GCP Compute Vpn Tunnel
A Google Cloud VPN Tunnel represents a single IPsec tunnel that carries encrypted traffic between a GCP VPN gateway and a peer gateway (either another GCP gateway or an external device). It contains the parameters that define the Phase 1/Phase 2 negotiation, the peer public IP, and, for HA VPN, the BGP session that is bound to a Cloud Router. See the official documentation for full details: https://cloud.google.com/compute/docs/reference/rest/v1/vpnTunnels
Terraform Mappings:
google_compute_vpn_tunnel.name
Supported Methodsโ
GET: Get a gcp-compute-vpn-tunnel by its "name"LIST: List all gcp-compute-vpn-tunnelSEARCH
Possible Linksโ
gcp-compute-external-vpn-gatewayโ
A VPN tunnel that connects an HA VPN gateway to an on-premises or third-party peer will reference a gcp-compute-external-vpn-gateway resource via its peer_external_gateway field. Overmind therefore links the tunnel to the external gateway that represents the remote endpoint.
gcp-compute-vpn-gatewayโ
Every VPN tunnel terminates on a Google-managed VPN gateway (Classic or HA). The tunnelโs vpn_gateway / target_vpn_gateway attribute points to this gcp-compute-vpn-gateway resource, so Overmind records a dependency between them.
gcp-compute-routerโ
When the tunnel is part of an HA VPN deployment, dynamic routing is provided by BGP sessions on a Cloud Router. The tunnelโs router field identifies the gcp-compute-router that advertises and learns routes, making the two resources intrinsically linked.
ipโ
The peer_ip and local_traffic_selector / remote_traffic_selector properties of a VPN tunnel include public IP addresses and CIDR ranges. Overmind surfaces these as ip resources so that users can trace which addresses are exposed or referenced by the tunnel.