accesscontextmanager

package
v3.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 24, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessLevel 

type AccessLevel struct {
	pulumi.CustomResourceState

	// A set of predefined conditions for the access level and a combining function.  Structure is documented below.
	Basic AccessLevelBasicPtrOutput `pulumi:"basic"`
	// Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
	// See CEL spec at: https://github.com/google/cel-spec.  Structure is documented below.
	Custom AccessLevelCustomPtrOutput `pulumi:"custom"`
	// Description of the expression
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Resource name for the Access Level. The shortName component must begin
	// with a letter and only include alphanumeric and '_'.
	// Format: accessPolicies/{policy_id}/accessLevels/{short_name}
	Name pulumi.StringOutput `pulumi:"name"`
	// The AccessPolicy this AccessLevel lives in.
	// Format: accessPolicies/{policy_id}
	Parent pulumi.StringOutput `pulumi:"parent"`
	// Title for the expression, i.e. a short string describing its purpose.
	Title pulumi.StringOutput `pulumi:"title"`
}

An AccessLevel is a label that can be applied to requests to GCP services, along with a list of requirements necessary for the label to be applied.

To get more information about AccessLevel, see:

* [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels) * How-to Guides

func GetAccessLevel 

func GetAccessLevel(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccessLevelState, opts ...pulumi.ResourceOption) (*AccessLevel, error)

GetAccessLevel gets an existing AccessLevel resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessLevel 

func NewAccessLevel(ctx *pulumi.Context,
	name string, args *AccessLevelArgs, opts ...pulumi.ResourceOption) (*AccessLevel, error)

NewAccessLevel registers a new resource with the given unique name, arguments, and options.

type AccessLevelArgs 

type AccessLevelArgs struct {
	// A set of predefined conditions for the access level and a combining function.  Structure is documented below.
	Basic AccessLevelBasicPtrInput
	// Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
	// See CEL spec at: https://github.com/google/cel-spec.  Structure is documented below.
	Custom AccessLevelCustomPtrInput
	// Description of the expression
	Description pulumi.StringPtrInput
	// Resource name for the Access Level. The shortName component must begin
	// with a letter and only include alphanumeric and '_'.
	// Format: accessPolicies/{policy_id}/accessLevels/{short_name}
	Name pulumi.StringPtrInput
	// The AccessPolicy this AccessLevel lives in.
	// Format: accessPolicies/{policy_id}
	Parent pulumi.StringInput
	// Title for the expression, i.e. a short string describing its purpose.
	Title pulumi.StringInput
}

The set of arguments for constructing a AccessLevel resource.

func (AccessLevelArgs) ElementType 

func (AccessLevelArgs) ElementType() reflect.Type

type AccessLevelBasic 

type AccessLevelBasic struct {
	// How the conditions list should be combined to determine if a request
	// is granted this AccessLevel. If AND is used, each Condition in
	// conditions must be satisfied for the AccessLevel to be applied. If
	// OR is used, at least one Condition in conditions must be satisfied
	// for the AccessLevel to be applied.
	CombiningFunction *string `pulumi:"combiningFunction"`
	// A set of requirements for the AccessLevel to be granted.  Structure is documented below.
	Conditions []AccessLevelBasicCondition `pulumi:"conditions"`
}

type AccessLevelBasicArgs 

type AccessLevelBasicArgs struct {
	// How the conditions list should be combined to determine if a request
	// is granted this AccessLevel. If AND is used, each Condition in
	// conditions must be satisfied for the AccessLevel to be applied. If
	// OR is used, at least one Condition in conditions must be satisfied
	// for the AccessLevel to be applied.
	CombiningFunction pulumi.StringPtrInput `pulumi:"combiningFunction"`
	// A set of requirements for the AccessLevel to be granted.  Structure is documented below.
	Conditions AccessLevelBasicConditionArrayInput `pulumi:"conditions"`
}

func (AccessLevelBasicArgs) ElementType 

func (AccessLevelBasicArgs) ElementType() reflect.Type

func (AccessLevelBasicArgs) ToAccessLevelBasicOutput 

func (i AccessLevelBasicArgs) ToAccessLevelBasicOutput() AccessLevelBasicOutput

func (AccessLevelBasicArgs) ToAccessLevelBasicOutputWithContext 

func (i AccessLevelBasicArgs) ToAccessLevelBasicOutputWithContext(ctx context.Context) AccessLevelBasicOutput

func (AccessLevelBasicArgs) ToAccessLevelBasicPtrOutput 

func (i AccessLevelBasicArgs) ToAccessLevelBasicPtrOutput() AccessLevelBasicPtrOutput

func (AccessLevelBasicArgs) ToAccessLevelBasicPtrOutputWithContext 

func (i AccessLevelBasicArgs) ToAccessLevelBasicPtrOutputWithContext(ctx context.Context) AccessLevelBasicPtrOutput

type AccessLevelBasicCondition 

type AccessLevelBasicCondition struct {
	// Device specific restrictions, all restrictions must hold for
	// the Condition to be true. If not specified, all devices are
	// allowed.  Structure is documented below.
	DevicePolicy *AccessLevelBasicConditionDevicePolicy `pulumi:"devicePolicy"`
	// A list of CIDR block IP subnetwork specification. May be IPv4
	// or IPv6.
	// Note that for a CIDR IP address block, the specified IP address
	// portion must be properly truncated (i.e. all the host bits must
	// be zero) or the input is considered malformed. For example,
	// "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly,
	// for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32"
	// is not. The originating IP of a request must be in one of the
	// listed subnets in order for this Condition to be true.
	// If empty, all IP addresses are allowed.
	IpSubnetworks []string `pulumi:"ipSubnetworks"`
	// An allowed list of members (users, service accounts).
	// Using groups is not supported yet.
	// The signed-in user originating the request must be a part of one
	// of the provided members. If not specified, a request may come
	// from any user (logged in/not logged in, not present in any
	// groups, etc.).
	// Formats: `user:{emailid}`, `serviceAccount:{emailid}`
	Members []string `pulumi:"members"`
	// Whether to negate the Condition. If true, the Condition becomes
	// a NAND over its non-empty fields, each field must be false for
	// the Condition overall to be satisfied. Defaults to false.
	Negate *bool `pulumi:"negate"`
	// The request must originate from one of the provided
	// countries/regions.
	// Format: A valid ISO 3166-1 alpha-2 code.
	Regions []string `pulumi:"regions"`
	// A list of other access levels defined in the same Policy,
	// referenced by resource name. Referencing an AccessLevel which
	// does not exist is an error. All access levels listed must be
	// granted for the Condition to be true.
	// Format: accessPolicies/{policy_id}/accessLevels/{short_name}
	RequiredAccessLevels []string `pulumi:"requiredAccessLevels"`
}

type AccessLevelBasicConditionArgs 

type AccessLevelBasicConditionArgs struct {
	// Device specific restrictions, all restrictions must hold for
	// the Condition to be true. If not specified, all devices are
	// allowed.  Structure is documented below.
	DevicePolicy AccessLevelBasicConditionDevicePolicyPtrInput `pulumi:"devicePolicy"`
	// A list of CIDR block IP subnetwork specification. May be IPv4
	// or IPv6.
	// Note that for a CIDR IP address block, the specified IP address
	// portion must be properly truncated (i.e. all the host bits must
	// be zero) or the input is considered malformed. For example,
	// "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly,
	// for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32"
	// is not. The originating IP of a request must be in one of the
	// listed subnets in order for this Condition to be true.
	// If empty, all IP addresses are allowed.
	IpSubnetworks pulumi.StringArrayInput `pulumi:"ipSubnetworks"`
	// An allowed list of members (users, service accounts).
	// Using groups is not supported yet.
	// The signed-in user originating the request must be a part of one
	// of the provided members. If not specified, a request may come
	// from any user (logged in/not logged in, not present in any
	// groups, etc.).
	// Formats: `user:{emailid}`, `serviceAccount:{emailid}`
	Members pulumi.StringArrayInput `pulumi:"members"`
	// Whether to negate the Condition. If true, the Condition becomes
	// a NAND over its non-empty fields, each field must be false for
	// the Condition overall to be satisfied. Defaults to false.
	Negate pulumi.BoolPtrInput `pulumi:"negate"`
	// The request must originate from one of the provided
	// countries/regions.
	// Format: A valid ISO 3166-1 alpha-2 code.
	Regions pulumi.StringArrayInput `pulumi:"regions"`
	// A list of other access levels defined in the same Policy,
	// referenced by resource name. Referencing an AccessLevel which
	// does not exist is an error. All access levels listed must be
	// granted for the Condition to be true.
	// Format: accessPolicies/{policy_id}/accessLevels/{short_name}
	RequiredAccessLevels pulumi.StringArrayInput `pulumi:"requiredAccessLevels"`
}

func (AccessLevelBasicConditionArgs) ElementType 

func (AccessLevelBasicConditionArgs) ElementType() reflect.Type

func (AccessLevelBasicConditionArgs) ToAccessLevelBasicConditionOutput 

func (i AccessLevelBasicConditionArgs) ToAccessLevelBasicConditionOutput() AccessLevelBasicConditionOutput

func (AccessLevelBasicConditionArgs) ToAccessLevelBasicConditionOutputWithContext 

func (i AccessLevelBasicConditionArgs) ToAccessLevelBasicConditionOutputWithContext(ctx context.Context) AccessLevelBasicConditionOutput

type AccessLevelBasicConditionArray 

type AccessLevelBasicConditionArray []AccessLevelBasicConditionInput

func (AccessLevelBasicConditionArray) ElementType 

func (AccessLevelBasicConditionArray) ElementType() reflect.Type

func (AccessLevelBasicConditionArray) ToAccessLevelBasicConditionArrayOutput 

func (i AccessLevelBasicConditionArray) ToAccessLevelBasicConditionArrayOutput() AccessLevelBasicConditionArrayOutput

func (AccessLevelBasicConditionArray) ToAccessLevelBasicConditionArrayOutputWithContext 

func (i AccessLevelBasicConditionArray) ToAccessLevelBasicConditionArrayOutputWithContext(ctx context.Context) AccessLevelBasicConditionArrayOutput

type AccessLevelBasicConditionArrayInput 

type AccessLevelBasicConditionArrayInput interface {
	pulumi.Input

	ToAccessLevelBasicConditionArrayOutput() AccessLevelBasicConditionArrayOutput
	ToAccessLevelBasicConditionArrayOutputWithContext(context.Context) AccessLevelBasicConditionArrayOutput
}

AccessLevelBasicConditionArrayInput is an input type that accepts AccessLevelBasicConditionArray and AccessLevelBasicConditionArrayOutput values. You can construct a concrete instance of `AccessLevelBasicConditionArrayInput` via: 

AccessLevelBasicConditionArray{ AccessLevelBasicConditionArgs{...} }

type AccessLevelBasicConditionArrayOutput 

type AccessLevelBasicConditionArrayOutput struct{ *pulumi.OutputState }

func (AccessLevelBasicConditionArrayOutput) ElementType 

func (AccessLevelBasicConditionArrayOutput) ElementType() reflect.Type

func (AccessLevelBasicConditionArrayOutput) Index 

func (o AccessLevelBasicConditionArrayOutput) Index(i pulumi.IntInput) AccessLevelBasicConditionOutput

func (AccessLevelBasicConditionArrayOutput) ToAccessLevelBasicConditionArrayOutput 

func (o AccessLevelBasicConditionArrayOutput) ToAccessLevelBasicConditionArrayOutput() AccessLevelBasicConditionArrayOutput

func (AccessLevelBasicConditionArrayOutput) ToAccessLevelBasicConditionArrayOutputWithContext 

func (o AccessLevelBasicConditionArrayOutput) ToAccessLevelBasicConditionArrayOutputWithContext(ctx context.Context) AccessLevelBasicConditionArrayOutput

type AccessLevelBasicConditionDevicePolicy 

type AccessLevelBasicConditionDevicePolicy struct {
	// A list of allowed device management levels.
	// An empty list allows all management levels.
	AllowedDeviceManagementLevels []string `pulumi:"allowedDeviceManagementLevels"`
	// A list of allowed encryptions statuses.
	// An empty list allows all statuses.
	AllowedEncryptionStatuses []string `pulumi:"allowedEncryptionStatuses"`
	// A list of allowed OS versions.
	// An empty list allows all types and all versions.  Structure is documented below.
	OsConstraints []AccessLevelBasicConditionDevicePolicyOsConstraint `pulumi:"osConstraints"`
	// Whether the device needs to be approved by the customer admin.
	RequireAdminApproval *bool `pulumi:"requireAdminApproval"`
	// Whether the device needs to be corp owned.
	RequireCorpOwned *bool `pulumi:"requireCorpOwned"`
	// Whether or not screenlock is required for the DevicePolicy
	// to be true. Defaults to false.
	RequireScreenLock *bool `pulumi:"requireScreenLock"`
}

