanceBootDisk>;

The boot disk for the instance. Structure is documented below.

property canIpForward

canIpForward?: pulumi.Input<boolean>;

Whether to allow sending and receiving of packets with non-matching source or destination IPs. This defaults to false.

property cpuPlatform

cpuPlatform?: pulumi.Input<string>;

The CPU platform used by this instance.

property currentStatus

currentStatus?: pulumi.Input<string>;

property deletionProtection

deletionProtection?: pulumi.Input<boolean>;

Enable deletion protection on this instance. Defaults to false. Note: you must disable deletion protection before removing the resource (e.g., via pulumi destroy), or the instance cannot be deleted and the provider run will not complete successfully.

property description

description?: pulumi.Input<string>;

A brief description of this resource.

property desiredStatus

desiredStatus?: pulumi.Input<string>;

Desired status of the instance. Either "RUNNING" or "TERMINATED".

property enableDisplay

enableDisplay?: pulumi.Input<boolean>;

Enable Virtual Displays on this instance. Note: allowStoppingForUpdate must be set to true or your instance must have a desiredStatus of TERMINATED in order to update this field.

property guestAccelerators

guestAccelerators?: pulumi.Input<pulumi.Input<InstanceGuestAccelerator>[]>;

List of the type and count of accelerator cards attached to the instance. Structure documented below. Note: GPU accelerators can only be used with onHostMaintenance option set to TERMINATE.

property hostname

hostname?: pulumi.Input<string>;

A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid. Valid format is a series of labels 1-63 characters long matching the regular expression a-z, concatenated with periods. The entire hostname must not exceed 253 characters. Changing this forces a new resource to be created.

property instanceId

instanceId?: pulumi.Input<string>;

The server-assigned unique identifier of this instance.

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

The unique fingerprint of the labels.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

A map of key/value label pairs to assign to the instance.

property machineType

machineType?: pulumi.Input<string>;

The machine type to create.

property metadata

metadata?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Metadata key/value pairs to make available from within the instance. Ssh keys attached in the Cloud Console will be removed. Add them to your config in order to keep them attached to your instance.

property metadataFingerprint

metadataFingerprint?: pulumi.Input<string>;

The unique fingerprint of the metadata.

property metadataStartupScript

metadataStartupScript?: pulumi.Input<string>;

An alternative to using the startup-script metadata key, except this one forces the instance to be recreated (thus re-running the script) if it is changed. This replaces the startup-script metadata key on the created instance and thus the two mechanisms are not allowed to be used simultaneously. Users are free to use either mechanism - the only distinction is that this separate attribute willl cause a recreate on modification. On import, metadataStartupScript will be set, but metadata.startup-script will not - if you choose to use the other mechanism, you will see a diff immediately after import, which will cause a destroy/recreate operation. You may want to modify your state file manually using pulumi stack commands, depending on your use case.

property minCpuPlatform

minCpuPlatform?: pulumi.Input<string>;

Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as Intel Haswell or Intel Skylake. See the complete list here. Note: allowStoppingForUpdate must be set to true or your instance must have a desiredStatus of TERMINATED in order to update this field.

property name

name?: pulumi.Input<string>;

A unique name for the resource, required by GCE. Changing this forces a new resource to be created.

property networkInterfaces

networkInterfaces?: pulumi.Input<pulumi.Input<InstanceNetworkInterface>[]>;

Networks to attach to the instance. This can be specified multiple times. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property resourcePolicies

resourcePolicies?: pulumi.Input<string>;

– A list of short names or selfLinks of resource policies to attach to the instance. Modifying this list will cause the instance to recreate. Currently a max of 1 resource policy is supported.

property scheduling

scheduling?: pulumi.Input<InstanceScheduling>;

The scheduling strategy to use. More details about this configuration option are detailed below.

property scratchDisks

scratchDisks?: pulumi.Input<pulumi.Input<InstanceScratchDisk>[]>;

Scratch disks to attach to the instance. This can be specified multiple times for multiple scratch disks. Structure is documented below.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property serviceAccount

serviceAccount?: pulumi.Input<InstanceServiceAccount>;

Service account to attach to the instance. Structure is documented below. Note: allowStoppingForUpdate must be set to true or your instance must have a desiredStatus of TERMINATED in order to update this field.

property shieldedInstanceConfig

shieldedInstanceConfig?: pulumi.Input<InstanceShieldedInstanceConfig>;

Enable Shielded VM on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. Note: shieldedInstanceConfig can only be used with boot images with shielded vm support. See the complete list here.

property tags

tags?: pulumi.Input<pulumi.Input<string>[]>;

A list of tags to attach to the instance.

property tagsFingerprint

tagsFingerprint?: pulumi.Input<string>;

The unique fingerprint of the tags.

property zone

zone?: pulumi.Input<string>;

The zone that the machine should be created in.

interface InstanceTemplateArgs

interface InstanceTemplateArgs

The set of arguments for constructing a InstanceTemplate resource.

property canIpForward

canIpForward?: pulumi.Input<boolean>;

Whether to allow sending and receiving of packets with non-matching source or destination IPs. This defaults to false.

property description

description?: pulumi.Input<string>;

A brief description of this resource.

property disks

disks: pulumi.Input<pulumi.Input<InstanceTemplateDisk>[]>;

Disks to attach to instances created from this template. This can be specified multiple times for multiple disks. Structure is documented below.

property enableDisplay

enableDisplay?: pulumi.Input<boolean>;

Enable Virtual Displays on this instance. Note: allowStoppingForUpdate must be set to true in order to update this field.

property guestAccelerators

guestAccelerators?: pulumi.Input<pulumi.Input<InstanceTemplateGuestAccelerator>[]>;

List of the type and count of accelerator cards attached to the instance. Structure documented below.

property instanceDescription

instanceDescription?: pulumi.Input<string>;

A brief description to use for instances created from this template.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

A set of key/value label pairs to assign to instances created from this template,

property machineType

machineType: pulumi.Input<string>;

The machine type to create.

property metadata

metadata?: pulumi.Input<{[key: string]: any}>;

Metadata key/value pairs to make available from within instances created from this template.

property metadataStartupScript

metadataStartupScript?: pulumi.Input<string>;

An alternative to using the startup-script metadata key, mostly to match the computeInstance resource. This replaces the startup-script metadata key on the created instance and thus the two mechanisms are not allowed to be used simultaneously.

property minCpuPlatform

minCpuPlatform?: pulumi.Input<string>;

Specifies a minimum CPU platform. Applicable values are the friendly names of CPU platforms, such as Intel Haswell or Intel Skylake. See the complete list here.

property name

name?: pulumi.Input<string>;

The name of the instance template. If you leave this blank, the provider will auto-generate a unique name.

property namePrefix

namePrefix?: pulumi.Input<string>;

Creates a unique name beginning with the specified prefix. Conflicts with name.

property networkInterfaces

networkInterfaces?: pulumi.Input<pulumi.Input<InstanceTemplateNetworkInterface>[]>;

Networks to attach to instances created from this template. This can be specified multiple times for multiple networks. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

An instance template is a global resource that is not bound to a zone or a region. However, you can still specify some regional resources in an instance template, which restricts the template to the region where that resource resides. For example, a custom subnetwork resource is tied to a specific region. Defaults to the region of the Provider if no value is given.

property scheduling

scheduling?: pulumi.Input<InstanceTemplateScheduling>;

The scheduling strategy to use. More details about this configuration option are detailed below.

property serviceAccount

serviceAccount?: pulumi.Input<InstanceTemplateServiceAccount>;

Service account to attach to the instance. Structure is documented below.

property shieldedInstanceConfig

shieldedInstanceConfig?: pulumi.Input<InstanceTemplateShieldedInstanceConfig>;

Enable Shielded VM on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. Note: shieldedInstanceConfig can only be used with boot images with shielded vm support. See the complete list here.

property tags

tags?: pulumi.Input<pulumi.Input<string>[]>;

Tags to attach to the instance.

interface InstanceTemplateState

interface InstanceTemplateState

Input properties used for looking up and filtering InstanceTemplate resources.

property canIpForward

canIpForward?: pulumi.Input<boolean>;

Whether to allow sending and receiving of packets with non-matching source or destination IPs. This defaults to false.

property description

description?: pulumi.Input<string>;

A brief description of this resource.

property disks

disks?: pulumi.Input<pulumi.Input<InstanceTemplateDisk>[]>;

Disks to attach to instances created from this template. This can be specified multiple times for multiple disks. Structure is documented below.

property enableDisplay

enableDisplay?: pulumi.Input<boolean>;

Enable Virtual Displays on this instance. Note: allowStoppingForUpdate must be set to true in order to update this field.

property guestAccelerators

guestAccelerators?: pulumi.Input<pulumi.Input<InstanceTemplateGuestAccelerator>[]>;

List of the type and count of accelerator cards attached to the instance. Structure documented below.

property instanceDescription

instanceDescription?: pulumi.Input<string>;

A brief description to use for instances created from this template.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

A set of key/value label pairs to assign to instances created from this template,

property machineType

machineType?: pulumi.Input<string>;

The machine type to create.

property metadata

metadata?: pulumi.Input<{[key: string]: any}>;

Metadata key/value pairs to make available from within instances created from this template.

property metadataFingerprint

metadataFingerprint?: pulumi.Input<string>;

The unique fingerprint of the metadata.

property metadataStartupScript

metadataStartupScript?: pulumi.Input<string>;

An alternative to using the startup-script metadata key, mostly to match the computeInstance resource. This replaces the startup-script metadata key on the created instance and thus the two mechanisms are not allowed to be used simultaneously.

property minCpuPlatform

minCpuPlatform?: pulumi.Input<string>;

Specifies a minimum CPU platform. Applicable values are the friendly names of CPU platforms, such as Intel Haswell or Intel Skylake. See the complete list here.

property name

name?: pulumi.Input<string>;

The name of the instance template. If you leave this blank, the provider will auto-generate a unique name.

property namePrefix

namePrefix?: pulumi.Input<string>;

Creates a unique name beginning with the specified prefix. Conflicts with name.

property networkInterfaces

networkInterfaces?: pulumi.Input<pulumi.Input<InstanceTemplateNetworkInterface>[]>;

Networks to attach to instances created from this template. This can be specified multiple times for multiple networks. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

An instance template is a global resource that is not bound to a zone or a region. However, you can still specify some regional resources in an instance template, which restricts the template to the region where that resource resides. For example, a custom subnetwork resource is tied to a specific region. Defaults to the region of the Provider if no value is given.

property scheduling

scheduling?: pulumi.Input<InstanceTemplateScheduling>;

The scheduling strategy to use. More details about this configuration option are detailed below.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property serviceAccount

serviceAccount?: pulumi.Input<InstanceTemplateServiceAccount>;

Service account to attach to the instance. Structure is documented below.

property shieldedInstanceConfig

shieldedInstanceConfig?: pulumi.Input<InstanceTemplateShieldedInstanceConfig>;

Enable Shielded VM on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. Note: shieldedInstanceConfig can only be used with boot images with shielded vm support. See the complete list here.

property tags

tags?: pulumi.Input<pulumi.Input<string>[]>;

Tags to attach to the instance.

property tagsFingerprint

tagsFingerprint?: pulumi.Input<string>;

The unique fingerprint of the tags.

interface InterconnectAttachmentArgs

interface InterconnectAttachmentArgs

The set of arguments for constructing a InterconnectAttachment resource.

property adminEnabled

adminEnabled?: pulumi.Input<boolean>;

Whether the VLAN attachment is enabled or disabled. When using PARTNER type this will Pre-Activate the interconnect attachment

property bandwidth

bandwidth?: pulumi.Input<string>;

Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, Defaults to BPS_10G

property candidateSubnets

candidateSubnets?: pulumi.Input<pulumi.Input<string>[]>;

Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google’s edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property edgeAvailabilityDomain

edgeAvailabilityDomain?: pulumi.Input<string>;

Desired availability domain for the attachment. Only available for type PARTNER, at creation time. For improved reliability, customers should configure a pair of attachments with one per availability domain. The selected availability domain will be provided to the Partner via the pairing key so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.

property interconnect

interconnect?: pulumi.Input<string>;

URL of the underlying Interconnect object that this attachment’s traffic will traverse through. Required if type is DEDICATED, must not be set if type is PARTNER.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where the regional interconnect attachment resides.

property router

router: pulumi.Input<string>;

URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.

property type

type?: pulumi.Input<string>;

The type of InterconnectAttachment you wish to create. Defaults to DEDICATED.

property vlanTag8021q

vlanTag8021q?: pulumi.Input<number>;

The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. When using PARTNER type this will be managed upstream.

interface InterconnectAttachmentState

interface InterconnectAttachmentState

Input properties used for looking up and filtering InterconnectAttachment resources.

property adminEnabled

adminEnabled?: pulumi.Input<boolean>;

Whether the VLAN attachment is enabled or disabled. When using PARTNER type this will Pre-Activate the interconnect attachment

property bandwidth

bandwidth?: pulumi.Input<string>;

Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, Defaults to BPS_10G

property candidateSubnets

candidateSubnets?: pulumi.Input<pulumi.Input<string>[]>;

Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google’s edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.

property cloudRouterIpAddress

cloudRouterIpAddress?: pulumi.Input<string>;

IPv4 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property customerRouterIpAddress

customerRouterIpAddress?: pulumi.Input<string>;

IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property edgeAvailabilityDomain

edgeAvailabilityDomain?: pulumi.Input<string>;

Desired availability domain for the attachment. Only available for type PARTNER, at creation time. For improved reliability, customers should configure a pair of attachments with one per availability domain. The selected availability domain will be provided to the Partner via the pairing key so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.

