object

Content of the UrlMap to be validated.

string

[Output Only] Type of the resource. Alwayscompute#urlMaps for url maps.

string (uint64 format)

[Output Only] The unique identifier for the resource. This identifier is defined by the server.

string

[Output Only] Creation timestamp inRFC3339 text format.

string

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply withRFC1035. Specifically, the name must be 1-63 characters long and match the regular expression[a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

string

An optional description of this resource. Provide this property when you create the resource.

string

[Output Only] Server-defined URL for the resource.

object

The list of host rules to use against the URL.

string

An optional description of this resource. Provide this property when you create the resource.

string

The list of host patterns to match. They must be valid hostnames with optional port numbers in the formathost:port.* matches any string of([a-z0-9-.]*). In that case,* must be the first character, and if followed by anything, the immediate following character must be either- or..

* based matching is not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string

The name of thePathMatcher to use to match the path portion of the URL if thehostRule matches the URL's host portion.

object

The list of namedPathMatchers to use against the URL.

string

The name to which thisPathMatcher is referred by theHostRule.

string

An optional description of this resource. Provide this property when you create the resource.

string

The full or partial URL to theBackendService resource. This URL is used if none of thepathRules orrouteRules defined by thisPathMatcher are matched. For example, the following are all valid URLs to aBackendService resource:

• https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
• compute/v1/projects/project/global/backendServices/backendService
• global/backendServices/backendService

Only one ofdefaultUrlRedirect,defaultService ordefaultRouteAction.weightedBackendService can be set.

Authorization requires one or more of the followingGoogle IAM permissions on the specified resource defaultService:

• compute.backendBuckets.use
• compute.backendServices.use

Authorization requires one or more of the followingIAM permissions on the specified resourcedefaultService:

• compute.backendBuckets.use
• compute.backendServices.use

object

defaultRouteAction takes effect when none of the pathRules orrouteRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend.

Only one ofdefaultUrlRedirect,defaultService ordefaultRouteAction.weightedBackendService can be set.

URL maps for classic Application Load Balancers only support theurlRewrite action within a path matcher'sdefaultRouteAction.

object

A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their correspondingbackend service. If all traffic needs to go to a single backend service, there must be oneweightedBackendService with weight set to a non-zero number.

After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in thisHttpRouteAction.

string

The full or partial URL to the defaultBackendService resource. Before forwarding the request tobackendService, the load balancer applies any relevantheaderActions specified as part of thisbackendServiceWeight.

Authorization requires the followingIAM permission on the specified resourcebackendService:

• compute.backendServices.use

integer (uint32 format)

Specifies the fraction of traffic sent to a backend service, computed asweight / (sum of all weightedBackendService weights in routeAction).

The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. Don't configure session affinity if you're using weighted traffic splitting. If you do, the weighted traffic splitting configuration takes precedence.

The value must be from 0 to 1000.

object

Specifies changes to request and response headers that need to take effect for the selectedbackendService.

headerAction specified here take effect beforeheaderAction in the enclosingHttpRouteRule,PathMatcher andUrlMap.

headerAction is not supported for load balancers that have theirloadBalancingScheme set toEXTERNAL.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string

A list of header names for headers that need to be removed from the request before forwarding the request to thebackendService.

object

Headers to add to a matching request before forwarding the request to thebackendService.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

string

A list of header names for headers that need to be removed from the response before sending the response back to the client.

object

Headers to add the response before sending the response back to the client.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

object

The spec to modify the URL of the request, before forwarding the request to the matched service.

urlRewrite is the only action supported in UrlMaps for classic Application Load Balancers.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string

Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced bypathPrefixRewrite.

The value must be from 1 to 1024 characters.

string

Before forwarding the request to the selected service, the request's host header is replaced with contents ofhostRewrite.

The value must be from 1 to 255 characters.

string

If specified, the pattern rewrites the URL path (based on the :path header) using the HTTP template syntax.

A corresponding pathTemplateMatch must be specified. Any template variables must exist in the pathTemplateMatch field.

• -At least one variable must be specified in the pathTemplateMatch field
• You can omit variables from the rewritten URL
• The* and** operators cannot be matched unless they have a corresponding variable name - e.g.{format=*} or{var=**}.

For example, a pathTemplateMatch of/static/{format=**} could be rewritten as/static/content/{format} to prefix/content to the URL. Variables can also be re-ordered in a rewrite, so that/{country}/{format}/{suffix=**} can be rewritten as/content/{format}/{country}/{suffix}.

At least one non-emptyrouteRules[].matchRules[].path_template_match is required.

Only one ofpathPrefixRewrite orpathTemplateRewrite may be specified.

object

Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known asend-of-stream) up until the response has been processed. Timeout includes all retries.

If not specified, this field uses the largest timeout among all backend services associated with the route.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

Specifies the retry policy associated with this route.

string

Specifies one or more conditions when this retry policy applies. Valid values are:

• 5xx: retry is attempted if the instance or endpoint responds with any5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams.
• gateway-error: Similar to5xx, but only applies to response codes502,503 or504.
• connect-failure: a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts.
• retriable-4xx: a retry is attempted if the instance or endpoint responds with a4xx response code. The only error that you can retry is error code409.
• refused-stream: a retry is attempted if the instance or endpoint resets the stream with aREFUSED_STREAM error code. This reset type indicates that it is safe to retry.
• cancelled: a retry is attempted if the gRPC status code in the response header is set tocancelled.
• deadline-exceeded: a retry is attempted if the gRPC status code in the response header is set todeadline-exceeded.
• internal: a retry is attempted if the gRPC status code in the response header is set tointernal.
• resource-exhausted: a retry is attempted if the gRPC status code in the response header is set toresource-exhausted.
• unavailable: a retry is attempted if the gRPC status code in the response header is set tounavailable.

Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.

• cancelled
• deadline-exceeded
• internal
• resource-exhausted
• unavailable

integer (uint32 format)

Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.

object

Specifies a non-zero timeout per retry attempt.

If not specified, will use the timeout set in theHttpRouteAction field. If timeout in theHttpRouteAction field is not set, this field uses the largest timeout among all backend services associated with the route.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with-shadow.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string

The full or partial URL to theBackendService resource being mirrored to.

The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map.

Serverless NEG backends are not currently supported as a mirrored backend service.

Authorization requires the followingIAM permission on the specified resourcebackendService:

• compute.backendServices.use

number

The percentage of requests to be mirrored tobackendService.

object

The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), seeFetch API Living Standard.

Not supported when the URL map is bound to a target gRPC proxy.

string

Specifies the list of origins that is allowed to do CORS requests.

An origin is allowed if it matches either an item inallowOrigins or an item inallowOriginRegexes.

string

Specifies a regular expression that matches allowed origins. For more information, seeregular expression syntax.

An origin is allowed if it matches either an item inallowOrigins or an item inallowOriginRegexes.

Regular expressions can only be used when the loadBalancingScheme is set toINTERNAL_SELF_MANAGED.

string

Specifies the content for theAccess-Control-Allow-Methods header.

string

Specifies the content for theAccess-Control-Allow-Headers header.

string

Specifies the content for theAccess-Control-Expose-Headers header.

integer

Specifies how long results of a preflight request can be cached in seconds. This field translates to theAccess-Control-Max-Age header.

boolean

In response to a preflight request, setting this totrue indicates that the actual request can include user credentials. This field translates to theAccess-Control-Allow-Credentials header.

