networksecurity

package
v7.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2023 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AddressGroup 

type AddressGroup struct {
	pulumi.CustomResourceState

	// Capacity of the Address Group.
	Capacity pulumi.IntOutput `pulumi:"capacity"`
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// List of items.
	Items pulumi.StringArrayOutput `pulumi:"items"`
	// Set of label tags associated with the AddressGroup resource.
	// An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the gateway security policy.
	// The default value is `global`.
	//
	// ***
	Location pulumi.StringOutput `pulumi:"location"`
	// Name of the AddressGroup resource.
	Name pulumi.StringOutput `pulumi:"name"`
	// The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.
	Parent pulumi.StringPtrOutput `pulumi:"parent"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// The type of the Address Group. Possible values are "IPV4" or "IPV6".
	// Possible values are: `IPV4`, `IPV6`.
	Type pulumi.StringOutput `pulumi:"type"`
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

AddressGroup is a resource that specifies how a collection of IP/DNS used in Firewall Policy.

To get more information about AddressGroup, see:

* [API documentation](https://cloud.google.com/traffic-director/docs/reference/network-security/rest/v1beta1/organizations.locations.addressGroups) * How-to Guides

## Example Usage ### Network Security Address Groups Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAddressGroup(ctx, "default", &networksecurity.AddressGroupArgs{
			Capacity: pulumi.Int(100),
			Items: pulumi.StringArray{
				pulumi.String("208.80.154.224/32"),
			},
			Location: pulumi.String("us-central1"),
			Parent:   pulumi.String("projects/my-project-name"),
			Type:     pulumi.String("IPV4"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Address Groups Organization Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAddressGroup(ctx, "default", &networksecurity.AddressGroupArgs{
			Capacity: pulumi.Int(100),
			Items: pulumi.StringArray{
				pulumi.String("208.80.154.224/32"),
			},
			Location: pulumi.String("us-central1"),
			Parent:   pulumi.String("organizations/123456789"),
			Type:     pulumi.String("IPV4"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Address Groups Advanced

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAddressGroup(ctx, "default", &networksecurity.AddressGroupArgs{
			Capacity:    pulumi.Int(100),
			Description: pulumi.String("my description"),
			Items: pulumi.StringArray{
				pulumi.String("208.80.154.224/32"),
			},
			Location: pulumi.String("us-central1"),
			Parent:   pulumi.String("projects/my-project-name"),
			Type:     pulumi.String("IPV4"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

AddressGroup can be imported using any of these accepted formats* `{{parent}}/locations/{{location}}/addressGroups/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import AddressGroup using one of the formats above. For exampletf import { 

id = "{{parent}}/locations/{{location}}/addressGroups/{{name}}"

to = google_network_security_address_group.default }

```sh 

$ pulumi import gcp:networksecurity/addressGroup:AddressGroup When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), AddressGroup can be imported using one of the formats above. For example

```

```sh 

$ pulumi import gcp:networksecurity/addressGroup:AddressGroup default {{parent}}/locations/{{location}}/addressGroups/{{name}}

```

func GetAddressGroup 

func GetAddressGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupState, opts ...pulumi.ResourceOption) (*AddressGroup, error)

GetAddressGroup gets an existing AddressGroup resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroup 

func NewAddressGroup(ctx *pulumi.Context,
	name string, args *AddressGroupArgs, opts ...pulumi.ResourceOption) (*AddressGroup, error)

NewAddressGroup registers a new resource with the given unique name, arguments, and options.

func (*AddressGroup) ElementType 

func (*AddressGroup) ElementType() reflect.Type

func (*AddressGroup) ToAddressGroupOutput 

func (i *AddressGroup) ToAddressGroupOutput() AddressGroupOutput

func (*AddressGroup) ToAddressGroupOutputWithContext 

func (i *AddressGroup) ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput

type AddressGroupArgs 

type AddressGroupArgs struct {
	// Capacity of the Address Group.
	Capacity pulumi.IntInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// List of items.
	Items pulumi.StringArrayInput
	// Set of label tags associated with the AddressGroup resource.
	// An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the gateway security policy.
	// The default value is `global`.
	//
	// ***
	Location pulumi.StringInput
	// Name of the AddressGroup resource.
	Name pulumi.StringPtrInput
	// The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.
	Parent pulumi.StringPtrInput
	// The type of the Address Group. Possible values are "IPV4" or "IPV6".
	// Possible values are: `IPV4`, `IPV6`.
	Type pulumi.StringInput
}

The set of arguments for constructing a AddressGroup resource.

func (AddressGroupArgs) ElementType 

func (AddressGroupArgs) ElementType() reflect.Type

type AddressGroupArray 

type AddressGroupArray []AddressGroupInput

func (AddressGroupArray) ElementType 

func (AddressGroupArray) ElementType() reflect.Type

func (AddressGroupArray) ToAddressGroupArrayOutput 

func (i AddressGroupArray) ToAddressGroupArrayOutput() AddressGroupArrayOutput

func (AddressGroupArray) ToAddressGroupArrayOutputWithContext 

func (i AddressGroupArray) ToAddressGroupArrayOutputWithContext(ctx context.Context) AddressGroupArrayOutput

type AddressGroupArrayInput 

type AddressGroupArrayInput interface {
	pulumi.Input

	ToAddressGroupArrayOutput() AddressGroupArrayOutput
	ToAddressGroupArrayOutputWithContext(context.Context) AddressGroupArrayOutput
}

AddressGroupArrayInput is an input type that accepts AddressGroupArray and AddressGroupArrayOutput values. You can construct a concrete instance of `AddressGroupArrayInput` via: 

AddressGroupArray{ AddressGroupArgs{...} }

type AddressGroupArrayOutput 

type AddressGroupArrayOutput struct{ *pulumi.OutputState }

func (AddressGroupArrayOutput) ElementType 

func (AddressGroupArrayOutput) ElementType() reflect.Type

func (AddressGroupArrayOutput) Index 

func (o AddressGroupArrayOutput) Index(i pulumi.IntInput) AddressGroupOutput

func (AddressGroupArrayOutput) ToAddressGroupArrayOutput 

func (o AddressGroupArrayOutput) ToAddressGroupArrayOutput() AddressGroupArrayOutput

func (AddressGroupArrayOutput) ToAddressGroupArrayOutputWithContext 

func (o AddressGroupArrayOutput) ToAddressGroupArrayOutputWithContext(ctx context.Context) AddressGroupArrayOutput

type AddressGroupInput 

type AddressGroupInput interface {
	pulumi.Input

	ToAddressGroupOutput() AddressGroupOutput
	ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput
}

type AddressGroupMap 

type AddressGroupMap map[string]AddressGroupInput

func (AddressGroupMap) ElementType 

func (AddressGroupMap) ElementType() reflect.Type

func (AddressGroupMap) ToAddressGroupMapOutput 

func (i AddressGroupMap) ToAddressGroupMapOutput() AddressGroupMapOutput

func (AddressGroupMap) ToAddressGroupMapOutputWithContext 

func (i AddressGroupMap) ToAddressGroupMapOutputWithContext(ctx context.Context) AddressGroupMapOutput

type AddressGroupMapInput 

type AddressGroupMapInput interface {
	pulumi.Input

	ToAddressGroupMapOutput() AddressGroupMapOutput
	ToAddressGroupMapOutputWithContext(context.Context) AddressGroupMapOutput
}

AddressGroupMapInput is an input type that accepts AddressGroupMap and AddressGroupMapOutput values. You can construct a concrete instance of `AddressGroupMapInput` via: 