property googleReferenceId

googleReferenceId?: pulumi.Input<string>;

Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues.

property interconnect

interconnect?: pulumi.Input<string>;

URL of the underlying Interconnect object that this attachment’s traffic will traverse through. Required if type is DEDICATED, must not be set if type is PARTNER.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property pairingKey

pairingKey?: pulumi.Input<string>;

[Output only for type PARTNER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form “XXXXX/region/domain”

property partnerAsn

partnerAsn?: pulumi.Input<string>;

[Output only for type PARTNER. Not present for DEDICATED]. Optional BGP ASN for the router that should be supplied by a layer 3 Partner if they configured BGP on behalf of the customer.

property privateInterconnectInfo

privateInterconnectInfo?: pulumi.Input<InterconnectAttachmentPrivateInterconnectInfo>;

Information specific to an InterconnectAttachment. This property is populated if the interconnect that this is attached to is of type DEDICATED.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where the regional interconnect attachment resides.

property router

router?: pulumi.Input<string>;

URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property state

state?: pulumi.Input<string>;

[Output Only] The current state of this attachment’s functionality.

property type

type?: pulumi.Input<string>;

The type of InterconnectAttachment you wish to create. Defaults to DEDICATED.

property vlanTag8021q

vlanTag8021q?: pulumi.Input<number>;

The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. When using PARTNER type this will be managed upstream.

interface MachineImageArgs

interface MachineImageArgs

The set of arguments for constructing a MachineImage resource.

property description

description?: pulumi.Input<string>;

A text description of the resource.

property name

name?: pulumi.Input<string>;

Name of the resource.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property sourceInstance

sourceInstance: pulumi.Input<string>;

The source instance used to create the machine image. You can provide this as a partial or full URL to the resource.

interface MachineImageState

interface MachineImageState

Input properties used for looking up and filtering MachineImage resources.

property description

description?: pulumi.Input<string>;

A text description of the resource.

property name

name?: pulumi.Input<string>;

Name of the resource.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sourceInstance

sourceInstance?: pulumi.Input<string>;

The source instance used to create the machine image. You can provide this as a partial or full URL to the resource.

interface ManagedSslCertificateArgs

interface ManagedSslCertificateArgs

The set of arguments for constructing a ManagedSslCertificate resource.

property certificateId

certificateId?: pulumi.Input<number>;

The unique identifier for the resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property managed

managed?: pulumi.Input<ManagedSslCertificateManaged>;

Properties relevant to a managed certificate. These will be used if the certificate is managed (as indicated by a value of MANAGED in type). Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property type

type?: pulumi.Input<string>;

Enum field whose value is always MANAGED - used to signal to the API which type this is.

interface ManagedSslCertificateState

interface ManagedSslCertificateState

Input properties used for looking up and filtering ManagedSslCertificate resources.

property certificateId

certificateId?: pulumi.Input<number>;

The unique identifier for the resource.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property expireTime

expireTime?: pulumi.Input<string>;

Expire time of the certificate.

property managed

managed?: pulumi.Input<ManagedSslCertificateManaged>;

Properties relevant to a managed certificate. These will be used if the certificate is managed (as indicated by a value of MANAGED in type). Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property subjectAlternativeNames

subjectAlternativeNames?: pulumi.Input<pulumi.Input<string>[]>;

Domains associated with the certificate via Subject Alternative Name.

property type

type?: pulumi.Input<string>;

Enum field whose value is always MANAGED - used to signal to the API which type this is.

interface MangedSslCertificateArgs

interface MangedSslCertificateArgs

The set of arguments for constructing a MangedSslCertificate resource.

property certificateId

certificateId?: pulumi.Input<number>;

The unique identifier for the resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property managed

managed?: pulumi.Input<MangedSslCertificateManaged>;

Properties relevant to a managed certificate. These will be used if the certificate is managed (as indicated by a value of ‘MANAGED’ in ‘type’).

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression ‘a-z?’ which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. These are in the same namespace as the managed SSL certificates.

property project

project?: pulumi.Input<string>;

property type

type?: pulumi.Input<string>;

Enum field whose value is always ‘MANAGED’ - used to signal to the API which type this is. Default value: “MANAGED” Possible values: [“MANAGED”]

interface MangedSslCertificateState

interface MangedSslCertificateState

Input properties used for looking up and filtering MangedSslCertificate resources.

property certificateId

certificateId?: pulumi.Input<number>;

The unique identifier for the resource.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property expireTime

expireTime?: pulumi.Input<string>;

Expire time of the certificate.

property managed

managed?: pulumi.Input<MangedSslCertificateManaged>;

Properties relevant to a managed certificate. These will be used if the certificate is managed (as indicated by a value of ‘MANAGED’ in ‘type’).

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression ‘a-z?’ which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. These are in the same namespace as the managed SSL certificates.

property project

project?: pulumi.Input<string>;
selfLink?: pulumi.Input<string>;

property subjectAlternativeNames

subjectAlternativeNames?: pulumi.Input<pulumi.Input<string>[]>;

Domains associated with the certificate via Subject Alternative Name.

property type

type?: pulumi.Input<string>;

Enum field whose value is always ‘MANAGED’ - used to signal to the API which type this is. Default value: “MANAGED” Possible values: [“MANAGED”]

interface NetworkArgs

interface NetworkArgs

The set of arguments for constructing a Network resource.

property autoCreateSubnetworks

autoCreateSubnetworks?: pulumi.Input<boolean>;

When set to true, the network is created in “auto subnet mode” and it will create a subnet for each region automatically across the 10.128.0.0/9 address range. When set to false, the network is created in “custom subnet mode” so the user can explicitly connect subnetwork resources.

property deleteDefaultRoutesOnCreate

deleteDefaultRoutesOnCreate?: pulumi.Input<boolean>;

If set to true, default routes (0.0.0.0/0) will be deleted immediately after network creation. Defaults to false.

property description

description?: pulumi.Input<string>;

An optional description of this resource. The resource must be recreated to modify this field.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property routingMode

routingMode?: pulumi.Input<string>;

The network-wide routing mode to use. If set to REGIONAL, this network’s cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to GLOBAL, this network’s cloud routers will advertise routes with all subnetworks of this network, across regions.

interface NetworkEndpointArgs

interface NetworkEndpointArgs

The set of arguments for constructing a NetworkEndpoint resource.

property instance

instance: pulumi.Input<string>;

The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.

property ipAddress

ipAddress: pulumi.Input<string>;

IPv4 address of network endpoint. The IP address must belong to a VM in GCE (either the primary IP or as part of an aliased IP range).

property networkEndpointGroup

networkEndpointGroup: pulumi.Input<string>;

The network endpoint group this endpoint is part of.

property port

port: pulumi.Input<number>;

Port number of network endpoint.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property zone

zone?: pulumi.Input<string>;

Zone where the containing network endpoint group is located.

interface NetworkEndpointGroupArgs

interface NetworkEndpointGroupArgs

The set of arguments for constructing a NetworkEndpointGroup resource.

property defaultPort

defaultPort?: pulumi.Input<number>;

The default port used if the port number is not specified in the network endpoint.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property name

name?: pulumi.Input<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network: pulumi.Input<string>;

The network to which all network endpoints in the NEG belong. Uses “default” project network if unspecified.

property networkEndpointType

networkEndpointType?: pulumi.Input<string>;

Type of network endpoints in this network endpoint group.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property subnetwork

subnetwork?: pulumi.Input<string>;

Optional subnetwork to which all network endpoints in the NEG belong.

property zone

zone?: pulumi.Input<string>;

Zone where the network endpoint group is located.

interface NetworkEndpointGroupState

interface NetworkEndpointGroupState

Input properties used for looking up and filtering NetworkEndpointGroup resources.

property defaultPort

defaultPort?: pulumi.Input<number>;

The default port used if the port number is not specified in the network endpoint.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property name

name?: pulumi.Input<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network?: pulumi.Input<string>;

The network to which all network endpoints in the NEG belong. Uses “default” project network if unspecified.

property networkEndpointType

networkEndpointType?: pulumi.Input<string>;

Type of network endpoints in this network endpoint group.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property size

size?: pulumi.Input<number>;

Number of network endpoints in the network endpoint group.

property subnetwork

subnetwork?: pulumi.Input<string>;

Optional subnetwork to which all network endpoints in the NEG belong.

property zone

zone?: pulumi.Input<string>;

Zone where the network endpoint group is located.

interface NetworkEndpointState

interface NetworkEndpointState

Input properties used for looking up and filtering NetworkEndpoint resources.

property instance

instance?: pulumi.Input<string>;

The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.

property ipAddress

ipAddress?: pulumi.Input<string>;

IPv4 address of network endpoint. The IP address must belong to a VM in GCE (either the primary IP or as part of an aliased IP range).

property networkEndpointGroup

networkEndpointGroup?: pulumi.Input<string>;

The network endpoint group this endpoint is part of.

property port

port?: pulumi.Input<number>;

Port number of network endpoint.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property zone

zone?: pulumi.Input<string>;

Zone where the containing network endpoint group is located.

interface NetworkPeeringArgs

interface NetworkPeeringArgs

The set of arguments for constructing a NetworkPeering resource.

property exportCustomRoutes

exportCustomRoutes?: pulumi.Input<boolean>;

Whether to export the custom routes to the peer network. Defaults to false.

property importCustomRoutes

importCustomRoutes?: pulumi.Input<boolean>;

Whether to export the custom routes from the peer network. Defaults to false.

property name

name?: pulumi.Input<string>;

Name of the peering.

property network

network: pulumi.Input<string>;

The primary network of the peering.

property peerNetwork

peerNetwork: pulumi.Input<string>;

The peer network in the peering. The peer network may belong to a different project.

interface NetworkPeeringRoutesConfigArgs

interface NetworkPeeringRoutesConfigArgs

The set of arguments for constructing a NetworkPeeringRoutesConfig resource.

property exportCustomRoutes

exportCustomRoutes: pulumi.Input<boolean>;

Whether to export the custom routes to the peer network.

property importCustomRoutes

importCustomRoutes: pulumi.Input<boolean>;

Whether to import the custom routes to the peer network.

property network

network: pulumi.Input<string>;

The name of the primary network for the peering.

property peering

peering: pulumi.Input<string>;

Name of the peering.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface NetworkPeeringRoutesConfigState

interface NetworkPeeringRoutesConfigState

Input properties used for looking up and filtering NetworkPeeringRoutesConfig resources.

property exportCustomRoutes

exportCustomRoutes?: pulumi.Input<boolean>;

Whether to export the custom routes to the peer network.

property importCustomRoutes

importCustomRoutes?: pulumi.Input<boolean>;

Whether to import the custom routes to the peer network.

property network

network?: pulumi.Input<string>;

The name of the primary network for the peering.

property peering

peering?: pulumi.Input<string>;

Name of the peering.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface NetworkPeeringState

interface NetworkPeeringState

Input properties used for looking up and filtering NetworkPeering resources.

property exportCustomRoutes

exportCustomRoutes?: pulumi.Input<boolean>;

Whether to export the custom routes to the peer network. Defaults to false.

property importCustomRoutes

importCustomRoutes?: pulumi.Input<boolean>;

Whether to export the custom routes from the peer network. Defaults to false.

property name

name?: pulumi.Input<string>;

Name of the peering.

property network

network?: pulumi.Input<string>;

The primary network of the peering.

property peerNetwork

peerNetwork?: pulumi.Input<string>;

The peer network in the peering. The peer network may belong to a different project.

property state

state?: pulumi.Input<string>;

State for the peering, either ACTIVE or INACTIVE. The peering is ACTIVE when there’s a matching configuration in the peer network.

property stateDetails

stateDetails?: pulumi.Input<string>;

Details about the current state of the peering.

interface NetworkState

interface NetworkState

Input properties used for looking up and filtering Network resources.

property autoCreateSubnetworks

autoCreateSubnetworks?: pulumi.Input<boolean>;

When set to true, the network is created in “auto subnet mode” and it will create a subnet for each region automatically across the 10.128.0.0/9 address range. When set to false, the network is created in “custom subnet mode” so the user can explicitly connect subnetwork resources.

property deleteDefaultRoutesOnCreate

deleteDefaultRoutesOnCreate?: pulumi.Input<boolean>;

If set to true, default routes (0.0.0.0/0) will be deleted immediately after network creation. Defaults to false.

property description

description?: pulumi.Input<string>;

An optional description of this resource. The resource must be recreated to modify this field.

property gatewayIpv4

gatewayIpv4?: pulumi.Input<string>;

The gateway address for default routing out of the network. This value is selected by GCP.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property routingMode

routingMode?: pulumi.Input<string>;

The network-wide routing mode to use. If set to REGIONAL, this network’s cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to GLOBAL, this network’s cloud routers will advertise routes with all subnetworks of this network, across regions.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface NodeGroupArgs

interface NodeGroupArgs

The set of arguments for constructing a NodeGroup resource.

property autoscalingPolicy

autoscalingPolicy?: pulumi.Input<NodeGroupAutoscalingPolicy>;

- If you use sole-tenant nodes for your workloads, you can use the node group autoscaler to automatically manage the sizes of your node groups. Structure is documented below.

property description

description?: pulumi.Input<string>;

An optional textual description of the resource.

property name

name?: pulumi.Input<string>;

Name of the resource.

property nodeTemplate

nodeTemplate: pulumi.Input<string>;

The URL of the node template to which this node group belongs.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property size

size: pulumi.Input<number>;

The total number of nodes in the node group.

property zone

zone?: pulumi.Input<string>;

