ComputeForwardingRule

Property Value
Google Cloud Service Name Compute Engine
Google Cloud Service Documentation /compute/docs/
Google Cloud REST Resource Name
v1.forwardingRules
v1.globalForwardingRules
Google Cloud REST Resource Documentation
/compute/docs/reference/rest/v1/forwardingRules
/compute/docs/reference/rest/v1/globalForwardingRules
Config Connector Resource Short Names gcpcomputeforwardingrule
gcpcomputeforwardingrules
computeforwardingrule
Config Connector Service Name compute.googleapis.com
Config Connector Resource Fully Qualified Name computeforwardingrules.compute.cnrm.cloud.google.com
Can Be Referenced by IAMPolicy/IAMPolicyMember No

ComputeForwardingRule can manage both global and regional forwarding rules. To manage a global ComputeForwardingRule use a value of global in the spec.location field. To manage a regional ComputeForwardingRule, use a region name in the spec.location field.

Custom Resource Definition Properties

Annotations

Fields
cnrm.cloud.google.com/project-id

Spec

Schema

allPorts: boolean
allowGlobalAccess: boolean
backendServiceRef:
  external: string
  name: string
  namespace: string
description: string
ipAddress:
  addressRef:
    external: string
    name: string
    namespace: string
  ip: string
ipProtocol: string
ipVersion: string
isMirroringCollector: boolean
loadBalancingScheme: string
location: string
metadataFilters:
- filterLabels:
  - name: string
    value: string
  filterMatchCriteria: string
networkRef:
  external: string
  name: string
  namespace: string
networkTier: string
portRange: string
ports:
- string
serviceLabel: string
subnetworkRef:
  external: string
  name: string
  namespace: string
target:
  targetHTTPProxyRef:
    external: string
    name: string
    namespace: string
  targetHTTPSProxyRef:
    external: string
    name: string
    namespace: string
  targetSSLProxyRef:
    external: string
    name: string
    namespace: string
  targetTCPProxyRef:
    external: string
    name: string
    namespace: string
  targetVPNGatewayRef:
    external: string
    name: string
    namespace: string
Fields

allPorts

Optional

boolean

For internal TCP/UDP load balancing (i.e. load balancing scheme is INTERNAL and protocol is TCP/UDP), set this to true to allow packets addressed to any ports to be forwarded to the backends configured with this forwarding rule. Used with backend service. Cannot be set if port or portRange are set.

allowGlobalAccess

Optional

boolean

If true, clients can access ILB from all regions. Otherwise only allows from the local region the ILB is located at.

backendServiceRef

Optional

object

A ComputeBackendService to receive the matched traffic. This is used only for internal load balancing.

backendServiceRef.external

Optional

string

The selfLink of a ComputeBackendService.

backendServiceRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

backendServiceRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

description

Optional

string

An optional description of this resource. Provide this property when you create the resource.

ipAddress

Optional

object

The IP address that this forwarding rule is serving on behalf of. Addresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional). When the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule.

ipAddress.addressRef

Optional

object

ipAddress.addressRef.external

Optional

string

The address of a ComputeAddress.

ipAddress.addressRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

ipAddress.addressRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

ipAddress.ip

Optional

string

ipProtocol

Optional

string

The IP protocol to which this rule applies. When the load balancing scheme is INTERNAL, only TCP and UDP are valid. Possible values: ["TCP", "UDP", "ESP", "AH", "SCTP", "ICMP"]

ipVersion

Optional

string

The IP Version that will be used by this global forwarding rule. Possible values: ["IPV4", "IPV6"]

isMirroringCollector

Optional

boolean

Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.

loadBalancingScheme

Optional

string

This signifies what the ForwardingRule will be used for and can be EXTERNAL, INTERNAL, or INTERNAL_MANAGED. EXTERNAL is used for Classic Cloud VPN gateways, protocol forwarding to VMs from an external IP address, and HTTP(S), SSL Proxy, TCP Proxy, and Network TCP/UDP load balancers. INTERNAL is used for protocol forwarding to VMs from an internal IP address, and internal TCP/UDP load balancers. INTERNAL_MANAGED is used for internal HTTP(S) load balancers. Default value: "EXTERNAL" Possible values: ["EXTERNAL", "INTERNAL", "INTERNAL_MANAGED"]

location

Required

string

Location represents the geographical location of the ComputeForwardingRule. Specify a region name or "global" for global resources. Reference: GCP definition of regions/zones (https://cloud.google.com/compute/docs/regions-zones/)

metadataFilters

Optional

list (object)

metadataFilters.[]

