1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. compute
  5. ServiceAttachment
Google Cloud v8.27.1 published on Friday, Apr 25, 2025 by Pulumi

gcp.compute.ServiceAttachment

Explore with Pulumi AI

Represents a ServiceAttachment resource.

To get more information about ServiceAttachment, see:

Example Usage

Service Attachment Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const producerServiceHealthCheck = new gcp.compute.HealthCheck("producer_service_health_check", {
    name: "producer-service-health-check",
    checkIntervalSec: 1,
    timeoutSec: 1,
    tcpHealthCheck: {
        port: 80,
    },
});
const producerServiceBackend = new gcp.compute.RegionBackendService("producer_service_backend", {
    name: "producer-service",
    region: "us-west2",
    healthChecks: producerServiceHealthCheck.id,
});
const pscIlbNetwork = new gcp.compute.Network("psc_ilb_network", {
    name: "psc-ilb-network",
    autoCreateSubnetworks: false,
});
const pscIlbProducerSubnetwork = new gcp.compute.Subnetwork("psc_ilb_producer_subnetwork", {
    name: "psc-ilb-producer-subnetwork",
    region: "us-west2",
    network: pscIlbNetwork.id,
    ipCidrRange: "10.0.0.0/16",
});
const pscIlbTargetService = new gcp.compute.ForwardingRule("psc_ilb_target_service", {
    name: "producer-forwarding-rule",
    region: "us-west2",
    loadBalancingScheme: "INTERNAL",
    backendService: producerServiceBackend.id,
    allPorts: true,
    network: pscIlbNetwork.name,
    subnetwork: pscIlbProducerSubnetwork.name,
});
const pscIlbNat = new gcp.compute.Subnetwork("psc_ilb_nat", {
    name: "psc-ilb-nat",
    region: "us-west2",
    network: pscIlbNetwork.id,
    purpose: "PRIVATE_SERVICE_CONNECT",
    ipCidrRange: "10.1.0.0/16",
});
const pscIlbServiceAttachment = new gcp.compute.ServiceAttachment("psc_ilb_service_attachment", {
    name: "my-psc-ilb",
    region: "us-west2",
    description: "A service attachment configured with Terraform",
    domainNames: ["gcp.tfacc.hashicorptest.com."],
    enableProxyProtocol: true,
    connectionPreference: "ACCEPT_AUTOMATIC",
    natSubnets: [pscIlbNat.id],
    targetService: pscIlbTargetService.id,
});
const pscIlbConsumerAddress = new gcp.compute.Address("psc_ilb_consumer_address", {
    name: "psc-ilb-consumer-address",
    region: "us-west2",
    subnetwork: "default",
    addressType: "INTERNAL",
});
const pscIlbConsumer = new gcp.compute.ForwardingRule("psc_ilb_consumer", {
    name: "psc-ilb-consumer-forwarding-rule",
    region: "us-west2",
    target: pscIlbServiceAttachment.id,
    loadBalancingScheme: "",
    network: "default",
    ipAddress: pscIlbConsumerAddress.id,
});
Copy
import pulumi
import pulumi_gcp as gcp

producer_service_health_check = gcp.compute.HealthCheck("producer_service_health_check",
    name="producer-service-health-check",
    check_interval_sec=1,
    timeout_sec=1,
    tcp_health_check={
        "port": 80,
    })
producer_service_backend = gcp.compute.RegionBackendService("producer_service_backend",
    name="producer-service",
    region="us-west2",
    health_checks=producer_service_health_check.id)
psc_ilb_network = gcp.compute.Network("psc_ilb_network",
    name="psc-ilb-network",
    auto_create_subnetworks=False)
psc_ilb_producer_subnetwork = gcp.compute.Subnetwork("psc_ilb_producer_subnetwork",
    name="psc-ilb-producer-subnetwork",
    region="us-west2",
    network=psc_ilb_network.id,
    ip_cidr_range="10.0.0.0/16")
psc_ilb_target_service = gcp.compute.ForwardingRule("psc_ilb_target_service",
    name="producer-forwarding-rule",
    region="us-west2",
    load_balancing_scheme="INTERNAL",
    backend_service=producer_service_backend.id,
    all_ports=True,
    network=psc_ilb_network.name,
    subnetwork=psc_ilb_producer_subnetwork.name)
psc_ilb_nat = gcp.compute.Subnetwork("psc_ilb_nat",
    name="psc-ilb-nat",
    region="us-west2",
    network=psc_ilb_network.id,
    purpose="PRIVATE_SERVICE_CONNECT",
    ip_cidr_range="10.1.0.0/16")
psc_ilb_service_attachment = gcp.compute.ServiceAttachment("psc_ilb_service_attachment",
    name="my-psc-ilb",
    region="us-west2",
    description="A service attachment configured with Terraform",
    domain_names=["gcp.tfacc.hashicorptest.com."],
    enable_proxy_protocol=True,
    connection_preference="ACCEPT_AUTOMATIC",
    nat_subnets=[psc_ilb_nat.id],
    target_service=psc_ilb_target_service.id)
psc_ilb_consumer_address = gcp.compute.Address("psc_ilb_consumer_address",
    name="psc-ilb-consumer-address",
    region="us-west2",
    subnetwork="default",
    address_type="INTERNAL")
psc_ilb_consumer = gcp.compute.ForwardingRule("psc_ilb_consumer",
    name="psc-ilb-consumer-forwarding-rule",
    region="us-west2",
    target=psc_ilb_service_attachment.id,
    load_balancing_scheme="",
    network="default",
    ip_address=psc_ilb_consumer_address.id)
Copy
package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		producerServiceHealthCheck, err := compute.NewHealthCheck(ctx, "producer_service_health_check", &compute.HealthCheckArgs{
			Name:             pulumi.String("producer-service-health-check"),
			CheckIntervalSec: pulumi.Int(1),
			TimeoutSec:       pulumi.Int(1),
			TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
				Port: pulumi.Int(80),
			},
		})
		if err != nil {
			return err
		}
		producerServiceBackend, err := compute.NewRegionBackendService(ctx, "producer_service_backend", &compute.RegionBackendServiceArgs{
			Name:         pulumi.String("producer-service"),
			Region:       pulumi.String("us-west2"),
			HealthChecks: producerServiceHealthCheck.ID(),
		})
		if err != nil {
			return err
		}
		pscIlbNetwork, err := compute.NewNetwork(ctx, "psc_ilb_network", &compute.NetworkArgs{
			Name:                  pulumi.String("psc-ilb-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		pscIlbProducerSubnetwork, err := compute.NewSubnetwork(ctx, "psc_ilb_producer_subnetwork", &compute.SubnetworkArgs{
			Name:        pulumi.String("psc-ilb-producer-subnetwork"),
			Region:      pulumi.String("us-west2"),
			Network:     pscIlbNetwork.ID(),
			IpCidrRange: pulumi.String("10.0.0.0/16"),
		})
		if err != nil {
			return err
		}
		pscIlbTargetService, err := compute.NewForwardingRule(ctx, "psc_ilb_target_service", &compute.ForwardingRuleArgs{
			Name:                pulumi.String("producer-forwarding-rule"),
			Region:              pulumi.String("us-west2"),
			LoadBalancingScheme: pulumi.String("INTERNAL"),
			BackendService:      producerServiceBackend.ID(),
			AllPorts:            pulumi.Bool(true),
			Network:             pscIlbNetwork.Name,
			Subnetwork:          pscIlbProducerSubnetwork.Name,
		})
		if err != nil {
			return err
		}
		pscIlbNat, err := compute.NewSubnetwork(ctx, "psc_ilb_nat", &compute.SubnetworkArgs{
			Name:        pulumi.String("psc-ilb-nat"),
			Region:      pulumi.String("us-west2"),
			Network:     pscIlbNetwork.ID(),
			Purpose:     pulumi.String("PRIVATE_SERVICE_CONNECT"),
			IpCidrRange: pulumi.String("10.1.0.0/16"),
		})
		if err != nil {
			return err
		}
		pscIlbServiceAttachment, err := compute.NewServiceAttachment(ctx, "psc_ilb_service_attachment", &compute.ServiceAttachmentArgs{
			Name:        pulumi.String("my-psc-ilb"),
			Region:      pulumi.String("us-west2"),
			Description: pulumi.String("A service attachment configured with Terraform"),
			DomainNames: pulumi.StringArray{
				pulumi.String("gcp.tfacc.hashicorptest.com."),
			},
			EnableProxyProtocol:  pulumi.Bool(true),
			ConnectionPreference: pulumi.String("ACCEPT_AUTOMATIC"),
			NatSubnets: pulumi.StringArray{
				pscIlbNat.ID(),
			},
			TargetService: pscIlbTargetService.ID(),
		})
		if err != nil {
			return err
		}
		pscIlbConsumerAddress, err := compute.NewAddress(ctx, "psc_ilb_consumer_address", &compute.AddressArgs{
			Name:        pulumi.String("psc-ilb-consumer-address"),
			Region:      pulumi.String("us-west2"),
			Subnetwork:  pulumi.String("default"),
			AddressType: pulumi.String("INTERNAL"),
		})
		if err != nil {
			return err
		}
		_, err = compute.NewForwardingRule(ctx, "psc_ilb_consumer", &compute.ForwardingRuleArgs{
			Name:                pulumi.String("psc-ilb-consumer-forwarding-rule"),
			Region:              pulumi.String("us-west2"),
			Target:              pscIlbServiceAttachment.ID(),
			LoadBalancingScheme: pulumi.String(""),
			Network:             pulumi.String("default"),
			IpAddress:           pscIlbConsumerAddress.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var producerServiceHealthCheck = new Gcp.Compute.HealthCheck("producer_service_health_check", new()
    {
        Name = "producer-service-health-check",
        CheckIntervalSec = 1,
        TimeoutSec = 1,
        TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
        {
            Port = 80,
        },
    });

    var producerServiceBackend = new Gcp.Compute.RegionBackendService("producer_service_backend", new()
    {
        Name = "producer-service",
        Region = "us-west2",
        HealthChecks = producerServiceHealthCheck.Id,
    });

    var pscIlbNetwork = new Gcp.Compute.Network("psc_ilb_network", new()
    {
        Name = "psc-ilb-network",
        AutoCreateSubnetworks = false,
    });

    var pscIlbProducerSubnetwork = new Gcp.Compute.Subnetwork("psc_ilb_producer_subnetwork", new()
    {
        Name = "psc-ilb-producer-subnetwork",
        Region = "us-west2",
        Network = pscIlbNetwork.Id,
        IpCidrRange = "10.0.0.0/16",
    });

    var pscIlbTargetService = new Gcp.Compute.ForwardingRule("psc_ilb_target_service", new()
    {
        Name = "producer-forwarding-rule",
        Region = "us-west2",
        LoadBalancingScheme = "INTERNAL",
        BackendService = producerServiceBackend.Id,
        AllPorts = true,
        Network = pscIlbNetwork.Name,
        Subnetwork = pscIlbProducerSubnetwork.Name,
    });

    var pscIlbNat = new Gcp.Compute.Subnetwork("psc_ilb_nat", new()
    {
        Name = "psc-ilb-nat",
        Region = "us-west2",
        Network = pscIlbNetwork.Id,
        Purpose = "PRIVATE_SERVICE_CONNECT",
        IpCidrRange = "10.1.0.0/16",
    });

    var pscIlbServiceAttachment = new Gcp.Compute.ServiceAttachment("psc_ilb_service_attachment", new()
    {
        Name = "my-psc-ilb",
        Region = "us-west2",
        Description = "A service attachment configured with Terraform",
        DomainNames = new[]
        {
            "gcp.tfacc.hashicorptest.com.",
        },
        EnableProxyProtocol = true,
        ConnectionPreference = "ACCEPT_AUTOMATIC",
        NatSubnets = new[]
        {
            pscIlbNat.Id,
        },
        TargetService = pscIlbTargetService.Id,
    });

    var pscIlbConsumerAddress = new Gcp.Compute.Address("psc_ilb_consumer_address", new()
    {
        Name = "psc-ilb-consumer-address",
        Region = "us-west2",
        Subnetwork = "default",
        AddressType = "INTERNAL",
    });

    var pscIlbConsumer = new Gcp.Compute.ForwardingRule("psc_ilb_consumer", new()
    {
        Name = "psc-ilb-consumer-forwarding-rule",
        Region = "us-west2",
        Target = pscIlbServiceAttachment.Id,
        LoadBalancingScheme = "",
        Network = "default",
        IpAddress = pscIlbConsumerAddress.Id,
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.ServiceAttachment;
import com.pulumi.gcp.compute.ServiceAttachmentArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
            .name("producer-service-health-check")
            .checkIntervalSec(1)
            .timeoutSec(1)
            .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                .port(80)
                .build())
            .build());

