InterconnectAttachment

Represents an Interconnect Attachment (VLAN) resource.

You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.

JSON representation 
{
  "kind": string,
  "description": string,
  "selfLink": string,
  "id": string,
  "creationTimestamp": string,
  "name": string,
  "interconnect": string,
  "router": string,
  "region": string,
  "googleReferenceId": string,
  "mtu": integer,
  "privateInterconnectInfo": {
    object (PrivateInfo)
  },
  "operationalStatus": enum (OperationalStatus),
  "cloudRouterIpAddress": string,
  "customerRouterIpAddress": string,
  "type": enum (Type),
  "pairingKey": string,
  "adminEnabled": boolean,
  "vlanTag8021q": integer,
  "edgeAvailabilityDomain": enum (EdgeAvailabilityDomain),
  "candidateSubnets": [
    string
  ],
  "bandwidth": enum (Bandwidth),
  "partnerMetadata": {
    object (PartnerMetadata)
  },
  "labels": {
    string: string,
    ...
  },
  "labelFingerprint": string,
  "state": enum (State),
  "partnerAsn": string,
  "encryption": enum (Encryption),
  "ipsecInternalAddresses": [
    string
  ],
  "dataplaneVersion": integer,
  "satisfiesPzs": boolean,
  "stackType": enum (StackType),
  "cloudRouterIpv6Address": string,
  "customerRouterIpv6Address": string,
  "candidateIpv6Subnets": [
    string
  ],
  "cloudRouterIpv6InterfaceId": string,
  "customerRouterIpv6InterfaceId": string,
  "subnetLength": integer,
  "remoteService": string,
  "configurationConstraints": {
    object (ConfigurationConstraints)
  },
  "attachmentGroup": string,
  "l2Forwarding": {
    object (L2Forwarding)
  },
  "params": {
    object (InterconnectAttachmentParams)
  }
}
Fields
kind

string

[Output Only] Type of the resource. Always

compute#interconnectAttachment

for interconnect attachments.
description

string

An optional description of this resource.
id

string (uint64 format)

[Output Only] The unique identifier for the resource. This identifier is defined by the server.
creationTimestamp

string

[Output Only] Creation timestamp in RFC3339 text format.
name

string

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
interconnect

string

URL of the underlying Interconnect object that this attachment's traffic will traverse through.
router

string

URL of the Cloud Router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
region

string

[Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
googleReferenceId
(deprecated)

string

[Output Only] Trusted Cloud reference ID, to be used when raising support tickets with Trusted Cloud or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
mtu

integer

Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Valid values are 1440, 1460, 1500, and 8896. If not specified, the value will default to 1440.
privateInterconnectInfo

object (PrivateInfo)

[Output Only] Information specific to an InterconnectAttachment. This property is populated if the interconnect that this is attached to is of type DEDICATED.
operationalStatus

enum (OperationalStatus)

[Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:

  • OS_ACTIVE: The attachment has been turned up and is ready to use.
  • OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
cloudRouterIpAddress

string

[Output Only] IPv4 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment.
customerRouterIpAddress

string

[Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
type

enum (Type)

The type of interconnect attachment this is, which can take one of the following values:

  • DEDICATED: an attachment to a Dedicated Interconnect.
  • PARTNER: an attachment to a Partner Interconnect, created by the customer.
  • PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
  • L2_DEDICATED: a L2 attachment to a Dedicated Interconnect.

    		•
    pairingKey

    string

    [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of a PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
    adminEnabled

    boolean

    Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
    vlanTag8021q

    integer

    The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4093. Only specified at creation time.
    edgeAvailabilityDomain

    enum (EdgeAvailabilityDomain)

    Input only. Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:

    • AVAILABILITY_DOMAIN_ANY
    • AVAILABILITY_DOMAIN_1
    • AVAILABILITY_DOMAIN_2
    For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
    candidateSubnets[]

    string

    Input only. Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Trusted Cloud will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Trusted Cloud edge. If not supplied, Trusted Cloud will randomly select an unused /29 from all of link-local space.
    bandwidth

    enum (Bandwidth)

    Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Trusted Cloud Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:

