Manage Service Connection Policies.
To get more information about ServiceConnectionPolicy, see:
resource "google_compute_network" "producer_net" {
name = "producer-net"
auto_create_subnetworks = false
}
resource "google_compute_subnetwork" "producer_subnet" {
name = "producer-subnet"
ip_cidr_range = "10.0.0.0/16"
region = "us-central1"
network = google_compute_network.producer_net.id
}
resource "google_network_connectivity_service_connection_policy" "default" {
name = "my-network-connectivity-policy"
location = "us-central1"
service_class = "my-basic-service-class"
description = "my basic service connection policy"
network = google_compute_network.producer_net.id
psc_config {
subnetworks = [google_compute_subnetwork.producer_subnet.id]
limit = 2
}
}
The following arguments are supported:
service_class
-
(Required)
The service class identifier for which this ServiceConnectionPolicy is for. The service class identifier is a unique, symbolic representation of a ServiceClass.
It is provided by the Service Producer. Google services have a prefix of gcp. For example, gcp-cloud-sql. 3rd party services do not. For example, test-service-a3dfcx.
network
-
(Required)
The resource path of the consumer network. Example: - projects/{projectNumOrId}/global/networks/{resourceId}.
name
-
(Required)
The name of a ServiceConnectionPolicy. Format: projects/{project}/locations/{location}/serviceConnectionPolicies/{service_connection_policy} See: https://google.aip.dev/122#fields-representing-resource-names
location
-
(Required)
The location of the ServiceConnectionPolicy.
description
-
(Optional)
Free-text description of the resource.
psc_config
-
(Optional)
Configuration used for Private Service Connect connections. Used when Infrastructure is PSC.
Structure is documented below.
labels
-
(Optional)
User-defined labels.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field effective_labels
for all of the labels present on the resource.
project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
The psc_config
block supports:
subnetworks
-
(Required)
IDs of the subnetworks or fully qualified identifiers for the subnetworks
limit
-
(Optional)
Max number of PSC connections for this policy.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/locations/{{location}}/serviceConnectionPolicies/{{name}}
create_time
-
The timestamp when the resource was created.
update_time
-
The timestamp when the resource was updated.
etag
-
The etag is computed by the server, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
psc_connections
-
Information about each Private Service Connect connection.
Structure is documented below.
infrastructure
-
The type of underlying resources used to create the connection.
terraform_labels
-
The combination of labels configured directly on the resource
and default labels configured on the provider.
effective_labels
-
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other clients and services.
The psc_connections
block contains:
state
-
(Optional)
The state of the PSC connection.
Possible values are: STATE_UNSPECIFIED
, ACTIVE
, CREATING
, DELETING
, FAILED
.
consumer_forwarding_rule
-
(Optional)
The resource reference of the PSC Forwarding Rule within the consumer VPC.
consumer_address
-
(Optional)
The resource reference of the consumer address.
error_type
-
(Optional)
The error type indicates whether the error is consumer facing, producer
facing or system internal.
Possible values are: CONNECTION_ERROR_TYPE_UNSPECIFIED
, ERROR_INTERNAL
, ERROR_CONSUMER_SIDE
, ERROR_PRODUCER_SIDE
.
error
-
(Optional)
The most recent error during operating this connection.
Structure is documented below.
gce_operation
-
(Optional)
The last Compute Engine operation to setup PSC connection.
consumer_target_project
-
(Optional)
The project where the PSC connection is created.
psc_connection_id
-
(Optional)
The PSC connection id of the PSC forwarding rule.
error_info
-
(Optional)
The error info for the latest error during operating this connection.
Structure is documented below.
message
-
(Optional)
A developer-facing error message.
code
-
(Optional)
The status code, which should be an enum value of [google.rpc.Code][].
details
-
(Output)
A list of messages that carry the error details.
The error_info
block supports:
reason
-
(Optional)
The reason of the error.
domain
-
(Optional)
The logical grouping to which the "reason" belongs.
metadata
-
(Optional)
Additional structured details about this error.
This resource provides the following Timeouts configuration options:
create
- Default is 30 minutes.update
- Default is 30 minutes.delete
- Default is 30 minutes.ServiceConnectionPolicy can be imported using any of these accepted formats:
projects/{{project}}/locations/{{location}}/serviceConnectionPolicies/{{name}}
{{project}}/{{location}}/{{name}}
{{location}}/{{name}}
In Terraform v1.5.0 and later, use an import
block to import ServiceConnectionPolicy using one of the formats above. For example:
import {
id = "projects/{{project}}/locations/{{location}}/serviceConnectionPolicies/{{name}}"
to = google_network_connectivity_service_connection_policy.default
}
When using the terraform import
command, ServiceConnectionPolicy can be imported using one of the formats above. For example:
$ terraform import google_network_connectivity_service_connection_policy.default projects/{{project}}/locations/{{location}}/serviceConnectionPolicies/{{name}}
$ terraform import google_network_connectivity_service_connection_policy.default {{project}}/{{location}}/{{name}}
$ terraform import google_network_connectivity_service_connection_policy.default {{location}}/{{name}}
This resource supports User Project Overrides.