L3 default support for Network Load Balancer

mmv1/products/compute/api.yaml

@@ -2654,6 +2654,7 @@ objects:
           - :TCP
           - :UDP
           - :GRPC
+          - :UNSPECIFIED
       - !ruby/object:Api::Type::Enum
         name: 'sessionAffinity'
         description: |
@@ -3697,6 +3698,7 @@ objects:
           - :AH
           - :SCTP
           - :ICMP
+          - :L3_DEFAULT
       # This is a multi-resource resource reference (BackendService (global), RegionBackendService)
       # We have custom expands that manage this.
       - !ruby/object:Api::Type::ResourceRef
@@ -3770,15 +3772,18 @@ objects:
         name: 'ports'
         max_size: 5
         description: |
-          This field is used along with the backend_service field for internal
-          load balancing.
+          This field is used along with internal load balancing and network
+          load balancer when the forwarding rule references a backend service
+          and when protocol is not L3_DEFAULT.
 
-          When the load balancing scheme is INTERNAL, a single port or a comma
-          separated list of ports can be configured. Only packets addressed to
-          these ports will be forwarded to the backends configured with this
-          forwarding rule.
+          A single port or a comma separated list of ports can be configured.
+          Only packets addressed to these ports will be forwarded to the backends
+          configured with this forwarding rule.
 
-          You may specify a maximum of up to 5 ports.
+          You can only use one of ports and portRange, or allPorts.
+          The three are mutually exclusive.
+
+          You may specify a maximum of up to 5 ports, which can be non-contiguous.
         item_type: Api::Type::String
       - !ruby/object:Api::Type::ResourceRef
         name: 'subnetwork'
@@ -3832,11 +3837,13 @@ objects:
       - !ruby/object:Api::Type::Boolean
         name: 'allPorts'
         description: |
-          For internal TCP/UDP load balancing (i.e. load balancing scheme is
-          INTERNAL and protocol is TCP/UDP), set this to true to allow packets
-          addressed to any ports to be forwarded to the backends configured
-          with this forwarding rule. Used with backend service. Cannot be set
-          if port or portRange are set.
+          This field can be used with internal load balancer or network load balancer
+          when the forwarding rule references a backend service, or with the target
+          field when it references a TargetInstance. Set this to true to
+          allow packets addressed to any ports to be forwarded to the backends configured
+          with this forwarding rule. This can be used when the protocol is TCP/UDP, and it
+          must be set to true when the protocol is set to L3_DEFAULT.
+          Cannot be set if port or portRange are set.
       - !ruby/object:Api::Type::Enum
         name: 'networkTier'
         description: |

mmv1/products/compute/terraform.yaml

@@ -723,6 +723,14 @@ overrides: !ruby/object:Overrides::ResourceOverrides
         vars:
           forwarding_rule_name: "website-forwarding-rule"
           target_pool_name: "website-target-pool"
+      - !ruby/object:Provider::Terraform::Examples
+        name: "forwarding_rule_l3_default"
+        primary_resource_id: "fwd_rule"
+        vars:
+          forwarding_rule_name: "l3-forwarding-rule"
+          service_name: "service"
+          health_check_name: "health-check"
+        min_version: beta
       - !ruby/object:Provider::Terraform::Examples
         name: "forwarding_rule_internallb"
         primary_resource_id: "default"

mmv1/templates/terraform/examples/forwarding_rule_l3_default.tf.erb

@@ -0,0 +1,26 @@
+resource "google_compute_forwarding_rule" "<%= ctx[:primary_resource_id] %>" {
+  provider        = google-beta
+  name            = "<%= ctx[:vars]['forwarding_rule_name'] %>"
+  backend_service = google_compute_region_backend_service.service.id
+  ip_protocol     = "L3_DEFAULT"
+  all_ports       = true
+}
+
+resource "google_compute_region_backend_service" "service" {
+  provider              = google-beta
+  region                = "us-central1"
+  name                  = "<%= ctx[:vars]['service_name'] %>"
+  health_checks         = [google_compute_region_health_check.health_check.id]
+  protocol              = "UNSPECIFIED"
+  load_balancing_scheme = "EXTERNAL"
+}
+
+resource "google_compute_region_health_check" "health_check" {
+  provider           = google-beta
+  name               = "<%= ctx[:vars]['health_check_name'] %>"
+  region             = "us-central1"
+
+  tcp_health_check {
+    port = 80
+  }
+}