v6.2.0/website/docs/r/compute_interconnect_attachment.html.markdown

---
# ----------------------------------------------------------------------------
#
#     ***     AUTO GENERATED CODE    ***    Type: MMv1     ***
#
# ----------------------------------------------------------------------------
#
#     This file is automatically generated by Magic Modules and manual
#     changes will be clobbered when the file is regenerated.
#
#     Please read more about how to change this file in
#     .github/CONTRIBUTING.md.
#
# ----------------------------------------------------------------------------
subcategory: "Compute Engine"
description: |-
  Represents an InterconnectAttachment (VLAN attachment) resource.
---

# google_compute_interconnect_attachment

Represents an InterconnectAttachment (VLAN attachment) resource. For more
information, see Creating VLAN Attachments.



<div class = "oics-button" style="float: right; margin: 0 0 -15px">
  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md&cloudshell_working_dir=interconnect_attachment_basic&open_in_editor=main.tf" target="_blank">
    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
  </a>
</div>
## Example Usage - Interconnect Attachment Basic


```hcl
resource "google_compute_interconnect_attachment" "on_prem" {
  name                     = "on-prem-attachment"
  edge_availability_domain = "AVAILABILITY_DOMAIN_1"
  type                     = "PARTNER"
  router                   = google_compute_router.foobar.id
  mtu                      = 1500
}

resource "google_compute_router" "foobar" {
  name    = "router-1"
  network = google_compute_network.foobar.name
  bgp {
    asn = 16550
  }
}

resource "google_compute_network" "foobar" {
  name                    = "network-1"
  auto_create_subnetworks = false
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md&cloudshell_working_dir=compute_interconnect_attachment_ipsec_encryption&open_in_editor=main.tf" target="_blank">
    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
  </a>
</div>
## Example Usage - Compute Interconnect Attachment Ipsec Encryption


```hcl
resource "google_compute_interconnect_attachment" "ipsec-encrypted-interconnect-attachment" {
  name                     = "test-interconnect-attachment"
  edge_availability_domain = "AVAILABILITY_DOMAIN_1"
  type                     = "PARTNER"
  router                   = google_compute_router.router.id
  encryption               = "IPSEC"
  ipsec_internal_addresses = [
    google_compute_address.address.self_link,
  ]
}

resource "google_compute_address" "address" {
  name          = "test-address"
  address_type  = "INTERNAL"
  purpose       = "IPSEC_INTERCONNECT"
  address       = "192.168.1.0"
  prefix_length = 29
  network       = google_compute_network.network.self_link
}

resource "google_compute_router" "router" {
  name                          = "test-router"
  network                       = google_compute_network.network.name
  encrypted_interconnect_router = true
  bgp {
    asn = 16550
  }
}

