Module subnetwork

Expand description

A VPC network is a virtual version of the traditional physical networks that exist within and between physical data centers. A VPC network provides connectivity for your Compute Engine virtual machine (VM) instances, Container Engine containers, App Engine Flex services, and other network-related resources.

Each GCP project contains one or more VPC networks. Each VPC network is a global entity spanning all GCP regions. This global VPC network allows VM instances and other resources to communicate with each other via internal, private IP addresses.

Each VPC network is subdivided into subnets, and each subnet is contained within a single region. You can have more than one subnet in a region for a given VPC network. Each subnet has a contiguous private RFC1918 IP space. You create instances, containers, and the like in these subnets. When you create an instance, you must create it in a subnet, and the instance draws its internal IP address from that subnet.

Virtual machine (VM) instances in a VPC network can communicate with instances in all other subnets of the same VPC network, regardless of region, using their RFC1918 private IP addresses. You can isolate portions of the network, even entire subnets, using firewall rules.

To get more information about Subnetwork, see:

API documentation
How-to Guides
- Cloud Networking
- Private Google Access

§Example Usage

§Subnetwork Basic

resources:
  network-with-private-secondary-ip-ranges:
    type: gcp:compute:Subnetwork
    properties:
      name: test-subnetwork
      ipCidrRange: 10.2.0.0/16
      region: us-central1
      network: ${["custom-test"].id}
      secondaryIpRanges:
        - rangeName: tf-test-secondary-range-update1
          ipCidrRange: 192.168.10.0/24
  custom-test:
    type: gcp:compute:Network
    properties:
      name: test-network
      autoCreateSubnetworks: false

§Subnetwork Logging Config

resources:
  subnet-with-logging:
    type: gcp:compute:Subnetwork
    properties:
      name: log-test-subnetwork
      ipCidrRange: 10.2.0.0/16
      region: us-central1
      network: ${["custom-test"].id}
      logConfig:
        aggregationInterval: INTERVAL_10_MIN
        flowSampling: 0.5
        metadata: INCLUDE_ALL_METADATA
  custom-test:
    type: gcp:compute:Network
    properties:
      name: log-test-network
      autoCreateSubnetworks: false

§Subnetwork Internal L7lb

resources:
  network-for-l7lb:
    type: gcp:compute:Subnetwork
    properties:
      name: l7lb-test-subnetwork
      ipCidrRange: 10.0.0.0/22
      region: us-central1
      purpose: REGIONAL_MANAGED_PROXY
      role: ACTIVE
      network: ${["custom-test"].id}
  custom-test:
    type: gcp:compute:Network
    properties:
      name: l7lb-test-network
      autoCreateSubnetworks: false

§Subnetwork Ipv6

resources:
  subnetwork-ipv6:
    type: gcp:compute:Subnetwork
    properties:
      name: ipv6-test-subnetwork
      ipCidrRange: 10.0.0.0/22
      region: us-west2
      stackType: IPV4_IPV6
      ipv6AccessType: EXTERNAL
      network: ${["custom-test"].id}
  custom-test:
    type: gcp:compute:Network
    properties:
      name: ipv6-test-network
      autoCreateSubnetworks: false

§Subnetwork Internal Ipv6

resources:
  subnetwork-internal-ipv6:
    type: gcp:compute:Subnetwork
    properties:
      name: internal-ipv6-test-subnetwork
      ipCidrRange: 10.0.0.0/22
      region: us-west2
      stackType: IPV4_IPV6
      ipv6AccessType: INTERNAL
      network: ${["custom-test"].id}
  custom-test:
    type: gcp:compute:Network
    properties:
      name: internal-ipv6-test-network
      autoCreateSubnetworks: false
      enableUlaInternalIpv6: true

§Subnetwork Purpose Private Nat

resources:
  subnetwork-purpose-private-nat:
    type: gcp:compute:Subnetwork
    properties:
      name: subnet-purpose-test-subnetwork
      region: us-west2
      ipCidrRange: 192.168.1.0/24
      purpose: PRIVATE_NAT
      network: ${["custom-test"].id}
  custom-test:
    type: gcp:compute:Network
    properties:
      name: subnet-purpose-test-network
      autoCreateSubnetworks: false

§Subnetwork Cidr Overlap

resources:
  subnetwork-cidr-overlap:
    type: gcp:compute:Subnetwork
    properties:
      name: subnet-cidr-overlap
      region: us-west2
      ipCidrRange: 192.168.1.0/24
      allowSubnetCidrRoutesOverlap: true
      network: ${["net-cidr-overlap"].id}
  net-cidr-overlap:
    type: gcp:compute:Network
    properties:
      name: net-cidr-overlap
      autoCreateSubnetworks: false

§Subnetwork Reserved Internal Range

resources:
  subnetwork-reserved-internal-range:
    type: gcp:compute:Subnetwork
    properties:
      name: subnetwork-reserved-internal-range
      region: us-central1
      network: ${default.id}
      reservedInternalRange: networkconnectivity.googleapis.com/${reserved.id}
  default:
    type: gcp:compute:Network
    properties:
      name: network-reserved-internal-range
      autoCreateSubnetworks: false
  reserved:
    type: gcp:networkconnectivity:InternalRange
    properties:
      name: reserved
      network: ${default.id}
      usage: FOR_VPC
      peering: FOR_SELF
      prefixLength: 24
      targetCidrRanges:
        - 10.0.0.0/8

§Subnetwork Reserved Secondary Range

resources:
  subnetwork-reserved-secondary-range:
    type: gcp:compute:Subnetwork
    properties:
      name: subnetwork-reserved-secondary-range
      region: us-central1
      network: ${default.id}
      reservedInternalRange: networkconnectivity.googleapis.com/${reserved.id}
      secondaryIpRanges:
        - rangeName: secondary
          reservedInternalRange: networkconnectivity.googleapis.com/${reservedSecondary.id}
  default:
    type: gcp:compute:Network
    properties:
      name: network-reserved-secondary-range
      autoCreateSubnetworks: false
  reserved:
    type: gcp:networkconnectivity:InternalRange
    properties:
      name: reserved-primary
      network: ${default.id}
      usage: FOR_VPC
      peering: FOR_SELF
      prefixLength: 24
      targetCidrRanges:
        - 10.0.0.0/8
  reservedSecondary:
    type: gcp:networkconnectivity:InternalRange
    name: reserved_secondary
    properties:
      name: reserved-secondary
      network: ${default.id}
      usage: FOR_VPC
      peering: FOR_SELF
      prefixLength: 16
      targetCidrRanges:
        - 10.0.0.0/8

§Import

Subnetwork can be imported using any of these accepted formats:

projects/{{project}}/regions/{{region}}/subnetworks/{{name}}
{{project}}/{{region}}/{{name}}
{{region}}/{{name}}
{{name}}

When using the pulumi import command, Subnetwork can be imported using one of the formats above. For example:

$ pulumi import gcp:compute/subnetwork:Subnetwork default projects/{{project}}/regions/{{region}}/subnetworks/{{name}}

$ pulumi import gcp:compute/subnetwork:Subnetwork default {{project}}/{{region}}/{{name}}

$ pulumi import gcp:compute/subnetwork:Subnetwork default {{region}}/{{name}}

$ pulumi import gcp:compute/subnetwork:Subnetwork default {{name}}

Structs§

SubnetworkArgs
SubnetworkArgsBuilder
Use builder syntax to set the inputs and finish with build_struct().
SubnetworkResult

Functions§

create
Registers a new resource with the given unique name and arguments

Module subnetworkCopy item path