Tool: list_connectivity_tests
Lists all Connectivity Tests owned by a project.
The following sample demonstrate how to use curl to invoke the list_connectivity_tests MCP tool.
| Curl Request |
|---|
curl --location 'https://networkmanagement.googleapis.com/mcp' \ --header 'content-type: application/json' \ --header 'accept: application/json, text/event-stream' \ --data '{ "method": "tools/call", "params": { "name": "list_connectivity_tests", "arguments": { // provide these details according to the tool's MCP specification } }, "jsonrpc": "2.0", "id": 1 }' |
Input Schema
Request for the ListConnectivityTests method.
ListConnectivityTestsRequest
| JSON representation |
|---|
{ "parent": string, "pageSize": integer, "pageToken": string, "filter": string, "orderBy": string } |
| Fields | |
|---|---|
parent |
Required. The parent resource of the Connectivity Tests: |
pageSize |
Number of |
pageToken |
Page token from an earlier query, as returned in |
filter |
Lists the Examples: - Filter by name: name = "projects/proj-1/locations/global/connectivityTests/test-1
|
orderBy |
Field to use to sort the list. |
Output Schema
Response for the ListConnectivityTests method.
ListConnectivityTestsResponse
| JSON representation |
|---|
{
"resources": [
{
object ( |
| Fields | |
|---|---|
resources[] |
List of Connectivity Tests. |
nextPageToken |
Page token to fetch the next set of Connectivity Tests. |
unreachable[] |
Locations that could not be reached (when querying all locations with |
ConnectivityTest
| JSON representation |
|---|
{ "name": string, "description": string, "source": { object ( |
| Fields | |
|---|---|
name |
Identifier. Unique name of the resource using the form: |
description |
The user-supplied description of the Connectivity Test. Maximum of 512 characters. |
source |
Required. Source specification of the Connectivity Test. You can use a combination of source IP address, URI of a supported endpoint, project ID, or VPC network to identify the source location. Reachability analysis might proceed even if the source location is ambiguous. However, the test result might include endpoints or use a source that you don't intend to test. |
destination |
Required. Destination specification of the Connectivity Test. You can use a combination of destination IP address, URI of a supported endpoint, project ID, or VPC network to identify the destination location. Reachability analysis proceeds even if the destination location is ambiguous. However, the test result might include endpoints or use a destination that you don't intend to test. |
protocol |
IP Protocol of the test. When not provided, "TCP" is assumed. |
relatedProjects[] |
Other projects that may be relevant for reachability analysis. This is applicable to scenarios where a test can cross project boundaries. |
displayName |
Output only. The display name of a Connectivity Test. |
labels |
Resource labels to represent user-provided metadata. An object containing a list of |
createTime |
Output only. The time the test was created. Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: |
updateTime |
Output only. The time the test's configuration was updated. Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: |
reachabilityDetails |
Output only. The reachability details of this test from the latest run. The details are updated when creating a new test, updating an existing test, or triggering a one-time rerun of an existing test. |
probingDetails |
Output only. The probing details of this test from the latest run, present for applicable tests only. The details are updated when creating a new test, updating an existing test, or triggering a one-time rerun of an existing test. |
roundTrip |
Whether run analysis for the return path from destination to source. Default value is false. |
returnReachabilityDetails |
Output only. The reachability details of this test from the latest run for the return path. The details are updated when creating a new test, updating an existing test, or triggering a one-time rerun of an existing test. |
bypassFirewallChecks |
Whether the analysis should skip firewall checking. Default value is false. |
Endpoint
| JSON representation |
|---|
{ "ipAddress": string, "port": integer, "instance": string, "forwardingRule": string, "gkeMasterCluster": string, "fqdn": string, "cloudSqlInstance": string, "redisInstance": string, "redisCluster": string, "gkePod": string, "cloudFunction": { object ( |
| Fields | |
|---|---|
ipAddress |
The IP address of the endpoint, which can be an external or internal IP. |
port |
The IP protocol port of the endpoint. Only applicable when protocol is TCP or UDP. |
instance |
A Compute Engine instance URI. |
forwardingRule |
A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud load balancer. Forwarding rules are also used for protocol forwarding, Private Service Connect and other network services to provide forwarding information in the control plane. Applicable only to destination endpoint. Format: |
gkeMasterCluster |
A cluster URI for Google Kubernetes Engine cluster control plane. |
