GCP Private Service Access

Google and third parties (together known as service producers) can offer services that are hosted in a VPC network. Private services access (PSA) lets you reach the internal IP addresses of these Google and third-party services by using private connections. This is useful if you want your VM instances in your VPC network to use internal IP addresses instead of external IP addresses. The official documentation for Private service access.

Requirements

Name

Version

terraform

>= 1.0

google

>= 4.75.0

Providers

Name

Version

google

>= 4.75.0

Modules

No modules.

Resources

Name

Type

google_compute_global_address.reserved_service_range

resource

google_service_networking_connection.private_service_connection

resource

google_client_config.current

data source

Inputs

Name

Description

Type

Default

Required

address

The IP address or beginning of the address range represented by this resource. This can be supplied as an input to reserve a specific address or omitted to allow GCP to choose a valid one for you.

string

null

no

address_type

The type of the address to reserve.

string

"INTERNAL"

no

description

An optional description of this resource.

string

null

no

ip_version

The IP version that will be used by this address.

string

"IPV4"

no

name

Name of the resource.

string

n/a

yes

network

The URL of the network in which to reserve the IP range. .

string

n/a

yes

prefix_length

The prefix length if the resource represents an IP range.

number

null

no

Outputs

Name

Description

private_service_access

The PSA.

private_service_access_peering

The name of the VPC Network Peering connection that was created by the service producer.

reserved_service_range_id

The ID of the reserved service range.

reserved_service_range_self_link

The URI of of the reserved service range.

Examples