f07e4f64e9
* exposing the network_id from the net-vpc module for use with tag bindings * convert vpc_create to vpc_reuse * Changed the reuse vars to standardised attributes * fixed readme tests and schemas * modified apigee blueprint to use vpc_reuse with network_id passthrough --------- Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
18 KiB
18 KiB
Network Project Configuration (Single)
Properties
additional properties: false
- project_config: reference(projectConfig)
- ncc_hub_config: reference(nccHubConfig)
- vpc_config: reference(vpcConfigMap)
Definitions
- projectConfig: object
additional properties: false- ⁺name: string
- prefix: string
- parent: string
- project_reuse: object
additional properties: false- use_data_source: boolean
- attributes: object
- ⁺name: string
- ⁺number: number
- services_enabled: array
- items: string
- billing_account: string
- deletion_policy: string
enum: ['DELETE', 'ABANDON'] - default_service_account: string
enum: ['deprovision', 'disable', 'keep'] - auto_create_network: boolean
- project_create: boolean
- shared_vpc_host_config: object
additional properties: false- ⁺enabled: boolean
- service_projects: array
- items: string
- services: array
- items: string
pattern: ^[a-z-]+.googleapis.com$
- items: string
- org_policies: reference(orgPolicies)
- metric_scopes: array
- items: string
- iam: reference(iam)
- iam_bindings: reference(iamBindings)
- iam_bindings_additive: reference(iamBindingsAdditive)
- iam_by_principals: reference(iamByPrincipals)
- iam_by_principals_additive: reference(iamByPrincipals)
- nccHubConfig: object
additional properties: false- ⁺name: string
- description: string
- preset_topology: string
enum: ['MESH', 'STAR', 'PLANETARY'] - export_psc: boolean
- groups: object
additional properties: false^[a-zA-Z0-9_-]+$: reference(nccGroup)
- nccGroup: object
additional properties: false- labels: reference(stringMap)
- description: string
- auto_accept: array
- items: string
- vpcConfigMap: object
additional properties: false^[a-z0-9-]+$: reference(vpcConfigEntry)
- vpcConfigEntry: object
additional properties: false- auto_create_subnetworks: boolean
- create_googleapis_routes: object
additional properties: false- private: boolean
- private-6: boolean
- restricted: boolean
- restricted-6: boolean
- delete_default_routes_on_create: boolean
- description: string
- dns_policy: object
additional properties: false- inbound: boolean
- logging: boolean
- outbound: object
additional properties: false- private_ns: array
- items: string
- public_ns: array
- items: string
- private_ns: array
- dns_zones: object
additional properties: false^[a-zA-Z0-9-]+$: reference(dnsZone)
- firewall_policy_enforcement_order: string
enum: ['AFTER_CLASSIC_FIREWALL', 'BEFORE_CLASSIC_FIREWALL'] - ipv6_config: object
additional properties: false- enable_ula_internal: boolean
- internal_range: string
- mtu: number
- nat_config: object
additional properties: false^[a-zA-Z0-9-]+$: reference(natConfig)
- network_attachments: object
additional properties: false^[a-zA-Z0-9-]+$: reference(networkAttachment)
- policy_based_routes: object
additional properties: false^[a-zA-Z0-9-]+$: reference(policyBasedRoute)
- psa_config: array
- items: reference(psaConfig)
- routers: object
additional properties: false^[a-zA-Z0-9-]+$: reference(routerConfig)
- routes: object
additional properties: false^[a-zA-Z0-9-]+$: reference(routeConfig)
- routing_mode: string
enum: ['GLOBAL', 'REGIONAL'] - subnets_factory_config: object
additional properties: false- context: object
additional properties: false- regions: reference(stringMap)
- subnets_folder: string
- context: object
- firewall_factory_config: object
additional properties: false- cidr_tpl_file: string
- rules_folder: string
- vpn_config: object
additional properties: false^[a-zA-Z0-9-]+$: reference(vpnConfig)
- peering_config: object
additional properties: false^[a-zA-Z0-9-]+$: reference(peeringConfig)
- ncc_config: reference(vpcNccConfig)
- dnsZone: object
additional properties: false- force_destroy: boolean
- description: string
- iam: reference(iam)
- zone_config: reference(dnsZoneConfig)
- recordsets: object
additional properties: false^[a-zA-Z0-9_. -]+$: reference(dnsRecordSet)