Zone where this node group is located

interface NodeGroupState

interface NodeGroupState

Input properties used for looking up and filtering NodeGroup resources.

property autoscalingPolicy

autoscalingPolicy?: pulumi.Input<NodeGroupAutoscalingPolicy>;

- If you use sole-tenant nodes for your workloads, you can use the node group autoscaler to automatically manage the sizes of your node groups. Structure is documented below.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional textual description of the resource.

property name

name?: pulumi.Input<string>;

Name of the resource.

property nodeTemplate

nodeTemplate?: pulumi.Input<string>;

The URL of the node template to which this node group belongs.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property size

size?: pulumi.Input<number>;

The total number of nodes in the node group.

property zone

zone?: pulumi.Input<string>;

Zone where this node group is located

interface NodeTemplateArgs

interface NodeTemplateArgs

The set of arguments for constructing a NodeTemplate resource.

property description

description?: pulumi.Input<string>;

An optional textual description of the resource.

property name

name?: pulumi.Input<string>;

Name of the resource.

property nodeAffinityLabels

nodeAffinityLabels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to use for node affinity, which will be used in instance scheduling.

property nodeType

nodeType?: pulumi.Input<string>;

Node type to use for nodes group that are created from this template. Only one of nodeTypeFlexibility and nodeType can be specified.

property nodeTypeFlexibility

nodeTypeFlexibility?: pulumi.Input<NodeTemplateNodeTypeFlexibility>;

Flexible properties for the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. Only one of nodeTypeFlexibility and nodeType can be specified. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where nodes using the node template will be created. If it is not provided, the provider region is used.

property serverBinding

serverBinding?: pulumi.Input<NodeTemplateServerBinding>;

The server binding policy for nodes using this template. Determines where the nodes should restart following a maintenance event. Structure is documented below.

interface NodeTemplateState

interface NodeTemplateState

Input properties used for looking up and filtering NodeTemplate resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional textual description of the resource.

property name

name?: pulumi.Input<string>;

Name of the resource.

property nodeAffinityLabels

nodeAffinityLabels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to use for node affinity, which will be used in instance scheduling.

property nodeType

nodeType?: pulumi.Input<string>;

Node type to use for nodes group that are created from this template. Only one of nodeTypeFlexibility and nodeType can be specified.

property nodeTypeFlexibility

nodeTypeFlexibility?: pulumi.Input<NodeTemplateNodeTypeFlexibility>;

Flexible properties for the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. Only one of nodeTypeFlexibility and nodeType can be specified. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where nodes using the node template will be created. If it is not provided, the provider region is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property serverBinding

serverBinding?: pulumi.Input<NodeTemplateServerBinding>;

The server binding policy for nodes using this template. Determines where the nodes should restart following a maintenance event. Structure is documented below.

interface PacketMirroringArgs

interface PacketMirroringArgs

The set of arguments for constructing a PacketMirroring resource.

property collectorIlb

collectorIlb: pulumi.Input<PacketMirroringCollectorIlb>;

The Forwarding Rule resource (of type load_balancing_scheme=INTERNAL) that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true. Structure is documented below.

property description

description?: pulumi.Input<string>;

A human-readable description of the rule.

property filter

filter?: pulumi.Input<PacketMirroringFilter>;

A filter for mirrored traffic. If unset, all traffic is mirrored. Structure is documented below.

property mirroredResources

mirroredResources: pulumi.Input<PacketMirroringMirroredResources>;

A means of specifying which resources to mirror. Structure is documented below.

property name

name?: pulumi.Input<string>;

The name of the packet mirroring rule

property network

network: pulumi.Input<PacketMirroringNetwork>;

Specifies the mirrored VPC network. Only packets in this network will be mirrored. All mirrored VMs should have a NIC in the given network. All mirrored subnetworks should belong to the given network. Structure is documented below.

property priority

priority?: pulumi.Input<number>;

Since only one rule can be active at a time, priority is used to break ties in the case of two rules that apply to the same instances.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The Region in which the created address should reside. If it is not provided, the provider region is used.

interface PacketMirroringState

interface PacketMirroringState

Input properties used for looking up and filtering PacketMirroring resources.

property collectorIlb

collectorIlb?: pulumi.Input<PacketMirroringCollectorIlb>;

The Forwarding Rule resource (of type load_balancing_scheme=INTERNAL) that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true. Structure is documented below.

property description

description?: pulumi.Input<string>;

A human-readable description of the rule.

property filter

filter?: pulumi.Input<PacketMirroringFilter>;

A filter for mirrored traffic. If unset, all traffic is mirrored. Structure is documented below.

property mirroredResources

mirroredResources?: pulumi.Input<PacketMirroringMirroredResources>;

A means of specifying which resources to mirror. Structure is documented below.

property name

name?: pulumi.Input<string>;

The name of the packet mirroring rule

property network

network?: pulumi.Input<PacketMirroringNetwork>;

Specifies the mirrored VPC network. Only packets in this network will be mirrored. All mirrored VMs should have a NIC in the given network. All mirrored subnetworks should belong to the given network. Structure is documented below.

property priority

priority?: pulumi.Input<number>;

Since only one rule can be active at a time, priority is used to break ties in the case of two rules that apply to the same instances.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The Region in which the created address should reside. If it is not provided, the provider region is used.

interface PerInstanceConfigArgs

interface PerInstanceConfigArgs

The set of arguments for constructing a PerInstanceConfig resource.

property instanceGroupManager

instanceGroupManager: pulumi.Input<string>;

The instance group manager this instance config is part of.

property minimalAction

minimalAction?: pulumi.Input<string>;

The minimal action to perform on the instance during an update. Default is NONE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property mostDisruptiveAllowedAction

mostDisruptiveAllowedAction?: pulumi.Input<string>;

The most disruptive action to perform on the instance during an update. Default is REPLACE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property name

name?: pulumi.Input<string>;

The name for this per-instance config and its corresponding instance.

property preservedState

preservedState?: pulumi.Input<PerInstanceConfigPreservedState>;

The preserved state for this instance. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property zone

zone: pulumi.Input<string>;

Zone where the containing instance group manager is located

interface PerInstanceConfigState

interface PerInstanceConfigState

Input properties used for looking up and filtering PerInstanceConfig resources.

property instanceGroupManager

instanceGroupManager?: pulumi.Input<string>;

The instance group manager this instance config is part of.

property minimalAction

minimalAction?: pulumi.Input<string>;

The minimal action to perform on the instance during an update. Default is NONE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property mostDisruptiveAllowedAction

mostDisruptiveAllowedAction?: pulumi.Input<string>;

The most disruptive action to perform on the instance during an update. Default is REPLACE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property name

name?: pulumi.Input<string>;

The name for this per-instance config and its corresponding instance.

property preservedState

preservedState?: pulumi.Input<PerInstanceConfigPreservedState>;

The preserved state for this instance. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property zone

zone?: pulumi.Input<string>;

Zone where the containing instance group manager is located

interface ProjectDefaultNetworkTierArgs

interface ProjectDefaultNetworkTierArgs

The set of arguments for constructing a ProjectDefaultNetworkTier resource.

property networkTier

networkTier: pulumi.Input<string>;

The default network tier to be configured for the project. This field can take the following values: PREMIUM or STANDARD.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface ProjectDefaultNetworkTierState

interface ProjectDefaultNetworkTierState

Input properties used for looking up and filtering ProjectDefaultNetworkTier resources.

property networkTier

networkTier?: pulumi.Input<string>;

The default network tier to be configured for the project. This field can take the following values: PREMIUM or STANDARD.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface ProjectMetadataArgs

interface ProjectMetadataArgs

The set of arguments for constructing a ProjectMetadata resource.

property metadata

metadata: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

A series of key value pairs.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface ProjectMetadataItemArgs

interface ProjectMetadataItemArgs

The set of arguments for constructing a ProjectMetadataItem resource.

property key

key: pulumi.Input<string>;

The metadata key to set.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property value

value: pulumi.Input<string>;

The value to set for the given metadata key.

interface ProjectMetadataItemState

interface ProjectMetadataItemState

Input properties used for looking up and filtering ProjectMetadataItem resources.

property key

key?: pulumi.Input<string>;

The metadata key to set.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property value

value?: pulumi.Input<string>;

The value to set for the given metadata key.

interface ProjectMetadataState

interface ProjectMetadataState

Input properties used for looking up and filtering ProjectMetadata resources.

property metadata

metadata?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

A series of key value pairs.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface RegionAutoscalerArgs

interface RegionAutoscalerArgs

The set of arguments for constructing a RegionAutoscaler resource.

property autoscalingPolicy

autoscalingPolicy: pulumi.Input<RegionAutoscalerAutoscalingPolicy>;

The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%. Structure is documented below.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

URL of the region where the instance group resides.

property target

target: pulumi.Input<string>;

Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.

interface RegionAutoscalerState

interface RegionAutoscalerState

Input properties used for looking up and filtering RegionAutoscaler resources.

property autoscalingPolicy

autoscalingPolicy?: pulumi.Input<RegionAutoscalerAutoscalingPolicy>;

The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%. Structure is documented below.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

URL of the region where the instance group resides.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property target

target?: pulumi.Input<string>;

Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.

interface RegionBackendServiceArgs

interface RegionBackendServiceArgs

The set of arguments for constructing a RegionBackendService resource.

property affinityCookieTtlSec

affinityCookieTtlSec?: pulumi.Input<number>;

Lifetime of cookies in seconds if sessionAffinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.

property backends

backends?: pulumi.Input<pulumi.Input<RegionBackendServiceBackend>[]>;

The set of backends that serve this RegionBackendService. Structure is documented below.

property circuitBreakers

circuitBreakers?: pulumi.Input<RegionBackendServiceCircuitBreakers>;

Settings controlling the volume of connections to a backend service. This field is applicable only when the loadBalancingScheme is set to INTERNAL_MANAGED and the protocol is set to HTTP, HTTPS, or HTTP2. Structure is documented below.

property connectionDrainingTimeoutSec

connectionDrainingTimeoutSec?: pulumi.Input<number>;

Time for which instance will be drained (not accept new connections, but still work to finish started).

property consistentHash

consistentHash?: pulumi.Input<RegionBackendServiceConsistentHash>;

Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies when all of the following are true -

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property failoverPolicy

failoverPolicy?: pulumi.Input<RegionBackendServiceFailoverPolicy>;

Policy for failovers. Structure is documented below.

property healthChecks

healthChecks: pulumi.Input<string>;

The set of URLs to HealthCheck resources for health checking this RegionBackendService. Currently at most one health check can be specified, and a health check is required.

property loadBalancingScheme

loadBalancingScheme?: pulumi.Input<string>;

Indicates what kind of load balancing this regional backend service will be used for. A backend service created for one type of load balancing cannot be used with the other(s).

property localityLbPolicy

localityLbPolicy?: pulumi.Input<string>;

The load balancing algorithm used within the scope of the locality. The possible values are - ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. RANDOM - The load balancer selects a random healthy host. ORIGINAL_DESTINATION - Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. MAGLEV - used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 This field is applicable only when the loadBalancingScheme is set to INTERNAL_MANAGED and the protocol is set to HTTP, HTTPS, or HTTP2.

property logConfig

logConfig?: pulumi.Input<RegionBackendServiceLogConfig>;

This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the cookie.

property network

network?: pulumi.Input<string>;

The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.

property outlierDetection

outlierDetection?: pulumi.Input<RegionBackendServiceOutlierDetection>;

Settings controlling eviction of unhealthy hosts from the load balancing pool. This field is applicable only when the loadBalancingScheme is set to INTERNAL_MANAGED and the protocol is set to HTTP, HTTPS, or HTTP2. Structure is documented below.

property portName

portName?: pulumi.Input<string>;

A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL, INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. API sets a default of “http” if not given. Must be omitted when the loadBalancingScheme is INTERNAL (Internal TCP/UDP Load Balancing).

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property protocol

protocol?: pulumi.Input<string>;

The protocol this RegionBackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API.

property region

region?: pulumi.Input<string>;

The Region in which the created backend service should reside. If it is not provided, the provider region is used.

property sessionAffinity

sessionAffinity?: pulumi.Input<string>;

Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds. Valid range is [1, 86400].

interface RegionBackendServiceState

interface RegionBackendServiceState

Input properties used for looking up and filtering RegionBackendService resources.

property affinityCookieTtlSec

affinityCookieTtlSec?: pulumi.Input<number>;

Lifetime of cookies in seconds if sessionAffinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.

property backends

backends?: pulumi.Input<pulumi.Input<RegionBackendServiceBackend>[]>;

The set of backends that serve this RegionBackendService. Structure is documented below.

property circuitBreakers

circuitBreakers?: pulumi.Input<RegionBackendServiceCircuitBreakers>;

Settings controlling the volume of connections to a backend service. This field is applicable only when the loadBalancingScheme is set to INTERNAL_MANAGED and the protocol is set to HTTP, HTTPS, or HTTP2. Structure is documented below.

property connectionDrainingTimeoutSec

connectionDrainingTimeoutSec?: pulumi.Input<number>;

Time for which instance will be drained (not accept new connections, but still work to finish started).

property consistentHash

consistentHash?: pulumi.Input<RegionBackendServiceConsistentHash>;

Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies when all of the following are true -

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property failoverPolicy

failoverPolicy?: pulumi.Input<RegionBackendServiceFailoverPolicy>;

Policy for failovers. Structure is documented below.

property fingerprint

fingerprint?: pulumi.Input<string>;

Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.

property healthChecks

healthChecks?: pulumi.Input<string>;

The set of URLs to HealthCheck resources for health checking this RegionBackendService. Currently at most one health check can be specified, and a health check is required.

property loadBalancingScheme

loadBalancingScheme?: pulumi.Input<string>;

Indicates what kind of load balancing this regional backend service will be used for. A backend service created for one type of load balancing cannot be used with the other(s).

property localityLbPolicy

localityLbPolicy?: pulumi.Input<string>;

The load balancing algorithm used within the scope of the locality. The possible values are - ROUND_ROBIN - This is a simple policy in which each healthy backend is selected in round robin order. LEAST_REQUEST - An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. RING_HASH - The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. RANDOM - The load balancer selects a random healthy host. ORIGINAL_DESTINATION - Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. MAGLEV - used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 This field is applicable only when the loadBalancingScheme is set to INTERNAL_MANAGED and the protocol is set to HTTP, HTTPS, or HTTP2.

property logConfig

logConfig?: pulumi.Input<RegionBackendServiceLogConfig>;

This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the cookie.

property network

network?: pulumi.Input<string>;

The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.

property outlierDetection

outlierDetection?: pulumi.Input<RegionBackendServiceOutlierDetection>;

Settings controlling eviction of unhealthy hosts from the load balancing pool. This field is applicable only when the loadBalancingScheme is set to INTERNAL_MANAGED and the protocol is set to HTTP, HTTPS, or HTTP2. Structure is documented below.

property portName

portName?: pulumi.Input<string>;

A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL, INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. API sets a default of “http” if not given. Must be omitted when the loadBalancingScheme is INTERNAL (Internal TCP/UDP Load Balancing).

