gcp_compute_router

ancestors

Type: UNORDERED_LIST_STRING

bgp

Type: STRUCT
Provider name: bgp
Description: BGP information specific to this router.

  • advertise_mode
    Type: STRING
    Provider name: advertiseMode
    Description: User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
    Possible values:
    • CUSTOM
    • DEFAULT
  • advertised_groups
    Type: UNORDERED_LIST_STRING
    Provider name: advertisedGroups
    Description: User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
  • advertised_ip_ranges
    Type: UNORDERED_LIST_STRUCT
    Provider name: advertisedIpRanges
    Description: User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
    • description
      Type: STRING
      Provider name: description
      Description: User-specified description for the IP range.
    • range
      Type: STRING
      Provider name: range
      Description: The IP range to advertise. The value must be a CIDR-formatted string.
  • asn
    Type: INT32
    Provider name: asn
    Description: Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
  • keepalive_interval
    Type: INT32
    Provider name: keepaliveInterval
    Description: The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer’s hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.

bgp_peers

Type: UNORDERED_LIST_STRUCT
Provider name: bgpPeers
Description: BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.

  • advertise_mode
    Type: STRING
    Provider name: advertiseMode
    Description: User-specified flag to indicate which mode to use for advertisement.
    Possible values:
    • CUSTOM
    • DEFAULT
  • advertised_groups
    Type: UNORDERED_LIST_STRING
    Provider name: advertisedGroups
    Description: User-specified list of prefix groups to advertise in custom mode, which currently supports the following option: - ALL_SUBNETS: Advertises all of the router’s own VPC subnets. This excludes any routes learned for subnets that use VPC Network Peering. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the “bgp” message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
  • advertised_ip_ranges
    Type: UNORDERED_LIST_STRUCT
    Provider name: advertisedIpRanges
    Description: User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the “bgp” message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
    • description
      Type: STRING
      Provider name: description
      Description: User-specified description for the IP range.
    • range
      Type: STRING
      Provider name: range
      Description: The IP range to advertise. The value must be a CIDR-formatted string.
  • advertised_route_priority
    Type: INT32
    Provider name: advertisedRoutePriority
    Description: The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
  • bfd
    Type: STRUCT
    Provider name: bfd
    Description: BFD configuration for the BGP peering.
    • min_receive_interval
      Type: INT32
      Provider name: minReceiveInterval
      Description: The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000.
    • min_transmit_interval
      Type: INT32
      Provider name: minTransmitInterval
      Description: The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000.
    • multiplier
      Type: INT32
      Provider name: multiplier
      Description: The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. If set, the value must be a value between 5 and 16. The default is 5.
    • session_initialization_mode
      Type: STRING
      Provider name: sessionInitializationMode
      Description: The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED.
      Possible values:
      • ACTIVE
      • DISABLED
      • PASSIVE
  • custom_learned_ip_ranges
    Type: UNORDERED_LIST_STRUCT
    Provider name: customLearnedIpRanges
    Description: A list of user-defined custom learned route IP address ranges for a BGP session.
    • range
      Type: STRING
      Provider name: range
      Description: The custom learned route IP address range. Must be a valid CIDR-formatted prefix. If an IP address is provided without a subnet mask, it is interpreted as, for IPv4, a /32 singular IP address range, and, for IPv6, /128.
  • custom_learned_route_priority
    Type: INT32
    Provider name: customLearnedRoutePriority
    Description: The user-defined custom learned route priority for a BGP session. This value is applied to all custom learned route ranges for the session. You can choose a value from 0 to 65335. If you don’t provide a value, Google Cloud assigns a priority of 100 to the ranges.
  • enable
    Type: STRING
    Provider name: enable
    Description: The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
    Possible values:
    • FALSE
    • TRUE
  • enable_ipv6
    Type: BOOLEAN
    Provider name: enableIpv6
    Description: Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default.
  • interface_name
    Type: STRING
    Provider name: interfaceName
    Description: Name of the interface the BGP peer is associated with.
  • ip_address
    Type: STRING
    Provider name: ipAddress
    Description: IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
  • ipv6_nexthop_address
    Type: STRING
    Provider name: ipv6NexthopAddress
    Description: IPv6 address of the interface inside Google Cloud Platform.
  • management_type
    Type: STRING
    Provider name: managementType
    Description: [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
    Possible values:
    • MANAGED_BY_ATTACHMENT - The BGP peer is automatically created for PARTNER type InterconnectAttachment; Google will automatically create/delete this BGP peer when the PARTNER InterconnectAttachment is created/deleted, and Google will update the ipAddress and peerIpAddress when the PARTNER InterconnectAttachment is provisioned. This type of BGP peer cannot be created or deleted, but can be modified for all fields except for name, ipAddress and peerIpAddress.
    • MANAGED_BY_USER - Default value, the BGP peer is manually created and managed by user.
  • md5_authentication_key_name
    Type: STRING
    Provider name: md5AuthenticationKeyName
    Description: Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the Router.md5_authentication_keys. The field must comply with RFC1035.
  • name
    Type: STRING
    Provider name: name
    Description: Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
  • peer_asn
    Type: INT32
    Provider name: peerAsn
    Description: Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
  • peer_ip_address
    Type: STRING
    Provider name: peerIpAddress
    Description: IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
  • peer_ipv6_nexthop_address
    Type: STRING
    Provider name: peerIpv6NexthopAddress
    Description: IPv6 address of the BGP interface outside Google Cloud Platform.
  • router_appliance_instance
    Type: STRING
    Provider name: routerApplianceInstance
    Description: URI of the VM instance that is used as third-party router appliances such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session.