Default isfalse.

boolean

Iftrue, disables the CORS policy. The default value isfalse, which indicates that the CORS policy is in effect.

object

The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests.timeout andretryPolicy is ignored by clients that are configured with afaultInjectionPolicy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the classic Application Load Balancer . To see which load balancers support fault injection, seeLoad balancing: Routing and traffic management features.

object

The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.

object

Specifies the value of the fixed delay interval.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

number

The percentage of traffic for connections, operations, or requests for which a delay is introduced as part of fault injection.

The value must be from 0.0 to 100.0 inclusive.

object

The specification for how client requests are aborted as part of fault injection.

integer (uint32 format)

The HTTP status code used to abort the request.

The value must be from 200 to 599 inclusive.

For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.

number

The percentage of traffic for connections, operations, or requests that is aborted as part of fault injection.

The value must be from 0.0 to 100.0 inclusive.

object

Specifies the maximum duration (timeout) for streams on the selected route. Unlike thetimeout field where the timeout duration starts from the time the request has been fully processed (known asend-of-stream), the duration in this field is computed from the beginning of the stream until the response has been processed, including all retries. A stream that does not complete in this duration is closed.

If not specified, this field uses the maximummaxStreamDuration value among all backend services associated with the route.

This field is only allowed if the Url map is used with backend services withloadBalancingScheme set toINTERNAL_SELF_MANAGED.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

When none of the specifiedpathRules orrouteRules match, the request is redirected to a URL specified bydefaultUrlRedirect.

Only one ofdefaultUrlRedirect,defaultService ordefaultRouteAction.weightedBackendService can be set.

Not supported when the URL map is bound to a target gRPC proxy.

string

The host that is used in the redirect response instead of the one that was supplied in the request.

The value must be from 1 to 255 characters.

string

The path that is used in the redirect response instead of the one that was supplied in the request.

pathRedirect cannot be supplied together withprefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect.

The value must be from 1 to 1024 characters.

string

The prefix that replaces theprefixMatch specified in theHttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.

prefixRedirect cannot be supplied together withpathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect.

The value must be from 1 to 1024 characters.

enum

The HTTP Status code to use for this RedirectAction.

Supported values are:

• MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
• FOUND, which corresponds to 302.
• SEE_OTHER which corresponds to 303.
• TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained.
• PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained.

boolean

If set totrue, the URL scheme in the redirected request is set toHTTPS. If set tofalse, the URL scheme of the redirected request remains the same as that of the request.

This must only be set for URL maps used inTargetHttpProxys. Setting this true forTargetHttpsProxy is not permitted.

The default is set tofalse.

boolean

If set totrue, any accompanying query portion of the original URL is removed before redirecting the request. If set tofalse, the query portion of the original URL is retained.

The default is set tofalse.

object

The list of path rules. Use this list instead ofrouteRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.

For example: apathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.

Within a givenpathMatcher, only one ofpathRules orrouteRules must be set.

string

The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. IfrouteAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend.

Only one ofurlRedirect,service orrouteAction.weightedBackendService can be set.

Authorization requires one or more of the followingIAM permissions on the specified resourceservice:

• compute.backendBuckets.use
• compute.backendServices.use

object

In response to a matchingpath, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend.

Only one ofurlRedirect,service orrouteAction.weightedBackendService can be set.

URL maps for classic Application Load Balancers only support theurlRewrite action within a path rule'srouteAction.

object

A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their correspondingbackend service. If all traffic needs to go to a single backend service, there must be oneweightedBackendService with weight set to a non-zero number.

After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in thisHttpRouteAction.

string

The full or partial URL to the defaultBackendService resource. Before forwarding the request tobackendService, the load balancer applies any relevantheaderActions specified as part of thisbackendServiceWeight.

Authorization requires the followingIAM permission on the specified resourcebackendService:

• compute.backendServices.use

integer (uint32 format)

Specifies the fraction of traffic sent to a backend service, computed asweight / (sum of all weightedBackendService weights in routeAction).

The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. Don't configure session affinity if you're using weighted traffic splitting. If you do, the weighted traffic splitting configuration takes precedence.

The value must be from 0 to 1000.

object

Specifies changes to request and response headers that need to take effect for the selectedbackendService.

headerAction specified here take effect beforeheaderAction in the enclosingHttpRouteRule,PathMatcher andUrlMap.

headerAction is not supported for load balancers that have theirloadBalancingScheme set toEXTERNAL.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string

A list of header names for headers that need to be removed from the request before forwarding the request to thebackendService.

object

Headers to add to a matching request before forwarding the request to thebackendService.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

string

A list of header names for headers that need to be removed from the response before sending the response back to the client.

object

Headers to add the response before sending the response back to the client.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

object

The spec to modify the URL of the request, before forwarding the request to the matched service.

urlRewrite is the only action supported in UrlMaps for classic Application Load Balancers.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string

Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced bypathPrefixRewrite.

The value must be from 1 to 1024 characters.

string

Before forwarding the request to the selected service, the request's host header is replaced with contents ofhostRewrite.

The value must be from 1 to 255 characters.

string

If specified, the pattern rewrites the URL path (based on the :path header) using the HTTP template syntax.

A corresponding pathTemplateMatch must be specified. Any template variables must exist in the pathTemplateMatch field.

• -At least one variable must be specified in the pathTemplateMatch field
• You can omit variables from the rewritten URL
• The* and** operators cannot be matched unless they have a corresponding variable name - e.g.{format=*} or{var=**}.

For example, a pathTemplateMatch of/static/{format=**} could be rewritten as/static/content/{format} to prefix/content to the URL. Variables can also be re-ordered in a rewrite, so that/{country}/{format}/{suffix=**} can be rewritten as/content/{format}/{country}/{suffix}.

At least one non-emptyrouteRules[].matchRules[].path_template_match is required.

Only one ofpathPrefixRewrite orpathTemplateRewrite may be specified.

object

Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known asend-of-stream) up until the response has been processed. Timeout includes all retries.

If not specified, this field uses the largest timeout among all backend services associated with the route.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

Specifies the retry policy associated with this route.

string

Specifies one or more conditions when this retry policy applies. Valid values are:

• 5xx: retry is attempted if the instance or endpoint responds with any5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams.
• gateway-error: Similar to5xx, but only applies to response codes502,503 or504.
• connect-failure: a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts.
• retriable-4xx: a retry is attempted if the instance or endpoint responds with a4xx response code. The only error that you can retry is error code409.
• refused-stream: a retry is attempted if the instance or endpoint resets the stream with aREFUSED_STREAM error code. This reset type indicates that it is safe to retry.
• cancelled: a retry is attempted if the gRPC status code in the response header is set tocancelled.
• deadline-exceeded: a retry is attempted if the gRPC status code in the response header is set todeadline-exceeded.
• internal: a retry is attempted if the gRPC status code in the response header is set tointernal.
• resource-exhausted: a retry is attempted if the gRPC status code in the response header is set toresource-exhausted.
• unavailable: a retry is attempted if the gRPC status code in the response header is set tounavailable.

Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.

• cancelled
• deadline-exceeded
• internal
• resource-exhausted
• unavailable

integer (uint32 format)

Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.

object

Specifies a non-zero timeout per retry attempt.

If not specified, will use the timeout set in theHttpRouteAction field. If timeout in theHttpRouteAction field is not set, this field uses the largest timeout among all backend services associated with the route.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with-shadow.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string

The full or partial URL to theBackendService resource being mirrored to.

The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map.

Serverless NEG backends are not currently supported as a mirrored backend service.

Authorization requires the followingIAM permission on the specified resourcebackendService:

• compute.backendServices.use

number

The percentage of requests to be mirrored tobackendService.

object

The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), seeFetch API Living Standard.