AddressGroupMap{ "key": AddressGroupArgs{...} }

type AddressGroupMapOutput 

type AddressGroupMapOutput struct{ *pulumi.OutputState }

func (AddressGroupMapOutput) ElementType 

func (AddressGroupMapOutput) ElementType() reflect.Type

func (AddressGroupMapOutput) MapIndex 

func (o AddressGroupMapOutput) MapIndex(k pulumi.StringInput) AddressGroupOutput

func (AddressGroupMapOutput) ToAddressGroupMapOutput 

func (o AddressGroupMapOutput) ToAddressGroupMapOutput() AddressGroupMapOutput

func (AddressGroupMapOutput) ToAddressGroupMapOutputWithContext 

func (o AddressGroupMapOutput) ToAddressGroupMapOutputWithContext(ctx context.Context) AddressGroupMapOutput

type AddressGroupOutput 

type AddressGroupOutput struct{ *pulumi.OutputState }

func (AddressGroupOutput) Capacity 

func (o AddressGroupOutput) Capacity() pulumi.IntOutput

Capacity of the Address Group.

func (AddressGroupOutput) CreateTime 

func (o AddressGroupOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

func (AddressGroupOutput) Description 

func (o AddressGroupOutput) Description() pulumi.StringPtrOutput

Free-text description of the resource.

func (AddressGroupOutput) EffectiveLabels 

func (o AddressGroupOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (AddressGroupOutput) ElementType 

func (AddressGroupOutput) ElementType() reflect.Type

func (AddressGroupOutput) Items 

func (o AddressGroupOutput) Items() pulumi.StringArrayOutput

List of items.

func (AddressGroupOutput) Labels 

func (o AddressGroupOutput) Labels() pulumi.StringMapOutput

Set of label tags associated with the AddressGroup resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (AddressGroupOutput) Location 

func (o AddressGroupOutput) Location() pulumi.StringOutput

The location of the gateway security policy. The default value is `global`.

***

func (AddressGroupOutput) Name 

func (o AddressGroupOutput) Name() pulumi.StringOutput

Name of the AddressGroup resource.

func (AddressGroupOutput) Parent 

func (o AddressGroupOutput) Parent() pulumi.StringPtrOutput

The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.

func (AddressGroupOutput) PulumiLabels 

func (o AddressGroupOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (AddressGroupOutput) ToAddressGroupOutput 

func (o AddressGroupOutput) ToAddressGroupOutput() AddressGroupOutput

func (AddressGroupOutput) ToAddressGroupOutputWithContext 

func (o AddressGroupOutput) ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput

func (AddressGroupOutput) Type 

func (o AddressGroupOutput) Type() pulumi.StringOutput

The type of the Address Group. Possible values are "IPV4" or "IPV6". Possible values are: `IPV4`, `IPV6`.

func (AddressGroupOutput) UpdateTime 

func (o AddressGroupOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

type AddressGroupState 

type AddressGroupState struct {
	// Capacity of the Address Group.
	Capacity pulumi.IntPtrInput
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringPtrInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// List of items.
	Items pulumi.StringArrayInput
	// Set of label tags associated with the AddressGroup resource.
	// An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the gateway security policy.
	// The default value is `global`.
	//
	// ***
	Location pulumi.StringPtrInput
	// Name of the AddressGroup resource.
	Name pulumi.StringPtrInput
	// The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.
	Parent pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// The type of the Address Group. Possible values are "IPV4" or "IPV6".
	// Possible values are: `IPV4`, `IPV6`.
	Type pulumi.StringPtrInput
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringPtrInput
}

func (AddressGroupState) ElementType 

func (AddressGroupState) ElementType() reflect.Type

type AuthorizationPolicy 

type AuthorizationPolicy struct {
	pulumi.CustomResourceState

	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	// Possible values are: `ALLOW`, `DENY`.
	Action pulumi.StringOutput `pulumi:"action"`
	// Time the AuthorizationPolicy was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Set of label tags associated with the AuthorizationPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the authorization policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Name of the AuthorizationPolicy resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
	// A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
	// Structure is documented below.
	Rules AuthorizationPolicyRuleArrayOutput `pulumi:"rules"`
	// Time the AuthorizationPolicy was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage ### Network Security Authorization Policy Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAuthorizationPolicy(ctx, "default", &networksecurity.AuthorizationPolicyArgs{
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Action:      pulumi.String("ALLOW"),
			Rules: networksecurity.AuthorizationPolicyRuleArray{
				&networksecurity.AuthorizationPolicyRuleArgs{
					Sources: networksecurity.AuthorizationPolicyRuleSourceArray{
						&networksecurity.AuthorizationPolicyRuleSourceArgs{
							Principals: pulumi.StringArray{
								pulumi.String("namespace/*"),
							},
							IpBlocks: pulumi.StringArray{
								pulumi.String("1.2.3.0/24"),
							},
						},
					},
				},
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Authorization Policy Destinations

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAuthorizationPolicy(ctx, "default", &networksecurity.AuthorizationPolicyArgs{
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Action:      pulumi.String("ALLOW"),
			Rules: networksecurity.AuthorizationPolicyRuleArray{
				&networksecurity.AuthorizationPolicyRuleArgs{
					Sources: networksecurity.AuthorizationPolicyRuleSourceArray{
						&networksecurity.AuthorizationPolicyRuleSourceArgs{
							Principals: pulumi.StringArray{
								pulumi.String("namespace/*"),
							},
							IpBlocks: pulumi.StringArray{
								pulumi.String("1.2.3.0/24"),
							},
						},
					},
					Destinations: networksecurity.AuthorizationPolicyRuleDestinationArray{
						&networksecurity.AuthorizationPolicyRuleDestinationArgs{
							Hosts: pulumi.StringArray{
								pulumi.String("mydomain.*"),
							},
							Ports: pulumi.IntArray{
								pulumi.Int(8080),
							},
							Methods: pulumi.StringArray{
								pulumi.String("GET"),
							},
							HttpHeaderMatch: &networksecurity.AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs{
								HeaderName: pulumi.String(":method"),
								RegexMatch: pulumi.String("GET"),
							},
						},
					},
				},
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

AuthorizationPolicy can be imported using any of these accepted formats* `projects/{{project}}/locations/{{location}}/authorizationPolicies/{{name}}` * `{{project}}/{{location}}/{{name}}` * `{{location}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import AuthorizationPolicy using one of the formats above. For exampletf import { 

id = "projects/{{project}}/locations/{{location}}/authorizationPolicies/{{name}}"

to = google_network_security_authorization_policy.default }

```sh 

$ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), AuthorizationPolicy can be imported using one of the formats above. For example

```

```sh 

$ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default projects/{{project}}/locations/{{location}}/authorizationPolicies/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default {{project}}/{{location}}/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default {{location}}/{{name}}

```

func GetAuthorizationPolicy 

func GetAuthorizationPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthorizationPolicyState, opts ...pulumi.ResourceOption) (*AuthorizationPolicy, error)

GetAuthorizationPolicy gets an existing AuthorizationPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthorizationPolicy 

func NewAuthorizationPolicy(ctx *pulumi.Context,
	name string, args *AuthorizationPolicyArgs, opts ...pulumi.ResourceOption) (*AuthorizationPolicy, error)

NewAuthorizationPolicy registers a new resource with the given unique name, arguments, and options.