        var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
            .name("producer-service")
            .region("us-west2")
            .healthChecks(producerServiceHealthCheck.id())
            .build());

        var pscIlbNetwork = new Network("pscIlbNetwork", NetworkArgs.builder()
            .name("psc-ilb-network")
            .autoCreateSubnetworks(false)
            .build());

        var pscIlbProducerSubnetwork = new Subnetwork("pscIlbProducerSubnetwork", SubnetworkArgs.builder()
            .name("psc-ilb-producer-subnetwork")
            .region("us-west2")
            .network(pscIlbNetwork.id())
            .ipCidrRange("10.0.0.0/16")
            .build());

        var pscIlbTargetService = new ForwardingRule("pscIlbTargetService", ForwardingRuleArgs.builder()
            .name("producer-forwarding-rule")
            .region("us-west2")
            .loadBalancingScheme("INTERNAL")
            .backendService(producerServiceBackend.id())
            .allPorts(true)
            .network(pscIlbNetwork.name())
            .subnetwork(pscIlbProducerSubnetwork.name())
            .build());

        var pscIlbNat = new Subnetwork("pscIlbNat", SubnetworkArgs.builder()
            .name("psc-ilb-nat")
            .region("us-west2")
            .network(pscIlbNetwork.id())
            .purpose("PRIVATE_SERVICE_CONNECT")
            .ipCidrRange("10.1.0.0/16")
            .build());

        var pscIlbServiceAttachment = new ServiceAttachment("pscIlbServiceAttachment", ServiceAttachmentArgs.builder()
            .name("my-psc-ilb")
            .region("us-west2")
            .description("A service attachment configured with Terraform")
            .domainNames("gcp.tfacc.hashicorptest.com.")
            .enableProxyProtocol(true)
            .connectionPreference("ACCEPT_AUTOMATIC")
            .natSubnets(pscIlbNat.id())
            .targetService(pscIlbTargetService.id())
            .build());

        var pscIlbConsumerAddress = new Address("pscIlbConsumerAddress", AddressArgs.builder()
            .name("psc-ilb-consumer-address")
            .region("us-west2")
            .subnetwork("default")
            .addressType("INTERNAL")
            .build());

        var pscIlbConsumer = new ForwardingRule("pscIlbConsumer", ForwardingRuleArgs.builder()
            .name("psc-ilb-consumer-forwarding-rule")
            .region("us-west2")
            .target(pscIlbServiceAttachment.id())
            .loadBalancingScheme("")
            .network("default")
            .ipAddress(pscIlbConsumerAddress.id())
            .build());

    }
}
Copy
resources:
  pscIlbServiceAttachment:
    type: gcp:compute:ServiceAttachment
    name: psc_ilb_service_attachment
    properties:
      name: my-psc-ilb
      region: us-west2
      description: A service attachment configured with Terraform
      domainNames:
        - gcp.tfacc.hashicorptest.com.
      enableProxyProtocol: true
      connectionPreference: ACCEPT_AUTOMATIC
      natSubnets:
        - ${pscIlbNat.id}
      targetService: ${pscIlbTargetService.id}
  pscIlbConsumerAddress:
    type: gcp:compute:Address
    name: psc_ilb_consumer_address
    properties:
      name: psc-ilb-consumer-address
      region: us-west2
      subnetwork: default
      addressType: INTERNAL
  pscIlbConsumer:
    type: gcp:compute:ForwardingRule
    name: psc_ilb_consumer
    properties:
      name: psc-ilb-consumer-forwarding-rule
      region: us-west2
      target: ${pscIlbServiceAttachment.id}
      loadBalancingScheme: ""
      network: default
      ipAddress: ${pscIlbConsumerAddress.id}
  pscIlbTargetService:
    type: gcp:compute:ForwardingRule
    name: psc_ilb_target_service
    properties:
      name: producer-forwarding-rule
      region: us-west2
      loadBalancingScheme: INTERNAL
      backendService: ${producerServiceBackend.id}
      allPorts: true
      network: ${pscIlbNetwork.name}
      subnetwork: ${pscIlbProducerSubnetwork.name}
  producerServiceBackend:
    type: gcp:compute:RegionBackendService
    name: producer_service_backend
    properties:
      name: producer-service
      region: us-west2
      healthChecks: ${producerServiceHealthCheck.id}
  producerServiceHealthCheck:
    type: gcp:compute:HealthCheck
    name: producer_service_health_check
    properties:
      name: producer-service-health-check
      checkIntervalSec: 1
      timeoutSec: 1
      tcpHealthCheck:
        port: '80'
  pscIlbNetwork:
    type: gcp:compute:Network
    name: psc_ilb_network
    properties:
      name: psc-ilb-network
      autoCreateSubnetworks: false
  pscIlbProducerSubnetwork:
    type: gcp:compute:Subnetwork
    name: psc_ilb_producer_subnetwork
    properties:
      name: psc-ilb-producer-subnetwork
      region: us-west2
      network: ${pscIlbNetwork.id}
      ipCidrRange: 10.0.0.0/16
  pscIlbNat:
    type: gcp:compute:Subnetwork
    name: psc_ilb_nat
    properties:
      name: psc-ilb-nat
      region: us-west2
      network: ${pscIlbNetwork.id}
      purpose: PRIVATE_SERVICE_CONNECT
      ipCidrRange: 10.1.0.0/16
Copy

Service Attachment Explicit Projects

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const producerServiceHealthCheck = new gcp.compute.HealthCheck("producer_service_health_check", {
    name: "producer-service-health-check",
    checkIntervalSec: 1,
    timeoutSec: 1,
    tcpHealthCheck: {
        port: 80,
    },
});
const producerServiceBackend = new gcp.compute.RegionBackendService("producer_service_backend", {
    name: "producer-service",
    region: "us-west2",
    healthChecks: producerServiceHealthCheck.id,
});
const pscIlbNetwork = new gcp.compute.Network("psc_ilb_network", {
    name: "psc-ilb-network",
    autoCreateSubnetworks: false,
});
const pscIlbProducerSubnetwork = new gcp.compute.Subnetwork("psc_ilb_producer_subnetwork", {
    name: "psc-ilb-producer-subnetwork",
    region: "us-west2",
    network: pscIlbNetwork.id,
    ipCidrRange: "10.0.0.0/16",
});
const pscIlbTargetService = new gcp.compute.ForwardingRule("psc_ilb_target_service", {
    name: "producer-forwarding-rule",
    region: "us-west2",
    loadBalancingScheme: "INTERNAL",
    backendService: producerServiceBackend.id,
    allPorts: true,
    network: pscIlbNetwork.name,
    subnetwork: pscIlbProducerSubnetwork.name,
});
const pscIlbNat = new gcp.compute.Subnetwork("psc_ilb_nat", {
    name: "psc-ilb-nat",
    region: "us-west2",
    network: pscIlbNetwork.id,
    purpose: "PRIVATE_SERVICE_CONNECT",
    ipCidrRange: "10.1.0.0/16",
});
const pscIlbServiceAttachment = new gcp.compute.ServiceAttachment("psc_ilb_service_attachment", {
    name: "my-psc-ilb",
    region: "us-west2",
    description: "A service attachment configured with Terraform",
    domainNames: ["gcp.tfacc.hashicorptest.com."],
    enableProxyProtocol: true,
    connectionPreference: "ACCEPT_MANUAL",
    natSubnets: [pscIlbNat.id],
    targetService: pscIlbTargetService.id,
    consumerRejectLists: [
        "673497134629",
        "482878270665",
    ],
    consumerAcceptLists: [{
        projectIdOrNum: "658859330310",
        connectionLimit: 4,
    }],
});
const pscIlbConsumerAddress = new gcp.compute.Address("psc_ilb_consumer_address", {
    name: "psc-ilb-consumer-address",
    region: "us-west2",
    subnetwork: "default",
    addressType: "INTERNAL",
});
const pscIlbConsumer = new gcp.compute.ForwardingRule("psc_ilb_consumer", {
    name: "psc-ilb-consumer-forwarding-rule",
    region: "us-west2",
    target: pscIlbServiceAttachment.id,
    loadBalancingScheme: "",
    network: "default",
    ipAddress: pscIlbConsumerAddress.id,
});
Copy
import pulumi
import pulumi_gcp as gcp

producer_service_health_check = gcp.compute.HealthCheck("producer_service_health_check",
    name="producer-service-health-check",
    check_interval_sec=1,
    timeout_sec=1,
    tcp_health_check={
        "port": 80,
    })
producer_service_backend = gcp.compute.RegionBackendService("producer_service_backend",
    name="producer-service",
    region="us-west2",
    health_checks=producer_service_health_check.id)
psc_ilb_network = gcp.compute.Network("psc_ilb_network",
    name="psc-ilb-network",
    auto_create_subnetworks=False)
psc_ilb_producer_subnetwork = gcp.compute.Subnetwork("psc_ilb_producer_subnetwork",
    name="psc-ilb-producer-subnetwork",
    region="us-west2",
    network=psc_ilb_network.id,
    ip_cidr_range="10.0.0.0/16")
psc_ilb_target_service = gcp.compute.ForwardingRule("psc_ilb_target_service",
    name="producer-forwarding-rule",
    region="us-west2",
    load_balancing_scheme="INTERNAL",
    backend_service=producer_service_backend.id,
    all_ports=True,
    network=psc_ilb_network.name,
    subnetwork=psc_ilb_producer_subnetwork.name)
psc_ilb_nat = gcp.compute.Subnetwork("psc_ilb_nat",
    name="psc-ilb-nat",
    region="us-west2",
    network=psc_ilb_network.id,
    purpose="PRIVATE_SERVICE_CONNECT",
    ip_cidr_range="10.1.0.0/16")
psc_ilb_service_attachment = gcp.compute.ServiceAttachment("psc_ilb_service_attachment",
    name="my-psc-ilb",
    region="us-west2",
    description="A service attachment configured with Terraform",
    domain_names=["gcp.tfacc.hashicorptest.com."],
    enable_proxy_protocol=True,
    connection_preference="ACCEPT_MANUAL",
    nat_subnets=[psc_ilb_nat.id],
    target_service=psc_ilb_target_service.id,
    consumer_reject_lists=[
        "673497134629",
        "482878270665",
    ],
    consumer_accept_lists=[{
        "project_id_or_num": "658859330310",
        "connection_limit": 4,
    }])
psc_ilb_consumer_address = gcp.compute.Address("psc_ilb_consumer_address",
    name="psc-ilb-consumer-address",
    region="us-west2",
    subnetwork="default",
    address_type="INTERNAL")
psc_ilb_consumer = gcp.compute.ForwardingRule("psc_ilb_consumer",
    name="psc-ilb-consumer-forwarding-rule",
    region="us-west2",
    target=psc_ilb_service_attachment.id,
    load_balancing_scheme="",
    network="default",
    ip_address=psc_ilb_consumer_address.id)
Copy
package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		producerServiceHealthCheck, err := compute.NewHealthCheck(ctx, "producer_service_health_check", &compute.HealthCheckArgs{
			Name:             pulumi.String("producer-service-health-check"),
			CheckIntervalSec: pulumi.Int(1),
			TimeoutSec:       pulumi.Int(1),
			TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
				Port: pulumi.Int(80),
			},
		})
		if err != nil {
			return err
		}
		producerServiceBackend, err := compute.NewRegionBackendService(ctx, "producer_service_backend", &compute.RegionBackendServiceArgs{
			Name:         pulumi.String("producer-service"),
			Region:       pulumi.String("us-west2"),
			HealthChecks: producerServiceHealthCheck.ID(),
		})
		if err != nil {
			return err
		}
		pscIlbNetwork, err := compute.NewNetwork(ctx, "psc_ilb_network", &compute.NetworkArgs{
			Name:                  pulumi.String("psc-ilb-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		pscIlbProducerSubnetwork, err := compute.NewSubnetwork(ctx, "psc_ilb_producer_subnetwork", &compute.SubnetworkArgs{
			Name:        pulumi.String("psc-ilb-producer-subnetwork"),
			Region:      pulumi.String("us-west2"),
			Network:     pscIlbNetwork.ID(),
			IpCidrRange: pulumi.String("10.0.0.0/16"),
		})
		if err != nil {
			return err
		}
		pscIlbTargetService, err := compute.NewForwardingRule(ctx, "psc_ilb_target_service", &compute.ForwardingRuleArgs{
			Name:                pulumi.String("producer-forwarding-rule"),
			Region:              pulumi.String("us-west2"),
			LoadBalancingScheme: pulumi.String("INTERNAL"),
			BackendService:      producerServiceBackend.ID(),
			AllPorts:            pulumi.Bool(true),
			Network:             pscIlbNetwork.Name,
			Subnetwork:          pscIlbProducerSubnetwork.Name,
		})
		if err != nil {
			return err
		}
		pscIlbNat, err := compute.NewSubnetwork(ctx, "psc_ilb_nat", &compute.SubnetworkArgs{
			Name:        pulumi.String("psc-ilb-nat"),
			Region:      pulumi.String("us-west2"),
			Network:     pscIlbNetwork.ID(),
			Purpose:     pulumi.String("PRIVATE_SERVICE_CONNECT"),
			IpCidrRange: pulumi.String("10.1.0.0/16"),
		})
		if err != nil {
			return err
		}
		pscIlbServiceAttachment, err := compute.NewServiceAttachment(ctx, "psc_ilb_service_attachment", &compute.ServiceAttachmentArgs{
			Name:        pulumi.String("my-psc-ilb"),
			Region:      pulumi.String("us-west2"),
			Description: pulumi.String("A service attachment configured with Terraform"),
			DomainNames: pulumi.StringArray{
				pulumi.String("gcp.tfacc.hashicorptest.com."),
			},
			EnableProxyProtocol:  pulumi.Bool(true),
			ConnectionPreference: pulumi.String("ACCEPT_MANUAL"),
			NatSubnets: pulumi.StringArray{
				pscIlbNat.ID(),
			},
			TargetService: pscIlbTargetService.ID(),
			ConsumerRejectLists: pulumi.StringArray{
				pulumi.String("673497134629"),
				pulumi.String("482878270665"),
			},
			ConsumerAcceptLists: compute.ServiceAttachmentConsumerAcceptListArray{
				&compute.ServiceAttachmentConsumerAcceptListArgs{
					ProjectIdOrNum:  pulumi.String("658859330310"),
					ConnectionLimit: pulumi.Int(4),
				},
			},
		})
		if err != nil {
			return err
		}
		pscIlbConsumerAddress, err := compute.NewAddress(ctx, "psc_ilb_consumer_address", &compute.AddressArgs{
			Name:        pulumi.String("psc-ilb-consumer-address"),
			Region:      pulumi.String("us-west2"),
			Subnetwork:  pulumi.String("default"),
			AddressType: pulumi.String("INTERNAL"),
		})
		if err != nil {
			return err
		}
		_, err = compute.NewForwardingRule(ctx, "psc_ilb_consumer", &compute.ForwardingRuleArgs{
			Name:                pulumi.String("psc-ilb-consumer-forwarding-rule"),
			Region:              pulumi.String("us-west2"),
			Target:              pscIlbServiceAttachment.ID(),
			LoadBalancingScheme: pulumi.String(""),
			Network:             pulumi.String("default"),
			IpAddress:           pscIlbConsumerAddress.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var producerServiceHealthCheck = new Gcp.Compute.HealthCheck("producer_service_health_check", new()
    {
        Name = "producer-service-health-check",
        CheckIntervalSec = 1,
        TimeoutSec = 1,
        TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
        {
            Port = 80,
        },
    });