Optional

object

metadataFilters.[].filterLabels

Required*

list (object)

metadataFilters.[].filterLabels.[]

Required*

object

metadataFilters.[].filterLabels.[].name

Required*

string

Name of the metadata label. The length must be between 1 and 1024 characters, inclusive.

metadataFilters.[].filterLabels.[].value

Required*

string

The value that the label must match. The value has a maximum length of 1024 characters.

metadataFilters.[].filterMatchCriteria

Required*

string

Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. MATCH_ANY - At least one of the filterLabels must have a matching label in the provided metadata. MATCH_ALL - All filterLabels must have matching labels in the provided metadata. Possible values: ["MATCH_ANY", "MATCH_ALL"]

networkRef

Optional

object

This field is not used for external load balancing. For internal load balancing, this field identifies the network that the load balanced IP should belong to for this forwarding rule. If this field is not specified, the default network will be used.

networkRef.external

Optional

string

The name of a ComputeNetwork.

networkRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

networkRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

networkTier

Optional

string

The networking tier used for configuring this address. If this field is not specified, it is assumed to be PREMIUM. Possible values: ["PREMIUM", "STANDARD"]

portRange

Optional

string

This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges. Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 500, 4500

ports

Optional

list (string)

ports.[]

Optional

string

serviceLabel

Optional

string

An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression '[a-z]([-a-z0-9]*[a-z0-9])?' which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for INTERNAL load balancing.

subnetworkRef

Optional

object

The subnetwork that the load balanced IP should belong to for this forwarding rule. This field is only used for internal load balancing. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.

subnetworkRef.external

Optional

string

The name of a ComputeSubnetwork.

subnetworkRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

subnetworkRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

target

Optional

object

The target resource to receive the matched traffic. The forwarded traffic must be of a type appropriate to the target object. For INTERNAL_SELF_MANAGED load balancing, only HTTP and HTTPS targets are valid.

target.targetHTTPProxyRef

Optional

object

target.targetHTTPProxyRef.external

Optional

string

The selfLink of a ComputeTargetHTTPProxy.

target.targetHTTPProxyRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

target.targetHTTPProxyRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

target.targetHTTPSProxyRef

Optional

object

target.targetHTTPSProxyRef.external

Optional

string

The selfLink of a ComputeTargetHTTPSProxy.

target.targetHTTPSProxyRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

target.targetHTTPSProxyRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

target.targetSSLProxyRef

Optional

object

target.targetSSLProxyRef.external

Optional

string

The selfLink of a ComputeTargetSSLProxy.

target.targetSSLProxyRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

target.targetSSLProxyRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

target.targetTCPProxyRef

Optional

object

target.targetTCPProxyRef.external

Optional

string

The selfLink of a ComputeTargetTCPProxy.

target.targetTCPProxyRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

target.targetTCPProxyRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

target.targetVPNGatewayRef

Optional

object

target.targetVPNGatewayRef.external

Optional

string

The selfLink of a ComputeTargetVPNGateway.

target.targetVPNGatewayRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

target.targetVPNGatewayRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

* Field is required when parent field is specified

Status

Schema

conditions:
- lastTransitionTime: string
  message: string
  reason: string
  status: string
  type: string
creationTimestamp: string
labelFingerprint: string
selfLink: string
serviceName: string
Fields
conditions

list (object)

conditions.[]

object

conditions.[].lastTransitionTime

string

Last time the condition transitioned from one status to another.

conditions.[].message

string

Human-readable message indicating details about last transition.

conditions.[].reason

string

Unique, one-word, CamelCase reason for the condition's last transition.

conditions.[].status

string

Status is the status of the condition. Can be True, False, Unknown.

conditions.[].type

string

Type is the type of the condition.

creationTimestamp

string

Creation timestamp in RFC3339 text format.

labelFingerprint

string

The fingerprint used for optimistic locking of this resource. Used internally during updates.

selfLink

string

serviceName

string

The internal fully qualified service name for this Forwarding Rule. This field is only used for INTERNAL load balancing.

