1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. compute
  5. BackendService
Google Cloud Classic v8.9.3 published on Monday, Nov 18, 2024 by Pulumi

gcp.compute.BackendService

Explore with Pulumi AI

gcp logo
Google Cloud Classic v8.9.3 published on Monday, Nov 18, 2024 by Pulumi

    A Backend Service defines a group of virtual machines that will serve traffic for load balancing. This resource is a global backend service, appropriate for external load balancing or self-managed internal load balancing. For managed internal load balancing, use a regional backend service instead.

    Currently self-managed internal load balancing is only available in beta.

    To get more information about BackendService, see:

    Warning: All arguments including the following potentially sensitive values will be stored in the raw state as plain text: iap.oauth2_client_secret, iap.oauth2_client_secret_sha256, security_settings.aws_v4_authentication.access_key.

    Example Usage

    Backend Service Basic

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
        name: "health-check",
        requestPath: "/",
        checkIntervalSec: 1,
        timeoutSec: 1,
    });
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        healthChecks: defaultHttpHealthCheck.id,
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    default_http_health_check = gcp.compute.HttpHealthCheck("default",
        name="health-check",
        request_path="/",
        check_interval_sec=1,
        timeout_sec=1)
    default = gcp.compute.BackendService("default",
        name="backend-service",
        health_checks=default_http_health_check.id)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
    			Name:             pulumi.String("health-check"),
    			RequestPath:      pulumi.String("/"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:         pulumi.String("backend-service"),
    			HealthChecks: defaultHttpHealthCheck.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
        {
            Name = "health-check",
            RequestPath = "/",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
        });
    
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            HealthChecks = defaultHttpHealthCheck.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HttpHealthCheck;
    import com.pulumi.gcp.compute.HttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
                .name("health-check")
                .requestPath("/")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .build());
    
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .healthChecks(defaultHttpHealthCheck.id())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          healthChecks: ${defaultHttpHealthCheck.id}
      defaultHttpHealthCheck:
        type: gcp:compute:HttpHealthCheck
        name: default
        properties:
          name: health-check
          requestPath: /
          checkIntervalSec: 1
          timeoutSec: 1
    

    Backend Service External Iap

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const _default = new gcp.compute.BackendService("default", {
        name: "tf-test-backend-service-external",
        protocol: "HTTP",
        loadBalancingScheme: "EXTERNAL",
        iap: {
            enabled: true,
            oauth2ClientId: "abc",
            oauth2ClientSecret: "xyz",
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    default = gcp.compute.BackendService("default",
        name="tf-test-backend-service-external",
        protocol="HTTP",
        load_balancing_scheme="EXTERNAL",
        iap={
            "enabled": True,
            "oauth2_client_id": "abc",
            "oauth2_client_secret": "xyz",
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:                pulumi.String("tf-test-backend-service-external"),
    			Protocol:            pulumi.String("HTTP"),
    			LoadBalancingScheme: pulumi.String("EXTERNAL"),
    			Iap: &compute.BackendServiceIapArgs{
    				Enabled:            pulumi.Bool(true),
    				Oauth2ClientId:     pulumi.String("abc"),
    				Oauth2ClientSecret: pulumi.String("xyz"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "tf-test-backend-service-external",
            Protocol = "HTTP",
            LoadBalancingScheme = "EXTERNAL",
            Iap = new Gcp.Compute.Inputs.BackendServiceIapArgs
            {
                Enabled = true,
                Oauth2ClientId = "abc",
                Oauth2ClientSecret = "xyz",
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceIapArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("tf-test-backend-service-external")
                .protocol("HTTP")
                .loadBalancingScheme("EXTERNAL")
                .iap(BackendServiceIapArgs.builder()
                    .enabled(true)
                    .oauth2ClientId("abc")
                    .oauth2ClientSecret("xyz")
                    .build())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: tf-test-backend-service-external
          protocol: HTTP
          loadBalancingScheme: EXTERNAL
          iap:
            enabled: true
            oauth2ClientId: abc
            oauth2ClientSecret: xyz
    

    Backend Service Cache Simple

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
        name: "health-check",
        requestPath: "/",
        checkIntervalSec: 1,
        timeoutSec: 1,
    });
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        healthChecks: defaultHttpHealthCheck.id,
        enableCdn: true,
        cdnPolicy: {
            signedUrlCacheMaxAgeSec: 7200,
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    default_http_health_check = gcp.compute.HttpHealthCheck("default",
        name="health-check",
        request_path="/",
        check_interval_sec=1,
        timeout_sec=1)
    default = gcp.compute.BackendService("default",
        name="backend-service",
        health_checks=default_http_health_check.id,
        enable_cdn=True,
        cdn_policy={
            "signed_url_cache_max_age_sec": 7200,
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
    			Name:             pulumi.String("health-check"),
    			RequestPath:      pulumi.String("/"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:         pulumi.String("backend-service"),
    			HealthChecks: defaultHttpHealthCheck.ID(),
    			EnableCdn:    pulumi.Bool(true),
    			CdnPolicy: &compute.BackendServiceCdnPolicyArgs{
    				SignedUrlCacheMaxAgeSec: pulumi.Int(7200),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
        {
            Name = "health-check",
            RequestPath = "/",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
        });
    
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            HealthChecks = defaultHttpHealthCheck.Id,
            EnableCdn = true,
            CdnPolicy = new Gcp.Compute.Inputs.BackendServiceCdnPolicyArgs
            {
                SignedUrlCacheMaxAgeSec = 7200,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HttpHealthCheck;
    import com.pulumi.gcp.compute.HttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceCdnPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
                .name("health-check")
                .requestPath("/")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .build());
    
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .healthChecks(defaultHttpHealthCheck.id())
                .enableCdn(true)
                .cdnPolicy(BackendServiceCdnPolicyArgs.builder()
                    .signedUrlCacheMaxAgeSec(7200)
                    .build())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          healthChecks: ${defaultHttpHealthCheck.id}
          enableCdn: true
          cdnPolicy:
            signedUrlCacheMaxAgeSec: 7200
      defaultHttpHealthCheck:
        type: gcp:compute:HttpHealthCheck
        name: default
        properties:
          name: health-check
          requestPath: /
          checkIntervalSec: 1
          timeoutSec: 1
    

    Backend Service Cache Include Http Headers

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        enableCdn: true,
        cdnPolicy: {
            cacheMode: "USE_ORIGIN_HEADERS",
            cacheKeyPolicy: {
                includeHost: true,
                includeProtocol: true,
                includeQueryString: true,
                includeHttpHeaders: ["X-My-Header-Field"],
            },
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    default = gcp.compute.BackendService("default",
        name="backend-service",
        enable_cdn=True,
        cdn_policy={
            "cache_mode": "USE_ORIGIN_HEADERS",
            "cache_key_policy": {
                "include_host": True,
                "include_protocol": True,
                "include_query_string": True,
                "include_http_headers": ["X-My-Header-Field"],
            },
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:      pulumi.String("backend-service"),
    			EnableCdn: pulumi.Bool(true),
    			CdnPolicy: &compute.BackendServiceCdnPolicyArgs{
    				CacheMode: pulumi.String("USE_ORIGIN_HEADERS"),
    				CacheKeyPolicy: &compute.BackendServiceCdnPolicyCacheKeyPolicyArgs{
    					IncludeHost:        pulumi.Bool(true),
    					IncludeProtocol:    pulumi.Bool(true),
    					IncludeQueryString: pulumi.Bool(true),
    					IncludeHttpHeaders: pulumi.StringArray{
    						pulumi.String("X-My-Header-Field"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            EnableCdn = true,
            CdnPolicy = new Gcp.Compute.Inputs.BackendServiceCdnPolicyArgs
            {
                CacheMode = "USE_ORIGIN_HEADERS",
                CacheKeyPolicy = new Gcp.Compute.Inputs.BackendServiceCdnPolicyCacheKeyPolicyArgs
                {
                    IncludeHost = true,
                    IncludeProtocol = true,
                    IncludeQueryString = true,
                    IncludeHttpHeaders = new[]
                    {
                        "X-My-Header-Field",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceCdnPolicyArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceCdnPolicyCacheKeyPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .enableCdn(true)
                .cdnPolicy(BackendServiceCdnPolicyArgs.builder()
                    .cacheMode("USE_ORIGIN_HEADERS")
                    .cacheKeyPolicy(BackendServiceCdnPolicyCacheKeyPolicyArgs.builder()
                        .includeHost(true)
                        .includeProtocol(true)
                        .includeQueryString(true)
                        .includeHttpHeaders("X-My-Header-Field")
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          enableCdn: true
          cdnPolicy:
            cacheMode: USE_ORIGIN_HEADERS
            cacheKeyPolicy:
              includeHost: true
              includeProtocol: true
              includeQueryString: true
              includeHttpHeaders:
                - X-My-Header-Field
    

    Backend Service Cache Include Named Cookies

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        enableCdn: true,
        cdnPolicy: {
            cacheMode: "CACHE_ALL_STATIC",
            defaultTtl: 3600,
            clientTtl: 7200,
            maxTtl: 10800,
            cacheKeyPolicy: {
                includeHost: true,
                includeProtocol: true,
                includeQueryString: true,
                includeNamedCookies: [
                    "__next_preview_data",
                    "__prerender_bypass",
                ],
            },
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    default = gcp.compute.BackendService("default",
        name="backend-service",
        enable_cdn=True,
        cdn_policy={
            "cache_mode": "CACHE_ALL_STATIC",
            "default_ttl": 3600,
            "client_ttl": 7200,
            "max_ttl": 10800,
            "cache_key_policy": {
                "include_host": True,
                "include_protocol": True,
                "include_query_string": True,
                "include_named_cookies": [
                    "__next_preview_data",
                    "__prerender_bypass",
                ],
            },
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:      pulumi.String("backend-service"),
    			EnableCdn: pulumi.Bool(true),
    			CdnPolicy: &compute.BackendServiceCdnPolicyArgs{
    				CacheMode:  pulumi.String("CACHE_ALL_STATIC"),
    				DefaultTtl: pulumi.Int(3600),
    				ClientTtl:  pulumi.Int(7200),
    				MaxTtl:     pulumi.Int(10800),
    				CacheKeyPolicy: &compute.BackendServiceCdnPolicyCacheKeyPolicyArgs{
    					IncludeHost:        pulumi.Bool(true),
    					IncludeProtocol:    pulumi.Bool(true),
    					IncludeQueryString: pulumi.Bool(true),
    					IncludeNamedCookies: pulumi.StringArray{
    						pulumi.String("__next_preview_data"),
    						pulumi.String("__prerender_bypass"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            EnableCdn = true,
            CdnPolicy = new Gcp.Compute.Inputs.BackendServiceCdnPolicyArgs
            {
                CacheMode = "CACHE_ALL_STATIC",
                DefaultTtl = 3600,
                ClientTtl = 7200,
                MaxTtl = 10800,
                CacheKeyPolicy = new Gcp.Compute.Inputs.BackendServiceCdnPolicyCacheKeyPolicyArgs
                {
                    IncludeHost = true,
                    IncludeProtocol = true,
                    IncludeQueryString = true,
                    IncludeNamedCookies = new[]
                    {
                        "__next_preview_data",
                        "__prerender_bypass",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceCdnPolicyArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceCdnPolicyCacheKeyPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .enableCdn(true)
                .cdnPolicy(BackendServiceCdnPolicyArgs.builder()
                    .cacheMode("CACHE_ALL_STATIC")
                    .defaultTtl(3600)
                    .clientTtl(7200)
                    .maxTtl(10800)
                    .cacheKeyPolicy(BackendServiceCdnPolicyCacheKeyPolicyArgs.builder()
                        .includeHost(true)
                        .includeProtocol(true)
                        .includeQueryString(true)
                        .includeNamedCookies(                    
                            "__next_preview_data",
                            "__prerender_bypass")
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          enableCdn: true
          cdnPolicy:
            cacheMode: CACHE_ALL_STATIC
            defaultTtl: 3600
            clientTtl: 7200
            maxTtl: 10800
            cacheKeyPolicy:
              includeHost: true
              includeProtocol: true
              includeQueryString: true
              includeNamedCookies:
                - __next_preview_data
                - __prerender_bypass
    

    Backend Service Cache

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
        name: "health-check",
        requestPath: "/",
        checkIntervalSec: 1,
        timeoutSec: 1,
    });
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        healthChecks: defaultHttpHealthCheck.id,
        enableCdn: true,
        cdnPolicy: {
            cacheMode: "CACHE_ALL_STATIC",
            defaultTtl: 3600,
            clientTtl: 7200,
            maxTtl: 10800,
            negativeCaching: true,
            signedUrlCacheMaxAgeSec: 7200,
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    default_http_health_check = gcp.compute.HttpHealthCheck("default",
        name="health-check",
        request_path="/",
        check_interval_sec=1,
        timeout_sec=1)
    default = gcp.compute.BackendService("default",
        name="backend-service",
        health_checks=default_http_health_check.id,
        enable_cdn=True,
        cdn_policy={
            "cache_mode": "CACHE_ALL_STATIC",
            "default_ttl": 3600,
            "client_ttl": 7200,
            "max_ttl": 10800,
            "negative_caching": True,
            "signed_url_cache_max_age_sec": 7200,
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
    			Name:             pulumi.String("health-check"),
    			RequestPath:      pulumi.String("/"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:         pulumi.String("backend-service"),
    			HealthChecks: defaultHttpHealthCheck.ID(),
    			EnableCdn:    pulumi.Bool(true),
    			CdnPolicy: &compute.BackendServiceCdnPolicyArgs{
    				CacheMode:               pulumi.String("CACHE_ALL_STATIC"),
    				DefaultTtl:              pulumi.Int(3600),
    				ClientTtl:               pulumi.Int(7200),
    				MaxTtl:                  pulumi.Int(10800),
    				NegativeCaching:         pulumi.Bool(true),
    				SignedUrlCacheMaxAgeSec: pulumi.Int(7200),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
        {
            Name = "health-check",
            RequestPath = "/",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
        });
    
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            HealthChecks = defaultHttpHealthCheck.Id,
            EnableCdn = true,
            CdnPolicy = new Gcp.Compute.Inputs.BackendServiceCdnPolicyArgs
            {
                CacheMode = "CACHE_ALL_STATIC",
                DefaultTtl = 3600,
                ClientTtl = 7200,
                MaxTtl = 10800,
                NegativeCaching = true,
                SignedUrlCacheMaxAgeSec = 7200,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HttpHealthCheck;
    import com.pulumi.gcp.compute.HttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceCdnPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
                .name("health-check")
                .requestPath("/")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .build());
    
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .healthChecks(defaultHttpHealthCheck.id())
                .enableCdn(true)
                .cdnPolicy(BackendServiceCdnPolicyArgs.builder()
                    .cacheMode("CACHE_ALL_STATIC")
                    .defaultTtl(3600)
                    .clientTtl(7200)
                    .maxTtl(10800)
                    .negativeCaching(true)
                    .signedUrlCacheMaxAgeSec(7200)
                    .build())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          healthChecks: ${defaultHttpHealthCheck.id}
          enableCdn: true
          cdnPolicy:
            cacheMode: CACHE_ALL_STATIC
            defaultTtl: 3600
            clientTtl: 7200
            maxTtl: 10800
            negativeCaching: true
            signedUrlCacheMaxAgeSec: 7200
      defaultHttpHealthCheck:
        type: gcp:compute:HttpHealthCheck
        name: default
        properties:
          name: health-check
          requestPath: /
          checkIntervalSec: 1
          timeoutSec: 1
    

    Backend Service Cache Bypass Cache On Request Headers

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
        name: "health-check",
        requestPath: "/",
        checkIntervalSec: 1,
        timeoutSec: 1,
    });
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        healthChecks: defaultHttpHealthCheck.id,
        enableCdn: true,
        cdnPolicy: {
            cacheMode: "CACHE_ALL_STATIC",
            defaultTtl: 3600,
            clientTtl: 7200,
            maxTtl: 10800,
            negativeCaching: true,
            signedUrlCacheMaxAgeSec: 7200,
            bypassCacheOnRequestHeaders: [
                {
                    headerName: "Authorization",
                },
                {
                    headerName: "Proxy-Authorization",
                },
            ],
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    default_http_health_check = gcp.compute.HttpHealthCheck("default",
        name="health-check",
        request_path="/",
        check_interval_sec=1,
        timeout_sec=1)
    default = gcp.compute.BackendService("default",
        name="backend-service",
        health_checks=default_http_health_check.id,
        enable_cdn=True,
        cdn_policy={
            "cache_mode": "CACHE_ALL_STATIC",
            "default_ttl": 3600,
            "client_ttl": 7200,
            "max_ttl": 10800,
            "negative_caching": True,
            "signed_url_cache_max_age_sec": 7200,
            "bypass_cache_on_request_headers": [
                {
                    "header_name": "Authorization",
                },
                {
                    "header_name": "Proxy-Authorization",
                },
            ],
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
    			Name:             pulumi.String("health-check"),
    			RequestPath:      pulumi.String("/"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:         pulumi.String("backend-service"),
    			HealthChecks: defaultHttpHealthCheck.ID(),
    			EnableCdn:    pulumi.Bool(true),
    			CdnPolicy: &compute.BackendServiceCdnPolicyArgs{
    				CacheMode:               pulumi.String("CACHE_ALL_STATIC"),
    				DefaultTtl:              pulumi.Int(3600),
    				ClientTtl:               pulumi.Int(7200),
    				MaxTtl:                  pulumi.Int(10800),
    				NegativeCaching:         pulumi.Bool(true),
    				SignedUrlCacheMaxAgeSec: pulumi.Int(7200),
    				BypassCacheOnRequestHeaders: compute.BackendServiceCdnPolicyBypassCacheOnRequestHeaderArray{
    					&compute.BackendServiceCdnPolicyBypassCacheOnRequestHeaderArgs{
    						HeaderName: pulumi.String("Authorization"),
    					},
    					&compute.BackendServiceCdnPolicyBypassCacheOnRequestHeaderArgs{
    						HeaderName: pulumi.String("Proxy-Authorization"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
        {
            Name = "health-check",
            RequestPath = "/",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
        });
    
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            HealthChecks = defaultHttpHealthCheck.Id,
            EnableCdn = true,
            CdnPolicy = new Gcp.Compute.Inputs.BackendServiceCdnPolicyArgs
            {
                CacheMode = "CACHE_ALL_STATIC",
                DefaultTtl = 3600,
                ClientTtl = 7200,
                MaxTtl = 10800,
                NegativeCaching = true,
                SignedUrlCacheMaxAgeSec = 7200,
                BypassCacheOnRequestHeaders = new[]
                {
                    new Gcp.Compute.Inputs.BackendServiceCdnPolicyBypassCacheOnRequestHeaderArgs
                    {
                        HeaderName = "Authorization",
                    },
                    new Gcp.Compute.Inputs.BackendServiceCdnPolicyBypassCacheOnRequestHeaderArgs
                    {
                        HeaderName = "Proxy-Authorization",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HttpHealthCheck;
    import com.pulumi.gcp.compute.HttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceCdnPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
                .name("health-check")
                .requestPath("/")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .build());
    