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property protocol

protocol?: pulumi.Input<string>;

The protocol this RegionBackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API.

property region

region?: pulumi.Input<string>;

The Region in which the created backend service should reside. If it is not provided, the provider region is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sessionAffinity

sessionAffinity?: pulumi.Input<string>;

Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds. Valid range is [1, 86400].

interface RegionDiskArgs

interface RegionDiskArgs

The set of arguments for constructing a RegionDisk resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property diskEncryptionKey

diskEncryptionKey?: pulumi.Input<RegionDiskDiskEncryptionKey>;

Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Structure is documented below.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this disk. A list of key->value pairs.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property physicalBlockSizeBytes

physicalBlockSizeBytes?: pulumi.Input<number>;

Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Currently supported sizes are 4096 and 16384, other sizes may be added in the future. If an unsupported value is requested, the error message will list the supported values for the caller’s project.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

A reference to the region where the disk resides.

property replicaZones

replicaZones: pulumi.Input<pulumi.Input<string>[]>;

URLs of the zones where the disk should be replicated to.

property size

size?: pulumi.Input<number>;

Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the sourceImage or sourceSnapshot parameter, or specify it alone to create an empty persistent disk. If you specify this field along with sourceImage or sourceSnapshot, the value of sizeGb must not be less than the size of the sourceImage or the size of the snapshot.

property snapshot

snapshot?: pulumi.Input<string>;

The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: * https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot * projects/project/global/snapshots/snapshot * global/snapshots/snapshot * snapshot

property sourceSnapshotEncryptionKey

sourceSnapshotEncryptionKey?: pulumi.Input<RegionDiskSourceSnapshotEncryptionKey>;

The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

property type

type?: pulumi.Input<string>;

URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk.

interface RegionDiskResourcePolicyAttachmentArgs

interface RegionDiskResourcePolicyAttachmentArgs

The set of arguments for constructing a RegionDiskResourcePolicyAttachment resource.

property disk

disk: pulumi.Input<string>;

The name of the regional disk in which the resource policies are attached to.

property name

name?: pulumi.Input<string>;

The resource policy to be attached to the disk for scheduling snapshot creation. Do not specify the self link.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

A reference to the region where the disk resides.

interface RegionDiskResourcePolicyAttachmentState

interface RegionDiskResourcePolicyAttachmentState

Input properties used for looking up and filtering RegionDiskResourcePolicyAttachment resources.

property disk

disk?: pulumi.Input<string>;

The name of the regional disk in which the resource policies are attached to.

property name

name?: pulumi.Input<string>;

The resource policy to be attached to the disk for scheduling snapshot creation. Do not specify the self link.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

A reference to the region where the disk resides.

interface RegionDiskState

interface RegionDiskState

Input properties used for looking up and filtering RegionDisk resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property diskEncryptionKey

diskEncryptionKey?: pulumi.Input<RegionDiskDiskEncryptionKey>;

Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Structure is documented below.

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this disk. A list of key->value pairs.

property lastAttachTimestamp

lastAttachTimestamp?: pulumi.Input<string>;

Last attach timestamp in RFC3339 text format.

property lastDetachTimestamp

lastDetachTimestamp?: pulumi.Input<string>;

Last detach timestamp in RFC3339 text format.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property physicalBlockSizeBytes

physicalBlockSizeBytes?: pulumi.Input<number>;

Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Currently supported sizes are 4096 and 16384, other sizes may be added in the future. If an unsupported value is requested, the error message will list the supported values for the caller’s project.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

A reference to the region where the disk resides.

property replicaZones

replicaZones?: pulumi.Input<pulumi.Input<string>[]>;

URLs of the zones where the disk should be replicated to.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property size

size?: pulumi.Input<number>;

Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the sourceImage or sourceSnapshot parameter, or specify it alone to create an empty persistent disk. If you specify this field along with sourceImage or sourceSnapshot, the value of sizeGb must not be less than the size of the sourceImage or the size of the snapshot.

property snapshot

snapshot?: pulumi.Input<string>;

The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: * https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot * projects/project/global/snapshots/snapshot * global/snapshots/snapshot * snapshot

property sourceSnapshotEncryptionKey

sourceSnapshotEncryptionKey?: pulumi.Input<RegionDiskSourceSnapshotEncryptionKey>;

The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

property sourceSnapshotId

sourceSnapshotId?: pulumi.Input<string>;

The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.

property type

type?: pulumi.Input<string>;

URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk.

property users

users?: pulumi.Input<pulumi.Input<string>[]>;

Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance

interface RegionHealthCheckArgs

interface RegionHealthCheckArgs

The set of arguments for constructing a RegionHealthCheck resource.

property checkIntervalSec

checkIntervalSec?: pulumi.Input<number>;

How often (in seconds) to send a health check. The default value is 5 seconds.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

healthyThreshold?: pulumi.Input<number>;

A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property http2HealthCheck

http2HealthCheck?: pulumi.Input<RegionHealthCheckHttp2HealthCheck>;

A nested object resource Structure is documented below.

property httpHealthCheck

httpHealthCheck?: pulumi.Input<RegionHealthCheckHttpHealthCheck>;

A nested object resource Structure is documented below.

property httpsHealthCheck

httpsHealthCheck?: pulumi.Input<RegionHealthCheckHttpsHealthCheck>;

A nested object resource Structure is documented below.

property logConfig

logConfig?: pulumi.Input<RegionHealthCheckLogConfig>;

Configure logging on this health check. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The Region in which the created health check should reside. If it is not provided, the provider region is used.

property sslHealthCheck

sslHealthCheck?: pulumi.Input<RegionHealthCheckSslHealthCheck>;

A nested object resource Structure is documented below.

property tcpHealthCheck

tcpHealthCheck?: pulumi.Input<RegionHealthCheckTcpHealthCheck>;

A nested object resource Structure is documented below.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property unhealthyThreshold

unhealthyThreshold?: pulumi.Input<number>;

A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

interface RegionHealthCheckState

interface RegionHealthCheckState

Input properties used for looking up and filtering RegionHealthCheck resources.

property checkIntervalSec

checkIntervalSec?: pulumi.Input<number>;

How often (in seconds) to send a health check. The default value is 5 seconds.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property healthyThreshold

healthyThreshold?: pulumi.Input<number>;

A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.

property http2HealthCheck

http2HealthCheck?: pulumi.Input<RegionHealthCheckHttp2HealthCheck>;

A nested object resource Structure is documented below.

property httpHealthCheck

httpHealthCheck?: pulumi.Input<RegionHealthCheckHttpHealthCheck>;

A nested object resource Structure is documented below.

property httpsHealthCheck

httpsHealthCheck?: pulumi.Input<RegionHealthCheckHttpsHealthCheck>;

A nested object resource Structure is documented below.

property logConfig

logConfig?: pulumi.Input<RegionHealthCheckLogConfig>;

Configure logging on this health check. Structure is documented below.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The Region in which the created health check should reside. If it is not provided, the provider region is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sslHealthCheck

sslHealthCheck?: pulumi.Input<RegionHealthCheckSslHealthCheck>;

A nested object resource Structure is documented below.

property tcpHealthCheck

tcpHealthCheck?: pulumi.Input<RegionHealthCheckTcpHealthCheck>;

A nested object resource Structure is documented below.

property timeoutSec

timeoutSec?: pulumi.Input<number>;

How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.

property type

type?: pulumi.Input<string>;

The type of the health check. One of HTTP, HTTP2, HTTPS, TCP, or SSL.

property unhealthyThreshold

unhealthyThreshold?: pulumi.Input<number>;

A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.

interface RegionInstanceGroupManagerArgs

interface RegionInstanceGroupManagerArgs

The set of arguments for constructing a RegionInstanceGroupManager resource.

property autoHealingPolicies

autoHealingPolicies?: pulumi.Input<RegionInstanceGroupManagerAutoHealingPolicies>;

The autohealing policies for this managed instance group. You can specify only one value. Structure is documented below. For more information, see the official documentation.

property baseInstanceName

baseInstanceName: pulumi.Input<string>;

The base instance name to use for instances in this group. The value must be a valid RFC1035 name. Supported characters are lowercase letters, numbers, and hyphens (-). Instances are named by appending a hyphen and a random four-character string to the base instance name.

property description

description?: pulumi.Input<string>;

An optional textual description of the instance group manager.

property distributionPolicyZones

distributionPolicyZones?: pulumi.Input<pulumi.Input<string>[]>;

The distribution policy for this managed instance group. You can specify one or more values. For more information, see the official documentation.

property name

name?: pulumi.Input<string>;
  • Version name.

property namedPorts

namedPorts?: pulumi.Input<pulumi.Input<RegionInstanceGroupManagerNamedPort>[]>;

The named port configuration. See the section below for details on configuration.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region: pulumi.Input<string>;

The region where the managed instance group resides.

property statefulDisks

statefulDisks?: pulumi.Input<pulumi.Input<RegionInstanceGroupManagerStatefulDisk>[]>;

Disks created on the instances that will be preserved on instance delete, update, etc. Structure is documented below. For more information see the official documentation. Proactive cross zone instance redistribution must be disabled before you can update stateful disks on existing instance group managers. This can be controlled via the updatePolicy.

property targetPools

targetPools?: pulumi.Input<pulumi.Input<string>[]>;

The full URL of all target pools to which new instances in the group are added. Updating the target pools attribute does not affect existing instances.

property targetSize

targetSize?: pulumi.Input<number>;
  • The number of instances calculated as a fixed number or a percentage depending on the settings. Structure is documented below.

property updatePolicy

updatePolicy?: pulumi.Input<RegionInstanceGroupManagerUpdatePolicy>;

The update policy for this managed instance group. Structure is documented below. For more information, see the official documentation and API

property versions

versions: pulumi.Input<pulumi.Input<RegionInstanceGroupManagerVersion>[]>;

Application versions managed by this instance group. Each version deals with a specific instance template, allowing canary release scenarios. Structure is documented below.

property waitForInstances

waitForInstances?: pulumi.Input<boolean>;

Whether to wait for all instances to be created/updated before returning. Note that if this is set to true and the operation does not succeed, the provider will continue trying until it times out.

interface RegionInstanceGroupManagerState

interface RegionInstanceGroupManagerState

Input properties used for looking up and filtering RegionInstanceGroupManager resources.

property autoHealingPolicies

autoHealingPolicies?: pulumi.Input<RegionInstanceGroupManagerAutoHealingPolicies>;

The autohealing policies for this managed instance group. You can specify only one value. Structure is documented below. For more information, see the official documentation.

property baseInstanceName

baseInstanceName?: pulumi.Input<string>;

The base instance name to use for instances in this group. The value must be a valid RFC1035 name. Supported characters are lowercase letters, numbers, and hyphens (-). Instances are named by appending a hyphen and a random four-character string to the base instance name.

property description

description?: pulumi.Input<string>;

An optional textual description of the instance group manager.

property distributionPolicyZones

distributionPolicyZones?: pulumi.Input<pulumi.Input<string>[]>;

The distribution policy for this managed instance group. You can specify one or more values. For more information, see the official documentation.

property fingerprint

fingerprint?: pulumi.Input<string>;

The fingerprint of the instance group manager.

property instanceGroup

instanceGroup?: pulumi.Input<string>;

The full URL of the instance group created by the manager.

property name

name?: pulumi.Input<string>;
  • Version name.

property namedPorts

namedPorts?: pulumi.Input<pulumi.Input<RegionInstanceGroupManagerNamedPort>[]>;

The named port configuration. See the section below for details on configuration.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The region where the managed instance group resides.

selfLink?: pulumi.Input<string>;

The URL of the created resource.

property statefulDisks

statefulDisks?: pulumi.Input<pulumi.Input<RegionInstanceGroupManagerStatefulDisk>[]>;

Disks created on the instances that will be preserved on instance delete, update, etc. Structure is documented below. For more information see the official documentation. Proactive cross zone instance redistribution must be disabled before you can update stateful disks on existing instance group managers. This can be controlled via the updatePolicy.

property targetPools

targetPools?: pulumi.Input<pulumi.Input<string>[]>;

The full URL of all target pools to which new instances in the group are added. Updating the target pools attribute does not affect existing instances.

