blob: 47a171fa0e870522345b686d1883b1bdd39e0312 [file] [log] [blame]
---
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** Type: MMv1 ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in
# .github/CONTRIBUTING.md.
#
# ----------------------------------------------------------------------------
subcategory: "Cloud DNS"
description: |-
A Response Policy is a collection of selectors that apply to queries
made against one or more Virtual Private Cloud networks.
---
# google\_dns\_response\_policy
A Response Policy is a collection of selectors that apply to queries
made against one or more Virtual Private Cloud networks.
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=dns_response_policy_basic&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
</a>
</div>
## Example Usage - Dns Response Policy Basic
```hcl
resource "google_compute_network" "network-1" {
name = "network-1"
auto_create_subnetworks = false
}
resource "google_compute_network" "network-2" {
name = "network-2"
auto_create_subnetworks = false
}
resource "google_compute_subnetwork" "subnetwork-1" {
name = google_compute_network.network-1.name
network = google_compute_network.network-1.name
ip_cidr_range = "10.0.36.0/24"
region = "us-central1"
private_ip_google_access = true
secondary_ip_range {
range_name = "pod"
ip_cidr_range = "10.0.0.0/19"
}
secondary_ip_range {
range_name = "svc"
ip_cidr_range = "10.0.32.0/22"
}
}
resource "google_container_cluster" "cluster-1" {
name = "cluster-1"
location = "us-central1-c"
initial_node_count = 1
networking_mode = "VPC_NATIVE"
default_snat_status {
disabled = true
}
network = google_compute_network.network-1.name
subnetwork = google_compute_subnetwork.subnetwork-1.name
private_cluster_config {
enable_private_endpoint = true
enable_private_nodes = true
master_ipv4_cidr_block = "10.42.0.0/28"
master_global_access_config {
enabled = true
}
}
master_authorized_networks_config {
}
ip_allocation_policy {
cluster_secondary_range_name = google_compute_subnetwork.subnetwork-1.secondary_ip_range[0].range_name
services_secondary_range_name = google_compute_subnetwork.subnetwork-1.secondary_ip_range[1].range_name
}
deletion_protection = "true"
}
resource "google_dns_response_policy" "example-response-policy" {
response_policy_name = "example-response-policy"
networks {
network_url = google_compute_network.network-1.id
}
networks {
network_url = google_compute_network.network-2.id
}
gke_clusters {
gke_cluster_name = google_container_cluster.cluster-1.id
}
}
```
## Argument Reference
The following arguments are supported:
* `response_policy_name` -
(Required)
The user assigned name for this Response Policy, such as `myresponsepolicy`.
- - -
* `description` -
(Optional)
The description of the response policy, such as `My new response policy`.
* `networks` -
(Optional)
The list of network names specifying networks to which this policy is applied.
Structure is [documented below](#nested_networks).
* `gke_clusters` -
(Optional)
The list of Google Kubernetes Engine clusters that can see this zone.
Structure is [documented below](#nested_gke_clusters).
* `project` - (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
<a name="nested_networks"></a>The `networks` block supports:
* `network_url` -
(Required)
The fully qualified URL of the VPC network to bind to.
This should be formatted like
`https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`
<a name="nested_gke_clusters"></a>The `gke_clusters` block supports:
* `gke_cluster_name` -
(Required)
The resource name of the cluster to bind this ManagedZone to.
This should be specified in the format like
`projects/*/locations/*/clusters/*`
## Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
* `id` - an identifier for the resource with format `projects/{{project}}/responsePolicies/{{response_policy_name}}`
## Timeouts
This resource provides the following
[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:
- `create` - Default is 20 minutes.
- `update` - Default is 20 minutes.
- `delete` - Default is 20 minutes.
## Import
ResponsePolicy can be imported using any of these accepted formats:
* `projects/{{project}}/responsePolicies/{{response_policy_name}}`
* `{{project}}/{{response_policy_name}}`
* `{{response_policy_name}}`
In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import ResponsePolicy using one of the formats above. For example:
```tf
import {
id = "projects/{{project}}/responsePolicies/{{response_policy_name}}"
to = google_dns_response_policy.default
}
```
When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), ResponsePolicy can be imported using one of the formats above. For example:
```
$ terraform import google_dns_response_policy.default projects/{{project}}/responsePolicies/{{response_policy_name}}
$ terraform import google_dns_response_policy.default {{project}}/{{response_policy_name}}
$ terraform import google_dns_response_policy.default {{response_policy_name}}
```
## User Project Overrides
This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).