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .healthChecks(defaultHttpHealthCheck.id())
                .enableCdn(true)
                .cdnPolicy(BackendServiceCdnPolicyArgs.builder()
                    .cacheMode("CACHE_ALL_STATIC")
                    .defaultTtl(3600)
                    .clientTtl(7200)
                    .maxTtl(10800)
                    .negativeCaching(true)
                    .signedUrlCacheMaxAgeSec(7200)
                    .bypassCacheOnRequestHeaders(                
                        BackendServiceCdnPolicyBypassCacheOnRequestHeaderArgs.builder()
                            .headerName("Authorization")
                            .build(),
                        BackendServiceCdnPolicyBypassCacheOnRequestHeaderArgs.builder()
                            .headerName("Proxy-Authorization")
                            .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          healthChecks: ${defaultHttpHealthCheck.id}
          enableCdn: true
          cdnPolicy:
            cacheMode: CACHE_ALL_STATIC
            defaultTtl: 3600
            clientTtl: 7200
            maxTtl: 10800
            negativeCaching: true
            signedUrlCacheMaxAgeSec: 7200
            bypassCacheOnRequestHeaders:
              - headerName: Authorization
              - headerName: Proxy-Authorization
      defaultHttpHealthCheck:
        type: gcp:compute:HttpHealthCheck
        name: default
        properties:
          name: health-check
          requestPath: /
          checkIntervalSec: 1
          timeoutSec: 1
    

    Backend Service Traffic Director Round Robin

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const healthCheck = new gcp.compute.HealthCheck("health_check", {
        name: "health-check",
        httpHealthCheck: {
            port: 80,
        },
    });
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        healthChecks: healthCheck.id,
        loadBalancingScheme: "INTERNAL_SELF_MANAGED",
        localityLbPolicy: "ROUND_ROBIN",
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    health_check = gcp.compute.HealthCheck("health_check",
        name="health-check",
        http_health_check={
            "port": 80,
        })
    default = gcp.compute.BackendService("default",
        name="backend-service",
        health_checks=health_check.id,
        load_balancing_scheme="INTERNAL_SELF_MANAGED",
        locality_lb_policy="ROUND_ROBIN")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		healthCheck, err := compute.NewHealthCheck(ctx, "health_check", &compute.HealthCheckArgs{
    			Name: pulumi.String("health-check"),
    			HttpHealthCheck: &compute.HealthCheckHttpHealthCheckArgs{
    				Port: pulumi.Int(80),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:                pulumi.String("backend-service"),
    			HealthChecks:        healthCheck.ID(),
    			LoadBalancingScheme: pulumi.String("INTERNAL_SELF_MANAGED"),
    			LocalityLbPolicy:    pulumi.String("ROUND_ROBIN"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var healthCheck = new Gcp.Compute.HealthCheck("health_check", new()
        {
            Name = "health-check",
            HttpHealthCheck = new Gcp.Compute.Inputs.HealthCheckHttpHealthCheckArgs
            {
                Port = 80,
            },
        });
    
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            HealthChecks = healthCheck.Id,
            LoadBalancingScheme = "INTERNAL_SELF_MANAGED",
            LocalityLbPolicy = "ROUND_ROBIN",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckHttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var healthCheck = new HealthCheck("healthCheck", HealthCheckArgs.builder()
                .name("health-check")
                .httpHealthCheck(HealthCheckHttpHealthCheckArgs.builder()
                    .port(80)
                    .build())
                .build());
    
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .healthChecks(healthCheck.id())
                .loadBalancingScheme("INTERNAL_SELF_MANAGED")
                .localityLbPolicy("ROUND_ROBIN")
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          healthChecks: ${healthCheck.id}
          loadBalancingScheme: INTERNAL_SELF_MANAGED
          localityLbPolicy: ROUND_ROBIN
      healthCheck:
        type: gcp:compute:HealthCheck
        name: health_check
        properties:
          name: health-check
          httpHealthCheck:
            port: 80
    

    Backend Service Traffic Director Ring Hash

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const healthCheck = new gcp.compute.HealthCheck("health_check", {
        name: "health-check",
        httpHealthCheck: {
            port: 80,
        },
    });
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        healthChecks: healthCheck.id,
        loadBalancingScheme: "INTERNAL_SELF_MANAGED",
        localityLbPolicy: "RING_HASH",
        sessionAffinity: "HTTP_COOKIE",
        circuitBreakers: {
            maxConnections: 10,
        },
        consistentHash: {
            httpCookie: {
                ttl: {
                    seconds: 11,
                    nanos: 1111,
                },
                name: "mycookie",
            },
        },
        outlierDetection: {
            consecutiveErrors: 2,
            consecutiveGatewayFailure: 5,
            enforcingConsecutiveErrors: 100,
            enforcingConsecutiveGatewayFailure: 0,
            enforcingSuccessRate: 100,
            maxEjectionPercent: 10,
            successRateMinimumHosts: 5,
            successRateRequestVolume: 100,
            successRateStdevFactor: 1900,
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    health_check = gcp.compute.HealthCheck("health_check",
        name="health-check",
        http_health_check={
            "port": 80,
        })
    default = gcp.compute.BackendService("default",
        name="backend-service",
        health_checks=health_check.id,
        load_balancing_scheme="INTERNAL_SELF_MANAGED",
        locality_lb_policy="RING_HASH",
        session_affinity="HTTP_COOKIE",
        circuit_breakers={
            "max_connections": 10,
        },
        consistent_hash={
            "http_cookie": {
                "ttl": {
                    "seconds": 11,
                    "nanos": 1111,
                },
                "name": "mycookie",
            },
        },
        outlier_detection={
            "consecutive_errors": 2,
            "consecutive_gateway_failure": 5,
            "enforcing_consecutive_errors": 100,
            "enforcing_consecutive_gateway_failure": 0,
            "enforcing_success_rate": 100,
            "max_ejection_percent": 10,
            "success_rate_minimum_hosts": 5,
            "success_rate_request_volume": 100,
            "success_rate_stdev_factor": 1900,
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		healthCheck, err := compute.NewHealthCheck(ctx, "health_check", &compute.HealthCheckArgs{
    			Name: pulumi.String("health-check"),
    			HttpHealthCheck: &compute.HealthCheckHttpHealthCheckArgs{
    				Port: pulumi.Int(80),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:                pulumi.String("backend-service"),
    			HealthChecks:        healthCheck.ID(),
    			LoadBalancingScheme: pulumi.String("INTERNAL_SELF_MANAGED"),
    			LocalityLbPolicy:    pulumi.String("RING_HASH"),
    			SessionAffinity:     pulumi.String("HTTP_COOKIE"),
    			CircuitBreakers: &compute.BackendServiceCircuitBreakersArgs{
    				MaxConnections: pulumi.Int(10),
    			},
    			ConsistentHash: &compute.BackendServiceConsistentHashArgs{
    				HttpCookie: &compute.BackendServiceConsistentHashHttpCookieArgs{
    					Ttl: &compute.BackendServiceConsistentHashHttpCookieTtlArgs{
    						Seconds: pulumi.Int(11),
    						Nanos:   pulumi.Int(1111),
    					},
    					Name: pulumi.String("mycookie"),
    				},
    			},
    			OutlierDetection: &compute.BackendServiceOutlierDetectionArgs{
    				ConsecutiveErrors:                  pulumi.Int(2),
    				ConsecutiveGatewayFailure:          pulumi.Int(5),
    				EnforcingConsecutiveErrors:         pulumi.Int(100),
    				EnforcingConsecutiveGatewayFailure: pulumi.Int(0),
    				EnforcingSuccessRate:               pulumi.Int(100),
    				MaxEjectionPercent:                 pulumi.Int(10),
    				SuccessRateMinimumHosts:            pulumi.Int(5),
    				SuccessRateRequestVolume:           pulumi.Int(100),
    				SuccessRateStdevFactor:             pulumi.Int(1900),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var healthCheck = new Gcp.Compute.HealthCheck("health_check", new()
        {
            Name = "health-check",
            HttpHealthCheck = new Gcp.Compute.Inputs.HealthCheckHttpHealthCheckArgs
            {
                Port = 80,
            },
        });
    
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            HealthChecks = healthCheck.Id,
            LoadBalancingScheme = "INTERNAL_SELF_MANAGED",
            LocalityLbPolicy = "RING_HASH",
            SessionAffinity = "HTTP_COOKIE",
            CircuitBreakers = new Gcp.Compute.Inputs.BackendServiceCircuitBreakersArgs
            {
                MaxConnections = 10,
            },
            ConsistentHash = new Gcp.Compute.Inputs.BackendServiceConsistentHashArgs
            {
                HttpCookie = new Gcp.Compute.Inputs.BackendServiceConsistentHashHttpCookieArgs
                {
                    Ttl = new Gcp.Compute.Inputs.BackendServiceConsistentHashHttpCookieTtlArgs
                    {
                        Seconds = 11,
                        Nanos = 1111,
                    },
                    Name = "mycookie",
                },
            },
            OutlierDetection = new Gcp.Compute.Inputs.BackendServiceOutlierDetectionArgs
            {
                ConsecutiveErrors = 2,
                ConsecutiveGatewayFailure = 5,
                EnforcingConsecutiveErrors = 100,
                EnforcingConsecutiveGatewayFailure = 0,
                EnforcingSuccessRate = 100,
                MaxEjectionPercent = 10,
                SuccessRateMinimumHosts = 5,
                SuccessRateRequestVolume = 100,
                SuccessRateStdevFactor = 1900,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckHttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceCircuitBreakersArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceConsistentHashArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceConsistentHashHttpCookieArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceConsistentHashHttpCookieTtlArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceOutlierDetectionArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var healthCheck = new HealthCheck("healthCheck", HealthCheckArgs.builder()
                .name("health-check")
                .httpHealthCheck(HealthCheckHttpHealthCheckArgs.builder()
                    .port(80)
                    .build())
                .build());
    
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .healthChecks(healthCheck.id())
                .loadBalancingScheme("INTERNAL_SELF_MANAGED")
                .localityLbPolicy("RING_HASH")
                .sessionAffinity("HTTP_COOKIE")
                .circuitBreakers(BackendServiceCircuitBreakersArgs.builder()
                    .maxConnections(10)
                    .build())
                .consistentHash(BackendServiceConsistentHashArgs.builder()
                    .httpCookie(BackendServiceConsistentHashHttpCookieArgs.builder()
                        .ttl(BackendServiceConsistentHashHttpCookieTtlArgs.builder()
                            .seconds(11)
                            .nanos(1111)
                            .build())
                        .name("mycookie")
                        .build())
                    .build())
                .outlierDetection(BackendServiceOutlierDetectionArgs.builder()
                    .consecutiveErrors(2)
                    .consecutiveGatewayFailure(5)
                    .enforcingConsecutiveErrors(100)
                    .enforcingConsecutiveGatewayFailure(0)
                    .enforcingSuccessRate(100)
                    .maxEjectionPercent(10)
                    .successRateMinimumHosts(5)
                    .successRateRequestVolume(100)
                    .successRateStdevFactor(1900)
                    .build())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          healthChecks: ${healthCheck.id}
          loadBalancingScheme: INTERNAL_SELF_MANAGED
          localityLbPolicy: RING_HASH
          sessionAffinity: HTTP_COOKIE
          circuitBreakers:
            maxConnections: 10
          consistentHash:
            httpCookie:
              ttl:
                seconds: 11
                nanos: 1111
              name: mycookie
          outlierDetection:
            consecutiveErrors: 2
            consecutiveGatewayFailure: 5
            enforcingConsecutiveErrors: 100
            enforcingConsecutiveGatewayFailure: 0
            enforcingSuccessRate: 100
            maxEjectionPercent: 10
            successRateMinimumHosts: 5
            successRateRequestVolume: 100
            successRateStdevFactor: 1900
      healthCheck:
        type: gcp:compute:HealthCheck
        name: health_check
        properties:
          name: health-check
          httpHealthCheck:
            port: 80
    

    Backend Service Stateful Session Affinity

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const healthCheck = new gcp.compute.HealthCheck("health_check", {
        name: "health-check",
        httpHealthCheck: {
            port: 80,
        },
    });
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        healthChecks: healthCheck.id,
        loadBalancingScheme: "EXTERNAL_MANAGED",
        localityLbPolicy: "RING_HASH",
        sessionAffinity: "STRONG_COOKIE_AFFINITY",
        strongSessionAffinityCookie: {
            ttl: {
                seconds: 11,
                nanos: 1111,
            },
            name: "mycookie",
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    health_check = gcp.compute.HealthCheck("health_check",
        name="health-check",
        http_health_check={
            "port": 80,
        })
    default = gcp.compute.BackendService("default",
        name="backend-service",
        health_checks=health_check.id,
        load_balancing_scheme="EXTERNAL_MANAGED",
        locality_lb_policy="RING_HASH",
        session_affinity="STRONG_COOKIE_AFFINITY",
        strong_session_affinity_cookie={
            "ttl": {
                "seconds": 11,
                "nanos": 1111,
            },
            "name": "mycookie",
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		healthCheck, err := compute.NewHealthCheck(ctx, "health_check", &compute.HealthCheckArgs{
    			Name: pulumi.String("health-check"),
    			HttpHealthCheck: &compute.HealthCheckHttpHealthCheckArgs{
    				Port: pulumi.Int(80),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:                pulumi.String("backend-service"),
    			HealthChecks:        healthCheck.ID(),
    			LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"),
    			LocalityLbPolicy:    pulumi.String("RING_HASH"),
    			SessionAffinity:     pulumi.String("STRONG_COOKIE_AFFINITY"),
    			StrongSessionAffinityCookie: &compute.BackendServiceStrongSessionAffinityCookieArgs{
    				Ttl: &compute.BackendServiceStrongSessionAffinityCookieTtlArgs{
    					Seconds: pulumi.Int(11),
    					Nanos:   pulumi.Int(1111),
    				},
    				Name: pulumi.String("mycookie"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var healthCheck = new Gcp.Compute.HealthCheck("health_check", new()
        {
            Name = "health-check",
            HttpHealthCheck = new Gcp.Compute.Inputs.HealthCheckHttpHealthCheckArgs
            {
                Port = 80,
            },
        });
    
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            HealthChecks = healthCheck.Id,
            LoadBalancingScheme = "EXTERNAL_MANAGED",
            LocalityLbPolicy = "RING_HASH",
            SessionAffinity = "STRONG_COOKIE_AFFINITY",
            StrongSessionAffinityCookie = new Gcp.Compute.Inputs.BackendServiceStrongSessionAffinityCookieArgs
            {
                Ttl = new Gcp.Compute.Inputs.BackendServiceStrongSessionAffinityCookieTtlArgs
                {
                    Seconds = 11,
                    Nanos = 1111,
                },
                Name = "mycookie",
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckHttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceStrongSessionAffinityCookieArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceStrongSessionAffinityCookieTtlArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var healthCheck = new HealthCheck("healthCheck", HealthCheckArgs.builder()
                .name("health-check")
                .httpHealthCheck(HealthCheckHttpHealthCheckArgs.builder()
                    .port(80)
                    .build())
                .build());
    
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .healthChecks(healthCheck.id())
                .loadBalancingScheme("EXTERNAL_MANAGED")
                .localityLbPolicy("RING_HASH")
                .sessionAffinity("STRONG_COOKIE_AFFINITY")
                .strongSessionAffinityCookie(BackendServiceStrongSessionAffinityCookieArgs.builder()
                    .ttl(BackendServiceStrongSessionAffinityCookieTtlArgs.builder()
                        .seconds(11)
                        .nanos(1111)
                        .build())
                    .name("mycookie")
                    .build())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          healthChecks: ${healthCheck.id}
          loadBalancingScheme: EXTERNAL_MANAGED
          localityLbPolicy: RING_HASH
          sessionAffinity: STRONG_COOKIE_AFFINITY
          strongSessionAffinityCookie:
            ttl:
              seconds: 11
              nanos: 1111
            name: mycookie
      healthCheck:
        type: gcp:compute:HealthCheck
        name: health_check
        properties:
          name: health-check
          httpHealthCheck:
            port: 80
    

    Backend Service Network Endpoint

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const externalProxy = new gcp.compute.GlobalNetworkEndpointGroup("external_proxy", {
        name: "network-endpoint",
        networkEndpointType: "INTERNET_FQDN_PORT",
        defaultPort: 443,
    });
    const proxy = new gcp.compute.GlobalNetworkEndpoint("proxy", {
        globalNetworkEndpointGroup: externalProxy.id,
        fqdn: "test.example.com",
        port: externalProxy.defaultPort,
    });
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        enableCdn: true,
        timeoutSec: 10,
        connectionDrainingTimeoutSec: 10,
        customRequestHeaders: [proxy.fqdn.apply(fqdn => `host: ${fqdn}`)],
        customResponseHeaders: ["X-Cache-Hit: {cdn_cache_status}"],
        backends: [{
            group: externalProxy.id,
        }],
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    external_proxy = gcp.compute.GlobalNetworkEndpointGroup("external_proxy",
        name="network-endpoint",
        network_endpoint_type="INTERNET_FQDN_PORT",
        default_port=443)
    proxy = gcp.compute.GlobalNetworkEndpoint("proxy",
        global_network_endpoint_group=external_proxy.id,
        fqdn="test.example.com",
        port=external_proxy.default_port)
    default = gcp.compute.BackendService("default",
        name="backend-service",
        enable_cdn=True,
        timeout_sec=10,
        connection_draining_timeout_sec=10,
        custom_request_headers=[proxy.fqdn.apply(lambda fqdn: f"host: {fqdn}")],
        custom_response_headers=["X-Cache-Hit: {cdn_cache_status}"],
        backends=[{
            "group": external_proxy.id,
        }])
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		externalProxy, err := compute.NewGlobalNetworkEndpointGroup(ctx, "external_proxy", &compute.GlobalNetworkEndpointGroupArgs{
    			Name:                pulumi.String("network-endpoint"),
    			NetworkEndpointType: pulumi.String("INTERNET_FQDN_PORT"),
    			DefaultPort:         pulumi.Int(443),
    		})
    		if err != nil {
    			return err
    		}
    		proxy, err := compute.NewGlobalNetworkEndpoint(ctx, "proxy", &compute.GlobalNetworkEndpointArgs{
    			GlobalNetworkEndpointGroup: externalProxy.ID(),
    			Fqdn:                       pulumi.String("test.example.com"),
    			Port:                       externalProxy.DefaultPort,
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:                         pulumi.String("backend-service"),
    			EnableCdn:                    pulumi.Bool(true),
    			TimeoutSec:                   pulumi.Int(10),
    			ConnectionDrainingTimeoutSec: pulumi.Int(10),
    			CustomRequestHeaders: pulumi.StringArray{
    				proxy.Fqdn.ApplyT(func(fqdn *string) (string, error) {
    					return fmt.Sprintf("host: %v", fqdn), nil
    				}).(pulumi.StringOutput),
    			},
    			CustomResponseHeaders: pulumi.StringArray{
    				pulumi.String("X-Cache-Hit: {cdn_cache_status}"),
    			},
    			Backends: compute.BackendServiceBackendArray{
    				&compute.BackendServiceBackendArgs{
    					Group: externalProxy.ID(),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var externalProxy = new Gcp.Compute.GlobalNetworkEndpointGroup("external_proxy", new()
        {
            Name = "network-endpoint",
            NetworkEndpointType = "INTERNET_FQDN_PORT",
            DefaultPort = 443,
        });
    
        var proxy = new Gcp.Compute.GlobalNetworkEndpoint("proxy", new()
        {
            GlobalNetworkEndpointGroup = externalProxy.Id,
            Fqdn = "test.example.com",
            Port = externalProxy.DefaultPort,
        });
    