property targetSize

targetSize?: pulumi.Input<number>;
  • The number of instances calculated as a fixed number or a percentage depending on the settings. Structure is documented below.

property updatePolicy

updatePolicy?: pulumi.Input<RegionInstanceGroupManagerUpdatePolicy>;

The update policy for this managed instance group. Structure is documented below. For more information, see the official documentation and API

property versions

versions?: pulumi.Input<pulumi.Input<RegionInstanceGroupManagerVersion>[]>;

Application versions managed by this instance group. Each version deals with a specific instance template, allowing canary release scenarios. Structure is documented below.

property waitForInstances

waitForInstances?: pulumi.Input<boolean>;

Whether to wait for all instances to be created/updated before returning. Note that if this is set to true and the operation does not succeed, the provider will continue trying until it times out.

interface RegionPerInstanceConfigArgs

interface RegionPerInstanceConfigArgs

The set of arguments for constructing a RegionPerInstanceConfig resource.

property minimalAction

minimalAction?: pulumi.Input<string>;

The minimal action to perform on the instance during an update. Default is NONE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property mostDisruptiveAllowedAction

mostDisruptiveAllowedAction?: pulumi.Input<string>;

The most disruptive action to perform on the instance during an update. Default is REPLACE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property name

name?: pulumi.Input<string>;

The name for this per-instance config and its corresponding instance.

property preservedState

preservedState?: pulumi.Input<RegionPerInstanceConfigPreservedState>;

The preserved state for this instance. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region: pulumi.Input<string>;

Region where the containing instance group manager is located

property regionInstanceGroupManager

regionInstanceGroupManager: pulumi.Input<string>;

The region instance group manager this instance config is part of.

interface RegionPerInstanceConfigState

interface RegionPerInstanceConfigState

Input properties used for looking up and filtering RegionPerInstanceConfig resources.

property minimalAction

minimalAction?: pulumi.Input<string>;

The minimal action to perform on the instance during an update. Default is NONE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property mostDisruptiveAllowedAction

mostDisruptiveAllowedAction?: pulumi.Input<string>;

The most disruptive action to perform on the instance during an update. Default is REPLACE. Possible values are: * REPLACE * RESTART * REFRESH * NONE

property name

name?: pulumi.Input<string>;

The name for this per-instance config and its corresponding instance.

property preservedState

preservedState?: pulumi.Input<RegionPerInstanceConfigPreservedState>;

The preserved state for this instance. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where the containing instance group manager is located

property regionInstanceGroupManager

regionInstanceGroupManager?: pulumi.Input<string>;

The region instance group manager this instance config is part of.

interface RegionSslCertificateArgs

interface RegionSslCertificateArgs

The set of arguments for constructing a RegionSslCertificate resource.

property certificate

certificate: pulumi.Input<string>;

The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property namePrefix

namePrefix?: pulumi.Input<string>;

Creates a unique name beginning with the specified prefix. Conflicts with name.

property privateKey

privateKey: pulumi.Input<string>;

The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The Region in which the created regional ssl certificate should reside. If it is not provided, the provider region is used.

interface RegionSslCertificateState

interface RegionSslCertificateState

Input properties used for looking up and filtering RegionSslCertificate resources.

property certificate

certificate?: pulumi.Input<string>;

The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.

property certificateId

certificateId?: pulumi.Input<number>;

The unique identifier for the resource.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property namePrefix

namePrefix?: pulumi.Input<string>;

Creates a unique name beginning with the specified prefix. Conflicts with name.

property privateKey

privateKey?: pulumi.Input<string>;

The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The Region in which the created regional ssl certificate should reside. If it is not provided, the provider region is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface RegionTargetHttpProxyArgs

interface RegionTargetHttpProxyArgs

The set of arguments for constructing a RegionTargetHttpProxy resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.

property urlMap

urlMap: pulumi.Input<string>;

A reference to the RegionUrlMap resource that defines the mapping from URL to the BackendService.

interface RegionTargetHttpProxyState

interface RegionTargetHttpProxyState

Input properties used for looking up and filtering RegionTargetHttpProxy resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyId

proxyId?: pulumi.Input<number>;

The unique identifier for the resource.

property region

region?: pulumi.Input<string>;

The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property urlMap

urlMap?: pulumi.Input<string>;

A reference to the RegionUrlMap resource that defines the mapping from URL to the BackendService.

interface RegionTargetHttpsProxyArgs

interface RegionTargetHttpsProxyArgs

The set of arguments for constructing a RegionTargetHttpsProxy resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.

property sslCertificates

sslCertificates: pulumi.Input<pulumi.Input<string>[]>;

A list of RegionSslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.

property urlMap

urlMap: pulumi.Input<string>;

A reference to the RegionUrlMap resource that defines the mapping from URL to the RegionBackendService.

interface RegionTargetHttpsProxyState

interface RegionTargetHttpsProxyState

Input properties used for looking up and filtering RegionTargetHttpsProxy resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyId

proxyId?: pulumi.Input<number>;

The unique identifier for the resource.

property region

region?: pulumi.Input<string>;

The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sslCertificates

sslCertificates?: pulumi.Input<pulumi.Input<string>[]>;

A list of RegionSslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.

property urlMap

urlMap?: pulumi.Input<string>;

A reference to the RegionUrlMap resource that defines the mapping from URL to the RegionBackendService.

interface RegionUrlMapArgs

interface RegionUrlMapArgs

The set of arguments for constructing a RegionUrlMap resource.

property defaultService

defaultService?: pulumi.Input<string>;

A reference to a RegionBackendService resource. This will be used if none of the pathRules defined by this PathMatcher is matched by the URL’s path portion.

property defaultUrlRedirect

defaultUrlRedirect?: pulumi.Input<RegionUrlMapDefaultUrlRedirect>;

When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Structure is documented below.

property description

description?: pulumi.Input<string>;

Description of this test case.

property hostRules

hostRules?: pulumi.Input<pulumi.Input<RegionUrlMapHostRule>[]>;

The list of HostRules to use against the URL. Structure is documented below.

property name

name?: pulumi.Input<string>;

The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.

property pathMatchers

pathMatchers?: pulumi.Input<pulumi.Input<RegionUrlMapPathMatcher>[]>;

The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL’s host portion.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The Region in which the url map should reside. If it is not provided, the provider region is used.

property tests

tests?: pulumi.Input<pulumi.Input<RegionUrlMapTest>[]>;

The list of expected URL mappings. Requests to update this UrlMap will succeed only if all of the test cases pass. Structure is documented below.

interface RegionUrlMapState

interface RegionUrlMapState

Input properties used for looking up and filtering RegionUrlMap resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property defaultService

defaultService?: pulumi.Input<string>;

A reference to a RegionBackendService resource. This will be used if none of the pathRules defined by this PathMatcher is matched by the URL’s path portion.

property defaultUrlRedirect

defaultUrlRedirect?: pulumi.Input<RegionUrlMapDefaultUrlRedirect>;

When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Structure is documented below.

property description

description?: pulumi.Input<string>;

Description of this test case.

property fingerprint

fingerprint?: pulumi.Input<string>;

Fingerprint of this resource. This field is used internally during updates of this resource.

property hostRules

hostRules?: pulumi.Input<pulumi.Input<RegionUrlMapHostRule>[]>;

The list of HostRules to use against the URL. Structure is documented below.

property mapId

mapId?: pulumi.Input<number>;

The unique identifier for the resource.

property name

name?: pulumi.Input<string>;

The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.

property pathMatchers

pathMatchers?: pulumi.Input<pulumi.Input<RegionUrlMapPathMatcher>[]>;

The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL’s host portion.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The Region in which the url map should reside. If it is not provided, the provider region is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property tests

tests?: pulumi.Input<pulumi.Input<RegionUrlMapTest>[]>;

The list of expected URL mappings. Requests to update this UrlMap will succeed only if all of the test cases pass. Structure is documented below.

interface ReservationArgs

interface ReservationArgs

The set of arguments for constructing a Reservation resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property specificReservation

specificReservation: pulumi.Input<ReservationSpecificReservation>;

Reservation for instances with specific machine shapes. Structure is documented below.

property specificReservationRequired

specificReservationRequired?: pulumi.Input<boolean>;

When set to true, only VMs that target this reservation by name can consume this reservation. Otherwise, it can be consumed by VMs with affinity for any reservation. Defaults to false.

property zone

zone: pulumi.Input<string>;

The zone where the reservation is made.

interface ReservationState

interface ReservationState

Input properties used for looking up and filtering Reservation resources.

property commitment

commitment?: pulumi.Input<string>;

Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property specificReservation

specificReservation?: pulumi.Input<ReservationSpecificReservation>;

Reservation for instances with specific machine shapes. Structure is documented below.

property specificReservationRequired

specificReservationRequired?: pulumi.Input<boolean>;

When set to true, only VMs that target this reservation by name can consume this reservation. Otherwise, it can be consumed by VMs with affinity for any reservation. Defaults to false.

property status

status?: pulumi.Input<string>;

The status of the reservation.

property zone

zone?: pulumi.Input<string>;

The zone where the reservation is made.

interface ResourcePolicyArgs

interface ResourcePolicyArgs

The set of arguments for constructing a ResourcePolicy resource.

property groupPlacementPolicy

groupPlacementPolicy?: pulumi.Input<ResourcePolicyGroupPlacementPolicy>;

Policy for creating snapshots of persistent disks. Structure is documented below.

property name

name?: pulumi.Input<string>;

The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where resource policy resides.

property snapshotSchedulePolicy

snapshotSchedulePolicy?: pulumi.Input<ResourcePolicySnapshotSchedulePolicy>;

Policy for creating snapshots of persistent disks. Structure is documented below.

interface ResourcePolicyState

interface ResourcePolicyState

Input properties used for looking up and filtering ResourcePolicy resources.

property groupPlacementPolicy

groupPlacementPolicy?: pulumi.Input<ResourcePolicyGroupPlacementPolicy>;

Policy for creating snapshots of persistent disks. Structure is documented below.

property name

name?: pulumi.Input<string>;

The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where resource policy resides.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property snapshotSchedulePolicy

snapshotSchedulePolicy?: pulumi.Input<ResourcePolicySnapshotSchedulePolicy>;

Policy for creating snapshots of persistent disks. Structure is documented below.

interface RouteArgs

interface RouteArgs

The set of arguments for constructing a Route resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property destRange

destRange: pulumi.Input<string>;

The destination range of outgoing packets that this route applies to. Only IPv4 is supported.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network: pulumi.Input<string>;

The network that this route applies to.

property nextHopGateway

nextHopGateway?: pulumi.Input<string>;

URL to a gateway that should handle matching packets. Currently, you can only specify the internet gateway, using a full or partial valid URL: * https://www.googleapis.com/compute/v1/projects/project/global/gateways/default-internet-gateway * projects/project/global/gateways/default-internet-gateway * global/gateways/default-internet-gateway * The string default-internet-gateway.

property nextHopIlb

nextHopIlb?: pulumi.Input<string>;

The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets. You can only specify the forwarding rule as a partial or full URL. For example, the following are all valid URLs: https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule regions/region/forwardingRules/forwardingRule Note that this can only be used when the destinationRange is a public (non-RFC 1918) IP CIDR range.

property nextHopInstance

nextHopInstance?: pulumi.Input<string>;

URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: * https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance * projects/project/zones/zone/instances/instance * zones/zone/instances/instance * Just the instance name, with the zone in nextHopInstanceZone.

property nextHopInstanceZone

nextHopInstanceZone?: pulumi.Input<string>;

(Optional when nextHopInstance is specified) The zone of the instance specified in nextHopInstance. Omit if nextHopInstance is specified as a URL.

property nextHopIp

nextHopIp?: pulumi.Input<string>;

Network IP address of an instance that should handle matching packets.

property nextHopVpnTunnel

nextHopVpnTunnel?: pulumi.Input<string>;

URL to a VpnTunnel that should handle matching packets.

property priority

priority?: pulumi.Input<number>;

The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In the case of two routes with equal prefix length, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property tags

tags?: pulumi.Input<pulumi.Input<string>[]>;

A list of instance tags to which this route applies.

interface RouterArgs

interface RouterArgs

The set of arguments for constructing a Router resource.

property bgp

bgp?: pulumi.Input<RouterBgp>;

BGP information specific to this router. Structure is documented below.

property description

description?: pulumi.Input<string>;

User-specified description for the IP range.

property name

name?: pulumi.Input<string>;

Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network: pulumi.Input<string>;

A reference to the network to which this router belongs.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where the router resides.

interface RouterInterfaceArgs

interface RouterInterfaceArgs

The set of arguments for constructing a RouterInterface resource.

property interconnectAttachment

interconnectAttachment?: pulumi.Input<string>;

The name or resource link to the VLAN interconnect for this interface. Changing this forces a new interface to be created. Only one of vpnTunnel and interconnectAttachment can be specified.

property ipRange

ipRange?: pulumi.Input<string>;

IP address and range of the interface. The IP range must be in the RFC3927 link-local IP space. Changing this forces a new interface to be created.

property name

name?: pulumi.Input<string>;

A unique name for the interface, required by GCE. Changing this forces a new interface to be created.

property project

project?: pulumi.Input<string>;

The ID of the project in which this interface’s router belongs. If it is not provided, the provider project is used. Changing this forces a new interface to be created.

property region

region?: pulumi.Input<string>;

The region this interface’s router sits in. If not specified, the project region will be used. Changing this forces a new interface to be created.

property router

router: pulumi.Input<string>;

The name of the router this interface will be attached to. Changing this forces a new interface to be created.

property vpnTunnel

vpnTunnel?: pulumi.Input<string>;