func (*AuthorizationPolicy) ElementType 

func (*AuthorizationPolicy) ElementType() reflect.Type

func (*AuthorizationPolicy) ToAuthorizationPolicyOutput 

func (i *AuthorizationPolicy) ToAuthorizationPolicyOutput() AuthorizationPolicyOutput

func (*AuthorizationPolicy) ToAuthorizationPolicyOutputWithContext 

func (i *AuthorizationPolicy) ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput

type AuthorizationPolicyArgs 

type AuthorizationPolicyArgs struct {
	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	// Possible values are: `ALLOW`, `DENY`.
	Action pulumi.StringInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// Set of label tags associated with the AuthorizationPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the authorization policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the AuthorizationPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
	// A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
	// Structure is documented below.
	Rules AuthorizationPolicyRuleArrayInput
}

The set of arguments for constructing a AuthorizationPolicy resource.

func (AuthorizationPolicyArgs) ElementType 

func (AuthorizationPolicyArgs) ElementType() reflect.Type

type AuthorizationPolicyArray 

type AuthorizationPolicyArray []AuthorizationPolicyInput

func (AuthorizationPolicyArray) ElementType 

func (AuthorizationPolicyArray) ElementType() reflect.Type

func (AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutput 

func (i AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutput() AuthorizationPolicyArrayOutput

func (AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutputWithContext 

func (i AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutputWithContext(ctx context.Context) AuthorizationPolicyArrayOutput

type AuthorizationPolicyArrayInput 

type AuthorizationPolicyArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyArrayOutput() AuthorizationPolicyArrayOutput
	ToAuthorizationPolicyArrayOutputWithContext(context.Context) AuthorizationPolicyArrayOutput
}

AuthorizationPolicyArrayInput is an input type that accepts AuthorizationPolicyArray and AuthorizationPolicyArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyArrayInput` via: 

AuthorizationPolicyArray{ AuthorizationPolicyArgs{...} }

type AuthorizationPolicyArrayOutput 

type AuthorizationPolicyArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyArrayOutput) ElementType 

func (AuthorizationPolicyArrayOutput) ElementType() reflect.Type

func (AuthorizationPolicyArrayOutput) Index 

func (o AuthorizationPolicyArrayOutput) Index(i pulumi.IntInput) AuthorizationPolicyOutput

func (AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutput 

func (o AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutput() AuthorizationPolicyArrayOutput

func (AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutputWithContext 

func (o AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutputWithContext(ctx context.Context) AuthorizationPolicyArrayOutput

type AuthorizationPolicyInput 

type AuthorizationPolicyInput interface {
	pulumi.Input

	ToAuthorizationPolicyOutput() AuthorizationPolicyOutput
	ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput
}

type AuthorizationPolicyMap 

type AuthorizationPolicyMap map[string]AuthorizationPolicyInput

func (AuthorizationPolicyMap) ElementType 

func (AuthorizationPolicyMap) ElementType() reflect.Type

func (AuthorizationPolicyMap) ToAuthorizationPolicyMapOutput 

func (i AuthorizationPolicyMap) ToAuthorizationPolicyMapOutput() AuthorizationPolicyMapOutput

func (AuthorizationPolicyMap) ToAuthorizationPolicyMapOutputWithContext 

func (i AuthorizationPolicyMap) ToAuthorizationPolicyMapOutputWithContext(ctx context.Context) AuthorizationPolicyMapOutput

type AuthorizationPolicyMapInput 

type AuthorizationPolicyMapInput interface {
	pulumi.Input

	ToAuthorizationPolicyMapOutput() AuthorizationPolicyMapOutput
	ToAuthorizationPolicyMapOutputWithContext(context.Context) AuthorizationPolicyMapOutput
}

AuthorizationPolicyMapInput is an input type that accepts AuthorizationPolicyMap and AuthorizationPolicyMapOutput values. You can construct a concrete instance of `AuthorizationPolicyMapInput` via: 

AuthorizationPolicyMap{ "key": AuthorizationPolicyArgs{...} }

type AuthorizationPolicyMapOutput 

type AuthorizationPolicyMapOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyMapOutput) ElementType 

func (AuthorizationPolicyMapOutput) ElementType() reflect.Type

func (AuthorizationPolicyMapOutput) MapIndex 

func (o AuthorizationPolicyMapOutput) MapIndex(k pulumi.StringInput) AuthorizationPolicyOutput

func (AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutput 

func (o AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutput() AuthorizationPolicyMapOutput

func (AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutputWithContext 

func (o AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutputWithContext(ctx context.Context) AuthorizationPolicyMapOutput

type AuthorizationPolicyOutput 

type AuthorizationPolicyOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyOutput) Action 

func (o AuthorizationPolicyOutput) Action() pulumi.StringOutput

The action to take when a rule match is found. Possible values are "ALLOW" or "DENY". Possible values are: `ALLOW`, `DENY`.

func (AuthorizationPolicyOutput) CreateTime 

func (o AuthorizationPolicyOutput) CreateTime() pulumi.StringOutput

Time the AuthorizationPolicy was created in UTC.

func (AuthorizationPolicyOutput) Description 

func (o AuthorizationPolicyOutput) Description() pulumi.StringPtrOutput

A free-text description of the resource. Max length 1024 characters.

func (AuthorizationPolicyOutput) EffectiveLabels 

func (o AuthorizationPolicyOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (AuthorizationPolicyOutput) ElementType 

func (AuthorizationPolicyOutput) ElementType() reflect.Type

func (AuthorizationPolicyOutput) Labels 

func (o AuthorizationPolicyOutput) Labels() pulumi.StringMapOutput

Set of label tags associated with the AuthorizationPolicy resource. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (AuthorizationPolicyOutput) Location 

func (o AuthorizationPolicyOutput) Location() pulumi.StringPtrOutput

The location of the authorization policy. The default value is `global`.

func (AuthorizationPolicyOutput) Name 

func (o AuthorizationPolicyOutput) Name() pulumi.StringOutput

Name of the AuthorizationPolicy resource.

***

func (AuthorizationPolicyOutput) Project 

func (o AuthorizationPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (AuthorizationPolicyOutput) PulumiLabels 

func (o AuthorizationPolicyOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (AuthorizationPolicyOutput) Rules 

func (o AuthorizationPolicyOutput) Rules() AuthorizationPolicyRuleArrayOutput

List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken. A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request. Structure is documented below.

func (AuthorizationPolicyOutput) ToAuthorizationPolicyOutput 

func (o AuthorizationPolicyOutput) ToAuthorizationPolicyOutput() AuthorizationPolicyOutput

func (AuthorizationPolicyOutput) ToAuthorizationPolicyOutputWithContext 

func (o AuthorizationPolicyOutput) ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput

func (AuthorizationPolicyOutput) UpdateTime 

func (o AuthorizationPolicyOutput) UpdateTime() pulumi.StringOutput

Time the AuthorizationPolicy was updated in UTC.