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            EnableCdn = true,
            TimeoutSec = 10,
            ConnectionDrainingTimeoutSec = 10,
            CustomRequestHeaders = new[]
            {
                proxy.Fqdn.Apply(fqdn => $"host: {fqdn}"),
            },
            CustomResponseHeaders = new[]
            {
                "X-Cache-Hit: {cdn_cache_status}",
            },
            Backends = new[]
            {
                new Gcp.Compute.Inputs.BackendServiceBackendArgs
                {
                    Group = externalProxy.Id,
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.GlobalNetworkEndpointGroup;
    import com.pulumi.gcp.compute.GlobalNetworkEndpointGroupArgs;
    import com.pulumi.gcp.compute.GlobalNetworkEndpoint;
    import com.pulumi.gcp.compute.GlobalNetworkEndpointArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.inputs.BackendServiceBackendArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var externalProxy = new GlobalNetworkEndpointGroup("externalProxy", GlobalNetworkEndpointGroupArgs.builder()
                .name("network-endpoint")
                .networkEndpointType("INTERNET_FQDN_PORT")
                .defaultPort("443")
                .build());
    
            var proxy = new GlobalNetworkEndpoint("proxy", GlobalNetworkEndpointArgs.builder()
                .globalNetworkEndpointGroup(externalProxy.id())
                .fqdn("test.example.com")
                .port(externalProxy.defaultPort())
                .build());
    
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .enableCdn(true)
                .timeoutSec(10)
                .connectionDrainingTimeoutSec(10)
                .customRequestHeaders(proxy.fqdn().applyValue(fqdn -> String.format("host: %s", fqdn)))
                .customResponseHeaders("X-Cache-Hit: {cdn_cache_status}")
                .backends(BackendServiceBackendArgs.builder()
                    .group(externalProxy.id())
                    .build())
                .build());
    
        }
    }
    
    resources:
      externalProxy:
        type: gcp:compute:GlobalNetworkEndpointGroup
        name: external_proxy
        properties:
          name: network-endpoint
          networkEndpointType: INTERNET_FQDN_PORT
          defaultPort: '443'
      proxy:
        type: gcp:compute:GlobalNetworkEndpoint
        properties:
          globalNetworkEndpointGroup: ${externalProxy.id}
          fqdn: test.example.com
          port: ${externalProxy.defaultPort}
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          enableCdn: true
          timeoutSec: 10
          connectionDrainingTimeoutSec: 10
          customRequestHeaders:
            - 'host: ${proxy.fqdn}'
          customResponseHeaders:
            - 'X-Cache-Hit: {cdn_cache_status}'
          backends:
            - group: ${externalProxy.id}
    

    Backend Service External Managed

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const defaultHealthCheck = new gcp.compute.HealthCheck("default", {
        name: "health-check",
        httpHealthCheck: {
            port: 80,
        },
    });
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        healthChecks: defaultHealthCheck.id,
        loadBalancingScheme: "EXTERNAL_MANAGED",
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    default_health_check = gcp.compute.HealthCheck("default",
        name="health-check",
        http_health_check={
            "port": 80,
        })
    default = gcp.compute.BackendService("default",
        name="backend-service",
        health_checks=default_health_check.id,
        load_balancing_scheme="EXTERNAL_MANAGED")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		defaultHealthCheck, err := compute.NewHealthCheck(ctx, "default", &compute.HealthCheckArgs{
    			Name: pulumi.String("health-check"),
    			HttpHealthCheck: &compute.HealthCheckHttpHealthCheckArgs{
    				Port: pulumi.Int(80),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:                pulumi.String("backend-service"),
    			HealthChecks:        defaultHealthCheck.ID(),
    			LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var defaultHealthCheck = new Gcp.Compute.HealthCheck("default", new()
        {
            Name = "health-check",
            HttpHealthCheck = new Gcp.Compute.Inputs.HealthCheckHttpHealthCheckArgs
            {
                Port = 80,
            },
        });
    
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            HealthChecks = defaultHealthCheck.Id,
            LoadBalancingScheme = "EXTERNAL_MANAGED",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.HealthCheck;
    import com.pulumi.gcp.compute.HealthCheckArgs;
    import com.pulumi.gcp.compute.inputs.HealthCheckHttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultHealthCheck = new HealthCheck("defaultHealthCheck", HealthCheckArgs.builder()
                .name("health-check")
                .httpHealthCheck(HealthCheckHttpHealthCheckArgs.builder()
                    .port(80)
                    .build())
                .build());
    
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .healthChecks(defaultHealthCheck.id())
                .loadBalancingScheme("EXTERNAL_MANAGED")
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          healthChecks: ${defaultHealthCheck.id}
          loadBalancingScheme: EXTERNAL_MANAGED
      defaultHealthCheck:
        type: gcp:compute:HealthCheck
        name: default
        properties:
          name: health-check
          httpHealthCheck:
            port: 80
    

    Backend Service Ip Address Selection Policy

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const _default = new gcp.compute.BackendService("default", {
        name: "backend-service",
        loadBalancingScheme: "EXTERNAL_MANAGED",
        ipAddressSelectionPolicy: "IPV6_ONLY",
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    default = gcp.compute.BackendService("default",
        name="backend-service",
        load_balancing_scheme="EXTERNAL_MANAGED",
        ip_address_selection_policy="IPV6_ONLY")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:                     pulumi.String("backend-service"),
    			LoadBalancingScheme:      pulumi.String("EXTERNAL_MANAGED"),
    			IpAddressSelectionPolicy: pulumi.String("IPV6_ONLY"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var @default = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            LoadBalancingScheme = "EXTERNAL_MANAGED",
            IpAddressSelectionPolicy = "IPV6_ONLY",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var default_ = new BackendService("default", BackendServiceArgs.builder()
                .name("backend-service")
                .loadBalancingScheme("EXTERNAL_MANAGED")
                .ipAddressSelectionPolicy("IPV6_ONLY")
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:BackendService
        properties:
          name: backend-service
          loadBalancingScheme: EXTERNAL_MANAGED
          ipAddressSelectionPolicy: IPV6_ONLY
    

    Create BackendService Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new BackendService(name: string, args?: BackendServiceArgs, opts?: CustomResourceOptions);
    @overload
    def BackendService(resource_name: str,
                       args: Optional[BackendServiceArgs] = None,
                       opts: Optional[ResourceOptions] = None)
    
    @overload
    def BackendService(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       affinity_cookie_ttl_sec: Optional[int] = None,
                       backends: Optional[Sequence[BackendServiceBackendArgs]] = None,
                       cdn_policy: Optional[BackendServiceCdnPolicyArgs] = None,
                       circuit_breakers: Optional[BackendServiceCircuitBreakersArgs] = None,
                       compression_mode: Optional[str] = None,
                       connection_draining_timeout_sec: Optional[int] = None,
                       consistent_hash: Optional[BackendServiceConsistentHashArgs] = None,
                       custom_request_headers: Optional[Sequence[str]] = None,
                       custom_response_headers: Optional[Sequence[str]] = None,
                       description: Optional[str] = None,
                       edge_security_policy: Optional[str] = None,
                       enable_cdn: Optional[bool] = None,
                       health_checks: Optional[str] = None,
                       iap: Optional[BackendServiceIapArgs] = None,
                       ip_address_selection_policy: Optional[str] = None,
                       load_balancing_scheme: Optional[str] = None,
                       locality_lb_policies: Optional[Sequence[BackendServiceLocalityLbPolicyArgs]] = None,
                       locality_lb_policy: Optional[str] = None,
                       log_config: Optional[BackendServiceLogConfigArgs] = None,
                       name: Optional[str] = None,
                       outlier_detection: Optional[BackendServiceOutlierDetectionArgs] = None,
                       port_name: Optional[str] = None,
                       project: Optional[str] = None,
                       protocol: Optional[str] = None,
                       security_policy: Optional[str] = None,
                       security_settings: Optional[BackendServiceSecuritySettingsArgs] = None,
                       service_lb_policy: Optional[str] = None,
                       session_affinity: Optional[str] = None,
                       strong_session_affinity_cookie: Optional[BackendServiceStrongSessionAffinityCookieArgs] = None,
                       timeout_sec: Optional[int] = None)
    func NewBackendService(ctx *Context, name string, args *BackendServiceArgs, opts ...ResourceOption) (*BackendService, error)
    public BackendService(string name, BackendServiceArgs? args = null, CustomResourceOptions? opts = null)
    public BackendService(String name, BackendServiceArgs args)
    public BackendService(String name, BackendServiceArgs args, CustomResourceOptions options)
    
    type: gcp:compute:BackendService
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args BackendServiceArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args BackendServiceArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args BackendServiceArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args BackendServiceArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args BackendServiceArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var backendServiceResource = new Gcp.Compute.BackendService("backendServiceResource", new()
    {
        AffinityCookieTtlSec = 0,
        Backends = new[]
        {
            new Gcp.Compute.Inputs.BackendServiceBackendArgs
            {
                Group = "string",
                BalancingMode = "string",
                CapacityScaler = 0,
                Description = "string",
                MaxConnections = 0,
                MaxConnectionsPerEndpoint = 0,
                MaxConnectionsPerInstance = 0,
                MaxRate = 0,
                MaxRatePerEndpoint = 0,
                MaxRatePerInstance = 0,
                MaxUtilization = 0,
            },
        },
        CdnPolicy = new Gcp.Compute.Inputs.BackendServiceCdnPolicyArgs
        {
            BypassCacheOnRequestHeaders = new[]
            {
                new Gcp.Compute.Inputs.BackendServiceCdnPolicyBypassCacheOnRequestHeaderArgs
                {
                    HeaderName = "string",
                },
            },
            CacheKeyPolicy = new Gcp.Compute.Inputs.BackendServiceCdnPolicyCacheKeyPolicyArgs
            {
                IncludeHost = false,
                IncludeHttpHeaders = new[]
                {
                    "string",
                },
                IncludeNamedCookies = new[]
                {
                    "string",
                },
                IncludeProtocol = false,
                IncludeQueryString = false,
                QueryStringBlacklists = new[]
                {
                    "string",
                },
                QueryStringWhitelists = new[]
                {
                    "string",
                },
            },
            CacheMode = "string",
            ClientTtl = 0,
            DefaultTtl = 0,
            MaxTtl = 0,
            NegativeCaching = false,
            NegativeCachingPolicies = new[]
            {
                new Gcp.Compute.Inputs.BackendServiceCdnPolicyNegativeCachingPolicyArgs
                {
                    Code = 0,
                    Ttl = 0,
                },
            },
            ServeWhileStale = 0,
            SignedUrlCacheMaxAgeSec = 0,
        },
        CircuitBreakers = new Gcp.Compute.Inputs.BackendServiceCircuitBreakersArgs
        {
            ConnectTimeout = new Gcp.Compute.Inputs.BackendServiceCircuitBreakersConnectTimeoutArgs
            {
                Seconds = 0,
                Nanos = 0,
            },
            MaxConnections = 0,
            MaxPendingRequests = 0,
            MaxRequests = 0,
            MaxRequestsPerConnection = 0,
            MaxRetries = 0,
        },
        CompressionMode = "string",
        ConnectionDrainingTimeoutSec = 0,
        ConsistentHash = new Gcp.Compute.Inputs.BackendServiceConsistentHashArgs
        {
            HttpCookie = new Gcp.Compute.Inputs.BackendServiceConsistentHashHttpCookieArgs
            {
                Name = "string",
                Path = "string",
                Ttl = new Gcp.Compute.Inputs.BackendServiceConsistentHashHttpCookieTtlArgs
                {
                    Seconds = 0,
                    Nanos = 0,
                },
            },
            HttpHeaderName = "string",
            MinimumRingSize = 0,
        },
        CustomRequestHeaders = new[]
        {
            "string",
        },
        CustomResponseHeaders = new[]
        {
            "string",
        },
        Description = "string",
        EdgeSecurityPolicy = "string",
        EnableCdn = false,
        HealthChecks = "string",
        Iap = new Gcp.Compute.Inputs.BackendServiceIapArgs
        {
            Enabled = false,
            Oauth2ClientId = "string",
            Oauth2ClientSecret = "string",
            Oauth2ClientSecretSha256 = "string",
        },
        IpAddressSelectionPolicy = "string",
        LoadBalancingScheme = "string",
        LocalityLbPolicies = new[]
        {
            new Gcp.Compute.Inputs.BackendServiceLocalityLbPolicyArgs
            {
                CustomPolicy = new Gcp.Compute.Inputs.BackendServiceLocalityLbPolicyCustomPolicyArgs
                {
                    Name = "string",
                    Data = "string",
                },
                Policy = new Gcp.Compute.Inputs.BackendServiceLocalityLbPolicyPolicyArgs
                {
                    Name = "string",
                },
            },
        },
        LocalityLbPolicy = "string",
        LogConfig = new Gcp.Compute.Inputs.BackendServiceLogConfigArgs
        {
            Enable = false,
            SampleRate = 0,
        },
        Name = "string",
        OutlierDetection = new Gcp.Compute.Inputs.BackendServiceOutlierDetectionArgs
        {
            BaseEjectionTime = new Gcp.Compute.Inputs.BackendServiceOutlierDetectionBaseEjectionTimeArgs
            {
                Seconds = 0,
                Nanos = 0,
            },
            ConsecutiveErrors = 0,
            ConsecutiveGatewayFailure = 0,
            EnforcingConsecutiveErrors = 0,
            EnforcingConsecutiveGatewayFailure = 0,
            EnforcingSuccessRate = 0,
            Interval = new Gcp.Compute.Inputs.BackendServiceOutlierDetectionIntervalArgs
            {
                Seconds = 0,
                Nanos = 0,
            },
            MaxEjectionPercent = 0,
            SuccessRateMinimumHosts = 0,
            SuccessRateRequestVolume = 0,
            SuccessRateStdevFactor = 0,
        },
        PortName = "string",
        Project = "string",
        Protocol = "string",
        SecurityPolicy = "string",
        SecuritySettings = new Gcp.Compute.Inputs.BackendServiceSecuritySettingsArgs
        {
            AwsV4Authentication = new Gcp.Compute.Inputs.BackendServiceSecuritySettingsAwsV4AuthenticationArgs
            {
                AccessKey = "string",
                AccessKeyId = "string",
                AccessKeyVersion = "string",
                OriginRegion = "string",
            },
            ClientTlsPolicy = "string",
            SubjectAltNames = new[]
            {
                "string",
            },
        },
        ServiceLbPolicy = "string",
        SessionAffinity = "string",
        StrongSessionAffinityCookie = new Gcp.Compute.Inputs.BackendServiceStrongSessionAffinityCookieArgs
        {
            Name = "string",
            Path = "string",
            Ttl = new Gcp.Compute.Inputs.BackendServiceStrongSessionAffinityCookieTtlArgs
            {
                Seconds = 0,
                Nanos = 0,
            },
        },
        TimeoutSec = 0,
    });
    
