googleDnsResponsePolicy
A Response Policy is a collection of selectors that apply to queries made against one or more Virtual Private Cloud networks.
\~> Warning: This resource is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta resources.
Example Usage - Dns Response Policy Basic
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleComputeNetworkNetwork1 = new google.computeNetwork.ComputeNetwork(
this,
"network-1",
{
auto_create_subnetworks: false,
name: "network-1",
provider: "${google-beta}",
}
);
const googleComputeNetworkNetwork2 = new google.computeNetwork.ComputeNetwork(
this,
"network-2",
{
auto_create_subnetworks: false,
name: "network-2",
provider: "${google-beta}",
}
);
const googleComputeSubnetworkSubnetwork1 =
new google.computeSubnetwork.ComputeSubnetwork(this, "subnetwork-1", {
ip_cidr_range: "10.0.36.0/24",
name: googleComputeNetworkNetwork1.name,
network: googleComputeNetworkNetwork1.name,
private_ip_google_access: true,
provider: "${google-beta}",
region: "us-central1",
secondary_ip_range: [
{
ip_cidr_range: "10.0.0.0/19",
range_name: "pod",
},
{
ip_cidr_range: "10.0.32.0/22",
range_name: "svc",
},
],
});
const googleContainerClusterCluster1 =
new google.containerCluster.ContainerCluster(this, "cluster-1", {
default_snat_status: [
{
disabled: true,
},
],
initial_node_count: 1,
ip_allocation_policy: [
{
cluster_secondary_range_name: `\${${googleComputeSubnetworkSubnetwork1.secondaryIpRange.fqn}[0].range_name}`,
services_secondary_range_name: `\${${googleComputeSubnetworkSubnetwork1.secondaryIpRange.fqn}[1].range_name}`,
},
],
location: "us-central1-c",
master_authorized_networks_config: [{}],
name: "cluster-1",
network: googleComputeNetworkNetwork1.name,
networking_mode: "VPC_NATIVE",
private_cluster_config: [
{
enable_private_endpoint: true,
enable_private_nodes: true,
master_global_access_config: [
{
enabled: true,
},
],
master_ipv4_cidr_block: "10.42.0.0/28",
},
],
provider: "${google-beta}",
subnetwork: googleComputeSubnetworkSubnetwork1.name,
});
new google.dnsResponsePolicy.DnsResponsePolicy(
this,
"example-response-policy",
{
gke_clusters: [
{
gke_cluster_name: googleContainerClusterCluster1.id,
},
],
networks: [
{
network_url: googleComputeNetworkNetwork1.id,
},
{
network_url: googleComputeNetworkNetwork2.id,
},
],
provider: "${google-beta}",
response_policy_name: "example-response-policy",
}
);
Argument Reference
The following arguments are supported:
responsePolicyName
- (Required) The user assigned name for this Response Policy, such asmyresponsepolicy
.
-
description
- (Optional) The description of the response policy, such asmyNewResponsePolicy
. -
networks
- (Optional) The list of network names specifying networks to which this policy is applied. Structure is documented below. -
gkeClusters
- (Optional) The list of Google Kubernetes Engine clusters that can see this zone. Structure is documented below. -
project
- (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
networkUrl
- (Required) The fully qualified URL of the VPC network to bind to. This should be formatted likehttps://wwwGoogleapisCom/compute/v1/projects/{project}/global/networks/{network}
The gkeClusters
block supports:
gkeClusterName
- (Required) The resource name of the cluster to bind this ManagedZone to.\ This should be specified in the format like\projects/*/locations/*/clusters/*
Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with formatprojects/{{project}}/responsePolicies/{{responsePolicyName}}
Timeouts
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.
Import
ResponsePolicy can be imported using any of these accepted formats:
$ terraform import google_dns_response_policy.default projects/{{project}}/responsePolicies/{{response_policy_name}}
$ terraform import google_dns_response_policy.default {{project}}/{{response_policy_name}}
$ terraform import google_dns_response_policy.default {{response_policy_name}}
User Project Overrides
This resource supports User Project Overrides.