type AccessLevelBasicConditionDevicePolicyArgs 

type AccessLevelBasicConditionDevicePolicyArgs struct {
	// A list of allowed device management levels.
	// An empty list allows all management levels.
	AllowedDeviceManagementLevels pulumi.StringArrayInput `pulumi:"allowedDeviceManagementLevels"`
	// A list of allowed encryptions statuses.
	// An empty list allows all statuses.
	AllowedEncryptionStatuses pulumi.StringArrayInput `pulumi:"allowedEncryptionStatuses"`
	// A list of allowed OS versions.
	// An empty list allows all types and all versions.  Structure is documented below.
	OsConstraints AccessLevelBasicConditionDevicePolicyOsConstraintArrayInput `pulumi:"osConstraints"`
	// Whether the device needs to be approved by the customer admin.
	RequireAdminApproval pulumi.BoolPtrInput `pulumi:"requireAdminApproval"`
	// Whether the device needs to be corp owned.
	RequireCorpOwned pulumi.BoolPtrInput `pulumi:"requireCorpOwned"`
	// Whether or not screenlock is required for the DevicePolicy
	// to be true. Defaults to false.
	RequireScreenLock pulumi.BoolPtrInput `pulumi:"requireScreenLock"`
}

func (AccessLevelBasicConditionDevicePolicyArgs) ElementType 

func (AccessLevelBasicConditionDevicePolicyArgs) ElementType() reflect.Type

func (AccessLevelBasicConditionDevicePolicyArgs) ToAccessLevelBasicConditionDevicePolicyOutput 

func (i AccessLevelBasicConditionDevicePolicyArgs) ToAccessLevelBasicConditionDevicePolicyOutput() AccessLevelBasicConditionDevicePolicyOutput

func (AccessLevelBasicConditionDevicePolicyArgs) ToAccessLevelBasicConditionDevicePolicyOutputWithContext 

func (i AccessLevelBasicConditionDevicePolicyArgs) ToAccessLevelBasicConditionDevicePolicyOutputWithContext(ctx context.Context) AccessLevelBasicConditionDevicePolicyOutput

func (AccessLevelBasicConditionDevicePolicyArgs) ToAccessLevelBasicConditionDevicePolicyPtrOutput 

func (i AccessLevelBasicConditionDevicePolicyArgs) ToAccessLevelBasicConditionDevicePolicyPtrOutput() AccessLevelBasicConditionDevicePolicyPtrOutput

func (AccessLevelBasicConditionDevicePolicyArgs) ToAccessLevelBasicConditionDevicePolicyPtrOutputWithContext 

func (i AccessLevelBasicConditionDevicePolicyArgs) ToAccessLevelBasicConditionDevicePolicyPtrOutputWithContext(ctx context.Context) AccessLevelBasicConditionDevicePolicyPtrOutput

type AccessLevelBasicConditionDevicePolicyInput 

type AccessLevelBasicConditionDevicePolicyInput interface {
	pulumi.Input

	ToAccessLevelBasicConditionDevicePolicyOutput() AccessLevelBasicConditionDevicePolicyOutput
	ToAccessLevelBasicConditionDevicePolicyOutputWithContext(context.Context) AccessLevelBasicConditionDevicePolicyOutput
}

AccessLevelBasicConditionDevicePolicyInput is an input type that accepts AccessLevelBasicConditionDevicePolicyArgs and AccessLevelBasicConditionDevicePolicyOutput values. You can construct a concrete instance of `AccessLevelBasicConditionDevicePolicyInput` via: 

AccessLevelBasicConditionDevicePolicyArgs{...}

type AccessLevelBasicConditionDevicePolicyOsConstraint 

type AccessLevelBasicConditionDevicePolicyOsConstraint struct {
	// The minimum allowed OS version. If not set, any version
	// of this OS satisfies the constraint.
	// Format: "major.minor.patch" such as "10.5.301", "9.2.1".
	MinimumVersion *string `pulumi:"minimumVersion"`
	// The operating system type of the device.
	OsType string `pulumi:"osType"`
}

type AccessLevelBasicConditionDevicePolicyOsConstraintArgs 

type AccessLevelBasicConditionDevicePolicyOsConstraintArgs struct {
	// The minimum allowed OS version. If not set, any version
	// of this OS satisfies the constraint.
	// Format: "major.minor.patch" such as "10.5.301", "9.2.1".
	MinimumVersion pulumi.StringPtrInput `pulumi:"minimumVersion"`
	// The operating system type of the device.
	OsType pulumi.StringInput `pulumi:"osType"`
}

func (AccessLevelBasicConditionDevicePolicyOsConstraintArgs) ElementType 

func (AccessLevelBasicConditionDevicePolicyOsConstraintArgs) ElementType() reflect.Type

func (AccessLevelBasicConditionDevicePolicyOsConstraintArgs) ToAccessLevelBasicConditionDevicePolicyOsConstraintOutput 

func (i AccessLevelBasicConditionDevicePolicyOsConstraintArgs) ToAccessLevelBasicConditionDevicePolicyOsConstraintOutput() AccessLevelBasicConditionDevicePolicyOsConstraintOutput

func (AccessLevelBasicConditionDevicePolicyOsConstraintArgs) ToAccessLevelBasicConditionDevicePolicyOsConstraintOutputWithContext 

func (i AccessLevelBasicConditionDevicePolicyOsConstraintArgs) ToAccessLevelBasicConditionDevicePolicyOsConstraintOutputWithContext(ctx context.Context) AccessLevelBasicConditionDevicePolicyOsConstraintOutput

type AccessLevelBasicConditionDevicePolicyOsConstraintArray 

type AccessLevelBasicConditionDevicePolicyOsConstraintArray []AccessLevelBasicConditionDevicePolicyOsConstraintInput

func (AccessLevelBasicConditionDevicePolicyOsConstraintArray) ElementType 

func (AccessLevelBasicConditionDevicePolicyOsConstraintArray) ElementType() reflect.Type

func (AccessLevelBasicConditionDevicePolicyOsConstraintArray) ToAccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput 

func (i AccessLevelBasicConditionDevicePolicyOsConstraintArray) ToAccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput() AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput

func (AccessLevelBasicConditionDevicePolicyOsConstraintArray) ToAccessLevelBasicConditionDevicePolicyOsConstraintArrayOutputWithContext 

func (i AccessLevelBasicConditionDevicePolicyOsConstraintArray) ToAccessLevelBasicConditionDevicePolicyOsConstraintArrayOutputWithContext(ctx context.Context) AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput

type AccessLevelBasicConditionDevicePolicyOsConstraintArrayInput 

type AccessLevelBasicConditionDevicePolicyOsConstraintArrayInput interface {
	pulumi.Input

	ToAccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput() AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput
	ToAccessLevelBasicConditionDevicePolicyOsConstraintArrayOutputWithContext(context.Context) AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput
}

AccessLevelBasicConditionDevicePolicyOsConstraintArrayInput is an input type that accepts AccessLevelBasicConditionDevicePolicyOsConstraintArray and AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput values. You can construct a concrete instance of `AccessLevelBasicConditionDevicePolicyOsConstraintArrayInput` via: 

AccessLevelBasicConditionDevicePolicyOsConstraintArray{ AccessLevelBasicConditionDevicePolicyOsConstraintArgs{...} }

type AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput 

type AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput struct{ *pulumi.OutputState }

func (AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput) ElementType 

func (AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput) ElementType() reflect.Type

func (AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput) Index 

func (o AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput) Index(i pulumi.IntInput) AccessLevelBasicConditionDevicePolicyOsConstraintOutput

func (AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput) ToAccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput 

func (o AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput) ToAccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput() AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput

func (AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput) ToAccessLevelBasicConditionDevicePolicyOsConstraintArrayOutputWithContext 

func (o AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput) ToAccessLevelBasicConditionDevicePolicyOsConstraintArrayOutputWithContext(ctx context.Context) AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput

type AccessLevelBasicConditionDevicePolicyOsConstraintInput 

type AccessLevelBasicConditionDevicePolicyOsConstraintInput interface {
	pulumi.Input

	ToAccessLevelBasicConditionDevicePolicyOsConstraintOutput() AccessLevelBasicConditionDevicePolicyOsConstraintOutput
	ToAccessLevelBasicConditionDevicePolicyOsConstraintOutputWithContext(context.Context) AccessLevelBasicConditionDevicePolicyOsConstraintOutput
}

AccessLevelBasicConditionDevicePolicyOsConstraintInput is an input type that accepts AccessLevelBasicConditionDevicePolicyOsConstraintArgs and AccessLevelBasicConditionDevicePolicyOsConstraintOutput values. You can construct a concrete instance of `AccessLevelBasicConditionDevicePolicyOsConstraintInput` via: 

AccessLevelBasicConditionDevicePolicyOsConstraintArgs{...}

type AccessLevelBasicConditionDevicePolicyOsConstraintOutput 

type AccessLevelBasicConditionDevicePolicyOsConstraintOutput struct{ *pulumi.OutputState }

func (AccessLevelBasicConditionDevicePolicyOsConstraintOutput) ElementType 

func (AccessLevelBasicConditionDevicePolicyOsConstraintOutput) ElementType() reflect.Type

func (AccessLevelBasicConditionDevicePolicyOsConstraintOutput) MinimumVersion 

func (o AccessLevelBasicConditionDevicePolicyOsConstraintOutput) MinimumVersion() pulumi.StringPtrOutput

The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch" such as "10.5.301", "9.2.1".

func (AccessLevelBasicConditionDevicePolicyOsConstraintOutput) OsType 

func (o AccessLevelBasicConditionDevicePolicyOsConstraintOutput) OsType() pulumi.StringOutput

The operating system type of the device.

func (AccessLevelBasicConditionDevicePolicyOsConstraintOutput) ToAccessLevelBasicConditionDevicePolicyOsConstraintOutput 

func (o AccessLevelBasicConditionDevicePolicyOsConstraintOutput) ToAccessLevelBasicConditionDevicePolicyOsConstraintOutput() AccessLevelBasicConditionDevicePolicyOsConstraintOutput

func (AccessLevelBasicConditionDevicePolicyOsConstraintOutput) ToAccessLevelBasicConditionDevicePolicyOsConstraintOutputWithContext 

func (o AccessLevelBasicConditionDevicePolicyOsConstraintOutput) ToAccessLevelBasicConditionDevicePolicyOsConstraintOutputWithContext(ctx context.Context) AccessLevelBasicConditionDevicePolicyOsConstraintOutput

type AccessLevelBasicConditionDevicePolicyOutput 

type AccessLevelBasicConditionDevicePolicyOutput struct{ *pulumi.OutputState }

func (AccessLevelBasicConditionDevicePolicyOutput) AllowedDeviceManagementLevels 

func (o AccessLevelBasicConditionDevicePolicyOutput) AllowedDeviceManagementLevels() pulumi.StringArrayOutput

A list of allowed device management levels. An empty list allows all management levels.

func (AccessLevelBasicConditionDevicePolicyOutput) AllowedEncryptionStatuses 

func (o AccessLevelBasicConditionDevicePolicyOutput) AllowedEncryptionStatuses() pulumi.StringArrayOutput

A list of allowed encryptions statuses. An empty list allows all statuses.

func (AccessLevelBasicConditionDevicePolicyOutput) ElementType 

func (AccessLevelBasicConditionDevicePolicyOutput) ElementType() reflect.Type

func (AccessLevelBasicConditionDevicePolicyOutput) OsConstraints 

func (o AccessLevelBasicConditionDevicePolicyOutput) OsConstraints() AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput

A list of allowed OS versions. An empty list allows all types and all versions. Structure is documented below.

func (AccessLevelBasicConditionDevicePolicyOutput) RequireAdminApproval 

func (o AccessLevelBasicConditionDevicePolicyOutput) RequireAdminApproval() pulumi.BoolPtrOutput

Whether the device needs to be approved by the customer admin.

func (AccessLevelBasicConditionDevicePolicyOutput) RequireCorpOwned 

func (o AccessLevelBasicConditionDevicePolicyOutput) RequireCorpOwned() pulumi.BoolPtrOutput

Whether the device needs to be corp owned.

func (AccessLevelBasicConditionDevicePolicyOutput) RequireScreenLock 

func (o AccessLevelBasicConditionDevicePolicyOutput) RequireScreenLock() pulumi.BoolPtrOutput

Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

func (AccessLevelBasicConditionDevicePolicyOutput) ToAccessLevelBasicConditionDevicePolicyOutput 

func (o AccessLevelBasicConditionDevicePolicyOutput) ToAccessLevelBasicConditionDevicePolicyOutput() AccessLevelBasicConditionDevicePolicyOutput

func (AccessLevelBasicConditionDevicePolicyOutput) ToAccessLevelBasicConditionDevicePolicyOutputWithContext 

func (o AccessLevelBasicConditionDevicePolicyOutput) ToAccessLevelBasicConditionDevicePolicyOutputWithContext(ctx context.Context) AccessLevelBasicConditionDevicePolicyOutput

func (AccessLevelBasicConditionDevicePolicyOutput) ToAccessLevelBasicConditionDevicePolicyPtrOutput 

func (o AccessLevelBasicConditionDevicePolicyOutput) ToAccessLevelBasicConditionDevicePolicyPtrOutput() AccessLevelBasicConditionDevicePolicyPtrOutput

func (AccessLevelBasicConditionDevicePolicyOutput) ToAccessLevelBasicConditionDevicePolicyPtrOutputWithContext 

func (o AccessLevelBasicConditionDevicePolicyOutput) ToAccessLevelBasicConditionDevicePolicyPtrOutputWithContext(ctx context.Context) AccessLevelBasicConditionDevicePolicyPtrOutput

type AccessLevelBasicConditionDevicePolicyPtrInput 

type AccessLevelBasicConditionDevicePolicyPtrInput interface {
	pulumi.Input

	ToAccessLevelBasicConditionDevicePolicyPtrOutput() AccessLevelBasicConditionDevicePolicyPtrOutput
	ToAccessLevelBasicConditionDevicePolicyPtrOutputWithContext(context.Context) AccessLevelBasicConditionDevicePolicyPtrOutput
}

AccessLevelBasicConditionDevicePolicyPtrInput is an input type that accepts AccessLevelBasicConditionDevicePolicyArgs, AccessLevelBasicConditionDevicePolicyPtr and AccessLevelBasicConditionDevicePolicyPtrOutput values. You can construct a concrete instance of `AccessLevelBasicConditionDevicePolicyPtrInput` via: 

		 AccessLevelBasicConditionDevicePolicyArgs{...}

 or:

		 nil

func AccessLevelBasicConditionDevicePolicyPtr 

func AccessLevelBasicConditionDevicePolicyPtr(v *AccessLevelBasicConditionDevicePolicyArgs) AccessLevelBasicConditionDevicePolicyPtrInput

type AccessLevelBasicConditionDevicePolicyPtrOutput 

type AccessLevelBasicConditionDevicePolicyPtrOutput struct{ *pulumi.OutputState }

func (AccessLevelBasicConditionDevicePolicyPtrOutput) AllowedDeviceManagementLevels 

func (o AccessLevelBasicConditionDevicePolicyPtrOutput) AllowedDeviceManagementLevels() pulumi.StringArrayOutput

A list of allowed device management levels. An empty list allows all management levels.

func (AccessLevelBasicConditionDevicePolicyPtrOutput) AllowedEncryptionStatuses 

func (o AccessLevelBasicConditionDevicePolicyPtrOutput) AllowedEncryptionStatuses() pulumi.StringArrayOutput

A list of allowed encryptions statuses. An empty list allows all statuses.

func (AccessLevelBasicConditionDevicePolicyPtrOutput) Elem 

func (o AccessLevelBasicConditionDevicePolicyPtrOutput) Elem() AccessLevelBasicConditionDevicePolicyOutput

func (AccessLevelBasicConditionDevicePolicyPtrOutput) ElementType 

func (AccessLevelBasicConditionDevicePolicyPtrOutput) ElementType() reflect.Type

func (AccessLevelBasicConditionDevicePolicyPtrOutput) OsConstraints 

func (o AccessLevelBasicConditionDevicePolicyPtrOutput) OsConstraints() AccessLevelBasicConditionDevicePolicyOsConstraintArrayOutput

A list of allowed OS versions. An empty list allows all types and all versions. Structure is documented below.

func (AccessLevelBasicConditionDevicePolicyPtrOutput) RequireAdminApproval 

func (o AccessLevelBasicConditionDevicePolicyPtrOutput) RequireAdminApproval() pulumi.BoolPtrOutput

Whether the device needs to be approved by the customer admin.

func (AccessLevelBasicConditionDevicePolicyPtrOutput) RequireCorpOwned 

func (o AccessLevelBasicConditionDevicePolicyPtrOutput) RequireCorpOwned() pulumi.BoolPtrOutput

Whether the device needs to be corp owned.

func (AccessLevelBasicConditionDevicePolicyPtrOutput) RequireScreenLock 

func (o AccessLevelBasicConditionDevicePolicyPtrOutput) RequireScreenLock() pulumi.BoolPtrOutput

Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

func (AccessLevelBasicConditionDevicePolicyPtrOutput) ToAccessLevelBasicConditionDevicePolicyPtrOutput 

func (o AccessLevelBasicConditionDevicePolicyPtrOutput) ToAccessLevelBasicConditionDevicePolicyPtrOutput() AccessLevelBasicConditionDevicePolicyPtrOutput

func (AccessLevelBasicConditionDevicePolicyPtrOutput) ToAccessLevelBasicConditionDevicePolicyPtrOutputWithContext 

func (o AccessLevelBasicConditionDevicePolicyPtrOutput) ToAccessLevelBasicConditionDevicePolicyPtrOutputWithContext(ctx context.Context) AccessLevelBasicConditionDevicePolicyPtrOutput

type AccessLevelBasicConditionInput 

type AccessLevelBasicConditionInput interface {
	pulumi.Input

	ToAccessLevelBasicConditionOutput() AccessLevelBasicConditionOutput
	ToAccessLevelBasicConditionOutputWithContext(context.Context) AccessLevelBasicConditionOutput
}

AccessLevelBasicConditionInput is an input type that accepts AccessLevelBasicConditionArgs and AccessLevelBasicConditionOutput values. You can construct a concrete instance of `AccessLevelBasicConditionInput` via: 

AccessLevelBasicConditionArgs{...}

type AccessLevelBasicConditionOutput 

type AccessLevelBasicConditionOutput struct{ *pulumi.OutputState }

func (AccessLevelBasicConditionOutput) DevicePolicy 

func (o AccessLevelBasicConditionOutput) DevicePolicy() AccessLevelBasicConditionDevicePolicyPtrOutput

Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed. Structure is documented below.

func (AccessLevelBasicConditionOutput) ElementType 

func (AccessLevelBasicConditionOutput) ElementType() reflect.Type

func (AccessLevelBasicConditionOutput) IpSubnetworks 

func (o AccessLevelBasicConditionOutput) IpSubnetworks() pulumi.StringArrayOutput

A list of CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

func (AccessLevelBasicConditionOutput) Members 

func (o AccessLevelBasicConditionOutput) Members() pulumi.StringArrayOutput

An allowed list of members (users, service accounts). Using groups is not supported yet. The signed-in user originating the request must be a part of one of the provided members. If not specified, a request may come from any user (logged in/not logged in, not present in any groups, etc.). Formats: `user:{emailid}`, `serviceAccount:{emailid}`

func (AccessLevelBasicConditionOutput) Negate 

func (o AccessLevelBasicConditionOutput) Negate() pulumi.BoolPtrOutput

Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

func (AccessLevelBasicConditionOutput) Regions 

func (o AccessLevelBasicConditionOutput) Regions() pulumi.StringArrayOutput

The request must originate from one of the provided countries/regions. Format: A valid ISO 3166-1 alpha-2 code.

func (AccessLevelBasicConditionOutput) RequiredAccessLevels 

func (o AccessLevelBasicConditionOutput) RequiredAccessLevels() pulumi.StringArrayOutput

A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Format: accessPolicies/{policy_id}/accessLevels/{short_name}

func (AccessLevelBasicConditionOutput) ToAccessLevelBasicConditionOutput 

func (o AccessLevelBasicConditionOutput) ToAccessLevelBasicConditionOutput() AccessLevelBasicConditionOutput

func (AccessLevelBasicConditionOutput) ToAccessLevelBasicConditionOutputWithContext 

func (o AccessLevelBasicConditionOutput) ToAccessLevelBasicConditionOutputWithContext(ctx context.Context) AccessLevelBasicConditionOutput

type AccessLevelBasicInput 

type AccessLevelBasicInput interface {
	pulumi.Input

	ToAccessLevelBasicOutput() AccessLevelBasicOutput
	ToAccessLevelBasicOutputWithContext(context.Context) AccessLevelBasicOutput
}

AccessLevelBasicInput is an input type that accepts AccessLevelBasicArgs and AccessLevelBasicOutput values. You can construct a concrete instance of `AccessLevelBasicInput` via: 

AccessLevelBasicArgs{...}

type AccessLevelBasicOutput 

type AccessLevelBasicOutput struct{ *pulumi.OutputState }

func (AccessLevelBasicOutput) CombiningFunction 

func (o AccessLevelBasicOutput) CombiningFunction() pulumi.StringPtrOutput

How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied.

func (AccessLevelBasicOutput) Conditions 

func (o AccessLevelBasicOutput) Conditions() AccessLevelBasicConditionArrayOutput

A set of requirements for the AccessLevel to be granted. Structure is documented below.

func (AccessLevelBasicOutput) ElementType 

func (AccessLevelBasicOutput) ElementType() reflect.Type

func (AccessLevelBasicOutput) ToAccessLevelBasicOutput 

func (o AccessLevelBasicOutput) ToAccessLevelBasicOutput() AccessLevelBasicOutput

func (AccessLevelBasicOutput) ToAccessLevelBasicOutputWithContext 

func (o AccessLevelBasicOutput) ToAccessLevelBasicOutputWithContext(ctx context.Context) AccessLevelBasicOutput

func (AccessLevelBasicOutput) ToAccessLevelBasicPtrOutput 

func (o AccessLevelBasicOutput) ToAccessLevelBasicPtrOutput() AccessLevelBasicPtrOutput

func (AccessLevelBasicOutput) ToAccessLevelBasicPtrOutputWithContext 

func (o AccessLevelBasicOutput) ToAccessLevelBasicPtrOutputWithContext(ctx context.Context) AccessLevelBasicPtrOutput

type AccessLevelBasicPtrInput 

type AccessLevelBasicPtrInput interface {
	pulumi.Input

	ToAccessLevelBasicPtrOutput() AccessLevelBasicPtrOutput
	ToAccessLevelBasicPtrOutputWithContext(context.Context) AccessLevelBasicPtrOutput
}

AccessLevelBasicPtrInput is an input type that accepts AccessLevelBasicArgs, AccessLevelBasicPtr and AccessLevelBasicPtrOutput values. You can construct a concrete instance of `AccessLevelBasicPtrInput` via: 

		 AccessLevelBasicArgs{...}

 or:

		 nil

func AccessLevelBasicPtr 

func AccessLevelBasicPtr(v *AccessLevelBasicArgs) AccessLevelBasicPtrInput

type AccessLevelBasicPtrOutput 

type AccessLevelBasicPtrOutput struct{ *pulumi.OutputState }

func (AccessLevelBasicPtrOutput) CombiningFunction 

func (o AccessLevelBasicPtrOutput) CombiningFunction() pulumi.StringPtrOutput

How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied.

func (AccessLevelBasicPtrOutput) Conditions 

func (o AccessLevelBasicPtrOutput) Conditions() AccessLevelBasicConditionArrayOutput

A set of requirements for the AccessLevel to be granted. Structure is documented below.