    example, err := compute.NewBackendService(ctx, "backendServiceResource", &compute.BackendServiceArgs{
    	AffinityCookieTtlSec: pulumi.Int(0),
    	Backends: compute.BackendServiceBackendArray{
    		&compute.BackendServiceBackendArgs{
    			Group:                     pulumi.String("string"),
    			BalancingMode:             pulumi.String("string"),
    			CapacityScaler:            pulumi.Float64(0),
    			Description:               pulumi.String("string"),
    			MaxConnections:            pulumi.Int(0),
    			MaxConnectionsPerEndpoint: pulumi.Int(0),
    			MaxConnectionsPerInstance: pulumi.Int(0),
    			MaxRate:                   pulumi.Int(0),
    			MaxRatePerEndpoint:        pulumi.Float64(0),
    			MaxRatePerInstance:        pulumi.Float64(0),
    			MaxUtilization:            pulumi.Float64(0),
    		},
    	},
    	CdnPolicy: &compute.BackendServiceCdnPolicyArgs{
    		BypassCacheOnRequestHeaders: compute.BackendServiceCdnPolicyBypassCacheOnRequestHeaderArray{
    			&compute.BackendServiceCdnPolicyBypassCacheOnRequestHeaderArgs{
    				HeaderName: pulumi.String("string"),
    			},
    		},
    		CacheKeyPolicy: &compute.BackendServiceCdnPolicyCacheKeyPolicyArgs{
    			IncludeHost: pulumi.Bool(false),
    			IncludeHttpHeaders: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			IncludeNamedCookies: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			IncludeProtocol:    pulumi.Bool(false),
    			IncludeQueryString: pulumi.Bool(false),
    			QueryStringBlacklists: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			QueryStringWhitelists: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    		CacheMode:       pulumi.String("string"),
    		ClientTtl:       pulumi.Int(0),
    		DefaultTtl:      pulumi.Int(0),
    		MaxTtl:          pulumi.Int(0),
    		NegativeCaching: pulumi.Bool(false),
    		NegativeCachingPolicies: compute.BackendServiceCdnPolicyNegativeCachingPolicyArray{
    			&compute.BackendServiceCdnPolicyNegativeCachingPolicyArgs{
    				Code: pulumi.Int(0),
    				Ttl:  pulumi.Int(0),
    			},
    		},
    		ServeWhileStale:         pulumi.Int(0),
    		SignedUrlCacheMaxAgeSec: pulumi.Int(0),
    	},
    	CircuitBreakers: &compute.BackendServiceCircuitBreakersArgs{
    		ConnectTimeout: &compute.BackendServiceCircuitBreakersConnectTimeoutArgs{
    			Seconds: pulumi.Int(0),
    			Nanos:   pulumi.Int(0),
    		},
    		MaxConnections:           pulumi.Int(0),
    		MaxPendingRequests:       pulumi.Int(0),
    		MaxRequests:              pulumi.Int(0),
    		MaxRequestsPerConnection: pulumi.Int(0),
    		MaxRetries:               pulumi.Int(0),
    	},
    	CompressionMode:              pulumi.String("string"),
    	ConnectionDrainingTimeoutSec: pulumi.Int(0),
    	ConsistentHash: &compute.BackendServiceConsistentHashArgs{
    		HttpCookie: &compute.BackendServiceConsistentHashHttpCookieArgs{
    			Name: pulumi.String("string"),
    			Path: pulumi.String("string"),
    			Ttl: &compute.BackendServiceConsistentHashHttpCookieTtlArgs{
    				Seconds: pulumi.Int(0),
    				Nanos:   pulumi.Int(0),
    			},
    		},
    		HttpHeaderName:  pulumi.String("string"),
    		MinimumRingSize: pulumi.Int(0),
    	},
    	CustomRequestHeaders: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	CustomResponseHeaders: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Description:        pulumi.String("string"),
    	EdgeSecurityPolicy: pulumi.String("string"),
    	EnableCdn:          pulumi.Bool(false),
    	HealthChecks:       pulumi.String("string"),
    	Iap: &compute.BackendServiceIapArgs{
    		Enabled:                  pulumi.Bool(false),
    		Oauth2ClientId:           pulumi.String("string"),
    		Oauth2ClientSecret:       pulumi.String("string"),
    		Oauth2ClientSecretSha256: pulumi.String("string"),
    	},
    	IpAddressSelectionPolicy: pulumi.String("string"),
    	LoadBalancingScheme:      pulumi.String("string"),
    	LocalityLbPolicies: compute.BackendServiceLocalityLbPolicyArray{
    		&compute.BackendServiceLocalityLbPolicyArgs{
    			CustomPolicy: &compute.BackendServiceLocalityLbPolicyCustomPolicyArgs{
    				Name: pulumi.String("string"),
    				Data: pulumi.String("string"),
    			},
    			Policy: &compute.BackendServiceLocalityLbPolicyPolicyArgs{
    				Name: pulumi.String("string"),
    			},
    		},
    	},
    	LocalityLbPolicy: pulumi.String("string"),
    	LogConfig: &compute.BackendServiceLogConfigArgs{
    		Enable:     pulumi.Bool(false),
    		SampleRate: pulumi.Float64(0),
    	},
    	Name: pulumi.String("string"),
    	OutlierDetection: &compute.BackendServiceOutlierDetectionArgs{
    		BaseEjectionTime: &compute.BackendServiceOutlierDetectionBaseEjectionTimeArgs{
    			Seconds: pulumi.Int(0),
    			Nanos:   pulumi.Int(0),
    		},
    		ConsecutiveErrors:                  pulumi.Int(0),
    		ConsecutiveGatewayFailure:          pulumi.Int(0),
    		EnforcingConsecutiveErrors:         pulumi.Int(0),
    		EnforcingConsecutiveGatewayFailure: pulumi.Int(0),
    		EnforcingSuccessRate:               pulumi.Int(0),
    		Interval: &compute.BackendServiceOutlierDetectionIntervalArgs{
    			Seconds: pulumi.Int(0),
    			Nanos:   pulumi.Int(0),
    		},
    		MaxEjectionPercent:       pulumi.Int(0),
    		SuccessRateMinimumHosts:  pulumi.Int(0),
    		SuccessRateRequestVolume: pulumi.Int(0),
    		SuccessRateStdevFactor:   pulumi.Int(0),
    	},
    	PortName:       pulumi.String("string"),
    	Project:        pulumi.String("string"),
    	Protocol:       pulumi.String("string"),
    	SecurityPolicy: pulumi.String("string"),
    	SecuritySettings: &compute.BackendServiceSecuritySettingsArgs{
    		AwsV4Authentication: &compute.BackendServiceSecuritySettingsAwsV4AuthenticationArgs{
    			AccessKey:        pulumi.String("string"),
    			AccessKeyId:      pulumi.String("string"),
    			AccessKeyVersion: pulumi.String("string"),
    			OriginRegion:     pulumi.String("string"),
    		},
    		ClientTlsPolicy: pulumi.String("string"),
    		SubjectAltNames: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    	ServiceLbPolicy: pulumi.String("string"),
    	SessionAffinity: pulumi.String("string"),
    	StrongSessionAffinityCookie: &compute.BackendServiceStrongSessionAffinityCookieArgs{
    		Name: pulumi.String("string"),
    		Path: pulumi.String("string"),
    		Ttl: &compute.BackendServiceStrongSessionAffinityCookieTtlArgs{
    			Seconds: pulumi.Int(0),
    			Nanos:   pulumi.Int(0),
    		},
    	},
    	TimeoutSec: pulumi.Int(0),
    })
    
    var backendServiceResource = new BackendService("backendServiceResource", BackendServiceArgs.builder()
        .affinityCookieTtlSec(0)
        .backends(BackendServiceBackendArgs.builder()
            .group("string")
            .balancingMode("string")
            .capacityScaler(0)
            .description("string")
            .maxConnections(0)
            .maxConnectionsPerEndpoint(0)
            .maxConnectionsPerInstance(0)
            .maxRate(0)
            .maxRatePerEndpoint(0)
            .maxRatePerInstance(0)
            .maxUtilization(0)
            .build())
        .cdnPolicy(BackendServiceCdnPolicyArgs.builder()
            .bypassCacheOnRequestHeaders(BackendServiceCdnPolicyBypassCacheOnRequestHeaderArgs.builder()
                .headerName("string")
                .build())
            .cacheKeyPolicy(BackendServiceCdnPolicyCacheKeyPolicyArgs.builder()
                .includeHost(false)
                .includeHttpHeaders("string")
                .includeNamedCookies("string")
                .includeProtocol(false)
                .includeQueryString(false)
                .queryStringBlacklists("string")
                .queryStringWhitelists("string")
                .build())
            .cacheMode("string")
            .clientTtl(0)
            .defaultTtl(0)
            .maxTtl(0)
            .negativeCaching(false)
            .negativeCachingPolicies(BackendServiceCdnPolicyNegativeCachingPolicyArgs.builder()
                .code(0)
                .ttl(0)
                .build())
            .serveWhileStale(0)
            .signedUrlCacheMaxAgeSec(0)
            .build())
        .circuitBreakers(BackendServiceCircuitBreakersArgs.builder()
            .connectTimeout(BackendServiceCircuitBreakersConnectTimeoutArgs.builder()
                .seconds(0)
                .nanos(0)
                .build())
            .maxConnections(0)
            .maxPendingRequests(0)
            .maxRequests(0)
            .maxRequestsPerConnection(0)
            .maxRetries(0)
            .build())
        .compressionMode("string")
        .connectionDrainingTimeoutSec(0)
        .consistentHash(BackendServiceConsistentHashArgs.builder()
            .httpCookie(BackendServiceConsistentHashHttpCookieArgs.builder()
                .name("string")
                .path("string")
                .ttl(BackendServiceConsistentHashHttpCookieTtlArgs.builder()
                    .seconds(0)
                    .nanos(0)
                    .build())
                .build())
            .httpHeaderName("string")
            .minimumRingSize(0)
            .build())
        .customRequestHeaders("string")
        .customResponseHeaders("string")
        .description("string")
        .edgeSecurityPolicy("string")
        .enableCdn(false)
        .healthChecks("string")
        .iap(BackendServiceIapArgs.builder()
            .enabled(false)
            .oauth2ClientId("string")
            .oauth2ClientSecret("string")
            .oauth2ClientSecretSha256("string")
            .build())
        .ipAddressSelectionPolicy("string")
        .loadBalancingScheme("string")
        .localityLbPolicies(BackendServiceLocalityLbPolicyArgs.builder()
            .customPolicy(BackendServiceLocalityLbPolicyCustomPolicyArgs.builder()
                .name("string")
                .data("string")
                .build())
            .policy(BackendServiceLocalityLbPolicyPolicyArgs.builder()
                .name("string")
                .build())
            .build())
        .localityLbPolicy("string")
        .logConfig(BackendServiceLogConfigArgs.builder()
            .enable(false)
            .sampleRate(0)
            .build())
        .name("string")
        .outlierDetection(BackendServiceOutlierDetectionArgs.builder()
            .baseEjectionTime(BackendServiceOutlierDetectionBaseEjectionTimeArgs.builder()
                .seconds(0)
                .nanos(0)
                .build())
            .consecutiveErrors(0)
            .consecutiveGatewayFailure(0)
            .enforcingConsecutiveErrors(0)
            .enforcingConsecutiveGatewayFailure(0)
            .enforcingSuccessRate(0)
            .interval(BackendServiceOutlierDetectionIntervalArgs.builder()
                .seconds(0)
                .nanos(0)
                .build())
            .maxEjectionPercent(0)
            .successRateMinimumHosts(0)
            .successRateRequestVolume(0)
            .successRateStdevFactor(0)
            .build())
        .portName("string")
        .project("string")
        .protocol("string")
        .securityPolicy("string")
        .securitySettings(BackendServiceSecuritySettingsArgs.builder()
            .awsV4Authentication(BackendServiceSecuritySettingsAwsV4AuthenticationArgs.builder()
                .accessKey("string")
                .accessKeyId("string")
                .accessKeyVersion("string")
                .originRegion("string")
                .build())
            .clientTlsPolicy("string")
            .subjectAltNames("string")
            .build())
        .serviceLbPolicy("string")
        .sessionAffinity("string")
        .strongSessionAffinityCookie(BackendServiceStrongSessionAffinityCookieArgs.builder()
            .name("string")
            .path("string")
            .ttl(BackendServiceStrongSessionAffinityCookieTtlArgs.builder()
                .seconds(0)
                .nanos(0)
                .build())
            .build())
        .timeoutSec(0)
        .build());
    
    backend_service_resource = gcp.compute.BackendService("backendServiceResource",
        affinity_cookie_ttl_sec=0,
        backends=[{
            "group": "string",
            "balancing_mode": "string",
            "capacity_scaler": 0,
            "description": "string",
            "max_connections": 0,
            "max_connections_per_endpoint": 0,
            "max_connections_per_instance": 0,
            "max_rate": 0,
            "max_rate_per_endpoint": 0,
            "max_rate_per_instance": 0,
            "max_utilization": 0,
        }],
        cdn_policy={
            "bypass_cache_on_request_headers": [{
                "header_name": "string",
            }],
            "cache_key_policy": {
                "include_host": False,
                "include_http_headers": ["string"],
                "include_named_cookies": ["string"],
                "include_protocol": False,
                "include_query_string": False,
                "query_string_blacklists": ["string"],
                "query_string_whitelists": ["string"],
            },
            "cache_mode": "string",
            "client_ttl": 0,
            "default_ttl": 0,
            "max_ttl": 0,
            "negative_caching": False,
            "negative_caching_policies": [{
                "code": 0,
                "ttl": 0,
            }],
            "serve_while_stale": 0,
            "signed_url_cache_max_age_sec": 0,
        },
        circuit_breakers={
            "connect_timeout": {
                "seconds": 0,
                "nanos": 0,
            },
            "max_connections": 0,
            "max_pending_requests": 0,
            "max_requests": 0,
            "max_requests_per_connection": 0,
            "max_retries": 0,
        },
        compression_mode="string",
        connection_draining_timeout_sec=0,
        consistent_hash={
            "http_cookie": {
                "name": "string",
                "path": "string",
                "ttl": {
                    "seconds": 0,
                    "nanos": 0,
                },
            },
            "http_header_name": "string",
            "minimum_ring_size": 0,
        },
        custom_request_headers=["string"],
        custom_response_headers=["string"],
        description="string",
        edge_security_policy="string",
        enable_cdn=False,
        health_checks="string",
        iap={
            "enabled": False,
            "oauth2_client_id": "string",
            "oauth2_client_secret": "string",
            "oauth2_client_secret_sha256": "string",
        },
        ip_address_selection_policy="string",
        load_balancing_scheme="string",
        locality_lb_policies=[{
            "custom_policy": {
                "name": "string",
                "data": "string",
            },
            "policy": {
                "name": "string",
            },
        }],
        locality_lb_policy="string",
        log_config={
            "enable": False,
            "sample_rate": 0,
        },
        name="string",
        outlier_detection={
            "base_ejection_time": {
                "seconds": 0,
                "nanos": 0,
            },
            "consecutive_errors": 0,
            "consecutive_gateway_failure": 0,
            "enforcing_consecutive_errors": 0,
            "enforcing_consecutive_gateway_failure": 0,
            "enforcing_success_rate": 0,
            "interval": {
                "seconds": 0,
                "nanos": 0,
            },
            "max_ejection_percent": 0,
            "success_rate_minimum_hosts": 0,
            "success_rate_request_volume": 0,
            "success_rate_stdev_factor": 0,
        },
        port_name="string",
        project="string",
        protocol="string",
        security_policy="string",
        security_settings={
            "aws_v4_authentication": {
                "access_key": "string",
                "access_key_id": "string",
                "access_key_version": "string",
                "origin_region": "string",
            },
            "client_tls_policy": "string",
            "subject_alt_names": ["string"],
        },
        service_lb_policy="string",
        session_affinity="string",
        strong_session_affinity_cookie={
            "name": "string",
            "path": "string",
            "ttl": {
                "seconds": 0,
                "nanos": 0,
            },
        },
        timeout_sec=0)
    
    const backendServiceResource = new gcp.compute.BackendService("backendServiceResource", {
        affinityCookieTtlSec: 0,
        backends: [{
            group: "string",
            balancingMode: "string",
            capacityScaler: 0,
            description: "string",
            maxConnections: 0,
            maxConnectionsPerEndpoint: 0,
            maxConnectionsPerInstance: 0,
            maxRate: 0,
            maxRatePerEndpoint: 0,
            maxRatePerInstance: 0,
            maxUtilization: 0,
        }],
        cdnPolicy: {
            bypassCacheOnRequestHeaders: [{
                headerName: "string",
            }],
            cacheKeyPolicy: {
                includeHost: false,
                includeHttpHeaders: ["string"],
                includeNamedCookies: ["string"],
                includeProtocol: false,
                includeQueryString: false,
                queryStringBlacklists: ["string"],
                queryStringWhitelists: ["string"],
            },
            cacheMode: "string",
            clientTtl: 0,
            defaultTtl: 0,
            maxTtl: 0,
            negativeCaching: false,
            negativeCachingPolicies: [{
                code: 0,
                ttl: 0,
            }],
            serveWhileStale: 0,
            signedUrlCacheMaxAgeSec: 0,
        },
        circuitBreakers: {
            connectTimeout: {
                seconds: 0,
                nanos: 0,
            },
            maxConnections: 0,
            maxPendingRequests: 0,
            maxRequests: 0,
            maxRequestsPerConnection: 0,
            maxRetries: 0,
        },
        compressionMode: "string",
        connectionDrainingTimeoutSec: 0,
        consistentHash: {
            httpCookie: {
                name: "string",
                path: "string",
                ttl: {
                    seconds: 0,
                    nanos: 0,
                },
            },
            httpHeaderName: "string",
            minimumRingSize: 0,
        },
        customRequestHeaders: ["string"],
        customResponseHeaders: ["string"],
        description: "string",
        edgeSecurityPolicy: "string",
        enableCdn: false,
        healthChecks: "string",
        iap: {
            enabled: false,
            oauth2ClientId: "string",
            oauth2ClientSecret: "string",
            oauth2ClientSecretSha256: "string",
        },
        ipAddressSelectionPolicy: "string",
        loadBalancingScheme: "string",
        localityLbPolicies: [{
            customPolicy: {
                name: "string",
                data: "string",
            },
            policy: {
                name: "string",
            },
        }],
        localityLbPolicy: "string",
        logConfig: {
            enable: false,
            sampleRate: 0,
        },
        name: "string",
        outlierDetection: {
            baseEjectionTime: {
                seconds: 0,
                nanos: 0,
            },
            consecutiveErrors: 0,
            consecutiveGatewayFailure: 0,
            enforcingConsecutiveErrors: 0,
            enforcingConsecutiveGatewayFailure: 0,
            enforcingSuccessRate: 0,
            interval: {
                seconds: 0,
                nanos: 0,
            },
            maxEjectionPercent: 0,
            successRateMinimumHosts: 0,
            successRateRequestVolume: 0,
            successRateStdevFactor: 0,
        },
        portName: "string",
        project: "string",
        protocol: "string",
        securityPolicy: "string",
        securitySettings: {
            awsV4Authentication: {
                accessKey: "string",
                accessKeyId: "string",
                accessKeyVersion: "string",
                originRegion: "string",
            },
            clientTlsPolicy: "string",
            subjectAltNames: ["string"],
        },
        serviceLbPolicy: "string",
        sessionAffinity: "string",
        strongSessionAffinityCookie: {
            name: "string",
            path: "string",
            ttl: {
                seconds: 0,
                nanos: 0,
            },
        },
        timeoutSec: 0,
    });
    
    type: gcp:compute:BackendService
    properties:
        affinityCookieTtlSec: 0
        backends:
            - balancingMode: string
              capacityScaler: 0
              description: string
              group: string
              maxConnections: 0
              maxConnectionsPerEndpoint: 0
              maxConnectionsPerInstance: 0
              maxRate: 0
              maxRatePerEndpoint: 0
              maxRatePerInstance: 0
              maxUtilization: 0
        cdnPolicy:
            bypassCacheOnRequestHeaders:
                - headerName: string
            cacheKeyPolicy:
                includeHost: false
                includeHttpHeaders:
                    - string
                includeNamedCookies:
                    - string
                includeProtocol: false
                includeQueryString: false
                queryStringBlacklists:
                    - string
                queryStringWhitelists:
                    - string
            cacheMode: string
            clientTtl: 0
            defaultTtl: 0
            maxTtl: 0
            negativeCaching: false
            negativeCachingPolicies:
                - code: 0
                  ttl: 0
            serveWhileStale: 0
            signedUrlCacheMaxAgeSec: 0
        circuitBreakers:
            connectTimeout:
                nanos: 0
                seconds: 0
            maxConnections: 0
            maxPendingRequests: 0
            maxRequests: 0
            maxRequestsPerConnection: 0
            maxRetries: 0
        compressionMode: string
        connectionDrainingTimeoutSec: 0
        consistentHash:
            httpCookie:
                name: string
                path: string
                ttl:
                    nanos: 0
                    seconds: 0
            httpHeaderName: string
            minimumRingSize: 0
        customRequestHeaders:
            - string
        customResponseHeaders:
            - string
        description: string
        edgeSecurityPolicy: string
        enableCdn: false
        healthChecks: string
        iap:
            enabled: false
            oauth2ClientId: string
            oauth2ClientSecret: string
            oauth2ClientSecretSha256: string
        ipAddressSelectionPolicy: string
        loadBalancingScheme: string
        localityLbPolicies:
            - customPolicy:
                data: string
                name: string
              policy:
                name: string
        localityLbPolicy: string
        logConfig:
            enable: false
            sampleRate: 0
        name: string
        outlierDetection:
            baseEjectionTime:
                nanos: 0
                seconds: 0
            consecutiveErrors: 0
            consecutiveGatewayFailure: 0
            enforcingConsecutiveErrors: 0
            enforcingConsecutiveGatewayFailure: 0
            enforcingSuccessRate: 0
            interval:
                nanos: 0
                seconds: 0
            maxEjectionPercent: 0
            successRateMinimumHosts: 0
            successRateRequestVolume: 0
            successRateStdevFactor: 0
        portName: string
        project: string
        protocol: string
        securityPolicy: string
        securitySettings:
            awsV4Authentication:
                accessKey: string
                accessKeyId: string
                accessKeyVersion: string
                originRegion: string
            clientTlsPolicy: string
            subjectAltNames:
                - string
        serviceLbPolicy: string
        sessionAffinity: string
        strongSessionAffinityCookie:
            name: string
            path: string
            ttl:
                nanos: 0
                seconds: 0
        timeoutSec: 0
    