type AuthorizationPolicyRule 

type AuthorizationPolicyRule struct {
	// List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the destination.
	// Structure is documented below.
	Destinations []AuthorizationPolicyRuleDestination `pulumi:"destinations"`
	// List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ipBlocks match.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the source.
	// Structure is documented below.
	Sources []AuthorizationPolicyRuleSource `pulumi:"sources"`
}

type AuthorizationPolicyRuleArgs 

type AuthorizationPolicyRuleArgs struct {
	// List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the destination.
	// Structure is documented below.
	Destinations AuthorizationPolicyRuleDestinationArrayInput `pulumi:"destinations"`
	// List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ipBlocks match.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the source.
	// Structure is documented below.
	Sources AuthorizationPolicyRuleSourceArrayInput `pulumi:"sources"`
}

func (AuthorizationPolicyRuleArgs) ElementType 

func (AuthorizationPolicyRuleArgs) ElementType() reflect.Type

func (AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutput 

func (i AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutput() AuthorizationPolicyRuleOutput

func (AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutputWithContext 

func (i AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutputWithContext(ctx context.Context) AuthorizationPolicyRuleOutput

type AuthorizationPolicyRuleArray 

type AuthorizationPolicyRuleArray []AuthorizationPolicyRuleInput

func (AuthorizationPolicyRuleArray) ElementType 

func (AuthorizationPolicyRuleArray) ElementType() reflect.Type

func (AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutput 

func (i AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutput() AuthorizationPolicyRuleArrayOutput

func (AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutputWithContext 

func (i AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleArrayOutput

type AuthorizationPolicyRuleArrayInput 

type AuthorizationPolicyRuleArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleArrayOutput() AuthorizationPolicyRuleArrayOutput
	ToAuthorizationPolicyRuleArrayOutputWithContext(context.Context) AuthorizationPolicyRuleArrayOutput
}

AuthorizationPolicyRuleArrayInput is an input type that accepts AuthorizationPolicyRuleArray and AuthorizationPolicyRuleArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleArrayInput` via: 

AuthorizationPolicyRuleArray{ AuthorizationPolicyRuleArgs{...} }

type AuthorizationPolicyRuleArrayOutput 

type AuthorizationPolicyRuleArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleArrayOutput) ElementType 

func (AuthorizationPolicyRuleArrayOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleArrayOutput) Index 

func (o AuthorizationPolicyRuleArrayOutput) Index(i pulumi.IntInput) AuthorizationPolicyRuleOutput

func (AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutput 

func (o AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutput() AuthorizationPolicyRuleArrayOutput

func (AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutputWithContext 

func (o AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleArrayOutput

type AuthorizationPolicyRuleDestination 

type AuthorizationPolicyRuleDestination struct {
	// List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".
	Hosts []string `pulumi:"hosts"`
	// Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match.
	// Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy.
	// Structure is documented below.
	HttpHeaderMatch *AuthorizationPolicyRuleDestinationHttpHeaderMatch `pulumi:"httpHeaderMatch"`
	// A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.
	Methods []string `pulumi:"methods"`
	// List of destination ports to match. At least one port should match.
	Ports []int `pulumi:"ports"`
}

type AuthorizationPolicyRuleDestinationArgs 

type AuthorizationPolicyRuleDestinationArgs struct {
	// List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".
	Hosts pulumi.StringArrayInput `pulumi:"hosts"`
	// Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match.
	// Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy.
	// Structure is documented below.
	HttpHeaderMatch AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput `pulumi:"httpHeaderMatch"`
	// A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.
	Methods pulumi.StringArrayInput `pulumi:"methods"`
	// List of destination ports to match. At least one port should match.
	Ports pulumi.IntArrayInput `pulumi:"ports"`
}

func (AuthorizationPolicyRuleDestinationArgs) ElementType 

func (AuthorizationPolicyRuleDestinationArgs) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutput 

func (i AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutput() AuthorizationPolicyRuleDestinationOutput

func (AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutputWithContext 

func (i AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationOutput

type AuthorizationPolicyRuleDestinationArray 

type AuthorizationPolicyRuleDestinationArray []AuthorizationPolicyRuleDestinationInput

func (AuthorizationPolicyRuleDestinationArray) ElementType 

func (AuthorizationPolicyRuleDestinationArray) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutput 

func (i AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutput() AuthorizationPolicyRuleDestinationArrayOutput

func (AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext 

func (i AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationArrayOutput

type AuthorizationPolicyRuleDestinationArrayInput 

type AuthorizationPolicyRuleDestinationArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationArrayOutput() AuthorizationPolicyRuleDestinationArrayOutput
	ToAuthorizationPolicyRuleDestinationArrayOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationArrayOutput
}

AuthorizationPolicyRuleDestinationArrayInput is an input type that accepts AuthorizationPolicyRuleDestinationArray and AuthorizationPolicyRuleDestinationArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationArrayInput` via: 

AuthorizationPolicyRuleDestinationArray{ AuthorizationPolicyRuleDestinationArgs{...} }

type AuthorizationPolicyRuleDestinationArrayOutput 

type AuthorizationPolicyRuleDestinationArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationArrayOutput) ElementType 

func (AuthorizationPolicyRuleDestinationArrayOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationArrayOutput) Index 

func (o AuthorizationPolicyRuleDestinationArrayOutput) Index(i pulumi.IntInput) AuthorizationPolicyRuleDestinationOutput

func (AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutput 

func (o AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutput() AuthorizationPolicyRuleDestinationArrayOutput

func (AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext 

func (o AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationArrayOutput

type AuthorizationPolicyRuleDestinationHttpHeaderMatch 

type AuthorizationPolicyRuleDestinationHttpHeaderMatch struct {
	// The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".
	HeaderName string `pulumi:"headerName"`
	// The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.
	RegexMatch string `pulumi:"regexMatch"`
}

type AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs 

type AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs struct {
	// The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".
	HeaderName pulumi.StringInput `pulumi:"headerName"`
	// The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.
	RegexMatch pulumi.StringInput `pulumi:"regexMatch"`
}

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ElementType 

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput 

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext 

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput 

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext 

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchInput 

type AuthorizationPolicyRuleDestinationHttpHeaderMatchInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput
	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput
}

AuthorizationPolicyRuleDestinationHttpHeaderMatchInput is an input type that accepts AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs and AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationHttpHeaderMatchInput` via: 

AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs{...}

type AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput 

type AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ElementType 

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) HeaderName 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) HeaderName() pulumi.StringOutput

The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) RegexMatch 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) RegexMatch() pulumi.StringOutput

The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput 

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput
	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput
}

AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput is an input type that accepts AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs, AuthorizationPolicyRuleDestinationHttpHeaderMatchPtr and AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput` via: 

        AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs{...}

or:

        nil

func AuthorizationPolicyRuleDestinationHttpHeaderMatchPtr 

func AuthorizationPolicyRuleDestinationHttpHeaderMatchPtr(v *AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput 

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) Elem 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) Elem() AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ElementType 

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) HeaderName 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) HeaderName() pulumi.StringPtrOutput

The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) RegexMatch 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) RegexMatch() pulumi.StringPtrOutput

The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

type AuthorizationPolicyRuleDestinationInput 

type AuthorizationPolicyRuleDestinationInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationOutput() AuthorizationPolicyRuleDestinationOutput
	ToAuthorizationPolicyRuleDestinationOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationOutput
}

AuthorizationPolicyRuleDestinationInput is an input type that accepts AuthorizationPolicyRuleDestinationArgs and AuthorizationPolicyRuleDestinationOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationInput` via: 

AuthorizationPolicyRuleDestinationArgs{...}

type AuthorizationPolicyRuleDestinationOutput 

type AuthorizationPolicyRuleDestinationOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationOutput) ElementType 

func (AuthorizationPolicyRuleDestinationOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationOutput) Hosts 

func (o AuthorizationPolicyRuleDestinationOutput) Hosts() pulumi.StringArrayOutput

List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".