    • BPS_50M: 50 Mbit/s
    • BPS_100M: 100 Mbit/s
    • BPS_200M: 200 Mbit/s
    • BPS_300M: 300 Mbit/s
    • BPS_400M: 400 Mbit/s
    • BPS_500M: 500 Mbit/s
    • BPS_1G: 1 Gbit/s
    • BPS_2G: 2 Gbit/s
    • BPS_5G: 5 Gbit/s
    • BPS_10G: 10 Gbit/s
    • BPS_20G: 20 Gbit/s
    • BPS_50G: 50 Gbit/s
    • BPS_100G: 100 Gbit/s
    partnerMetadata

    object (PartnerMetadata)

    Informational metadata about Partner attachments from Partners to display to customers. Output only for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
    labels

    map (key: string, value: string)

    Labels for this resource. These can only be added or modified by the

    setLabels

    method. Each label key/value pair must comply with RFC1035. Label values may be empty.
    labelFingerprint

    string (bytes format)

    A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error

    412 conditionNotMet

    .

    To see the latest fingerprint, make a

    get()

    request to retrieve an InterconnectAttachment.

    A base64-encoded string.
    state

    enum (State)

    [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:

    • ACTIVE: The attachment has been turned up and is ready to use.
    • UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
    • PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
    • PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
    • PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
    • DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
    partnerAsn

    string (int64 format)

    Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
    encryption

    enum (Encryption)

    Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:

    • NONE

      • This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.

      IPSEC

      • The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use HA VPN over Cloud Interconnect, the VLAN attachment must be created with this option.
    ipsecInternalAddresses[]

    string

    A list of URLs of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
    dataplaneVersion

    integer

    [Output Only] Dataplane version for this InterconnectAttachment. This field is only present for Dataplane version 2 and higher. Absence of this field in the API output indicates that the Dataplane is version 1.
    satisfiesPzs

    boolean

    [Output Only] Reserved for future use.
    stackType

    enum (StackType)

    The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified,

    IPV4_ONLY

    will be used.

    This field can be both set at interconnect attachments creation and update interconnect attachment operations.
    cloudRouterIpv6Address

    string

    [Output Only] IPv6 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment.
    customerRouterIpv6Address

    string

    [Output Only] IPv6 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
    candidateIpv6Subnets[]

    string

    This field is not available.
    cloudRouterIpv6InterfaceId

    string

    This field is not available.
    customerRouterIpv6InterfaceId

    string

    This field is not available.
    subnetLength

    integer

    Input only. Length of the IPv4 subnet mask. Allowed values:

    • 29 (default)
    • 30

    The default value is 29, except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure remote location fall into this category. In these cases, the default value is 30, and requesting 29 returns an error.

    Where both 29 and 30 are allowed, 29 is preferred, because it gives Trusted Cloud Support more debugging visibility.
    remoteService

    string

    [Output Only] If the attachment is on a Cross-Cloud Interconnect connection, this field contains the interconnect's remote location service provider. Example values: "Amazon Web Services" "Microsoft Azure".

    The field is set only for attachments on Cross-Cloud Interconnect connections. Its value is copied from the InterconnectRemoteLocation remoteService field.
    configurationConstraints

    object (ConfigurationConstraints)

    [Output Only] Constraints for this attachment, if any. The attachment does not work if these constraints are not met.
    attachmentGroup

    string

    [Output Only] URL of the AttachmentGroup that includes this Attachment.
    l2Forwarding

    object (L2Forwarding)

    L2 Interconnect Attachment related config. This field is required if the type is L2_DEDICATED.

    The configuration specifies how VLAN tags (like dot1q, qinq, or dot1ad) within L2 packets are mapped to the destination appliances IP addresses. The packet is then encapsulated with the appliance IP address and sent to the edge appliance.
    params

    object (InterconnectAttachmentParams)

    Input only. [Input Only] Additional params passed with the request, but not persisted as part of resource payload.

    PrivateInfo

    Information for an interconnect attachment when this belongs to an interconnect of type DEDICATED.

    JSON representation 
    {
  "tag8021q": integer
}
    Fields
    tag8021q

    integer

    [Output Only] 802.1q encapsulation tag to be used for traffic between Trusted Cloud and the customer, going to and from this network and region.