fqdn |
DNS endpoint of Google Kubernetes Engine cluster control plane. Requires gke_master_cluster to be set, can't be used simultaneoulsly with ip_address or network. Applicable only to destination endpoint. |
cloudSqlInstance |
A Cloud SQL instance URI. |
redisInstance |
A Redis Instance URI. Applicable only to destination endpoint. |
redisCluster |
A Redis Cluster URI. Applicable only to destination endpoint. |
gkePod |
A GKE Pod URI. |
cloudFunction |
A Cloud Function. Applicable only to source endpoint. |
appEngineVersion |
An App Engine service version. Applicable only to source endpoint. |
cloudRunRevision |
|
network |
A VPC network URI. For source endpoints, used according to the |
networkType |
For source endpoints, type of the network where the endpoint is located. Not relevant for destination endpoints. |
projectId |
For source endpoints, endpoint project ID. Used according to the |
Union field
|
|
forwardingRuleTarget |
Output only. Specifies the type of the target of the forwarding rule. |
Union field
|
|
loadBalancerId |
Output only. ID of the load balancer the forwarding rule points to. Empty for forwarding rules not related to load balancers. |
Union field
|
|
loadBalancerType |
Output only. Type of the load balancer the forwarding rule points to. |
CloudFunctionEndpoint
| JSON representation |
|---|
{ "uri": string } |
| Fields | |
|---|---|
uri |
A Cloud Function name. |
AppEngineVersionEndpoint
| JSON representation |
|---|
{ "uri": string } |
| Fields | |
|---|---|
uri |
An App Engine service version name. |
CloudRunRevisionEndpoint
| JSON representation |
|---|
{ "uri": string, "serviceUri": string } |
| Fields | |
|---|---|
uri |
A Cloud Run revision URI. The format is: projects/{project}/locations/{location}/revisions/{revision} |
serviceUri |
Output only. The URI of the Cloud Run service that the revision belongs to. The format is: projects/{project}/locations/{location}/services/{service} |
LabelsEntry
| JSON representation |
|---|
{ "key": string, "value": string } |
| Fields | |
|---|---|
key |
|
value |
|
Timestamp
| JSON representation |
|---|
{ "seconds": string, "nanos": integer } |
| Fields | |
|---|---|
seconds |
Represents seconds of UTC time since Unix epoch 1970-01-01T00:00:00Z. Must be between -62135596800 and 253402300799 inclusive (which corresponds to 0001-01-01T00:00:00Z to 9999-12-31T23:59:59Z). |
nanos |
Non-negative fractions of a second at nanosecond resolution. This field is the nanosecond portion of the duration, not an alternative to seconds. Negative second values with fractions must still have non-negative nanos values that count forward in time. Must be between 0 and 999,999,999 inclusive. |
ReachabilityDetails
| JSON representation |
|---|
{ "result": enum ( |
| Fields | |
|---|---|
result |
The overall result of the test's configuration analysis. |
verifyTime |
The time of the configuration analysis. Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: |
error |
The details of a failure or a cancellation of reachability analysis. |
traces[] |
Result may contain a list of traces if a test has multiple possible paths in the network, such as when destination endpoint is a load balancer with multiple backends. |
Status
| JSON representation |
|---|
{ "code": integer, "message": string, "details": [ { "@type": string, field1: ..., ... } ] } |
| Fields | |
|---|---|
code |
The status code, which should be an enum value of |
message |
A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the |
details[] |
A list of messages that carry the error details. There is a common set of message types for APIs to use. An object containing fields of an arbitrary type. An additional field |
Any
| JSON representation |
|---|
{ "typeUrl": string, "value": string } |
| Fields | |
|---|---|
typeUrl |
Identifies the type of the serialized Protobuf message with a URI reference consisting of a prefix ending in a slash and the fully-qualified type name. Example: type.googleapis.com/google.protobuf.StringValue This string must contain at least one The prefix is arbitrary and Protobuf implementations are expected to simply strip off everything up to and including the last All type URL strings must be legal URI references with the additional restriction (for the text format) that the content of the reference must consist only of alphanumeric characters, percent-encoded escapes, and characters in the following set (not including the outer backticks): In the original design of |
value |
Holds a Protobuf serialization of the type described by type_url. A base64-encoded string. |
Trace
| JSON representation |
|---|
{ "endpointInfo": { object ( |
| Fields | |
|---|---|
endpointInfo |
Derived from the source and destination endpoints definition specified by user request, and validated by the data plane model. If there are multiple traces starting from different source locations, then the endpoint_info may be different between traces. |
steps[] |