Not supported when the URL map is bound to a target gRPC proxy.

string

Specifies the list of origins that is allowed to do CORS requests.

An origin is allowed if it matches either an item inallowOrigins or an item inallowOriginRegexes.

string

Specifies a regular expression that matches allowed origins. For more information, seeregular expression syntax.

An origin is allowed if it matches either an item inallowOrigins or an item inallowOriginRegexes.

Regular expressions can only be used when the loadBalancingScheme is set toINTERNAL_SELF_MANAGED.

string

Specifies the content for theAccess-Control-Allow-Methods header.

string

Specifies the content for theAccess-Control-Allow-Headers header.

string

Specifies the content for theAccess-Control-Expose-Headers header.

integer

Specifies how long results of a preflight request can be cached in seconds. This field translates to theAccess-Control-Max-Age header.

boolean

In response to a preflight request, setting this totrue indicates that the actual request can include user credentials. This field translates to theAccess-Control-Allow-Credentials header.

Default isfalse.

boolean

Iftrue, disables the CORS policy. The default value isfalse, which indicates that the CORS policy is in effect.

object

The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests.timeout andretryPolicy is ignored by clients that are configured with afaultInjectionPolicy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the classic Application Load Balancer . To see which load balancers support fault injection, seeLoad balancing: Routing and traffic management features.

object

The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.

object

Specifies the value of the fixed delay interval.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

number

The percentage of traffic for connections, operations, or requests for which a delay is introduced as part of fault injection.

The value must be from 0.0 to 100.0 inclusive.

object

The specification for how client requests are aborted as part of fault injection.

integer (uint32 format)

The HTTP status code used to abort the request.

The value must be from 200 to 599 inclusive.

For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.

number

The percentage of traffic for connections, operations, or requests that is aborted as part of fault injection.

The value must be from 0.0 to 100.0 inclusive.

object

Specifies the maximum duration (timeout) for streams on the selected route. Unlike thetimeout field where the timeout duration starts from the time the request has been fully processed (known asend-of-stream), the duration in this field is computed from the beginning of the stream until the response has been processed, including all retries. A stream that does not complete in this duration is closed.

If not specified, this field uses the maximummaxStreamDuration value among all backend services associated with the route.

This field is only allowed if the Url map is used with backend services withloadBalancingScheme set toINTERNAL_SELF_MANAGED.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

When a path pattern is matched, the request is redirected to a URL specified byurlRedirect.

Only one ofurlRedirect,service orrouteAction.weightedBackendService can be set.

Not supported when the URL map is bound to a target gRPC proxy.

string

The host that is used in the redirect response instead of the one that was supplied in the request.

The value must be from 1 to 255 characters.

string

The path that is used in the redirect response instead of the one that was supplied in the request.

pathRedirect cannot be supplied together withprefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect.

The value must be from 1 to 1024 characters.

string

The prefix that replaces theprefixMatch specified in theHttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.

prefixRedirect cannot be supplied together withpathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect.

The value must be from 1 to 1024 characters.

enum

The HTTP Status code to use for this RedirectAction.

Supported values are:

• MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
• FOUND, which corresponds to 302.
• SEE_OTHER which corresponds to 303.
• TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained.
• PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained.

boolean

If set totrue, the URL scheme in the redirected request is set toHTTPS. If set tofalse, the URL scheme of the redirected request remains the same as that of the request.

This must only be set for URL maps used inTargetHttpProxys. Setting this true forTargetHttpsProxy is not permitted.

The default is set tofalse.

boolean

If set totrue, any accompanying query portion of the original URL is removed before redirecting the request. If set tofalse, the query portion of the original URL is retained.

The default is set tofalse.

string

The list of path patterns to match. Each must start with/ and the only place a* is allowed is at the end following a/. The string fed to the path matcher does not include any text after the first? or#, and those chars are not allowed here.

object

customErrorResponsePolicy specifies how the Load Balancer returns error responses whenBackendServiceorBackendBucket responds with an error.

If a policy for an error code is not configured for thePathRule, a policy for the error code configured inpathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified inpathMatcher.defaultCustomErrorResponsePolicy, the policy configured inUrlMap.defaultCustomErrorResponsePolicy takes effect.

For example, consider a UrlMap with the following configuration:

• UrlMap.defaultCustomErrorResponsePolicy are configured with policies for5xx and4xx errors
• A PathRule for/coming_soon/ is configured for the error code404.

If the request is forwww.myotherdomain.com and a404 is encountered, the policy underUrlMap.defaultCustomErrorResponsePolicy takes effect. If a404 response is encountered for the requestwww.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request forwww.example.com/coming_soon/ encounters a404, the policy inPathRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a500 error code, the policy atUrlMap.defaultCustomErrorResponsePolicy takes effect.

customErrorResponsePolicy is supported only for global external Application Load Balancers.

object

Specifies rules for returning error responses.

In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for401 (Un-authorized) code, and another for all 4 series error codes(4XX). If the backend service returns a401, then the rule for401 will be applied. However if the backend service returns a403, the rule for4xx takes effect.

string

Valid values include:

• A number between 400 and 599: For example401 or503, in which case the load balancer applies the policy if the error code exactly matches this value.
• 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of500 to599.
• 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of400 to499.

Values must be unique within matchResponseCodes and across allerrorResponseRules ofCustomErrorResponsePolicy.

string

The full path to a file withinbackendBucket . For example:/errors/defaultError.html

path must start with a leading slash.path cannot have trailing slashes.

If the file is not available inbackendBucket or the load balancer cannot reach theBackendBucket, a simpleNot Found Error is returned to the client.

The value must be from1 to1024 characters

integer

The HTTP status code returned with the response containing the custom error content. IfoverrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client.

string

The full or partial URL to theBackendBucket resource that contains the custom error content. Examples are:

• https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket
• compute/v1/projects/project/global/backendBuckets/myBackendBucket
• global/backendBuckets/myBackendBucket

IferrorService is not specified at lower levels likepathMatcher,pathRule androuteRule, anerrorService specified at a higher level in theUrlMap will be used. IfUrlMap.defaultCustomErrorResponsePolicy contains one or moreerrorResponseRules[], it must specifyerrorService.

Ifload balancer cannot reach thebackendBucket, a simpleNot Found Error will be returned, with the original response code (oroverrideResponseCode if configured).

errorService is not supported for internal or regionalHTTP/HTTPS load balancers.

Authorization requires one or more of the followingIAM permissions on the specified resourceerrorService:

• compute.backendBuckets.use
• compute.backendServices.use

object

The list of HTTP route rules. Use this list instead ofpathRules when advanced route matching and routing actions are desired.routeRules are evaluated in order of priority, from the lowest to highest number.

Within a givenpathMatcher, you can set only one ofpathRules orrouteRules.

integer

ForrouteRules within a givenpathMatcher, priority determines the order in which a load balancer interpretsrouteRules.RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.

You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number from 0 to 2147483647 inclusive.

Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.

string

The short description conveying the intent of thisrouteRule.

The description can have a maximum length of 1024 characters.

object

The list of criteria for matching attributes of a request to thisrouteRule. This list has OR semantics: the request matches thisrouteRule when any of thematchRules are satisfied. However predicates within a givenmatchRule have AND semantics. All predicates within amatchRule must match for the request to match the rule.

string

For satisfying thematchRule condition, the request's path must begin with the specifiedprefixMatch.prefixMatch must begin with a/.

The value must be from 1 to 1024 characters.