- dnsZoneConfig: object
additional properties: false- ⁺domain: string
- forwarding: object
additional properties: false- forwarders: reference(stringMap)
- client_networks: array
- items: string
- peering: object
additional properties: false- client_networks: array
- items: string
- ⁺peer_network: string
- client_networks: array
- public: object
additional properties: false- dnssec_config: reference(dnssecConfig)
- enable_logging: boolean
- private: object
additional properties: false- client_networks: array
- items: string
- service_directory_namespace: string
- client_networks: array
- dnssecConfig: object
additional properties: false- non_existence: string
enum: ['nsec', 'nsec3'] - ⁺state: string
enum: ['on', 'off', 'transfer'] - key_signing_key: reference(dnsKeySpec)
- zone_signing_key: reference(dnsKeySpec)
- non_existence: string
- dnsKeySpec: object
additional properties: false- ⁺algorithm: string
enum: ['rsasha1', 'rsasha256', 'rsasha512', 'ecdsap256sha256', 'ecdsap384sha384'] - ⁺key_length: number
- ⁺algorithm: string
- dnsRecordSet: object
additional properties: false- ttl: number
- records: array
- items: string
- geo_routing: array
- items: reference(dnsGeoRoutingRule)
- wrr_routing: array
- items: reference(dnsWrrRoutingRule)
- dnsGeoRoutingRule: object
additional properties: false- ⁺location: string
- records: array
- items: string
- health_checked_targets: array
- items: reference(dnsHealthCheckedTarget)
- dnsHealthCheckedTarget: object
additional properties: false- ⁺load_balancer_type: string
- ⁺ip_address: string
- ⁺port: string
- ⁺ip_protocol: string
- ⁺network_url: string
- ⁺project: string
- region: string
- dnsWrrRoutingRule: object
additional properties: false- ⁺weight: number
- ⁺records: array
- items: string
- natConfig: object
additional properties: false- ⁺region: string
- router_create: boolean
- router_name: string
- router_network: string
- router_asn: number
- type: string
enum: ['PUBLIC', 'PRIVATE'] - addresses: array
- items: string
- endpoint_types: array
- items: string
enum: ['ENDPOINT_TYPE_VM', 'ENDPOINT_TYPE_SWG', 'ENDPOINT_TYPE_MANAGED_PROXY_LB']
- items: string
- logging_filter: string
enum: ['ERRORS_ONLY', 'TRANSLATIONS_ONLY', 'ALL'] - config_port_allocation: object
additional properties: false- enable_endpoint_independent_mapping: boolean
- enable_dynamic_port_allocation: boolean
- min_ports_per_vm: number
- max_ports_per_vm: number
- config_source_subnetworks: object
additional properties: false- all: boolean
- primary_ranges_only: boolean
- subnetworks: array
- items: reference(natSourceSubnetwork)
- config_timeouts: object
additional properties: false- icmp: number
- tcp_established: number
- tcp_time_wait: number
- tcp_transitory: number
- udp: number
- rules: array
- items: reference(natRule)
- natSourceSubnetwork: object
additional properties: false- ⁺self_link: string
- all_ranges: boolean
- primary_range: boolean
- secondary_ranges: array
- items: string
- natRule: object
additional properties: false- description: string
- ⁺match: string
- source_ips: array
- items: string
- source_ranges: array
- items: string
- networkAttachment: object
additional properties: false- ⁺subnet: string
- automatic_connection: boolean
- description: string
- producer_accept_lists: array
- items: string
- producer_reject_lists: array
- items: string
- policyBasedRoute: object
additional properties: false- description: string
- labels: reference(stringMap)
- priority: number
- next_hop_ilb_ip: string
- use_default_routing: boolean
- filter: object
additional properties: false- ip_protocol: string
- dest_range: string
- src_range: string
- target: object
additional properties: false- interconnect_attachment: string
- tags: array
- items: string
- psaConfig: object
additional properties: false- deletion_policy: string
enum: ['delete', 'abandon'] - ranges: reference(stringMap)
- export_routes: boolean
- import_routes: boolean
- peered_domains: array
- items: string
- range_prefix: string
- service_producer: string
- deletion_policy: string
- routerConfig: object
additional properties: false- ⁺region: string
- asn: number
- custom_advertise: reference(customAdvertiseConfig)