    BackendService Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The BackendService resource accepts the following input properties:

    AffinityCookieTtlSec int
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    Backends List<BackendServiceBackend>
    The set of backends that serve this BackendService. Structure is documented below.
    CdnPolicy BackendServiceCdnPolicy
    Cloud CDN configuration for this BackendService. Structure is documented below.
    CircuitBreakers BackendServiceCircuitBreakers
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    CompressionMode string
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    ConnectionDrainingTimeoutSec int
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    ConsistentHash BackendServiceConsistentHash
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    CustomRequestHeaders List<string>
    Headers that the HTTP/S load balancer should add to proxied requests.
    CustomResponseHeaders List<string>
    Headers that the HTTP/S load balancer should add to proxied responses.
    Description string
    An optional description of this resource.
    EdgeSecurityPolicy string
    The resource URL for the edge security policy associated with this backend service.
    EnableCdn bool
    If true, enable Cloud CDN for this BackendService.
    HealthChecks string
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    Iap BackendServiceIap
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    IpAddressSelectionPolicy string
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    LoadBalancingScheme string
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    LocalityLbPolicies List<BackendServiceLocalityLbPolicy>
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    LocalityLbPolicy string
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    LogConfig BackendServiceLogConfig
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    Name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    OutlierDetection BackendServiceOutlierDetection
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    PortName string
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    Protocol string
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    SecurityPolicy string
    The security policy associated with this backend service.
    SecuritySettings BackendServiceSecuritySettings
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    ServiceLbPolicy string
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    SessionAffinity string
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    StrongSessionAffinityCookie BackendServiceStrongSessionAffinityCookie
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    TimeoutSec int
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.
    AffinityCookieTtlSec int
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    Backends []BackendServiceBackendArgs
    The set of backends that serve this BackendService. Structure is documented below.
    CdnPolicy BackendServiceCdnPolicyArgs
    Cloud CDN configuration for this BackendService. Structure is documented below.
    CircuitBreakers BackendServiceCircuitBreakersArgs
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    CompressionMode string
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    ConnectionDrainingTimeoutSec int
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    ConsistentHash BackendServiceConsistentHashArgs
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    CustomRequestHeaders []string
    Headers that the HTTP/S load balancer should add to proxied requests.
    CustomResponseHeaders []string
    Headers that the HTTP/S load balancer should add to proxied responses.
    Description string
    An optional description of this resource.
    EdgeSecurityPolicy string
    The resource URL for the edge security policy associated with this backend service.
    EnableCdn bool
    If true, enable Cloud CDN for this BackendService.
    HealthChecks string
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    Iap BackendServiceIapArgs
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    IpAddressSelectionPolicy string
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    LoadBalancingScheme string
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    LocalityLbPolicies []BackendServiceLocalityLbPolicyArgs
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    LocalityLbPolicy string
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    LogConfig BackendServiceLogConfigArgs
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    Name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    OutlierDetection BackendServiceOutlierDetectionArgs
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    PortName string
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    Protocol string
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    SecurityPolicy string
    The security policy associated with this backend service.
    SecuritySettings BackendServiceSecuritySettingsArgs
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    ServiceLbPolicy string
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    SessionAffinity string
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    StrongSessionAffinityCookie BackendServiceStrongSessionAffinityCookieArgs
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    TimeoutSec int
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.
    affinityCookieTtlSec Integer
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    backends List<BackendServiceBackend>
    The set of backends that serve this BackendService. Structure is documented below.
    cdnPolicy BackendServiceCdnPolicy
    Cloud CDN configuration for this BackendService. Structure is documented below.
    circuitBreakers BackendServiceCircuitBreakers
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    compressionMode String
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    connectionDrainingTimeoutSec Integer
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    consistentHash BackendServiceConsistentHash
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    customRequestHeaders List<String>
    Headers that the HTTP/S load balancer should add to proxied requests.
    customResponseHeaders List<String>
    Headers that the HTTP/S load balancer should add to proxied responses.
    description String
    An optional description of this resource.
    edgeSecurityPolicy String
    The resource URL for the edge security policy associated with this backend service.
    enableCdn Boolean
    If true, enable Cloud CDN for this BackendService.
    healthChecks String
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    iap BackendServiceIap
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    ipAddressSelectionPolicy String
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    loadBalancingScheme String
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    localityLbPolicies List<BackendServiceLocalityLbPolicy>
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    localityLbPolicy String
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    logConfig BackendServiceLogConfig
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    name String
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    outlierDetection BackendServiceOutlierDetection
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    portName String
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    protocol String
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    securityPolicy String
    The security policy associated with this backend service.
    securitySettings BackendServiceSecuritySettings
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    serviceLbPolicy String
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    sessionAffinity String
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    strongSessionAffinityCookie BackendServiceStrongSessionAffinityCookie
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    timeoutSec Integer
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.
    affinityCookieTtlSec number
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    backends BackendServiceBackend[]
    The set of backends that serve this BackendService. Structure is documented below.
    cdnPolicy BackendServiceCdnPolicy
    Cloud CDN configuration for this BackendService. Structure is documented below.
    circuitBreakers BackendServiceCircuitBreakers
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    compressionMode string
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    connectionDrainingTimeoutSec number
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    consistentHash BackendServiceConsistentHash
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    customRequestHeaders string[]
    Headers that the HTTP/S load balancer should add to proxied requests.
    customResponseHeaders string[]
    Headers that the HTTP/S load balancer should add to proxied responses.
    description string
    An optional description of this resource.
    edgeSecurityPolicy string
    The resource URL for the edge security policy associated with this backend service.
    enableCdn boolean
    If true, enable Cloud CDN for this BackendService.
    healthChecks string
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    iap BackendServiceIap
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    ipAddressSelectionPolicy string
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    loadBalancingScheme string
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    localityLbPolicies BackendServiceLocalityLbPolicy[]
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    localityLbPolicy string
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    logConfig BackendServiceLogConfig
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    outlierDetection BackendServiceOutlierDetection
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    portName string
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    protocol string
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    securityPolicy string
    The security policy associated with this backend service.
    securitySettings BackendServiceSecuritySettings
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    serviceLbPolicy string
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    sessionAffinity string
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    strongSessionAffinityCookie BackendServiceStrongSessionAffinityCookie
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    timeoutSec number
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.
    affinity_cookie_ttl_sec int
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    backends Sequence[BackendServiceBackendArgs]
    The set of backends that serve this BackendService. Structure is documented below.
    cdn_policy BackendServiceCdnPolicyArgs
    Cloud CDN configuration for this BackendService. Structure is documented below.
    circuit_breakers BackendServiceCircuitBreakersArgs
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    compression_mode str
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    connection_draining_timeout_sec int
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    consistent_hash BackendServiceConsistentHashArgs
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    custom_request_headers Sequence[str]
    Headers that the HTTP/S load balancer should add to proxied requests.
    custom_response_headers Sequence[str]
    Headers that the HTTP/S load balancer should add to proxied responses.
    description str
    An optional description of this resource.
    edge_security_policy str
    The resource URL for the edge security policy associated with this backend service.
    enable_cdn bool
    If true, enable Cloud CDN for this BackendService.
    health_checks str
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    iap BackendServiceIapArgs
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    ip_address_selection_policy str
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    load_balancing_scheme str
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    locality_lb_policies Sequence[BackendServiceLocalityLbPolicyArgs]
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    locality_lb_policy str
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    log_config BackendServiceLogConfigArgs
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    name str
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    outlier_detection BackendServiceOutlierDetectionArgs
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    port_name str
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    project str
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    protocol str
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    security_policy str
    The security policy associated with this backend service.
    security_settings BackendServiceSecuritySettingsArgs
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    service_lb_policy str
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    session_affinity str
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    strong_session_affinity_cookie BackendServiceStrongSessionAffinityCookieArgs
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    timeout_sec int
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.
    affinityCookieTtlSec Number
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    backends List<Property Map>
    The set of backends that serve this BackendService. Structure is documented below.
    cdnPolicy Property Map
    Cloud CDN configuration for this BackendService. Structure is documented below.
    circuitBreakers Property Map
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    compressionMode String
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    connectionDrainingTimeoutSec Number
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    consistentHash Property Map
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    customRequestHeaders List<String>
    Headers that the HTTP/S load balancer should add to proxied requests.
    customResponseHeaders List<String>
    Headers that the HTTP/S load balancer should add to proxied responses.
    description String
    An optional description of this resource.
    edgeSecurityPolicy String
    The resource URL for the edge security policy associated with this backend service.
    enableCdn Boolean
    If true, enable Cloud CDN for this BackendService.
    healthChecks String
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    iap Property Map
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    ipAddressSelectionPolicy String
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    loadBalancingScheme String
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    localityLbPolicies List<Property Map>
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    localityLbPolicy String
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    logConfig Property Map
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    name String
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    outlierDetection Property Map
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    portName String
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    protocol String
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    securityPolicy String
    The security policy associated with this backend service.
    securitySettings Property Map
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    serviceLbPolicy String
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    sessionAffinity String
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    strongSessionAffinityCookie Property Map
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    timeoutSec Number
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the BackendService resource produces the following output properties:

    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    Fingerprint string
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    GeneratedId int
    The unique identifier for the resource. This identifier is defined by the server.
    Id string
    The provider-assigned unique ID for this managed resource.
    SelfLink string
    The URI of the created resource.
    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    Fingerprint string
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    GeneratedId int
    The unique identifier for the resource. This identifier is defined by the server.
    Id string
    The provider-assigned unique ID for this managed resource.
    SelfLink string
    The URI of the created resource.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    fingerprint String
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    generatedId Integer
    The unique identifier for the resource. This identifier is defined by the server.
    id String
    The provider-assigned unique ID for this managed resource.
    selfLink String
    The URI of the created resource.
    creationTimestamp string
    Creation timestamp in RFC3339 text format.
    fingerprint string
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    generatedId number
    The unique identifier for the resource. This identifier is defined by the server.
    id string
    The provider-assigned unique ID for this managed resource.
    selfLink string
    The URI of the created resource.
    creation_timestamp str
    Creation timestamp in RFC3339 text format.
    fingerprint str
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    generated_id int
    The unique identifier for the resource. This identifier is defined by the server.
    id str
    The provider-assigned unique ID for this managed resource.
    self_link str
    The URI of the created resource.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    fingerprint String
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    generatedId Number
    The unique identifier for the resource. This identifier is defined by the server.
    id String
    The provider-assigned unique ID for this managed resource.
    selfLink String
    The URI of the created resource.

    Look up Existing BackendService Resource

    Get an existing BackendService resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: BackendServiceState, opts?: CustomResourceOptions): BackendService
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            affinity_cookie_ttl_sec: Optional[int] = None,
            backends: Optional[Sequence[BackendServiceBackendArgs]] = None,
            cdn_policy: Optional[BackendServiceCdnPolicyArgs] = None,
            circuit_breakers: Optional[BackendServiceCircuitBreakersArgs] = None,
            compression_mode: Optional[str] = None,
            connection_draining_timeout_sec: Optional[int] = None,
            consistent_hash: Optional[BackendServiceConsistentHashArgs] = None,
            creation_timestamp: Optional[str] = None,
            custom_request_headers: Optional[Sequence[str]] = None,
            custom_response_headers: Optional[Sequence[str]] = None,
            description: Optional[str] = None,
            edge_security_policy: Optional[str] = None,
            enable_cdn: Optional[bool] = None,
            fingerprint: Optional[str] = None,
            generated_id: Optional[int] = None,
            health_checks: Optional[str] = None,
            iap: Optional[BackendServiceIapArgs] = None,
            ip_address_selection_policy: Optional[str] = None,
            load_balancing_scheme: Optional[str] = None,
            locality_lb_policies: Optional[Sequence[BackendServiceLocalityLbPolicyArgs]] = None,
            locality_lb_policy: Optional[str] = None,
            log_config: Optional[BackendServiceLogConfigArgs] = None,
            name: Optional[str] = None,
            outlier_detection: Optional[BackendServiceOutlierDetectionArgs] = None,
            port_name: Optional[str] = None,
            project: Optional[str] = None,
            protocol: Optional[str] = None,
            security_policy: Optional[str] = None,
            security_settings: Optional[BackendServiceSecuritySettingsArgs] = None,
            self_link: Optional[str] = None,
            service_lb_policy: Optional[str] = None,
            session_affinity: Optional[str] = None,
            strong_session_affinity_cookie: Optional[BackendServiceStrongSessionAffinityCookieArgs] = None,
            timeout_sec: Optional[int] = None) -> BackendService
    func GetBackendService(ctx *Context, name string, id IDInput, state *BackendServiceState, opts ...ResourceOption) (*BackendService, error)
    public static BackendService Get(string name, Input<string> id, BackendServiceState? state, CustomResourceOptions? opts = null)
    public static BackendService get(String name, Output<String> id, BackendServiceState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AffinityCookieTtlSec int
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    Backends List<BackendServiceBackend>
    The set of backends that serve this BackendService. Structure is documented below.
    CdnPolicy BackendServiceCdnPolicy
    Cloud CDN configuration for this BackendService. Structure is documented below.
    CircuitBreakers BackendServiceCircuitBreakers
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    CompressionMode string
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    ConnectionDrainingTimeoutSec int
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    ConsistentHash BackendServiceConsistentHash
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    CustomRequestHeaders List<string>
    Headers that the HTTP/S load balancer should add to proxied requests.
    CustomResponseHeaders List<string>
    Headers that the HTTP/S load balancer should add to proxied responses.
    Description string
    An optional description of this resource.
    EdgeSecurityPolicy string
    The resource URL for the edge security policy associated with this backend service.
    EnableCdn bool
    If true, enable Cloud CDN for this BackendService.
    Fingerprint string
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    GeneratedId int
    The unique identifier for the resource. This identifier is defined by the server.
    HealthChecks string
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    Iap BackendServiceIap
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    IpAddressSelectionPolicy string
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    LoadBalancingScheme string
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    LocalityLbPolicies List<BackendServiceLocalityLbPolicy>
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    LocalityLbPolicy string
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    LogConfig BackendServiceLogConfig
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    Name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    OutlierDetection BackendServiceOutlierDetection
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    PortName string
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    Protocol string
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    SecurityPolicy string
    The security policy associated with this backend service.
    SecuritySettings BackendServiceSecuritySettings
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    SelfLink string
    The URI of the created resource.
    ServiceLbPolicy string
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    SessionAffinity string
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    StrongSessionAffinityCookie BackendServiceStrongSessionAffinityCookie
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    TimeoutSec int
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.
    AffinityCookieTtlSec int
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    Backends []BackendServiceBackendArgs
    The set of backends that serve this BackendService. Structure is documented below.
    CdnPolicy BackendServiceCdnPolicyArgs
    Cloud CDN configuration for this BackendService. Structure is documented below.
    CircuitBreakers BackendServiceCircuitBreakersArgs
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    CompressionMode string
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    ConnectionDrainingTimeoutSec int
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    ConsistentHash BackendServiceConsistentHashArgs
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    CustomRequestHeaders []string
    Headers that the HTTP/S load balancer should add to proxied requests.
    CustomResponseHeaders []string
    Headers that the HTTP/S load balancer should add to proxied responses.
    Description string
    An optional description of this resource.
    EdgeSecurityPolicy string
    The resource URL for the edge security policy associated with this backend service.
    EnableCdn bool
    If true, enable Cloud CDN for this BackendService.
    Fingerprint string
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    GeneratedId int
    The unique identifier for the resource. This identifier is defined by the server.
    HealthChecks string
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    Iap BackendServiceIapArgs
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    IpAddressSelectionPolicy string
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    LoadBalancingScheme string
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    LocalityLbPolicies []BackendServiceLocalityLbPolicyArgs
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    LocalityLbPolicy string
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    LogConfig BackendServiceLogConfigArgs
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    Name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    OutlierDetection BackendServiceOutlierDetectionArgs
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    PortName string
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    Protocol string
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    SecurityPolicy string
    The security policy associated with this backend service.
    SecuritySettings BackendServiceSecuritySettingsArgs
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    SelfLink string
    The URI of the created resource.
    ServiceLbPolicy string
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    SessionAffinity string
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    StrongSessionAffinityCookie BackendServiceStrongSessionAffinityCookieArgs
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    TimeoutSec int
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.
    affinityCookieTtlSec Integer
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    backends List<BackendServiceBackend>
    The set of backends that serve this BackendService. Structure is documented below.
    cdnPolicy BackendServiceCdnPolicy
    Cloud CDN configuration for this BackendService. Structure is documented below.
    circuitBreakers BackendServiceCircuitBreakers
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    compressionMode String
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    connectionDrainingTimeoutSec Integer
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    consistentHash BackendServiceConsistentHash
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    customRequestHeaders List<String>
    Headers that the HTTP/S load balancer should add to proxied requests.
    customResponseHeaders List<String>
    Headers that the HTTP/S load balancer should add to proxied responses.
    description String
    An optional description of this resource.
    edgeSecurityPolicy String
    The resource URL for the edge security policy associated with this backend service.
    enableCdn Boolean
    If true, enable Cloud CDN for this BackendService.
    fingerprint String
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    generatedId Integer
    The unique identifier for the resource. This identifier is defined by the server.
    healthChecks String
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    iap BackendServiceIap
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    ipAddressSelectionPolicy String
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    loadBalancingScheme String
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    localityLbPolicies List<BackendServiceLocalityLbPolicy>
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    localityLbPolicy String
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    logConfig BackendServiceLogConfig
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    name String
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    outlierDetection BackendServiceOutlierDetection
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    portName String
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    protocol String
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    securityPolicy String
    The security policy associated with this backend service.
    securitySettings BackendServiceSecuritySettings
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    selfLink String
    The URI of the created resource.
    serviceLbPolicy String
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    sessionAffinity String
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    strongSessionAffinityCookie BackendServiceStrongSessionAffinityCookie
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    timeoutSec Integer
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.
    affinityCookieTtlSec number
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    backends BackendServiceBackend[]
    The set of backends that serve this BackendService. Structure is documented below.
    cdnPolicy BackendServiceCdnPolicy
    Cloud CDN configuration for this BackendService. Structure is documented below.
    circuitBreakers BackendServiceCircuitBreakers
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    compressionMode string
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    connectionDrainingTimeoutSec number
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    consistentHash BackendServiceConsistentHash
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    creationTimestamp string
    Creation timestamp in RFC3339 text format.
    customRequestHeaders string[]
    Headers that the HTTP/S load balancer should add to proxied requests.
    customResponseHeaders string[]
    Headers that the HTTP/S load balancer should add to proxied responses.
    description string
    An optional description of this resource.
    edgeSecurityPolicy string
    The resource URL for the edge security policy associated with this backend service.
    enableCdn boolean
    If true, enable Cloud CDN for this BackendService.
    fingerprint string
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    generatedId number
    The unique identifier for the resource. This identifier is defined by the server.
    healthChecks string
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    iap BackendServiceIap
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    ipAddressSelectionPolicy string
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    loadBalancingScheme string
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    localityLbPolicies BackendServiceLocalityLbPolicy[]
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    localityLbPolicy string
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    logConfig BackendServiceLogConfig
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    outlierDetection BackendServiceOutlierDetection
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    portName string
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    protocol string
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    securityPolicy string
    The security policy associated with this backend service.
    securitySettings BackendServiceSecuritySettings
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    selfLink string
    The URI of the created resource.
    serviceLbPolicy string
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    sessionAffinity string
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    strongSessionAffinityCookie BackendServiceStrongSessionAffinityCookie
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    timeoutSec number
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.
    affinity_cookie_ttl_sec int
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    backends Sequence[BackendServiceBackendArgs]
    The set of backends that serve this BackendService. Structure is documented below.
    cdn_policy BackendServiceCdnPolicyArgs
    Cloud CDN configuration for this BackendService. Structure is documented below.
    circuit_breakers BackendServiceCircuitBreakersArgs
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    compression_mode str
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    connection_draining_timeout_sec int
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    consistent_hash BackendServiceConsistentHashArgs
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    creation_timestamp str
    Creation timestamp in RFC3339 text format.
    custom_request_headers Sequence[str]
    Headers that the HTTP/S load balancer should add to proxied requests.
    custom_response_headers Sequence[str]
    Headers that the HTTP/S load balancer should add to proxied responses.
    description str
    An optional description of this resource.
    edge_security_policy str
    The resource URL for the edge security policy associated with this backend service.
    enable_cdn bool
    If true, enable Cloud CDN for this BackendService.
    fingerprint str
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    generated_id int
    The unique identifier for the resource. This identifier is defined by the server.
    health_checks str
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    iap BackendServiceIapArgs
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    ip_address_selection_policy str
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    load_balancing_scheme str
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    locality_lb_policies Sequence[BackendServiceLocalityLbPolicyArgs]
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    locality_lb_policy str
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    log_config BackendServiceLogConfigArgs
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    name str
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    outlier_detection BackendServiceOutlierDetectionArgs
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    port_name str
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    project str
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    protocol str
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    security_policy str
    The security policy associated with this backend service.
    security_settings BackendServiceSecuritySettingsArgs
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    self_link str
    The URI of the created resource.
    service_lb_policy str
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    session_affinity str
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    strong_session_affinity_cookie BackendServiceStrongSessionAffinityCookieArgs
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    timeout_sec int
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.
    affinityCookieTtlSec Number
    Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used.
    backends List<Property Map>
    The set of backends that serve this BackendService. Structure is documented below.
    cdnPolicy Property Map
    Cloud CDN configuration for this BackendService. Structure is documented below.
    circuitBreakers Property Map
    Settings controlling the volume of connections to a backend service. This field is applicable only when the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. Structure is documented below.
    compressionMode String
    Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header. Possible values are: AUTOMATIC, DISABLED.
    connectionDrainingTimeoutSec Number
    Time for which instance will be drained (not accept new connections, but still work to finish started).
    consistentHash Property Map
    Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field only applies if the load_balancing_scheme is set to INTERNAL_SELF_MANAGED. This field is only applicable when locality_lb_policy is set to MAGLEV or RING_HASH. Structure is documented below.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    customRequestHeaders List<String>
    Headers that the HTTP/S load balancer should add to proxied requests.
    customResponseHeaders List<String>
    Headers that the HTTP/S load balancer should add to proxied responses.
    description String
    An optional description of this resource.
    edgeSecurityPolicy String
    The resource URL for the edge security policy associated with this backend service.
    enableCdn Boolean
    If true, enable Cloud CDN for this BackendService.
    fingerprint String
    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
    generatedId Number
    The unique identifier for the resource. This identifier is defined by the server.
    healthChecks String
    The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. For internal load balancing, a URL to a HealthCheck resource must be specified instead.
    iap Property Map
    Settings for enabling Cloud Identity Aware Proxy Structure is documented below.
    ipAddressSelectionPolicy String
    Specifies preference of traffic to the backend (from the proxy and from the client for proxyless gRPC). Possible values are: IPV4_ONLY, PREFER_IPV6, IPV6_ONLY.
    loadBalancingScheme String
    Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. For more information, refer to Choosing a load balancer. Default value is EXTERNAL. Possible values are: EXTERNAL, INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, EXTERNAL_MANAGED.
    localityLbPolicies List<Property Map>
    A list of locality load balancing policies to be used in order of preference. Either the policy or the customPolicy field should be set. Overrides any value set in the localityLbPolicy field. localityLbPolicies is only supported when the BackendService is referenced by a URL Map that is referenced by a target gRPC proxy that has the validateForProxyless field set to true. Structure is documented below.
    localityLbPolicy String
    The load balancing algorithm used within the scope of the locality. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824
    • WEIGHTED_MAGLEV: Per-instance weighted Load Balancing via health check reported weights. Only applicable to loadBalancingScheme EXTERNAL. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weight based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. locality_lb_policy is applicable to either:
    • A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and loadBalancingScheme set to INTERNAL_MANAGED.
    • A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
    • A regional backend service with loadBalancingScheme set to EXTERNAL (External Network Load Balancing). Only MAGLEV and WEIGHTED_MAGLEV values are possible for External Network Load Balancing. The default is MAGLEV. If session_affinity is not NONE, and locality_lb_policy is not set to MAGLEV, WEIGHTED_MAGLEV, or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validate_for_proxyless field set to true. Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV, WEIGHTED_MAGLEV.
    logConfig Property Map
    This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. Structure is documented below.
    name String
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