Sample YAML(s)

Global Forwarding Rule With Target Http Proxy

# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeForwardingRule
metadata:
  labels:
    label-one: "value-one"
  name: computeforwardingrule-sample-global-with-target-http-proxy
spec:
  description: "A global forwarding rule"
  target:
    targetHTTPProxyRef:
      name: computeforwardingrule-dep-global-with-target-http-proxy
  portRange: "80"
  ipProtocol: "TCP"
  ipVersion: "IPV4"
  location: global
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeBackendService
metadata:
  name: computeforwardingrule-dep-global-with-target-http-proxy
spec:
  healthChecks:
    - healthCheckRef:
        name: computeforwardingrule-dep-global-with-target-http-proxy
  location: global
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeHealthCheck
metadata:
  name: computeforwardingrule-dep-global-with-target-http-proxy
spec:
  checkIntervalSec: 10
  httpHealthCheck:
    port: 80
  location: global
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeTargetHTTPProxy
metadata:
  name: computeforwardingrule-dep-global-with-target-http-proxy
spec:
  urlMapRef:
    name: computeforwardingrule-dep-global-with-target-http-proxy
  location: global
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeURLMap
metadata:
  name: computeforwardingrule-dep-global-with-target-http-proxy
spec:
  defaultService:
    backendServiceRef:
      name: computeforwardingrule-dep-global-with-target-http-proxy
  location: global

