Reserve a static external IP address
You can reserve static external IP addresses. You can also list and release your reserved static external IP addresses. To assign a static external IP address to a virtual machine (VM) instance, see Configure static external IP addresses.
External IP addresses can be static or ephemeral. If a VM requires a fixed external IP address that does not change, you can obtain a static external IP address. You can reserve new external IP addresses or promote existing ephemeral external IP addresses.
If you require a static internal IP address, see Reserve a static internal IP address instead.
Before you begin
- Read about IP addresses.
- Read about quotas and limits for static external IP addresses.
- Read about external IP address pricing.
- If you haven't already, set up authentication.
Authentication is the process by which your identity
is verified for access to Google Cloud services and APIs. To run code or
samples from a local development environment, you can authenticate as follows.
Select the tab for how you plan to use the samples on this page:
Console
When you use the Google Cloud console to access Google Cloud services and APIs, you don't need to set up authentication.
gcloud
Install the Google Cloud CLI, then initialize it by running the following command:
gcloud init
Terraform
To use the Terraform samples on this page in a local development environment, install and initialize the gcloud CLI, and then set up Application Default Credentials with your user credentials.
- Install the Google Cloud CLI.
-
To initialize the gcloud CLI, run the following command:
gcloud init
-
If you're using a local shell, then create local authentication credentials for your user account:
gcloud auth application-default login
You don't need to do this if you're using Cloud Shell.
For more information, see Set up ADC for a local development environment in the Google Cloud authentication documentation.
REST
To use the REST API samples on this page in a local development environment, you use the credentials you provide to the gcloud CLI.
Install the Google Cloud CLI, then initialize it by running the following command:
gcloud init
For more information, see Authenticate for using REST in the Google Cloud authentication documentation.
Required roles
To get the permissions that you need to reserve and manage static IP addresses,
ask your administrator to grant you the
Compute Network Admin (roles/compute.networkAdmin
) IAM role on your project.
For more information about granting roles, see Manage access to projects, folders, and organizations.
This predefined role contains the permissions required to reserve and manage static IP addresses. To see the exact permissions that are required, expand the Required permissions section:
Required permissions
The following permissions are required to reserve and manage static IP addresses:
-
compute.addresses.create
-
compute.addresses.createInternal
-
compute.networks.list
-
compute.subnetworks.use
-
compute.subnetworks.list
You might also be able to get these permissions with custom roles or other predefined roles.
About static external IP addresses
A static external IP address is the IP address that is reserved for your resource until you decide to release it. If you have an IP address that your customers or users rely on to access your service, you can reserve that IP address so that only your resource can use it. You can also promote an ephemeral external IP address to a static external IP address.
For more information, see IP addresses.
The following table lists the static external IP addresses supported by Google Cloud.
IP address type | Resource | IP range | Source | Associated with |
---|---|---|---|---|
Regional external IPv4 addresses | VMs and regional load balancers | /32 |
Google's pool of external IP addresses | Project |
Regional external IPv6 addresses | VMs and supported regional load balancers | /96 |
Subnet's external IPv6 address range | Subnet |
Global external IPv4 addresses | Global load balancers | /32 |
Google's pool of external IP addresses | Project |
Global external IPv6 addresses | Global load balancers | /64 |
Google's pool of external IP addresses | Project |
For a list of regional and global load balancers, see the Summary of load balancer types.
Assigned external IP addresses exist on the same physical host as the VM and exist in the same region as the VM for all purposes, including routing, latency, and pricing. This is true regardless of internet geolocation lookup information.
Limitations
Only one resource at a time can use a static external IP address.