A trace of a test contains multiple steps from the initial state to the final state (delivered, dropped, forwarded, or aborted). The steps are ordered by the processing sequence within the simulated network state machine. It is critical to preserve the order of the steps and avoid reordering or sorting them. |
forwardTraceId |
ID of trace. For forward traces, this ID is unique for each trace. For return traces, it matches ID of associated forward trace. A single forward trace can be associated with none, one or more than one return trace. |
EndpointInfo
| JSON representation |
|---|
{ "sourceIp": string, "destinationIp": string, "protocol": string, "sourcePort": integer, "destinationPort": integer, "sourceNetworkUri": string, "destinationNetworkUri": string, "sourceAgentUri": string } |
| Fields | |
|---|---|
sourceIp |
Source IP address. |
destinationIp |
Destination IP address. |
protocol |
IP protocol in string format, for example: "TCP", "UDP", "ICMP". |
sourcePort |
Source port. Only valid when protocol is TCP or UDP. |
destinationPort |
Destination port. Only valid when protocol is TCP or UDP. |
sourceNetworkUri |
URI of the network where this packet originates from. |
destinationNetworkUri |
URI of the network where this packet is sent to. |
sourceAgentUri |
URI of the source telemetry agent this packet originates from. |
Step
| JSON representation |
|---|
{ "description": string, "state": enum ( |
| Fields | |
|---|---|
description |
A description of the step. Usually this is a summary of the state. |
state |
Each step is in one of the pre-defined states. |
causesDrop |
This is a step that leads to the final state Drop. |
projectId |
Project ID that contains the configuration this step is validating. |
Union field step_info. Configuration or metadata associated with each step. The configuration is filtered based on viewer's permission. If a viewer has no permission to view the configuration in this step, for non-final states a special state is populated (VIEWER_PERMISSION_MISSING), and for final state the configuration is cleared. step_info can be only one of the following: |
|
instance |
Display information of a Compute Engine instance. |
firewall |
Display information of a Compute Engine firewall rule. |
route |
Display information of a Compute Engine route. |
endpoint |
Display information of the source and destination under analysis. The endpoint information in an intermediate state may differ with the initial input, as it might be modified by state like NAT, or Connection Proxy. |
googleService |
Display information of a Google service |
forwardingRule |
Display information of a Compute Engine forwarding rule. |
hybridSubnet |
Display information of a hybrid subnet. |
vpnGateway |
Display information of a Compute Engine VPN gateway. |
vpnTunnel |
Display information of a Compute Engine VPN tunnel. |
interconnectAttachment |
Display information of an interconnect attachment. |
vpcConnector |
Display information of a VPC connector. |
directVpcEgressConnection |
Display information of a serverless direct VPC egress connection. |
serverlessExternalConnection |
Display information of a serverless public (external) connection. |
deliver |
Display information of the final state "deliver" and reason. |
forward |
Display information of the final state "forward" and reason. |
abort |
Display information of the final state "abort" and reason. |
drop |
Display information of the final state "drop" and reason. |
loadBalancer |
Display information of the load balancers. Deprecated in favor of the |
network |
Display information of a Google Cloud network. |
gkeMaster |
Display information of a Google Kubernetes Engine cluster master. |
gkePod |
Display information of a Google Kubernetes Engine Pod. |
ipMasqueradingSkipped |
Display information of the reason why GKE Pod IP masquerading was skipped. |
gkeNetworkPolicy |
Display information of a GKE Network Policy. |
gkeNetworkPolicySkipped |
Display information of the reason why GKE Network Policy evaluation was skipped. |
cloudSqlInstance |
Display information of a Cloud SQL instance. |
redisInstance |
Display information of a Redis Instance. |
redisCluster |
Display information of a Redis Cluster. |
cloudFunction |
Display information of a Cloud Function. |
appEngineVersion |
Display information of an App Engine service version. |
cloudRunRevision |
Display information of a Cloud Run revision. |
nat |
Display information of a NAT. |
proxyConnection |
Display information of a ProxyConnection. |
loadBalancerBackendInfo |
Display information of a specific load balancer backend. |
storageBucket |
Display information of a Storage Bucket. Used only for return traces. |
serverlessNeg |
Display information of a Serverless network endpoint group backend. Used only for return traces. |
ngfwPacketInspection |
Display information of a layer 7 packet inspection by the firewall. |
InstanceInfo
| JSON representation |
|---|
{
"displayName": string,
"uri": string,
"interface": string,
"networkUri": string,
"internalIp": string,
"externalIp": string,
"networkTags": [
string
],
"serviceAccount": string,
