-Before trying internal https LB, I have already tested External HTTPS LB exposed directly to internet for backend bucket.
In this case, I have created all necessary resources in GCP
(google_compute_global_forwarding_rule, google_compute_target_https_proxy, google_compute_global_address, google_dns_managed_zone, google_dns_record_set, google_compute_ssl_certificate, google_compute_url_map, google_compute_backend_bucket, google_storage_bucket with storage_class "MULTI_REGIONAL")
I have activated public access for bucket.
Finally, the static website for bucket is exposed directly to internet and works correctly in this case.
Goal: Static website for buckets would not be exposed directly to internet in test environments.
-SO I have tried intenal https LB: I have created all necessary resources (google_compute_forwarding_rule, google_compute_region_target_https_proxy, google_compute_address using private DNS, google_compute_region_url_map, google_compute_backend_bucket, regional storage bucket....).
I got failure when creating the resource google_compute_region_url_map in which the default_service points to the backend bucket. The message error indicates that there is no backend in the same region.
The problem is with google_compute_backend_bucket which is global and not regional (There is no regional backend bucket in GCP).
I have noticed also that all samples of internal https LB in GCP are with backend service and not backend bucket.
-I have made some research about Private service connect with internal https LB (https://cloud.google.com/load-balancing/docs/l7-internal).
But I think it will not work also for the same reason: It must be regional and we don't have regional backend bucket.
What do you think? Have you any suggestions? Is this goal possible in GCP?