There is no way to check whether an IP address is static or ephemeral after it has been assigned to a resource. You can compare the IP address against the list of static external IP addresses reserved to that project. Use the
gcloud compute addresses list
sub-command to see a list of static external IP addresses available to the project.Each VM can have multiple network interfaces, and each interface can have the following IP addresses assigned according to its stack type:
- IPv4-only interfaces:
- An internal IPv4 address (required)
- An external IPv4 address (optional)
- Dual-stack (IPv4 and IPv6) interfaces:
- An internal IPv4 address (required)
- An external IPv4 address (optional)
- A
/96
IPv6 address range, either internal or external, but not both (required)
- IPv6-only interfaces (Preview):
- A
/96
IPv6 address range, either internal or external, but not both (required)
- A
- IPv4-only interfaces:
You can't unassign or change the external IPv6 address of a VM with an IPv6-only network interface. You can, however, promote an ephemeral external IP address of a resource to a static external IP address so that the address remains reserved even after the resource is deleted.
You cannot change the name of a static IP address.
Note: Network interfaces can receive traffic from
multiple
forwarding rules, which might serve other external IP addresses. Any
number of external IP addresses can reference a network interface through
these forwarding rules, but each network interface can be assigned only one
external IPv4 address and one external /96
IPv6 address range.
For more information about load balancing and forwarding rules, read the load balancing documentation.
Reserve a new static external IP address
After reserving the address, assign it to a new VM while creating it or to an existing VM.
Console
- In the Google Cloud console, go to the IP addresses page.
- Click Reserve external static IP address.
- In the Name field, enter an IP address name.
- Specify whether the network service tier is Premium or Standard. IPv6 static address reservation is supported only in the Premium tier.
- Specify whether it is an IPv4 or IPv6 address.
- Specify whether this IP address is Regional or Global.
- If you are reserving a static IP address for a global load balancer, choose Global and then click Reserve.
- If you are reserving a static IP address for a VM or for a regional load balancer, choose Regional, and then select the region to create the address in.
If you are reserving a regional external IPv6 address, then also choose the following:
- Network: the VPC network
- Subnetwork: the subnet from which to assign the static regional IPv6 address
- Endpoint type: choose VM instance or Network Load Balancer
Optional: If you are reserving the static external IP address for a VM, then in the Attached to list, select a VM to attach the IP address to.
Click Reserve to reserve the IP address.
gcloud
To reserve a static external IP address, use the
gcloud compute addresses create
command.
Use the following instructions to reserve a static external IPv4 or IPv6 address:
Global IP address
To reserve a global IP address:gcloud compute addresses create ADDRESS_NAME \ --global \ --ip-version [IPV4 | IPV6]
Regional external IPv4 address
To reserve a regional external IPv4 address:gcloud compute addresses create ADDRESS_NAME \ --region=REGION
Regional external IPv6 address
To reserve a regional external IPv6 address:gcloud compute addresses create ADDRESS_NAME \ --region=REGION \ --subnet=SUBNET_NAME \ --ip-version=IPV6 \ --endpoint-type=[VM | NETLB]
Replace the following:
ADDRESS_NAME
: the name that you want to associate with this address.REGION
: for regional external IP addresses, specify the region where you want to reserve this address. This region should be the same region as the resource that you want to attach the IP address to.SUBNET_NAME
: for regional external IPv6 addresses, specify the subnet to assign the static regional IPv6 address from. The subnet must have an assigned external IPv6 address range.[IPV4 | IPV6]
: for global IP addresses, specify the IP version, either IPv4 or IPv6. For regional external IPv6 addresses, specify IPv6. A/96
IPv6 range is assigned from the specified subnet.VM | NETLB
: for regional external IPv6 addresses, specify the endpoint type; whether it's a VM or a network load balancer.
To view the result, use the
gcloud compute addresses describe
command:
gcloud compute addresses describe ADDRESS_NAME
Terraform
You can use the
google_compute_address
resource
to create a regional external IP address.