func (AccessLevelBasicPtrOutput) Elem 

func (o AccessLevelBasicPtrOutput) Elem() AccessLevelBasicOutput

func (AccessLevelBasicPtrOutput) ElementType 

func (AccessLevelBasicPtrOutput) ElementType() reflect.Type

func (AccessLevelBasicPtrOutput) ToAccessLevelBasicPtrOutput 

func (o AccessLevelBasicPtrOutput) ToAccessLevelBasicPtrOutput() AccessLevelBasicPtrOutput

func (AccessLevelBasicPtrOutput) ToAccessLevelBasicPtrOutputWithContext 

func (o AccessLevelBasicPtrOutput) ToAccessLevelBasicPtrOutputWithContext(ctx context.Context) AccessLevelBasicPtrOutput

type AccessLevelCustom added in v3.11.0 

type AccessLevelCustom struct {
	// Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language.
	// This page details the objects and attributes that are used to the build the CEL expressions for
	// custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec.  Structure is documented below.
	Expr AccessLevelCustomExpr `pulumi:"expr"`
}

type AccessLevelCustomArgs added in v3.11.0 

type AccessLevelCustomArgs struct {
	// Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language.
	// This page details the objects and attributes that are used to the build the CEL expressions for
	// custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec.  Structure is documented below.
	Expr AccessLevelCustomExprInput `pulumi:"expr"`
}

func (AccessLevelCustomArgs) ElementType added in v3.11.0 

func (AccessLevelCustomArgs) ElementType() reflect.Type

func (AccessLevelCustomArgs) ToAccessLevelCustomOutput added in v3.11.0 

func (i AccessLevelCustomArgs) ToAccessLevelCustomOutput() AccessLevelCustomOutput

func (AccessLevelCustomArgs) ToAccessLevelCustomOutputWithContext added in v3.11.0 

func (i AccessLevelCustomArgs) ToAccessLevelCustomOutputWithContext(ctx context.Context) AccessLevelCustomOutput

func (AccessLevelCustomArgs) ToAccessLevelCustomPtrOutput added in v3.11.0 

func (i AccessLevelCustomArgs) ToAccessLevelCustomPtrOutput() AccessLevelCustomPtrOutput

func (AccessLevelCustomArgs) ToAccessLevelCustomPtrOutputWithContext added in v3.11.0 

func (i AccessLevelCustomArgs) ToAccessLevelCustomPtrOutputWithContext(ctx context.Context) AccessLevelCustomPtrOutput

type AccessLevelCustomExpr added in v3.11.0 

type AccessLevelCustomExpr struct {
	// Description of the expression
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// String indicating the location of the expression for error reporting, e.g. a file name and a position in the file
	Location *string `pulumi:"location"`
	// Title for the expression, i.e. a short string describing its purpose.
	Title *string `pulumi:"title"`
}

type AccessLevelCustomExprArgs added in v3.11.0 

type AccessLevelCustomExprArgs struct {
	// Description of the expression
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringInput `pulumi:"expression"`
	// String indicating the location of the expression for error reporting, e.g. a file name and a position in the file
	Location pulumi.StringPtrInput `pulumi:"location"`
	// Title for the expression, i.e. a short string describing its purpose.
	Title pulumi.StringPtrInput `pulumi:"title"`
}

func (AccessLevelCustomExprArgs) ElementType added in v3.11.0 

func (AccessLevelCustomExprArgs) ElementType() reflect.Type

func (AccessLevelCustomExprArgs) ToAccessLevelCustomExprOutput added in v3.11.0 

func (i AccessLevelCustomExprArgs) ToAccessLevelCustomExprOutput() AccessLevelCustomExprOutput

func (AccessLevelCustomExprArgs) ToAccessLevelCustomExprOutputWithContext added in v3.11.0 

func (i AccessLevelCustomExprArgs) ToAccessLevelCustomExprOutputWithContext(ctx context.Context) AccessLevelCustomExprOutput

func (AccessLevelCustomExprArgs) ToAccessLevelCustomExprPtrOutput added in v3.11.0 

func (i AccessLevelCustomExprArgs) ToAccessLevelCustomExprPtrOutput() AccessLevelCustomExprPtrOutput

func (AccessLevelCustomExprArgs) ToAccessLevelCustomExprPtrOutputWithContext added in v3.11.0 

func (i AccessLevelCustomExprArgs) ToAccessLevelCustomExprPtrOutputWithContext(ctx context.Context) AccessLevelCustomExprPtrOutput

type AccessLevelCustomExprInput added in v3.11.0 

type AccessLevelCustomExprInput interface {
	pulumi.Input

	ToAccessLevelCustomExprOutput() AccessLevelCustomExprOutput
	ToAccessLevelCustomExprOutputWithContext(context.Context) AccessLevelCustomExprOutput
}

AccessLevelCustomExprInput is an input type that accepts AccessLevelCustomExprArgs and AccessLevelCustomExprOutput values. You can construct a concrete instance of `AccessLevelCustomExprInput` via: 

AccessLevelCustomExprArgs{...}

type AccessLevelCustomExprOutput added in v3.11.0 

type AccessLevelCustomExprOutput struct{ *pulumi.OutputState }

func (AccessLevelCustomExprOutput) Description added in v3.11.0 

func (o AccessLevelCustomExprOutput) Description() pulumi.StringPtrOutput

Description of the expression

func (AccessLevelCustomExprOutput) ElementType added in v3.11.0 

func (AccessLevelCustomExprOutput) ElementType() reflect.Type

func (AccessLevelCustomExprOutput) Expression added in v3.11.0 

func (o AccessLevelCustomExprOutput) Expression() pulumi.StringOutput

Textual representation of an expression in Common Expression Language syntax.

func (AccessLevelCustomExprOutput) Location added in v3.11.0 

func (o AccessLevelCustomExprOutput) Location() pulumi.StringPtrOutput

String indicating the location of the expression for error reporting, e.g. a file name and a position in the file

func (AccessLevelCustomExprOutput) Title added in v3.11.0 

func (o AccessLevelCustomExprOutput) Title() pulumi.StringPtrOutput

Title for the expression, i.e. a short string describing its purpose.

func (AccessLevelCustomExprOutput) ToAccessLevelCustomExprOutput added in v3.11.0 

func (o AccessLevelCustomExprOutput) ToAccessLevelCustomExprOutput() AccessLevelCustomExprOutput

func (AccessLevelCustomExprOutput) ToAccessLevelCustomExprOutputWithContext added in v3.11.0 

func (o AccessLevelCustomExprOutput) ToAccessLevelCustomExprOutputWithContext(ctx context.Context) AccessLevelCustomExprOutput

func (AccessLevelCustomExprOutput) ToAccessLevelCustomExprPtrOutput added in v3.11.0 

func (o AccessLevelCustomExprOutput) ToAccessLevelCustomExprPtrOutput() AccessLevelCustomExprPtrOutput

func (AccessLevelCustomExprOutput) ToAccessLevelCustomExprPtrOutputWithContext added in v3.11.0 

func (o AccessLevelCustomExprOutput) ToAccessLevelCustomExprPtrOutputWithContext(ctx context.Context) AccessLevelCustomExprPtrOutput

type AccessLevelCustomExprPtrInput added in v3.11.0 

type AccessLevelCustomExprPtrInput interface {
	pulumi.Input

	ToAccessLevelCustomExprPtrOutput() AccessLevelCustomExprPtrOutput
	ToAccessLevelCustomExprPtrOutputWithContext(context.Context) AccessLevelCustomExprPtrOutput
}

AccessLevelCustomExprPtrInput is an input type that accepts AccessLevelCustomExprArgs, AccessLevelCustomExprPtr and AccessLevelCustomExprPtrOutput values. You can construct a concrete instance of `AccessLevelCustomExprPtrInput` via: 

		 AccessLevelCustomExprArgs{...}

 or:

		 nil

func AccessLevelCustomExprPtr added in v3.11.0 

func AccessLevelCustomExprPtr(v *AccessLevelCustomExprArgs) AccessLevelCustomExprPtrInput

type AccessLevelCustomExprPtrOutput added in v3.11.0 

type AccessLevelCustomExprPtrOutput struct{ *pulumi.OutputState }

func (AccessLevelCustomExprPtrOutput) Description added in v3.11.0 

func (o AccessLevelCustomExprPtrOutput) Description() pulumi.StringPtrOutput

Description of the expression

func (AccessLevelCustomExprPtrOutput) Elem added in v3.11.0 

func (o AccessLevelCustomExprPtrOutput) Elem() AccessLevelCustomExprOutput

func (AccessLevelCustomExprPtrOutput) ElementType added in v3.11.0 

func (AccessLevelCustomExprPtrOutput) ElementType() reflect.Type

func (AccessLevelCustomExprPtrOutput) Expression added in v3.11.0 

func (o AccessLevelCustomExprPtrOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (AccessLevelCustomExprPtrOutput) Location added in v3.11.0 

func (o AccessLevelCustomExprPtrOutput) Location() pulumi.StringPtrOutput

String indicating the location of the expression for error reporting, e.g. a file name and a position in the file

func (AccessLevelCustomExprPtrOutput) Title added in v3.11.0 

func (o AccessLevelCustomExprPtrOutput) Title() pulumi.StringPtrOutput

Title for the expression, i.e. a short string describing its purpose.

func (AccessLevelCustomExprPtrOutput) ToAccessLevelCustomExprPtrOutput added in v3.11.0 

func (o AccessLevelCustomExprPtrOutput) ToAccessLevelCustomExprPtrOutput() AccessLevelCustomExprPtrOutput

func (AccessLevelCustomExprPtrOutput) ToAccessLevelCustomExprPtrOutputWithContext added in v3.11.0 

func (o AccessLevelCustomExprPtrOutput) ToAccessLevelCustomExprPtrOutputWithContext(ctx context.Context) AccessLevelCustomExprPtrOutput

type AccessLevelCustomInput added in v3.11.0 

type AccessLevelCustomInput interface {
	pulumi.Input

	ToAccessLevelCustomOutput() AccessLevelCustomOutput
	ToAccessLevelCustomOutputWithContext(context.Context) AccessLevelCustomOutput
}

AccessLevelCustomInput is an input type that accepts AccessLevelCustomArgs and AccessLevelCustomOutput values. You can construct a concrete instance of `AccessLevelCustomInput` via: 

AccessLevelCustomArgs{...}

type AccessLevelCustomOutput added in v3.11.0 

type AccessLevelCustomOutput struct{ *pulumi.OutputState }

func (AccessLevelCustomOutput) ElementType added in v3.11.0 

func (AccessLevelCustomOutput) ElementType() reflect.Type

func (AccessLevelCustomOutput) Expr added in v3.11.0 

func (o AccessLevelCustomOutput) Expr() AccessLevelCustomExprOutput

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. This page details the objects and attributes that are used to the build the CEL expressions for custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec. Structure is documented below.

func (AccessLevelCustomOutput) ToAccessLevelCustomOutput added in v3.11.0 

func (o AccessLevelCustomOutput) ToAccessLevelCustomOutput() AccessLevelCustomOutput

func (AccessLevelCustomOutput) ToAccessLevelCustomOutputWithContext added in v3.11.0 

func (o AccessLevelCustomOutput) ToAccessLevelCustomOutputWithContext(ctx context.Context) AccessLevelCustomOutput

func (AccessLevelCustomOutput) ToAccessLevelCustomPtrOutput added in v3.11.0 

func (o AccessLevelCustomOutput) ToAccessLevelCustomPtrOutput() AccessLevelCustomPtrOutput

func (AccessLevelCustomOutput) ToAccessLevelCustomPtrOutputWithContext added in v3.11.0 

func (o AccessLevelCustomOutput) ToAccessLevelCustomPtrOutputWithContext(ctx context.Context) AccessLevelCustomPtrOutput

type AccessLevelCustomPtrInput added in v3.11.0 

type AccessLevelCustomPtrInput interface {
	pulumi.Input

	ToAccessLevelCustomPtrOutput() AccessLevelCustomPtrOutput
	ToAccessLevelCustomPtrOutputWithContext(context.Context) AccessLevelCustomPtrOutput
}

AccessLevelCustomPtrInput is an input type that accepts AccessLevelCustomArgs, AccessLevelCustomPtr and AccessLevelCustomPtrOutput values. You can construct a concrete instance of `AccessLevelCustomPtrInput` via: 

		 AccessLevelCustomArgs{...}

 or:

		 nil

func AccessLevelCustomPtr added in v3.11.0 

func AccessLevelCustomPtr(v *AccessLevelCustomArgs) AccessLevelCustomPtrInput

type AccessLevelCustomPtrOutput added in v3.11.0 

type AccessLevelCustomPtrOutput struct{ *pulumi.OutputState }

func (AccessLevelCustomPtrOutput) Elem added in v3.11.0 

func (o AccessLevelCustomPtrOutput) Elem() AccessLevelCustomOutput

func (AccessLevelCustomPtrOutput) ElementType added in v3.11.0 

func (AccessLevelCustomPtrOutput) ElementType() reflect.Type

func (AccessLevelCustomPtrOutput) Expr added in v3.11.0 

func (o AccessLevelCustomPtrOutput) Expr() AccessLevelCustomExprPtrOutput

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. This page details the objects and attributes that are used to the build the CEL expressions for custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec. Structure is documented below.

func (AccessLevelCustomPtrOutput) ToAccessLevelCustomPtrOutput added in v3.11.0 

func (o AccessLevelCustomPtrOutput) ToAccessLevelCustomPtrOutput() AccessLevelCustomPtrOutput

func (AccessLevelCustomPtrOutput) ToAccessLevelCustomPtrOutputWithContext added in v3.11.0 

func (o AccessLevelCustomPtrOutput) ToAccessLevelCustomPtrOutputWithContext(ctx context.Context) AccessLevelCustomPtrOutput

type AccessLevelState 

type AccessLevelState struct {
	// A set of predefined conditions for the access level and a combining function.  Structure is documented below.
	Basic AccessLevelBasicPtrInput
	// Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
	// See CEL spec at: https://github.com/google/cel-spec.  Structure is documented below.
	Custom AccessLevelCustomPtrInput
	// Description of the expression
	Description pulumi.StringPtrInput
	// Resource name for the Access Level. The shortName component must begin
	// with a letter and only include alphanumeric and '_'.
	// Format: accessPolicies/{policy_id}/accessLevels/{short_name}
	Name pulumi.StringPtrInput
	// The AccessPolicy this AccessLevel lives in.
	// Format: accessPolicies/{policy_id}
	Parent pulumi.StringPtrInput
	// Title for the expression, i.e. a short string describing its purpose.
	Title pulumi.StringPtrInput
}

func (AccessLevelState) ElementType 

func (AccessLevelState) ElementType() reflect.Type

type AccessPolicy 

type AccessPolicy struct {
	pulumi.CustomResourceState

	// Time the AccessPolicy was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Resource name of the AccessPolicy. Format: {policy_id}
	Name pulumi.StringOutput `pulumi:"name"`
	// The parent of this AccessPolicy in the Cloud Resource Hierarchy.
	// Format: organizations/{organization_id}
	Parent pulumi.StringOutput `pulumi:"parent"`
	// Human readable title. Does not affect behavior.
	Title pulumi.StringOutput `pulumi:"title"`
	// Time the AccessPolicy was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

AccessPolicy is a container for AccessLevels (which define the necessary attributes to use GCP services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization.