    var producerServiceBackend = new Gcp.Compute.RegionBackendService("producer_service_backend", new()
    {
        Name = "producer-service",
        Region = "us-west2",
        HealthChecks = producerServiceHealthCheck.Id,
    });

    var pscIlbNetwork = new Gcp.Compute.Network("psc_ilb_network", new()
    {
        Name = "psc-ilb-network",
        AutoCreateSubnetworks = false,
    });

    var pscIlbProducerSubnetwork = new Gcp.Compute.Subnetwork("psc_ilb_producer_subnetwork", new()
    {
        Name = "psc-ilb-producer-subnetwork",
        Region = "us-west2",
        Network = pscIlbNetwork.Id,
        IpCidrRange = "10.0.0.0/16",
    });

    var pscIlbTargetService = new Gcp.Compute.ForwardingRule("psc_ilb_target_service", new()
    {
        Name = "producer-forwarding-rule",
        Region = "us-west2",
        LoadBalancingScheme = "INTERNAL",
        BackendService = producerServiceBackend.Id,
        AllPorts = true,
        Network = pscIlbNetwork.Name,
        Subnetwork = pscIlbProducerSubnetwork.Name,
    });

    var pscIlbNat = new Gcp.Compute.Subnetwork("psc_ilb_nat", new()
    {
        Name = "psc-ilb-nat",
        Region = "us-west2",
        Network = pscIlbNetwork.Id,
        Purpose = "PRIVATE_SERVICE_CONNECT",
        IpCidrRange = "10.1.0.0/16",
    });

    var pscIlbServiceAttachment = new Gcp.Compute.ServiceAttachment("psc_ilb_service_attachment", new()
    {
        Name = "my-psc-ilb",
        Region = "us-west2",
        Description = "A service attachment configured with Terraform",
        DomainNames = new[]
        {
            "gcp.tfacc.hashicorptest.com.",
        },
        EnableProxyProtocol = true,
        ConnectionPreference = "ACCEPT_MANUAL",
        NatSubnets = new[]
        {
            pscIlbNat.Id,
        },
        TargetService = pscIlbTargetService.Id,
        ConsumerRejectLists = new[]
        {
            "673497134629",
            "482878270665",
        },
        ConsumerAcceptLists = new[]
        {
            new Gcp.Compute.Inputs.ServiceAttachmentConsumerAcceptListArgs
            {
                ProjectIdOrNum = "658859330310",
                ConnectionLimit = 4,
            },
        },
    });

    var pscIlbConsumerAddress = new Gcp.Compute.Address("psc_ilb_consumer_address", new()
    {
        Name = "psc-ilb-consumer-address",
        Region = "us-west2",
        Subnetwork = "default",
        AddressType = "INTERNAL",
    });

    var pscIlbConsumer = new Gcp.Compute.ForwardingRule("psc_ilb_consumer", new()
    {
        Name = "psc-ilb-consumer-forwarding-rule",
        Region = "us-west2",
        Target = pscIlbServiceAttachment.Id,
        LoadBalancingScheme = "",
        Network = "default",
        IpAddress = pscIlbConsumerAddress.Id,
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.ServiceAttachment;
import com.pulumi.gcp.compute.ServiceAttachmentArgs;
import com.pulumi.gcp.compute.inputs.ServiceAttachmentConsumerAcceptListArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
            .name("producer-service-health-check")
            .checkIntervalSec(1)
            .timeoutSec(1)
            .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                .port(80)
                .build())
            .build());

        var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
            .name("producer-service")
            .region("us-west2")
            .healthChecks(producerServiceHealthCheck.id())
            .build());

        var pscIlbNetwork = new Network("pscIlbNetwork", NetworkArgs.builder()
            .name("psc-ilb-network")
            .autoCreateSubnetworks(false)
            .build());

        var pscIlbProducerSubnetwork = new Subnetwork("pscIlbProducerSubnetwork", SubnetworkArgs.builder()
            .name("psc-ilb-producer-subnetwork")
            .region("us-west2")
            .network(pscIlbNetwork.id())
            .ipCidrRange("10.0.0.0/16")
            .build());

        var pscIlbTargetService = new ForwardingRule("pscIlbTargetService", ForwardingRuleArgs.builder()
            .name("producer-forwarding-rule")
            .region("us-west2")
            .loadBalancingScheme("INTERNAL")
            .backendService(producerServiceBackend.id())
            .allPorts(true)
            .network(pscIlbNetwork.name())
            .subnetwork(pscIlbProducerSubnetwork.name())
            .build());

        var pscIlbNat = new Subnetwork("pscIlbNat", SubnetworkArgs.builder()
            .name("psc-ilb-nat")
            .region("us-west2")
            .network(pscIlbNetwork.id())
            .purpose("PRIVATE_SERVICE_CONNECT")
            .ipCidrRange("10.1.0.0/16")
            .build());

        var pscIlbServiceAttachment = new ServiceAttachment("pscIlbServiceAttachment", ServiceAttachmentArgs.builder()
            .name("my-psc-ilb")
            .region("us-west2")
            .description("A service attachment configured with Terraform")
            .domainNames("gcp.tfacc.hashicorptest.com.")
            .enableProxyProtocol(true)
            .connectionPreference("ACCEPT_MANUAL")
            .natSubnets(pscIlbNat.id())
            .targetService(pscIlbTargetService.id())
            .consumerRejectLists(            
                "673497134629",
                "482878270665")
            .consumerAcceptLists(ServiceAttachmentConsumerAcceptListArgs.builder()
                .projectIdOrNum("658859330310")
                .connectionLimit(4)
                .build())
            .build());

        var pscIlbConsumerAddress = new Address("pscIlbConsumerAddress", AddressArgs.builder()
            .name("psc-ilb-consumer-address")
            .region("us-west2")
            .subnetwork("default")
            .addressType("INTERNAL")
            .build());

        var pscIlbConsumer = new ForwardingRule("pscIlbConsumer", ForwardingRuleArgs.builder()
            .name("psc-ilb-consumer-forwarding-rule")
            .region("us-west2")
            .target(pscIlbServiceAttachment.id())
            .loadBalancingScheme("")
            .network("default")
            .ipAddress(pscIlbConsumerAddress.id())
            .build());

    }
}
Copy
resources:
  pscIlbServiceAttachment:
    type: gcp:compute:ServiceAttachment
    name: psc_ilb_service_attachment
    properties:
      name: my-psc-ilb
      region: us-west2
      description: A service attachment configured with Terraform
      domainNames:
        - gcp.tfacc.hashicorptest.com.
      enableProxyProtocol: true
      connectionPreference: ACCEPT_MANUAL
      natSubnets:
        - ${pscIlbNat.id}
      targetService: ${pscIlbTargetService.id}
      consumerRejectLists:
        - '673497134629'
        - '482878270665'
      consumerAcceptLists:
        - projectIdOrNum: '658859330310'
          connectionLimit: 4
  pscIlbConsumerAddress:
    type: gcp:compute:Address
    name: psc_ilb_consumer_address
    properties:
      name: psc-ilb-consumer-address
      region: us-west2
      subnetwork: default
      addressType: INTERNAL
  pscIlbConsumer:
    type: gcp:compute:ForwardingRule
    name: psc_ilb_consumer
    properties:
      name: psc-ilb-consumer-forwarding-rule
      region: us-west2
      target: ${pscIlbServiceAttachment.id}
      loadBalancingScheme: ""
      network: default
      ipAddress: ${pscIlbConsumerAddress.id}
  pscIlbTargetService:
    type: gcp:compute:ForwardingRule
    name: psc_ilb_target_service
    properties:
      name: producer-forwarding-rule
      region: us-west2
      loadBalancingScheme: INTERNAL
      backendService: ${producerServiceBackend.id}
      allPorts: true
      network: ${pscIlbNetwork.name}
      subnetwork: ${pscIlbProducerSubnetwork.name}
  producerServiceBackend:
    type: gcp:compute:RegionBackendService
    name: producer_service_backend
    properties:
      name: producer-service
      region: us-west2
      healthChecks: ${producerServiceHealthCheck.id}
  producerServiceHealthCheck:
    type: gcp:compute:HealthCheck
    name: producer_service_health_check
    properties:
      name: producer-service-health-check
      checkIntervalSec: 1
      timeoutSec: 1
      tcpHealthCheck:
        port: '80'
  pscIlbNetwork:
    type: gcp:compute:Network
    name: psc_ilb_network
    properties:
      name: psc-ilb-network
      autoCreateSubnetworks: false
  pscIlbProducerSubnetwork:
    type: gcp:compute:Subnetwork
    name: psc_ilb_producer_subnetwork
    properties:
      name: psc-ilb-producer-subnetwork
      region: us-west2
      network: ${pscIlbNetwork.id}
      ipCidrRange: 10.0.0.0/16
  pscIlbNat:
    type: gcp:compute:Subnetwork
    name: psc_ilb_nat
    properties:
      name: psc-ilb-nat
      region: us-west2
      network: ${pscIlbNetwork.id}
      purpose: PRIVATE_SERVICE_CONNECT
      ipCidrRange: 10.1.0.0/16
Copy