func (AuthorizationPolicyRuleDestinationOutput) HttpHeaderMatch 

func (o AuthorizationPolicyRuleDestinationOutput) HttpHeaderMatch() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match. Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy. Structure is documented below.

func (AuthorizationPolicyRuleDestinationOutput) Methods 

func (o AuthorizationPolicyRuleDestinationOutput) Methods() pulumi.StringArrayOutput

A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.

func (AuthorizationPolicyRuleDestinationOutput) Ports 

func (o AuthorizationPolicyRuleDestinationOutput) Ports() pulumi.IntArrayOutput

List of destination ports to match. At least one port should match.

func (AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutput 

func (o AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutput() AuthorizationPolicyRuleDestinationOutput

func (AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutputWithContext 

func (o AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationOutput

type AuthorizationPolicyRuleInput 

type AuthorizationPolicyRuleInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleOutput() AuthorizationPolicyRuleOutput
	ToAuthorizationPolicyRuleOutputWithContext(context.Context) AuthorizationPolicyRuleOutput
}

AuthorizationPolicyRuleInput is an input type that accepts AuthorizationPolicyRuleArgs and AuthorizationPolicyRuleOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleInput` via: 

AuthorizationPolicyRuleArgs{...}

type AuthorizationPolicyRuleOutput 

type AuthorizationPolicyRuleOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleOutput) Destinations 

func (o AuthorizationPolicyRuleOutput) Destinations() AuthorizationPolicyRuleDestinationArrayOutput

List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers. If not set, the action specified in the 'action' field will be applied without any rule checks for the destination. Structure is documented below.

func (AuthorizationPolicyRuleOutput) ElementType 

func (AuthorizationPolicyRuleOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleOutput) Sources 

func (o AuthorizationPolicyRuleOutput) Sources() AuthorizationPolicyRuleSourceArrayOutput

List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ipBlocks match. If not set, the action specified in the 'action' field will be applied without any rule checks for the source. Structure is documented below.

func (AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutput 

func (o AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutput() AuthorizationPolicyRuleOutput

func (AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutputWithContext 

func (o AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutputWithContext(ctx context.Context) AuthorizationPolicyRuleOutput

type AuthorizationPolicyRuleSource 

type AuthorizationPolicyRuleSource struct {
	// List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided.
	// The IP addresses of any load balancers or proxies should be considered untrusted.
	IpBlocks []string `pulumi:"ipBlocks"`
	// List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*".
	// Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.
	Principals []string `pulumi:"principals"`
}

type AuthorizationPolicyRuleSourceArgs 

type AuthorizationPolicyRuleSourceArgs struct {
	// List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided.
	// The IP addresses of any load balancers or proxies should be considered untrusted.
	IpBlocks pulumi.StringArrayInput `pulumi:"ipBlocks"`
	// List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*".
	// Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.
	Principals pulumi.StringArrayInput `pulumi:"principals"`
}

func (AuthorizationPolicyRuleSourceArgs) ElementType 

func (AuthorizationPolicyRuleSourceArgs) ElementType() reflect.Type

func (AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutput 

func (i AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutput() AuthorizationPolicyRuleSourceOutput

func (AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutputWithContext 

func (i AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceOutput

type AuthorizationPolicyRuleSourceArray 

type AuthorizationPolicyRuleSourceArray []AuthorizationPolicyRuleSourceInput

func (AuthorizationPolicyRuleSourceArray) ElementType 

func (AuthorizationPolicyRuleSourceArray) ElementType() reflect.Type

func (AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutput 

func (i AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutput() AuthorizationPolicyRuleSourceArrayOutput

func (AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutputWithContext 

func (i AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceArrayOutput

type AuthorizationPolicyRuleSourceArrayInput 

type AuthorizationPolicyRuleSourceArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleSourceArrayOutput() AuthorizationPolicyRuleSourceArrayOutput
	ToAuthorizationPolicyRuleSourceArrayOutputWithContext(context.Context) AuthorizationPolicyRuleSourceArrayOutput
}

AuthorizationPolicyRuleSourceArrayInput is an input type that accepts AuthorizationPolicyRuleSourceArray and AuthorizationPolicyRuleSourceArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleSourceArrayInput` via: 

AuthorizationPolicyRuleSourceArray{ AuthorizationPolicyRuleSourceArgs{...} }

type AuthorizationPolicyRuleSourceArrayOutput 

type AuthorizationPolicyRuleSourceArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleSourceArrayOutput) ElementType 

func (AuthorizationPolicyRuleSourceArrayOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleSourceArrayOutput) Index 

func (o AuthorizationPolicyRuleSourceArrayOutput) Index(i pulumi.IntInput) AuthorizationPolicyRuleSourceOutput

func (AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutput 

func (o AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutput() AuthorizationPolicyRuleSourceArrayOutput

func (AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutputWithContext 

func (o AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceArrayOutput

type AuthorizationPolicyRuleSourceInput 

type AuthorizationPolicyRuleSourceInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleSourceOutput() AuthorizationPolicyRuleSourceOutput
	ToAuthorizationPolicyRuleSourceOutputWithContext(context.Context) AuthorizationPolicyRuleSourceOutput
}

AuthorizationPolicyRuleSourceInput is an input type that accepts AuthorizationPolicyRuleSourceArgs and AuthorizationPolicyRuleSourceOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleSourceInput` via: 

AuthorizationPolicyRuleSourceArgs{...}

type AuthorizationPolicyRuleSourceOutput 

type AuthorizationPolicyRuleSourceOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleSourceOutput) ElementType 

func (AuthorizationPolicyRuleSourceOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleSourceOutput) IpBlocks 

func (o AuthorizationPolicyRuleSourceOutput) IpBlocks() pulumi.StringArrayOutput

List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided. The IP addresses of any load balancers or proxies should be considered untrusted.

func (AuthorizationPolicyRuleSourceOutput) Principals 

func (o AuthorizationPolicyRuleSourceOutput) Principals() pulumi.StringArrayOutput

List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*". Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.

func (AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutput 

func (o AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutput() AuthorizationPolicyRuleSourceOutput

func (AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutputWithContext 

func (o AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceOutput

type AuthorizationPolicyState 

type AuthorizationPolicyState struct {
	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	// Possible values are: `ALLOW`, `DENY`.
	Action pulumi.StringPtrInput
	// Time the AuthorizationPolicy was created in UTC.
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Set of label tags associated with the AuthorizationPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the authorization policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the AuthorizationPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
	// A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
	// Structure is documented below.
	Rules AuthorizationPolicyRuleArrayInput
	// Time the AuthorizationPolicy was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (AuthorizationPolicyState) ElementType 

func (AuthorizationPolicyState) ElementType() reflect.Type

type ClientTlsPolicy 

type ClientTlsPolicy struct {
	pulumi.CustomResourceState

	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ClientCertificate ClientTlsPolicyClientCertificatePtrOutput `pulumi:"clientCertificate"`
	// Time the ClientTlsPolicy was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Set of label tags associated with the ClientTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the client tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Name of the ClientTlsPolicy resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	// Structure is documented below.
	ServerValidationCas ClientTlsPolicyServerValidationCaArrayOutput `pulumi:"serverValidationCas"`
	// Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni pulumi.StringPtrOutput `pulumi:"sni"`
	// Time the ClientTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage ### Network Security Client Tls Policy Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewClientTlsPolicy(ctx, "default", &networksecurity.ClientTlsPolicyArgs{
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Sni:         pulumi.String("secure.example.com"),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Client Tls Policy Advanced