Only one ofprefixMatch,fullPathMatch,regexMatch orpathTemplateMatch must be specified. specified.

string

For satisfying thematchRule condition, the path of the request must exactly match the value specified infullPathMatch after removing any query parameters and anchor that may be part of the original URL.

fullPathMatch must be from 1 to 1024 characters.

Only one ofprefixMatch,fullPathMatch,regexMatch orpathTemplateMatch must be specified.

string

For satisfying thematchRule condition, the path of the request must satisfy the regular expression specified inregexMatch after removing any query parameters and anchor supplied with the original URL. For more information about regular expression syntax, seeSyntax.

Only one ofprefixMatch,fullPathMatch,regexMatch orpathTemplateMatch must be specified.

Regular expressions can only be used when the loadBalancingScheme is set toINTERNAL_SELF_MANAGED,EXTERNAL_MANAGED orINTERNAL_MANAGED.

boolean

Specifies thatprefixMatch andfullPathMatch matches are case sensitive.

The default value is false.

ignoreCase must not be used with regexMatch.

Not supported when the URL map is bound to a target gRPC proxy.

object

Specifies a list of header match criteria, all of which must match corresponding headers in the request.

string

The name of the HTTP header to match.

For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".

For matching a request's method, use the headerName ":method".

When the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue, only non-binary user-specified custom metadata and thecontent-type header are supported. The following transport-level headers cannot be used in header matching rules::authority,:method,:path,:scheme,user-agent,accept-encoding,content-encoding,grpc-accept-encoding,grpc-encoding,grpc-previous-rpc-attempts,grpc-tags-bin,grpc-timeout andgrpc-trace-bin.

string

The value should exactly match contents ofexactMatch.

Only one ofexactMatch,prefixMatch,suffixMatch,regexMatch,presentMatch orrangeMatch must be set.

string

The value of the header must match the regular expression specified inregexMatch. For more information about regular expression syntax, seeSyntax.

For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.

Only one ofexactMatch,prefixMatch,suffixMatch,regexMatch,presentMatch orrangeMatch must be set.

Regular expressions can only be used when the loadBalancingScheme is set toINTERNAL_SELF_MANAGED,EXTERNAL_MANAGED orINTERNAL_MANAGED.

object

The header value must be an integer and its value must be in the range specified inrangeMatch. If the header does not contain an integer, number or is empty, the match fails.

For example for a range [-5, 0]

• -3 will match.
• 0 will not match.
• 0.25 will not match.
• -3someString will not match.

Only one ofexactMatch,prefixMatch,suffixMatch,regexMatch,presentMatch orrangeMatch must be set.

rangeMatch is not supported for load balancers that haveloadBalancingScheme set toEXTERNAL.

string (int64 format)

The start of the range (inclusive) in signed long integer format.

string (int64 format)

The end of the range (exclusive) in signed long integer format.

boolean

A header with the contents ofheaderName must exist. The match takes place whether or not the request's header has a value.

Only one ofexactMatch,prefixMatch,suffixMatch,regexMatch,presentMatch orrangeMatch must be set.

string

The value of the header must start with the contents ofprefixMatch.

Only one ofexactMatch,prefixMatch,suffixMatch,regexMatch,presentMatch orrangeMatch must be set.

string

The value of the header must end with the contents ofsuffixMatch.

Only one ofexactMatch,prefixMatch,suffixMatch,regexMatch,presentMatch orrangeMatch must be set.

boolean

If set tofalse, theheaderMatch is considered a match if the preceding match criteria are met. If set totrue, theheaderMatch is considered a match if the preceding match criteria are NOT met.

The default setting isfalse.

object

Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.

Not supported when the URL map is bound to a target gRPC proxy.

string

The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.

boolean

Specifies that thequeryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.

Only one ofpresentMatch,exactMatch, orregexMatch must be set.

string

ThequeryParameterMatch matches if the value of the parameter exactly matches the contents ofexactMatch.

Only one ofpresentMatch,exactMatch, orregexMatch must be set.

string

ThequeryParameterMatch matches if the value of the parameter matches the regular expression specified byregexMatch. For more information about regular expression syntax, seeSyntax.

Only one ofpresentMatch,exactMatch, orregexMatch must be set.

Regular expressions can only be used when the loadBalancingScheme is set toINTERNAL_SELF_MANAGED,EXTERNAL_MANAGED orINTERNAL_MANAGED.

object

Opaque filter criteria used by the load balancer to restrict routing configuration to a limited set ofxDS compliant clients. In their xDS requests to the load balancer, xDS clients presentnode metadata. When there is a match, the relevant routing configuration is made available to those proxies.

For eachmetadataFilter in this list, if itsfilterMatchCriteria is set to MATCH_ANY, at least one of thefilterLabels must match the corresponding label provided in the metadata. If itsfilterMatchCriteria is set to MATCH_ALL, then all of itsfilterLabels must match with corresponding labels provided in the metadata. If multiple metadata filters are specified, all of them need to be satisfied in order to be considered a match.

metadataFilters specified here is applied after those specified inForwardingRule that refers to theUrlMap thisHttpRouteRuleMatch belongs to.

metadataFilters only applies to load balancers that haveloadBalancingScheme set toINTERNAL_SELF_MANAGED.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

enum

Specifies how individual filter label matches within the list offilterLabels and contributes toward the overallmetadataFilter match.

Supported values are:

• MATCH_ANY: at least one of thefilterLabels must have a matching label in the provided metadata.
• MATCH_ALL: allfilterLabels must have matching labels in the provided metadata.

object

The list of label value pairs that must match labels in the provided metadata based onfilterMatchCriteria

This list must not be empty and can have at the most 64 entries.

string

Name of metadata label.

The name can have a maximum length of 1024 characters and must be at least 1 character long.

string

The value of the label must match the specified value.

value can have a maximum length of 1024 characters.

string

If specified, the route is a pattern match expression that must match the :path header once the query string is removed.

A pattern match allows you to match

• The value must be between 1 and 1024 characters
• The pattern must start with a leading slash ("/")
• There may be no more than 5 operators in pattern

Precisely one ofprefixMatch,fullPathMatch,regexMatch orpathTemplateMatch must be set.

string

The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. IfrouteAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend.

Only one ofurlRedirect,service orrouteAction.weightedBackendService can be set.

Authorization requires the followingIAM permission on the specified resourceservice:

• compute.backendServices.use

object

In response to a matchingmatchRule, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend.

Only one ofurlRedirect,service orrouteAction.weightedBackendService can be set.

URL maps for classic Application Load Balancers only support theurlRewrite action within a route rule'srouteAction.

object

A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their correspondingbackend service. If all traffic needs to go to a single backend service, there must be oneweightedBackendService with weight set to a non-zero number.

After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in thisHttpRouteAction.

string

The full or partial URL to the defaultBackendService resource. Before forwarding the request tobackendService, the load balancer applies any relevantheaderActions specified as part of thisbackendServiceWeight.

Authorization requires the followingIAM permission on the specified resourcebackendService:

• compute.backendServices.use

integer (uint32 format)

Specifies the fraction of traffic sent to a backend service, computed asweight / (sum of all weightedBackendService weights in routeAction).

The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. Don't configure session affinity if you're using weighted traffic splitting. If you do, the weighted traffic splitting configuration takes precedence.