creation_timestamp

Type: TIMESTAMP
Provider name: creationTimestamp
Description: [Output Only] Creation timestamp in RFC3339 text format.

description

Type: STRING
Provider name: description
Description: An optional description of this resource. Provide this property when you create the resource.

encrypted_interconnect_router

Type: BOOLEAN
Provider name: encryptedInterconnectRouter
Description: Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).

id

Type: STRING
Provider name: id
Description: [Output Only] The unique identifier for the resource. This identifier is defined by the server.

interfaces

Type: UNORDERED_LIST_STRUCT
Provider name: interfaces
Description: Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.

  • ip_range
    Type: STRING
    Provider name: ipRange
    Description: IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
  • linked_interconnect_attachment
    Type: STRING
    Provider name: linkedInterconnectAttachment
    Description: URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
  • linked_vpn_tunnel
    Type: STRING
    Provider name: linkedVpnTunnel
    Description: URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
  • management_type
    Type: STRING
    Provider name: managementType
    Description: [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
    Possible values:
    • MANAGED_BY_ATTACHMENT - The interface is automatically created for PARTNER type InterconnectAttachment, Google will automatically create/update/delete this interface when the PARTNER InterconnectAttachment is created/provisioned/deleted. This type of interface cannot be manually managed by user.
    • MANAGED_BY_USER - Default value, the interface is manually created and managed by user.
  • name
    Type: STRING
    Provider name: name
    Description: Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
  • private_ip_address
    Type: STRING
    Provider name: privateIpAddress
    Description: The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
  • redundant_interface
    Type: STRING
    Provider name: redundantInterface
    Description: Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
  • subnetwork
    Type: STRING
    Provider name: subnetwork
    Description: The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here.

kind

Type: STRING
Provider name: kind
Description: [Output Only] Type of resource. Always compute#router for routers.

labels

Type: UNORDERED_LIST_STRING

md5_authentication_keys

Type: UNORDERED_LIST_STRUCT
Provider name: md5AuthenticationKeys
Description: Keys used for MD5 authentication.

  • key
    Type: STRING
    Provider name: key
    Description: [Input only] Value of the key. For patch and update calls, it can be skipped to copy the value from the previous configuration. This is allowed if the key with the same name existed before the operation. Maximum length is 80 characters. Can only contain printable ASCII characters.
  • name
    Type: STRING
    Provider name: name
    Description: Name used to identify the key. Must be unique within a router. Must be referenced by at least one bgpPeer. Must comply with RFC1035.

name

Type: STRING
Provider name: name
Description: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

nats

Type: UNORDERED_LIST_STRUCT
Provider name: nats
Description: A list of NAT services created in this router.