    outlierDetection Property Map
    Settings controlling eviction of unhealthy hosts from the load balancing pool. Applicable backend service types can be a global backend service with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL_MANAGED. Structure is documented below.
    portName String
    Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    protocol String
    The protocol this BackendService uses to communicate with backends. The default is HTTP. NOTE: HTTP2 is only valid for beta HTTP/2 load balancer types and may result in errors if used with the GA API. NOTE: With protocol “UNSPECIFIED”, the backend service can be used by Layer 4 Internal Load Balancing or Network Load Balancing with TCP/UDP/L3_DEFAULT Forwarding Rule protocol. Possible values are: HTTP, HTTPS, HTTP2, TCP, SSL, GRPC, UNSPECIFIED.
    securityPolicy String
    The security policy associated with this backend service.
    securitySettings Property Map
    The security settings that apply to this backend service. This field is applicable to either a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Structure is documented below.
    selfLink String
    The URI of the created resource.
    serviceLbPolicy String
    URL to networkservices.ServiceLbPolicy resource. Can only be set if load balancing scheme is EXTERNAL, EXTERNAL_MANAGED, INTERNAL_MANAGED or INTERNAL_SELF_MANAGED and the scope is global.
    sessionAffinity String
    Type of session affinity to use. The default is NONE. Session affinity is not applicable if the protocol is UDP. Possible values are: NONE, CLIENT_IP, CLIENT_IP_PORT_PROTO, CLIENT_IP_PROTO, GENERATED_COOKIE, HEADER_FIELD, HTTP_COOKIE, STRONG_COOKIE_AFFINITY.
    strongSessionAffinityCookie Property Map
    Describes the HTTP cookie used for stateful session affinity. This field is applicable and required if the sessionAffinity is set to STRONG_COOKIE_AFFINITY. Structure is documented below.
    timeoutSec Number
    The backend service timeout has a different meaning depending on the type of load balancer. For more information see, Backend service settings. The default is 30 seconds. The full range of timeout values allowed goes from 1 through 2,147,483,647 seconds.

    Supporting Types

    BackendServiceBackend, BackendServiceBackendArgs

    Group string
    The fully-qualified URL of an Instance Group or Network Endpoint Group resource. In case of instance group this defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource. For Network Endpoint Groups this defines list of endpoints. All endpoints of Network Endpoint Group must be hosted on instances located in the same zone as the Network Endpoint Group. Backend services cannot mix Instance Group and Network Endpoint Group backends. Note that you must specify an Instance Group or Network Endpoint Group resource using the fully-qualified URL, rather than a partial URL.
    BalancingMode string
    Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL). See the Backend Services Overview for an explanation of load balancing modes. Default value is UTILIZATION. Possible values are: UTILIZATION, RATE, CONNECTION.
    CapacityScaler double
    A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].
    Description string
    An optional description of this resource. Provide this property when you create the resource.
    MaxConnections int
    The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or one of maxConnectionsPerInstance or maxConnectionsPerEndpoint, as appropriate for group type, must be set.
    MaxConnectionsPerEndpoint int
    The max number of simultaneous connections that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set.
    MaxConnectionsPerInstance int
    The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.
    MaxRate int
    The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or one of maxRatePerInstance or maxRatePerEndpoint, as appropriate for group type, must be set.
    MaxRatePerEndpoint double
    The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set.
    MaxRatePerInstance double
    The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.
    MaxUtilization double
    Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. Valid range is [0.0, 1.0].
    Group string
    The fully-qualified URL of an Instance Group or Network Endpoint Group resource. In case of instance group this defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource. For Network Endpoint Groups this defines list of endpoints. All endpoints of Network Endpoint Group must be hosted on instances located in the same zone as the Network Endpoint Group. Backend services cannot mix Instance Group and Network Endpoint Group backends. Note that you must specify an Instance Group or Network Endpoint Group resource using the fully-qualified URL, rather than a partial URL.
    BalancingMode string
    Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL). See the Backend Services Overview for an explanation of load balancing modes. Default value is UTILIZATION. Possible values are: UTILIZATION, RATE, CONNECTION.
    CapacityScaler float64
    A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].
    Description string
    An optional description of this resource. Provide this property when you create the resource.
    MaxConnections int
    The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or one of maxConnectionsPerInstance or maxConnectionsPerEndpoint, as appropriate for group type, must be set.
    MaxConnectionsPerEndpoint int
    The max number of simultaneous connections that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set.
    MaxConnectionsPerInstance int
    The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.
    MaxRate int
    The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or one of maxRatePerInstance or maxRatePerEndpoint, as appropriate for group type, must be set.
    MaxRatePerEndpoint float64
    The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set.
    MaxRatePerInstance float64
    The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.
    MaxUtilization float64
    Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. Valid range is [0.0, 1.0].
    group String
    The fully-qualified URL of an Instance Group or Network Endpoint Group resource. In case of instance group this defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource. For Network Endpoint Groups this defines list of endpoints. All endpoints of Network Endpoint Group must be hosted on instances located in the same zone as the Network Endpoint Group. Backend services cannot mix Instance Group and Network Endpoint Group backends. Note that you must specify an Instance Group or Network Endpoint Group resource using the fully-qualified URL, rather than a partial URL.
    balancingMode String
    Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL). See the Backend Services Overview for an explanation of load balancing modes. Default value is UTILIZATION. Possible values are: UTILIZATION, RATE, CONNECTION.
    capacityScaler Double
    A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].
    description String
    An optional description of this resource. Provide this property when you create the resource.
    maxConnections Integer
    The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or one of maxConnectionsPerInstance or maxConnectionsPerEndpoint, as appropriate for group type, must be set.
    maxConnectionsPerEndpoint Integer
    The max number of simultaneous connections that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set.
    maxConnectionsPerInstance Integer
    The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.
    maxRate Integer
    The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or one of maxRatePerInstance or maxRatePerEndpoint, as appropriate for group type, must be set.
    maxRatePerEndpoint Double
    The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set.
    maxRatePerInstance Double
    The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.
    maxUtilization Double
    Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. Valid range is [0.0, 1.0].
    group string
    The fully-qualified URL of an Instance Group or Network Endpoint Group resource. In case of instance group this defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource. For Network Endpoint Groups this defines list of endpoints. All endpoints of Network Endpoint Group must be hosted on instances located in the same zone as the Network Endpoint Group. Backend services cannot mix Instance Group and Network Endpoint Group backends. Note that you must specify an Instance Group or Network Endpoint Group resource using the fully-qualified URL, rather than a partial URL.
    balancingMode string
    Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL). See the Backend Services Overview for an explanation of load balancing modes. Default value is UTILIZATION. Possible values are: UTILIZATION, RATE, CONNECTION.
    capacityScaler number
    A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].
    description string
    An optional description of this resource. Provide this property when you create the resource.
    maxConnections number
    The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or one of maxConnectionsPerInstance or maxConnectionsPerEndpoint, as appropriate for group type, must be set.
    maxConnectionsPerEndpoint number
    The max number of simultaneous connections that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set.
    maxConnectionsPerInstance number
    The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.
    maxRate number
    The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or one of maxRatePerInstance or maxRatePerEndpoint, as appropriate for group type, must be set.
    maxRatePerEndpoint number
    The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set.
    maxRatePerInstance number
    The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.
    maxUtilization number
    Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. Valid range is [0.0, 1.0].
    group str
    The fully-qualified URL of an Instance Group or Network Endpoint Group resource. In case of instance group this defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource. For Network Endpoint Groups this defines list of endpoints. All endpoints of Network Endpoint Group must be hosted on instances located in the same zone as the Network Endpoint Group. Backend services cannot mix Instance Group and Network Endpoint Group backends. Note that you must specify an Instance Group or Network Endpoint Group resource using the fully-qualified URL, rather than a partial URL.
    balancing_mode str
    Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL). See the Backend Services Overview for an explanation of load balancing modes. Default value is UTILIZATION. Possible values are: UTILIZATION, RATE, CONNECTION.
    capacity_scaler float
    A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].
    description str
    An optional description of this resource. Provide this property when you create the resource.
    max_connections int
    The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or one of maxConnectionsPerInstance or maxConnectionsPerEndpoint, as appropriate for group type, must be set.
    max_connections_per_endpoint int
    The max number of simultaneous connections that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set.
    max_connections_per_instance int
    The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.
    max_rate int
    The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or one of maxRatePerInstance or maxRatePerEndpoint, as appropriate for group type, must be set.
    max_rate_per_endpoint float
    The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set.
    max_rate_per_instance float
    The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.
    max_utilization float
    Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. Valid range is [0.0, 1.0].
    group String
    The fully-qualified URL of an Instance Group or Network Endpoint Group resource. In case of instance group this defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource. For Network Endpoint Groups this defines list of endpoints. All endpoints of Network Endpoint Group must be hosted on instances located in the same zone as the Network Endpoint Group. Backend services cannot mix Instance Group and Network Endpoint Group backends. Note that you must specify an Instance Group or Network Endpoint Group resource using the fully-qualified URL, rather than a partial URL.
    balancingMode String
    Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL). See the Backend Services Overview for an explanation of load balancing modes. Default value is UTILIZATION. Possible values are: UTILIZATION, RATE, CONNECTION.
    capacityScaler Number
    A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].
    description String
    An optional description of this resource. Provide this property when you create the resource.
    maxConnections Number
    The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or one of maxConnectionsPerInstance or maxConnectionsPerEndpoint, as appropriate for group type, must be set.
    maxConnectionsPerEndpoint Number
    The max number of simultaneous connections that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set.
    maxConnectionsPerInstance Number
    The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.
    maxRate Number
    The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or one of maxRatePerInstance or maxRatePerEndpoint, as appropriate for group type, must be set.
    maxRatePerEndpoint Number
    The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set.
    maxRatePerInstance Number
    The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.
    maxUtilization Number
    Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. Valid range is [0.0, 1.0].