Service Attachment Explicit Networks

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const pscIlbConsumerNetwork = new gcp.compute.Network("psc_ilb_consumer_network", {
    name: "psc-ilb-consumer-network",
    autoCreateSubnetworks: false,
});
const producerServiceHealthCheck = new gcp.compute.HealthCheck("producer_service_health_check", {
    name: "producer-service-health-check",
    checkIntervalSec: 1,
    timeoutSec: 1,
    tcpHealthCheck: {
        port: 80,
    },
});
const producerServiceBackend = new gcp.compute.RegionBackendService("producer_service_backend", {
    name: "producer-service",
    region: "us-west2",
    healthChecks: producerServiceHealthCheck.id,
});
const pscIlbNetwork = new gcp.compute.Network("psc_ilb_network", {
    name: "psc-ilb-network",
    autoCreateSubnetworks: false,
});
const pscIlbProducerSubnetwork = new gcp.compute.Subnetwork("psc_ilb_producer_subnetwork", {
    name: "psc-ilb-producer-subnetwork",
    region: "us-west2",
    network: pscIlbNetwork.id,
    ipCidrRange: "10.0.0.0/16",
});
const pscIlbTargetService = new gcp.compute.ForwardingRule("psc_ilb_target_service", {
    name: "producer-forwarding-rule",
    region: "us-west2",
    loadBalancingScheme: "INTERNAL",
    backendService: producerServiceBackend.id,
    allPorts: true,
    network: pscIlbNetwork.name,
    subnetwork: pscIlbProducerSubnetwork.name,
});
const pscIlbNat = new gcp.compute.Subnetwork("psc_ilb_nat", {
    name: "psc-ilb-nat",
    region: "us-west2",
    network: pscIlbNetwork.id,
    purpose: "PRIVATE_SERVICE_CONNECT",
    ipCidrRange: "10.1.0.0/16",
});
const pscIlbServiceAttachment = new gcp.compute.ServiceAttachment("psc_ilb_service_attachment", {
    name: "my-psc-ilb",
    region: "us-west2",
    description: "A service attachment configured with Terraform",
    enableProxyProtocol: false,
    connectionPreference: "ACCEPT_MANUAL",
    natSubnets: [pscIlbNat.id],
    targetService: pscIlbTargetService.id,
    consumerAcceptLists: [{
        networkUrl: pscIlbConsumerNetwork.selfLink,
        connectionLimit: 1,
    }],
});
const pscIlbConsumerSubnetwork = new gcp.compute.Subnetwork("psc_ilb_consumer_subnetwork", {
    name: "psc-ilb-consumer-network",
    ipCidrRange: "10.0.0.0/16",
    region: "us-west2",
    network: pscIlbConsumerNetwork.id,
});
const pscIlbConsumerAddress = new gcp.compute.Address("psc_ilb_consumer_address", {
    name: "psc-ilb-consumer-address",
    region: "us-west2",
    subnetwork: pscIlbConsumerSubnetwork.id,
    addressType: "INTERNAL",
});
const pscIlbConsumer = new gcp.compute.ForwardingRule("psc_ilb_consumer", {
    name: "psc-ilb-consumer-forwarding-rule",
    region: "us-west2",
    target: pscIlbServiceAttachment.id,
    loadBalancingScheme: "",
    network: pscIlbConsumerNetwork.id,
    subnetwork: pscIlbConsumerSubnetwork.id,
    ipAddress: pscIlbConsumerAddress.id,
});
Copy
import pulumi
import pulumi_gcp as gcp

psc_ilb_consumer_network = gcp.compute.Network("psc_ilb_consumer_network",
    name="psc-ilb-consumer-network",
    auto_create_subnetworks=False)
producer_service_health_check = gcp.compute.HealthCheck("producer_service_health_check",
    name="producer-service-health-check",
    check_interval_sec=1,
    timeout_sec=1,
    tcp_health_check={
        "port": 80,
    })
producer_service_backend = gcp.compute.RegionBackendService("producer_service_backend",
    name="producer-service",
    region="us-west2",
    health_checks=producer_service_health_check.id)
psc_ilb_network = gcp.compute.Network("psc_ilb_network",
    name="psc-ilb-network",
    auto_create_subnetworks=False)
psc_ilb_producer_subnetwork = gcp.compute.Subnetwork("psc_ilb_producer_subnetwork",
    name="psc-ilb-producer-subnetwork",
    region="us-west2",
    network=psc_ilb_network.id,
    ip_cidr_range="10.0.0.0/16")
psc_ilb_target_service = gcp.compute.ForwardingRule("psc_ilb_target_service",
    name="producer-forwarding-rule",
    region="us-west2",
    load_balancing_scheme="INTERNAL",
    backend_service=producer_service_backend.id,
    all_ports=True,
    network=psc_ilb_network.name,
    subnetwork=psc_ilb_producer_subnetwork.name)
psc_ilb_nat = gcp.compute.Subnetwork("psc_ilb_nat",
    name="psc-ilb-nat",
    region="us-west2",
    network=psc_ilb_network.id,
    purpose="PRIVATE_SERVICE_CONNECT",
    ip_cidr_range="10.1.0.0/16")
psc_ilb_service_attachment = gcp.compute.ServiceAttachment("psc_ilb_service_attachment",
    name="my-psc-ilb",
    region="us-west2",
    description="A service attachment configured with Terraform",
    enable_proxy_protocol=False,
    connection_preference="ACCEPT_MANUAL",
    nat_subnets=[psc_ilb_nat.id],
    target_service=psc_ilb_target_service.id,
    consumer_accept_lists=[{
        "network_url": psc_ilb_consumer_network.self_link,
        "connection_limit": 1,
    }])
psc_ilb_consumer_subnetwork = gcp.compute.Subnetwork("psc_ilb_consumer_subnetwork",
    name="psc-ilb-consumer-network",
    ip_cidr_range="10.0.0.0/16",
    region="us-west2",
    network=psc_ilb_consumer_network.id)
psc_ilb_consumer_address = gcp.compute.Address("psc_ilb_consumer_address",
    name="psc-ilb-consumer-address",
    region="us-west2",
    subnetwork=psc_ilb_consumer_subnetwork.id,
    address_type="INTERNAL")
psc_ilb_consumer = gcp.compute.ForwardingRule("psc_ilb_consumer",
    name="psc-ilb-consumer-forwarding-rule",
    region="us-west2",
    target=psc_ilb_service_attachment.id,
    load_balancing_scheme="",
    network=psc_ilb_consumer_network.id,
    subnetwork=psc_ilb_consumer_subnetwork.id,
    ip_address=psc_ilb_consumer_address.id)
Copy
package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pscIlbConsumerNetwork, err := compute.NewNetwork(ctx, "psc_ilb_consumer_network", &compute.NetworkArgs{
			Name:                  pulumi.String("psc-ilb-consumer-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		producerServiceHealthCheck, err := compute.NewHealthCheck(ctx, "producer_service_health_check", &compute.HealthCheckArgs{
			Name:             pulumi.String("producer-service-health-check"),
			CheckIntervalSec: pulumi.Int(1),
			TimeoutSec:       pulumi.Int(1),
			TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
				Port: pulumi.Int(80),
			},
		})
		if err != nil {
			return err
		}
		producerServiceBackend, err := compute.NewRegionBackendService(ctx, "producer_service_backend", &compute.RegionBackendServiceArgs{
			Name:         pulumi.String("producer-service"),
			Region:       pulumi.String("us-west2"),
			HealthChecks: producerServiceHealthCheck.ID(),
		})
		if err != nil {
			return err
		}
		pscIlbNetwork, err := compute.NewNetwork(ctx, "psc_ilb_network", &compute.NetworkArgs{
			Name:                  pulumi.String("psc-ilb-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		pscIlbProducerSubnetwork, err := compute.NewSubnetwork(ctx, "psc_ilb_producer_subnetwork", &compute.SubnetworkArgs{
			Name:        pulumi.String("psc-ilb-producer-subnetwork"),
			Region:      pulumi.String("us-west2"),
			Network:     pscIlbNetwork.ID(),
			IpCidrRange: pulumi.String("10.0.0.0/16"),
		})
		if err != nil {
			return err
		}
		pscIlbTargetService, err := compute.NewForwardingRule(ctx, "psc_ilb_target_service", &compute.ForwardingRuleArgs{
			Name:                pulumi.String("producer-forwarding-rule"),
			Region:              pulumi.String("us-west2"),
			LoadBalancingScheme: pulumi.String("INTERNAL"),
			BackendService:      producerServiceBackend.ID(),
			AllPorts:            pulumi.Bool(true),
			Network:             pscIlbNetwork.Name,
			Subnetwork:          pscIlbProducerSubnetwork.Name,
		})
		if err != nil {
			return err
		}
		pscIlbNat, err := compute.NewSubnetwork(ctx, "psc_ilb_nat", &compute.SubnetworkArgs{
			Name:        pulumi.String("psc-ilb-nat"),
			Region:      pulumi.String("us-west2"),
			Network:     pscIlbNetwork.ID(),
			Purpose:     pulumi.String("PRIVATE_SERVICE_CONNECT"),
			IpCidrRange: pulumi.String("10.1.0.0/16"),
		})
		if err != nil {
			return err
		}
		pscIlbServiceAttachment, err := compute.NewServiceAttachment(ctx, "psc_ilb_service_attachment", &compute.ServiceAttachmentArgs{
			Name:                 pulumi.String("my-psc-ilb"),
			Region:               pulumi.String("us-west2"),
			Description:          pulumi.String("A service attachment configured with Terraform"),
			EnableProxyProtocol:  pulumi.Bool(false),
			ConnectionPreference: pulumi.String("ACCEPT_MANUAL"),
			NatSubnets: pulumi.StringArray{
				pscIlbNat.ID(),
			},
			TargetService: pscIlbTargetService.ID(),
			ConsumerAcceptLists: compute.ServiceAttachmentConsumerAcceptListArray{
				&compute.ServiceAttachmentConsumerAcceptListArgs{
					NetworkUrl:      pscIlbConsumerNetwork.SelfLink,
					ConnectionLimit: pulumi.Int(1),
				},
			},
		})
		if err != nil {
			return err
		}
		pscIlbConsumerSubnetwork, err := compute.NewSubnetwork(ctx, "psc_ilb_consumer_subnetwork", &compute.SubnetworkArgs{
			Name:        pulumi.String("psc-ilb-consumer-network"),
			IpCidrRange: pulumi.String("10.0.0.0/16"),
			Region:      pulumi.String("us-west2"),
			Network:     pscIlbConsumerNetwork.ID(),
		})
		if err != nil {
			return err
		}
		pscIlbConsumerAddress, err := compute.NewAddress(ctx, "psc_ilb_consumer_address", &compute.AddressArgs{
			Name:        pulumi.String("psc-ilb-consumer-address"),
			Region:      pulumi.String("us-west2"),
			Subnetwork:  pscIlbConsumerSubnetwork.ID(),
			AddressType: pulumi.String("INTERNAL"),
		})
		if err != nil {
			return err
		}
		_, err = compute.NewForwardingRule(ctx, "psc_ilb_consumer", &compute.ForwardingRuleArgs{
			Name:                pulumi.String("psc-ilb-consumer-forwarding-rule"),
			Region:              pulumi.String("us-west2"),
			Target:              pscIlbServiceAttachment.ID(),
			LoadBalancingScheme: pulumi.String(""),
			Network:             pscIlbConsumerNetwork.ID(),
			Subnetwork:          pscIlbConsumerSubnetwork.ID(),
			IpAddress:           pscIlbConsumerAddress.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var pscIlbConsumerNetwork = new Gcp.Compute.Network("psc_ilb_consumer_network", new()
    {
        Name = "psc-ilb-consumer-network",
        AutoCreateSubnetworks = false,
    });

    var producerServiceHealthCheck = new Gcp.Compute.HealthCheck("producer_service_health_check", new()
    {
        Name = "producer-service-health-check",
        CheckIntervalSec = 1,
        TimeoutSec = 1,
        TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
        {
            Port = 80,
        },
    });

    var producerServiceBackend = new Gcp.Compute.RegionBackendService("producer_service_backend", new()
    {
        Name = "producer-service",
        Region = "us-west2",
        HealthChecks = producerServiceHealthCheck.Id,
    });

    var pscIlbNetwork = new Gcp.Compute.Network("psc_ilb_network", new()
    {
        Name = "psc-ilb-network",
        AutoCreateSubnetworks = false,
    });

    var pscIlbProducerSubnetwork = new Gcp.Compute.Subnetwork("psc_ilb_producer_subnetwork", new()
    {
        Name = "psc-ilb-producer-subnetwork",
        Region = "us-west2",
        Network = pscIlbNetwork.Id,
        IpCidrRange = "10.0.0.0/16",
    });

    var pscIlbTargetService = new Gcp.Compute.ForwardingRule("psc_ilb_target_service", new()
    {
        Name = "producer-forwarding-rule",
        Region = "us-west2",
        LoadBalancingScheme = "INTERNAL",
        BackendService = producerServiceBackend.Id,
        AllPorts = true,
        Network = pscIlbNetwork.Name,
        Subnetwork = pscIlbProducerSubnetwork.Name,
    });

