Configure a Cloud Run service with a static IP address
Stay organized with collections
Save and categorize content based on your preferences.
Use Terraform to create the networking setup and configurations to allocate a static IP to a Cloud Run service
Code sample
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],[],[],[],null,["# Configure a Cloud Run service with a static IP address\n\nUse Terraform to create the networking setup and configurations to allocate a static IP to a Cloud Run service\n\nCode sample\n-----------\n\n### Terraform\n\n\nTo learn how to apply or remove a Terraform configuration, see\n[Basic Terraform commands](/docs/terraform/basic-commands).\n\n\nFor more information, see the\n[Terraform provider reference documentation](https://registry.terraform.io/providers/hashicorp/google/latest/docs).\n\n resource \"google_project_service\" \"compute_engine_api\" {\n service = \"compute.googleapis.com\"\n disable_on_destroy = false\n }\n\n # Enable Cloud Run API\n resource \"google_project_service\" \"cloudrun_api\" {\n service = \"run.googleapis.com\"\n disable_on_destroy = false\n }\n\n # Example of setting up a Cloud Run service with a static outbound IP\n resource \"google_compute_network\" \"default\" {\n name = \"cr-static-ip-network\"\n }\n\n resource \"google_compute_subnetwork\" \"default\" {\n name = \"cr-static-ip\"\n ip_cidr_range = \"10.124.0.0/28\"\n network = google_compute_network.default.id\n region = \"us-central1\"\n }\n\n resource \"google_project_service\" \"vpc\" {\n service = \"vpcaccess.googleapis.com\"\n disable_on_destroy = false\n }\n\n resource \"google_vpc_access_connector\" \"default\" {\n name = \"cr-conn\"\n region = \"us-central1\"\n min_instances = 2\n max_instances = 3\n\n subnet {\n name = google_compute_subnetwork.default.name\n }\n\n # Wait for VPC API enablement\n # before creating this resource\n depends_on = [\n google_project_service.vpc\n ]\n }\n\n resource \"google_compute_router\" \"default\" {\n name = \"cr-static-ip-router\"\n network = google_compute_network.default.name\n region = google_compute_subnetwork.default.region\n }\n\n resource \"google_compute_address\" \"default\" {\n name = \"cr-static-ip-addr\"\n region = google_compute_subnetwork.default.region\n }\n\n resource \"google_compute_router_nat\" \"default\" {\n name = \"cr-static-nat\"\n router = google_compute_router.default.name\n region = google_compute_subnetwork.default.region\n\n nat_ip_allocate_option = \"MANUAL_ONLY\"\n nat_ips = [google_compute_address.default.self_link]\n\n source_subnetwork_ip_ranges_to_nat = \"LIST_OF_SUBNETWORKS\"\n subnetwork {\n name = google_compute_subnetwork.default.id\n source_ip_ranges_to_nat = [\"ALL_IP_RANGES\"]\n }\n }\n\n resource \"google_cloud_run_v2_service\" \"default\" {\n name = \"cr-static-ip-service\"\n location = google_compute_subnetwork.default.region\n\n deletion_protection = false # set to \"true\" in production\n\n template {\n containers {\n # Replace with the URL of your container\n # gcr.io/\u003cYOUR_GCP_PROJECT_ID\u003e/\u003cYOUR_CONTAINER_NAME\u003e\n image = \"us-docker.pkg.dev/cloudrun/container/hello\"\n }\n scaling {\n max_instance_count = 5\n }\n vpc_access {\n connector = google_vpc_access_connector.default.id\n egress = \"ALL_TRAFFIC\"\n }\n }\n ingress = \"INGRESS_TRAFFIC_ALL\"\n\n # Used in sample testing. These fields may change in 'terraform plan' output, which is expected and thus non-blocking.\n lifecycle {\n ignore_changes = [\n ingress, template[0].vpc_access\n ]\n }\n }\n\nWhat's next\n-----------\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=cloudrun)."]]