Global Forwarding Rule With Target Ssl Proxy

# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeForwardingRule
metadata:
  labels:
    label-one: "value-one"
  name: computeforwardingrule-sample-global-with-target-ssl-proxy
spec:
  description: "A global forwarding rule"
  target:
    targetSSLProxyRef:
      name: computeforwardingrule-dep-global-with-target-ssl-proxy
  portRange: "995"
  ipProtocol: "TCP"
  ipVersion: "IPV4"
  location: global
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeBackendService
metadata:
  name: computeforwardingrule-dep-global-with-target-ssl-proxy
spec:
  healthChecks:
    - healthCheckRef:
        name: computeforwardingrule-dep-global-with-target-ssl-proxy
  protocol: TCP
  location: global
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeHealthCheck
metadata:
  name: computeforwardingrule-dep-global-with-target-ssl-proxy
spec:
  checkIntervalSec: 10
  sslHealthCheck:
    port: 995
  location: global
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeSSLCertificate
metadata:
  name: computeforwardingrule-dep-global-with-target-ssl-proxy
spec:
  location: global
  description: example compute SSL certificate
  certificate:
    valueFrom:
      secretKeyRef:
        name: computeforwardingrule-dep-global-with-target-ssl-proxy
        key: certificate
  privateKey:
    valueFrom:
      secretKeyRef:
        name: computeforwardingrule-dep-global-with-target-ssl-proxy
        key: privateKey
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeTargetSSLProxy
metadata:
  name: computeforwardingrule-dep-global-with-target-ssl-proxy
spec:
  backendServiceRef:
    name: computeforwardingrule-dep-global-with-target-ssl-proxy
  sslCertificates:
    - name: computeforwardingrule-dep-global-with-target-ssl-proxy
---
apiVersion: v1
kind: Secret
metadata:
  name: computeforwardingrule-dep-global-with-target-ssl-proxy
stringData:
  certificate: |
    -----BEGIN CERTIFICATE-----
    MIIDJTCCAg0CFHdD3ZGYMCmF3O4PvMwsP5i8d/V0MA0GCSqGSIb3DQEBCwUAME8x
    CzAJBgNVBAYTAlVTMQswCQYDVQQIDAJXQTEhMB8GA1UECgwYSW50ZXJuZXQgV2lk
    Z2l0cyBQdHkgTHRkMRAwDgYDVQQDDAdFeGFtcGxlMB4XDTE5MDkyOTIyMjgyOVoX
    DTIwMDkyODIyMjgyOVowTzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAldBMSEwHwYD
    VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEDAOBgNVBAMMB0V4YW1wbGUw
    ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWLvOZIail12i6NXIqOspV
    corkuS1Nl0ayrl0VuKHCvheun/s7lLLgEfifzRueYlSUtdGg4atWIwEKsbIE+AF9
    uUTzkq/t6zHxFAAWgVZ6/hW696jqcZX3yU+LCuHPLSN0ruqD6ZygnYDVciDmYwxe
    601xNfOOYRlm6dGRx6uTxGDZtfu8zsaNI0UxTugTp2x5cKB66SbgdlIJvc2Hb54a
    7qOsb9CIf+rrK2xUdJUj4ueUEIMxjnY2u/Dc71SgfBVn+yFfN9MHNdcTWPXEUClE
    Fxd/MB3dGn7hVavXyvy3NT4tWhBgYBphfEUudDFej5MmVq56JOEQ2UtaQ+Imscud
    AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAMYTQyjVlo6TCYoyK6akjPX7vRiwCCAh
    jqsEu3bZqwUreOhZgRAyEXrq68dtXwTbwdisQmnhpBeBQuX4WWeas9TiycZ13TA1
    Z+h518D9OVXjrNs7oE3QNFeTom807IW16YydlrZMLKO8mQg6/BXfSHbLwuQHSIYS
    JD+uOfnkr08ORBbLGgBKKpy7ngflIkdSrQPmCYmYlvoy+goMAEVi0K3Y1wVzAF4k
    O4v8f7GXkNarsFT1QM82JboVV5uwX+uDmi858WKDHYGv2Ypv6yy93vdV0Xt/IBj3
    95/RDisBzcL7Ynpl34AAr5MLm7yCSsPrAmgevX4BOtcVc4rSXj5rcoE=
    -----END CERTIFICATE-----
  privateKey: |
    -----BEGIN RSA PRIVATE KEY-----
    MIIEpQIBAAKCAQEA1i7zmSGopddoujVyKjrKVXKK5LktTZdGsq5dFbihwr4Xrp/7
    O5Sy4BH4n80bnmJUlLXRoOGrViMBCrGyBPgBfblE85Kv7esx8RQAFoFWev4Vuveo
    6nGV98lPiwrhzy0jdK7qg+mcoJ2A1XIg5mMMXutNcTXzjmEZZunRkcerk8Rg2bX7
    vM7GjSNFMU7oE6dseXCgeukm4HZSCb3Nh2+eGu6jrG/QiH/q6ytsVHSVI+LnlBCD
    MY52Nrvw3O9UoHwVZ/shXzfTBzXXE1j1xFApRBcXfzAd3Rp+4VWr18r8tzU+LVoQ
    YGAaYXxFLnQxXo+TJlaueiThENlLWkPiJrHLnQIDAQABAoIBAQDMo/WZlQBG3Cay
    64fV83AI7jTozkkLvoMNC+3iaBMeN3P3I+HuDmhOEL2lKVq/HKJFp+bPuW50EWPY
    bOlzN+Zs0kygEMJJJxQDjCF9XzxarVPj3OcmgTpRkqWOaupPgYhD3zAws080YuiK
    h84Jcg+KzXWjunGn0vxrSPI0QDueJR2i03tEDBAtMZ0pvAsJ0gmXRdzGOc2uRzDm
    fbS3y/JIufClO28OzjJ5AJkbc9XgRDeCDOFY2D375bCg2boPYmP7Iw0HVU3RQhcr
    t+US27VQBRJF4cQ2CCyr0ZbdaPn41v+/A/qxF6ZPguyy+KoyQjCqK8iFArRQ48hJ
    cR2pFx4hAoGBAP2uXIJAdAemrOunv2CWlUHI2iHj/kJ1AXRMpiT+eF0US9E6tipE
    mL63HkUhiAs2nJnPi3RDxP+kAO2Z3anqjm1KCeGj+IYYZMavnkC8EVybv9lDwORy
    e2O1bfRc/tGa341KmvXLbp8oVMIYIvKz2cZmHGJ4V4DTq8dTvmqoE4/VAoGBANgk
    KWY5MJToZJJ5bV0mc2stmGt/IAZZPlKjVmKOjDyzqHRLAhsmbMyUhhgZtyj0dzSW
    ILEeaEJknYRrOB48D6IqkB8VnFJyHUG8l+Za41adqRQNid0S5n50/+eYbjZpYCrA
    SGmC2dhPZvRD6tOyEEJF5PZMvqxDcNRilc627HipAoGBAKzqrSQbyvtsIXKAZXLx
    McwlnIp9XlLubo9Xr+iHjIPl0chMvN8S4wscxwVYVeNO1nABiI03pJCcugU7XFz2
    BR952EJ2AnFlL0w/aR+3Eh6OC7eM927Amlrc0JZAzXESoE8vC3F/uWfDlgK3cRr+
    fPM/pxl37i1iGzVDYAhTiQIBAoGAPW25nmXumsOZoc+E945wCywAP7z3mxZOEip9
    6LDexnnBDJws0w6OqW4k1kCov6kLIBTy4aPkucniwrm+T0l+n/Y807jOntfz3LT+
    7ucx6XIRlbNrVTuD6rjR6j52RFyaikvvyJz50PJwLkgHO3dGC6/VrPKO1mKsdJA4
    R3HRr1ECgYEAobNQbQSLrSWZ1cozJbmNgRqqvxDNSEDi8LpXukOAw4pz1km7o3ob
    hCy1ksfFzsp5glYqwZd/Bahk64u3mII+rKoYwYLrH2l2aFDmMbdTfQUycpQZyi3+
    VtGS1PFoKx9fSFDNHhR5ZhfasQcuKHYfeFfO2/DoOxQkNCI1y4I2huo=
    -----END RSA PRIVATE KEY-----