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewClientTlsPolicy(ctx, "default", &networksecurity.ClientTlsPolicyArgs{
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			ClientCertificate: &networksecurity.ClientTlsPolicyClientCertificateArgs{
				CertificateProviderInstance: &networksecurity.ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs{
					PluginInstance: pulumi.String("google_cloud_private_spiffe"),
				},
			},
			ServerValidationCas: networksecurity.ClientTlsPolicyServerValidationCaArray{
				&networksecurity.ClientTlsPolicyServerValidationCaArgs{
					GrpcEndpoint: &networksecurity.ClientTlsPolicyServerValidationCaGrpcEndpointArgs{
						TargetUri: pulumi.String("unix:mypath"),
					},
				},
				&networksecurity.ClientTlsPolicyServerValidationCaArgs{
					GrpcEndpoint: &networksecurity.ClientTlsPolicyServerValidationCaGrpcEndpointArgs{
						TargetUri: pulumi.String("unix:mypath1"),
					},
				},
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

ClientTlsPolicy can be imported using any of these accepted formats* `projects/{{project}}/locations/{{location}}/clientTlsPolicies/{{name}}` * `{{project}}/{{location}}/{{name}}` * `{{location}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import ClientTlsPolicy using one of the formats above. For exampletf import { 

id = "projects/{{project}}/locations/{{location}}/clientTlsPolicies/{{name}}"

to = google_network_security_client_tls_policy.default }

```sh 

$ pulumi import gcp:networksecurity/clientTlsPolicy:ClientTlsPolicy When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), ClientTlsPolicy can be imported using one of the formats above. For example

```

```sh 

$ pulumi import gcp:networksecurity/clientTlsPolicy:ClientTlsPolicy default projects/{{project}}/locations/{{location}}/clientTlsPolicies/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/clientTlsPolicy:ClientTlsPolicy default {{project}}/{{location}}/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/clientTlsPolicy:ClientTlsPolicy default {{location}}/{{name}}

```

func GetClientTlsPolicy 

func GetClientTlsPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClientTlsPolicyState, opts ...pulumi.ResourceOption) (*ClientTlsPolicy, error)

GetClientTlsPolicy gets an existing ClientTlsPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClientTlsPolicy 

func NewClientTlsPolicy(ctx *pulumi.Context,
	name string, args *ClientTlsPolicyArgs, opts ...pulumi.ResourceOption) (*ClientTlsPolicy, error)

NewClientTlsPolicy registers a new resource with the given unique name, arguments, and options.

func (*ClientTlsPolicy) ElementType 

func (*ClientTlsPolicy) ElementType() reflect.Type

func (*ClientTlsPolicy) ToClientTlsPolicyOutput 

func (i *ClientTlsPolicy) ToClientTlsPolicyOutput() ClientTlsPolicyOutput

func (*ClientTlsPolicy) ToClientTlsPolicyOutputWithContext 

func (i *ClientTlsPolicy) ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput

type ClientTlsPolicyArgs 

type ClientTlsPolicyArgs struct {
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ClientCertificate ClientTlsPolicyClientCertificatePtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// Set of label tags associated with the ClientTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the client tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the ClientTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	// Structure is documented below.
	ServerValidationCas ClientTlsPolicyServerValidationCaArrayInput
	// Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni pulumi.StringPtrInput
}

The set of arguments for constructing a ClientTlsPolicy resource.

func (ClientTlsPolicyArgs) ElementType 

func (ClientTlsPolicyArgs) ElementType() reflect.Type

type ClientTlsPolicyArray 

type ClientTlsPolicyArray []ClientTlsPolicyInput

func (ClientTlsPolicyArray) ElementType 

func (ClientTlsPolicyArray) ElementType() reflect.Type

func (ClientTlsPolicyArray) ToClientTlsPolicyArrayOutput 

func (i ClientTlsPolicyArray) ToClientTlsPolicyArrayOutput() ClientTlsPolicyArrayOutput

func (ClientTlsPolicyArray) ToClientTlsPolicyArrayOutputWithContext 

func (i ClientTlsPolicyArray) ToClientTlsPolicyArrayOutputWithContext(ctx context.Context) ClientTlsPolicyArrayOutput

type ClientTlsPolicyArrayInput 

type ClientTlsPolicyArrayInput interface {
	pulumi.Input

	ToClientTlsPolicyArrayOutput() ClientTlsPolicyArrayOutput
	ToClientTlsPolicyArrayOutputWithContext(context.Context) ClientTlsPolicyArrayOutput
}

ClientTlsPolicyArrayInput is an input type that accepts ClientTlsPolicyArray and ClientTlsPolicyArrayOutput values. You can construct a concrete instance of `ClientTlsPolicyArrayInput` via: 

ClientTlsPolicyArray{ ClientTlsPolicyArgs{...} }

type ClientTlsPolicyArrayOutput 

type ClientTlsPolicyArrayOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyArrayOutput) ElementType 

func (ClientTlsPolicyArrayOutput) ElementType() reflect.Type

func (ClientTlsPolicyArrayOutput) Index 

func (o ClientTlsPolicyArrayOutput) Index(i pulumi.IntInput) ClientTlsPolicyOutput

func (ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutput 

func (o ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutput() ClientTlsPolicyArrayOutput

func (ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutputWithContext 

func (o ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutputWithContext(ctx context.Context) ClientTlsPolicyArrayOutput

type ClientTlsPolicyClientCertificate 

type ClientTlsPolicyClientCertificate struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance *ClientTlsPolicyClientCertificateCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ClientTlsPolicyClientCertificateGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ClientTlsPolicyClientCertificateArgs 

type ClientTlsPolicyClientCertificateArgs struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ClientTlsPolicyClientCertificateGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ClientTlsPolicyClientCertificateArgs) ElementType 

func (ClientTlsPolicyClientCertificateArgs) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutput 

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutput() ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutputWithContext 

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutput 

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutputWithContext 

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificatePtrOutput

type ClientTlsPolicyClientCertificateCertificateProviderInstance 

type ClientTlsPolicyClientCertificateCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs 

type ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ElementType 

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput 

func (i ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput() ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext 

func (i ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput 

func (i ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext 

func (i ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

type ClientTlsPolicyClientCertificateCertificateProviderInstanceInput 

type ClientTlsPolicyClientCertificateCertificateProviderInstanceInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput() ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput
	ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext(context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput
}

ClientTlsPolicyClientCertificateCertificateProviderInstanceInput is an input type that accepts ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs and ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateCertificateProviderInstanceInput` via: 

ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs{...}

type ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput 

type ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ElementType 

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) PluginInstance 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) PluginInstance() pulumi.StringOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput() ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput 

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput
	ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput
}

ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput is an input type that accepts ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs, ClientTlsPolicyClientCertificateCertificateProviderInstancePtr and ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput` via: 

        ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs{...}

or:

        nil

func ClientTlsPolicyClientCertificateCertificateProviderInstancePtr 

func ClientTlsPolicyClientCertificateCertificateProviderInstancePtr(v *ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput 

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) Elem 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) Elem() ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ElementType 

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) PluginInstance 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) PluginInstance() pulumi.StringPtrOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

type ClientTlsPolicyClientCertificateGrpcEndpoint 

type ClientTlsPolicyClientCertificateGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ClientTlsPolicyClientCertificateGrpcEndpointArgs 

type ClientTlsPolicyClientCertificateGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ElementType 