To get more information about AccessPolicy, see:

* [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies) * How-to Guides

func GetAccessPolicy 

func GetAccessPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccessPolicyState, opts ...pulumi.ResourceOption) (*AccessPolicy, error)

GetAccessPolicy gets an existing AccessPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessPolicy 

func NewAccessPolicy(ctx *pulumi.Context,
	name string, args *AccessPolicyArgs, opts ...pulumi.ResourceOption) (*AccessPolicy, error)

NewAccessPolicy registers a new resource with the given unique name, arguments, and options.

type AccessPolicyArgs 

type AccessPolicyArgs struct {
	// The parent of this AccessPolicy in the Cloud Resource Hierarchy.
	// Format: organizations/{organization_id}
	Parent pulumi.StringInput
	// Human readable title. Does not affect behavior.
	Title pulumi.StringInput
}

The set of arguments for constructing a AccessPolicy resource.

func (AccessPolicyArgs) ElementType 

func (AccessPolicyArgs) ElementType() reflect.Type

type AccessPolicyState 

type AccessPolicyState struct {
	// Time the AccessPolicy was created in UTC.
	CreateTime pulumi.StringPtrInput
	// Resource name of the AccessPolicy. Format: {policy_id}
	Name pulumi.StringPtrInput
	// The parent of this AccessPolicy in the Cloud Resource Hierarchy.
	// Format: organizations/{organization_id}
	Parent pulumi.StringPtrInput
	// Human readable title. Does not affect behavior.
	Title pulumi.StringPtrInput
	// Time the AccessPolicy was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (AccessPolicyState) ElementType 

func (AccessPolicyState) ElementType() reflect.Type

type ServicePerimeter 

type ServicePerimeter struct {
	pulumi.CustomResourceState

	// Time the AccessPolicy was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Description of the ServicePerimeter and its use. Does not affect
	// behavior.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Resource name for the ServicePerimeter. The shortName component must
	// begin with a letter and only include alphanumeric and '_'.
	// Format: accessPolicies/{policy_id}/servicePerimeters/{short_name}
	Name pulumi.StringOutput `pulumi:"name"`
	// The AccessPolicy this ServicePerimeter lives in.
	// Format: accessPolicies/{policy_id}
	Parent pulumi.StringOutput `pulumi:"parent"`
	// Specifies the type of the Perimeter. There are two types: regular and
	// bridge. Regular Service Perimeter contains resources, access levels,
	// and restricted services. Every resource can be in at most
	// ONE regular Service Perimeter.
	// In addition to being in a regular service perimeter, a resource can also
	// be in zero or more perimeter bridges. A perimeter bridge only contains
	// resources. Cross project operations are permitted if all effected
	// resources share some perimeter (whether bridge or regular). Perimeter
	// Bridge does not contain access levels or services: those are governed
	// entirely by the regular perimeter that resource is in.
	// Perimeter Bridges are typically useful when building more complex
	// topologies with many independent perimeters that need to share some data
	// with a common perimeter, but should not be able to share data among
	// themselves.
	PerimeterType pulumi.StringPtrOutput `pulumi:"perimeterType"`
	// Proposed (or dry run) ServicePerimeter configuration.
	// This configuration allows to specify and test ServicePerimeter configuration
	// without enforcing actual access restrictions. Only allowed to be set when
	// the `useExplicitDryRunSpec` flag is set.  Structure is documented below.
	Spec ServicePerimeterSpecPtrOutput `pulumi:"spec"`
	// ServicePerimeter configuration. Specifies sets of resources,
	// restricted services and access levels that determine
	// perimeter content and boundaries.  Structure is documented below.
	Status ServicePerimeterStatusPtrOutput `pulumi:"status"`
	// Human readable title. Must be unique within the Policy.
	Title pulumi.StringOutput `pulumi:"title"`
	// Time the AccessPolicy was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
	// Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists
	// for all Service Perimeters, and that spec is identical to the status for those
	// Service Perimeters. When this flag is set, it inhibits the generation of the
	// implicit spec, thereby allowing the user to explicitly provide a
	// configuration ("spec") to use in a dry-run version of the Service Perimeter.
	// This allows the user to test changes to the enforced config ("status") without
	// actually enforcing them. This testing is done through analyzing the differences
	// between currently enforced and suggested restrictions. useExplicitDryRunSpec must
	// bet set to True if any of the fields in the spec are set to non-default values.
	UseExplicitDryRunSpec pulumi.BoolPtrOutput `pulumi:"useExplicitDryRunSpec"`
}

ServicePerimeter describes a set of GCP resources which can freely import and export data amongst themselves, but not export outside of the ServicePerimeter. If a request with a source within this ServicePerimeter has a target outside of the ServicePerimeter, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only GCP projects as members, a single GCP project may belong to multiple Service Perimeter Bridges.

To get more information about ServicePerimeter, see:

* [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters) * How-to Guides

func GetServicePerimeter 

func GetServicePerimeter(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServicePerimeterState, opts ...pulumi.ResourceOption) (*ServicePerimeter, error)

GetServicePerimeter gets an existing ServicePerimeter resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServicePerimeter 

func NewServicePerimeter(ctx *pulumi.Context,
	name string, args *ServicePerimeterArgs, opts ...pulumi.ResourceOption) (*ServicePerimeter, error)

NewServicePerimeter registers a new resource with the given unique name, arguments, and options.

type ServicePerimeterArgs 

type ServicePerimeterArgs struct {
	// Description of the ServicePerimeter and its use. Does not affect
	// behavior.
	Description pulumi.StringPtrInput
	// Resource name for the ServicePerimeter. The shortName component must
	// begin with a letter and only include alphanumeric and '_'.
	// Format: accessPolicies/{policy_id}/servicePerimeters/{short_name}
	Name pulumi.StringPtrInput
	// The AccessPolicy this ServicePerimeter lives in.
	// Format: accessPolicies/{policy_id}
	Parent pulumi.StringInput
	// Specifies the type of the Perimeter. There are two types: regular and
	// bridge. Regular Service Perimeter contains resources, access levels,
	// and restricted services. Every resource can be in at most
	// ONE regular Service Perimeter.
	// In addition to being in a regular service perimeter, a resource can also
	// be in zero or more perimeter bridges. A perimeter bridge only contains
	// resources. Cross project operations are permitted if all effected
	// resources share some perimeter (whether bridge or regular). Perimeter
	// Bridge does not contain access levels or services: those are governed
	// entirely by the regular perimeter that resource is in.
	// Perimeter Bridges are typically useful when building more complex
	// topologies with many independent perimeters that need to share some data
	// with a common perimeter, but should not be able to share data among
	// themselves.
	PerimeterType pulumi.StringPtrInput
	// Proposed (or dry run) ServicePerimeter configuration.
	// This configuration allows to specify and test ServicePerimeter configuration
	// without enforcing actual access restrictions. Only allowed to be set when
	// the `useExplicitDryRunSpec` flag is set.  Structure is documented below.
	Spec ServicePerimeterSpecPtrInput
	// ServicePerimeter configuration. Specifies sets of resources,
	// restricted services and access levels that determine
	// perimeter content and boundaries.  Structure is documented below.
	Status ServicePerimeterStatusPtrInput
	// Human readable title. Must be unique within the Policy.
	Title pulumi.StringInput
	// Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists
	// for all Service Perimeters, and that spec is identical to the status for those
	// Service Perimeters. When this flag is set, it inhibits the generation of the
	// implicit spec, thereby allowing the user to explicitly provide a
	// configuration ("spec") to use in a dry-run version of the Service Perimeter.
	// This allows the user to test changes to the enforced config ("status") without
	// actually enforcing them. This testing is done through analyzing the differences
	// between currently enforced and suggested restrictions. useExplicitDryRunSpec must
	// bet set to True if any of the fields in the spec are set to non-default values.
	UseExplicitDryRunSpec pulumi.BoolPtrInput
}

The set of arguments for constructing a ServicePerimeter resource.

func (ServicePerimeterArgs) ElementType 

func (ServicePerimeterArgs) ElementType() reflect.Type

type ServicePerimeterResource 

type ServicePerimeterResource struct {
	pulumi.CustomResourceState

	// The name of the Service Perimeter to add this resource to.
	PerimeterName pulumi.StringOutput `pulumi:"perimeterName"`
	// A GCP resource that is inside of the service perimeter.
	// Currently only projects are allowed.
	// Format: projects/{project_number}
	Resource pulumi.StringOutput `pulumi:"resource"`
}

Allows configuring a single GCP resource that should be inside of a service perimeter. This resource is intended to be used in cases where it is not possible to compile a full list of projects to include in a `accesscontextmanager.ServicePerimeter` resource, to enable them to be added separately.

> **Note:** If this resource is used alongside a `accesscontextmanager.ServicePerimeter` resource, the service perimeter resource must have a `lifecycle` block with `ignoreChanges = [status[0].resources]` so they don't fight over which resources should be in the policy.

To get more information about ServicePerimeterResource, see:

* [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters) * How-to Guides

func GetServicePerimeterResource 

func GetServicePerimeterResource(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServicePerimeterResourceState, opts ...pulumi.ResourceOption) (*ServicePerimeterResource, error)

GetServicePerimeterResource gets an existing ServicePerimeterResource resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServicePerimeterResource 

func NewServicePerimeterResource(ctx *pulumi.Context,
	name string, args *ServicePerimeterResourceArgs, opts ...pulumi.ResourceOption) (*ServicePerimeterResource, error)

NewServicePerimeterResource registers a new resource with the given unique name, arguments, and options.

type ServicePerimeterResourceArgs 

type ServicePerimeterResourceArgs struct {
	// The name of the Service Perimeter to add this resource to.
	PerimeterName pulumi.StringInput
	// A GCP resource that is inside of the service perimeter.
	// Currently only projects are allowed.
	// Format: projects/{project_number}
	Resource pulumi.StringInput
}

The set of arguments for constructing a ServicePerimeterResource resource.

func (ServicePerimeterResourceArgs) ElementType 

func (ServicePerimeterResourceArgs) ElementType() reflect.Type

type ServicePerimeterResourceState 

type ServicePerimeterResourceState struct {
	// The name of the Service Perimeter to add this resource to.
	PerimeterName pulumi.StringPtrInput
	// A GCP resource that is inside of the service perimeter.
	// Currently only projects are allowed.
	// Format: projects/{project_number}
	Resource pulumi.StringPtrInput
}

func (ServicePerimeterResourceState) ElementType 

func (ServicePerimeterResourceState) ElementType() reflect.Type

type ServicePerimeterSpec added in v3.1.0 

type ServicePerimeterSpec struct {
	// A list of AccessLevel resource names that allow resources within
	// the ServicePerimeter to be accessed from the internet.
	// AccessLevels listed must be in the same policy as this
	// ServicePerimeter. Referencing a nonexistent AccessLevel is a
	// syntax error. If no AccessLevel names are listed, resources within
	// the perimeter can only be accessed via GCP calls with request
	// origins within the perimeter. For Service Perimeter Bridge, must
	// be empty.
	// Format: accessPolicies/{policy_id}/accessLevels/{access_level_name}
	AccessLevels []string `pulumi:"accessLevels"`
	// A list of GCP resources that are inside of the service perimeter.
	// Currently only projects are allowed.
	// Format: projects/{project_number}
	Resources []string `pulumi:"resources"`
	// GCP services that are subject to the Service Perimeter
	// restrictions. Must contain a list of services. For example, if
	// `storage.googleapis.com` is specified, access to the storage
	// buckets inside the perimeter must meet the perimeter's access
	// restrictions.
	RestrictedServices []string `pulumi:"restrictedServices"`
	// Specifies how APIs are allowed to communicate within the Service
	// Perimeter.  Structure is documented below.
	VpcAccessibleServices *ServicePerimeterSpecVpcAccessibleServices `pulumi:"vpcAccessibleServices"`
}