The following sample shows how to use the
google_compute_global_address
resource
to create a global external IPv6 address:
API
To create a regional IPv4 address, call the regional
addresses.insert
method:POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/addresses
Your request body should contain the following:
{ "name": "ADDRESS_NAME" }
Replace the following:
PROJECT_ID
: the project ID for this requestREGION
: the name of the region for this requestADDRESS_NAME
: the name that you want to associate with the address
For global static IPv4 addresses, call the
globalAddresses.insert
method:POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/addresses
Your request body should contain the following:
{ "name": "ADDRESS_NAME" }
For global static IPv6 addresses, call the
globalAddresses.insert
method:POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/addresses
Your request body should contain the following:
{ "name": "ADDRESS_NAME", "ipVersion": "IPV6" }
To see the result, use the
addresses.get
method.For regional static IPv6 addresses, call the
addresses.insert
method:POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/addresses
Your request body should contain the following:
{ "name": "ADDRESS_NAME", "ipVersion": "IPV6", "ipv6EndpointType": "VM|LB", "networkTier": "PREMIUM", "subnetwork": "SUBNET" }
Replace
SUBNET
with the subnet for this project.To see the result, use the
addresses.get
method.
Go
Java
Python
Promote an ephemeral external IP address
If your VM has an ephemeral external IP address and you want to permanently assign the IP address to your project, promote the ephemeral external IP address to a static external IP address. Promoting an ephemeral external IP address to reserved does not cause Google Cloud to drop packets sent to the VM. This includes packets sent to the VM directly or by means of a load balancer.
Console
- Go to the IP addresses page.
- Click External IP addresses.
- Optional: In the Filter field, search for the ephemeral IP address that you want to promote.
- In the More actions menu ( ) of the IP address that you want to promote, select Promote to static IP address.
- Enter a name for the new static IP address, and then click Reserve.
gcloud
Use the following instructions to promote a static external IPv4 or IPv6 address:
To promote an ephemeral external IPv4 address to a static external IPv4 address, provide the ephemeral external IP address by using the
--addresses
flag with thecompute addresses create
command. Use theregion
flag to promote an ephemeral regional IP address or theglobal
flag to promote an ephemeral global IP address.gcloud compute addresses create ADDRESS_NAME --addresses=IP_ADDRESS \ [--region=REGION | --global]
Replace the following:
ADDRESS_NAME
: the name that you want to associate with this address.IP_ADDRESS
: the IP address that you want to promote.REGION
: the region that the regional IP address belongs to.
To promote an ephemeral regional external IPv6 address to a static regional external IPv6 address, provide the ephemeral external IP address by using the
--addresses
flag with thegcloud compute addresses create
command.gcloud compute addresses create ADDRESS_NAME \ --region=REGION \ --addresses=IPV6_ADDRESS \ --prefix-length=96
Replace the following:
ADDRESS_NAME
: a name for the IP address resource.REGION
: the region for the IPv6 address resource.IPV6_ADDRESS
: the IPv6 address that you're promoting.
API
To promote an ephemeral regional IP address, call the
addresses.insert
method:
POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/addresses
To promote an ephemeral global IP address, make a POST
request to the
following URI:
POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/addresses
Specify the values for the required fields of the request body:
For IPv4 addresses, your request body should contain the following fields:
{ "name": "ADDRESS_NAME", "address": "IPV4_ADDRESS" "addressType": "EXTERNAL" }
For IPv6 addresses, your request body should contain the following fields:
{ "name": "ADDRESS_NAME", "address": "IPV6_ADDRESS" "prefixLength": 96 "addressType": "EXTERNAL" }
Replace the following:
ADDRESS_NAME
: the name that you want to associate with this addressIPV4_ADDRESS|IPV6_ADDRESS
: the IPv4 or IPv6 address that you want to promoteREGION
: the region that the IPv4 or IPv6 address belongs toPROJECT_ID
: the project ID for this request
Go
Java
Python
The external IP address remains attached to the VM even after it has been promoted to a static external IP address. If you need to assign the newly promoted static external IP address to another resource, unassign the static external IP address from the existing VM.
List static external IP addresses
To list static external IP addresses that you have reserved for your project, follow these steps.