The name or resource link to the VPN tunnel this interface will be linked to. Changing this forces a new interface to be created. Only one of vpnTunnel and interconnectAttachment can be specified.

interface RouterInterfaceState

interface RouterInterfaceState

Input properties used for looking up and filtering RouterInterface resources.

property interconnectAttachment

interconnectAttachment?: pulumi.Input<string>;

The name or resource link to the VLAN interconnect for this interface. Changing this forces a new interface to be created. Only one of vpnTunnel and interconnectAttachment can be specified.

property ipRange

ipRange?: pulumi.Input<string>;

IP address and range of the interface. The IP range must be in the RFC3927 link-local IP space. Changing this forces a new interface to be created.

property name

name?: pulumi.Input<string>;

A unique name for the interface, required by GCE. Changing this forces a new interface to be created.

property project

project?: pulumi.Input<string>;

The ID of the project in which this interface’s router belongs. If it is not provided, the provider project is used. Changing this forces a new interface to be created.

property region

region?: pulumi.Input<string>;

The region this interface’s router sits in. If not specified, the project region will be used. Changing this forces a new interface to be created.

property router

router?: pulumi.Input<string>;

The name of the router this interface will be attached to. Changing this forces a new interface to be created.

property vpnTunnel

vpnTunnel?: pulumi.Input<string>;

The name or resource link to the VPN tunnel this interface will be linked to. Changing this forces a new interface to be created. Only one of vpnTunnel and interconnectAttachment can be specified.

interface RouterNatArgs

interface RouterNatArgs

The set of arguments for constructing a RouterNat resource.

property drainNatIps

drainNatIps?: pulumi.Input<pulumi.Input<string>[]>;

A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.

property icmpIdleTimeoutSec

icmpIdleTimeoutSec?: pulumi.Input<number>;

Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.

property logConfig

logConfig?: pulumi.Input<RouterNatLogConfig>;

Configuration for logging on NAT Structure is documented below.

property minPortsPerVm

minPortsPerVm?: pulumi.Input<number>;

Minimum number of ports allocated to a VM from this NAT.

property name

name?: pulumi.Input<string>;

Self-link of subnetwork to NAT

property natIpAllocateOption

natIpAllocateOption: pulumi.Input<string>;

How external IPs should be allocated for this NAT. Valid values are AUTO_ONLY for only allowing NAT IPs allocated by Google Cloud Platform, or MANUAL_ONLY for only user-allocated NAT IP addresses.

property natIps

natIps?: pulumi.Input<pulumi.Input<string>[]>;

Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where the router and NAT reside.

property router

router: pulumi.Input<string>;

The name of the Cloud Router in which this NAT will be configured.

property sourceSubnetworkIpRangesToNat

sourceSubnetworkIpRangesToNat: pulumi.Input<string>;

How NAT should be configured per Subnetwork. If ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. If ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat. LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region.

property subnetworks

subnetworks?: pulumi.Input<pulumi.Input<RouterNatSubnetwork>[]>;

One or more subnetwork NAT configurations. Only used if sourceSubnetworkIpRangesToNat is set to LIST_OF_SUBNETWORKS Structure is documented below.

property tcpEstablishedIdleTimeoutSec

tcpEstablishedIdleTimeoutSec?: pulumi.Input<number>;

Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.

property tcpTransitoryIdleTimeoutSec

tcpTransitoryIdleTimeoutSec?: pulumi.Input<number>;

Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.

property udpIdleTimeoutSec

udpIdleTimeoutSec?: pulumi.Input<number>;

Timeout (in seconds) for UDP connections. Defaults to 30s if not set.

interface RouterNatState

interface RouterNatState

Input properties used for looking up and filtering RouterNat resources.

property drainNatIps

drainNatIps?: pulumi.Input<pulumi.Input<string>[]>;

A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT.

property icmpIdleTimeoutSec

icmpIdleTimeoutSec?: pulumi.Input<number>;

Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.

property logConfig

logConfig?: pulumi.Input<RouterNatLogConfig>;

Configuration for logging on NAT Structure is documented below.

property minPortsPerVm

minPortsPerVm?: pulumi.Input<number>;

Minimum number of ports allocated to a VM from this NAT.

property name

name?: pulumi.Input<string>;

Self-link of subnetwork to NAT

property natIpAllocateOption

natIpAllocateOption?: pulumi.Input<string>;

How external IPs should be allocated for this NAT. Valid values are AUTO_ONLY for only allowing NAT IPs allocated by Google Cloud Platform, or MANUAL_ONLY for only user-allocated NAT IP addresses.

property natIps

natIps?: pulumi.Input<pulumi.Input<string>[]>;

Self-links of NAT IPs. Only valid if natIpAllocateOption is set to MANUAL_ONLY.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where the router and NAT reside.

property router

router?: pulumi.Input<string>;

The name of the Cloud Router in which this NAT will be configured.

property sourceSubnetworkIpRangesToNat

sourceSubnetworkIpRangesToNat?: pulumi.Input<string>;

How NAT should be configured per Subnetwork. If ALL_SUBNETWORKS_ALL_IP_RANGES, all of the IP ranges in every Subnetwork are allowed to Nat. If ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, all of the primary IP ranges in every Subnetwork are allowed to Nat. LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below). Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other RouterNat section in any Router for this network in this region.

property subnetworks

subnetworks?: pulumi.Input<pulumi.Input<RouterNatSubnetwork>[]>;

One or more subnetwork NAT configurations. Only used if sourceSubnetworkIpRangesToNat is set to LIST_OF_SUBNETWORKS Structure is documented below.

property tcpEstablishedIdleTimeoutSec

tcpEstablishedIdleTimeoutSec?: pulumi.Input<number>;

Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.

property tcpTransitoryIdleTimeoutSec

tcpTransitoryIdleTimeoutSec?: pulumi.Input<number>;

Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.

property udpIdleTimeoutSec

udpIdleTimeoutSec?: pulumi.Input<number>;

Timeout (in seconds) for UDP connections. Defaults to 30s if not set.

interface RouterPeerArgs

interface RouterPeerArgs

The set of arguments for constructing a RouterPeer resource.

property advertiseMode

advertiseMode?: pulumi.Input<string>;

User-specified flag to indicate which mode to use for advertisement. Valid values of this enum field are: DEFAULT, CUSTOM

property advertisedGroups

advertisedGroups?: pulumi.Input<pulumi.Input<string>[]>;

User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: * ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. * ALL_VPC_SUBNETS: Advertises the router’s own VPC subnets. * ALL_PEER_VPC_SUBNETS: Advertises peer subnets of the router’s VPC network.

property advertisedIpRanges

advertisedIpRanges?: pulumi.Input<pulumi.Input<RouterPeerAdvertisedIpRange>[]>;

User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges. Structure is documented below.

property advertisedRoutePriority

advertisedRoutePriority?: pulumi.Input<number>;

The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.

property interface

interface: pulumi.Input<string>;

Name of the interface the BGP peer is associated with.

property name

name?: pulumi.Input<string>;

Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property peerAsn

peerAsn: pulumi.Input<number>;

Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.

property peerIpAddress

peerIpAddress: pulumi.Input<string>;

IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where the router and BgpPeer reside. If it is not provided, the provider region is used.

property router

router: pulumi.Input<string>;

The name of the Cloud Router in which this BgpPeer will be configured.

interface RouterPeerState

interface RouterPeerState

Input properties used for looking up and filtering RouterPeer resources.

property advertiseMode

advertiseMode?: pulumi.Input<string>;

User-specified flag to indicate which mode to use for advertisement. Valid values of this enum field are: DEFAULT, CUSTOM

property advertisedGroups

advertisedGroups?: pulumi.Input<pulumi.Input<string>[]>;

User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: * ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. * ALL_VPC_SUBNETS: Advertises the router’s own VPC subnets. * ALL_PEER_VPC_SUBNETS: Advertises peer subnets of the router’s VPC network.

property advertisedIpRanges

advertisedIpRanges?: pulumi.Input<pulumi.Input<RouterPeerAdvertisedIpRange>[]>;

User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges. Structure is documented below.

property advertisedRoutePriority

advertisedRoutePriority?: pulumi.Input<number>;

The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.

property interface

interface?: pulumi.Input<string>;

Name of the interface the BGP peer is associated with.

property ipAddress

ipAddress?: pulumi.Input<string>;

IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.

property managementType

managementType?: pulumi.Input<string>;

The resource that configures and manages this BGP peer. * ‘MANAGED_BY_USER’ is the default value and can be managed by you or other users * ‘MANAGED_BY_ATTACHMENT’ is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.

property name

name?: pulumi.Input<string>;

Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property peerAsn

peerAsn?: pulumi.Input<number>;

Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.

property peerIpAddress

peerIpAddress?: pulumi.Input<string>;

IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where the router and BgpPeer reside. If it is not provided, the provider region is used.

property router

router?: pulumi.Input<string>;

The name of the Cloud Router in which this BgpPeer will be configured.

interface RouterState

interface RouterState

Input properties used for looking up and filtering Router resources.

property bgp

bgp?: pulumi.Input<RouterBgp>;

BGP information specific to this router. Structure is documented below.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

User-specified description for the IP range.

property name

name?: pulumi.Input<string>;

Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network?: pulumi.Input<string>;

A reference to the network to which this router belongs.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Region where the router resides.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface RouteState

interface RouteState

Input properties used for looking up and filtering Route resources.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource.

property destRange

destRange?: pulumi.Input<string>;

The destination range of outgoing packets that this route applies to. Only IPv4 is supported.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network?: pulumi.Input<string>;

The network that this route applies to.

property nextHopGateway

nextHopGateway?: pulumi.Input<string>;

URL to a gateway that should handle matching packets. Currently, you can only specify the internet gateway, using a full or partial valid URL: * https://www.googleapis.com/compute/v1/projects/project/global/gateways/default-internet-gateway * projects/project/global/gateways/default-internet-gateway * global/gateways/default-internet-gateway * The string default-internet-gateway.

property nextHopIlb

nextHopIlb?: pulumi.Input<string>;

The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets. You can only specify the forwarding rule as a partial or full URL. For example, the following are all valid URLs: https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule regions/region/forwardingRules/forwardingRule Note that this can only be used when the destinationRange is a public (non-RFC 1918) IP CIDR range.

property nextHopInstance

nextHopInstance?: pulumi.Input<string>;

URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: * https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance * projects/project/zones/zone/instances/instance * zones/zone/instances/instance * Just the instance name, with the zone in nextHopInstanceZone.

property nextHopInstanceZone

nextHopInstanceZone?: pulumi.Input<string>;

(Optional when nextHopInstance is specified) The zone of the instance specified in nextHopInstance. Omit if nextHopInstance is specified as a URL.

property nextHopIp

nextHopIp?: pulumi.Input<string>;

Network IP address of an instance that should handle matching packets.

property nextHopNetwork

nextHopNetwork?: pulumi.Input<string>;

URL to a Network that should handle matching packets.

property nextHopVpnTunnel

nextHopVpnTunnel?: pulumi.Input<string>;

URL to a VpnTunnel that should handle matching packets.

property priority

priority?: pulumi.Input<number>;

The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In the case of two routes with equal prefix length, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property tags

tags?: pulumi.Input<pulumi.Input<string>[]>;

A list of instance tags to which this route applies.

interface SecurityPolicyArgs

interface SecurityPolicyArgs

The set of arguments for constructing a SecurityPolicy resource.

property description

description?: pulumi.Input<string>;

An optional description of this rule. Max size is 64.

property name

name?: pulumi.Input<string>;

The name of the security policy.

property project

project?: pulumi.Input<string>;

The project in which the resource belongs. If it is not provided, the provider project is used.

property rules

rules?: pulumi.Input<pulumi.Input<SecurityPolicyRule>[]>;

The set of rules that belong to this policy. There must always be a default rule (rule with priority 2147483647 and match “*”). If no rules are provided when creating a security policy, a default rule with action “allow” will be added. Structure is documented below.

interface SecurityPolicyState

interface SecurityPolicyState

Input properties used for looking up and filtering SecurityPolicy resources.

property description

description?: pulumi.Input<string>;

An optional description of this rule. Max size is 64.

property fingerprint

fingerprint?: pulumi.Input<string>;

Fingerprint of this resource.

property name

name?: pulumi.Input<string>;

The name of the security policy.

property project

project?: pulumi.Input<string>;

The project in which the resource belongs. If it is not provided, the provider project is used.

property rules

rules?: pulumi.Input<pulumi.Input<SecurityPolicyRule>[]>;

The set of rules that belong to this policy. There must always be a default rule (rule with priority 2147483647 and match “*”). If no rules are provided when creating a security policy, a default rule with action “allow” will be added. Structure is documented below.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface SecurityScanConfigArgs

interface SecurityScanConfigArgs

The set of arguments for constructing a SecurityScanConfig resource.

property authentication

authentication?: pulumi.Input<SecurityScanConfigAuthentication>;

The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.

property blacklistPatterns

blacklistPatterns?: pulumi.Input<pulumi.Input<string>[]>;

The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls

property displayName

displayName: pulumi.Input<string>;

The user provider display name of the ScanConfig.

property exportToSecurityCommandCenter

exportToSecurityCommandCenter?: pulumi.Input<string>;

Controls export of scan configurations and results to Cloud Security Command Center.

property maxQps

maxQps?: pulumi.Input<number>;

The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property schedule

schedule?: pulumi.Input<SecurityScanConfigSchedule>;

The schedule of the ScanConfig Structure is documented below.

property startingUrls

startingUrls: pulumi.Input<pulumi.Input<string>[]>;

The starting URLs from which the scanner finds site pages.

