GCP Compute Vpn Tunnel
A Google Cloud VPN Tunnel represents a single IPsec tunnel that carries encrypted traffic between a GCP VPN gateway and a peer gateway (either another GCP gateway or an external device). It contains the parameters that define the Phase 1/Phase 2 negotiation, the peer public IP, and, for HA VPN, the BGP session that is bound to a Cloud Router. See the official documentation for full details: https://cloud.google.com/compute/docs/reference/rest/v1/vpnTunnels
Terraform Mappings:
google_compute_vpn_tunnel.name
Supported Methodsβ
GET: Get a gcp-compute-vpn-tunnel by its "name"LIST: List all gcp-compute-vpn-tunnelSEARCH
Possible Linksβ
gcp-compute-external-vpn-gatewayβ
A VPN tunnel that connects an HA VPN gateway to an on-premises or third-party peer will reference a gcp-compute-external-vpn-gateway resource via its peer_external_gateway field. Overmind therefore links the tunnel to the external gateway that represents the remote endpoint.
gcp-compute-vpn-gatewayβ
Every VPN tunnel terminates on a Google-managed VPN gateway (Classic or HA). The tunnelβs vpn_gateway / target_vpn_gateway attribute points to this gcp-compute-vpn-gateway resource, so Overmind records a dependency between them.
gcp-compute-routerβ
When the tunnel is part of an HA VPN deployment, dynamic routing is provided by BGP sessions on a Cloud Router. The tunnelβs router field identifies the gcp-compute-router that advertises and learns routes, making the two resources intrinsically linked.
ipβ
The peer_ip and local_traffic_selector / remote_traffic_selector properties of a VPN tunnel include public IP addresses and CIDR ranges. Overmind surfaces these as ip resources so that users can trace which addresses are exposed or referenced by the tunnel.