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutput 

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutput() ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext 

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput 

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext 

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

type ClientTlsPolicyClientCertificateGrpcEndpointInput 

type ClientTlsPolicyClientCertificateGrpcEndpointInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateGrpcEndpointOutput() ClientTlsPolicyClientCertificateGrpcEndpointOutput
	ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext(context.Context) ClientTlsPolicyClientCertificateGrpcEndpointOutput
}

ClientTlsPolicyClientCertificateGrpcEndpointInput is an input type that accepts ClientTlsPolicyClientCertificateGrpcEndpointArgs and ClientTlsPolicyClientCertificateGrpcEndpointOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateGrpcEndpointInput` via: 

ClientTlsPolicyClientCertificateGrpcEndpointArgs{...}

type ClientTlsPolicyClientCertificateGrpcEndpointOutput 

type ClientTlsPolicyClientCertificateGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ElementType 

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) TargetUri 

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) TargetUri() pulumi.StringOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutput 

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutput() ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext 

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput 

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext 

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

type ClientTlsPolicyClientCertificateGrpcEndpointPtrInput 

type ClientTlsPolicyClientCertificateGrpcEndpointPtrInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput
	ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput
}

ClientTlsPolicyClientCertificateGrpcEndpointPtrInput is an input type that accepts ClientTlsPolicyClientCertificateGrpcEndpointArgs, ClientTlsPolicyClientCertificateGrpcEndpointPtr and ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateGrpcEndpointPtrInput` via: 

        ClientTlsPolicyClientCertificateGrpcEndpointArgs{...}

or:

        nil

func ClientTlsPolicyClientCertificateGrpcEndpointPtr 

func ClientTlsPolicyClientCertificateGrpcEndpointPtr(v *ClientTlsPolicyClientCertificateGrpcEndpointArgs) ClientTlsPolicyClientCertificateGrpcEndpointPtrInput

type ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput 

type ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) Elem 

func (o ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) Elem() ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ElementType 

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) TargetUri 

func (o ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) TargetUri() pulumi.StringPtrOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput 

func (o ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext 

func (o ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

type ClientTlsPolicyClientCertificateInput 

type ClientTlsPolicyClientCertificateInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateOutput() ClientTlsPolicyClientCertificateOutput
	ToClientTlsPolicyClientCertificateOutputWithContext(context.Context) ClientTlsPolicyClientCertificateOutput
}

ClientTlsPolicyClientCertificateInput is an input type that accepts ClientTlsPolicyClientCertificateArgs and ClientTlsPolicyClientCertificateOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateInput` via: 

ClientTlsPolicyClientCertificateArgs{...}

type ClientTlsPolicyClientCertificateOutput 

type ClientTlsPolicyClientCertificateOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateOutput) CertificateProviderInstance 

func (o ClientTlsPolicyClientCertificateOutput) CertificateProviderInstance() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information. Structure is documented below.

func (ClientTlsPolicyClientCertificateOutput) ElementType 

func (ClientTlsPolicyClientCertificateOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateOutput) GrpcEndpoint 

func (o ClientTlsPolicyClientCertificateOutput) GrpcEndpoint() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutput 

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutput() ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutputWithContext 

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutput 

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext 

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificatePtrOutput

type ClientTlsPolicyClientCertificatePtrInput 

type ClientTlsPolicyClientCertificatePtrInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput
	ToClientTlsPolicyClientCertificatePtrOutputWithContext(context.Context) ClientTlsPolicyClientCertificatePtrOutput
}

ClientTlsPolicyClientCertificatePtrInput is an input type that accepts ClientTlsPolicyClientCertificateArgs, ClientTlsPolicyClientCertificatePtr and ClientTlsPolicyClientCertificatePtrOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificatePtrInput` via: 

        ClientTlsPolicyClientCertificateArgs{...}

or:

        nil

func ClientTlsPolicyClientCertificatePtr 

func ClientTlsPolicyClientCertificatePtr(v *ClientTlsPolicyClientCertificateArgs) ClientTlsPolicyClientCertificatePtrInput

type ClientTlsPolicyClientCertificatePtrOutput 

type ClientTlsPolicyClientCertificatePtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificatePtrOutput) CertificateProviderInstance 

func (o ClientTlsPolicyClientCertificatePtrOutput) CertificateProviderInstance() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information. Structure is documented below.

func (ClientTlsPolicyClientCertificatePtrOutput) Elem 

func (o ClientTlsPolicyClientCertificatePtrOutput) Elem() ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificatePtrOutput) ElementType 

func (ClientTlsPolicyClientCertificatePtrOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificatePtrOutput) GrpcEndpoint 

func (o ClientTlsPolicyClientCertificatePtrOutput) GrpcEndpoint() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutput 

func (o ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput

func (ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext 

func (o ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificatePtrOutput

type ClientTlsPolicyInput 

type ClientTlsPolicyInput interface {
	pulumi.Input

	ToClientTlsPolicyOutput() ClientTlsPolicyOutput
	ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput
}

type ClientTlsPolicyMap 

type ClientTlsPolicyMap map[string]ClientTlsPolicyInput

func (ClientTlsPolicyMap) ElementType 

func (ClientTlsPolicyMap) ElementType() reflect.Type

func (ClientTlsPolicyMap) ToClientTlsPolicyMapOutput 

func (i ClientTlsPolicyMap) ToClientTlsPolicyMapOutput() ClientTlsPolicyMapOutput

func (ClientTlsPolicyMap) ToClientTlsPolicyMapOutputWithContext 

func (i ClientTlsPolicyMap) ToClientTlsPolicyMapOutputWithContext(ctx context.Context) ClientTlsPolicyMapOutput

type ClientTlsPolicyMapInput 

type ClientTlsPolicyMapInput interface {
	pulumi.Input

	ToClientTlsPolicyMapOutput() ClientTlsPolicyMapOutput
	ToClientTlsPolicyMapOutputWithContext(context.Context) ClientTlsPolicyMapOutput
}

ClientTlsPolicyMapInput is an input type that accepts ClientTlsPolicyMap and ClientTlsPolicyMapOutput values. You can construct a concrete instance of `ClientTlsPolicyMapInput` via: 

ClientTlsPolicyMap{ "key": ClientTlsPolicyArgs{...} }

type ClientTlsPolicyMapOutput 

type ClientTlsPolicyMapOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyMapOutput) ElementType 

func (ClientTlsPolicyMapOutput) ElementType() reflect.Type

func (ClientTlsPolicyMapOutput) MapIndex 

func (o ClientTlsPolicyMapOutput) MapIndex(k pulumi.StringInput) ClientTlsPolicyOutput

func (ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutput 

func (o ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutput() ClientTlsPolicyMapOutput

func (ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutputWithContext 

func (o ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutputWithContext(ctx context.Context) ClientTlsPolicyMapOutput

type ClientTlsPolicyOutput 

type ClientTlsPolicyOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyOutput) ClientCertificate 

func (o ClientTlsPolicyOutput) ClientCertificate() ClientTlsPolicyClientCertificatePtrOutput

Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS. Structure is documented below.

func (ClientTlsPolicyOutput) CreateTime 

func (o ClientTlsPolicyOutput) CreateTime() pulumi.StringOutput

Time the ClientTlsPolicy was created in UTC.

func (ClientTlsPolicyOutput) Description 

func (o ClientTlsPolicyOutput) Description() pulumi.StringPtrOutput

A free-text description of the resource. Max length 1024 characters.

func (ClientTlsPolicyOutput) EffectiveLabels 

func (o ClientTlsPolicyOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (ClientTlsPolicyOutput) ElementType 

func (ClientTlsPolicyOutput) ElementType() reflect.Type

func (ClientTlsPolicyOutput) Labels 

func (o ClientTlsPolicyOutput) Labels() pulumi.StringMapOutput

Set of label tags associated with the ClientTlsPolicy resource. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (ClientTlsPolicyOutput) Location 

func (o ClientTlsPolicyOutput) Location() pulumi.StringPtrOutput

The location of the client tls policy. The default value is `global`.

func (ClientTlsPolicyOutput) Name 

func (o ClientTlsPolicyOutput) Name() pulumi.StringOutput

Name of the ClientTlsPolicy resource.