The value must be from 0 to 1000.

object

Specifies changes to request and response headers that need to take effect for the selectedbackendService.

headerAction specified here take effect beforeheaderAction in the enclosingHttpRouteRule,PathMatcher andUrlMap.

headerAction is not supported for load balancers that have theirloadBalancingScheme set toEXTERNAL.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string

A list of header names for headers that need to be removed from the request before forwarding the request to thebackendService.

object

Headers to add to a matching request before forwarding the request to thebackendService.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

string

A list of header names for headers that need to be removed from the response before sending the response back to the client.

object

Headers to add the response before sending the response back to the client.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

object

The spec to modify the URL of the request, before forwarding the request to the matched service.

urlRewrite is the only action supported in UrlMaps for classic Application Load Balancers.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string

Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced bypathPrefixRewrite.

The value must be from 1 to 1024 characters.

string

Before forwarding the request to the selected service, the request's host header is replaced with contents ofhostRewrite.

The value must be from 1 to 255 characters.

string

If specified, the pattern rewrites the URL path (based on the :path header) using the HTTP template syntax.

A corresponding pathTemplateMatch must be specified. Any template variables must exist in the pathTemplateMatch field.

• -At least one variable must be specified in the pathTemplateMatch field
• You can omit variables from the rewritten URL
• The* and** operators cannot be matched unless they have a corresponding variable name - e.g.{format=*} or{var=**}.

For example, a pathTemplateMatch of/static/{format=**} could be rewritten as/static/content/{format} to prefix/content to the URL. Variables can also be re-ordered in a rewrite, so that/{country}/{format}/{suffix=**} can be rewritten as/content/{format}/{country}/{suffix}.

At least one non-emptyrouteRules[].matchRules[].path_template_match is required.

Only one ofpathPrefixRewrite orpathTemplateRewrite may be specified.

object

Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known asend-of-stream) up until the response has been processed. Timeout includes all retries.

If not specified, this field uses the largest timeout among all backend services associated with the route.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

Specifies the retry policy associated with this route.

string

Specifies one or more conditions when this retry policy applies. Valid values are:

• 5xx: retry is attempted if the instance or endpoint responds with any5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams.
• gateway-error: Similar to5xx, but only applies to response codes502,503 or504.
• connect-failure: a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts.
• retriable-4xx: a retry is attempted if the instance or endpoint responds with a4xx response code. The only error that you can retry is error code409.
• refused-stream: a retry is attempted if the instance or endpoint resets the stream with aREFUSED_STREAM error code. This reset type indicates that it is safe to retry.
• cancelled: a retry is attempted if the gRPC status code in the response header is set tocancelled.
• deadline-exceeded: a retry is attempted if the gRPC status code in the response header is set todeadline-exceeded.
• internal: a retry is attempted if the gRPC status code in the response header is set tointernal.
• resource-exhausted: a retry is attempted if the gRPC status code in the response header is set toresource-exhausted.
• unavailable: a retry is attempted if the gRPC status code in the response header is set tounavailable.

Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.

• cancelled
• deadline-exceeded
• internal
• resource-exhausted
• unavailable

integer (uint32 format)

Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.

object

Specifies a non-zero timeout per retry attempt.

If not specified, will use the timeout set in theHttpRouteAction field. If timeout in theHttpRouteAction field is not set, this field uses the largest timeout among all backend services associated with the route.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with-shadow.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string

The full or partial URL to theBackendService resource being mirrored to.

The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map.

Serverless NEG backends are not currently supported as a mirrored backend service.

Authorization requires the followingIAM permission on the specified resourcebackendService:

• compute.backendServices.use

number

The percentage of requests to be mirrored tobackendService.

object

The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), seeFetch API Living Standard.

Not supported when the URL map is bound to a target gRPC proxy.

string

Specifies the list of origins that is allowed to do CORS requests.

An origin is allowed if it matches either an item inallowOrigins or an item inallowOriginRegexes.

string

Specifies a regular expression that matches allowed origins. For more information, seeregular expression syntax.

An origin is allowed if it matches either an item inallowOrigins or an item inallowOriginRegexes.

Regular expressions can only be used when the loadBalancingScheme is set toINTERNAL_SELF_MANAGED.

string

Specifies the content for theAccess-Control-Allow-Methods header.

string

Specifies the content for theAccess-Control-Allow-Headers header.

string

Specifies the content for theAccess-Control-Expose-Headers header.

integer

Specifies how long results of a preflight request can be cached in seconds. This field translates to theAccess-Control-Max-Age header.

boolean

In response to a preflight request, setting this totrue indicates that the actual request can include user credentials. This field translates to theAccess-Control-Allow-Credentials header.

Default isfalse.

boolean

Iftrue, disables the CORS policy. The default value isfalse, which indicates that the CORS policy is in effect.

object

The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests.timeout andretryPolicy is ignored by clients that are configured with afaultInjectionPolicy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the classic Application Load Balancer . To see which load balancers support fault injection, seeLoad balancing: Routing and traffic management features.

object

The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.

object

Specifies the value of the fixed delay interval.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

number

The percentage of traffic for connections, operations, or requests for which a delay is introduced as part of fault injection.

The value must be from 0.0 to 100.0 inclusive.

object

The specification for how client requests are aborted as part of fault injection.

integer (uint32 format)

The HTTP status code used to abort the request.

The value must be from 200 to 599 inclusive.

For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.

number

The percentage of traffic for connections, operations, or requests that is aborted as part of fault injection.

The value must be from 0.0 to 100.0 inclusive.

object

Specifies the maximum duration (timeout) for streams on the selected route. Unlike thetimeout field where the timeout duration starts from the time the request has been fully processed (known asend-of-stream), the duration in this field is computed from the beginning of the stream until the response has been processed, including all retries. A stream that does not complete in this duration is closed.

If not specified, this field uses the maximummaxStreamDuration value among all backend services associated with the route.

This field is only allowed if the Url map is used with backend services withloadBalancingScheme set toINTERNAL_SELF_MANAGED.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

When this rule is matched, the request is redirected to a URL specified byurlRedirect.

Only one ofurlRedirect,service orrouteAction.weightedBackendService can be set.

Not supported when the URL map is bound to a target gRPC proxy.

string

The host that is used in the redirect response instead of the one that was supplied in the request.

The value must be from 1 to 255 characters.

string

The path that is used in the redirect response instead of the one that was supplied in the request.

pathRedirect cannot be supplied together withprefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect.

The value must be from 1 to 1024 characters.

string

The prefix that replaces theprefixMatch specified in theHttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.

prefixRedirect cannot be supplied together withpathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect.

The value must be from 1 to 1024 characters.

enum

The HTTP Status code to use for this RedirectAction.

Supported values are:

• MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
• FOUND, which corresponds to 302.
• SEE_OTHER which corresponds to 303.
• TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained.
• PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained.

boolean

If set totrue, the URL scheme in the redirected request is set toHTTPS. If set tofalse, the URL scheme of the redirected request remains the same as that of the request.

This must only be set for URL maps used inTargetHttpProxys. Setting this true forTargetHttpsProxy is not permitted.

The default is set tofalse.

boolean

If set totrue, any accompanying query portion of the original URL is removed before redirecting the request. If set tofalse, the query portion of the original URL is retained.

The default is set tofalse.

object

Specifies changes to request and response headers that need to take effect for the selectedbackendService.