"pscNetworkAttachmentUri": string,
"running": boolean,
"status": enum ( |
| Fields | |
|---|---|
displayName |
Name of a Compute Engine instance. |
uri |
URI of a Compute Engine instance. |
interface |
Name of the network interface of a Compute Engine instance. |
networkUri |
URI of a Compute Engine network. |
internalIp |
Internal IP address of the network interface. |
externalIp |
External IP address of the network interface. |
networkTags[] |
Network tags configured on the instance. |
serviceAccount |
Service account authorized for the instance. |
pscNetworkAttachmentUri |
URI of the PSC network attachment the NIC is attached to (if relevant). |
running |
Indicates whether the Compute Engine instance is running. Deprecated: use the |
status |
The status of the instance. |
FirewallInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "direction": string, "action": string, "priority": integer, "networkUri": string, "targetTags": [ string ], "targetServiceAccounts": [ string ], "policy": string, "policyUri": string, "firewallRuleType": enum ( |
| Fields | |
|---|---|
displayName |
The display name of the firewall rule. This field might be empty for firewall policy rules. |
uri |
The URI of the firewall rule. This field is not applicable to implied VPC firewall rules. |
direction |
Possible values: INGRESS, EGRESS |
action |
Possible values: ALLOW, DENY, APPLY_SECURITY_PROFILE_GROUP |
priority |
The priority of the firewall rule. |
networkUri |
The URI of the VPC network that the firewall rule is associated with. This field is not applicable to hierarchical firewall policy rules. |
targetTags[] |
The target tags defined by the VPC firewall rule. This field is not applicable to firewall policy rules. |
targetServiceAccounts[] |
The target service accounts specified by the firewall rule. |
policy |
The name of the firewall policy that this rule is associated with. This field is not applicable to VPC firewall rules and implied VPC firewall rules. |
policyUri |
The URI of the firewall policy that this rule is associated with. This field is not applicable to VPC firewall rules and implied VPC firewall rules. |
firewallRuleType |
The firewall rule's type. |
policyPriority |
The priority of the firewall policy that this rule is associated with. This field is not applicable to VPC firewall rules and implied VPC firewall rules. |
targetType |
Target type of the firewall rule. |
RouteInfo
| JSON representation |
|---|
{ "routeType": enum ( |
| Fields | |
|---|---|
routeType |
Type of route. |
nextHopType |
Type of next hop. |
routeScope |
Indicates where route is applicable. Deprecated, routes with NCC_HUB scope are not included in the trace in new tests. |
displayName |
Name of a route. |
uri |
URI of a route. SUBNET, STATIC, PEERING_SUBNET (only for peering network) and POLICY_BASED routes only. |
region |
Region of the route. DYNAMIC, PEERING_DYNAMIC, POLICY_BASED and ADVERTISED routes only. If set for POLICY_BASED route, this is a region of VLAN attachments for Cloud Interconnect the route applies to. If set to "all" for POLICY_BASED route, the route applies to VLAN attachments of Cloud Interconnect in all regions. |
destIpRange |
Destination IP range of the route. |
nextHop |
String type of the next hop of the route (for example, "VPN tunnel"). Deprecated in favor of the next_hop_type and next_hop_uri fields, not used in new tests. |
networkUri |
URI of a VPC network where route is located. |
priority |
Priority of the route. |
instanceTags[] |
Instance tags of the route. |
srcIpRange |
Source IP address range of the route. POLICY_BASED routes only. |
destPortRanges[] |
Destination port ranges of the route. POLICY_BASED routes only. |
srcPortRanges[] |
Source port ranges of the route. POLICY_BASED routes only. |
protocols[] |
Protocols of the route. POLICY_BASED routes only. |
nextHopUri |
URI of the next hop resource. |
nextHopNetworkUri |
URI of a VPC network where the next hop resource is located. |
originatingRouteUri |
For PEERING_SUBNET and PEERING_STATIC routes, the URI of the originating SUBNET/STATIC route. |
originatingRouteDisplayName |
For PEERING_SUBNET, PEERING_STATIC and PEERING_DYNAMIC routes, the name of the originating SUBNET/STATIC/DYNAMIC route. |
nccHubRouteUri |
For PEERING_SUBNET and PEERING_DYNAMIC routes that are advertised by NCC Hub, the URI of the corresponding route in NCC Hub's routing table. |
Union field
|
|
nccHubUri |
URI of the NCC Hub the route is advertised by. PEERING_SUBNET and PEERING_DYNAMIC routes that are advertised by NCC Hub only. |
Union field
|
|
nccSpokeUri |
URI of the destination NCC Spoke. PEERING_SUBNET and PEERING_DYNAMIC routes that are advertised by NCC Hub only. |
Union field
|
|
advertisedRouteSourceRouterUri |
For ADVERTISED dynamic routes, the URI of the Cloud Router that advertised the corresponding IP prefix. |
Union field
|
|
advertisedRouteNextHopUri |
For ADVERTISED routes, the URI of their next hop, i.e. the URI of the hybrid endpoint (VPN tunnel, Interconnect attachment, NCC router appliance) the advertised prefix is advertised through, or URI of the source peered network. Deprecated in favor of the next_hop_uri field, not used in new tests. |
