gcp_compute_forwarding_rule
all_ports
Type: BOOLEAN
Provider name: allPorts
Description: This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By internal TCP/UDP load balancers, backend service-based network load balancers, and internal and external protocol forwarding. Set this field to true to allow packets addressed to any port or packets lacking destination port information (for example, UDP fragments after the first fragment) to be forwarded to the backends configured with this forwarding rule. The ports, port_range, and allPorts fields are mutually exclusive.
allow_global_access
Type: BOOLEAN
Provider name: allowGlobalAccess
Description: This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If set to true, clients can access the Internal TCP/UDP Load Balancer, Internal HTTP(S) and TCP Proxy Load Balancer from all regions. If false, only allows access from the local region the load balancer is located at. Note that for INTERNAL_MANAGED forwarding rules, this field cannot be changed after the forwarding rule is created.
allow_psc_global_access
Type: BOOLEAN
Provider name: allowPscGlobalAccess
Description: This is used in PSC consumer ForwardingRule to control whether the PSC endpoint can be accessed from another region.
ancestors
Type: UNORDERED_LIST_STRING
backend_service
Type: STRING
Provider name: backendService
Description: Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
base_forwarding_rule
Type: STRING
Provider name: baseForwardingRule
Description: [Output Only] The URL for the corresponding base Forwarding Rule. By base Forwarding Rule, we mean the Forwarding Rule that has the same IP address, protocol, and port settings with the current Forwarding Rule, but without sourceIPRanges specified. Always empty if the current Forwarding Rule does not have sourceIPRanges specified.
creation_timestamp
Type: TIMESTAMP
Provider name: creationTimestamp
Description: [Output Only] Creation timestamp in RFC3339 text format.
description
Type: STRING
Provider name: description
Description: An optional description of this resource. Provide this property when you create the resource.
id
Type: STRING
Provider name: id
Description: [Output Only] The unique identifier for the resource. This identifier is defined by the server.
ip_address
Type: STRING
Provider name: IPAddress
Description: IP address for which this forwarding rule accepts traffic. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the referenced target or backendService. While creating a forwarding rule, specifying an IPAddress is required under the following circumstances: - When the target is set to targetGrpcProxy and validateForProxyless is set to true, the IPAddress should be set to 0.0.0.0. - When the target is a Private Service Connect Google APIs bundle, you must specify an IPAddress. Otherwise, you can optionally specify an IP address that references an existing static (reserved) IP address resource. When omitted, Google Cloud assigns an ephemeral IP address. Use one of the following formats to specify an IP address while creating a forwarding rule: * IP address number, as in 100.1.2.3 * IPv6 address range, as in 2600:1234::/96 * Full resource URL, as in https://www.googleapis.com/compute/v1/projects/ project_id/regions/region/addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The forwarding rule’s target or backendService, and in most cases, also the loadBalancingScheme, determine the type of IP address that you can use. For detailed information, see IP address specifications. When reading an IPAddress, the API always returns the IP address number.
ip_protocol
Type: STRING
Provider name: IPProtocol
Description: The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in Load balancing features.
Possible values:
AHESPICMPL3_DEFAULTSCTPTCPUDP
ip_version
Type: STRING
Provider name: ipVersion
Description: The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6.
Possible values:
IPV4IPV6UNSPECIFIED_VERSION
is_mirroring_collector
Type: BOOLEAN
Provider name: isMirroringCollector
Description: Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
kind
Type: STRING
Provider name: kind
Description: [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
labels
Type: UNORDERED_LIST_STRING
load_balancing_scheme
Type: STRING
Provider name: loadBalancingScheme
Description: Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts.
Possible values:
EXTERNALEXTERNAL_MANAGEDINTERNALINTERNAL_MANAGEDINTERNAL_SELF_MANAGEDINVALID
Type: UNORDERED_LIST_STRUCT
Provider name: metadataFilters
Description: Opaque filter criteria used by load balancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to load balancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule are not visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
filter_labels
Type: UNORDERED_LIST_STRUCT
Provider name: filterLabels
Description: The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
name
Type: STRING
Provider name: name
Description: Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
value
Type: STRING
Provider name: value
Description: The value of the label must match the specified value. value can have a maximum length of 1024 characters.
filter_match_criteria
Type: STRING
Provider name: filterMatchCriteria
Description: Specifies how individual filter label matches within the list of filterLabels and contributes toward the overall metadataFilter match. Supported values are: - MATCH_ANY: at least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: all filterLabels must have matching labels in the provided metadata.