TheheaderAction value specified here is applied before the matchingpathMatchers[].headerAction and afterpathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction

HeaderAction is not supported for load balancers that have theirloadBalancingScheme set toEXTERNAL.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string

A list of header names for headers that need to be removed from the request before forwarding the request to thebackendService.

object

Headers to add to a matching request before forwarding the request to thebackendService.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

string

A list of header names for headers that need to be removed from the response before sending the response back to the client.

object

Headers to add the response before sending the response back to the client.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

object

Outbound route specific configuration fornetworkservices.HttpFilter resources enabled by Traffic Director.httpFilterConfigs only applies for load balancers withloadBalancingScheme set toINTERNAL_SELF_MANAGED. SeeForwardingRule for more details.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string

Name of thenetworkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example:envoy.wasm

string

The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example:type.googleapis.com/google.protobuf.Struct

string

The configuration needed to enable thenetworkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified inconfigTypeUrl

object

Outbound route specific metadata supplied tonetworkservices.HttpFilter resources enabled by Traffic Director.httpFilterMetadata only applies for load balancers withloadBalancingScheme set toINTERNAL_SELF_MANAGED. SeeForwardingRule for more details.

The onlyconfigTypeUrl supported istype.googleapis.com/google.protobuf.Struct

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string

Name of thenetworkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example:envoy.wasm

string

The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example:type.googleapis.com/google.protobuf.Struct

string

The configuration needed to enable thenetworkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified inconfigTypeUrl

object

customErrorResponsePolicy specifies how the Load Balancer returns error responses whenBackendServiceorBackendBucket responds with an error.

If a policy for an error code is not configured for theRouteRule, a policy for the error code configured inpathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified inpathMatcher.defaultCustomErrorResponsePolicy, the policy configured inUrlMap.defaultCustomErrorResponsePolicy takes effect.

For example, consider a UrlMap with the following configuration:

• UrlMap.defaultCustomErrorResponsePolicy are configured with policies for5xx and4xx errors
• A RouteRule for/coming_soon/ is configured for the error code404.

If the request is forwww.myotherdomain.com and a404 is encountered, the policy underUrlMap.defaultCustomErrorResponsePolicy takes effect. If a404 response is encountered for the requestwww.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request forwww.example.com/coming_soon/ encounters a404, the policy inRouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a500 error code, the policy atUrlMap.defaultCustomErrorResponsePolicy takes effect.

When used in conjunction withrouteRules.routeAction.retryPolicy, retries take precedence. Only once all retries are exhausted, thecustomErrorResponsePolicy is applied. While attempting a retry, ifload balancer is successful in reaching the service, thecustomErrorResponsePolicy is ignored and the response from the service is returned to the client.

customErrorResponsePolicy is supported only for global external Application Load Balancers.

object

Specifies rules for returning error responses.

In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for401 (Un-authorized) code, and another for all 4 series error codes(4XX). If the backend service returns a401, then the rule for401 will be applied. However if the backend service returns a403, the rule for4xx takes effect.

string

Valid values include:

• A number between 400 and 599: For example401 or503, in which case the load balancer applies the policy if the error code exactly matches this value.
• 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of500 to599.
• 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of400 to499.

Values must be unique within matchResponseCodes and across allerrorResponseRules ofCustomErrorResponsePolicy.

string

The full path to a file withinbackendBucket . For example:/errors/defaultError.html

path must start with a leading slash.path cannot have trailing slashes.

If the file is not available inbackendBucket or the load balancer cannot reach theBackendBucket, a simpleNot Found Error is returned to the client.

The value must be from1 to1024 characters

integer

The HTTP status code returned with the response containing the custom error content. IfoverrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client.

string

The full or partial URL to theBackendBucket resource that contains the custom error content. Examples are:

• https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket
• compute/v1/projects/project/global/backendBuckets/myBackendBucket
• global/backendBuckets/myBackendBucket

IferrorService is not specified at lower levels likepathMatcher,pathRule androuteRule, anerrorService specified at a higher level in theUrlMap will be used. IfUrlMap.defaultCustomErrorResponsePolicy contains one or moreerrorResponseRules[], it must specifyerrorService.

Ifload balancer cannot reach thebackendBucket, a simpleNot Found Error will be returned, with the original response code (oroverrideResponseCode if configured).

errorService is not supported for internal or regionalHTTP/HTTPS load balancers.

Authorization requires one or more of the followingIAM permissions on the specified resourceerrorService:

• compute.backendBuckets.use
• compute.backendServices.use

object

Specifies changes to request and response headers that need to take effect for the selected backend service.

HeaderAction specified here are applied after the matchingHttpRouteRuleHeaderAction and before theHeaderAction in theUrlMap

HeaderAction is not supported for load balancers that have theirloadBalancingScheme set toEXTERNAL.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string

A list of header names for headers that need to be removed from the request before forwarding the request to thebackendService.

object

Headers to add to a matching request before forwarding the request to thebackendService.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

string

A list of header names for headers that need to be removed from the response before sending the response back to the client.

object

Headers to add the response before sending the response back to the client.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

object

defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses whenBackendServiceorBackendBucket responds with an error.

This policy takes effect at thePathMatcher level and applies only when no policy has been defined for the error code at lower levels likeRouteRule andPathRule within thisPathMatcher. If an error code does not have a policy defined indefaultCustomErrorResponsePolicy, then a policy defined for the error code inUrlMap.defaultCustomErrorResponsePolicy takes effect.

For example, consider a UrlMap with the following configuration:

• UrlMap.defaultCustomErrorResponsePolicy is configured with policies for5xx and4xx errors
• A RouteRule for/coming_soon/ is configured for the error code404.

If the request is forwww.myotherdomain.com and a404 is encountered, the policy underUrlMap.defaultCustomErrorResponsePolicy takes effect. If a404 response is encountered for the requestwww.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request forwww.example.com/coming_soon/ encounters a404, the policy inRouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a500 error code, the policy atUrlMap.defaultCustomErrorResponsePolicy takes effect.

When used in conjunction withpathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, thedefaultCustomErrorResponsePolicy is applied. While attempting a retry, ifload balancer is successful in reaching the service, thedefaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client.

defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers.

object

Specifies rules for returning error responses.

In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for401 (Un-authorized) code, and another for all 4 series error codes(4XX). If the backend service returns a401, then the rule for401 will be applied. However if the backend service returns a403, the rule for4xx takes effect.

string

Valid values include:

• A number between 400 and 599: For example401 or503, in which case the load balancer applies the policy if the error code exactly matches this value.
• 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of500 to599.
• 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of400 to499.

Values must be unique within matchResponseCodes and across allerrorResponseRules ofCustomErrorResponsePolicy.

string

The full path to a file withinbackendBucket . For example:/errors/defaultError.html

path must start with a leading slash.path cannot have trailing slashes.

If the file is not available inbackendBucket or the load balancer cannot reach theBackendBucket, a simpleNot Found Error is returned to the client.

The value must be from1 to1024 characters

integer

The HTTP status code returned with the response containing the custom error content. IfoverrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client.

string

The full or partial URL to theBackendBucket resource that contains the custom error content. Examples are:

• https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket
• compute/v1/projects/project/global/backendBuckets/myBackendBucket
• global/backendBuckets/myBackendBucket

IferrorService is not specified at lower levels likepathMatcher,pathRule androuteRule, anerrorService specified at a higher level in theUrlMap will be used. IfUrlMap.defaultCustomErrorResponsePolicy contains one or moreerrorResponseRules[], it must specifyerrorService.

Ifload balancer cannot reach thebackendBucket, a simpleNot Found Error will be returned, with the original response code (oroverrideResponseCode if configured).

errorService is not supported for internal or regionalHTTP/HTTPS load balancers.