  • auto_network_tier
    Type: STRING
    Provider name: autoNetworkTier
    Description: The network tier to use when automatically reserving IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, PREMIUM tier will be used.
    Possible values:
    • FIXED_STANDARD - Public internet quality with fixed bandwidth.
    • PREMIUM - High quality, Google-grade network tier, support for all networking products.
    • STANDARD - Public internet quality, only limited support for other networking products.
    • STANDARD_OVERRIDES_FIXED_STANDARD - (Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.
  • drain_nat_ips
    Type: UNORDERED_LIST_STRING
    Provider name: drainNatIps
    Description: A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
  • enable_dynamic_port_allocation
    Type: BOOLEAN
    Provider name: enableDynamicPortAllocation
    Description: Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
  • enable_endpoint_independent_mapping
    Type: BOOLEAN
    Provider name: enableEndpointIndependentMapping
  • endpoint_types
    Type: UNORDERED_LIST_STRING
    Provider name: endpointTypes
    Description: List of NAT-ted endpoint types supported by the Nat Gateway. If the list is empty, then it will be equivalent to include ENDPOINT_TYPE_VM
  • icmp_idle_timeout_sec
    Type: INT32
    Provider name: icmpIdleTimeoutSec
    Description: Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
  • log_config
    Type: STRUCT
    Provider name: logConfig
    Description: Configure logging on this NAT.
    • enable
      Type: BOOLEAN
      Provider name: enable
      Description: Indicates whether or not to export logs. This is false by default.
    • filter
      Type: STRING
      Provider name: filter
      Description: Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
      Possible values:
      • ALL - Export logs for all (successful and unsuccessful) connections.
      • ERRORS_ONLY - Export logs for connection failures only.
      • TRANSLATIONS_ONLY - Export logs for successful connections only.
  • max_ports_per_vm
    Type: INT32
    Provider name: maxPortsPerVm
    Description: Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
  • min_ports_per_vm
    Type: INT32
    Provider name: minPortsPerVm
    Description: Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
  • name
    Type: STRING
    Provider name: name
    Description: Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
  • nat_ip_allocate_option
    Type: STRING
    Provider name: natIpAllocateOption
    Description: Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can’t specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
    Possible values:
    • AUTO_ONLY - Nat IPs are allocated by GCP; customers can not specify any Nat IPs.
    • MANUAL_ONLY - Only use Nat IPs provided by customers. When specified Nat IPs are not enough then the Nat service fails for new VMs.
  • nat_ips
    Type: UNORDERED_LIST_STRING
    Provider name: natIps
    Description: A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
  • rules
    Type: UNORDERED_LIST_STRUCT
    Provider name: rules
    Description: A list of rules associated with this NAT.
    • action
      Type: STRUCT
      Provider name: action
      Description: The action to be enforced for traffic that matches this rule.
      • source_nat_active_ips
        Type: UNORDERED_LIST_STRING
        Provider name: sourceNatActiveIps
        Description: A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT.
      • source_nat_drain_ips
        Type: UNORDERED_LIST_STRING
        Provider name: sourceNatDrainIps
        Description: A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT.
    • description
      Type: STRING
      Provider name: description
      Description: An optional description of this rule.
    • match
      Type: STRING
      Provider name: match
      Description: CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding action is enforced. The following examples are valid match expressions for public NAT: “inIpRange(destination.ip, ‘1.1.0.0/16’) || inIpRange(destination.ip, ‘2.2.0.0/16’)” “destination.ip == ‘1.1.0.1’ || destination.ip == ‘8.8.8.8’” The following example is a valid match expression for private NAT: “nexthop.hub == ‘https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/global/hub/hub-1'"
    • rule_number
      Type: INT32
      Provider name: ruleNumber
      Description: An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
  • source_subnetwork_ip_ranges_to_nat
    Type: STRING
    Provider name: sourceSubnetworkIpRangesToNat
    Description: Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES then there should not be any other Router.Nat section in any Router for this network in this region.
    Possible values:
    • ALL_SUBNETWORKS_ALL_IP_RANGES - All the IP ranges in every Subnetwork are allowed to Nat.
    • ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES - All the primary IP ranges in every Subnetwork are allowed to Nat.
    • LIST_OF_SUBNETWORKS - A list of Subnetworks are allowed to Nat (specified in the field subnetwork below)
  • subnetworks
    Type: UNORDERED_LIST_STRUCT
    Provider name: subnetworks
    Description: A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
    • name
      Type: STRING
      Provider name: name
      Description: URL for the subnetwork resource that will use NAT.
    • secondary_ip_range_names
      Type: UNORDERED_LIST_STRING
      Provider name: secondaryIpRangeNames
      Description: A list of the secondary ranges of the Subnetwork that are allowed to use NAT. This can be populated only if “LIST_OF_SECONDARY_IP_RANGES” is one of the values in source_ip_ranges_to_nat.
    • source_ip_ranges_to_nat
      Type: UNORDERED_LIST_STRING
      Provider name: sourceIpRangesToNat
      Description: Specify the options for NAT ranges in the Subnetwork. All options of a single value are valid except NAT_IP_RANGE_OPTION_UNSPECIFIED. The only valid option with multiple values is: [“PRIMARY_IP_RANGE”, “LIST_OF_SECONDARY_IP_RANGES”] Default: [ALL_IP_RANGES]
  • tcp_established_idle_timeout_sec
    Type: INT32
    Provider name: tcpEstablishedIdleTimeoutSec
    Description: Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.
  • tcp_time_wait_timeout_sec
    Type: INT32
    Provider name: tcpTimeWaitTimeoutSec
    Description: Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.
  • tcp_transitory_idle_timeout_sec
    Type: INT32
    Provider name: tcpTransitoryIdleTimeoutSec
    Description: Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.
  • udp_idle_timeout_sec
    Type: INT32
    Provider name: udpIdleTimeoutSec
    Description: Timeout (in seconds) for UDP connections. Defaults to 30s if not set.

network

Type: STRING
Provider name: network
Description: URI of the network to which this router belongs.

organization_id

Type: STRING

parent

Type: STRING

project_id

Type: STRING

project_number

Type: STRING

region

Type: STRING
Provider name: region
Description: [Output Only] URI of the region where the router resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.

resource_name

Type: STRING

Type: STRING
Provider name: selfLink
Description: [Output Only] Server-defined URL for the resource.

tags

Type: UNORDERED_LIST_STRING