Possible values:
MATCH_ALL - Specifies that all filterLabels must match for the metadataFilter to be considered a match.
MATCH_ANY - Specifies that any filterLabel must match for the metadataFilter to be considered a match.
NOT_SET - Indicates that the match criteria was not set. A metadataFilter must never be created with this value.
name
Type: STRING
Provider name: name
Description: Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
network
Type: STRING
Provider name: network
Description: This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If the subnetwork is specified, the network of the subnetwork will be used. If neither subnetwork nor this field is specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
network_tier
Type: STRING
Provider name: networkTier
Description: This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
Possible values:
FIXED_STANDARD - Public internet quality with fixed bandwidth.
PREMIUM - High quality, Google-grade network tier, support for all networking products.
STANDARD - Public internet quality, only limited support for other networking products.
STANDARD_OVERRIDES_FIXED_STANDARD - (Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.
no_automate_dns_zone
Type: BOOLEAN
Provider name: noAutomateDnsZone
Description: This is used in PSC consumer ForwardingRule to control whether it should try to auto-generate a DNS zone or not. Non-PSC forwarding rules do not use this field.
organization_id
Type: STRING
parent
Type: STRING
port_range
Type: STRING
Provider name: portRange
Description: This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By backend service-based network load balancers, target pool-based network load balancers, internal proxy load balancers, external proxy load balancers, Traffic Director, external protocol forwarding, and Classic VPN. Some products have restrictions on what ports can be used. See port specifications for details. Only packets addressed to ports in the specified range will be forwarded to the backends configured with this forwarding rule. The ports, port_range, and allPorts fields are mutually exclusive. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot have overlapping portRanges. @pattern: \d+(?:-\d+)?
ports
Type: UNORDERED_LIST_STRING
Provider name: ports
Description: This field can only be used: - If IPProtocol is one of TCP, UDP, or SCTP. - By internal TCP/UDP load balancers, backend service-based network load balancers, and internal protocol forwarding. You can specify a list of up to five ports by number, separated by commas. The ports can be contiguous or discontiguous. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule. For external forwarding rules, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot share any values defined in ports. For internal forwarding rules within the same VPC network, two or more forwarding rules cannot use the same [IPAddress, IPProtocol] pair, and cannot share any values defined in ports. The ports, port_range, and allPorts fields are mutually exclusive. @pattern: \d+(?:-\d+)?
project_id
Type: STRING
project_number
Type: STRING
psc_connection_id
Type: INT64
Provider name: pscConnectionId
Description: [Output Only] The PSC connection id of the PSC Forwarding Rule.
psc_connection_status
Type: STRING
Provider name: pscConnectionStatus
region
Type: STRING
Provider name: region
Description: [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
resource_name
Type: STRING
self_link
Type: STRING
Provider name: selfLink
Description: [Output Only] Server-defined URL for the resource.
service_directory_registrations
Type: UNORDERED_LIST_STRUCT
Provider name: serviceDirectoryRegistrations
Description: Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
namespace
Type: STRING
Provider name: namespace
Description: Service Directory namespace to register the forwarding rule under.
service
Type: STRING
Provider name: service
Description: Service Directory service to register the forwarding rule under.
service_directory_region
Type: STRING
Provider name: serviceDirectoryRegion
Description: [Optional] Service Directory region to register this global forwarding rule under. Default to “us-central1”. Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
service_label
Type: STRING
Provider name: serviceLabel
Description: An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
service_name
Type: STRING
Provider name: serviceName
Description: [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
source_ip_ranges
Type: UNORDERED_LIST_STRING
Provider name: sourceIpRanges
Description: If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each source_ip_range entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
subnetwork
Type: STRING
Provider name: subnetwork
Description: This field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule, used in internal load balancing and network load balancing with IPv6. If the network specified is in auto subnet mode, this field is optional. However, a subnetwork must be specified if the network is in custom subnet mode or when creating external forwarding rule with IPv6.
Type: UNORDERED_LIST_STRING
target
Type: STRING
Provider name: target
Description: The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must be in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object. - For load balancers, see the “Target” column in Port specifications. - For Private Service Connect forwarding rules that forward traffic to Google APIs, provide the name of a supported Google API bundle: - vpc-sc - APIs that support VPC Service Controls. - all-apis - All supported Google APIs. - For Private Service Connect forwarding rules that forward traffic to managed services, the target must be a service attachment.
