| --- |
| # ---------------------------------------------------------------------------- |
| # |
| # *** AUTO GENERATED CODE *** Type: MMv1 *** |
| # |
| # ---------------------------------------------------------------------------- |
| # |
| # This file is automatically generated by Magic Modules and manual |
| # changes will be clobbered when the file is regenerated. |
| # |
| # Please read more about how to change this file in |
| # .github/CONTRIBUTING.md. |
| # |
| # ---------------------------------------------------------------------------- |
| subcategory: "Cloud DNS" |
| description: |- |
| A Response Policy is a collection of selectors that apply to queries |
| made against one or more Virtual Private Cloud networks. |
| --- |
| |
| # google\_dns\_response\_policy |
| |
| A Response Policy is a collection of selectors that apply to queries |
| made against one or more Virtual Private Cloud networks. |
| |
| |
| |
| <div class = "oics-button" style="float: right; margin: 0 0 -15px"> |
| <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=dns_response_policy_basic&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank"> |
| <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;"> |
| </a> |
| </div> |
| ## Example Usage - Dns Response Policy Basic |
| |
| |
| ```hcl |
| resource "google_compute_network" "network-1" { |
| name = "network-1" |
| auto_create_subnetworks = false |
| } |
| |
| resource "google_compute_network" "network-2" { |
| name = "network-2" |
| auto_create_subnetworks = false |
| } |
| |
| resource "google_compute_subnetwork" "subnetwork-1" { |
| name = google_compute_network.network-1.name |
| network = google_compute_network.network-1.name |
| ip_cidr_range = "10.0.36.0/24" |
| region = "us-central1" |
| private_ip_google_access = true |
| |
| secondary_ip_range { |
| range_name = "pod" |
| ip_cidr_range = "10.0.0.0/19" |
| } |
| |
| secondary_ip_range { |
| range_name = "svc" |
| ip_cidr_range = "10.0.32.0/22" |
| } |
| } |
| |
| resource "google_container_cluster" "cluster-1" { |
| name = "cluster-1" |
| location = "us-central1-c" |
| initial_node_count = 1 |
| |
| networking_mode = "VPC_NATIVE" |
| default_snat_status { |
| disabled = true |
| } |
| network = google_compute_network.network-1.name |
| subnetwork = google_compute_subnetwork.subnetwork-1.name |
| |
| private_cluster_config { |
| enable_private_endpoint = true |
| enable_private_nodes = true |
| master_ipv4_cidr_block = "10.42.0.0/28" |
| master_global_access_config { |
| enabled = true |
| } |
| } |
| master_authorized_networks_config { |
| } |
| ip_allocation_policy { |
| cluster_secondary_range_name = google_compute_subnetwork.subnetwork-1.secondary_ip_range[0].range_name |
| services_secondary_range_name = google_compute_subnetwork.subnetwork-1.secondary_ip_range[1].range_name |
| } |
| deletion_protection = "true" |
| } |
| |
| resource "google_dns_response_policy" "example-response-policy" { |
| response_policy_name = "example-response-policy" |
| |
| networks { |
| network_url = google_compute_network.network-1.id |
| } |
| networks { |
| network_url = google_compute_network.network-2.id |
| } |
| gke_clusters { |
| gke_cluster_name = google_container_cluster.cluster-1.id |
| } |
| } |
| ``` |
| |
| ## Argument Reference |
| |
| The following arguments are supported: |
| |
| |
| * `response_policy_name` - |
| (Required) |
| The user assigned name for this Response Policy, such as `myresponsepolicy`. |
| |
| |
| - - - |
| |
| |
| * `description` - |
| (Optional) |
| The description of the response policy, such as `My new response policy`. |
| |
| * `networks` - |
| (Optional) |
| The list of network names specifying networks to which this policy is applied. |
| Structure is [documented below](#nested_networks). |
| |
| * `gke_clusters` - |
| (Optional) |
| The list of Google Kubernetes Engine clusters that can see this zone. |
| Structure is [documented below](#nested_gke_clusters). |
| |
| * `project` - (Optional) The ID of the project in which the resource belongs. |
| If it is not provided, the provider project is used. |
| |
| |
| <a name="nested_networks"></a>The `networks` block supports: |
| |
| * `network_url` - |
| (Required) |
| The fully qualified URL of the VPC network to bind to. |
| This should be formatted like |
| `https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}` |
| |
| <a name="nested_gke_clusters"></a>The `gke_clusters` block supports: |
| |
| * `gke_cluster_name` - |
| (Required) |
| The resource name of the cluster to bind this ManagedZone to. |
| This should be specified in the format like |
| `projects/*/locations/*/clusters/*` |
| |
| ## Attributes Reference |
| |
| In addition to the arguments listed above, the following computed attributes are exported: |
| |
| * `id` - an identifier for the resource with format `projects/{{project}}/responsePolicies/{{response_policy_name}}` |
| |
| |
| ## Timeouts |
| |
| This resource provides the following |
| [Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: |
| |
| - `create` - Default is 20 minutes. |
| - `update` - Default is 20 minutes. |
| - `delete` - Default is 20 minutes. |
| |
| ## Import |
| |
| |
| ResponsePolicy can be imported using any of these accepted formats: |
| |
| * `projects/{{project}}/responsePolicies/{{response_policy_name}}` |
| * `{{project}}/{{response_policy_name}}` |
| * `{{response_policy_name}}` |
| |
| |
| In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import ResponsePolicy using one of the formats above. For example: |
| |
| ```tf |
| import { |
| id = "projects/{{project}}/responsePolicies/{{response_policy_name}}" |
| to = google_dns_response_policy.default |
| } |
| ``` |
| |
| When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), ResponsePolicy can be imported using one of the formats above. For example: |
| |
| ``` |
| $ terraform import google_dns_response_policy.default projects/{{project}}/responsePolicies/{{response_policy_name}} |
| $ terraform import google_dns_response_policy.default {{project}}/{{response_policy_name}} |
| $ terraform import google_dns_response_policy.default {{response_policy_name}} |
| ``` |
| |
| ## User Project Overrides |
| |
| This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override). |