type ServicePerimeterSpecArgs added in v3.1.0 

type ServicePerimeterSpecArgs struct {
	// A list of AccessLevel resource names that allow resources within
	// the ServicePerimeter to be accessed from the internet.
	// AccessLevels listed must be in the same policy as this
	// ServicePerimeter. Referencing a nonexistent AccessLevel is a
	// syntax error. If no AccessLevel names are listed, resources within
	// the perimeter can only be accessed via GCP calls with request
	// origins within the perimeter. For Service Perimeter Bridge, must
	// be empty.
	// Format: accessPolicies/{policy_id}/accessLevels/{access_level_name}
	AccessLevels pulumi.StringArrayInput `pulumi:"accessLevels"`
	// A list of GCP resources that are inside of the service perimeter.
	// Currently only projects are allowed.
	// Format: projects/{project_number}
	Resources pulumi.StringArrayInput `pulumi:"resources"`
	// GCP services that are subject to the Service Perimeter
	// restrictions. Must contain a list of services. For example, if
	// `storage.googleapis.com` is specified, access to the storage
	// buckets inside the perimeter must meet the perimeter's access
	// restrictions.
	RestrictedServices pulumi.StringArrayInput `pulumi:"restrictedServices"`
	// Specifies how APIs are allowed to communicate within the Service
	// Perimeter.  Structure is documented below.
	VpcAccessibleServices ServicePerimeterSpecVpcAccessibleServicesPtrInput `pulumi:"vpcAccessibleServices"`
}

func (ServicePerimeterSpecArgs) ElementType added in v3.1.0 

func (ServicePerimeterSpecArgs) ElementType() reflect.Type

func (ServicePerimeterSpecArgs) ToServicePerimeterSpecOutput added in v3.1.0 

func (i ServicePerimeterSpecArgs) ToServicePerimeterSpecOutput() ServicePerimeterSpecOutput

func (ServicePerimeterSpecArgs) ToServicePerimeterSpecOutputWithContext added in v3.1.0 

func (i ServicePerimeterSpecArgs) ToServicePerimeterSpecOutputWithContext(ctx context.Context) ServicePerimeterSpecOutput

func (ServicePerimeterSpecArgs) ToServicePerimeterSpecPtrOutput added in v3.1.0 

func (i ServicePerimeterSpecArgs) ToServicePerimeterSpecPtrOutput() ServicePerimeterSpecPtrOutput

func (ServicePerimeterSpecArgs) ToServicePerimeterSpecPtrOutputWithContext added in v3.1.0 

func (i ServicePerimeterSpecArgs) ToServicePerimeterSpecPtrOutputWithContext(ctx context.Context) ServicePerimeterSpecPtrOutput

type ServicePerimeterSpecInput added in v3.1.0 

type ServicePerimeterSpecInput interface {
	pulumi.Input

	ToServicePerimeterSpecOutput() ServicePerimeterSpecOutput
	ToServicePerimeterSpecOutputWithContext(context.Context) ServicePerimeterSpecOutput
}

ServicePerimeterSpecInput is an input type that accepts ServicePerimeterSpecArgs and ServicePerimeterSpecOutput values. You can construct a concrete instance of `ServicePerimeterSpecInput` via: 

ServicePerimeterSpecArgs{...}

type ServicePerimeterSpecOutput added in v3.1.0 

type ServicePerimeterSpecOutput struct{ *pulumi.OutputState }

func (ServicePerimeterSpecOutput) AccessLevels added in v3.1.0 

func (o ServicePerimeterSpecOutput) AccessLevels() pulumi.StringArrayOutput

A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via GCP calls with request origins within the perimeter. For Service Perimeter Bridge, must be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name}

func (ServicePerimeterSpecOutput) ElementType added in v3.1.0 

func (ServicePerimeterSpecOutput) ElementType() reflect.Type

func (ServicePerimeterSpecOutput) Resources added in v3.1.0 

func (o ServicePerimeterSpecOutput) Resources() pulumi.StringArrayOutput

A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}

func (ServicePerimeterSpecOutput) RestrictedServices added in v3.1.0 

func (o ServicePerimeterSpecOutput) RestrictedServices() pulumi.StringArrayOutput

GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

func (ServicePerimeterSpecOutput) ToServicePerimeterSpecOutput added in v3.1.0 

func (o ServicePerimeterSpecOutput) ToServicePerimeterSpecOutput() ServicePerimeterSpecOutput

func (ServicePerimeterSpecOutput) ToServicePerimeterSpecOutputWithContext added in v3.1.0 

func (o ServicePerimeterSpecOutput) ToServicePerimeterSpecOutputWithContext(ctx context.Context) ServicePerimeterSpecOutput

func (ServicePerimeterSpecOutput) ToServicePerimeterSpecPtrOutput added in v3.1.0 

func (o ServicePerimeterSpecOutput) ToServicePerimeterSpecPtrOutput() ServicePerimeterSpecPtrOutput

func (ServicePerimeterSpecOutput) ToServicePerimeterSpecPtrOutputWithContext added in v3.1.0 

func (o ServicePerimeterSpecOutput) ToServicePerimeterSpecPtrOutputWithContext(ctx context.Context) ServicePerimeterSpecPtrOutput

func (ServicePerimeterSpecOutput) VpcAccessibleServices added in v3.1.0 

func (o ServicePerimeterSpecOutput) VpcAccessibleServices() ServicePerimeterSpecVpcAccessibleServicesPtrOutput

Specifies how APIs are allowed to communicate within the Service Perimeter. Structure is documented below.

type ServicePerimeterSpecPtrInput added in v3.1.0 

type ServicePerimeterSpecPtrInput interface {
	pulumi.Input

	ToServicePerimeterSpecPtrOutput() ServicePerimeterSpecPtrOutput
	ToServicePerimeterSpecPtrOutputWithContext(context.Context) ServicePerimeterSpecPtrOutput
}

ServicePerimeterSpecPtrInput is an input type that accepts ServicePerimeterSpecArgs, ServicePerimeterSpecPtr and ServicePerimeterSpecPtrOutput values. You can construct a concrete instance of `ServicePerimeterSpecPtrInput` via: 

		 ServicePerimeterSpecArgs{...}

 or:

		 nil

func ServicePerimeterSpecPtr added in v3.1.0 

func ServicePerimeterSpecPtr(v *ServicePerimeterSpecArgs) ServicePerimeterSpecPtrInput

type ServicePerimeterSpecPtrOutput added in v3.1.0 

type ServicePerimeterSpecPtrOutput struct{ *pulumi.OutputState }

func (ServicePerimeterSpecPtrOutput) AccessLevels added in v3.1.0 

func (o ServicePerimeterSpecPtrOutput) AccessLevels() pulumi.StringArrayOutput

A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via GCP calls with request origins within the perimeter. For Service Perimeter Bridge, must be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name}

func (ServicePerimeterSpecPtrOutput) Elem added in v3.1.0 

func (o ServicePerimeterSpecPtrOutput) Elem() ServicePerimeterSpecOutput

func (ServicePerimeterSpecPtrOutput) ElementType added in v3.1.0 

func (ServicePerimeterSpecPtrOutput) ElementType() reflect.Type

func (ServicePerimeterSpecPtrOutput) Resources added in v3.1.0 

func (o ServicePerimeterSpecPtrOutput) Resources() pulumi.StringArrayOutput

A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}

func (ServicePerimeterSpecPtrOutput) RestrictedServices added in v3.1.0 

func (o ServicePerimeterSpecPtrOutput) RestrictedServices() pulumi.StringArrayOutput

GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

func (ServicePerimeterSpecPtrOutput) ToServicePerimeterSpecPtrOutput added in v3.1.0 

func (o ServicePerimeterSpecPtrOutput) ToServicePerimeterSpecPtrOutput() ServicePerimeterSpecPtrOutput

func (ServicePerimeterSpecPtrOutput) ToServicePerimeterSpecPtrOutputWithContext added in v3.1.0 

func (o ServicePerimeterSpecPtrOutput) ToServicePerimeterSpecPtrOutputWithContext(ctx context.Context) ServicePerimeterSpecPtrOutput

func (ServicePerimeterSpecPtrOutput) VpcAccessibleServices added in v3.1.0 

func (o ServicePerimeterSpecPtrOutput) VpcAccessibleServices() ServicePerimeterSpecVpcAccessibleServicesPtrOutput

Specifies how APIs are allowed to communicate within the Service Perimeter. Structure is documented below.

type ServicePerimeterSpecVpcAccessibleServices added in v3.1.0 

type ServicePerimeterSpecVpcAccessibleServices struct {
	// The list of APIs usable within the Service Perimeter.
	// Must be empty unless `enableRestriction` is True.
	AllowedServices []string `pulumi:"allowedServices"`
	// Whether to restrict API calls within the Service Perimeter to the
	// list of APIs specified in 'allowedServices'.
	EnableRestriction *bool `pulumi:"enableRestriction"`
}

type ServicePerimeterSpecVpcAccessibleServicesArgs added in v3.1.0 

type ServicePerimeterSpecVpcAccessibleServicesArgs struct {
	// The list of APIs usable within the Service Perimeter.
	// Must be empty unless `enableRestriction` is True.
	AllowedServices pulumi.StringArrayInput `pulumi:"allowedServices"`
	// Whether to restrict API calls within the Service Perimeter to the
	// list of APIs specified in 'allowedServices'.
	EnableRestriction pulumi.BoolPtrInput `pulumi:"enableRestriction"`
}

func (ServicePerimeterSpecVpcAccessibleServicesArgs) ElementType added in v3.1.0 

func (ServicePerimeterSpecVpcAccessibleServicesArgs) ElementType() reflect.Type

func (ServicePerimeterSpecVpcAccessibleServicesArgs) ToServicePerimeterSpecVpcAccessibleServicesOutput added in v3.1.0 

func (i ServicePerimeterSpecVpcAccessibleServicesArgs) ToServicePerimeterSpecVpcAccessibleServicesOutput() ServicePerimeterSpecVpcAccessibleServicesOutput

func (ServicePerimeterSpecVpcAccessibleServicesArgs) ToServicePerimeterSpecVpcAccessibleServicesOutputWithContext added in v3.1.0 

func (i ServicePerimeterSpecVpcAccessibleServicesArgs) ToServicePerimeterSpecVpcAccessibleServicesOutputWithContext(ctx context.Context) ServicePerimeterSpecVpcAccessibleServicesOutput

func (ServicePerimeterSpecVpcAccessibleServicesArgs) ToServicePerimeterSpecVpcAccessibleServicesPtrOutput added in v3.1.0 

func (i ServicePerimeterSpecVpcAccessibleServicesArgs) ToServicePerimeterSpecVpcAccessibleServicesPtrOutput() ServicePerimeterSpecVpcAccessibleServicesPtrOutput

func (ServicePerimeterSpecVpcAccessibleServicesArgs) ToServicePerimeterSpecVpcAccessibleServicesPtrOutputWithContext added in v3.1.0 

func (i ServicePerimeterSpecVpcAccessibleServicesArgs) ToServicePerimeterSpecVpcAccessibleServicesPtrOutputWithContext(ctx context.Context) ServicePerimeterSpecVpcAccessibleServicesPtrOutput

type ServicePerimeterSpecVpcAccessibleServicesInput added in v3.1.0 

type ServicePerimeterSpecVpcAccessibleServicesInput interface {
	pulumi.Input

	ToServicePerimeterSpecVpcAccessibleServicesOutput() ServicePerimeterSpecVpcAccessibleServicesOutput
	ToServicePerimeterSpecVpcAccessibleServicesOutputWithContext(context.Context) ServicePerimeterSpecVpcAccessibleServicesOutput
}

ServicePerimeterSpecVpcAccessibleServicesInput is an input type that accepts ServicePerimeterSpecVpcAccessibleServicesArgs and ServicePerimeterSpecVpcAccessibleServicesOutput values. You can construct a concrete instance of `ServicePerimeterSpecVpcAccessibleServicesInput` via: 

ServicePerimeterSpecVpcAccessibleServicesArgs{...}

type ServicePerimeterSpecVpcAccessibleServicesOutput added in v3.1.0 

type ServicePerimeterSpecVpcAccessibleServicesOutput struct{ *pulumi.OutputState }

func (ServicePerimeterSpecVpcAccessibleServicesOutput) AllowedServices added in v3.1.0 

func (o ServicePerimeterSpecVpcAccessibleServicesOutput) AllowedServices() pulumi.StringArrayOutput

The list of APIs usable within the Service Perimeter. Must be empty unless `enableRestriction` is True.

func (ServicePerimeterSpecVpcAccessibleServicesOutput) ElementType added in v3.1.0 

func (ServicePerimeterSpecVpcAccessibleServicesOutput) ElementType() reflect.Type

func (ServicePerimeterSpecVpcAccessibleServicesOutput) EnableRestriction added in v3.1.0 

func (o ServicePerimeterSpecVpcAccessibleServicesOutput) EnableRestriction() pulumi.BoolPtrOutput

Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowedServices'.