resource "google_compute_network" "network" {
  name                    = "test-network"
  auto_create_subnetworks = false
}
```

## Argument Reference

The following arguments are supported:


* `router` -
  (Required)
  URL of the cloud router to be used for dynamic routing. This router must be in
  the same region as this InterconnectAttachment. The InterconnectAttachment will
  automatically connect the Interconnect to the network & region within which the
  Cloud Router is configured.

* `name` -
  (Required)
  Name of the resource. Provided by the client when the resource is created. The
  name must be 1-63 characters long, and comply with RFC1035. Specifically, the
  name must be 1-63 characters long and match the regular expression
  `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a
  lowercase letter, and all following characters must be a dash, lowercase
  letter, or digit, except the last character, which cannot be a dash.


- - -


* `admin_enabled` -
  (Optional)
  Whether the VLAN attachment is enabled or disabled.  When using
  PARTNER type this will Pre-Activate the interconnect attachment

* `interconnect` -
  (Optional)
  URL of the underlying Interconnect object that this attachment's
  traffic will traverse through. Required if type is DEDICATED, must not
  be set if type is PARTNER.

* `description` -
  (Optional)
  An optional description of this resource.

* `mtu` -
  (Optional)
  Maximum Transmission Unit (MTU), in bytes, of packets passing through
  this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440.

* `bandwidth` -
  (Optional)
  Provisioned bandwidth capacity for the interconnect attachment.
  For attachments of type DEDICATED, the user can set the bandwidth.
  For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth.
  Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED,
  Defaults to BPS_10G
  Possible values are: `BPS_50M`, `BPS_100M`, `BPS_200M`, `BPS_300M`, `BPS_400M`, `BPS_500M`, `BPS_1G`, `BPS_2G`, `BPS_5G`, `BPS_10G`, `BPS_20G`, `BPS_50G`.

* `edge_availability_domain` -
  (Optional)
  Desired availability domain for the attachment. Only available for type
  PARTNER, at creation time. For improved reliability, customers should
  configure a pair of attachments with one per availability domain. The
  selected availability domain will be provided to the Partner via the
  pairing key so that the provisioned circuit will lie in the specified
  domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.

* `type` -
  (Optional)
  The type of InterconnectAttachment you wish to create. Defaults to
  DEDICATED.
  Possible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`.

* `candidate_subnets` -
  (Optional)
  Up to 16 candidate prefixes that can be used to restrict the allocation
  of cloudRouterIpAddress and customerRouterIpAddress for this attachment.
  All prefixes must be within link-local address space (169.254.0.0/16)
  and must be /29 or shorter (/28, /27, etc). Google will attempt to select
  an unused /29 from the supplied candidate prefix(es). The request will
  fail if all possible /29s are in use on Google's edge. If not supplied,
  Google will randomly select an unused /29 from all of link-local space.

* `vlan_tag8021q` -
  (Optional)
  The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. When
  using PARTNER type this will be managed upstream.

* `ipsec_internal_addresses` -
  (Optional)
  URL of addresses that have been reserved for the interconnect attachment,
  Used only for interconnect attachment that has the encryption option as
  IPSEC.
  The addresses must be RFC 1918 IP address ranges. When creating HA VPN
  gateway over the interconnect attachment, if the attachment is configured
  to use an RFC 1918 IP address, then the VPN gateway's IP address will be
  allocated from the IP address range specified here.
  For example, if the HA VPN gateway's interface 0 is paired to this
  interconnect attachment, then an RFC 1918 IP address for the VPN gateway
  interface 0 will be allocated from the IP address specified for this
  interconnect attachment.
  If this field is not specified for interconnect attachment that has
  encryption option as IPSEC, later on when creating HA VPN gateway on this
  interconnect attachment, the HA VPN gateway's IP address will be
  allocated from regional external IP address pool.

* `encryption` -
  (Optional)
  Indicates the user-supplied encryption option of this interconnect
  attachment. Can only be specified at attachment creation for PARTNER or
  DEDICATED attachments.
  * NONE - This is the default value, which means that the VLAN attachment
  carries unencrypted traffic. VMs are able to send traffic to, or receive
  traffic from, such a VLAN attachment.
  * IPSEC - The VLAN attachment carries only encrypted traffic that is
  encrypted by an IPsec device, such as an HA VPN gateway or third-party
  IPsec VPN. VMs cannot directly send traffic to, or receive traffic from,
  such a VLAN attachment. To use HA VPN over Cloud Interconnect, the VLAN
  attachment must be created with this option.
  Default value is `NONE`.
  Possible values are: `NONE`, `IPSEC`.

* `stack_type` -
  (Optional)
  The stack type for this interconnect attachment to identify whether the IPv6
  feature is enabled or not. If not specified, IPV4_ONLY will be used.
  This field can be both set at interconnect attachments creation and update
  interconnect attachment operations.
  Possible values are: `IPV4_IPV6`, `IPV4_ONLY`.

* `subnet_length` -
  (Optional)
  Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29,
  except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a
  constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure
  remote location fall into this category. In these cases, the default value is 30, and
  requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it
  gives Google Cloud Support more debugging visibility.

* `region` -
  (Optional)
  Region where the regional interconnect attachment resides.

* `project` - (Optional) The ID of the project in which the resource belongs.
    If it is not provided, the provider project is used.


## Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

* `id` - an identifier for the resource with format `projects/{{project}}/regions/{{region}}/interconnectAttachments/{{name}}`

* `cloud_router_ip_address` -
  IPv4 address + prefix length to be configured on Cloud Router
  Interface for this interconnect attachment.

* `customer_router_ip_address` -
  IPv4 address + prefix length to be configured on the customer
  router subinterface for this interconnect attachment.

* `pairing_key` -
  [Output only for type PARTNER. Not present for DEDICATED]. The opaque
  identifier of an PARTNER attachment used to initiate provisioning with
  a selected partner. Of the form "XXXXX/region/domain"

* `partner_asn` -
  [Output only for type PARTNER. Not present for DEDICATED]. Optional
  BGP ASN for the router that should be supplied by a layer 3 Partner if
  they configured BGP on behalf of the customer.

* `private_interconnect_info` -
  Information specific to an InterconnectAttachment. This property
  is populated if the interconnect that this is attached to is of type DEDICATED.
  Structure is [documented below](#nested_private_interconnect_info).

* `state` -
  [Output Only] The current state of this attachment's functionality.

* `google_reference_id` -
  Google reference ID, to be used when raising support tickets with
  Google or otherwise to debug backend connectivity issues.

* `creation_timestamp` -
  Creation timestamp in RFC3339 text format.

* `cloud_router_ipv6_address` -
  IPv6 address + prefix length to be configured on Cloud Router
  Interface for this interconnect attachment.

* `customer_router_ipv6_address` -
  IPv6 address + prefix length to be configured on the customer
  router subinterface for this interconnect attachment.
* `self_link` - The URI of the created resource.


<a name="nested_private_interconnect_info"></a>The `private_interconnect_info` block contains:

* `tag8021q` -
  (Output)
  802.1q encapsulation tag to be used for traffic between
  Google and the customer, going to and from this network and region.

## Timeouts

This resource provides the following
[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:

- `create` - Default is 20 minutes.
- `update` - Default is 20 minutes.
- `delete` - Default is 20 minutes.

## Import


InterconnectAttachment can be imported using any of these accepted formats:

* `projects/{{project}}/regions/{{region}}/interconnectAttachments/{{name}}`
* `{{project}}/{{region}}/{{name}}`
* `{{region}}/{{name}}`
* `{{name}}`


In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import InterconnectAttachment using one of the formats above. For example:

```tf
import {
  id = "projects/{{project}}/regions/{{region}}/interconnectAttachments/{{name}}"
  to = google_compute_interconnect_attachment.default
}
```

When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), InterconnectAttachment can be imported using one of the formats above. For example:

```
$ terraform import google_compute_interconnect_attachment.default projects/{{project}}/regions/{{region}}/interconnectAttachments/{{name}}
$ terraform import google_compute_interconnect_attachment.default {{project}}/{{region}}/{{name}}
$ terraform import google_compute_interconnect_attachment.default {{region}}/{{name}}
$ terraform import google_compute_interconnect_attachment.default {{name}}
```

## User Project Overrides

This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).