GoogleServiceInfo
| JSON representation |
|---|
{
"sourceIp": string,
"googleServiceType": enum ( |
| Fields | |
|---|---|
sourceIp |
Source IP address. |
googleServiceType |
Recognized type of a Google Service. |
ForwardingRuleInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "matchedProtocol": string, "matchedPortRange": string, "vip": string, "target": string, "networkUri": string, "region": string, "loadBalancerName": string, "pscServiceAttachmentUri": string, "pscGoogleApiTarget": string } |
| Fields | |
|---|---|
displayName |
Name of the forwarding rule. |
uri |
URI of the forwarding rule. |
matchedProtocol |
Protocol defined in the forwarding rule that matches the packet. |
matchedPortRange |
Port range defined in the forwarding rule that matches the packet. |
vip |
VIP of the forwarding rule. |
target |
Target type of the forwarding rule. |
networkUri |
Network URI. |
region |
Region of the forwarding rule. Set only for regional forwarding rules. |
loadBalancerName |
Name of the load balancer the forwarding rule belongs to. Empty for forwarding rules not related to load balancers (like PSC forwarding rules). |
pscServiceAttachmentUri |
URI of the PSC service attachment this forwarding rule targets (if applicable). |
pscGoogleApiTarget |
PSC Google API target this forwarding rule targets (if applicable). |
HybridSubnetInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "region": string } |
| Fields | |
|---|---|
displayName |
Name of a hybrid subnet. |
uri |
URI of a hybrid subnet. |
region |
Name of a Google Cloud region where the hybrid subnet is configured. |
VpnGatewayInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "networkUri": string, "ipAddress": string, "vpnTunnelUri": string, "region": string } |
| Fields | |
|---|---|
displayName |
Name of a VPN gateway. |
uri |
URI of a VPN gateway. |
networkUri |
URI of a Compute Engine network where the VPN gateway is configured. |
ipAddress |
IP address of the VPN gateway. |
vpnTunnelUri |
A VPN tunnel that is associated with this VPN gateway. There may be multiple VPN tunnels configured on a VPN gateway, and only the one relevant to the test is displayed. |
region |
Name of a Google Cloud region where this VPN gateway is configured. |
VpnTunnelInfo
| JSON representation |
|---|
{
"displayName": string,
"uri": string,
"sourceGateway": string,
"remoteGateway": string,
"remoteGatewayIp": string,
"sourceGatewayIp": string,
"networkUri": string,
"region": string,
"routingType": enum ( |
| Fields | |
|---|---|
displayName |
Name of a VPN tunnel. |
uri |
URI of a VPN tunnel. |
sourceGateway |
URI of the VPN gateway at local end of the tunnel. |
remoteGateway |
URI of a VPN gateway at remote end of the tunnel. |
remoteGatewayIp |
Remote VPN gateway's IP address. |
sourceGatewayIp |
Local VPN gateway's IP address. |
networkUri |
URI of a Compute Engine network where the VPN tunnel is configured. |
region |
Name of a Google Cloud region where this VPN tunnel is configured. |
routingType |
Type of the routing policy. |
InterconnectAttachmentInfo
| JSON representation |
|---|
{
"displayName": string,
"uri": string,
"interconnectUri": string,
"region": string,
"cloudRouterUri": string,
"type": enum ( |
| Fields | |
|---|---|
displayName |
Name of an Interconnect attachment. |
uri |
URI of an Interconnect attachment. |
interconnectUri |
URI of the Interconnect where the Interconnect attachment is configured. |
region |
Name of a Google Cloud region where the Interconnect attachment is configured. |
cloudRouterUri |
URI of the Cloud Router to be used for dynamic routing. |
type |
The type of interconnect attachment this is. |
l2AttachmentMatchedIpAddress |
Appliance IP address that was matched for L2_DEDICATED attachments. |
VpcConnectorInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "location": string } |
| Fields | |
|---|---|
displayName |
Name of a VPC connector. |
uri |
URI of a VPC connector. |
location |
Location in which the VPC connector is deployed. |
DirectVpcEgressConnectionInfo
| JSON representation |
|---|
{ "networkUri": string, "subnetworkUri": string, "selectedIpRange": string, "selectedIpAddress": string, "region": string } |
| Fields | |
|---|---|
networkUri |
URI of direct access network. |
subnetworkUri |
URI of direct access subnetwork. |
selectedIpRange |
Selected IP range. |
selectedIpAddress |
Selected starting IP address, from the selected IP range. |
region |
Region in which the Direct VPC egress is deployed. |
ServerlessExternalConnectionInfo
| JSON representation |
|---|
{ "selectedIpAddress": string } |
| Fields | |
|---|---|
selectedIpAddress |
Selected starting IP address, from the Google dynamic address pool. |
DeliverInfo
| JSON representation |
|---|
{ "target": enum ( |
| Fields | |
|---|---|
target |
Target type where the packet is delivered to. |
resourceUri |
URI of the resource that the packet is delivered to. |
ipAddress |