Console
In the Google Cloud console, go to the IP addresses page.
Click External IP addresses.
gcloud
Use the gcloud compute addresses list
command:
To list all IP addresses, use the following command:
gcloud compute addresses list
To list all global IP addresses, use the following command:
gcloud compute addresses list --global
To list all regional IP addresses in a given region, use the following command:
gcloud compute addresses list \ --regions=REGION
Replace
REGION
with the region that you want to list addresses for. You can list addresses of multiple regions by specifying comma-separated region names:gcloud compute addresses list \ --regions=REGION1,REGION2,..REGION_n_
API
To list regional IPv4 or IPv6 addresses, call the
addresses.list
method:GET https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/addresses
Replace the following:
PROJECT_ID
: the project ID for this requestREGION
: the name of the region for this request
To list all addresses in all regions, call the
addresses.aggregatedList
method:GET https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/aggregated/addresses
To list global IPv4 or IPv6 addresses, call the
globalAddresses.list
method:GET https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/addresses
Replace the following:
PROJECT_ID
: the project ID for this request
Go
Java
Python
Describe a static external IP address
To get information about a static external IP address, follow these steps.
Console
In the Google Cloud console, go to the IP addresses page.
Click External IP addresses.
Click the IP address that you want to get more information about.
gcloud
Use the gcloud compute addresses describe
command.
Replace ADDRESS_NAME
with the name of
the external IP address that you want to describe.
For a global IPv4 or IPv6 address, use the following command:
gcloud compute addresses describe ADDRESS_NAME --global
For a regional IPv4 or IPv6 address, use the following command:
gcloud compute addresses describe ADDRESS_NAME --region=REGION
API
To describe a regional IPv4 or IPv6 address, call the
addresses.get
method:GET https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/addresses/ADDRESS_NAME
Replace the following:
PROJECT_ID
: the project ID for the requestREGION
: the name of the region for the requestADDRESS_NAME
: the name of the IP address
To describe a global IPv4 or IPv6 address, call the
globalAddresses.get
method:GET https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/addresses/ADDRESS_NAME
Replace the following:
PROJECT_ID
: the project ID for the requestADDRESS_NAME
: the name of the IP address
Go
Java
Python
Release a static external IP address
If you no longer need a static external IPv4 or IPv6 address, you can release the IP address by deleting the IP address resource.
If you are using the Google Cloud console, you can release a static IP address only if it is not being used by another resource.
If you're using the gcloud CLI or API, you can release an IP address whether or not it's being used by another resource.
If the IP address is not being used by a resource, the IP address is returned to the pool of available external IP addresses.
If the IP address is being used by a resource, it remains attached to the resource until the resource is deleted.
Console
In the Google Cloud console, go to the IP addresses page.
Click External IP addresses.
Optional: In the Filter field, enter
static
and then select Static : Type from the drop-down list.Select the static external IP address that you want to release.
Click Release static address.
If you don't see this option, click the More actions menu (
) in the top menu bar, and then select Release static address from the list.
gcloud
Use the
compute addresses delete
command:
gcloud compute addresses delete ADDRESS_NAME
Replace ADDRESS_NAME
with the name of the IPv4 or
IPv6 address to release.
API
To release a regional IPv4 or IPv6 address, call the
addresses.delete
method:DELETE https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/addresses/ADDRESS_NAME
Replace the following:
PROJECT_ID
: the project ID for this requestREGION
: the name of the region for this requestADDRESS_NAME
: the name of the IP address
To release a global IPv4 or IPv6 address, call the
globalAddresses.delete
method:DELETE https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/addresses/ADDRESS_NAME
Replace the following:
ADDRESS_NAME
: the name of the IP addressPROJECT_ID
: the project ID for this request
Go
Java
Python
What's next
- Learn how to Configure static external IP addresses for a new or existing VM.
- Learn about IP address specifications for forwarding rules, and how to use forwarding rules, in the Forwarding rules overview.
- Learn more about IP addresses.