Authorization requires one or more of the followingIAM permissions on the specified resourceerrorService:

• compute.backendBuckets.use
• compute.backendServices.use

object

The list of expected URL mapping tests. Request to update theUrlMap succeeds only if all test cases pass. You can specify a maximum of 100 tests perUrlMap.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string

Description of this test case.

string

Host portion of the URL. Ifheaders contains a host header, thenhost must also match the header value.

string

Path portion of the URL.

object

HTTP headers for this request. Ifheaders contains a host header, thenhost must also match the header value.

string

Header name.

string

Header value.

string

ExpectedBackendService orBackendBucket resource the given URL should be mapped to.

Theservice field cannot be set ifexpectedRedirectResponseCode is set.

string

The expected output URL evaluated by the load balancer containing the scheme, host, path and query parameters.

For rules that forward requests to backends, the test passes only whenexpectedOutputUrl matches the request forwarded by the load balancer to backends. For rules withurlRewrite, the test verifies that the forwarded request matcheshostRewrite andpathPrefixRewrite in theurlRewrite action. Whenservice is specified,expectedOutputUrl`s scheme is ignored.

For rules withurlRedirect, the test passes only ifexpectedOutputUrl matches the URL in the load balancer's redirect response. IfurlRedirect specifieshttpsRedirect, the test passes only if the scheme inexpectedOutputUrl is also set toHTTPS. IfurlRedirect specifiesstripQuery, the test passes only ifexpectedOutputUrl does not contain any query parameters.

expectedOutputUrl is optional whenservice is specified.

integer

For rules withurlRedirect, the test passes only ifexpectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.

expectedRedirectResponseCode cannot be set whenservice is set.

string

The full or partial URL of thedefaultService resource to which traffic is directed if none of thehostRules match. IfdefaultRouteAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend.

Only one ofdefaultUrlRedirect,defaultService ordefaultRouteAction.weightedBackendService can be set.

defaultService has no effect when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

Authorization requires one or more of the followingIAM permissions on the specified resourcedefaultService:

• compute.backendBuckets.use
• compute.backendServices.use

object

defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend.

Only one ofdefaultUrlRedirect,defaultService ordefaultRouteAction.weightedBackendService can be set.

URL maps for classic Application Load Balancers only support theurlRewrite action withindefaultRouteAction.

defaultRouteAction has no effect when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

object

A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their correspondingbackend service. If all traffic needs to go to a single backend service, there must be oneweightedBackendService with weight set to a non-zero number.

After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in thisHttpRouteAction.

string

The full or partial URL to the defaultBackendService resource. Before forwarding the request tobackendService, the load balancer applies any relevantheaderActions specified as part of thisbackendServiceWeight.

Authorization requires the followingIAM permission on the specified resourcebackendService:

• compute.backendServices.use

integer (uint32 format)

Specifies the fraction of traffic sent to a backend service, computed asweight / (sum of all weightedBackendService weights in routeAction).

The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. Don't configure session affinity if you're using weighted traffic splitting. If you do, the weighted traffic splitting configuration takes precedence.

The value must be from 0 to 1000.

object

Specifies changes to request and response headers that need to take effect for the selectedbackendService.

headerAction specified here take effect beforeheaderAction in the enclosingHttpRouteRule,PathMatcher andUrlMap.

headerAction is not supported for load balancers that have theirloadBalancingScheme set toEXTERNAL.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string

A list of header names for headers that need to be removed from the request before forwarding the request to thebackendService.

object

Headers to add to a matching request before forwarding the request to thebackendService.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

string

A list of header names for headers that need to be removed from the response before sending the response back to the client.

object

Headers to add the response before sending the response back to the client.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

object

The spec to modify the URL of the request, before forwarding the request to the matched service.

urlRewrite is the only action supported in UrlMaps for classic Application Load Balancers.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string

Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced bypathPrefixRewrite.

The value must be from 1 to 1024 characters.

string

Before forwarding the request to the selected service, the request's host header is replaced with contents ofhostRewrite.

The value must be from 1 to 255 characters.

string

If specified, the pattern rewrites the URL path (based on the :path header) using the HTTP template syntax.

A corresponding pathTemplateMatch must be specified. Any template variables must exist in the pathTemplateMatch field.

• -At least one variable must be specified in the pathTemplateMatch field
• You can omit variables from the rewritten URL
• The* and** operators cannot be matched unless they have a corresponding variable name - e.g.{format=*} or{var=**}.

For example, a pathTemplateMatch of/static/{format=**} could be rewritten as/static/content/{format} to prefix/content to the URL. Variables can also be re-ordered in a rewrite, so that/{country}/{format}/{suffix=**} can be rewritten as/content/{format}/{country}/{suffix}.

At least one non-emptyrouteRules[].matchRules[].path_template_match is required.

Only one ofpathPrefixRewrite orpathTemplateRewrite may be specified.

object

Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known asend-of-stream) up until the response has been processed. Timeout includes all retries.

If not specified, this field uses the largest timeout among all backend services associated with the route.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

Specifies the retry policy associated with this route.

string

Specifies one or more conditions when this retry policy applies. Valid values are:

• 5xx: retry is attempted if the instance or endpoint responds with any5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams.
• gateway-error: Similar to5xx, but only applies to response codes502,503 or504.
• connect-failure: a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts.
• retriable-4xx: a retry is attempted if the instance or endpoint responds with a4xx response code. The only error that you can retry is error code409.
• refused-stream: a retry is attempted if the instance or endpoint resets the stream with aREFUSED_STREAM error code. This reset type indicates that it is safe to retry.
• cancelled: a retry is attempted if the gRPC status code in the response header is set tocancelled.
• deadline-exceeded: a retry is attempted if the gRPC status code in the response header is set todeadline-exceeded.
• internal: a retry is attempted if the gRPC status code in the response header is set tointernal.
• resource-exhausted: a retry is attempted if the gRPC status code in the response header is set toresource-exhausted.
• unavailable: a retry is attempted if the gRPC status code in the response header is set tounavailable.

Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.

• cancelled
• deadline-exceeded
• internal
• resource-exhausted
• unavailable

integer (uint32 format)

Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.

object

Specifies a non-zero timeout per retry attempt.

If not specified, will use the timeout set in theHttpRouteAction field. If timeout in theHttpRouteAction field is not set, this field uses the largest timeout among all backend services associated with the route.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with-shadow.

Not supported when the URL map is bound to a target gRPC proxy that has thevalidateForProxyless field set totrue.

string

The full or partial URL to theBackendService resource being mirrored to.

The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map.

Serverless NEG backends are not currently supported as a mirrored backend service.

Authorization requires the followingIAM permission on the specified resourcebackendService:

• compute.backendServices.use

number

The percentage of requests to be mirrored tobackendService.

object

The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), seeFetch API Living Standard.

Not supported when the URL map is bound to a target gRPC proxy.

string

Specifies the list of origins that is allowed to do CORS requests.

An origin is allowed if it matches either an item inallowOrigins or an item inallowOriginRegexes.

string

Specifies a regular expression that matches allowed origins. For more information, seeregular expression syntax.

An origin is allowed if it matches either an item inallowOrigins or an item inallowOriginRegexes.

Regular expressions can only be used when the loadBalancingScheme is set toINTERNAL_SELF_MANAGED.

string

Specifies the content for theAccess-Control-Allow-Methods header.

string

Specifies the content for theAccess-Control-Allow-Headers header.

string

Specifies the content for theAccess-Control-Expose-Headers header.

integer

Specifies how long results of a preflight request can be cached in seconds. This field translates to theAccess-Control-Max-Age header.

boolean

In response to a preflight request, setting this totrue indicates that the actual request can include user credentials. This field translates to theAccess-Control-Allow-Credentials header.