    var pscIlbNat = new Gcp.Compute.Subnetwork("psc_ilb_nat", new()
    {
        Name = "psc-ilb-nat",
        Region = "us-west2",
        Network = pscIlbNetwork.Id,
        Purpose = "PRIVATE_SERVICE_CONNECT",
        IpCidrRange = "10.1.0.0/16",
    });

    var pscIlbServiceAttachment = new Gcp.Compute.ServiceAttachment("psc_ilb_service_attachment", new()
    {
        Name = "my-psc-ilb",
        Region = "us-west2",
        Description = "A service attachment configured with Terraform",
        EnableProxyProtocol = false,
        ConnectionPreference = "ACCEPT_MANUAL",
        NatSubnets = new[]
        {
            pscIlbNat.Id,
        },
        TargetService = pscIlbTargetService.Id,
        ConsumerAcceptLists = new[]
        {
            new Gcp.Compute.Inputs.ServiceAttachmentConsumerAcceptListArgs
            {
                NetworkUrl = pscIlbConsumerNetwork.SelfLink,
                ConnectionLimit = 1,
            },
        },
    });

    var pscIlbConsumerSubnetwork = new Gcp.Compute.Subnetwork("psc_ilb_consumer_subnetwork", new()
    {
        Name = "psc-ilb-consumer-network",
        IpCidrRange = "10.0.0.0/16",
        Region = "us-west2",
        Network = pscIlbConsumerNetwork.Id,
    });

    var pscIlbConsumerAddress = new Gcp.Compute.Address("psc_ilb_consumer_address", new()
    {
        Name = "psc-ilb-consumer-address",
        Region = "us-west2",
        Subnetwork = pscIlbConsumerSubnetwork.Id,
        AddressType = "INTERNAL",
    });

    var pscIlbConsumer = new Gcp.Compute.ForwardingRule("psc_ilb_consumer", new()
    {
        Name = "psc-ilb-consumer-forwarding-rule",
        Region = "us-west2",
        Target = pscIlbServiceAttachment.Id,
        LoadBalancingScheme = "",
        Network = pscIlbConsumerNetwork.Id,
        Subnetwork = pscIlbConsumerSubnetwork.Id,
        IpAddress = pscIlbConsumerAddress.Id,
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.ServiceAttachment;
import com.pulumi.gcp.compute.ServiceAttachmentArgs;
import com.pulumi.gcp.compute.inputs.ServiceAttachmentConsumerAcceptListArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var pscIlbConsumerNetwork = new Network("pscIlbConsumerNetwork", NetworkArgs.builder()
            .name("psc-ilb-consumer-network")
            .autoCreateSubnetworks(false)
            .build());

        var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
            .name("producer-service-health-check")
            .checkIntervalSec(1)
            .timeoutSec(1)
            .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                .port(80)
                .build())
            .build());

        var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
            .name("producer-service")
            .region("us-west2")
            .healthChecks(producerServiceHealthCheck.id())
            .build());

        var pscIlbNetwork = new Network("pscIlbNetwork", NetworkArgs.builder()
            .name("psc-ilb-network")
            .autoCreateSubnetworks(false)
            .build());

        var pscIlbProducerSubnetwork = new Subnetwork("pscIlbProducerSubnetwork", SubnetworkArgs.builder()
            .name("psc-ilb-producer-subnetwork")
            .region("us-west2")
            .network(pscIlbNetwork.id())
            .ipCidrRange("10.0.0.0/16")
            .build());

        var pscIlbTargetService = new ForwardingRule("pscIlbTargetService", ForwardingRuleArgs.builder()
            .name("producer-forwarding-rule")
            .region("us-west2")
            .loadBalancingScheme("INTERNAL")
            .backendService(producerServiceBackend.id())
            .allPorts(true)
            .network(pscIlbNetwork.name())
            .subnetwork(pscIlbProducerSubnetwork.name())
            .build());

        var pscIlbNat = new Subnetwork("pscIlbNat", SubnetworkArgs.builder()
            .name("psc-ilb-nat")
            .region("us-west2")
            .network(pscIlbNetwork.id())
            .purpose("PRIVATE_SERVICE_CONNECT")
            .ipCidrRange("10.1.0.0/16")
            .build());

        var pscIlbServiceAttachment = new ServiceAttachment("pscIlbServiceAttachment", ServiceAttachmentArgs.builder()
            .name("my-psc-ilb")
            .region("us-west2")
            .description("A service attachment configured with Terraform")
            .enableProxyProtocol(false)
            .connectionPreference("ACCEPT_MANUAL")
            .natSubnets(pscIlbNat.id())
            .targetService(pscIlbTargetService.id())
            .consumerAcceptLists(ServiceAttachmentConsumerAcceptListArgs.builder()
                .networkUrl(pscIlbConsumerNetwork.selfLink())
                .connectionLimit(1)
                .build())
            .build());

        var pscIlbConsumerSubnetwork = new Subnetwork("pscIlbConsumerSubnetwork", SubnetworkArgs.builder()
            .name("psc-ilb-consumer-network")
            .ipCidrRange("10.0.0.0/16")
            .region("us-west2")
            .network(pscIlbConsumerNetwork.id())
            .build());

        var pscIlbConsumerAddress = new Address("pscIlbConsumerAddress", AddressArgs.builder()
            .name("psc-ilb-consumer-address")
            .region("us-west2")
            .subnetwork(pscIlbConsumerSubnetwork.id())
            .addressType("INTERNAL")
            .build());

        var pscIlbConsumer = new ForwardingRule("pscIlbConsumer", ForwardingRuleArgs.builder()
            .name("psc-ilb-consumer-forwarding-rule")
            .region("us-west2")
            .target(pscIlbServiceAttachment.id())
            .loadBalancingScheme("")
            .network(pscIlbConsumerNetwork.id())
            .subnetwork(pscIlbConsumerSubnetwork.id())
            .ipAddress(pscIlbConsumerAddress.id())
            .build());

    }
}
Copy
resources:
  pscIlbServiceAttachment:
    type: gcp:compute:ServiceAttachment
    name: psc_ilb_service_attachment
    properties:
      name: my-psc-ilb
      region: us-west2
      description: A service attachment configured with Terraform
      enableProxyProtocol: false
      connectionPreference: ACCEPT_MANUAL
      natSubnets:
        - ${pscIlbNat.id}
      targetService: ${pscIlbTargetService.id}
      consumerAcceptLists:
        - networkUrl: ${pscIlbConsumerNetwork.selfLink}
          connectionLimit: 1
  pscIlbConsumerNetwork:
    type: gcp:compute:Network
    name: psc_ilb_consumer_network
    properties:
      name: psc-ilb-consumer-network
      autoCreateSubnetworks: false
  pscIlbConsumerSubnetwork:
    type: gcp:compute:Subnetwork
    name: psc_ilb_consumer_subnetwork
    properties:
      name: psc-ilb-consumer-network
      ipCidrRange: 10.0.0.0/16
      region: us-west2
      network: ${pscIlbConsumerNetwork.id}
  pscIlbConsumerAddress:
    type: gcp:compute:Address
    name: psc_ilb_consumer_address
    properties:
      name: psc-ilb-consumer-address
      region: us-west2
      subnetwork: ${pscIlbConsumerSubnetwork.id}
      addressType: INTERNAL
  pscIlbConsumer:
    type: gcp:compute:ForwardingRule
    name: psc_ilb_consumer
    properties:
      name: psc-ilb-consumer-forwarding-rule
      region: us-west2
      target: ${pscIlbServiceAttachment.id}
      loadBalancingScheme: ""
      network: ${pscIlbConsumerNetwork.id}
      subnetwork: ${pscIlbConsumerSubnetwork.id}
      ipAddress: ${pscIlbConsumerAddress.id}
  pscIlbTargetService:
    type: gcp:compute:ForwardingRule
    name: psc_ilb_target_service
    properties:
      name: producer-forwarding-rule
      region: us-west2
      loadBalancingScheme: INTERNAL
      backendService: ${producerServiceBackend.id}
      allPorts: true
      network: ${pscIlbNetwork.name}
      subnetwork: ${pscIlbProducerSubnetwork.name}
  producerServiceBackend:
    type: gcp:compute:RegionBackendService
    name: producer_service_backend
    properties:
      name: producer-service
      region: us-west2
      healthChecks: ${producerServiceHealthCheck.id}
  producerServiceHealthCheck:
    type: gcp:compute:HealthCheck
    name: producer_service_health_check
    properties:
      name: producer-service-health-check
      checkIntervalSec: 1
      timeoutSec: 1
      tcpHealthCheck:
        port: '80'
  pscIlbNetwork:
    type: gcp:compute:Network
    name: psc_ilb_network
    properties:
      name: psc-ilb-network
      autoCreateSubnetworks: false
  pscIlbProducerSubnetwork:
    type: gcp:compute:Subnetwork
    name: psc_ilb_producer_subnetwork
    properties:
      name: psc-ilb-producer-subnetwork
      region: us-west2
      network: ${pscIlbNetwork.id}
      ipCidrRange: 10.0.0.0/16
  pscIlbNat:
    type: gcp:compute:Subnetwork
    name: psc_ilb_nat
    properties:
      name: psc-ilb-nat
      region: us-west2
      network: ${pscIlbNetwork.id}
      purpose: PRIVATE_SERVICE_CONNECT
      ipCidrRange: 10.1.0.0/16
Copy

Service Attachment Reconcile Connections

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const producerServiceHealthCheck = new gcp.compute.HealthCheck("producer_service_health_check", {
    name: "producer-service-health-check",
    checkIntervalSec: 1,
    timeoutSec: 1,
    tcpHealthCheck: {
        port: 80,
    },
});
const producerServiceBackend = new gcp.compute.RegionBackendService("producer_service_backend", {
    name: "producer-service",
    region: "us-west2",
    healthChecks: producerServiceHealthCheck.id,
});
const pscIlbNetwork = new gcp.compute.Network("psc_ilb_network", {
    name: "psc-ilb-network",
    autoCreateSubnetworks: false,
});
const pscIlbProducerSubnetwork = new gcp.compute.Subnetwork("psc_ilb_producer_subnetwork", {
    name: "psc-ilb-producer-subnetwork",
    region: "us-west2",
    network: pscIlbNetwork.id,
    ipCidrRange: "10.0.0.0/16",
});
const pscIlbTargetService = new gcp.compute.ForwardingRule("psc_ilb_target_service", {
    name: "producer-forwarding-rule",
    region: "us-west2",
    loadBalancingScheme: "INTERNAL",
    backendService: producerServiceBackend.id,
    allPorts: true,
    network: pscIlbNetwork.name,
    subnetwork: pscIlbProducerSubnetwork.name,
});
const pscIlbNat = new gcp.compute.Subnetwork("psc_ilb_nat", {
    name: "psc-ilb-nat",
    region: "us-west2",
    network: pscIlbNetwork.id,
    purpose: "PRIVATE_SERVICE_CONNECT",
    ipCidrRange: "10.1.0.0/16",
});
const pscIlbServiceAttachment = new gcp.compute.ServiceAttachment("psc_ilb_service_attachment", {
    name: "my-psc-ilb",
    region: "us-west2",
    description: "A service attachment configured with Terraform",
    domainNames: ["gcp.tfacc.hashicorptest.com."],
    enableProxyProtocol: true,
    connectionPreference: "ACCEPT_MANUAL",
    natSubnets: [pscIlbNat.id],
    targetService: pscIlbTargetService.id,
    consumerRejectLists: [
        "673497134629",
        "482878270665",
    ],
    consumerAcceptLists: [{
        projectIdOrNum: "658859330310",
        connectionLimit: 4,
    }],
    reconcileConnections: false,
});
Copy
import pulumi
import pulumi_gcp as gcp