IP address of the target (if applicable). |
storageBucket |
Name of the Cloud Storage Bucket the packet is delivered to (if applicable). |
pscGoogleApiTarget |
PSC Google API target the packet is delivered to (if applicable). |
googleServiceType |
Recognized type of a Google Service the packet is delivered to (if applicable). |
ForwardInfo
| JSON representation |
|---|
{
"target": enum ( |
| Fields | |
|---|---|
target |
Target type where this packet is forwarded to. |
resourceUri |
URI of the resource that the packet is forwarded to. |
ipAddress |
IP address of the target (if applicable). |
AbortInfo
| JSON representation |
|---|
{
"cause": enum ( |
| Fields | |
|---|---|
cause |
Causes that the analysis is aborted. |
resourceUri |
URI of the resource that caused the abort. |
ipAddress |
IP address that caused the abort. |
projectsMissingPermission[] |
List of project IDs the user specified in the request but lacks access to. In this case, analysis is aborted with the PERMISSION_DENIED cause. |
DropInfo
| JSON representation |
|---|
{
"cause": enum ( |
| Fields | |
|---|---|
cause |
Cause that the packet is dropped. |
resourceUri |
URI of the resource that caused the drop. |
sourceIp |
Source IP address of the dropped packet (if relevant). |
destinationIp |
Destination IP address of the dropped packet (if relevant). |
region |
Region of the dropped packet (if relevant). |
sourceGeolocationCode |
Geolocation (region code) of the source IP address (if relevant). |
destinationGeolocationCode |
Geolocation (region code) of the destination IP address (if relevant). |
LoadBalancerInfo
| JSON representation |
|---|
{ "loadBalancerType": enum ( |
| Fields | |
|---|---|
loadBalancerType |
Type of the load balancer. |
healthCheckUri |
URI of the health check for the load balancer. Deprecated and no longer populated as different load balancer backends might have different health checks. |
backends[] |
Information for the loadbalancer backends. |
backendType |
Type of load balancer's backend configuration. |
backendUri |
Backend configuration URI. |
LoadBalancerBackend
| JSON representation |
|---|
{
"displayName": string,
"uri": string,
"healthCheckFirewallState": enum ( |
| Fields | |
|---|---|
displayName |
Name of a Compute Engine instance or network endpoint. |
uri |
URI of a Compute Engine instance or network endpoint. |
healthCheckFirewallState |
State of the health check firewall configuration. |
healthCheckAllowingFirewallRules[] |
A list of firewall rule URIs allowing probes from health check IP ranges. |
healthCheckBlockingFirewallRules[] |
A list of firewall rule URIs blocking probes from health check IP ranges. |
NetworkInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "matchedSubnetUri": string, "matchedIpRange": string, "region": string } |
| Fields | |
|---|---|
displayName |
Name of a Compute Engine network. |
uri |
URI of a Compute Engine network. |
matchedSubnetUri |
URI of the subnet matching the source IP address of the test. |
matchedIpRange |
The IP range of the subnet matching the source IP address of the test. |
region |
The region of the subnet matching the source IP address of the test. |
GKEMasterInfo
| JSON representation |
|---|
{ "clusterUri": string, "clusterNetworkUri": string, "internalIp": string, "externalIp": string, "dnsEndpoint": string } |
| Fields | |
|---|---|
clusterUri |
URI of a GKE cluster. |
clusterNetworkUri |
URI of a GKE cluster network. |
internalIp |
Internal IP address of a GKE cluster control plane. |
externalIp |
External IP address of a GKE cluster control plane. |
dnsEndpoint |
DNS endpoint of a GKE cluster control plane. |
GkePodInfo
| JSON representation |
|---|
{ "podUri": string, "ipAddress": string, "networkUri": string } |
| Fields | |
|---|---|
podUri |
URI of a GKE Pod. For Pods in regional Clusters, the URI format is: |
ipAddress |
IP address of a GKE Pod. If the Pod is dual-stack, this is the IP address relevant to the trace. |
networkUri |
URI of the network containing the GKE Pod. |
IpMasqueradingSkippedInfo
| JSON representation |
|---|
{
"reason": enum ( |
| Fields | |
|---|---|
reason |
Reason why IP masquerading was not applied. |
nonMasqueradeRange |
The matched non-masquerade IP range. Only set if reason is DESTINATION_IP_IN_CONFIGURED_NON_MASQUERADE_RANGE or DESTINATION_IP_IN_DEFAULT_NON_MASQUERADE_RANGE. |
GkeNetworkPolicyInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "direction": string, "action": string } |
| Fields | |
|---|---|
displayName |
The name of the Network Policy. |
uri |
The URI of the Network Policy. Format for a Network Policy in a zonal cluster: |
direction |
Possible values: INGRESS, EGRESS |
action |
Possible values: ALLOW, DENY |
GkeNetworkPolicySkippedInfo
| JSON representation |
|---|
{
"reason": enum ( |
| Fields | |
|---|---|
reason |
Reason why Network Policy evaluation was skipped. |
CloudSQLInstanceInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "networkUri": string, "internalIp": string, "externalIp": string, "region": string } |
| Fields | |
|---|---|
displayName |
