Skip to content

googleComputeNetwork

Manages a VPC network or legacy network resource on GCP.

To get more information about Network, see:

Open in Cloud Shell

Example Usage - Network Basic

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.computeNetwork.ComputeNetwork(this, "vpc_network", {
  name: "vpc-network",
});

Example Usage - Network Custom Mtu

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.computeNetwork.ComputeNetwork(this, "vpc_network", {
  auto_create_subnetworks: true,
  mtu: 1460,
  name: "vpc-network",
  project: "my-project-name",
});

Example Usage - Network Custom Firewall Enforcement Order

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.computeNetwork.ComputeNetwork(this, "vpc_network", {
  auto_create_subnetworks: true,
  name: "vpc-network",
  network_firewall_policy_enforcement_order: "BEFORE_CLASSIC_FIREWALL",
  project: "my-project-name",
});

Argument Reference

The following arguments are supported:

  • name - (Required) Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [aZ]([AZ09]*[aZ09])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

  • description - (Optional) An optional description of this resource. The resource must be recreated to modify this field.

  • autoCreateSubnetworks - (Optional) When set to true, the network is created in "auto subnet mode" and it will create a subnet for each region automatically across the 1012800/9 address range. When set to false, the network is created in "custom subnet mode" so the user can explicitly connect subnetwork resources.

  • routingMode - (Optional) The network-wide routing mode to use. If set to regional, this network's cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to global, this network's cloud routers will advertise routes with all subnetworks of this network, across regions. Possible values are regional and global.

  • mtu - (Optional) Maximum Transmission Unit in bytes. The default value is 1460 bytes. The minimum value for this field is 1300 and the maximum value is 8896 bytes (jumbo frames). Note that packets larger than 1500 bytes (standard Ethernet) can be subject to TCP-MSS clamping or dropped with an ICMP fragmentationNeeded message if the packets are routed to the Internet or other VPCs with varying MTUs.

  • enableUlaInternalIpv6 - (Optional) Enable ULA internal ipv6 on this network. Enabling this feature will assign a /48 from google defined ULA prefix fd20::/20.

  • internalIpv6Range - (Optional) When enabling ula internal ipv6, caller optionally can specify the /48 range they want from the google defined ULA prefix fd20::/20. The input must be a valid /48 ULA IPv6 address and must be within the fd20::/20. Operation will fail if the speficied /48 is already in used by another resource. If the field is not speficied, then a /48 range will be randomly allocated from fd20::/20 and returned via this field.

  • networkFirewallPolicyEnforcementOrder - (Optional) Set the order that Firewall Rules and Firewall Policies are evaluated. Needs to be either 'AFTER_CLASSIC_FIREWALL' or 'BEFORE_CLASSIC_FIREWALL' Default 'AFTER_CLASSIC_FIREWALL' Default value is afterClassicFirewall. Possible values are beforeClassicFirewall and afterClassicFirewall.

  • project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

  • deleteDefaultRoutesOnCreate - (Optional) If set to true, default routes (0000/0) will be deleted immediately after network creation. Defaults to false.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format projects/{{project}}/global/networks/{{name}}

  • gatewayIpv4 - The gateway address for default routing out of the network. This value is selected by GCP.

  • selfLink - The URI of the created resource.

Timeouts

This resource provides the following Timeouts configuration options:

  • create - Default is 20 minutes.
  • update - Default is 20 minutes.
  • delete - Default is 20 minutes.

Import

Network can be imported using any of these accepted formats:

$ terraform import google_compute_network.default projects/{{project}}/global/networks/{{name}}
$ terraform import google_compute_network.default {{project}}/{{name}}
$ terraform import google_compute_network.default {{name}}

User Project Overrides

This resource supports User Project Overrides.