Skip to content

Commit

Permalink
feat(networksecurity): Add examples for creating consumer and produce…
Browse files Browse the repository at this point in the history
…r mirroring (#798)

* feat(networksecurity): Add examples for creating consumer and producer mirroring

* Enable networksecurity API

* Add codeowners for network security's mirroring samples

* Use default as Terraform resource names where possible

* Rename association resource to default

* Fix tab discrepancy in CODEOWNERS file

---------

Co-authored-by: Katie McLaughlin <[email protected]>
Co-authored-by: Jennifer Davis <[email protected]>
  • Loading branch information
3 people authored Jan 19, 2025
1 parent 4cee286 commit 48fd8a0
Show file tree
Hide file tree
Showing 2 changed files with 128 additions and 0 deletions.
51 changes: 51 additions & 0 deletions network_security/mirroring/basic/consumer/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
/**
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

# [START networksecurity_mirroring_basic_consumer]
resource "google_compute_network" "producer_network" {
provider = google-beta
name = "producer-network"
auto_create_subnetworks = false
}

resource "google_compute_network" "consumer_network" {
provider = google-beta
name = "consumer-network"
auto_create_subnetworks = false
}

resource "google_network_security_mirroring_deployment_group" "default" {
provider = google-beta
mirroring_deployment_group_id = "mirroring-deployment-group"
location = "global"
network = google_compute_network.producer_network.id
}

resource "google_network_security_mirroring_endpoint_group" "default" {
provider = google-beta
mirroring_endpoint_group_id = "mirroring-endpoint-group"
location = "global"
mirroring_deployment_group = google_network_security_mirroring_deployment_group.default.id
}

resource "google_network_security_mirroring_endpoint_group_association" "default" {
provider = google-beta
mirroring_endpoint_group_association_id = "mirroring-endpoint-group-association"
location = "global"
network = google_compute_network.consumer_network.id
mirroring_endpoint_group = google_network_security_mirroring_endpoint_group.default.id
}
# [END networksecurity_mirroring_basic_consumer]
77 changes: 77 additions & 0 deletions network_security/mirroring/basic/producer/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
/**
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

# [START networksecurity_mirroring_basic_producer]
resource "google_compute_network" "default" {
provider = google-beta
name = "producer-network"
auto_create_subnetworks = false
}

resource "google_compute_subnetwork" "default" {
provider = google-beta
name = "producer-subnet"
region = "us-central1"
ip_cidr_range = "10.1.0.0/16"
network = google_compute_network.default.name
}

resource "google_compute_region_health_check" "default" {
provider = google-beta
name = "deploymnet-hc"
region = "us-central1"
http_health_check {
port = 80
}
}

resource "google_compute_region_backend_service" "default" {
provider = google-beta
name = "deployment-svc"
region = "us-central1"
health_checks = [google_compute_region_health_check.default.id]
protocol = "UDP"
load_balancing_scheme = "INTERNAL"
}

resource "google_compute_forwarding_rule" "default" {
provider = google-beta
name = "deployment-fr"
region = "us-central1"
network = google_compute_network.default.name
subnetwork = google_compute_subnetwork.default.name
backend_service = google_compute_region_backend_service.default.id
load_balancing_scheme = "INTERNAL"
ports = [6081]
ip_protocol = "UDP"
is_mirroring_collector = true
}

resource "google_network_security_mirroring_deployment_group" "default" {
provider = google-beta
mirroring_deployment_group_id = "mirroring-deployment-group"
location = "global"
network = google_compute_network.default.id
}

resource "google_network_security_mirroring_deployment" "default" {
provider = google-beta
mirroring_deployment_id = "mirroring-deployment"
location = "us-central1-a"
forwarding_rule = google_compute_forwarding_rule.default.id
mirroring_deployment_group = google_network_security_mirroring_deployment_group.default.id
}
# [END networksecurity_mirroring_basic_producer]

0 comments on commit 48fd8a0

Please sign in to comment.