producer_service_health_check = gcp.compute.HealthCheck("producer_service_health_check",
    name="producer-service-health-check",
    check_interval_sec=1,
    timeout_sec=1,
    tcp_health_check={
        "port": 80,
    })
producer_service_backend = gcp.compute.RegionBackendService("producer_service_backend",
    name="producer-service",
    region="us-west2",
    health_checks=producer_service_health_check.id)
psc_ilb_network = gcp.compute.Network("psc_ilb_network",
    name="psc-ilb-network",
    auto_create_subnetworks=False)
psc_ilb_producer_subnetwork = gcp.compute.Subnetwork("psc_ilb_producer_subnetwork",
    name="psc-ilb-producer-subnetwork",
    region="us-west2",
    network=psc_ilb_network.id,
    ip_cidr_range="10.0.0.0/16")
psc_ilb_target_service = gcp.compute.ForwardingRule("psc_ilb_target_service",
    name="producer-forwarding-rule",
    region="us-west2",
    load_balancing_scheme="INTERNAL",
    backend_service=producer_service_backend.id,
    all_ports=True,
    network=psc_ilb_network.name,
    subnetwork=psc_ilb_producer_subnetwork.name)
psc_ilb_nat = gcp.compute.Subnetwork("psc_ilb_nat",
    name="psc-ilb-nat",
    region="us-west2",
    network=psc_ilb_network.id,
    purpose="PRIVATE_SERVICE_CONNECT",
    ip_cidr_range="10.1.0.0/16")
psc_ilb_service_attachment = gcp.compute.ServiceAttachment("psc_ilb_service_attachment",
    name="my-psc-ilb",
    region="us-west2",
    description="A service attachment configured with Terraform",
    domain_names=["gcp.tfacc.hashicorptest.com."],
    enable_proxy_protocol=True,
    connection_preference="ACCEPT_MANUAL",
    nat_subnets=[psc_ilb_nat.id],
    target_service=psc_ilb_target_service.id,
    consumer_reject_lists=[
        "673497134629",
        "482878270665",
    ],
    consumer_accept_lists=[{
        "project_id_or_num": "658859330310",
        "connection_limit": 4,
    }],
    reconcile_connections=False)
Copy
package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		producerServiceHealthCheck, err := compute.NewHealthCheck(ctx, "producer_service_health_check", &compute.HealthCheckArgs{
			Name:             pulumi.String("producer-service-health-check"),
			CheckIntervalSec: pulumi.Int(1),
			TimeoutSec:       pulumi.Int(1),
			TcpHealthCheck: &compute.HealthCheckTcpHealthCheckArgs{
				Port: pulumi.Int(80),
			},
		})
		if err != nil {
			return err
		}
		producerServiceBackend, err := compute.NewRegionBackendService(ctx, "producer_service_backend", &compute.RegionBackendServiceArgs{
			Name:         pulumi.String("producer-service"),
			Region:       pulumi.String("us-west2"),
			HealthChecks: producerServiceHealthCheck.ID(),
		})
		if err != nil {
			return err
		}
		pscIlbNetwork, err := compute.NewNetwork(ctx, "psc_ilb_network", &compute.NetworkArgs{
			Name:                  pulumi.String("psc-ilb-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		pscIlbProducerSubnetwork, err := compute.NewSubnetwork(ctx, "psc_ilb_producer_subnetwork", &compute.SubnetworkArgs{
			Name:        pulumi.String("psc-ilb-producer-subnetwork"),
			Region:      pulumi.String("us-west2"),
			Network:     pscIlbNetwork.ID(),
			IpCidrRange: pulumi.String("10.0.0.0/16"),
		})
		if err != nil {
			return err
		}
		pscIlbTargetService, err := compute.NewForwardingRule(ctx, "psc_ilb_target_service", &compute.ForwardingRuleArgs{
			Name:                pulumi.String("producer-forwarding-rule"),
			Region:              pulumi.String("us-west2"),
			LoadBalancingScheme: pulumi.String("INTERNAL"),
			BackendService:      producerServiceBackend.ID(),
			AllPorts:            pulumi.Bool(true),
			Network:             pscIlbNetwork.Name,
			Subnetwork:          pscIlbProducerSubnetwork.Name,
		})
		if err != nil {
			return err
		}
		pscIlbNat, err := compute.NewSubnetwork(ctx, "psc_ilb_nat", &compute.SubnetworkArgs{
			Name:        pulumi.String("psc-ilb-nat"),
			Region:      pulumi.String("us-west2"),
			Network:     pscIlbNetwork.ID(),
			Purpose:     pulumi.String("PRIVATE_SERVICE_CONNECT"),
			IpCidrRange: pulumi.String("10.1.0.0/16"),
		})
		if err != nil {
			return err
		}
		_, err = compute.NewServiceAttachment(ctx, "psc_ilb_service_attachment", &compute.ServiceAttachmentArgs{
			Name:        pulumi.String("my-psc-ilb"),
			Region:      pulumi.String("us-west2"),
			Description: pulumi.String("A service attachment configured with Terraform"),
			DomainNames: pulumi.StringArray{
				pulumi.String("gcp.tfacc.hashicorptest.com."),
			},
			EnableProxyProtocol:  pulumi.Bool(true),
			ConnectionPreference: pulumi.String("ACCEPT_MANUAL"),
			NatSubnets: pulumi.StringArray{
				pscIlbNat.ID(),
			},
			TargetService: pscIlbTargetService.ID(),
			ConsumerRejectLists: pulumi.StringArray{
				pulumi.String("673497134629"),
				pulumi.String("482878270665"),
			},
			ConsumerAcceptLists: compute.ServiceAttachmentConsumerAcceptListArray{
				&compute.ServiceAttachmentConsumerAcceptListArgs{
					ProjectIdOrNum:  pulumi.String("658859330310"),
					ConnectionLimit: pulumi.Int(4),
				},
			},
			ReconcileConnections: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var producerServiceHealthCheck = new Gcp.Compute.HealthCheck("producer_service_health_check", new()
    {
        Name = "producer-service-health-check",
        CheckIntervalSec = 1,
        TimeoutSec = 1,
        TcpHealthCheck = new Gcp.Compute.Inputs.HealthCheckTcpHealthCheckArgs
        {
            Port = 80,
        },
    });

    var producerServiceBackend = new Gcp.Compute.RegionBackendService("producer_service_backend", new()
    {
        Name = "producer-service",
        Region = "us-west2",
        HealthChecks = producerServiceHealthCheck.Id,
    });

    var pscIlbNetwork = new Gcp.Compute.Network("psc_ilb_network", new()
    {
        Name = "psc-ilb-network",
        AutoCreateSubnetworks = false,
    });

    var pscIlbProducerSubnetwork = new Gcp.Compute.Subnetwork("psc_ilb_producer_subnetwork", new()
    {
        Name = "psc-ilb-producer-subnetwork",
        Region = "us-west2",
        Network = pscIlbNetwork.Id,
        IpCidrRange = "10.0.0.0/16",
    });

    var pscIlbTargetService = new Gcp.Compute.ForwardingRule("psc_ilb_target_service", new()
    {
        Name = "producer-forwarding-rule",
        Region = "us-west2",
        LoadBalancingScheme = "INTERNAL",
        BackendService = producerServiceBackend.Id,
        AllPorts = true,
        Network = pscIlbNetwork.Name,
        Subnetwork = pscIlbProducerSubnetwork.Name,
    });

    var pscIlbNat = new Gcp.Compute.Subnetwork("psc_ilb_nat", new()
    {
        Name = "psc-ilb-nat",
        Region = "us-west2",
        Network = pscIlbNetwork.Id,
        Purpose = "PRIVATE_SERVICE_CONNECT",
        IpCidrRange = "10.1.0.0/16",
    });

    var pscIlbServiceAttachment = new Gcp.Compute.ServiceAttachment("psc_ilb_service_attachment", new()
    {
        Name = "my-psc-ilb",
        Region = "us-west2",
        Description = "A service attachment configured with Terraform",
        DomainNames = new[]
        {
            "gcp.tfacc.hashicorptest.com.",
        },
        EnableProxyProtocol = true,
        ConnectionPreference = "ACCEPT_MANUAL",
        NatSubnets = new[]
        {
            pscIlbNat.Id,
        },
        TargetService = pscIlbTargetService.Id,
        ConsumerRejectLists = new[]
        {
            "673497134629",
            "482878270665",
        },
        ConsumerAcceptLists = new[]
        {
            new Gcp.Compute.Inputs.ServiceAttachmentConsumerAcceptListArgs
            {
                ProjectIdOrNum = "658859330310",
                ConnectionLimit = 4,
            },
        },
        ReconcileConnections = false,
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.HealthCheck;
import com.pulumi.gcp.compute.HealthCheckArgs;
import com.pulumi.gcp.compute.inputs.HealthCheckTcpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.ServiceAttachment;
import com.pulumi.gcp.compute.ServiceAttachmentArgs;
import com.pulumi.gcp.compute.inputs.ServiceAttachmentConsumerAcceptListArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var producerServiceHealthCheck = new HealthCheck("producerServiceHealthCheck", HealthCheckArgs.builder()
            .name("producer-service-health-check")
            .checkIntervalSec(1)
            .timeoutSec(1)
            .tcpHealthCheck(HealthCheckTcpHealthCheckArgs.builder()
                .port(80)
                .build())
            .build());

        var producerServiceBackend = new RegionBackendService("producerServiceBackend", RegionBackendServiceArgs.builder()
            .name("producer-service")
            .region("us-west2")
            .healthChecks(producerServiceHealthCheck.id())
            .build());

        var pscIlbNetwork = new Network("pscIlbNetwork", NetworkArgs.builder()
            .name("psc-ilb-network")
            .autoCreateSubnetworks(false)
            .build());

        var pscIlbProducerSubnetwork = new Subnetwork("pscIlbProducerSubnetwork", SubnetworkArgs.builder()
            .name("psc-ilb-producer-subnetwork")
            .region("us-west2")
            .network(pscIlbNetwork.id())
            .ipCidrRange("10.0.0.0/16")
            .build());

        var pscIlbTargetService = new ForwardingRule("pscIlbTargetService", ForwardingRuleArgs.builder()
            .name("producer-forwarding-rule")
            .region("us-west2")
            .loadBalancingScheme("INTERNAL")
            .backendService(producerServiceBackend.id())
            .allPorts(true)
            .network(pscIlbNetwork.name())
            .subnetwork(pscIlbProducerSubnetwork.name())
            .build());

        var pscIlbNat = new Subnetwork("pscIlbNat", SubnetworkArgs.builder()
            .name("psc-ilb-nat")
            .region("us-west2")
            .network(pscIlbNetwork.id())
            .purpose("PRIVATE_SERVICE_CONNECT")
            .ipCidrRange("10.1.0.0/16")
            .build());

        var pscIlbServiceAttachment = new ServiceAttachment("pscIlbServiceAttachment", ServiceAttachmentArgs.builder()
            .name("my-psc-ilb")
            .region("us-west2")
            .description("A service attachment configured with Terraform")
            .domainNames("gcp.tfacc.hashicorptest.com.")
            .enableProxyProtocol(true)
            .connectionPreference("ACCEPT_MANUAL")
            .natSubnets(pscIlbNat.id())
            .targetService(pscIlbTargetService.id())
            .consumerRejectLists(            
                "673497134629",
                "482878270665")
            .consumerAcceptLists(ServiceAttachmentConsumerAcceptListArgs.builder()
                .projectIdOrNum("658859330310")
                .connectionLimit(4)
                .build())
            .reconcileConnections(false)
            .build());

    }
}
Copy
resources:
  pscIlbServiceAttachment:
    type: gcp:compute:ServiceAttachment
    name: psc_ilb_service_attachment
    properties:
      name: my-psc-ilb
      region: us-west2
      description: A service attachment configured with Terraform
      domainNames:
        - gcp.tfacc.hashicorptest.com.
      enableProxyProtocol: true
      connectionPreference: ACCEPT_MANUAL
      natSubnets:
        - ${pscIlbNat.id}
      targetService: ${pscIlbTargetService.id}
      consumerRejectLists:
        - '673497134629'
        - '482878270665'
      consumerAcceptLists:
        - projectIdOrNum: '658859330310'
          connectionLimit: 4
      reconcileConnections: false
  pscIlbTargetService:
    type: gcp:compute:ForwardingRule
    name: psc_ilb_target_service
    properties:
      name: producer-forwarding-rule
      region: us-west2
      loadBalancingScheme: INTERNAL
      backendService: ${producerServiceBackend.id}
      allPorts: true
      network: ${pscIlbNetwork.name}
      subnetwork: ${pscIlbProducerSubnetwork.name}
  producerServiceBackend:
    type: gcp:compute:RegionBackendService
    name: producer_service_backend
    properties:
      name: producer-service
      region: us-west2
      healthChecks: ${producerServiceHealthCheck.id}
  producerServiceHealthCheck:
    type: gcp:compute:HealthCheck
    name: producer_service_health_check
    properties:
      name: producer-service-health-check
      checkIntervalSec: 1
      timeoutSec: 1
      tcpHealthCheck:
        port: '80'
  pscIlbNetwork:
    type: gcp:compute:Network
    name: psc_ilb_network
    properties:
      name: psc-ilb-network
      autoCreateSubnetworks: false
  pscIlbProducerSubnetwork:
    type: gcp:compute:Subnetwork
    name: psc_ilb_producer_subnetwork
    properties:
      name: psc-ilb-producer-subnetwork
      region: us-west2
      network: ${pscIlbNetwork.id}
      ipCidrRange: 10.0.0.0/16
  pscIlbNat:
    type: gcp:compute:Subnetwork
    name: psc_ilb_nat
    properties:
      name: psc-ilb-nat
      region: us-west2
      network: ${pscIlbNetwork.id}
      purpose: PRIVATE_SERVICE_CONNECT
      ipCidrRange: 10.1.0.0/16
Copy

