@pulumi/gcp

import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * A zone is a subtree of the DNS namespace under one administrative * responsibility. A ManagedZone is a resource that represents a DNS zone * hosted by the Cloud DNS service. * * To get more information about ManagedZone, see: * * * [API documentation](https://cloud.google.com/dns/api/v1/managedZones) * * How-to Guides * * [Managing Zones](https://cloud.google.com/dns/zones/) * * ## Example Usage * * ### Dns Managed Zone Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const example_zone = new gcp.dns.ManagedZone("example-zone", { * name: "example-zone", * dnsName: "my-domain.com.", * description: "Example DNS zone", * labels: { * foo: "bar", * }, * }); * ``` * ### Dns Managed Zone Private * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const network_1 = new gcp.compute.Network("network-1", { * name: "network-1", * autoCreateSubnetworks: false, * }); * const network_2 = new gcp.compute.Network("network-2", { * name: "network-2", * autoCreateSubnetworks: false, * }); * const private_zone = new gcp.dns.ManagedZone("private-zone", { * name: "private-zone", * dnsName: "private.example.com.", * description: "Example private DNS zone", * labels: { * foo: "bar", * }, * visibility: "private", * privateVisibilityConfig: { * networks: [ * { * networkUrl: network_1.id, * }, * { * networkUrl: network_2.id, * }, * ], * }, * }); * ``` * ### Dns Managed Zone Private Forwarding * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const network_1 = new gcp.compute.Network("network-1", { * name: "network-1", * autoCreateSubnetworks: false, * }); * const network_2 = new gcp.compute.Network("network-2", { * name: "network-2", * autoCreateSubnetworks: false, * }); * const private_zone = new gcp.dns.ManagedZone("private-zone", { * name: "private-zone", * dnsName: "private.example.com.", * description: "Example private DNS zone", * labels: { * foo: "bar", * }, * visibility: "private", * privateVisibilityConfig: { * networks: [ * { * networkUrl: network_1.id, * }, * { * networkUrl: network_2.id, * }, * ], * }, * forwardingConfig: { * targetNameServers: [ * { * ipv4Address: "172.16.1.10", * }, * { * ipv4Address: "172.16.1.20", * }, * ], * }, * }); * ``` * ### Dns Managed Zone Private Gke * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const network_1 = new gcp.compute.Network("network-1", { * name: "network-1", * autoCreateSubnetworks: false, * }); * const subnetwork_1 = new gcp.compute.Subnetwork("subnetwork-1", { * name: network_1.name, * network: network_1.name, * ipCidrRange: "10.0.36.0/24", * region: "us-central1", * privateIpGoogleAccess: true, * secondaryIpRanges: [ * { * rangeName: "pod", * ipCidrRange: "10.0.0.0/19", * }, * { * rangeName: "svc", * ipCidrRange: "10.0.32.0/22", * }, * ], * }); * const cluster_1 = new gcp.container.Cluster("cluster-1", { * name: "cluster-1", * location: "us-central1-c", * initialNodeCount: 1, * networkingMode: "VPC_NATIVE", * defaultSnatStatus: { * disabled: true, * }, * network: network_1.name, * subnetwork: subnetwork_1.name, * privateClusterConfig: { * enablePrivateEndpoint: true, * enablePrivateNodes: true, * masterIpv4CidrBlock: "10.42.0.0/28", * masterGlobalAccessConfig: { * enabled: true, * }, * }, * masterAuthorizedNetworksConfig: {}, * ipAllocationPolicy: { * clusterSecondaryRangeName: subnetwork_1.secondaryIpRanges.apply(secondaryIpRanges => secondaryIpRanges[0].rangeName), * servicesSecondaryRangeName: subnetwork_1.secondaryIpRanges.apply(secondaryIpRanges => secondaryIpRanges[1].rangeName), * }, * deletionProtection: true, * }); * const private_zone_gke = new gcp.dns.ManagedZone("private-zone-gke", { * name: "private-zone", * dnsName: "private.example.com.", * description: "Example private DNS zone", * labels: { * foo: "bar", * }, * visibility: "private", * privateVisibilityConfig: { * gkeClusters: [{ * gkeClusterName: cluster_1.id, * }], * }, * }); * ``` * ### Dns Managed Zone Private Peering * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const network_source = new gcp.compute.Network("network-source", { * name: "network-source", * autoCreateSubnetworks: false, * }); * const network_target = new gcp.compute.Network("network-target", { * name: "network-target", * autoCreateSubnetworks: false, * }); * const peering_zone = new gcp.dns.ManagedZone("peering-zone", { * name: "peering-zone", * dnsName: "peering.example.com.", * description: "Example private DNS peering zone", * visibility: "private", * privateVisibilityConfig: { * networks: [{ * networkUrl: network_source.id, * }], * }, * peeringConfig: { * targetNetwork: { * networkUrl: network_target.id, * }, * }, * }); * ``` * ### Dns Managed Zone Service Directory * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const example = new gcp.servicedirectory.Namespace("example", { * namespaceId: "example", * location: "us-central1", * }); * const sd_zone = new gcp.dns.ManagedZone("sd-zone", { * name: "peering-zone", * dnsName: "services.example.com.", * description: "Example private DNS Service Directory zone", * visibility: "private", * serviceDirectoryConfig: { * namespace: { * namespaceUrl: example.id, * }, * }, * }); * const network = new gcp.compute.Network("network", { * name: "network", * autoCreateSubnetworks: false, * }); * ``` * ### Dns Managed Zone Cloud Logging * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const