func (ServicePerimeterSpecVpcAccessibleServicesOutput) ToServicePerimeterSpecVpcAccessibleServicesOutput added in v3.1.0 

func (o ServicePerimeterSpecVpcAccessibleServicesOutput) ToServicePerimeterSpecVpcAccessibleServicesOutput() ServicePerimeterSpecVpcAccessibleServicesOutput

func (ServicePerimeterSpecVpcAccessibleServicesOutput) ToServicePerimeterSpecVpcAccessibleServicesOutputWithContext added in v3.1.0 

func (o ServicePerimeterSpecVpcAccessibleServicesOutput) ToServicePerimeterSpecVpcAccessibleServicesOutputWithContext(ctx context.Context) ServicePerimeterSpecVpcAccessibleServicesOutput

func (ServicePerimeterSpecVpcAccessibleServicesOutput) ToServicePerimeterSpecVpcAccessibleServicesPtrOutput added in v3.1.0 

func (o ServicePerimeterSpecVpcAccessibleServicesOutput) ToServicePerimeterSpecVpcAccessibleServicesPtrOutput() ServicePerimeterSpecVpcAccessibleServicesPtrOutput

func (ServicePerimeterSpecVpcAccessibleServicesOutput) ToServicePerimeterSpecVpcAccessibleServicesPtrOutputWithContext added in v3.1.0 

func (o ServicePerimeterSpecVpcAccessibleServicesOutput) ToServicePerimeterSpecVpcAccessibleServicesPtrOutputWithContext(ctx context.Context) ServicePerimeterSpecVpcAccessibleServicesPtrOutput

type ServicePerimeterSpecVpcAccessibleServicesPtrInput added in v3.1.0 

type ServicePerimeterSpecVpcAccessibleServicesPtrInput interface {
	pulumi.Input

	ToServicePerimeterSpecVpcAccessibleServicesPtrOutput() ServicePerimeterSpecVpcAccessibleServicesPtrOutput
	ToServicePerimeterSpecVpcAccessibleServicesPtrOutputWithContext(context.Context) ServicePerimeterSpecVpcAccessibleServicesPtrOutput
}

ServicePerimeterSpecVpcAccessibleServicesPtrInput is an input type that accepts ServicePerimeterSpecVpcAccessibleServicesArgs, ServicePerimeterSpecVpcAccessibleServicesPtr and ServicePerimeterSpecVpcAccessibleServicesPtrOutput values. You can construct a concrete instance of `ServicePerimeterSpecVpcAccessibleServicesPtrInput` via: 

		 ServicePerimeterSpecVpcAccessibleServicesArgs{...}

 or:

		 nil

func ServicePerimeterSpecVpcAccessibleServicesPtr added in v3.1.0 

func ServicePerimeterSpecVpcAccessibleServicesPtr(v *ServicePerimeterSpecVpcAccessibleServicesArgs) ServicePerimeterSpecVpcAccessibleServicesPtrInput

type ServicePerimeterSpecVpcAccessibleServicesPtrOutput added in v3.1.0 

type ServicePerimeterSpecVpcAccessibleServicesPtrOutput struct{ *pulumi.OutputState }

func (ServicePerimeterSpecVpcAccessibleServicesPtrOutput) AllowedServices added in v3.1.0 

func (o ServicePerimeterSpecVpcAccessibleServicesPtrOutput) AllowedServices() pulumi.StringArrayOutput

The list of APIs usable within the Service Perimeter. Must be empty unless `enableRestriction` is True.

func (ServicePerimeterSpecVpcAccessibleServicesPtrOutput) Elem added in v3.1.0 

func (o ServicePerimeterSpecVpcAccessibleServicesPtrOutput) Elem() ServicePerimeterSpecVpcAccessibleServicesOutput

func (ServicePerimeterSpecVpcAccessibleServicesPtrOutput) ElementType added in v3.1.0 

func (ServicePerimeterSpecVpcAccessibleServicesPtrOutput) ElementType() reflect.Type

func (ServicePerimeterSpecVpcAccessibleServicesPtrOutput) EnableRestriction added in v3.1.0 

func (o ServicePerimeterSpecVpcAccessibleServicesPtrOutput) EnableRestriction() pulumi.BoolPtrOutput

Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowedServices'.

func (ServicePerimeterSpecVpcAccessibleServicesPtrOutput) ToServicePerimeterSpecVpcAccessibleServicesPtrOutput added in v3.1.0 

func (o ServicePerimeterSpecVpcAccessibleServicesPtrOutput) ToServicePerimeterSpecVpcAccessibleServicesPtrOutput() ServicePerimeterSpecVpcAccessibleServicesPtrOutput

func (ServicePerimeterSpecVpcAccessibleServicesPtrOutput) ToServicePerimeterSpecVpcAccessibleServicesPtrOutputWithContext added in v3.1.0 

func (o ServicePerimeterSpecVpcAccessibleServicesPtrOutput) ToServicePerimeterSpecVpcAccessibleServicesPtrOutputWithContext(ctx context.Context) ServicePerimeterSpecVpcAccessibleServicesPtrOutput

type ServicePerimeterState 

type ServicePerimeterState struct {
	// Time the AccessPolicy was created in UTC.
	CreateTime pulumi.StringPtrInput
	// Description of the ServicePerimeter and its use. Does not affect
	// behavior.
	Description pulumi.StringPtrInput
	// Resource name for the ServicePerimeter. The shortName component must
	// begin with a letter and only include alphanumeric and '_'.
	// Format: accessPolicies/{policy_id}/servicePerimeters/{short_name}
	Name pulumi.StringPtrInput
	// The AccessPolicy this ServicePerimeter lives in.
	// Format: accessPolicies/{policy_id}
	Parent pulumi.StringPtrInput
	// Specifies the type of the Perimeter. There are two types: regular and
	// bridge. Regular Service Perimeter contains resources, access levels,
	// and restricted services. Every resource can be in at most
	// ONE regular Service Perimeter.
	// In addition to being in a regular service perimeter, a resource can also
	// be in zero or more perimeter bridges. A perimeter bridge only contains
	// resources. Cross project operations are permitted if all effected
	// resources share some perimeter (whether bridge or regular). Perimeter
	// Bridge does not contain access levels or services: those are governed
	// entirely by the regular perimeter that resource is in.
	// Perimeter Bridges are typically useful when building more complex
	// topologies with many independent perimeters that need to share some data
	// with a common perimeter, but should not be able to share data among
	// themselves.
	PerimeterType pulumi.StringPtrInput
	// Proposed (or dry run) ServicePerimeter configuration.
	// This configuration allows to specify and test ServicePerimeter configuration
	// without enforcing actual access restrictions. Only allowed to be set when
	// the `useExplicitDryRunSpec` flag is set.  Structure is documented below.
	Spec ServicePerimeterSpecPtrInput
	// ServicePerimeter configuration. Specifies sets of resources,
	// restricted services and access levels that determine
	// perimeter content and boundaries.  Structure is documented below.
	Status ServicePerimeterStatusPtrInput
	// Human readable title. Must be unique within the Policy.
	Title pulumi.StringPtrInput
	// Time the AccessPolicy was updated in UTC.
	UpdateTime pulumi.StringPtrInput
	// Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists
	// for all Service Perimeters, and that spec is identical to the status for those
	// Service Perimeters. When this flag is set, it inhibits the generation of the
	// implicit spec, thereby allowing the user to explicitly provide a
	// configuration ("spec") to use in a dry-run version of the Service Perimeter.
	// This allows the user to test changes to the enforced config ("status") without
	// actually enforcing them. This testing is done through analyzing the differences
	// between currently enforced and suggested restrictions. useExplicitDryRunSpec must
	// bet set to True if any of the fields in the spec are set to non-default values.
	UseExplicitDryRunSpec pulumi.BoolPtrInput
}

func (ServicePerimeterState) ElementType 

func (ServicePerimeterState) ElementType() reflect.Type

type ServicePerimeterStatus 

type ServicePerimeterStatus struct {
	// A list of AccessLevel resource names that allow resources within
	// the ServicePerimeter to be accessed from the internet.
	// AccessLevels listed must be in the same policy as this
	// ServicePerimeter. Referencing a nonexistent AccessLevel is a
	// syntax error. If no AccessLevel names are listed, resources within
	// the perimeter can only be accessed via GCP calls with request
	// origins within the perimeter. For Service Perimeter Bridge, must
	// be empty.
	// Format: accessPolicies/{policy_id}/accessLevels/{access_level_name}
	AccessLevels []string `pulumi:"accessLevels"`
	// A list of GCP resources that are inside of the service perimeter.
	// Currently only projects are allowed.
	// Format: projects/{project_number}
	Resources []string `pulumi:"resources"`
	// GCP services that are subject to the Service Perimeter
	// restrictions. Must contain a list of services. For example, if
	// `storage.googleapis.com` is specified, access to the storage
	// buckets inside the perimeter must meet the perimeter's access
	// restrictions.
	RestrictedServices []string `pulumi:"restrictedServices"`
	// Specifies how APIs are allowed to communicate within the Service
	// Perimeter.  Structure is documented below.
	VpcAccessibleServices *ServicePerimeterStatusVpcAccessibleServices `pulumi:"vpcAccessibleServices"`
}

type ServicePerimeterStatusArgs 

type ServicePerimeterStatusArgs struct {
	// A list of AccessLevel resource names that allow resources within
	// the ServicePerimeter to be accessed from the internet.
	// AccessLevels listed must be in the same policy as this
	// ServicePerimeter. Referencing a nonexistent AccessLevel is a
	// syntax error. If no AccessLevel names are listed, resources within
	// the perimeter can only be accessed via GCP calls with request
	// origins within the perimeter. For Service Perimeter Bridge, must
	// be empty.
	// Format: accessPolicies/{policy_id}/accessLevels/{access_level_name}
	AccessLevels pulumi.StringArrayInput `pulumi:"accessLevels"`
	// A list of GCP resources that are inside of the service perimeter.
	// Currently only projects are allowed.
	// Format: projects/{project_number}
	Resources pulumi.StringArrayInput `pulumi:"resources"`
	// GCP services that are subject to the Service Perimeter
	// restrictions. Must contain a list of services. For example, if
	// `storage.googleapis.com` is specified, access to the storage
	// buckets inside the perimeter must meet the perimeter's access
	// restrictions.
	RestrictedServices pulumi.StringArrayInput `pulumi:"restrictedServices"`
	// Specifies how APIs are allowed to communicate within the Service
	// Perimeter.  Structure is documented below.
	VpcAccessibleServices ServicePerimeterStatusVpcAccessibleServicesPtrInput `pulumi:"vpcAccessibleServices"`
}

func (ServicePerimeterStatusArgs) ElementType 

func (ServicePerimeterStatusArgs) ElementType() reflect.Type

func (ServicePerimeterStatusArgs) ToServicePerimeterStatusOutput 

func (i ServicePerimeterStatusArgs) ToServicePerimeterStatusOutput() ServicePerimeterStatusOutput

func (ServicePerimeterStatusArgs) ToServicePerimeterStatusOutputWithContext 

func (i ServicePerimeterStatusArgs) ToServicePerimeterStatusOutputWithContext(ctx context.Context) ServicePerimeterStatusOutput

func (ServicePerimeterStatusArgs) ToServicePerimeterStatusPtrOutput 

func (i ServicePerimeterStatusArgs) ToServicePerimeterStatusPtrOutput() ServicePerimeterStatusPtrOutput

func (ServicePerimeterStatusArgs) ToServicePerimeterStatusPtrOutputWithContext 

func (i ServicePerimeterStatusArgs) ToServicePerimeterStatusPtrOutputWithContext(ctx context.Context) ServicePerimeterStatusPtrOutput

type ServicePerimeterStatusInput 

type ServicePerimeterStatusInput interface {
	pulumi.Input

	ToServicePerimeterStatusOutput() ServicePerimeterStatusOutput
	ToServicePerimeterStatusOutputWithContext(context.Context) ServicePerimeterStatusOutput
}

ServicePerimeterStatusInput is an input type that accepts ServicePerimeterStatusArgs and ServicePerimeterStatusOutput values. You can construct a concrete instance of `ServicePerimeterStatusInput` via: 

ServicePerimeterStatusArgs{...}

type ServicePerimeterStatusOutput 

type ServicePerimeterStatusOutput struct{ *pulumi.OutputState }

func (ServicePerimeterStatusOutput) AccessLevels 

func (o ServicePerimeterStatusOutput) AccessLevels() pulumi.StringArrayOutput

A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via GCP calls with request origins within the perimeter. For Service Perimeter Bridge, must be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name}

func (ServicePerimeterStatusOutput) ElementType 

func (ServicePerimeterStatusOutput) ElementType() reflect.Type

func (ServicePerimeterStatusOutput) Resources 

func (o ServicePerimeterStatusOutput) Resources() pulumi.StringArrayOutput

A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}

func (ServicePerimeterStatusOutput) RestrictedServices 

func (o ServicePerimeterStatusOutput) RestrictedServices() pulumi.StringArrayOutput

GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

func (ServicePerimeterStatusOutput) ToServicePerimeterStatusOutput 

func (o ServicePerimeterStatusOutput) ToServicePerimeterStatusOutput() ServicePerimeterStatusOutput

func (ServicePerimeterStatusOutput) ToServicePerimeterStatusOutputWithContext 

func (o ServicePerimeterStatusOutput) ToServicePerimeterStatusOutputWithContext(ctx context.Context) ServicePerimeterStatusOutput

func (ServicePerimeterStatusOutput) ToServicePerimeterStatusPtrOutput 

func (o ServicePerimeterStatusOutput) ToServicePerimeterStatusPtrOutput() ServicePerimeterStatusPtrOutput

func (ServicePerimeterStatusOutput) ToServicePerimeterStatusPtrOutputWithContext 

func (o ServicePerimeterStatusOutput) ToServicePerimeterStatusPtrOutputWithContext(ctx context.Context) ServicePerimeterStatusPtrOutput

func (ServicePerimeterStatusOutput) VpcAccessibleServices 

func (o ServicePerimeterStatusOutput) VpcAccessibleServices() ServicePerimeterStatusVpcAccessibleServicesPtrOutput

Specifies how APIs are allowed to communicate within the Service Perimeter. Structure is documented below.

type ServicePerimeterStatusPtrInput 

type ServicePerimeterStatusPtrInput interface {
	pulumi.Input

	ToServicePerimeterStatusPtrOutput() ServicePerimeterStatusPtrOutput
	ToServicePerimeterStatusPtrOutputWithContext(context.Context) ServicePerimeterStatusPtrOutput
}

ServicePerimeterStatusPtrInput is an input type that accepts ServicePerimeterStatusArgs, ServicePerimeterStatusPtr and ServicePerimeterStatusPtrOutput values. You can construct a concrete instance of `ServicePerimeterStatusPtrInput` via: 

		 ServicePerimeterStatusArgs{...}

 or:

		 nil

func ServicePerimeterStatusPtr 

func ServicePerimeterStatusPtr(v *ServicePerimeterStatusArgs) ServicePerimeterStatusPtrInput

type ServicePerimeterStatusPtrOutput 

type ServicePerimeterStatusPtrOutput struct{ *pulumi.OutputState }

func (ServicePerimeterStatusPtrOutput) AccessLevels 

func (o ServicePerimeterStatusPtrOutput) AccessLevels() pulumi.StringArrayOutput

A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via GCP calls with request origins within the perimeter. For Service Perimeter Bridge, must be empty. Format: accessPolicies/{policy_id}/accessLevels/{access_level_name}

func (ServicePerimeterStatusPtrOutput) Elem 

func (o ServicePerimeterStatusPtrOutput) Elem() ServicePerimeterStatusOutput

func (ServicePerimeterStatusPtrOutput) ElementType 

func (ServicePerimeterStatusPtrOutput) ElementType() reflect.Type

func (ServicePerimeterStatusPtrOutput) Resources 

func (o ServicePerimeterStatusPtrOutput) Resources() pulumi.StringArrayOutput

A list of GCP resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number}

func (ServicePerimeterStatusPtrOutput) RestrictedServices 

func (o ServicePerimeterStatusPtrOutput) RestrictedServices() pulumi.StringArrayOutput

GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

func (ServicePerimeterStatusPtrOutput) ToServicePerimeterStatusPtrOutput 

func (o ServicePerimeterStatusPtrOutput) ToServicePerimeterStatusPtrOutput() ServicePerimeterStatusPtrOutput

func (ServicePerimeterStatusPtrOutput) ToServicePerimeterStatusPtrOutputWithContext 

func (o ServicePerimeterStatusPtrOutput) ToServicePerimeterStatusPtrOutputWithContext(ctx context.Context) ServicePerimeterStatusPtrOutput

func (ServicePerimeterStatusPtrOutput) VpcAccessibleServices 

func (o ServicePerimeterStatusPtrOutput) VpcAccessibleServices() ServicePerimeterStatusVpcAccessibleServicesPtrOutput

Specifies how APIs are allowed to communicate within the Service Perimeter. Structure is documented below.

type ServicePerimeterStatusVpcAccessibleServices 

type ServicePerimeterStatusVpcAccessibleServices struct {
	// The list of APIs usable within the Service Perimeter.
	// Must be empty unless `enableRestriction` is True.
	AllowedServices []string `pulumi:"allowedServices"`
	// Whether to restrict API calls within the Service Perimeter to the
	// list of APIs specified in 'allowedServices'.
	EnableRestriction *bool `pulumi:"enableRestriction"`
}

type ServicePerimeterStatusVpcAccessibleServicesArgs 

type ServicePerimeterStatusVpcAccessibleServicesArgs struct {
	// The list of APIs usable within the Service Perimeter.
	// Must be empty unless `enableRestriction` is True.
	AllowedServices pulumi.StringArrayInput `pulumi:"allowedServices"`
	// Whether to restrict API calls within the Service Perimeter to the
	// list of APIs specified in 'allowedServices'.
	EnableRestriction pulumi.BoolPtrInput `pulumi:"enableRestriction"`
}

func (ServicePerimeterStatusVpcAccessibleServicesArgs) ElementType 

func (ServicePerimeterStatusVpcAccessibleServicesArgs) ElementType() reflect.Type

func (ServicePerimeterStatusVpcAccessibleServicesArgs) ToServicePerimeterStatusVpcAccessibleServicesOutput 

func (i ServicePerimeterStatusVpcAccessibleServicesArgs) ToServicePerimeterStatusVpcAccessibleServicesOutput() ServicePerimeterStatusVpcAccessibleServicesOutput

func (ServicePerimeterStatusVpcAccessibleServicesArgs) ToServicePerimeterStatusVpcAccessibleServicesOutputWithContext 

func (i ServicePerimeterStatusVpcAccessibleServicesArgs) ToServicePerimeterStatusVpcAccessibleServicesOutputWithContext(ctx context.Context) ServicePerimeterStatusVpcAccessibleServicesOutput

func (ServicePerimeterStatusVpcAccessibleServicesArgs) ToServicePerimeterStatusVpcAccessibleServicesPtrOutput 

func (i ServicePerimeterStatusVpcAccessibleServicesArgs) ToServicePerimeterStatusVpcAccessibleServicesPtrOutput() ServicePerimeterStatusVpcAccessibleServicesPtrOutput

func (ServicePerimeterStatusVpcAccessibleServicesArgs) ToServicePerimeterStatusVpcAccessibleServicesPtrOutputWithContext 

func (i ServicePerimeterStatusVpcAccessibleServicesArgs) ToServicePerimeterStatusVpcAccessibleServicesPtrOutputWithContext(ctx context.Context) ServicePerimeterStatusVpcAccessibleServicesPtrOutput

type ServicePerimeterStatusVpcAccessibleServicesInput 

type ServicePerimeterStatusVpcAccessibleServicesInput interface {
	pulumi.Input

	ToServicePerimeterStatusVpcAccessibleServicesOutput() ServicePerimeterStatusVpcAccessibleServicesOutput
	ToServicePerimeterStatusVpcAccessibleServicesOutputWithContext(context.Context) ServicePerimeterStatusVpcAccessibleServicesOutput
}

ServicePerimeterStatusVpcAccessibleServicesInput is an input type that accepts ServicePerimeterStatusVpcAccessibleServicesArgs and ServicePerimeterStatusVpcAccessibleServicesOutput values. You can construct a concrete instance of `ServicePerimeterStatusVpcAccessibleServicesInput` via: 

ServicePerimeterStatusVpcAccessibleServicesArgs{...}

type ServicePerimeterStatusVpcAccessibleServicesOutput 

type ServicePerimeterStatusVpcAccessibleServicesOutput struct{ *pulumi.OutputState }

func (ServicePerimeterStatusVpcAccessibleServicesOutput) AllowedServices 

func (o ServicePerimeterStatusVpcAccessibleServicesOutput) AllowedServices() pulumi.StringArrayOutput

The list of APIs usable within the Service Perimeter. Must be empty unless `enableRestriction` is True.

func (ServicePerimeterStatusVpcAccessibleServicesOutput) ElementType 

func (ServicePerimeterStatusVpcAccessibleServicesOutput) ElementType() reflect.Type

func (ServicePerimeterStatusVpcAccessibleServicesOutput) EnableRestriction 

func (o ServicePerimeterStatusVpcAccessibleServicesOutput) EnableRestriction() pulumi.BoolPtrOutput

Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowedServices'.

func (ServicePerimeterStatusVpcAccessibleServicesOutput) ToServicePerimeterStatusVpcAccessibleServicesOutput 

func (o ServicePerimeterStatusVpcAccessibleServicesOutput) ToServicePerimeterStatusVpcAccessibleServicesOutput() ServicePerimeterStatusVpcAccessibleServicesOutput

func (ServicePerimeterStatusVpcAccessibleServicesOutput) ToServicePerimeterStatusVpcAccessibleServicesOutputWithContext 

func (o ServicePerimeterStatusVpcAccessibleServicesOutput) ToServicePerimeterStatusVpcAccessibleServicesOutputWithContext(ctx context.Context) ServicePerimeterStatusVpcAccessibleServicesOutput

func (ServicePerimeterStatusVpcAccessibleServicesOutput) ToServicePerimeterStatusVpcAccessibleServicesPtrOutput 

func (o ServicePerimeterStatusVpcAccessibleServicesOutput) ToServicePerimeterStatusVpcAccessibleServicesPtrOutput() ServicePerimeterStatusVpcAccessibleServicesPtrOutput

func (ServicePerimeterStatusVpcAccessibleServicesOutput) ToServicePerimeterStatusVpcAccessibleServicesPtrOutputWithContext 

func (o ServicePerimeterStatusVpcAccessibleServicesOutput) ToServicePerimeterStatusVpcAccessibleServicesPtrOutputWithContext(ctx context.Context) ServicePerimeterStatusVpcAccessibleServicesPtrOutput

type ServicePerimeterStatusVpcAccessibleServicesPtrInput 

type ServicePerimeterStatusVpcAccessibleServicesPtrInput interface {
	pulumi.Input

	ToServicePerimeterStatusVpcAccessibleServicesPtrOutput() ServicePerimeterStatusVpcAccessibleServicesPtrOutput
	ToServicePerimeterStatusVpcAccessibleServicesPtrOutputWithContext(context.Context) ServicePerimeterStatusVpcAccessibleServicesPtrOutput
}

ServicePerimeterStatusVpcAccessibleServicesPtrInput is an input type that accepts ServicePerimeterStatusVpcAccessibleServicesArgs, ServicePerimeterStatusVpcAccessibleServicesPtr and ServicePerimeterStatusVpcAccessibleServicesPtrOutput values. You can construct a concrete instance of `ServicePerimeterStatusVpcAccessibleServicesPtrInput` via: 

		 ServicePerimeterStatusVpcAccessibleServicesArgs{...}

 or:

		 nil

func ServicePerimeterStatusVpcAccessibleServicesPtr 

func ServicePerimeterStatusVpcAccessibleServicesPtr(v *ServicePerimeterStatusVpcAccessibleServicesArgs) ServicePerimeterStatusVpcAccessibleServicesPtrInput

type ServicePerimeterStatusVpcAccessibleServicesPtrOutput 

type ServicePerimeterStatusVpcAccessibleServicesPtrOutput struct{ *pulumi.OutputState }

func (ServicePerimeterStatusVpcAccessibleServicesPtrOutput) AllowedServices 

func (o ServicePerimeterStatusVpcAccessibleServicesPtrOutput) AllowedServices() pulumi.StringArrayOutput

The list of APIs usable within the Service Perimeter. Must be empty unless `enableRestriction` is True.

func (ServicePerimeterStatusVpcAccessibleServicesPtrOutput) Elem 

func (o ServicePerimeterStatusVpcAccessibleServicesPtrOutput) Elem() ServicePerimeterStatusVpcAccessibleServicesOutput

func (ServicePerimeterStatusVpcAccessibleServicesPtrOutput) ElementType 

func (ServicePerimeterStatusVpcAccessibleServicesPtrOutput) ElementType() reflect.Type

func (ServicePerimeterStatusVpcAccessibleServicesPtrOutput) EnableRestriction 

func (o ServicePerimeterStatusVpcAccessibleServicesPtrOutput) EnableRestriction() pulumi.BoolPtrOutput

Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowedServices'.

func (ServicePerimeterStatusVpcAccessibleServicesPtrOutput) ToServicePerimeterStatusVpcAccessibleServicesPtrOutput 

func (o ServicePerimeterStatusVpcAccessibleServicesPtrOutput) ToServicePerimeterStatusVpcAccessibleServicesPtrOutput() ServicePerimeterStatusVpcAccessibleServicesPtrOutput

func (ServicePerimeterStatusVpcAccessibleServicesPtrOutput) ToServicePerimeterStatusVpcAccessibleServicesPtrOutputWithContext 

func (o ServicePerimeterStatusVpcAccessibleServicesPtrOutput) ToServicePerimeterStatusVpcAccessibleServicesPtrOutputWithContext(ctx context.Context) ServicePerimeterStatusVpcAccessibleServicesPtrOutput

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.