Name of a Cloud SQL instance. |
uri |
URI of a Cloud SQL instance. |
networkUri |
URI of a Cloud SQL instance network or empty string if the instance does not have one. |
internalIp |
Internal IP address of a Cloud SQL instance. |
externalIp |
External IP address of a Cloud SQL instance. |
region |
Region in which the Cloud SQL instance is running. |
RedisInstanceInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "networkUri": string, "primaryEndpointIp": string, "readEndpointIp": string, "region": string } |
| Fields | |
|---|---|
displayName |
Name of a Cloud Redis Instance. |
uri |
URI of a Cloud Redis Instance. |
networkUri |
URI of a Cloud Redis Instance network. |
primaryEndpointIp |
Primary endpoint IP address of a Cloud Redis Instance. |
readEndpointIp |
Read endpoint IP address of a Cloud Redis Instance (if applicable). |
region |
Region in which the Cloud Redis Instance is defined. |
RedisClusterInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "networkUri": string, "discoveryEndpointIpAddress": string, "secondaryEndpointIpAddress": string, "location": string } |
| Fields | |
|---|---|
displayName |
Name of a Redis Cluster. |
uri |
URI of a Redis Cluster in format "projects/{project_id}/locations/{location}/clusters/{cluster_id}" |
networkUri |
URI of the network containing the Redis Cluster endpoints in format "projects/{project_id}/global/networks/{network_id}". |
discoveryEndpointIpAddress |
Discovery endpoint IP address of a Redis Cluster. |
secondaryEndpointIpAddress |
Secondary endpoint IP address of a Redis Cluster. |
location |
Name of the region in which the Redis Cluster is defined. For example, "us-central1". |
CloudFunctionInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "location": string, "versionId": string } |
| Fields | |
|---|---|
displayName |
Name of a Cloud Function. |
uri |
URI of a Cloud Function. |
location |
Location in which the Cloud Function is deployed. |
versionId |
Latest successfully deployed version id of the Cloud Function. |
AppEngineVersionInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "runtime": string, "environment": string } |
| Fields | |
|---|---|
displayName |
Name of an App Engine version. |
uri |
URI of an App Engine version. |
runtime |
Runtime of the App Engine version. |
environment |
App Engine execution environment for a version. |
CloudRunRevisionInfo
| JSON representation |
|---|
{ "displayName": string, "uri": string, "location": string, "serviceUri": string } |
| Fields | |
|---|---|
displayName |
Name of a Cloud Run revision. |
uri |
URI of a Cloud Run revision. |
location |
Location in which this revision is deployed. |
serviceUri |
URI of Cloud Run service this revision belongs to. |
NatInfo
| JSON representation |
|---|
{ "type": enum ( |
| Fields | |
|---|---|
type |
Type of NAT. |
protocol |
IP protocol in string format, for example: "TCP", "UDP", "ICMP". |
networkUri |
URI of the network where NAT translation takes place. |
oldSourceIp |
Source IP address before NAT translation. |
newSourceIp |
Source IP address after NAT translation. |
oldDestinationIp |
Destination IP address before NAT translation. |
newDestinationIp |
Destination IP address after NAT translation. |
oldSourcePort |
Source port before NAT translation. Only valid when protocol is TCP or UDP. |
newSourcePort |
Source port after NAT translation. Only valid when protocol is TCP or UDP. |
oldDestinationPort |
Destination port before NAT translation. Only valid when protocol is TCP or UDP. |
newDestinationPort |
Destination port after NAT translation. Only valid when protocol is TCP or UDP. |
routerUri |
Uri of the Cloud Router. Only valid when type is CLOUD_NAT. |
natGatewayName |
The name of Cloud NAT Gateway. Only valid when type is CLOUD_NAT. |
cloudNatGatewayType |
Type of Cloud NAT gateway. Only valid when |
ProxyConnectionInfo
| JSON representation |
|---|
{ "protocol": string, "oldSourceIp": string, "newSourceIp": string, "oldDestinationIp": string, "newDestinationIp": string, "oldSourcePort": integer, "newSourcePort": integer, "oldDestinationPort": integer, "newDestinationPort": integer, "subnetUri": string, "networkUri": string } |
| Fields | |
|---|---|
protocol |
IP protocol in string format, for example: "TCP", "UDP", "ICMP". |
oldSourceIp |
Source IP address of an original connection. |
newSourceIp |
Source IP address of a new connection. |
oldDestinationIp |
Destination IP address of an original connection |
newDestinationIp |
Destination IP address of a new connection. |
oldSourcePort |
Source port of an original connection. Only valid when protocol is TCP or UDP. |
newSourcePort |
Source port of a new connection. Only valid when protocol is TCP or UDP. |
oldDestinationPort |
Destination port of an original connection. Only valid when protocol is TCP or UDP. |
newDestinationPort |
Destination port of a new connection. Only valid when protocol is TCP or UDP. |
subnetUri |
Uri of proxy subnet. |
networkUri |
URI of the network where connection is proxied. |
LoadBalancerBackendInfo
| JSON representation |