Create ServiceAttachment Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ServiceAttachment(name: string, args: ServiceAttachmentArgs, opts?: CustomResourceOptions);
@overload
def ServiceAttachment(resource_name: str,
                      args: ServiceAttachmentArgs,
                      opts: Optional[ResourceOptions] = None)

@overload
def ServiceAttachment(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      enable_proxy_protocol: Optional[bool] = None,
                      target_service: Optional[str] = None,
                      nat_subnets: Optional[Sequence[str]] = None,
                      connection_preference: Optional[str] = None,
                      name: Optional[str] = None,
                      domain_names: Optional[Sequence[str]] = None,
                      description: Optional[str] = None,
                      consumer_reject_lists: Optional[Sequence[str]] = None,
                      project: Optional[str] = None,
                      propagated_connection_limit: Optional[int] = None,
                      reconcile_connections: Optional[bool] = None,
                      region: Optional[str] = None,
                      consumer_accept_lists: Optional[Sequence[ServiceAttachmentConsumerAcceptListArgs]] = None)
func NewServiceAttachment(ctx *Context, name string, args ServiceAttachmentArgs, opts ...ResourceOption) (*ServiceAttachment, error)
public ServiceAttachment(string name, ServiceAttachmentArgs args, CustomResourceOptions? opts = null)
public ServiceAttachment(String name, ServiceAttachmentArgs args)
public ServiceAttachment(String name, ServiceAttachmentArgs args, CustomResourceOptions options)
type: gcp:compute:ServiceAttachment
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. ServiceAttachmentArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. ServiceAttachmentArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. ServiceAttachmentArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. ServiceAttachmentArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. ServiceAttachmentArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var serviceAttachmentResource = new Gcp.Compute.ServiceAttachment("serviceAttachmentResource", new()
{
    EnableProxyProtocol = false,
    TargetService = "string",
    NatSubnets = new[]
    {
        "string",
    },
    ConnectionPreference = "string",
    Name = "string",
    DomainNames = new[]
    {
        "string",
    },
    Description = "string",
    ConsumerRejectLists = new[]
    {
        "string",
    },
    Project = "string",
    PropagatedConnectionLimit = 0,
    ReconcileConnections = false,
    Region = "string",
    ConsumerAcceptLists = new[]
    {
        new Gcp.Compute.Inputs.ServiceAttachmentConsumerAcceptListArgs
        {
            ConnectionLimit = 0,
            NetworkUrl = "string",
            ProjectIdOrNum = "string",
        },
    },
});
Copy
example, err := compute.NewServiceAttachment(ctx, "serviceAttachmentResource", &compute.ServiceAttachmentArgs{
	EnableProxyProtocol: pulumi.Bool(false),
	TargetService:       pulumi.String("string"),
	NatSubnets: pulumi.StringArray{
		pulumi.String("string"),
	},
	ConnectionPreference: pulumi.String("string"),
	Name:                 pulumi.String("string"),
	DomainNames: pulumi.StringArray{
		pulumi.String("string"),
	},
	Description: pulumi.String("string"),
	ConsumerRejectLists: pulumi.StringArray{
		pulumi.String("string"),
	},
	Project:                   pulumi.String("string"),
	PropagatedConnectionLimit: pulumi.Int(0),
	ReconcileConnections:      pulumi.Bool(false),
	Region:                    pulumi.String("string"),
	ConsumerAcceptLists: compute.ServiceAttachmentConsumerAcceptListArray{
		&compute.ServiceAttachmentConsumerAcceptListArgs{
			ConnectionLimit: pulumi.Int(0),
			NetworkUrl:      pulumi.String("string"),
			ProjectIdOrNum:  pulumi.String("string"),
		},
	},
})
Copy
var serviceAttachmentResource = new ServiceAttachment("serviceAttachmentResource", ServiceAttachmentArgs.builder()
    .enableProxyProtocol(false)
    .targetService("string")
    .natSubnets("string")
    .connectionPreference("string")
    .name("string")
    .domainNames("string")
    .description("string")
    .consumerRejectLists("string")
    .project("string")
    .propagatedConnectionLimit(0)
    .reconcileConnections(false)
    .region("string")
    .consumerAcceptLists(ServiceAttachmentConsumerAcceptListArgs.builder()
        .connectionLimit(0)
        .networkUrl("string")
        .projectIdOrNum("string")
        .build())
    .build());
Copy
service_attachment_resource = gcp.compute.ServiceAttachment("serviceAttachmentResource",
    enable_proxy_protocol=False,
    target_service="string",
    nat_subnets=["string"],
    connection_preference="string",
    name="string",
    domain_names=["string"],
    description="string",
    consumer_reject_lists=["string"],
    project="string",
    propagated_connection_limit=0,
    reconcile_connections=False,
    region="string",
    consumer_accept_lists=[{
        "connection_limit": 0,
        "network_url": "string",
        "project_id_or_num": "string",
    }])
Copy
const serviceAttachmentResource = new gcp.compute.ServiceAttachment("serviceAttachmentResource", {
    enableProxyProtocol: false,
    targetService: "string",
    natSubnets: ["string"],
    connectionPreference: "string",
    name: "string",
    domainNames: ["string"],
    description: "string",
    consumerRejectLists: ["string"],
    project: "string",
    propagatedConnectionLimit: 0,
    reconcileConnections: false,
    region: "string",
    consumerAcceptLists: [{
        connectionLimit: 0,
        networkUrl: "string",
        projectIdOrNum: "string",
    }],
});
Copy
type: gcp:compute:ServiceAttachment
properties:
    connectionPreference: string
    consumerAcceptLists:
        - connectionLimit: 0
          networkUrl: string
          projectIdOrNum: string
    consumerRejectLists:
        - string
    description: string
    domainNames:
        - string
    enableProxyProtocol: false
    name: string
    natSubnets:
        - string
    project: string
    propagatedConnectionLimit: 0
    reconcileConnections: false
    region: string
    targetService: string
Copy

ServiceAttachment Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ServiceAttachment resource accepts the following input properties:

ConnectionPreference This property is required. string
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
EnableProxyProtocol This property is required. bool
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


NatSubnets This property is required. List<string>
An array of subnets that is provided for NAT in this service attachment.
TargetService
This property is required.
Changes to this property will trigger replacement.
string
The URL of a service serving the endpoint identified by this service attachment.
ConsumerAcceptLists List<ServiceAttachmentConsumerAcceptList>
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
ConsumerRejectLists List<string>
An array of projects that are not allowed to connect to this service attachment.
Description string
An optional description of this resource.
DomainNames Changes to this property will trigger replacement. List<string>
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
Name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
Project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
PropagatedConnectionLimit int
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
ReconcileConnections bool
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
Region Changes to this property will trigger replacement. string
URL of the region where the resource resides.
ConnectionPreference This property is required. string
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
EnableProxyProtocol This property is required. bool
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


NatSubnets This property is required. []string
An array of subnets that is provided for NAT in this service attachment.
TargetService
This property is required.
Changes to this property will trigger replacement.
string
The URL of a service serving the endpoint identified by this service attachment.
ConsumerAcceptLists []ServiceAttachmentConsumerAcceptListArgs
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
ConsumerRejectLists []string
An array of projects that are not allowed to connect to this service attachment.
Description string
An optional description of this resource.
DomainNames Changes to this property will trigger replacement. []string
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
Name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
Project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
PropagatedConnectionLimit int
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
ReconcileConnections bool
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
Region Changes to this property will trigger replacement. string
URL of the region where the resource resides.
connectionPreference This property is required. String
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
enableProxyProtocol This property is required. Boolean
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


natSubnets This property is required. List<String>
An array of subnets that is provided for NAT in this service attachment.
targetService
This property is required.
Changes to this property will trigger replacement.
String
The URL of a service serving the endpoint identified by this service attachment.
consumerAcceptLists List<ServiceAttachmentConsumerAcceptList>
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
consumerRejectLists List<String>
An array of projects that are not allowed to connect to this service attachment.
description String
An optional description of this resource.
domainNames Changes to this property will trigger replacement. List<String>
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
name Changes to this property will trigger replacement. String
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
project Changes to this property will trigger replacement. String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
propagatedConnectionLimit Integer
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
reconcileConnections Boolean
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
region Changes to this property will trigger replacement. String
URL of the region where the resource resides.
connectionPreference This property is required. string
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
enableProxyProtocol This property is required. boolean
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


natSubnets This property is required. string[]
An array of subnets that is provided for NAT in this service attachment.
targetService
This property is required.
Changes to this property will trigger replacement.
string
The URL of a service serving the endpoint identified by this service attachment.
consumerAcceptLists ServiceAttachmentConsumerAcceptList[]
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
consumerRejectLists string[]
An array of projects that are not allowed to connect to this service attachment.
description string
An optional description of this resource.
domainNames Changes to this property will trigger replacement. string[]
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
propagatedConnectionLimit number
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
reconcileConnections boolean
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
region Changes to this property will trigger replacement. string
URL of the region where the resource resides.
connection_preference This property is required. str
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
enable_proxy_protocol This property is required. bool
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


nat_subnets This property is required. Sequence[str]
An array of subnets that is provided for NAT in this service attachment.
target_service
This property is required.
Changes to this property will trigger replacement.
str
The URL of a service serving the endpoint identified by this service attachment.
consumer_accept_lists Sequence[ServiceAttachmentConsumerAcceptListArgs]
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
consumer_reject_lists Sequence[str]
An array of projects that are not allowed to connect to this service attachment.
description str
An optional description of this resource.
domain_names Changes to this property will trigger replacement. Sequence[str]
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
name Changes to this property will trigger replacement. str
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
project Changes to this property will trigger replacement. str
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
propagated_connection_limit int
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
reconcile_connections bool
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
region Changes to this property will trigger replacement. str
URL of the region where the resource resides.
connectionPreference This property is required. String
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
enableProxyProtocol This property is required. Boolean
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


natSubnets This property is required. List<String>
An array of subnets that is provided for NAT in this service attachment.
targetService
This property is required.
Changes to this property will trigger replacement.
String
The URL of a service serving the endpoint identified by this service attachment.
consumerAcceptLists List<Property Map>
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
consumerRejectLists List<String>
An array of projects that are not allowed to connect to this service attachment.
description String
An optional description of this resource.
domainNames Changes to this property will trigger replacement. List<String>
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
name Changes to this property will trigger replacement. String
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
project Changes to this property will trigger replacement. String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
propagatedConnectionLimit Number
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
reconcileConnections Boolean
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
region Changes to this property will trigger replacement. String
URL of the region where the resource resides.

Outputs

All input properties are implicitly available as output properties. Additionally, the ServiceAttachment resource produces the following output properties:

ConnectedEndpoints List<ServiceAttachmentConnectedEndpoint>
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
Fingerprint string
Fingerprint of this resource. This field is used internally during updates of this resource.
Id string
The provider-assigned unique ID for this managed resource.
SelfLink string
The URI of the created resource.
ConnectedEndpoints []ServiceAttachmentConnectedEndpoint
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
Fingerprint string
Fingerprint of this resource. This field is used internally during updates of this resource.
Id string
The provider-assigned unique ID for this managed resource.
SelfLink string
The URI of the created resource.
connectedEndpoints List<ServiceAttachmentConnectedEndpoint>
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
fingerprint String
Fingerprint of this resource. This field is used internally during updates of this resource.
id String
The provider-assigned unique ID for this managed resource.
selfLink String
The URI of the created resource.
connectedEndpoints ServiceAttachmentConnectedEndpoint[]
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
fingerprint string
Fingerprint of this resource. This field is used internally during updates of this resource.
id string
The provider-assigned unique ID for this managed resource.
selfLink string
The URI of the created resource.
connected_endpoints Sequence[ServiceAttachmentConnectedEndpoint]
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
fingerprint str
Fingerprint of this resource. This field is used internally during updates of this resource.
id str
The provider-assigned unique ID for this managed resource.
self_link str
The URI of the created resource.
connectedEndpoints List<Property Map>
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
fingerprint String
Fingerprint of this resource. This field is used internally during updates of this resource.
id String
The provider-assigned unique ID for this managed resource.
selfLink String
The URI of the created resource.