    OperationalStatus

    Describe the operational status of the interconnect attachment.

    Enums
    OS_ACTIVE Indicates that attachment has been turned up and is ready to use.
    OS_UNPROVISIONED Indicates that attachment is not ready to use yet, because turnup is not complete.

    Type

    What type of interconnect attachment this is.

    Enums
    DEDICATED Attachment to a dedicated interconnect.
    PARTNER Attachment to a partner interconnect, created by the customer.
    PARTNER_PROVIDER Attachment to a partner interconnect, created by the partner.
    L2_DEDICATED Attachment to a dedicated interconnect, forwarding L2 packets.

    EdgeAvailabilityDomain

    The availability domain for the attachment. Used to create highly-reliable redundant topologies with multiple attachments.

    Enums
    AVAILABILITY_DOMAIN_ANY
    AVAILABILITY_DOMAIN_1
    AVAILABILITY_DOMAIN_2

    Bandwidth

    Available bandwidth capacities.

    Enums
    BPS_50M 50 Mbit/s
    BPS_100M 100 Mbit/s
    BPS_200M 200 Mbit/s
    BPS_300M 300 Mbit/s
    BPS_400M 400 Mbit/s
    BPS_500M 500 Mbit/s
    BPS_1G 1 Gbit/s
    BPS_2G 2 Gbit/s
    BPS_5G 5 Gbit/s
    BPS_10G 10 Gbit/s
    BPS_20G 20 Gbit/s
    BPS_50G 50 Gbit/s
    BPS_100G 100 Gbit/s

    PartnerMetadata

    Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments.

    JSON representation 
    {
  "partnerName": string,
  "interconnectName": string,
  "portalUrl": string
}
    Fields
    partnerName

    string

    Plain text name of the Partner providing this attachment. This value may be validated to match approved Partner values.
    interconnectName

    string

    Plain text name of the Interconnect this attachment is connected to, as displayed in the Partner's portal. For instance "Chicago 1". This value may be validated to match approved Partner values.
    portalUrl

    string

    URL of the Partner's portal for this Attachment. Partners may customise this to be a deep link to the specific resource on the Partner portal. This value may be validated to match approved Partner values.

    State

    Describes the state of the interconnect attachment.

    Enums
    STATE_UNSPECIFIED
    ACTIVE Indicates that attachment has been turned up and is ready to use.
    UNPROVISIONED Indicates that attachment is not ready to use yet, because turnup is not complete.
    PENDING_PARTNER A newly created PARTNER attachment that has not yet been configured on the Partner side.
    PARTNER_REQUEST_RECEIVED A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
    PENDING_CUSTOMER PARTNER or PARTNER_PROVIDER attachment that is waiting for the customer to activate.
    DEFUNCT The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was wiped out, or because the other side of a Partner attachment was deleted.

    Encryption

    Enums
    NONE This is the default value, which means the Interconnect Attachment will carry unencrypted traffic. VMs will be able to send traffic to or receive traffic from such interconnect attachment.
    IPSEC The interconnect attachment will carry only encrypted traffic that is encrypted by an IPsec device such as HA VPN gateway; VMs cannot directly send traffic to or receive traffic from such an interconnect attachment. To use HA VPN over Cloud Interconnect, the interconnect attachment must be created with this option.

    StackType

    Enums
    IPV4_ONLY The interconnect attachment will only be assigned IPv4 addresses.
    IPV4_IPV6 The interconnect attachment can have both IPv4 and IPv6 addresses.

    L2Forwarding

    L2 Interconnect Attachment related configuration.

    JSON representation 
    {
  "applianceMappings": {
    string: {
      object (ApplianceMapping)
    },
    ...
  },
  "network": string,
  "geneveHeader": {
    object (GeneveHeader)
  },
  "defaultApplianceIpAddress": string,
  "tunnelEndpointIpAddress": string
}
    Fields
    applianceMappings

    map (key: string, value: object (ApplianceMapping))

    Optional. A map of VLAN tags to appliances and optional inner mapping rules. If VLANs are not explicitly mapped to any appliance, the defaultApplianceIpAddress is used.