|---|
{
"name": string,
"instanceUri": string,
"backendServiceUri": string,
"instanceGroupUri": string,
"networkEndpointGroupUri": string,
"backendBucketUri": string,
"pscServiceAttachmentUri": string,
"pscGoogleApiTarget": string,
"healthCheckUri": string,
"healthCheckFirewallsConfigState": enum ( |
| Fields | |
|---|---|
name |
Display name of the backend. For example, it might be an instance name for the instance group backends, or an IP address and port for zonal network endpoint group backends. |
instanceUri |
URI of the backend instance (if applicable). Populated for instance group backends, and zonal NEG backends. |
backendServiceUri |
URI of the backend service this backend belongs to (if applicable). |
instanceGroupUri |
URI of the instance group this backend belongs to (if applicable). |
networkEndpointGroupUri |
URI of the network endpoint group this backend belongs to (if applicable). |
backendBucketUri |
URI of the backend bucket this backend targets (if applicable). |
pscServiceAttachmentUri |
URI of the PSC service attachment this PSC NEG backend targets (if applicable). |
pscGoogleApiTarget |
PSC Google API target this PSC NEG backend targets (if applicable). |
healthCheckUri |
URI of the health check attached to this backend (if applicable). |
healthCheckFirewallsConfigState |
Output only. Health check firewalls configuration state for the backend. This is a result of the static firewall analysis (verifying that health check traffic from required IP ranges to the backend is allowed or not). The backend might still be unhealthy even if these firewalls are configured. Please refer to the documentation for more information: https://cloud.google.com/load-balancing/docs/firewall-rules |
StorageBucketInfo
| JSON representation |
|---|
{ "bucket": string } |
| Fields | |
|---|---|
bucket |
Cloud Storage Bucket name. |
ServerlessNegInfo
| JSON representation |
|---|
{ "negUri": string } |
| Fields | |
|---|---|
negUri |
URI of the serverless network endpoint group. |
NgfwPacketInspectionInfo
| JSON representation |
|---|
{ "securityProfileGroupUri": string } |
| Fields | |
|---|---|
securityProfileGroupUri |
URI of the security profile group associated with this firewall packet inspection. |
ProbingDetails
| JSON representation |
|---|
{ "result": enum ( |
| Fields | |
|---|---|
result |
The overall result of active probing. |
verifyTime |
The time that reachability was assessed through active probing. Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: |
error |
Details about an internal failure or the cancellation of active probing. |
abortCause |
The reason probing was aborted. |
sentProbeCount |
Number of probes sent. |
successfulProbeCount |
Number of probes that reached the destination. |
endpointInfo |
The source and destination endpoints derived from the test input and used for active probing. |
probingLatency |
Latency as measured by active probing in one direction: from the source to the destination endpoint. |
destinationEgressLocation |
The EdgeLocation from which a packet, destined to the internet, will egress the Google network. This will only be populated for a connectivity test which has an internet destination address. The absence of this field must not be used as an indication that the destination is part of the Google network. |
edgeResponses[] |
Probing results for all edge devices. |
probedAllDevices |
Whether all relevant edge devices were probed. |
LatencyDistribution
| JSON representation |
|---|
{
"latencyPercentiles": [
{
object ( |
| Fields | |
|---|---|
latencyPercentiles[] |
Representative latency percentiles. |
LatencyPercentile
| JSON representation |
|---|
{ "percent": integer, "latencyMicros": string } |
| Fields | |
|---|---|
percent |
Percentage of samples this data point applies to. |
latencyMicros |
percent-th percentile of latency observed, in microseconds. Fraction of percent/100 of samples have latency lower or equal to the value of this field. |
EdgeLocation
| JSON representation |
|---|
{ "metropolitanArea": string } |
| Fields | |
|---|---|
metropolitanArea |
Name of the metropolitan area. |
SingleEdgeResponse
| JSON representation |
|---|
{ "result": enum ( |
| Fields | |
|---|---|
result |
The overall result of active probing for this egress device. |
sentProbeCount |
Number of probes sent. |
successfulProbeCount |
Number of probes that reached the destination. |
probingLatency |
Latency as measured by active probing in one direction: from the source to the destination endpoint. |
destinationEgressLocation |
The EdgeLocation from which a packet, destined to the internet, will egress the Google network. This will only be populated for a connectivity test which has an internet destination address. The absence of this field must not be used as an indication that the destination is part of the Google network. |
destinationRouter |
Router name in the format '{router}.{metroshard}'. For example: pf01.aaa01, pr02.aaa01. |
Tool Annotations
Destructive Hint: ❌ | Idempotent Hint: ✅ | Read Only Hint: ✅ | Open World Hint: ❌