Default isfalse.

boolean

Iftrue, disables the CORS policy. The default value isfalse, which indicates that the CORS policy is in effect.

object

The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests.timeout andretryPolicy is ignored by clients that are configured with afaultInjectionPolicy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the classic Application Load Balancer . To see which load balancers support fault injection, seeLoad balancing: Routing and traffic management features.

object

The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.

object

Specifies the value of the fixed delay interval.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

number

The percentage of traffic for connections, operations, or requests for which a delay is introduced as part of fault injection.

The value must be from 0.0 to 100.0 inclusive.

object

The specification for how client requests are aborted as part of fault injection.

integer (uint32 format)

The HTTP status code used to abort the request.

The value must be from 200 to 599 inclusive.

For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.

number

The percentage of traffic for connections, operations, or requests that is aborted as part of fault injection.

The value must be from 0.0 to 100.0 inclusive.

object

Specifies the maximum duration (timeout) for streams on the selected route. Unlike thetimeout field where the timeout duration starts from the time the request has been fully processed (known asend-of-stream), the duration in this field is computed from the beginning of the stream until the response has been processed, including all retries. A stream that does not complete in this duration is closed.

If not specified, this field uses the maximummaxStreamDuration value among all backend services associated with the route.

This field is only allowed if the Url map is used with backend services withloadBalancingScheme set toINTERNAL_SELF_MANAGED.

string (int64 format)

Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years

integer

Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0seconds field and a positivenanos field. Must be from 0 to 999,999,999 inclusive.

object

When none of the specifiedhostRules match, the request is redirected to a URL specified bydefaultUrlRedirect.

Only one ofdefaultUrlRedirect,defaultService ordefaultRouteAction.weightedBackendService can be set.

Not supported when the URL map is bound to a target gRPC proxy.

string

The host that is used in the redirect response instead of the one that was supplied in the request.

The value must be from 1 to 255 characters.

string

The path that is used in the redirect response instead of the one that was supplied in the request.

pathRedirect cannot be supplied together withprefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect.

The value must be from 1 to 1024 characters.

string

The prefix that replaces theprefixMatch specified in theHttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.

prefixRedirect cannot be supplied together withpathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect.

The value must be from 1 to 1024 characters.

enum

The HTTP Status code to use for this RedirectAction.

Supported values are:

• MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
• FOUND, which corresponds to 302.
• SEE_OTHER which corresponds to 303.
• TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained.
• PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained.

boolean

If set totrue, the URL scheme in the redirected request is set toHTTPS. If set tofalse, the URL scheme of the redirected request remains the same as that of the request.

This must only be set for URL maps used inTargetHttpProxys. Setting this true forTargetHttpsProxy is not permitted.

The default is set tofalse.

boolean

If set totrue, any accompanying query portion of the original URL is removed before redirecting the request. If set tofalse, the query portion of the original URL is retained.

The default is set tofalse.

object

Specifies changes to request and response headers that need to take effect for the selectedbackendService.

TheheaderAction specified here take effect afterheaderAction specified underpathMatcher.

headerAction is not supported for load balancers that have theirloadBalancingScheme set toEXTERNAL.

Not supported when the URL map is bound to a target gRPC proxy that hasvalidateForProxyless field set totrue.

string

A list of header names for headers that need to be removed from the request before forwarding the request to thebackendService.

object

Headers to add to a matching request before forwarding the request to thebackendService.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

string

A list of header names for headers that need to be removed from the response before sending the response back to the client.

object

Headers to add the response before sending the response back to the client.

string

The name of the header.

string

The value of the header to add.

boolean

Iffalse,headerValue is appended to any values that already exist for the header. If true,headerValue is set for the header, discarding any values that were set for that header.

The default value istrue, unless a variable is present inheaderValue, in which case the default value isfalse.

object

defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses whenBackendServiceorBackendBucket responds with an error.

This policy takes effect at the load balancer level and applies only when no policy has been defined for the error code at lower levels like PathMatcher, RouteRule and PathRule within this UrlMap.

For example, consider a UrlMap with the following configuration:

• defaultCustomErrorResponsePolicy containing policies for responding to5xx and4xx errors
• A PathMatcher configured for*.example.com hasdefaultCustomErrorResponsePolicy for4xx.

If a request forhttp://www.example.com/ encounters a404, the policy inpathMatcher.defaultCustomErrorResponsePolicy will be enforced. When the request forhttp://www.example.com/ encounters a502, the policy inUrlMap.defaultCustomErrorResponsePolicy will be enforced. When a request that does not match any host in*.example.com such ashttp://www.myotherexample.com/, encounters a404,UrlMap.defaultCustomErrorResponsePolicy takes effect.

When used in conjunction withdefaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, thedefaultCustomErrorResponsePolicy is applied. While attempting a retry, ifload balancer is successful in reaching the service, thedefaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client.

defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers.

object

Specifies rules for returning error responses.

In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for401 (Un-authorized) code, and another for all 4 series error codes(4XX). If the backend service returns a401, then the rule for401 will be applied. However if the backend service returns a403, the rule for4xx takes effect.

string

Valid values include:

• A number between 400 and 599: For example401 or503, in which case the load balancer applies the policy if the error code exactly matches this value.
• 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of500 to599.
• 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of400 to499.

Values must be unique within matchResponseCodes and across allerrorResponseRules ofCustomErrorResponsePolicy.

string

The full path to a file withinbackendBucket . For example:/errors/defaultError.html

path must start with a leading slash.path cannot have trailing slashes.

If the file is not available inbackendBucket or the load balancer cannot reach theBackendBucket, a simpleNot Found Error is returned to the client.

The value must be from1 to1024 characters

integer

The HTTP status code returned with the response containing the custom error content. IfoverrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client.

string

The full or partial URL to theBackendBucket resource that contains the custom error content. Examples are:

• https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket
• compute/v1/projects/project/global/backendBuckets/myBackendBucket
• global/backendBuckets/myBackendBucket

IferrorService is not specified at lower levels likepathMatcher,pathRule androuteRule, anerrorService specified at a higher level in theUrlMap will be used. IfUrlMap.defaultCustomErrorResponsePolicy contains one or moreerrorResponseRules[], it must specifyerrorService.

Ifload balancer cannot reach thebackendBucket, a simpleNot Found Error will be returned, with the original response code (oroverrideResponseCode if configured).

errorService is not supported for internal or regionalHTTP/HTTPS load balancers.

Authorization requires one or more of the followingIAM permissions on the specified resourceerrorService:

• compute.backendBuckets.use
• compute.backendServices.use

string (bytes format)

Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field is ignored when inserting aUrlMap. An up-to-date fingerprint must be provided in order to update theUrlMap, otherwise the request will fail with error412 conditionNotMet.

To see the latest fingerprint, make aget() request to retrieve a UrlMap.

A base64-encoded string.

string

[Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.

enum

Specifies the load balancer type(s) this validation request is for. UseEXTERNAL_MANAGED for global external Application Load Balancers and regional external Application Load Balancers. UseEXTERNAL for classic Application Load Balancers.

Use INTERNAL_MANAGED for internal Application Load Balancers. For more information, refer toChoosing a load balancer.

If unspecified, the load balancing scheme will be inferred from the backend service resources this URL map references. If that can not be inferred (for example, this URL map only references backend buckets, or this Url map is for rewrites and redirects only and doesn't reference any backends),EXTERNAL will be used as the default type.

If specified, the scheme(s) must not conflict with the load balancing scheme of the backend service resources this Url map references.