property targetPlatforms

targetPlatforms?: pulumi.Input<pulumi.Input<string>[]>;

Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.

property userAgent

userAgent?: pulumi.Input<string>;

Type of the user agents used for scanning

interface SecurityScanConfigState

interface SecurityScanConfigState

Input properties used for looking up and filtering SecurityScanConfig resources.

property authentication

authentication?: pulumi.Input<SecurityScanConfigAuthentication>;

The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.

property blacklistPatterns

blacklistPatterns?: pulumi.Input<pulumi.Input<string>[]>;

The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls

property displayName

displayName?: pulumi.Input<string>;

The user provider display name of the ScanConfig.

property exportToSecurityCommandCenter

exportToSecurityCommandCenter?: pulumi.Input<string>;

Controls export of scan configurations and results to Cloud Security Command Center.

property maxQps

maxQps?: pulumi.Input<number>;

The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.

property name

name?: pulumi.Input<string>;

A server defined name for this index. Format: ‘projects/{{project}}/scanConfigs/{{server_generated_id}}’

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property schedule

schedule?: pulumi.Input<SecurityScanConfigSchedule>;

The schedule of the ScanConfig Structure is documented below.

property startingUrls

startingUrls?: pulumi.Input<pulumi.Input<string>[]>;

The starting URLs from which the scanner finds site pages.

property targetPlatforms

targetPlatforms?: pulumi.Input<pulumi.Input<string>[]>;

Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.

property userAgent

userAgent?: pulumi.Input<string>;

Type of the user agents used for scanning

interface SharedVPCHostProjectArgs

interface SharedVPCHostProjectArgs

The set of arguments for constructing a SharedVPCHostProject resource.

property project

project: pulumi.Input<string>;

The ID of the project that will serve as a Shared VPC host project

interface SharedVPCHostProjectState

interface SharedVPCHostProjectState

Input properties used for looking up and filtering SharedVPCHostProject resources.

property project

project?: pulumi.Input<string>;

The ID of the project that will serve as a Shared VPC host project

interface SharedVPCServiceProjectArgs

interface SharedVPCServiceProjectArgs

The set of arguments for constructing a SharedVPCServiceProject resource.

property hostProject

hostProject: pulumi.Input<string>;

The ID of a host project to associate.

property serviceProject

serviceProject: pulumi.Input<string>;

The ID of the project that will serve as a Shared VPC service project.

interface SharedVPCServiceProjectState

interface SharedVPCServiceProjectState

Input properties used for looking up and filtering SharedVPCServiceProject resources.

property hostProject

hostProject?: pulumi.Input<string>;

The ID of a host project to associate.

property serviceProject

serviceProject?: pulumi.Input<string>;

The ID of the project that will serve as a Shared VPC service project.

interface SnapshotArgs

interface SnapshotArgs

The set of arguments for constructing a Snapshot resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this Snapshot.

property name

name?: pulumi.Input<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property snapshotEncryptionKey

snapshotEncryptionKey?: pulumi.Input<SnapshotSnapshotEncryptionKey>;

The customer-supplied encryption key of the snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

property sourceDisk

sourceDisk: pulumi.Input<string>;

A reference to the disk used to create this snapshot.

property sourceDiskEncryptionKey

sourceDiskEncryptionKey?: pulumi.Input<SnapshotSourceDiskEncryptionKey>;

The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the disk is hosted.

interface SnapshotState

interface SnapshotState

Input properties used for looking up and filtering Snapshot resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property diskSizeGb

diskSizeGb?: pulumi.Input<number>;

Size of the snapshot, specified in GB.

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this Snapshot.

property licenses

licenses?: pulumi.Input<pulumi.Input<string>[]>;

A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image). snapshotEncryptionKey nested object Encrypts the snapshot using a customer-supplied encryption key.

property name

name?: pulumi.Input<string>;

Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property snapshotEncryptionKey

snapshotEncryptionKey?: pulumi.Input<SnapshotSnapshotEncryptionKey>;

The customer-supplied encryption key of the snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

property snapshotId

snapshotId?: pulumi.Input<number>;

The unique identifier for the resource.

property sourceDisk

sourceDisk?: pulumi.Input<string>;

A reference to the disk used to create this snapshot.

property sourceDiskEncryptionKey

sourceDiskEncryptionKey?: pulumi.Input<SnapshotSourceDiskEncryptionKey>;

The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below.

sourceDiskLink?: pulumi.Input<string>;

property storageBytes

storageBytes?: pulumi.Input<number>;

A size of the the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion.

property zone

zone?: pulumi.Input<string>;

A reference to the zone where the disk is hosted.

interface SSLCertificateArgs

interface SSLCertificateArgs

The set of arguments for constructing a SSLCertificate resource.

property certificate

certificate: pulumi.Input<string>;

The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property namePrefix

namePrefix?: pulumi.Input<string>;

Creates a unique name beginning with the specified prefix. Conflicts with name.

property privateKey

privateKey: pulumi.Input<string>;

The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface SSLCertificateState

interface SSLCertificateState

Input properties used for looking up and filtering SSLCertificate resources.

property certificate

certificate?: pulumi.Input<string>;

The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.

property certificateId

certificateId?: pulumi.Input<number>;

The unique identifier for the resource.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property namePrefix

namePrefix?: pulumi.Input<string>;

Creates a unique name beginning with the specified prefix. Conflicts with name.

property privateKey

privateKey?: pulumi.Input<string>;

The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface SSLPolicyArgs

interface SSLPolicyArgs

The set of arguments for constructing a SSLPolicy resource.

property customFeatures

customFeatures?: pulumi.Input<pulumi.Input<string>[]>;

Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property minTlsVersion

minTlsVersion?: pulumi.Input<string>;

The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property profile

profile?: pulumi.Input<string>;

Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the customFeatures attribute must be set.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface SSLPolicyState

interface SSLPolicyState

Input properties used for looking up and filtering SSLPolicy resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property customFeatures

customFeatures?: pulumi.Input<pulumi.Input<string>[]>;

Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property enabledFeatures

enabledFeatures?: pulumi.Input<pulumi.Input<string>[]>;

The list of features enabled in the SSL policy.

property fingerprint

fingerprint?: pulumi.Input<string>;

Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.

property minTlsVersion

minTlsVersion?: pulumi.Input<string>;

The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property profile

profile?: pulumi.Input<string>;

Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the customFeatures attribute must be set.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface SubnetworkArgs

interface SubnetworkArgs

The set of arguments for constructing a Subnetwork resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.

property ipCidrRange

ipCidrRange: pulumi.Input<string>;

The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported.

property logConfig

logConfig?: pulumi.Input<SubnetworkLogConfig>;

Denotes the logging options for the subnetwork flow logs. If logging is enabled logs will be exported to Stackdriver. This field cannot be set if the purpose of this subnetwork is INTERNAL_HTTPS_LOAD_BALANCER Structure is documented below.

property name

name?: pulumi.Input<string>;

The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network: pulumi.Input<string>;

The network this subnet belongs to. Only networks that are in the distributed mode can have subnetworks.

property privateIpGoogleAccess

privateIpGoogleAccess?: pulumi.Input<boolean>;

When enabled, VMs in this subnetwork without external IP addresses can access Google APIs and services by using Private Google Access.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property purpose

purpose?: pulumi.Input<string>;

The purpose of the resource. This field can be either PRIVATE or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE. If set to INTERNAL_HTTPS_LOAD_BALANCER you must also set the role.

property region

region?: pulumi.Input<string>;

URL of the GCP region for this subnetwork.

property role

role?: pulumi.Input<string>;

The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining.

property secondaryIpRanges

secondaryIpRanges?: pulumi.Input<pulumi.Input<SubnetworkSecondaryIpRange>[]>;

An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange of the subnetwork. The alias IPs may belong to either primary or secondary ranges. Structure is documented below.

interface SubnetworkIAMBindingArgs

interface SubnetworkIAMBindingArgs

The set of arguments for constructing a SubnetworkIAMBinding resource.

property condition

condition?: pulumi.Input<SubnetworkIAMBindingCondition>;

) An IAM Condition for a given binding. Structure is documented below.

property members

members: pulumi.Input<pulumi.Input<string>[]>;

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property region

region?: pulumi.Input<string>;

URL of the GCP region for this subnetwork. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no region is specified, it is taken from the provider configuration.

property role

role: pulumi.Input<string>;

The role that should be applied. Only one gcp.compute.SubnetworkIAMBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property subnetwork

subnetwork: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

interface SubnetworkIAMBindingState

interface SubnetworkIAMBindingState

Input properties used for looking up and filtering SubnetworkIAMBinding resources.

property condition

condition?: pulumi.Input<SubnetworkIAMBindingCondition>;

) An IAM Condition for a given binding. Structure is documented below.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property members

members?: pulumi.Input<pulumi.Input<string>[]>;

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property region

region?: pulumi.Input<string>;

URL of the GCP region for this subnetwork. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no region is specified, it is taken from the provider configuration.

property role

role?: pulumi.Input<string>;

The role that should be applied. Only one gcp.compute.SubnetworkIAMBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property subnetwork

subnetwork?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

interface SubnetworkIAMMemberArgs

interface SubnetworkIAMMemberArgs

The set of arguments for constructing a SubnetworkIAMMember resource.

property condition

condition?: pulumi.Input<SubnetworkIAMMemberCondition>;

) An IAM Condition for a given binding. Structure is documented below.

property member

member: pulumi.Input<string>;

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property region

region?: pulumi.Input<string>;

URL of the GCP region for this subnetwork. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no region is specified, it is taken from the provider configuration.

property role

role: pulumi.Input<string>;

The role that should be applied. Only one gcp.compute.SubnetworkIAMBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property subnetwork

subnetwork: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

interface SubnetworkIAMMemberState

interface SubnetworkIAMMemberState

Input properties used for looking up and filtering SubnetworkIAMMember resources.

property condition

condition?: pulumi.Input<SubnetworkIAMMemberCondition>;

) An IAM Condition for a given binding. Structure is documented below.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property member

member?: pulumi.Input<string>;

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property region

region?: pulumi.Input<string>;

URL of the GCP region for this subnetwork. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no region is specified, it is taken from the provider configuration.

property role

role?: pulumi.Input<string>;

The role that should be applied. Only one gcp.compute.SubnetworkIAMBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property subnetwork

subnetwork?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

interface SubnetworkIAMPolicyArgs

interface SubnetworkIAMPolicyArgs

The set of arguments for constructing a SubnetworkIAMPolicy resource.

property policyData

policyData: pulumi.Input<string>;

The policy data generated by a gcp.organizations.getIAMPolicy data source.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property region

region?: pulumi.Input<string>;

URL of the GCP region for this subnetwork. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no region is specified, it is taken from the provider configuration.

property subnetwork

subnetwork: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

interface SubnetworkIAMPolicyState

interface SubnetworkIAMPolicyState

Input properties used for looking up and filtering SubnetworkIAMPolicy resources.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property policyData

policyData?: pulumi.Input<string>;

The policy data generated by a gcp.organizations.getIAMPolicy data source.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

property region

region?: pulumi.Input<string>;

URL of the GCP region for this subnetwork. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no region is specified, it is taken from the provider configuration.

property subnetwork

subnetwork?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

interface SubnetworkState

interface SubnetworkState

Input properties used for looking up and filtering Subnetwork resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.

property fingerprint

DEPRECATED This field is not useful for users, and has been removed as an output.
fingerprint?: pulumi.Input<string>;

Fingerprint of this resource. This field is used internally during updates of this resource.

property gatewayAddress

gatewayAddress?: pulumi.Input<string>;

The gateway address for default routes to reach destination addresses outside this subnetwork.

property ipCidrRange

ipCidrRange?: pulumi.Input<string>;

The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported.

property logConfig

logConfig?: pulumi.Input<SubnetworkLogConfig>;

Denotes the logging options for the subnetwork flow logs. If logging is enabled logs will be exported to Stackdriver. This field cannot be set if the purpose of this subnetwork is INTERNAL_HTTPS_LOAD_BALANCER Structure is documented below.

property name

name?: pulumi.Input<string>;

The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network?: pulumi.Input<string>;

The network this subnet belongs to. Only networks that are in the distributed mode can have subnetworks.

property privateIpGoogleAccess

privateIpGoogleAccess?: pulumi.Input<boolean>;

When enabled, VMs in this subnetwork without external IP addresses can access Google APIs and services by using Private Google Access.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property purpose

purpose?: pulumi.Input<string>;

The purpose of the resource. This field can be either PRIVATE or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE. If set to INTERNAL_HTTPS_LOAD_BALANCER you must also set the role.

property region

region?: pulumi.Input<string>;

URL of the GCP region for this subnetwork.

property role

role?: pulumi.Input<string>;

The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining.

property secondaryIpRanges

secondaryIpRanges?: pulumi.Input<pulumi.Input<SubnetworkSecondaryIpRange>[]>;

An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange of the subnetwork. The alias IPs may belong to either primary or secondary ranges. Structure is documented below.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface TargetHttpProxyArgs

interface TargetHttpProxyArgs

The set of arguments for constructing a TargetHttpProxy resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urlMap

urlMap: pulumi.Input<string>;

A reference to the UrlMap resource that defines the mapping from URL to the BackendService.

interface TargetHttpProxyState

interface TargetHttpProxyState

Input properties used for looking up and filtering TargetHttpProxy resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyId

proxyId?: pulumi.Input<number>;

The unique identifier for the resource.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property urlMap

urlMap?: pulumi.Input<string>;

A reference to the UrlMap resource that defines the mapping from URL to the BackendService.

