使用 Terraform 設定 Cloud Run 服務,以使用虛擬私有雲存取連接器
程式碼範例
Terraform
如要瞭解如何套用或移除 Terraform 設定,請參閱「基本 Terraform 指令」。 詳情請參閱 Terraform供應商參考說明文件。
後續步驟
如要搜尋及篩選其他 Google Cloud 產品的程式碼範例,請參閱Google Cloud 範例瀏覽器。
設定虛擬私有雲存取權
除非另有註明,否則本頁面中的內容是採用創用 CC 姓名標示 4.0 授權,程式碼範例則為阿帕契 2.0 授權。詳情請參閱《Google Developers 網站政策》。Java 是 Oracle 和/或其關聯企業的註冊商標。
[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],[],[],[],null,["# Configure VPC access\n\nUse Terraform to configure a Cloud Run service to use VPC access connector\n\nCode sample\n-----------\n\n### Terraform\n\n\nTo learn how to apply or remove a Terraform configuration, see\n[Basic Terraform commands](/docs/terraform/basic-commands).\n\n\nFor more information, see the\n[Terraform provider reference documentation](https://registry.terraform.io/providers/hashicorp/google/latest/docs).\n\n resource \"google_project_service\" \"vpcaccess_api\" {\n service = \"vpcaccess.googleapis.com\"\n disable_on_destroy = false\n }\n\n # VPC\n resource \"google_compute_network\" \"default\" {\n name = \"cloudrun-network\"\n auto_create_subnetworks = false\n }\n\n # VPC access connector\n resource \"google_vpc_access_connector\" \"connector\" {\n name = \"vpcconn\"\n region = \"us-west1\"\n ip_cidr_range = \"10.8.0.0/28\"\n network = google_compute_network.default.name\n depends_on = [google_project_service.vpcaccess_api]\n min_instances = 2\n max_instances = 3\n }\n\n # Cloud Router\n resource \"google_compute_router\" \"router\" {\n name = \"router\"\n region = \"us-west1\"\n network = google_compute_network.default.id\n }\n\n # NAT configuration\n resource \"google_compute_router_nat\" \"router_nat\" {\n name = \"nat\"\n region = \"us-west1\"\n router = google_compute_router.router.name\n source_subnetwork_ip_ranges_to_nat = \"ALL_SUBNETWORKS_ALL_IP_RANGES\"\n nat_ip_allocate_option = \"AUTO_ONLY\"\n }\n\n # Cloud Run service\n resource \"google_cloud_run_v2_service\" \"gcr_service\" {\n name = \"mygcrservice\"\n location = \"us-west1\"\n\n deletion_protection = false # set to \"true\" in production\n\n template {\n containers {\n image = \"us-docker.pkg.dev/cloudrun/container/hello\"\n resources {\n limits = {\n cpu = \"1000m\"\n memory = \"512Mi\"\n }\n }\n # the service uses this SA to call other Google Cloud APIs\n # service_account_name = myservice_runtime_sa\n }\n\n scaling {\n # Limit scale up to prevent any cost blow outs!\n max_instance_count = 5\n }\n\n vpc_access {\n # Use the VPC Connector\n connector = google_vpc_access_connector.connector.id\n # all egress from the service should go through the VPC Connector\n egress = \"ALL_TRAFFIC\"\n }\n }\n }\n\nWhat's next\n-----------\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=cloudrun)."]]