cloud_logging_enabled_zone = new gcp.dns.ManagedZone("cloud-logging-enabled-zone", { * name: "cloud-logging-enabled-zone", * dnsName: "services.example.com.", * description: "Example cloud logging enabled DNS zone", * labels: { * foo: "bar", * }, * cloudLoggingConfig: { * enableLogging: true, * }, * }); * ``` * * ## Import * * ManagedZone can be imported using any of these accepted formats: * * * `projects/{{project}}/managedZones/{{name}}` * * * `{{project}}/{{name}}` * * * `{{name}}` * * When using the `pulumi import` command, ManagedZone can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:dns/managedZone:ManagedZone default projects/{{project}}/managedZones/{{name}} * ``` * * ```sh * $ pulumi import gcp:dns/managedZone:ManagedZone default {{project}}/{{name}} * ``` * * ```sh * $ pulumi import gcp:dns/managedZone:ManagedZone default {{name}} * ``` */ export declare class ManagedZone extends pulumi.CustomResource { /** * Get an existing ManagedZone resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ManagedZoneState, opts?: pulumi.CustomResourceOptions): ManagedZone; /** * Returns true if the given object is an instance of ManagedZone. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ManagedZone; /** * Cloud logging configuration * Structure is documented below. */ readonly cloudLoggingConfig: pulumi.Output<outputs.dns.ManagedZoneCloudLoggingConfig>; /** * The time that this resource was created on the server. * This is in RFC3339 text format. */ readonly creationTime: pulumi.Output<string>; /** * A textual description field. Defaults to 'Managed by Pulumi'. */ readonly description: pulumi.Output<string>; /** * The DNS name of this managed zone, for instance "example.com.". */ readonly dnsName: pulumi.Output<string>; /** * DNSSEC configuration * Structure is documented below. */ readonly dnssecConfig: pulumi.Output<outputs.dns.ManagedZoneDnssecConfig>; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ readonly effectiveLabels: pulumi.Output<{ [key: string]: string; }>; /** * Set this true to delete all records in the zone. */ readonly forceDestroy: pulumi.Output<boolean | undefined>; /** * The presence for this field indicates that outbound forwarding is enabled * for this zone. The value of this field contains the set of destinations * to forward to. * Structure is documented below. */ readonly forwardingConfig: pulumi.Output<outputs.dns.ManagedZoneForwardingConfig | undefined>; /** * A set of key/value label pairs to assign to this ManagedZone. * * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ readonly labels: pulumi.Output<{ [key: string]: string; } | undefined>; /** * Unique identifier for the resource; defined by the server. */ readonly managedZoneId: pulumi.Output<string>; /** * User assigned name for this resource. * Must be unique within the project. */ readonly name: pulumi.Output<string>; /** * Delegate your managedZone to these virtual name servers; * defined by the server */ readonly nameServers: pulumi.Output<string[]>; /** * The presence of this field indicates that DNS Peering is enabled for this * zone. The value of this field contains the network to peer with. * Structure is documented below. */ readonly peeringConfig: pulumi.Output<outputs.dns.ManagedZonePeeringConfig | undefined>; /** * For privately visible zones, the set of Virtual Private Cloud * resources that the zone is visible from. At least one of `gkeClusters` or `networks` must be specified. * Structure is documented below. */ readonly privateVisibilityConfig: pulumi.Output<outputs.dns.ManagedZonePrivateVisibilityConfig | undefined>; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ readonly project: pulumi.Output<string>; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ readonly pulumiLabels: pulumi.Output<{ [key: string]: string; }>; /** * Specifies if this is a managed reverse lookup zone. If true, Cloud DNS will resolve reverse * lookup queries using automatically configured records for VPC resources. This only applies * to networks listed under `privateVisibilityConfig`. */ readonly reverseLookup: pulumi.Output<boolean | undefined>; /** * The presence of this field indicates that this zone is backed by Service Directory. The value of this field contains information related to the namespace associated with the zone. * Structure is documented below. */ readonly serviceDirectoryConfig: pulumi.Output<outputs.dns.ManagedZoneServiceDirectoryConfig | undefined>; /** * The zone's visibility: public zones are exposed to the Internet, * while private zones are visible only to Virtual Private Cloud resources. * Default value is `public`. * Possible values are: `private`, `public`. */ readonly visibility: pulumi.Output<string | undefined>; /** * Create a ManagedZone resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ManagedZoneArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ManagedZone resources. */ export interface ManagedZoneState { /** * Cloud logging configuration * Structure is documented below. */ cloudLoggingConfig?: pulumi.Input<inputs.dns.ManagedZoneCloudLoggingConfig>; /** * The time that this resource was created on the server. * This is in RFC3339 text format. */ creationTime?: pulumi.Input<string>; /** * A textual description field. Defaults to 'Managed by Pulumi'. */ description?: pulumi.Input<string>; /** * The DNS name of this managed zone, for instance "example.com.". */ dnsName?: pulumi.Input<string>; /** * DNSSEC configuration * Structure is documented below. */ dnssecConfig?: pulumi.Input<inputs.dns.ManagedZoneDnssecConfig>; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ effectiveLabels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Set this true to delete all records in the zone. */ forceDestroy?: pulumi.Input<boolean>; /** * The presence for this field indicates that outbound forwarding is enabled * for this zone. The value of this field contains the set of destinations * to forward to. * Structure is documented below. */ forwardingConfig?: pulumi.Input<inputs.dns.ManagedZoneForwardingConfig>; /** * A set of key/value label pairs to assign to this ManagedZone. * * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Unique identifier for the resource; defined by the server. */ managedZoneId?: pulumi.Input<string>; /** * User assigned name for this resource. * Must be unique within the project. */ name?: pulumi.Input<string>; /** * Delegate your managedZone to these virtual name servers; * defined by the server */ nameServers?: pulumi.Input<pulumi.Input<string>[]>; /** * The presence of this field indicates that DNS Peering is enabled for this * zone. The value of this field contains the network to peer with. * Structure is documented below. */ peeringConfig?: pulumi.Input<inputs.dns.ManagedZonePeeringConfig>; /** * For privately visible zones, the set of Virtual Private Cloud * resources that the zone is visible from. At least one of `gkeClusters` or `networks` must be specified. * Structure is documented below. */ privateVisibilityConfig?: pulumi.Input<inputs.dns.ManagedZonePrivateVisibilityConfig>; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input<string>; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ pulumiLabels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Specifies if this is a managed reverse lookup zone. If true, Cloud DNS will resolve reverse * lookup queries using automatically configured records for VPC resources. This only applies * to networks listed under `privateVisibilityConfig`. */ reverseLookup?: pulumi.Input<boolean>; /** * The presence of this field indicates that this zone is backed by Service Directory. The value of this field contains information related to the namespace associated with the zone. * Structure is documented below. */ serviceDirectoryConfig?: pulumi.Input<inputs.dns.ManagedZoneServiceDirectoryConfig>; /** * The zone's visibility: public zones are exposed to the Internet, * while private zones are visible only to Virtual Private Cloud resources. * Default value is `public`. * Possible values are: `private`, `public`. */ visibility?: pulumi.Input<string>; } /** * The set of arguments for constructing a ManagedZone resource. */ export interface ManagedZoneArgs { /** * Cloud logging configuration * Structure is documented below. */ cloudLoggingConfig?: pulumi.Input<inputs.dns.ManagedZoneCloudLoggingConfig>; /** * A textual description field. Defaults to 'Managed by Pulumi'. */ description?: pulumi.Input<string>; /** * The DNS name of this managed zone, for instance "example.com.". */ dnsName: pulumi.Input<string>; /** * DNSSEC configuration * Structure is documented below. */ dnssecConfig?: pulumi.Input<inputs.dns.ManagedZoneDnssecConfig>; /** * Set this true to delete all records in the zone. */ forceDestroy?: pulumi.Input<boolean>; /** * The presence for this field indicates that outbound forwarding is enabled * for this zone. The value of this field contains the set of destinations * to forward to. * Structure is documented below. */ forwardingConfig?: pulumi.Input<inputs.dns.ManagedZoneForwardingConfig>; /** * A set of key/value label pairs to assign to this ManagedZone. * * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * User assigned name for this resource. * Must be unique within the project. */ name?: pulumi.Input<string>; /** * The presence of this field indicates that DNS Peering is enabled for this * zone. The value of this field contains the network to peer with. * Structure is documented below. */ peeringConfig?: pulumi.Input<inputs.dns.ManagedZonePeeringConfig>; /** * For privately visible zones, the set of Virtual Private Cloud * resources that the zone is visible from. At least one of `gkeClusters` or `networks` must be specified. * Structure is documented below. */ privateVisibilityConfig?: pulumi.Input<inputs.dns.ManagedZonePrivateVisibilityConfig>; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input<string>; /** * Specifies if this is a managed reverse lookup zone. If true, Cloud DNS will resolve reverse * lookup queries using automatically configured records for VPC resources. This only applies * to networks listed under `privateVisibilityConfig`. */ reverseLookup?: pulumi.Input<boolean>; /** * The presence of this field indicates that this zone is backed by Service Directory. The value of this field contains information related to the namespace associated with the zone. * Structure is documented below. */ serviceDirectoryConfig?: pulumi.Input<inputs.dns.ManagedZoneServiceDirectoryConfig>; /** * The zone's visibility: public zones are exposed to the Internet, * while private zones are visible only to Virtual Private Cloud resources. * Default value is `public`. * Possible values are: `private`, `public`. */ visibility?: pulumi.Input<string>; }