    Each VLAN tag can be a single number or a range of numbers in the range of 1 to 4094, e.g., "1" or "4001-4094". Non-empty and non-overlapping VLAN tag ranges are enforced, and violating operations will be rejected.

    The VLAN tags in the Ethernet header must use an ethertype value of 0x88A8 or 0x8100.
    network

    string

    Required. Resource URL of the network to which this attachment belongs.
    geneveHeader

    object (GeneveHeader)

    Optional. It represents the structure of a Geneve (Generic Network Virtualization Encapsulation) header, as defined in RFC8926. It encapsulates packets from various protocols (e.g., Ethernet, IPv4, IPv6) for use in network virtualization environments.
    defaultApplianceIpAddress

    string

    Optional. A single IPv4 or IPv6 address used as the default destination IP when there is no VLAN mapping result found.

    Unset field (null-value) indicates the unmatched packet should be dropped.
    tunnelEndpointIpAddress

    string

    Required. A single IPv4 or IPv6 address. This address will be used as the source IP address for packets sent to the appliances, and must be used as the destination IP address for packets that should be sent out through this attachment.

    ApplianceMapping

    Two-level VLAN-to-Appliance mapping rule.

    JSON representation 
    {
  "name": string,
  "applianceIpAddress": string,
  "innerVlanToApplianceMappings": [
    {
      object (InnerVlanToApplianceMapping)
    }
  ]
}
    Fields
    name

    string

    Optional. The name of this appliance mapping rule.
    applianceIpAddress

    string

    Optional. A single IPv4 or IPv6 address used as the destination IP address for ingress packets that match on a VLAN tag, but do not match a more specific inner VLAN tag.

    Unset field (null-value) indicates both VLAN tags are required to be mapped. Otherwise, defaultApplianceIpAddress is used.
    innerVlanToApplianceMappings[]

    object (InnerVlanToApplianceMapping)

    Optional. Used to match against the inner VLAN when the packet contains two VLAN tags.

    A list of mapping rules from inner VLAN tags to IP addresses. If the inner VLAN is not explicitly mapped to an IP address range, the applianceIpAddress is used.

    InnerVlanToApplianceMapping

    The inner VLAN-to-Appliance mapping.

    JSON representation 
    {
  "innerVlanTags": [
    string
  ],
  "innerApplianceIpAddress": string
}
    Fields
    innerVlanTags[]

    string

    Required in this object. Used to match the inner VLAN tag on the packet. Each entry can be a single number or a range of numbers in the range of 1 to 4094, e.g., ["1", "4001-4094"] is valid. Non-empty and Non-overlapping VLAN tag ranges are enforced, and violating operations will be rejected.

    The inner VLAN tags must have an ethertype value of 0x8100.
    innerApplianceIpAddress

    string

    Required in this object. A single IPv4 or IPv6 address used as the destination IP address for ingress packets that match on both VLAN tags.

    GeneveHeader

    GeneveHeader related configurations.

    JSON representation 
    {
  "vni": integer
}
    Fields
    vni

    integer (uint32 format)

    Optional. VNI is a 24-bit unique virtual network identifier, from 0 to 16,777,215.

    InterconnectAttachmentParams

    Additional interconnect attachment parameters.

    JSON representation 
    {
  "resourceManagerTags": {
    string: string,
    ...
  }
}
    Fields
    resourceManagerTags

    map (key: string, value: string)

    Tag keys/values directly bound to this resource. Tag keys and values have the same definition as resource manager tags. The field is allowed for INSERT only. The keys/values to set on the resource should be specified in either ID { : } or Namespaced format { : }. For example the following are valid inputs: * {"tagKeys/333" : "tagValues/444", "tagKeys/123" : "tagValues/456"} * {"123/environment" : "production", "345/abc" : "xyz"} Note: * Invalid combinations of ID & namespaced format is not supported. For instance: {"123/environment" : "tagValues/444"} is invalid. * Inconsistent format is not supported. For instance: {"tagKeys/333" : "tagValues/444", "123/env" : "prod"} is invalid.