interface TargetHttpsProxyArgs

interface TargetHttpsProxyArgs

The set of arguments for constructing a TargetHttpsProxy resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property quicOverride

quicOverride?: pulumi.Input<string>;

Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with no user overrides, which is equivalent to DISABLE.

property sslCertificates

sslCertificates: pulumi.Input<pulumi.Input<string>[]>;

A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified.

property sslPolicy

sslPolicy?: pulumi.Input<string>;

A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.

property urlMap

urlMap: pulumi.Input<string>;

A reference to the UrlMap resource that defines the mapping from URL to the BackendService.

interface TargetHttpsProxyState

interface TargetHttpsProxyState

Input properties used for looking up and filtering TargetHttpsProxy resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyId

proxyId?: pulumi.Input<number>;

The unique identifier for the resource.

property quicOverride

quicOverride?: pulumi.Input<string>;

Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with no user overrides, which is equivalent to DISABLE.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sslCertificates

sslCertificates?: pulumi.Input<pulumi.Input<string>[]>;

A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified.

property sslPolicy

sslPolicy?: pulumi.Input<string>;

A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.

property urlMap

urlMap?: pulumi.Input<string>;

A reference to the UrlMap resource that defines the mapping from URL to the BackendService.

interface TargetInstanceArgs

interface TargetInstanceArgs

The set of arguments for constructing a TargetInstance resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property instance

instance: pulumi.Input<string>;

The Compute instance VM handling traffic for this target instance. Accepts the instance self-link, relative path (e.g. projects/project/zones/zone/instances/instance) or name. If name is given, the zone will default to the given zone or the provider-default zone and the project will default to the provider-level project.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property natPolicy

natPolicy?: pulumi.Input<string>;

NAT option controlling how IPs are NAT’ed to the instance. Currently only NO_NAT (default value) is supported.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property zone

zone?: pulumi.Input<string>;

URL of the zone where the target instance resides.

interface TargetInstanceState

interface TargetInstanceState

Input properties used for looking up and filtering TargetInstance resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property instance

instance?: pulumi.Input<string>;

The Compute instance VM handling traffic for this target instance. Accepts the instance self-link, relative path (e.g. projects/project/zones/zone/instances/instance) or name. If name is given, the zone will default to the given zone or the provider-default zone and the project will default to the provider-level project.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property natPolicy

natPolicy?: pulumi.Input<string>;

NAT option controlling how IPs are NAT’ed to the instance. Currently only NO_NAT (default value) is supported.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property zone

zone?: pulumi.Input<string>;

URL of the zone where the target instance resides.

interface TargetPoolArgs

interface TargetPoolArgs

The set of arguments for constructing a TargetPool resource.

property backupPool

backupPool?: pulumi.Input<string>;

URL to the backup target pool. Must also set failover_ratio.

property description

description?: pulumi.Input<string>;

Textual description field.

property failoverRatio

failoverRatio?: pulumi.Input<number>;

Ratio (0 to 1) of failed nodes before using the backup pool (which must also be set).

property healthChecks

healthChecks?: pulumi.Input<string>;

List of zero or one health check name or self_link. Only legacy gcp.compute.HttpHealthCheck is supported.

property instances

instances?: pulumi.Input<pulumi.Input<string>[]>;

List of instances in the pool. They can be given as URLs, or in the form of “zone/name”. Note that the instances need not exist at the time of target pool creation, so there is no need to use the interpolation to create a dependency on the instances from the target pool.

property name

name?: pulumi.Input<string>;

A unique name for the resource, required by GCE. Changing this forces a new resource to be created.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Where the target pool resides. Defaults to project region.

property sessionAffinity

sessionAffinity?: pulumi.Input<string>;

How to distribute load. Options are “NONE” (no affinity). “CLIENT_IP” (hash of the source/dest addresses / ports), and “CLIENT_IP_PROTO” also includes the protocol (default “NONE”).

interface TargetPoolState

interface TargetPoolState

Input properties used for looking up and filtering TargetPool resources.

property backupPool

backupPool?: pulumi.Input<string>;

URL to the backup target pool. Must also set failover_ratio.

property description

description?: pulumi.Input<string>;

Textual description field.

property failoverRatio

failoverRatio?: pulumi.Input<number>;

Ratio (0 to 1) of failed nodes before using the backup pool (which must also be set).

property healthChecks

healthChecks?: pulumi.Input<string>;

List of zero or one health check name or self_link. Only legacy gcp.compute.HttpHealthCheck is supported.

property instances

instances?: pulumi.Input<pulumi.Input<string>[]>;

List of instances in the pool. They can be given as URLs, or in the form of “zone/name”. Note that the instances need not exist at the time of target pool creation, so there is no need to use the interpolation to create a dependency on the instances from the target pool.

property name

name?: pulumi.Input<string>;

A unique name for the resource, required by GCE. Changing this forces a new resource to be created.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

Where the target pool resides. Defaults to project region.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sessionAffinity

sessionAffinity?: pulumi.Input<string>;

How to distribute load. Options are “NONE” (no affinity). “CLIENT_IP” (hash of the source/dest addresses / ports), and “CLIENT_IP_PROTO” also includes the protocol (default “NONE”).

interface TargetSSLProxyArgs

interface TargetSSLProxyArgs

The set of arguments for constructing a TargetSSLProxy resource.

property backendService

backendService: pulumi.Input<string>;

A reference to the BackendService resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyHeader

proxyHeader?: pulumi.Input<string>;

Specifies the type of proxy header to append before sending data to the backend.

property sslCertificates

sslCertificates: pulumi.Input<string>;

A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.

property sslPolicy

sslPolicy?: pulumi.Input<string>;

A reference to the SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured.

interface TargetSSLProxyState

interface TargetSSLProxyState

Input properties used for looking up and filtering TargetSSLProxy resources.

property backendService

backendService?: pulumi.Input<string>;

A reference to the BackendService resource.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyHeader

proxyHeader?: pulumi.Input<string>;

Specifies the type of proxy header to append before sending data to the backend.

property proxyId

proxyId?: pulumi.Input<number>;

The unique identifier for the resource.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sslCertificates

sslCertificates?: pulumi.Input<string>;

A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.

property sslPolicy

sslPolicy?: pulumi.Input<string>;

A reference to the SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured.

interface TargetTCPProxyArgs

interface TargetTCPProxyArgs

The set of arguments for constructing a TargetTCPProxy resource.

property backendService

backendService: pulumi.Input<string>;

A reference to the BackendService resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyHeader

proxyHeader?: pulumi.Input<string>;

Specifies the type of proxy header to append before sending data to the backend.

interface TargetTCPProxyState

interface TargetTCPProxyState

Input properties used for looking up and filtering TargetTCPProxy resources.

property backendService

backendService?: pulumi.Input<string>;

A reference to the BackendService resource.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property proxyHeader

proxyHeader?: pulumi.Input<string>;

Specifies the type of proxy header to append before sending data to the backend.

property proxyId

proxyId?: pulumi.Input<number>;

The unique identifier for the resource.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface URLMapArgs

interface URLMapArgs

The set of arguments for constructing a URLMap resource.

property defaultService

defaultService?: pulumi.Input<string>;

The backend service or backend bucket to use when none of the given paths match.

property defaultUrlRedirect

defaultUrlRedirect?: pulumi.Input<URLMapDefaultUrlRedirect>;

When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Structure is documented below.

property description

description?: pulumi.Input<string>;

Description of this test case.

property headerAction

headerAction?: pulumi.Input<URLMapHeaderAction>;

Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Structure is documented below.

property hostRules

hostRules?: pulumi.Input<pulumi.Input<URLMapHostRule>[]>;

The list of HostRules to use against the URL. Structure is documented below.

property name

name?: pulumi.Input<string>;

The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.

property pathMatchers

pathMatchers?: pulumi.Input<pulumi.Input<URLMapPathMatcher>[]>;

The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL’s host portion.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property tests

tests?: pulumi.Input<pulumi.Input<URLMapTest>[]>;

The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Structure is documented below.

interface URLMapState

interface URLMapState

Input properties used for looking up and filtering URLMap resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property defaultService

defaultService?: pulumi.Input<string>;

The backend service or backend bucket to use when none of the given paths match.

property defaultUrlRedirect

defaultUrlRedirect?: pulumi.Input<URLMapDefaultUrlRedirect>;

When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Structure is documented below.

property description

description?: pulumi.Input<string>;

Description of this test case.

property fingerprint

fingerprint?: pulumi.Input<string>;

Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.

property headerAction

headerAction?: pulumi.Input<URLMapHeaderAction>;

Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Structure is documented below.

property hostRules

hostRules?: pulumi.Input<pulumi.Input<URLMapHostRule>[]>;

The list of HostRules to use against the URL. Structure is documented below.

property mapId

mapId?: pulumi.Input<number>;

The unique identifier for the resource.

property name

name?: pulumi.Input<string>;

The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.

property pathMatchers

pathMatchers?: pulumi.Input<pulumi.Input<URLMapPathMatcher>[]>;

The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL’s host portion.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property tests

tests?: pulumi.Input<pulumi.Input<URLMapTest>[]>;

The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Structure is documented below.

interface VPNGatewayArgs

interface VPNGatewayArgs

The set of arguments for constructing a VPNGateway resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network: pulumi.Input<string>;

The network this VPN gateway is accepting traffic for.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The region this gateway should sit in.

interface VPNGatewayState

interface VPNGatewayState

Input properties used for looking up and filtering VPNGateway resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property gatewayId

gatewayId?: pulumi.Input<number>;

The unique identifier for the resource.

property name

name?: pulumi.Input<string>;

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property network

network?: pulumi.Input<string>;

The network this VPN gateway is accepting traffic for.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The region this gateway should sit in.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

interface VPNTunnelArgs

interface VPNTunnelArgs

The set of arguments for constructing a VPNTunnel resource.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property ikeVersion

ikeVersion?: pulumi.Input<number>;

IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this VpnTunnel.

property localTrafficSelectors

localTrafficSelectors?: pulumi.Input<pulumi.Input<string>[]>;

Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.

property name

name?: pulumi.Input<string>;

Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property peerExternalGateway

peerExternalGateway?: pulumi.Input<string>;

URL of the peer side external VPN gateway to which this VPN tunnel is connected.

property peerExternalGatewayInterface

peerExternalGatewayInterface?: pulumi.Input<number>;

The interface ID of the external VPN gateway to which this VPN tunnel is connected.

property peerGcpGateway

peerGcpGateway?: pulumi.Input<string>;

URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpnGatewayInterface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.

property peerIp

peerIp?: pulumi.Input<string>;

IP address of the peer VPN gateway. Only IPv4 is supported.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The region where the tunnel is located. If unset, is set to the region of targetVpnGateway.

property remoteTrafficSelectors

remoteTrafficSelectors?: pulumi.Input<pulumi.Input<string>[]>;

Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.

property router

router?: pulumi.Input<string>;

URL of router resource to be used for dynamic routing.

property sharedSecret

sharedSecret: pulumi.Input<string>;

Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.

property targetVpnGateway

targetVpnGateway?: pulumi.Input<string>;

URL of the Target VPN gateway with which this VPN tunnel is associated.

property vpnGateway

vpnGateway?: pulumi.Input<string>;

URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.

property vpnGatewayInterface

vpnGatewayInterface?: pulumi.Input<number>;

The interface ID of the VPN gateway with which this VPN tunnel is associated.

interface VPNTunnelState

interface VPNTunnelState

Input properties used for looking up and filtering VPNTunnel resources.

property creationTimestamp

creationTimestamp?: pulumi.Input<string>;

Creation timestamp in RFC3339 text format.

property description

description?: pulumi.Input<string>;

An optional description of this resource.

property detailedStatus

detailedStatus?: pulumi.Input<string>;

Detailed status message for the VPN tunnel.

property ikeVersion

ikeVersion?: pulumi.Input<number>;

IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

The fingerprint used for optimistic locking of this resource. Used internally during updates.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Labels to apply to this VpnTunnel.

property localTrafficSelectors

localTrafficSelectors?: pulumi.Input<pulumi.Input<string>[]>;

Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.

property name

name?: pulumi.Input<string>;

Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

property peerExternalGateway

peerExternalGateway?: pulumi.Input<string>;

URL of the peer side external VPN gateway to which this VPN tunnel is connected.

property peerExternalGatewayInterface

peerExternalGatewayInterface?: pulumi.Input<number>;

The interface ID of the external VPN gateway to which this VPN tunnel is connected.

property peerGcpGateway

peerGcpGateway?: pulumi.Input<string>;

URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpnGatewayInterface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.

property peerIp

peerIp?: pulumi.Input<string>;

IP address of the peer VPN gateway. Only IPv4 is supported.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: pulumi.Input<string>;

The region where the tunnel is located. If unset, is set to the region of targetVpnGateway.

property remoteTrafficSelectors

remoteTrafficSelectors?: pulumi.Input<pulumi.Input<string>[]>;

Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.

property router

router?: pulumi.Input<string>;

URL of router resource to be used for dynamic routing.

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property sharedSecret

sharedSecret?: pulumi.Input<string>;

Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.

property sharedSecretHash

sharedSecretHash?: pulumi.Input<string>;

Hash of the shared secret.

property targetVpnGateway

targetVpnGateway?: pulumi.Input<string>;

URL of the Target VPN gateway with which this VPN tunnel is associated.

property tunnelId

tunnelId?: pulumi.Input<string>;

The unique identifier for the resource. This identifier is defined by the server.

property vpnGateway

vpnGateway?: pulumi.Input<string>;

URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.

property vpnGatewayInterface

vpnGatewayInterface?: pulumi.Input<number>;

The interface ID of the VPN gateway with which this VPN tunnel is associated.