    BackendServiceCdnPolicy, BackendServiceCdnPolicyArgs

    BypassCacheOnRequestHeaders List<BackendServiceCdnPolicyBypassCacheOnRequestHeader>
    Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings. Structure is documented below.
    CacheKeyPolicy BackendServiceCdnPolicyCacheKeyPolicy
    The CacheKeyPolicy for this CdnPolicy. Structure is documented below.
    CacheMode string
    Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC Possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, CACHE_ALL_STATIC.
    ClientTtl int
    Specifies the maximum allowed TTL for cached content served by this origin.
    DefaultTtl int
    Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age).
    MaxTtl int
    Specifies the maximum allowed TTL for cached content served by this origin.
    NegativeCaching bool
    Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects.
    NegativeCachingPolicies List<BackendServiceCdnPolicyNegativeCachingPolicy>
    Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. Structure is documented below.
    ServeWhileStale int
    Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache.
    SignedUrlCacheMaxAgeSec int
    Maximum number of seconds the response to a signed URL request will be considered fresh, defaults to 1hr (3600s). After this time period, the response will be revalidated before being served. When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.
    BypassCacheOnRequestHeaders []BackendServiceCdnPolicyBypassCacheOnRequestHeader
    Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings. Structure is documented below.
    CacheKeyPolicy BackendServiceCdnPolicyCacheKeyPolicy
    The CacheKeyPolicy for this CdnPolicy. Structure is documented below.
    CacheMode string
    Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC Possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, CACHE_ALL_STATIC.
    ClientTtl int
    Specifies the maximum allowed TTL for cached content served by this origin.
    DefaultTtl int
    Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age).
    MaxTtl int
    Specifies the maximum allowed TTL for cached content served by this origin.
    NegativeCaching bool
    Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects.
    NegativeCachingPolicies []BackendServiceCdnPolicyNegativeCachingPolicy
    Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. Structure is documented below.
    ServeWhileStale int
    Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache.
    SignedUrlCacheMaxAgeSec int
    Maximum number of seconds the response to a signed URL request will be considered fresh, defaults to 1hr (3600s). After this time period, the response will be revalidated before being served. When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.
    bypassCacheOnRequestHeaders List<BackendServiceCdnPolicyBypassCacheOnRequestHeader>
    Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings. Structure is documented below.
    cacheKeyPolicy BackendServiceCdnPolicyCacheKeyPolicy
    The CacheKeyPolicy for this CdnPolicy. Structure is documented below.
    cacheMode String
    Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC Possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, CACHE_ALL_STATIC.
    clientTtl Integer
    Specifies the maximum allowed TTL for cached content served by this origin.
    defaultTtl Integer
    Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age).
    maxTtl Integer
    Specifies the maximum allowed TTL for cached content served by this origin.
    negativeCaching Boolean
    Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects.
    negativeCachingPolicies List<BackendServiceCdnPolicyNegativeCachingPolicy>
    Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. Structure is documented below.
    serveWhileStale Integer
    Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache.
    signedUrlCacheMaxAgeSec Integer
    Maximum number of seconds the response to a signed URL request will be considered fresh, defaults to 1hr (3600s). After this time period, the response will be revalidated before being served. When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.
    bypassCacheOnRequestHeaders BackendServiceCdnPolicyBypassCacheOnRequestHeader[]
    Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings. Structure is documented below.
    cacheKeyPolicy BackendServiceCdnPolicyCacheKeyPolicy
    The CacheKeyPolicy for this CdnPolicy. Structure is documented below.
    cacheMode string
    Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC Possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, CACHE_ALL_STATIC.
    clientTtl number
    Specifies the maximum allowed TTL for cached content served by this origin.
    defaultTtl number
    Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age).
    maxTtl number
    Specifies the maximum allowed TTL for cached content served by this origin.
    negativeCaching boolean
    Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects.
    negativeCachingPolicies BackendServiceCdnPolicyNegativeCachingPolicy[]
    Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. Structure is documented below.
    serveWhileStale number
    Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache.
    signedUrlCacheMaxAgeSec number
    Maximum number of seconds the response to a signed URL request will be considered fresh, defaults to 1hr (3600s). After this time period, the response will be revalidated before being served. When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.
    bypass_cache_on_request_headers Sequence[BackendServiceCdnPolicyBypassCacheOnRequestHeader]
    Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings. Structure is documented below.
    cache_key_policy BackendServiceCdnPolicyCacheKeyPolicy
    The CacheKeyPolicy for this CdnPolicy. Structure is documented below.
    cache_mode str
    Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC Possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, CACHE_ALL_STATIC.
    client_ttl int
    Specifies the maximum allowed TTL for cached content served by this origin.
    default_ttl int
    Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age).
    max_ttl int
    Specifies the maximum allowed TTL for cached content served by this origin.
    negative_caching bool
    Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects.
    negative_caching_policies Sequence[BackendServiceCdnPolicyNegativeCachingPolicy]
    Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. Structure is documented below.
    serve_while_stale int
    Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache.
    signed_url_cache_max_age_sec int
    Maximum number of seconds the response to a signed URL request will be considered fresh, defaults to 1hr (3600s). After this time period, the response will be revalidated before being served. When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.
    bypassCacheOnRequestHeaders List<Property Map>
    Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings. Structure is documented below.
    cacheKeyPolicy Property Map
    The CacheKeyPolicy for this CdnPolicy. Structure is documented below.
    cacheMode String
    Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL and CACHE_ALL_STATIC Possible values are: USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, CACHE_ALL_STATIC.
    clientTtl Number
    Specifies the maximum allowed TTL for cached content served by this origin.
    defaultTtl Number
    Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age).
    maxTtl Number
    Specifies the maximum allowed TTL for cached content served by this origin.
    negativeCaching Boolean
    Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects.
    negativeCachingPolicies List<Property Map>
    Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy. Omitting the policy and leaving negativeCaching enabled will use Cloud CDN's default cache TTLs. Structure is documented below.
    serveWhileStale Number
    Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache.
    signedUrlCacheMaxAgeSec Number
    Maximum number of seconds the response to a signed URL request will be considered fresh, defaults to 1hr (3600s). After this time period, the response will be revalidated before being served. When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.

    BackendServiceCdnPolicyBypassCacheOnRequestHeader, BackendServiceCdnPolicyBypassCacheOnRequestHeaderArgs

    HeaderName string
    The header field name to match on when bypassing cache. Values are case-insensitive.
    HeaderName string
    The header field name to match on when bypassing cache. Values are case-insensitive.
    headerName String
    The header field name to match on when bypassing cache. Values are case-insensitive.
    headerName string
    The header field name to match on when bypassing cache. Values are case-insensitive.
    header_name str
    The header field name to match on when bypassing cache. Values are case-insensitive.
    headerName String
    The header field name to match on when bypassing cache. Values are case-insensitive.

    BackendServiceCdnPolicyCacheKeyPolicy, BackendServiceCdnPolicyCacheKeyPolicyArgs

    IncludeHost bool
    If true requests to different hosts will be cached separately.
    IncludeHttpHeaders List<string>
    Allows HTTP request headers (by name) to be used in the cache key.
    IncludeNamedCookies List<string>
    Names of cookies to include in cache keys.
    IncludeProtocol bool
    If true, http and https requests will be cached separately.
    IncludeQueryString bool
    If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely.
    QueryStringBlacklists List<string>
    Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.
    QueryStringWhitelists List<string>
    Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.
    IncludeHost bool
    If true requests to different hosts will be cached separately.
    IncludeHttpHeaders []string
    Allows HTTP request headers (by name) to be used in the cache key.
    IncludeNamedCookies []string
    Names of cookies to include in cache keys.
    IncludeProtocol bool
    If true, http and https requests will be cached separately.
    IncludeQueryString bool
    If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely.
    QueryStringBlacklists []string
    Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.
    QueryStringWhitelists []string
    Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.
    includeHost Boolean
    If true requests to different hosts will be cached separately.
    includeHttpHeaders List<String>
    Allows HTTP request headers (by name) to be used in the cache key.
    includeNamedCookies List<String>
    Names of cookies to include in cache keys.
    includeProtocol Boolean
    If true, http and https requests will be cached separately.
    includeQueryString Boolean
    If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely.
    queryStringBlacklists List<String>
    Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.
    queryStringWhitelists List<String>
    Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.
    includeHost boolean
    If true requests to different hosts will be cached separately.
    includeHttpHeaders string[]
    Allows HTTP request headers (by name) to be used in the cache key.
    includeNamedCookies string[]
    Names of cookies to include in cache keys.
    includeProtocol boolean
    If true, http and https requests will be cached separately.
    includeQueryString boolean
    If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely.
    queryStringBlacklists string[]
    Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.
    queryStringWhitelists string[]
    Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.
    include_host bool
    If true requests to different hosts will be cached separately.
    include_http_headers Sequence[str]
    Allows HTTP request headers (by name) to be used in the cache key.
    include_named_cookies Sequence[str]
    Names of cookies to include in cache keys.
    include_protocol bool
    If true, http and https requests will be cached separately.
    include_query_string bool
    If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely.
    query_string_blacklists Sequence[str]
    Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.
    query_string_whitelists Sequence[str]
    Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.
    includeHost Boolean
    If true requests to different hosts will be cached separately.
    includeHttpHeaders List<String>
    Allows HTTP request headers (by name) to be used in the cache key.
    includeNamedCookies List<String>
    Names of cookies to include in cache keys.
    includeProtocol Boolean
    If true, http and https requests will be cached separately.
    includeQueryString Boolean
    If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely.
    queryStringBlacklists List<String>
    Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.
    queryStringWhitelists List<String>
    Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.

    BackendServiceCdnPolicyNegativeCachingPolicy, BackendServiceCdnPolicyNegativeCachingPolicyArgs

    Code int
    The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 can be specified as values, and you cannot specify a status code more than once.
    Ttl int
    The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
    Code int
    The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 can be specified as values, and you cannot specify a status code more than once.
    Ttl int
    The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
    code Integer
    The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 can be specified as values, and you cannot specify a status code more than once.
    ttl Integer
    The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
    code number
    The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 can be specified as values, and you cannot specify a status code more than once.
    ttl number
    The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
    code int
    The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 can be specified as values, and you cannot specify a status code more than once.
    ttl int
    The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
    code Number
    The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 308, 404, 405, 410, 421, 451 and 501 can be specified as values, and you cannot specify a status code more than once.
    ttl Number
    The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.

    BackendServiceCircuitBreakers, BackendServiceCircuitBreakersArgs

    ConnectTimeout BackendServiceCircuitBreakersConnectTimeout
    The timeout for new network connections to hosts. Structure is documented below.
    MaxConnections int
    The maximum number of connections to the backend cluster. Defaults to 1024.
    MaxPendingRequests int
    The maximum number of pending requests to the backend cluster. Defaults to 1024.
    MaxRequests int
    The maximum number of parallel requests to the backend cluster. Defaults to 1024.
    MaxRequestsPerConnection int
    Maximum requests for a single backend connection. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive.
    MaxRetries int
    The maximum number of parallel retries to the backend cluster. Defaults to 3.
    ConnectTimeout BackendServiceCircuitBreakersConnectTimeout
    The timeout for new network connections to hosts. Structure is documented below.
    MaxConnections int
    The maximum number of connections to the backend cluster. Defaults to 1024.
    MaxPendingRequests int
    The maximum number of pending requests to the backend cluster. Defaults to 1024.
    MaxRequests int
    The maximum number of parallel requests to the backend cluster. Defaults to 1024.
    MaxRequestsPerConnection int
    Maximum requests for a single backend connection. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive.
    MaxRetries int
    The maximum number of parallel retries to the backend cluster. Defaults to 3.
    connectTimeout BackendServiceCircuitBreakersConnectTimeout
    The timeout for new network connections to hosts. Structure is documented below.
    maxConnections Integer
    The maximum number of connections to the backend cluster. Defaults to 1024.
    maxPendingRequests Integer
    The maximum number of pending requests to the backend cluster. Defaults to 1024.
    maxRequests Integer
    The maximum number of parallel requests to the backend cluster. Defaults to 1024.
    maxRequestsPerConnection Integer
    Maximum requests for a single backend connection. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive.
    maxRetries Integer
    The maximum number of parallel retries to the backend cluster. Defaults to 3.
    connectTimeout BackendServiceCircuitBreakersConnectTimeout
    The timeout for new network connections to hosts. Structure is documented below.
    maxConnections number
    The maximum number of connections to the backend cluster. Defaults to 1024.
    maxPendingRequests number
    The maximum number of pending requests to the backend cluster. Defaults to 1024.
    maxRequests number
    The maximum number of parallel requests to the backend cluster. Defaults to 1024.
    maxRequestsPerConnection number
    Maximum requests for a single backend connection. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive.
    maxRetries number
    The maximum number of parallel retries to the backend cluster. Defaults to 3.
    connect_timeout BackendServiceCircuitBreakersConnectTimeout
    The timeout for new network connections to hosts. Structure is documented below.
    max_connections int
    The maximum number of connections to the backend cluster. Defaults to 1024.
    max_pending_requests int
    The maximum number of pending requests to the backend cluster. Defaults to 1024.
    max_requests int
    The maximum number of parallel requests to the backend cluster. Defaults to 1024.
    max_requests_per_connection int
    Maximum requests for a single backend connection. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive.
    max_retries int
    The maximum number of parallel retries to the backend cluster. Defaults to 3.
    connectTimeout Property Map
    The timeout for new network connections to hosts. Structure is documented below.
    maxConnections Number
    The maximum number of connections to the backend cluster. Defaults to 1024.
    maxPendingRequests Number
    The maximum number of pending requests to the backend cluster. Defaults to 1024.
    maxRequests Number
    The maximum number of parallel requests to the backend cluster. Defaults to 1024.
    maxRequestsPerConnection Number
    Maximum requests for a single backend connection. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive.
    maxRetries Number
    The maximum number of parallel retries to the backend cluster. Defaults to 3.

    BackendServiceCircuitBreakersConnectTimeout, BackendServiceCircuitBreakersConnectTimeoutArgs

    Seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    Nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    Seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    Nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds Integer
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos Integer
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds number
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos number
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds Number
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos Number
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.

    BackendServiceConsistentHash, BackendServiceConsistentHashArgs

    HttpCookie BackendServiceConsistentHashHttpCookie
    Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Structure is documented below.
    HttpHeaderName string
    The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD.
    MinimumRingSize int
    The minimum number of virtual nodes to use for the hash ring. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node. Defaults to 1024.
    HttpCookie BackendServiceConsistentHashHttpCookie
    Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Structure is documented below.
    HttpHeaderName string
    The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD.
    MinimumRingSize int
    The minimum number of virtual nodes to use for the hash ring. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node. Defaults to 1024.
    httpCookie BackendServiceConsistentHashHttpCookie
    Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Structure is documented below.
    httpHeaderName String
    The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD.
    minimumRingSize Integer
    The minimum number of virtual nodes to use for the hash ring. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node. Defaults to 1024.
    httpCookie BackendServiceConsistentHashHttpCookie
    Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Structure is documented below.
    httpHeaderName string
    The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD.
    minimumRingSize number
    The minimum number of virtual nodes to use for the hash ring. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node. Defaults to 1024.
    http_cookie BackendServiceConsistentHashHttpCookie
    Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Structure is documented below.
    http_header_name str
    The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD.
    minimum_ring_size int
    The minimum number of virtual nodes to use for the hash ring. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node. Defaults to 1024.
    httpCookie Property Map
    Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Structure is documented below.
    httpHeaderName String
    The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD.
    minimumRingSize Number
    The minimum number of virtual nodes to use for the hash ring. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node. Defaults to 1024.

    BackendServiceConsistentHashHttpCookie, BackendServiceConsistentHashHttpCookieArgs

    Name string
    Name of the cookie.
    Path string
    Path to set for the cookie.
    Ttl BackendServiceConsistentHashHttpCookieTtl
    Lifetime of the cookie. Structure is documented below.
    Name string
    Name of the cookie.
    Path string
    Path to set for the cookie.
    Ttl BackendServiceConsistentHashHttpCookieTtl
    Lifetime of the cookie. Structure is documented below.
    name String
    Name of the cookie.
    path String
    Path to set for the cookie.
    ttl BackendServiceConsistentHashHttpCookieTtl
    Lifetime of the cookie. Structure is documented below.
    name string
    Name of the cookie.
    path string
    Path to set for the cookie.
    ttl BackendServiceConsistentHashHttpCookieTtl
    Lifetime of the cookie. Structure is documented below.
    name str
    Name of the cookie.
    path str
    Path to set for the cookie.
    ttl BackendServiceConsistentHashHttpCookieTtl
    Lifetime of the cookie. Structure is documented below.
    name String
    Name of the cookie.
    path String
    Path to set for the cookie.
    ttl Property Map
    Lifetime of the cookie. Structure is documented below.

    BackendServiceConsistentHashHttpCookieTtl, BackendServiceConsistentHashHttpCookieTtlArgs

    Seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    Nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    Seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    Nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds Integer
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos Integer
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds number
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos number
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds Number
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos Number
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.

    BackendServiceIap, BackendServiceIapArgs

    Enabled bool
    Whether the serving infrastructure will authenticate and authorize all incoming requests.
    Oauth2ClientId string
    OAuth2 Client ID for IAP
    Oauth2ClientSecret string
    OAuth2 Client Secret for IAP Note: This property is sensitive and will not be displayed in the plan.
    Oauth2ClientSecretSha256 string
    (Output) OAuth2 Client Secret SHA-256 for IAP Note: This property is sensitive and will not be displayed in the plan.
    Enabled bool
    Whether the serving infrastructure will authenticate and authorize all incoming requests.
    Oauth2ClientId string
    OAuth2 Client ID for IAP
    Oauth2ClientSecret string
    OAuth2 Client Secret for IAP Note: This property is sensitive and will not be displayed in the plan.
    Oauth2ClientSecretSha256 string
    (Output) OAuth2 Client Secret SHA-256 for IAP Note: This property is sensitive and will not be displayed in the plan.
    enabled Boolean
    Whether the serving infrastructure will authenticate and authorize all incoming requests.
    oauth2ClientId String
    OAuth2 Client ID for IAP
    oauth2ClientSecret String
    OAuth2 Client Secret for IAP Note: This property is sensitive and will not be displayed in the plan.
    oauth2ClientSecretSha256 String
    (Output) OAuth2 Client Secret SHA-256 for IAP Note: This property is sensitive and will not be displayed in the plan.
    enabled boolean
    Whether the serving infrastructure will authenticate and authorize all incoming requests.
    oauth2ClientId string
    OAuth2 Client ID for IAP
    oauth2ClientSecret string
    OAuth2 Client Secret for IAP Note: This property is sensitive and will not be displayed in the plan.
    oauth2ClientSecretSha256 string
    (Output) OAuth2 Client Secret SHA-256 for IAP Note: This property is sensitive and will not be displayed in the plan.
    enabled bool
    Whether the serving infrastructure will authenticate and authorize all incoming requests.
    oauth2_client_id str
    OAuth2 Client ID for IAP
    oauth2_client_secret str
    OAuth2 Client Secret for IAP Note: This property is sensitive and will not be displayed in the plan.
    oauth2_client_secret_sha256 str
    (Output) OAuth2 Client Secret SHA-256 for IAP Note: This property is sensitive and will not be displayed in the plan.
    enabled Boolean
    Whether the serving infrastructure will authenticate and authorize all incoming requests.
    oauth2ClientId String
    OAuth2 Client ID for IAP
    oauth2ClientSecret String
    OAuth2 Client Secret for IAP Note: This property is sensitive and will not be displayed in the plan.
    oauth2ClientSecretSha256 String
    (Output) OAuth2 Client Secret SHA-256 for IAP Note: This property is sensitive and will not be displayed in the plan.

    BackendServiceLocalityLbPolicy, BackendServiceLocalityLbPolicyArgs

    CustomPolicy BackendServiceLocalityLbPolicyCustomPolicy
    The configuration for a custom policy implemented by the user and deployed with the client. Structure is documented below.
    Policy BackendServiceLocalityLbPolicyPolicy
    The configuration for a built-in load balancing policy. Structure is documented below.
    CustomPolicy BackendServiceLocalityLbPolicyCustomPolicy
    The configuration for a custom policy implemented by the user and deployed with the client. Structure is documented below.
    Policy BackendServiceLocalityLbPolicyPolicy
    The configuration for a built-in load balancing policy. Structure is documented below.
    customPolicy BackendServiceLocalityLbPolicyCustomPolicy
    The configuration for a custom policy implemented by the user and deployed with the client. Structure is documented below.
    policy BackendServiceLocalityLbPolicyPolicy
    The configuration for a built-in load balancing policy. Structure is documented below.
    customPolicy BackendServiceLocalityLbPolicyCustomPolicy
    The configuration for a custom policy implemented by the user and deployed with the client. Structure is documented below.
    policy BackendServiceLocalityLbPolicyPolicy
    The configuration for a built-in load balancing policy. Structure is documented below.
    custom_policy BackendServiceLocalityLbPolicyCustomPolicy
    The configuration for a custom policy implemented by the user and deployed with the client. Structure is documented below.
    policy BackendServiceLocalityLbPolicyPolicy
    The configuration for a built-in load balancing policy. Structure is documented below.
    customPolicy Property Map
    The configuration for a custom policy implemented by the user and deployed with the client. Structure is documented below.
    policy Property Map
    The configuration for a built-in load balancing policy. Structure is documented below.

