Create registry books, realms, and custom ranges
This page explains how to organize your Compute Engine and other IP address resources in Cloud Number Registry.
Before you begin
- Set up Cloud Number Registry.
- Select the project in your organization that has been configured to provide Cloud Number Registry access.
- Verify that you have the permissions required to complete this guide.
Required roles
To get the permissions that
you need to create Cloud Number Registry resources,
ask your administrator to grant you the
Cloud Number Registry IPAM Admin (roles/cloudnumberregistry.ipamAdmin) IAM role on your project.
For more information about granting roles, see Manage access to projects, folders, and organizations.
You might also be able to get the required permissions through custom roles or other predefined roles.
Create a registry book
When you create an IPAM admin scope, a default registry book is created. The default registry book contains information about all discovered realms and ranges in your organization.
Alternatively, you can create additional registry books to organize your IP address resources.
To organize discovered realms and ranges, specify one or more projects in the claimed scope of the registry book. The registry book contains information about those projects. You can also add user-managed realms to this registry book.
To organize only user-managed realms, don't specify any projects in the claimed scope.
Console
In the Google Cloud console, go to the Cloud Number Registry page.
Click Create a registry book.
In the Name field, enter a name for the registry book.
To use this registry book to organize discovered realms and ranges, do the following:
- Click Add project to add a project to the registry book.
- Repeat the previous step if needed to add additional claimed projects.
Click Create registry book.
gcloud
Create a registry book by using the gcloud alpha number-registry
registry-books create
command.
To create a registry book to organize only user-managed realms and ranges,
omit the --claimed-scopes flag.
gcloud alpha number-registry registry-books create REGISTRY_BOOK \
--claimed-scopes=PROJECT_LIST \
--location=global
Replace the following:
REGISTRY_BOOK: a name for the registry book.PROJECT_LIST: a comma-separated list of projects to claim in this registry book—for exampleprojects/12345678,projects/test-project.
Create a realm
You can create realms in any registry book.
Console
In the Google Cloud console, go to the Cloud Number Registry page.
Click the Registry books tab.
Click the registry book that you want add a realm to.
Click Create realm.
For Name, enter a name for the realm.
For Traffic type, select a traffic type.
For IP version, select IPv4 or IPv6.
Click Create realm.
gcloud
Create a realm by using the
gcloud alpha number-registry realms create
command.
gcloud alpha number-registry realms create REALM \
--registry-book=REGISTRY_BOOK \
--traffic-type=TRAFFIC_TYPE \
--management-type=USER \
--ip-version=IP_VERSION \
--location=global
Replace the following:
REALM: a name for the realm.REGISTRY_BOOK: the URI of the parent registry book for this realm.TRAFFIC_TYPE: the traffic type for this realm. Valid values arePRIVATE,INTERNET,LINK_LOCAL, orUNSET.IP_VERSION: the IP version for this realm. Valid values areipv4oripv6.
Create a custom range
Custom ranges can be created inside a realm, or inside a parent custom range. You can add custom ranges only to user-managed realms.
You can use custom ranges to track IP address ranges that aren't discovered by Cloud Number Registry—for example, IP address ranges that are used in subnets in on-premises environments.
Console
In the Google Cloud console, go to the Cloud Number Registry page.
Click the Registry books tab.
Click registry book that you want add the custom range to.
Navigate to the parent resource where you want to add the range:
- Click a realm, and then click Create custom range.
- Click a realm, then click a custom range, and then click Create child range.
For Name, enter a name for the custom range.
For IP range, enter the IP address range.
Click Create custom range.
gcloud
Add custom ranges by using the gcloud alpha number-registry custom-ranges
create
command.
Add a custom IPv4 range, assigning a realm as the parent of the range.
To create a custom IPv6 range, use the
--ipv6-cidr-rangeflag instead of--ipv4-cidr-range.gcloud alpha number-registry custom-ranges create CUSTOM_RANGE_NAME \ --realm=REALM_NAME \ --ipv4-cidr-range=CIDR_RANGE \ --location=globalReplace the following:
CUSTOM_RANGE_NAME: a name for the custom range.REALM_NAME: the name of the parent realm for this custom range.CIDR_RANGE: the IP address range that you want to add to the realm, for example10.0.0.0/22.
Add a custom IPv4 range, assigning another range as the parent of the range.
To create a custom IPv6 range, use the
--ipv6-cidr-rangeflag instead of--ipv4-cidr-range.gcloud alpha number-registry custom-ranges create CUSTOM_RANGE_NAME \ --parent-range=PARENT_RANGE \ --ipv4-cidr-range=CIDR_RANGE \ --location=globalReplace the following:
CUSTOM_RANGE_NAME: a name for the custom range.PARENT_RANGE: the URI of the parent range.CIDR_RANGE: the IP address range that you want to add to the realm, for example10.0.0.0/24.
Add a custom IPv4 range, assigning another range as the parent of the range, and setting attributes on the range. If you set attributes on a range, you can use those attributes when you search for IP addresses resources.
gcloud alpha number-registry custom-ranges create CUSTOM_RANGE_NAME \ --parent-range=PARENT_RANGE \ --ipv4-cidr-range=CIDR_RANGE \ --attributes=key=KEY,value=VALUE \ --location=globalReplace the following:
CUSTOM_RANGE_NAME: a name for the custom range.PARENT_RANGE: the URI of the parent range.CIDR_RANGE: the IP address range that you want to add to the realm, for example10.0.0.0/24.key: the key of the attribute—for example,env.value: the value of the attribute—for example,prod.