# Copyright 2024 Google Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- name: 'Spoke' description: "The NetworkConnectivity Spoke resource" references: guides: 'Official Documentation': 'https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/overview' api: 'https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest/v1beta/projects.locations.spokes' docs: base_url: 'projects/{{project}}/locations/{{location}}/spokes' self_link: 'projects/{{project}}/locations/{{location}}/spokes/{{name}}' create_url: 'projects/{{project}}/locations/{{location}}/spokes?spokeId={{name}}' update_verb: 'PATCH' update_mask: true timeouts: insert_minutes: 20 update_minutes: 20 delete_minutes: 20 async: actions: ['create', 'delete', 'update'] type: 'OpAsync' operation: base_url: '{{op_id}}' result: resource_inside_response: false custom_code: legacy_long_form_project: true sweeper: url_substitutions: - region: "us-central1" - region: "global" examples: - name: 'network_connectivity_spoke_linked_vpc_network_basic' primary_resource_id: 'primary' vars: network_name: 'net' hub_name: 'hub1' spoke_name: 'spoke1' - name: 'network_connectivity_spoke_linked_vpc_network_group' primary_resource_id: 'primary' vars: network_name: 'net-spoke' hub_name: 'hub1-spoke' spoke_name: 'group-spoke1' - name: 'network_connectivity_spoke_router_appliance_basic' primary_resource_id: 'primary' vars: network_name: 'basic-network' subnetwork_name: 'basic-subnetwork' instance_name: 'basic-instance' hub_name: 'basic-hub1' spoke_name: 'basic-spoke' - name: 'network_connectivity_spoke_vpn_tunnel_basic' primary_resource_id: 'tunnel1' vars: network_name: 'basic-network' subnetwork_name: 'basic-subnetwork' gateway_name: 'vpn-gateway' external_gateway_name: 'external-vpn-gateway' router_name: 'external-vpn-gateway' vpn_tunnel_1_name: 'tunnel1' vpn_tunnel_2_name: 'tunnel2' router_interface_1_name: 'router-interface1' router_peer_1_name: 'router-peer1' router_interface_2_name: 'router-interface2' router_peer_2_name: 'router-peer2' hub_name: 'basic-hub1' vpn_tunnel_1_spoke_name: 'vpn-tunnel-1-spoke' vpn_tunnel_2_spoke_name: 'vpn-tunnel-2-spoke' # Skip due to multiple fine-grained resources skip_vcr: true - name: 'network_connectivity_spoke_interconnect_attachment_basic' primary_resource_id: 'primary' vars: hub_name: 'basic-hub1' network_name: 'basic-network' router_name: 'external-vpn-gateway' interconnect_attachment_name: 'partner-interconnect1' interconnect_attachment_spoke_name: 'interconnect-attachment-spoke' - name: 'network_connectivity_spoke_linked_producer_vpc_network_basic' primary_resource_id: 'primary' vars: network_name: "net-spoke" global_name: 'test-address' hub_name: "hub-basic" spoke_name: "vpc-spoke" producer_spoke_name: "producer-spoke" - name: 'network_connectivity_spoke_center_group' primary_resource_id: 'primary' vars: hub_name: "hub-basic" spoke_name: "vpc-spoke" auto_accept_project_1_name: "foo" auto_accept_project_2_name: "bar" - name: 'network_connectivity_spoke_linked_vpc_network_ipv6_support' primary_resource_id: 'primary' vars: network_name: 'net' hub_name: 'hub1' spoke_name: 'spoke1-ipv6' parameters: - name: 'location' type: String description: The location for the resource url_param_only: true required: true immutable: true properties: - name: 'name' type: String description: Immutable. The name of the spoke. Spoke names must be unique. required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - name: 'createTime' type: String description: Output only. The time the spoke was created. output: true - name: 'updateTime' type: String description: Output only. The time the spoke was last updated. output: true - name: 'labels' type: KeyValueLabels description: Optional labels in key:value format. For more information about labels, see [Requirements for labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). - name: 'description' type: String description: An optional description of the spoke. - name: 'hub' type: ResourceRef description: Immutable. The URI of the hub that this spoke is attached to. required: true immutable: true resource: 'hub' imports: 'name' - name: 'group' type: String description: The name of the group that this spoke is associated with. immutable: true default_from_api: true - name: 'linkedVpnTunnels' type: NestedObject description: The URIs of linked VPN tunnel resources conflicts: - linked_interconnect_attachments - linked_router_appliance_instances - linked_vpc_network - linked_producer_vpc_network update_mask_fields: - 'linkedVpnTunnels.includeImportRanges' properties: - name: 'uris' type: Array description: The URIs of linked VPN tunnel resources. required: true immutable: true item_type: type: String - name: 'siteToSiteDataTransfer' type: Boolean description: A value that controls whether site-to-site data transfer is enabled for these resources. Note that data transfer is available only in supported locations. required: true immutable: true - name: 'includeImportRanges' type: Array description: | IP ranges allowed to be included during import from hub (does not control transit connectivity). The only allowed value for now is "ALL_IPV4_RANGES". item_type: type: String - name: 'linkedInterconnectAttachments' type: NestedObject description: A collection of VLAN attachment resources. These resources should be redundant attachments that all advertise the same prefixes to Google Cloud. Alternatively, in active/passive configurations, all attachments should be capable of advertising the same prefixes. conflicts: - linked_vpn_tunnels - linked_router_appliance_instances - linked_vpc_network - linked_producer_vpc_network update_mask_fields: - 'linkedInterconnectAttachments.includeImportRanges' properties: - name: 'uris' type: Array description: The URIs of linked interconnect attachment resources required: true immutable: true item_type: type: String - name: 'siteToSiteDataTransfer' type: Boolean description: A value that controls whether site-to-site data transfer is enabled for these resources. Note that data transfer is available only in supported locations. required: true immutable: true - name: 'includeImportRanges' type: Array description: | IP ranges allowed to be included during import from hub (does not control transit connectivity). The only allowed value for now is "ALL_IPV4_RANGES". item_type: type: String - name: 'linkedRouterApplianceInstances' type: NestedObject description: The URIs of linked Router appliance resources conflicts: - linked_interconnect_attachments - linked_vpn_tunnels - linked_vpc_network - linked_producer_vpc_network update_mask_fields: - 'linkedRouterApplianceInstances.instances' - 'linkedRouterApplianceInstances.includeImportRanges' properties: - name: 'instances' type: Array description: The list of router appliance instances required: true immutable: true item_type: description: The list of router appliance instances type: NestedObject properties: - name: 'virtualMachine' type: String description: The URI of the virtual machine resource immutable: true required: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - name: 'ipAddress' type: String description: The IP address on the VM to use for peering. immutable: true required: true - name: 'siteToSiteDataTransfer' type: Boolean description: A value that controls whether site-to-site data transfer is enabled for these resources. Note that data transfer is available only in supported locations. required: true immutable: true - name: 'includeImportRanges' type: Array description: | IP ranges allowed to be included during import from hub (does not control transit connectivity). The only allowed value for now is "ALL_IPV4_RANGES". item_type: type: String - name: 'linkedVpcNetwork' type: NestedObject description: VPC network that is associated with the spoke. immutable: true conflicts: - linked_interconnect_attachments - linked_router_appliance_instances - linked_vpn_tunnels - linked_producer_vpc_network properties: - name: 'uri' type: String description: The URI of the VPC network resource. required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - name: 'excludeExportRanges' type: Array description: IP ranges encompassing the subnets to be excluded from peering. item_type: type: String - name: 'includeExportRanges' type: Array description: IP ranges allowed to be included from peering. item_type: type: String - name: linkedProducerVpcNetwork type: NestedObject description: Producer VPC network that is associated with the spoke. immutable: true conflicts: - linked_interconnect_attachments - linked_router_appliance_instances - linked_vpn_tunnels - linked_vpc_network properties: - name: network type: String description: The URI of the Service Consumer VPC that the Producer VPC is peered with. required: true immutable: true diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - name: peering type: String description: The name of the VPC peering between the Service Consumer VPC and the Producer VPC (defined in the Tenant project) which is added to the NCC hub. This peering must be in ACTIVE state. required: true immutable: true - name: producerNetwork type: String description: The URI of the Producer VPC. output: true immutable: true - name: includeExportRanges type: Array description: IP ranges allowed to be included from peering. item_type: type: String - name: excludeExportRanges type: Array description: IP ranges encompassing the subnets to be excluded from peering. item_type: type: String - name: 'uniqueId' type: String description: Output only. The Google-generated UUID for the spoke. This value is unique across all spoke resources. If a spoke is deleted and another with the same name is created, the new spoke is assigned a different unique_id. output: true - name: 'state' type: String description: Output only. The current lifecycle state of this spoke. output: true exactly_one_of: - 'STATE_UNSPECIFIED' - 'CREATING' - 'ACTIVE' - 'DELETING' - name: 'reasons' type: Array output: true description: The reasons for the current state in the lifecycle item_type: type: NestedObject properties: - name: 'code' type: String description: The code associated with this reason. - name: 'message' type: String description: Human-readable details about this reason. - name: 'userDetails' type: String description: Additional information provided by the user in the RejectSpoke call.