    BackendServiceLocalityLbPolicyCustomPolicy, BackendServiceLocalityLbPolicyCustomPolicyArgs

    Name string
    Identifies the custom policy. The value should match the type the custom implementation is registered with on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (e.g. myorg.CustomLbPolicy). The maximum length is 256 characters. Note that specifying the same custom policy more than once for a backend is not a valid configuration and will be rejected.
    Data string
    An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation.
    Name string
    Identifies the custom policy. The value should match the type the custom implementation is registered with on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (e.g. myorg.CustomLbPolicy). The maximum length is 256 characters. Note that specifying the same custom policy more than once for a backend is not a valid configuration and will be rejected.
    Data string
    An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation.
    name String
    Identifies the custom policy. The value should match the type the custom implementation is registered with on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (e.g. myorg.CustomLbPolicy). The maximum length is 256 characters. Note that specifying the same custom policy more than once for a backend is not a valid configuration and will be rejected.
    data String
    An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation.
    name string
    Identifies the custom policy. The value should match the type the custom implementation is registered with on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (e.g. myorg.CustomLbPolicy). The maximum length is 256 characters. Note that specifying the same custom policy more than once for a backend is not a valid configuration and will be rejected.
    data string
    An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation.
    name str
    Identifies the custom policy. The value should match the type the custom implementation is registered with on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (e.g. myorg.CustomLbPolicy). The maximum length is 256 characters. Note that specifying the same custom policy more than once for a backend is not a valid configuration and will be rejected.
    data str
    An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation.
    name String
    Identifies the custom policy. The value should match the type the custom implementation is registered with on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (e.g. myorg.CustomLbPolicy). The maximum length is 256 characters. Note that specifying the same custom policy more than once for a backend is not a valid configuration and will be rejected.
    data String
    An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation.

    BackendServiceLocalityLbPolicyPolicy, BackendServiceLocalityLbPolicyPolicyArgs

    Name string
    The name of a locality load balancer policy to be used. The value should be one of the predefined ones as supported by localityLbPolicy, although at the moment only ROUND_ROBIN is supported. This field should only be populated when the customPolicy field is not used. Note that specifying the same policy more than once for a backend is not a valid configuration and will be rejected. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV.
    Name string
    The name of a locality load balancer policy to be used. The value should be one of the predefined ones as supported by localityLbPolicy, although at the moment only ROUND_ROBIN is supported. This field should only be populated when the customPolicy field is not used. Note that specifying the same policy more than once for a backend is not a valid configuration and will be rejected. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV.
    name String
    The name of a locality load balancer policy to be used. The value should be one of the predefined ones as supported by localityLbPolicy, although at the moment only ROUND_ROBIN is supported. This field should only be populated when the customPolicy field is not used. Note that specifying the same policy more than once for a backend is not a valid configuration and will be rejected. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV.
    name string
    The name of a locality load balancer policy to be used. The value should be one of the predefined ones as supported by localityLbPolicy, although at the moment only ROUND_ROBIN is supported. This field should only be populated when the customPolicy field is not used. Note that specifying the same policy more than once for a backend is not a valid configuration and will be rejected. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV.
    name str
    The name of a locality load balancer policy to be used. The value should be one of the predefined ones as supported by localityLbPolicy, although at the moment only ROUND_ROBIN is supported. This field should only be populated when the customPolicy field is not used. Note that specifying the same policy more than once for a backend is not a valid configuration and will be rejected. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV.
    name String
    The name of a locality load balancer policy to be used. The value should be one of the predefined ones as supported by localityLbPolicy, although at the moment only ROUND_ROBIN is supported. This field should only be populated when the customPolicy field is not used. Note that specifying the same policy more than once for a backend is not a valid configuration and will be rejected. The possible values are:

    • ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order.
    • LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
    • RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
    • RANDOM: The load balancer selects a random healthy host.
    • ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
    • MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, refer to https://ai.google/research/pubs/pub44824 Possible values are: ROUND_ROBIN, LEAST_REQUEST, RING_HASH, RANDOM, ORIGINAL_DESTINATION, MAGLEV.

    BackendServiceLogConfig, BackendServiceLogConfigArgs

    Enable bool
    Whether to enable logging for the load balancer traffic served by this backend service.
    SampleRate double
    This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
    Enable bool
    Whether to enable logging for the load balancer traffic served by this backend service.
    SampleRate float64
    This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
    enable Boolean
    Whether to enable logging for the load balancer traffic served by this backend service.
    sampleRate Double
    This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
    enable boolean
    Whether to enable logging for the load balancer traffic served by this backend service.
    sampleRate number
    This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
    enable bool
    Whether to enable logging for the load balancer traffic served by this backend service.
    sample_rate float
    This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
    enable Boolean
    Whether to enable logging for the load balancer traffic served by this backend service.
    sampleRate Number
    This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.

    BackendServiceOutlierDetection, BackendServiceOutlierDetectionArgs

    BaseEjectionTime BackendServiceOutlierDetectionBaseEjectionTime
    The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s. Structure is documented below.
    ConsecutiveErrors int
    Number of errors before a host is ejected from the connection pool. When the backend host is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5.
    ConsecutiveGatewayFailure int
    The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 5.
    EnforcingConsecutiveErrors int
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    EnforcingConsecutiveGatewayFailure int
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0.
    EnforcingSuccessRate int
    The percentage chance that a host will be actually ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    Interval BackendServiceOutlierDetectionInterval
    Time interval between ejection sweep analysis. This can result in both new ejections as well as hosts being returned to service. Defaults to 10 seconds. Structure is documented below.
    MaxEjectionPercent int
    Maximum percentage of hosts in the load balancing pool for the backend service that can be ejected. Defaults to 10%.
    SuccessRateMinimumHosts int
    The number of hosts in a cluster that must have enough request volume to detect success rate outliers. If the number of hosts is less than this setting, outlier detection via success rate statistics is not performed for any host in the cluster. Defaults to 5.
    SuccessRateRequestVolume int
    The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
    SuccessRateStdevFactor int
    This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
    BaseEjectionTime BackendServiceOutlierDetectionBaseEjectionTime
    The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s. Structure is documented below.
    ConsecutiveErrors int
    Number of errors before a host is ejected from the connection pool. When the backend host is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5.
    ConsecutiveGatewayFailure int
    The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 5.
    EnforcingConsecutiveErrors int
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    EnforcingConsecutiveGatewayFailure int
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0.
    EnforcingSuccessRate int
    The percentage chance that a host will be actually ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    Interval BackendServiceOutlierDetectionInterval
    Time interval between ejection sweep analysis. This can result in both new ejections as well as hosts being returned to service. Defaults to 10 seconds. Structure is documented below.
    MaxEjectionPercent int
    Maximum percentage of hosts in the load balancing pool for the backend service that can be ejected. Defaults to 10%.
    SuccessRateMinimumHosts int
    The number of hosts in a cluster that must have enough request volume to detect success rate outliers. If the number of hosts is less than this setting, outlier detection via success rate statistics is not performed for any host in the cluster. Defaults to 5.
    SuccessRateRequestVolume int
    The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
    SuccessRateStdevFactor int
    This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
    baseEjectionTime BackendServiceOutlierDetectionBaseEjectionTime
    The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s. Structure is documented below.
    consecutiveErrors Integer
    Number of errors before a host is ejected from the connection pool. When the backend host is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5.
    consecutiveGatewayFailure Integer
    The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 5.
    enforcingConsecutiveErrors Integer
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    enforcingConsecutiveGatewayFailure Integer
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0.
    enforcingSuccessRate Integer
    The percentage chance that a host will be actually ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    interval BackendServiceOutlierDetectionInterval
    Time interval between ejection sweep analysis. This can result in both new ejections as well as hosts being returned to service. Defaults to 10 seconds. Structure is documented below.
    maxEjectionPercent Integer
    Maximum percentage of hosts in the load balancing pool for the backend service that can be ejected. Defaults to 10%.
    successRateMinimumHosts Integer
    The number of hosts in a cluster that must have enough request volume to detect success rate outliers. If the number of hosts is less than this setting, outlier detection via success rate statistics is not performed for any host in the cluster. Defaults to 5.
    successRateRequestVolume Integer
    The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
    successRateStdevFactor Integer
    This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
    baseEjectionTime BackendServiceOutlierDetectionBaseEjectionTime
    The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s. Structure is documented below.
    consecutiveErrors number
    Number of errors before a host is ejected from the connection pool. When the backend host is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5.
    consecutiveGatewayFailure number
    The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 5.
    enforcingConsecutiveErrors number
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    enforcingConsecutiveGatewayFailure number
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0.
    enforcingSuccessRate number
    The percentage chance that a host will be actually ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    interval BackendServiceOutlierDetectionInterval
    Time interval between ejection sweep analysis. This can result in both new ejections as well as hosts being returned to service. Defaults to 10 seconds. Structure is documented below.
    maxEjectionPercent number
    Maximum percentage of hosts in the load balancing pool for the backend service that can be ejected. Defaults to 10%.
    successRateMinimumHosts number
    The number of hosts in a cluster that must have enough request volume to detect success rate outliers. If the number of hosts is less than this setting, outlier detection via success rate statistics is not performed for any host in the cluster. Defaults to 5.
    successRateRequestVolume number
    The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
    successRateStdevFactor number
    This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
    base_ejection_time BackendServiceOutlierDetectionBaseEjectionTime
    The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s. Structure is documented below.
    consecutive_errors int
    Number of errors before a host is ejected from the connection pool. When the backend host is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5.
    consecutive_gateway_failure int
    The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 5.
    enforcing_consecutive_errors int
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    enforcing_consecutive_gateway_failure int
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0.
    enforcing_success_rate int
    The percentage chance that a host will be actually ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    interval BackendServiceOutlierDetectionInterval
    Time interval between ejection sweep analysis. This can result in both new ejections as well as hosts being returned to service. Defaults to 10 seconds. Structure is documented below.
    max_ejection_percent int
    Maximum percentage of hosts in the load balancing pool for the backend service that can be ejected. Defaults to 10%.
    success_rate_minimum_hosts int
    The number of hosts in a cluster that must have enough request volume to detect success rate outliers. If the number of hosts is less than this setting, outlier detection via success rate statistics is not performed for any host in the cluster. Defaults to 5.
    success_rate_request_volume int
    The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
    success_rate_stdev_factor int
    This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
    baseEjectionTime Property Map
    The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s. Structure is documented below.
    consecutiveErrors Number
    Number of errors before a host is ejected from the connection pool. When the backend host is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5.
    consecutiveGatewayFailure Number
    The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 5.
    enforcingConsecutiveErrors Number
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    enforcingConsecutiveGatewayFailure Number
    The percentage chance that a host will be actually ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0.
    enforcingSuccessRate Number
    The percentage chance that a host will be actually ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
    interval Property Map
    Time interval between ejection sweep analysis. This can result in both new ejections as well as hosts being returned to service. Defaults to 10 seconds. Structure is documented below.
    maxEjectionPercent Number
    Maximum percentage of hosts in the load balancing pool for the backend service that can be ejected. Defaults to 10%.
    successRateMinimumHosts Number
    The number of hosts in a cluster that must have enough request volume to detect success rate outliers. If the number of hosts is less than this setting, outlier detection via success rate statistics is not performed for any host in the cluster. Defaults to 5.
    successRateRequestVolume Number
    The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
    successRateStdevFactor Number
    This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.

    BackendServiceOutlierDetectionBaseEjectionTime, BackendServiceOutlierDetectionBaseEjectionTimeArgs

    Seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    Nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    Seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    Nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds Integer
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos Integer
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds number
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos number
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds Number
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos Number
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.

    BackendServiceOutlierDetectionInterval, BackendServiceOutlierDetectionIntervalArgs

    Seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    Nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    Seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    Nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds Integer
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos Integer
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds number
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos number
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds Number
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos Number
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.

    BackendServiceSecuritySettings, BackendServiceSecuritySettingsArgs

    AwsV4Authentication BackendServiceSecuritySettingsAwsV4Authentication

    The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends. Structure is documented below.

    The aws_v4_authentication block supports:

    ClientTlsPolicy string
    ClientTlsPolicy is a resource that specifies how a client should authenticate connections to backends of a service. This resource itself does not affect configuration unless it is attached to a backend service resource.
    SubjectAltNames List<string>
    A list of alternate names to verify the subject identity in the certificate. If specified, the client will verify that the server certificate's subject alt name matches one of the specified values.
    AwsV4Authentication BackendServiceSecuritySettingsAwsV4Authentication

    The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends. Structure is documented below.

    The aws_v4_authentication block supports:

    ClientTlsPolicy string
    ClientTlsPolicy is a resource that specifies how a client should authenticate connections to backends of a service. This resource itself does not affect configuration unless it is attached to a backend service resource.
    SubjectAltNames []string
    A list of alternate names to verify the subject identity in the certificate. If specified, the client will verify that the server certificate's subject alt name matches one of the specified values.
    awsV4Authentication BackendServiceSecuritySettingsAwsV4Authentication

    The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends. Structure is documented below.

    The aws_v4_authentication block supports:

    clientTlsPolicy String
    ClientTlsPolicy is a resource that specifies how a client should authenticate connections to backends of a service. This resource itself does not affect configuration unless it is attached to a backend service resource.
    subjectAltNames List<String>
    A list of alternate names to verify the subject identity in the certificate. If specified, the client will verify that the server certificate's subject alt name matches one of the specified values.
    awsV4Authentication BackendServiceSecuritySettingsAwsV4Authentication

    The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends. Structure is documented below.

    The aws_v4_authentication block supports:

    clientTlsPolicy string
    ClientTlsPolicy is a resource that specifies how a client should authenticate connections to backends of a service. This resource itself does not affect configuration unless it is attached to a backend service resource.
    subjectAltNames string[]
    A list of alternate names to verify the subject identity in the certificate. If specified, the client will verify that the server certificate's subject alt name matches one of the specified values.
    aws_v4_authentication BackendServiceSecuritySettingsAwsV4Authentication

    The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends. Structure is documented below.

    The aws_v4_authentication block supports:

    client_tls_policy str
    ClientTlsPolicy is a resource that specifies how a client should authenticate connections to backends of a service. This resource itself does not affect configuration unless it is attached to a backend service resource.
    subject_alt_names Sequence[str]
    A list of alternate names to verify the subject identity in the certificate. If specified, the client will verify that the server certificate's subject alt name matches one of the specified values.
    awsV4Authentication Property Map

    The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends. Structure is documented below.

    The aws_v4_authentication block supports:

    clientTlsPolicy String
    ClientTlsPolicy is a resource that specifies how a client should authenticate connections to backends of a service. This resource itself does not affect configuration unless it is attached to a backend service resource.
    subjectAltNames List<String>
    A list of alternate names to verify the subject identity in the certificate. If specified, the client will verify that the server certificate's subject alt name matches one of the specified values.

    BackendServiceSecuritySettingsAwsV4Authentication, BackendServiceSecuritySettingsAwsV4AuthenticationArgs

    AccessKey string
    The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request.
    AccessKeyId string
    The identifier of an access key used for s3 bucket authentication.
    AccessKeyVersion string
    The optional version identifier for the access key. You can use this to keep track of different iterations of your access key.
    OriginRegion string
    The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, "us-east-1" for AWS or "us-ashburn-1" for OCI.
    AccessKey string
    The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request.
    AccessKeyId string
    The identifier of an access key used for s3 bucket authentication.
    AccessKeyVersion string
    The optional version identifier for the access key. You can use this to keep track of different iterations of your access key.
    OriginRegion string
    The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, "us-east-1" for AWS or "us-ashburn-1" for OCI.
    accessKey String
    The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request.
    accessKeyId String
    The identifier of an access key used for s3 bucket authentication.
    accessKeyVersion String
    The optional version identifier for the access key. You can use this to keep track of different iterations of your access key.
    originRegion String
    The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, "us-east-1" for AWS or "us-ashburn-1" for OCI.
    accessKey string
    The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request.
    accessKeyId string
    The identifier of an access key used for s3 bucket authentication.
    accessKeyVersion string
    The optional version identifier for the access key. You can use this to keep track of different iterations of your access key.
    originRegion string
    The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, "us-east-1" for AWS or "us-ashburn-1" for OCI.
    access_key str
    The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request.
    access_key_id str
    The identifier of an access key used for s3 bucket authentication.
    access_key_version str
    The optional version identifier for the access key. You can use this to keep track of different iterations of your access key.
    origin_region str
    The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, "us-east-1" for AWS or "us-ashburn-1" for OCI.
    accessKey String
    The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request.
    accessKeyId String
    The identifier of an access key used for s3 bucket authentication.
    accessKeyVersion String
    The optional version identifier for the access key. You can use this to keep track of different iterations of your access key.
    originRegion String
    The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, "us-east-1" for AWS or "us-ashburn-1" for OCI.

    BackendServiceStrongSessionAffinityCookie, BackendServiceStrongSessionAffinityCookieArgs

    Name string
    Name of the cookie.
    Path string
    Path to set for the cookie.
    Ttl BackendServiceStrongSessionAffinityCookieTtl
    Lifetime of the cookie. Structure is documented below.
    Name string
    Name of the cookie.
    Path string
    Path to set for the cookie.
    Ttl BackendServiceStrongSessionAffinityCookieTtl
    Lifetime of the cookie. Structure is documented below.
    name String
    Name of the cookie.
    path String
    Path to set for the cookie.
    ttl BackendServiceStrongSessionAffinityCookieTtl
    Lifetime of the cookie. Structure is documented below.
    name string
    Name of the cookie.
    path string
    Path to set for the cookie.
    ttl BackendServiceStrongSessionAffinityCookieTtl
    Lifetime of the cookie. Structure is documented below.
    name str
    Name of the cookie.
    path str
    Path to set for the cookie.
    ttl BackendServiceStrongSessionAffinityCookieTtl
    Lifetime of the cookie. Structure is documented below.
    name String
    Name of the cookie.
    path String
    Path to set for the cookie.
    ttl Property Map
    Lifetime of the cookie. Structure is documented below.

    BackendServiceStrongSessionAffinityCookieTtl, BackendServiceStrongSessionAffinityCookieTtlArgs

    Seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    Nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    Seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    Nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds Integer
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos Integer
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds number
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos number
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds int
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos int
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.
    seconds Number
    Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive.
    nanos Number
    Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive.

    Import

    BackendService can be imported using any of these accepted formats:

    • projects/{{project}}/global/backendServices/{{name}}

    • {{project}}/{{name}}

    • {{name}}

    When using the pulumi import command, BackendService can be imported using one of the formats above. For example:

    $ pulumi import gcp:compute/backendService:BackendService default projects/{{project}}/global/backendServices/{{name}}
    
    $ pulumi import gcp:compute/backendService:BackendService default {{project}}/{{name}}
    
    $ pulumi import gcp:compute/backendService:BackendService default {{name}}
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Google Cloud (GCP) Classic pulumi/pulumi-gcp
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the google-beta Terraform Provider.
    gcp logo
    Google Cloud Classic v8.9.3 published on Monday, Nov 18, 2024 by Pulumi