Global Forwarding Rule With Target Tcp Proxy

# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeForwardingRule
metadata:
  labels:
    label-one: "value-one"
  name: computeforwardingrule-sample-global-with-target-tcp-proxy
spec:
  description: "A global forwarding rule"
  target:
    targetTCPProxyRef:
      name: computeforwardingrule-dep-global-with-target-tcp-proxy
  portRange: "110"
  ipProtocol: "TCP"
  ipVersion: "IPV4"
  location: global
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeBackendService
metadata:
  name: computeforwardingrule-dep-global-with-target-tcp-proxy
spec:
  healthChecks:
    - healthCheckRef:
        name: computeforwardingrule-dep-global-with-target-tcp-proxy
  protocol: TCP
  location: global
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeHealthCheck
metadata:
  name: computeforwardingrule-dep-global-with-target-tcp-proxy
spec:
  checkIntervalSec: 10
  tcpHealthCheck:
    port: 110
  location: global
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeTargetTCPProxy
metadata:
  name: computeforwardingrule-dep-global-with-target-tcp-proxy
spec:
  backendServiceRef:
    name: computeforwardingrule-dep-global-with-target-tcp-proxy

Regional Forwarding Rule

# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeForwardingRule
metadata:
  labels:
    label-one: "value-one"
  name: computeforwardingrule-sample-regional
spec:
  description: "A regional forwarding rule"
  target:
    targetVPNGatewayRef:
      name: computeforwardingrule-dep-regional
  ipProtocol: "ESP"
  location: us-central1
  ipAddress:
    addressRef:
      name: computeforwardingrule-dep-regional
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeAddress
metadata:
  name: computeforwardingrule-dep-regional
  labels:
    label-one: "value-one"
spec:
  location: us-central1
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeNetwork
metadata:
  name: computeforwardingrule-dep-regional
spec:
  routingMode: REGIONAL
  autoCreateSubnetworks: false
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeTargetVPNGateway
metadata:
  name: computeforwardingrule-dep-regional
spec:
  description: a regional target vpn gateway
  region: us-central1
  networkRef:
    name: computeforwardingrule-dep-regional