Look up Existing ServiceAttachment Resource

Get an existing ServiceAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ServiceAttachmentState, opts?: CustomResourceOptions): ServiceAttachment
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        connected_endpoints: Optional[Sequence[ServiceAttachmentConnectedEndpointArgs]] = None,
        connection_preference: Optional[str] = None,
        consumer_accept_lists: Optional[Sequence[ServiceAttachmentConsumerAcceptListArgs]] = None,
        consumer_reject_lists: Optional[Sequence[str]] = None,
        description: Optional[str] = None,
        domain_names: Optional[Sequence[str]] = None,
        enable_proxy_protocol: Optional[bool] = None,
        fingerprint: Optional[str] = None,
        name: Optional[str] = None,
        nat_subnets: Optional[Sequence[str]] = None,
        project: Optional[str] = None,
        propagated_connection_limit: Optional[int] = None,
        reconcile_connections: Optional[bool] = None,
        region: Optional[str] = None,
        self_link: Optional[str] = None,
        target_service: Optional[str] = None) -> ServiceAttachment
func GetServiceAttachment(ctx *Context, name string, id IDInput, state *ServiceAttachmentState, opts ...ResourceOption) (*ServiceAttachment, error)
public static ServiceAttachment Get(string name, Input<string> id, ServiceAttachmentState? state, CustomResourceOptions? opts = null)
public static ServiceAttachment get(String name, Output<String> id, ServiceAttachmentState state, CustomResourceOptions options)
resources:  _:    type: gcp:compute:ServiceAttachment    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
ConnectedEndpoints List<ServiceAttachmentConnectedEndpoint>
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
ConnectionPreference string
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
ConsumerAcceptLists List<ServiceAttachmentConsumerAcceptList>
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
ConsumerRejectLists List<string>
An array of projects that are not allowed to connect to this service attachment.
Description string
An optional description of this resource.
DomainNames Changes to this property will trigger replacement. List<string>
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
EnableProxyProtocol bool
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


Fingerprint string
Fingerprint of this resource. This field is used internally during updates of this resource.
Name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
NatSubnets List<string>
An array of subnets that is provided for NAT in this service attachment.
Project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
PropagatedConnectionLimit int
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
ReconcileConnections bool
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
Region Changes to this property will trigger replacement. string
URL of the region where the resource resides.
SelfLink string
The URI of the created resource.
TargetService Changes to this property will trigger replacement. string
The URL of a service serving the endpoint identified by this service attachment.
ConnectedEndpoints []ServiceAttachmentConnectedEndpointArgs
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
ConnectionPreference string
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
ConsumerAcceptLists []ServiceAttachmentConsumerAcceptListArgs
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
ConsumerRejectLists []string
An array of projects that are not allowed to connect to this service attachment.
Description string
An optional description of this resource.
DomainNames Changes to this property will trigger replacement. []string
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
EnableProxyProtocol bool
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


Fingerprint string
Fingerprint of this resource. This field is used internally during updates of this resource.
Name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
NatSubnets []string
An array of subnets that is provided for NAT in this service attachment.
Project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
PropagatedConnectionLimit int
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
ReconcileConnections bool
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
Region Changes to this property will trigger replacement. string
URL of the region where the resource resides.
SelfLink string
The URI of the created resource.
TargetService Changes to this property will trigger replacement. string
The URL of a service serving the endpoint identified by this service attachment.
connectedEndpoints List<ServiceAttachmentConnectedEndpoint>
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
connectionPreference String
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
consumerAcceptLists List<ServiceAttachmentConsumerAcceptList>
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
consumerRejectLists List<String>
An array of projects that are not allowed to connect to this service attachment.
description String
An optional description of this resource.
domainNames Changes to this property will trigger replacement. List<String>
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
enableProxyProtocol Boolean
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


fingerprint String
Fingerprint of this resource. This field is used internally during updates of this resource.
name Changes to this property will trigger replacement. String
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
natSubnets List<String>
An array of subnets that is provided for NAT in this service attachment.
project Changes to this property will trigger replacement. String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
propagatedConnectionLimit Integer
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
reconcileConnections Boolean
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
region Changes to this property will trigger replacement. String
URL of the region where the resource resides.
selfLink String
The URI of the created resource.
targetService Changes to this property will trigger replacement. String
The URL of a service serving the endpoint identified by this service attachment.
connectedEndpoints ServiceAttachmentConnectedEndpoint[]
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
connectionPreference string
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
consumerAcceptLists ServiceAttachmentConsumerAcceptList[]
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
consumerRejectLists string[]
An array of projects that are not allowed to connect to this service attachment.
description string
An optional description of this resource.
domainNames Changes to this property will trigger replacement. string[]
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
enableProxyProtocol boolean
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


fingerprint string
Fingerprint of this resource. This field is used internally during updates of this resource.
name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
natSubnets string[]
An array of subnets that is provided for NAT in this service attachment.
project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
propagatedConnectionLimit number
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
reconcileConnections boolean
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
region Changes to this property will trigger replacement. string
URL of the region where the resource resides.
selfLink string
The URI of the created resource.
targetService Changes to this property will trigger replacement. string
The URL of a service serving the endpoint identified by this service attachment.
connected_endpoints Sequence[ServiceAttachmentConnectedEndpointArgs]
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
connection_preference str
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
consumer_accept_lists Sequence[ServiceAttachmentConsumerAcceptListArgs]
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
consumer_reject_lists Sequence[str]
An array of projects that are not allowed to connect to this service attachment.
description str
An optional description of this resource.
domain_names Changes to this property will trigger replacement. Sequence[str]
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
enable_proxy_protocol bool
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


fingerprint str
Fingerprint of this resource. This field is used internally during updates of this resource.
name Changes to this property will trigger replacement. str
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
nat_subnets Sequence[str]
An array of subnets that is provided for NAT in this service attachment.
project Changes to this property will trigger replacement. str
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
propagated_connection_limit int
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
reconcile_connections bool
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
region Changes to this property will trigger replacement. str
URL of the region where the resource resides.
self_link str
The URI of the created resource.
target_service Changes to this property will trigger replacement. str
The URL of a service serving the endpoint identified by this service attachment.
connectedEndpoints List<Property Map>
An array of the consumer forwarding rules connected to this service attachment. Structure is documented below.
connectionPreference String
The connection preference to use for this service attachment. Valid values include "ACCEPT_AUTOMATIC", "ACCEPT_MANUAL".
consumerAcceptLists List<Property Map>
An array of projects that are allowed to connect to this service attachment. Structure is documented below.
consumerRejectLists List<String>
An array of projects that are not allowed to connect to this service attachment.
description String
An optional description of this resource.
domainNames Changes to this property will trigger replacement. List<String>
If specified, the domain name will be used during the integration between the PSC connected endpoints and the Cloud DNS. For example, this is a valid domain name: "p.mycompany.com.". Current max number of domain names supported is 1.
enableProxyProtocol Boolean
If true, enable the proxy protocol which is for supplying client TCP/IP address data in TCP connections that traverse proxies on their way to destination servers.


fingerprint String
Fingerprint of this resource. This field is used internally during updates of this resource.
name Changes to this property will trigger replacement. String
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
natSubnets List<String>
An array of subnets that is provided for NAT in this service attachment.
project Changes to this property will trigger replacement. String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
propagatedConnectionLimit Number
The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center. This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer. If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list. If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint. If unspecified, the default propagated connection limit is 250.
reconcileConnections Boolean
This flag determines whether a consumer accept/reject list change can reconcile the statuses of existing ACCEPTED or REJECTED PSC endpoints. If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified . If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
region Changes to this property will trigger replacement. String
URL of the region where the resource resides.
selfLink String
The URI of the created resource.
targetService Changes to this property will trigger replacement. String
The URL of a service serving the endpoint identified by this service attachment.

Supporting Types

ServiceAttachmentConnectedEndpoint
, ServiceAttachmentConnectedEndpointArgs

ConsumerNetwork string
(Output) The url of the consumer network.
Endpoint string
(Output) The URL of the consumer forwarding rule.
PropagatedConnectionCount int
(Output) The number of consumer Network Connectivity Center spokes that the connected Private Service Connect endpoint has propagated to.
PscConnectionId string
(Output) The PSC connection id of the connected endpoint.
Status string
(Output) The status of the connection from the consumer forwarding rule to this service attachment.
ConsumerNetwork string
(Output) The url of the consumer network.
Endpoint string
(Output) The URL of the consumer forwarding rule.
PropagatedConnectionCount int
(Output) The number of consumer Network Connectivity Center spokes that the connected Private Service Connect endpoint has propagated to.
PscConnectionId string
(Output) The PSC connection id of the connected endpoint.
Status string
(Output) The status of the connection from the consumer forwarding rule to this service attachment.
consumerNetwork String
(Output) The url of the consumer network.
endpoint String
(Output) The URL of the consumer forwarding rule.
propagatedConnectionCount Integer
(Output) The number of consumer Network Connectivity Center spokes that the connected Private Service Connect endpoint has propagated to.
pscConnectionId String
(Output) The PSC connection id of the connected endpoint.
status String
(Output) The status of the connection from the consumer forwarding rule to this service attachment.
consumerNetwork string
(Output) The url of the consumer network.
endpoint string
(Output) The URL of the consumer forwarding rule.
propagatedConnectionCount number
(Output) The number of consumer Network Connectivity Center spokes that the connected Private Service Connect endpoint has propagated to.
pscConnectionId string
(Output) The PSC connection id of the connected endpoint.
status string
(Output) The status of the connection from the consumer forwarding rule to this service attachment.
consumer_network str
(Output) The url of the consumer network.
endpoint str
(Output) The URL of the consumer forwarding rule.
propagated_connection_count int
(Output) The number of consumer Network Connectivity Center spokes that the connected Private Service Connect endpoint has propagated to.
psc_connection_id str
(Output) The PSC connection id of the connected endpoint.
status str
(Output) The status of the connection from the consumer forwarding rule to this service attachment.
consumerNetwork String
(Output) The url of the consumer network.
endpoint String
(Output) The URL of the consumer forwarding rule.
propagatedConnectionCount Number
(Output) The number of consumer Network Connectivity Center spokes that the connected Private Service Connect endpoint has propagated to.
pscConnectionId String
(Output) The PSC connection id of the connected endpoint.
status String
(Output) The status of the connection from the consumer forwarding rule to this service attachment.

ServiceAttachmentConsumerAcceptList
, ServiceAttachmentConsumerAcceptListArgs

ConnectionLimit This property is required. int
The number of consumer forwarding rules the consumer project can create.
NetworkUrl string
The network that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.
ProjectIdOrNum string
A project that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.
ConnectionLimit This property is required. int
The number of consumer forwarding rules the consumer project can create.
NetworkUrl string
The network that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.
ProjectIdOrNum string
A project that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.
connectionLimit This property is required. Integer
The number of consumer forwarding rules the consumer project can create.
networkUrl String
The network that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.
projectIdOrNum String
A project that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.
connectionLimit This property is required. number
The number of consumer forwarding rules the consumer project can create.
networkUrl string
The network that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.
projectIdOrNum string
A project that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.
connection_limit This property is required. int
The number of consumer forwarding rules the consumer project can create.
network_url str
The network that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.
project_id_or_num str
A project that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.
connectionLimit This property is required. Number
The number of consumer forwarding rules the consumer project can create.
networkUrl String
The network that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.
projectIdOrNum String
A project that is allowed to connect to this service attachment. Only one of project_id_or_num and network_url may be set.

Import

ServiceAttachment can be imported using any of these accepted formats:

  • projects/{{project}}/regions/{{region}}/serviceAttachments/{{name}}

  • {{project}}/{{region}}/{{name}}

  • {{region}}/{{name}}

  • {{name}}

When using the pulumi import command, ServiceAttachment can be imported using one of the formats above. For example:

$ pulumi import gcp:compute/serviceAttachment:ServiceAttachment default projects/{{project}}/regions/{{region}}/serviceAttachments/{{name}}
Copy
$ pulumi import gcp:compute/serviceAttachment:ServiceAttachment default {{project}}/{{region}}/{{name}}
Copy
$ pulumi import gcp:compute/serviceAttachment:ServiceAttachment default {{region}}/{{name}}
Copy
$ pulumi import gcp:compute/serviceAttachment:ServiceAttachment default {{name}}
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
Google Cloud (GCP) Classic pulumi/pulumi-gcp
License
Apache-2.0
Notes
This Pulumi package is based on the google-beta Terraform Provider.