- keepalive: number
- name: string
- routeConfig: object
additional properties: false- description: string
- ⁺dest_range: string
- ⁺next_hop_type: string
- ⁺next_hop: string
- priority: number
- tags: array
- items: string
- vpnConfig: object
additional properties: false- ⁺region: string
- ncc_spoke_config: object
additional properties: false- hub: string
- description: string
- labels: reference(stringMap)
- ⁺peer_gateways: object
additional properties: false^[a-zA-Z0-9-]+$: reference(peerGateway)
- router_config: reference(vpnRouterConfig)
- stack_type: string
enum: ['IPV4_ONLY', 'IPV4_IPV6'] - ⁺tunnels: object
additional properties: false^[a-zA-Z0-9-]+$: reference(vpnTunnel)
- peerGateway: object
additional properties: false- external: reference(externalPeerGateway)
- gcp: string
- externalPeerGateway: object
additional properties: false- ⁺redundancy_type: string
enum: ['SINGLE_IP_INTERNALLY_REDUNDANT', 'TWO_IPS_REDUNDANCY', 'FOUR_IPS_REDUNDANCY'] - ⁺interfaces: array
- items: string
- description: string
- name: string
- ⁺redundancy_type: string
- vpnRouterConfig: object
additional properties: false- asn: number
- create: boolean
- custom_advertise: reference(customAdvertiseConfig)
- keepalive: number
- name: string
- override_name: string
- vpnTunnel: object
additional properties: false- bgp_peer: reference(bgpPeerConfig)
- ⁺bgp_session_range: string
- ike_version: number
enum: [1, 2] - name: string
- peer_external_gateway_interface: number
- peer_router_interface_name: string
- peer_gateway: string
- router: string
- shared_secret: string
- ⁺vpn_gateway_interface: number
- bgpPeerConfig: object
additional properties: false- ⁺address: string
- ⁺asn: number
- route_priority: number
- custom_advertise: reference(customAdvertiseConfig)
- md5_authentication_key: object
additional properties: false- ⁺name: string
- key: string
- ipv6: object
additional properties: false- nexthop_address: string
- peer_nexthop_address: string
- name: string
- customAdvertiseConfig: object
additional properties: false- ⁺all_subnets: boolean
- ip_ranges: reference(stringMap)
- peeringConfig: object
additional properties: false- ⁺peer_network: string
- routes_config: object
additional properties: false- export: boolean
- import: boolean
- public_export: boolean
- public_import: boolean
- stack_type: string
enum: ['IPV4_ONLY', 'IPV4_IPV6']
- vpcNccConfig: object
additional properties: false- ⁺hub: string
- description: string
- labels: reference(stringMap)
- group: string
- exclude_export_ranges: array
- items: string
- include_export_ranges: array
- items: string
- stringMap: object additional properties: String
- condition: object
additional properties: false- ⁺expression: string
- ⁺title: string
- description: string
- principalPattern: string
pattern: ^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z]) - rolePattern: string
pattern: ^roles/ - iam: object
additional properties: false^roles/: array- items: reference(principalPattern)
- iamBindings: object
additional properties: false^[a-z0-9_-]+$: object
additional properties: false- ⁺members: array
- items: reference(principalPattern)
- role: reference(rolePattern)
- condition: reference(condition)
- ⁺members: array
- iamBindingsAdditive: object
additional properties: false^[a-z0-9_-]+$: object
additional properties: false- member: reference(principalPattern)
- role: reference(rolePattern)
- condition: reference(condition)
- iamByPrincipals: object
additional properties: false^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z]): array- items: reference(rolePattern)
- orgPolicies: object
additional properties: false^[a-z]+\.: reference(orgPolicyConfig)
- orgPolicyConfig: object
- inherit_from_parent: boolean
- reset: boolean
- rules: array
- items: reference(orgPolicyRule)
- orgPolicyRule: object
additional properties: false- allow: reference(orgPolicyRuleAllowDeny)
- deny: reference(orgPolicyRuleAllowDeny)
- enforce: boolean
- condition: object
additional properties: false- description: string
- expression: string
- location: string
- title: string
- orgPolicyRuleAllowDeny: object
additional properties: false- all: boolean
- values: array
- items: string