***

func (ClientTlsPolicyOutput) Project 

func (o ClientTlsPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (ClientTlsPolicyOutput) PulumiLabels 

func (o ClientTlsPolicyOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (ClientTlsPolicyOutput) ServerValidationCas 

func (o ClientTlsPolicyOutput) ServerValidationCas() ClientTlsPolicyServerValidationCaArrayOutput

Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate. Structure is documented below.

func (ClientTlsPolicyOutput) Sni 

func (o ClientTlsPolicyOutput) Sni() pulumi.StringPtrOutput

Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

func (ClientTlsPolicyOutput) ToClientTlsPolicyOutput 

func (o ClientTlsPolicyOutput) ToClientTlsPolicyOutput() ClientTlsPolicyOutput

func (ClientTlsPolicyOutput) ToClientTlsPolicyOutputWithContext 

func (o ClientTlsPolicyOutput) ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput

func (ClientTlsPolicyOutput) UpdateTime 

func (o ClientTlsPolicyOutput) UpdateTime() pulumi.StringOutput

Time the ClientTlsPolicy was updated in UTC.

type ClientTlsPolicyServerValidationCa 

type ClientTlsPolicyServerValidationCa struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance *ClientTlsPolicyServerValidationCaCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ClientTlsPolicyServerValidationCaGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ClientTlsPolicyServerValidationCaArgs 

type ClientTlsPolicyServerValidationCaArgs struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ClientTlsPolicyServerValidationCaArgs) ElementType 

func (ClientTlsPolicyServerValidationCaArgs) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutput 

func (i ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutput() ClientTlsPolicyServerValidationCaOutput

func (ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutputWithContext 

func (i ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaOutput

type ClientTlsPolicyServerValidationCaArray 

type ClientTlsPolicyServerValidationCaArray []ClientTlsPolicyServerValidationCaInput

func (ClientTlsPolicyServerValidationCaArray) ElementType 

func (ClientTlsPolicyServerValidationCaArray) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutput 

func (i ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutput() ClientTlsPolicyServerValidationCaArrayOutput

func (ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutputWithContext 

func (i ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaArrayOutput

type ClientTlsPolicyServerValidationCaArrayInput 

type ClientTlsPolicyServerValidationCaArrayInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaArrayOutput() ClientTlsPolicyServerValidationCaArrayOutput
	ToClientTlsPolicyServerValidationCaArrayOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaArrayOutput
}

ClientTlsPolicyServerValidationCaArrayInput is an input type that accepts ClientTlsPolicyServerValidationCaArray and ClientTlsPolicyServerValidationCaArrayOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaArrayInput` via: 

ClientTlsPolicyServerValidationCaArray{ ClientTlsPolicyServerValidationCaArgs{...} }

type ClientTlsPolicyServerValidationCaArrayOutput 

type ClientTlsPolicyServerValidationCaArrayOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaArrayOutput) ElementType 

func (ClientTlsPolicyServerValidationCaArrayOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaArrayOutput) Index 

func (o ClientTlsPolicyServerValidationCaArrayOutput) Index(i pulumi.IntInput) ClientTlsPolicyServerValidationCaOutput

func (ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutput 

func (o ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutput() ClientTlsPolicyServerValidationCaArrayOutput

func (ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutputWithContext 

func (o ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaArrayOutput

type ClientTlsPolicyServerValidationCaCertificateProviderInstance 

type ClientTlsPolicyServerValidationCaCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs 

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ElementType 

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput 

func (i ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext 

func (i ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput 

func (i ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext 

func (i ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput 

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput
	ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput
}

ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput is an input type that accepts ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs and ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput` via: 

ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs{...}

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput 

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ElementType 

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) PluginInstance 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) PluginInstance() pulumi.StringOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput 

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput
	ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput
}

ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput is an input type that accepts ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs, ClientTlsPolicyServerValidationCaCertificateProviderInstancePtr and ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput` via: 

        ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs{...}

or:

        nil

func ClientTlsPolicyServerValidationCaCertificateProviderInstancePtr 

func ClientTlsPolicyServerValidationCaCertificateProviderInstancePtr(v *ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput 

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) Elem 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) Elem() ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ElementType 

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) PluginInstance 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) PluginInstance() pulumi.StringPtrOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

type ClientTlsPolicyServerValidationCaGrpcEndpoint 

type ClientTlsPolicyServerValidationCaGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ClientTlsPolicyServerValidationCaGrpcEndpointArgs 

type ClientTlsPolicyServerValidationCaGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ElementType 

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput 

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput() ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext 

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput 

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext 

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

type ClientTlsPolicyServerValidationCaGrpcEndpointInput 

type ClientTlsPolicyServerValidationCaGrpcEndpointInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaGrpcEndpointOutput() ClientTlsPolicyServerValidationCaGrpcEndpointOutput
	ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointOutput
}

ClientTlsPolicyServerValidationCaGrpcEndpointInput is an input type that accepts ClientTlsPolicyServerValidationCaGrpcEndpointArgs and ClientTlsPolicyServerValidationCaGrpcEndpointOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaGrpcEndpointInput` via: 

ClientTlsPolicyServerValidationCaGrpcEndpointArgs{...}

type ClientTlsPolicyServerValidationCaGrpcEndpointOutput 

type ClientTlsPolicyServerValidationCaGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ElementType 

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) TargetUri 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) TargetUri() pulumi.StringOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput() ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput 

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput
	ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput
}

ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput is an input type that accepts ClientTlsPolicyServerValidationCaGrpcEndpointArgs, ClientTlsPolicyServerValidationCaGrpcEndpointPtr and ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput` via: 

        ClientTlsPolicyServerValidationCaGrpcEndpointArgs{...}

or:

        nil

func ClientTlsPolicyServerValidationCaGrpcEndpointPtr 

func ClientTlsPolicyServerValidationCaGrpcEndpointPtr(v *ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput 

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) Elem 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) Elem() ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ElementType 

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) TargetUri 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) TargetUri() pulumi.StringPtrOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

type ClientTlsPolicyServerValidationCaInput 

type ClientTlsPolicyServerValidationCaInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaOutput() ClientTlsPolicyServerValidationCaOutput
	ToClientTlsPolicyServerValidationCaOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaOutput
}

ClientTlsPolicyServerValidationCaInput is an input type that accepts ClientTlsPolicyServerValidationCaArgs and ClientTlsPolicyServerValidationCaOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaInput` via: 

ClientTlsPolicyServerValidationCaArgs{...}

type ClientTlsPolicyServerValidationCaOutput 

type ClientTlsPolicyServerValidationCaOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaOutput) CertificateProviderInstance 

func (o ClientTlsPolicyServerValidationCaOutput) CertificateProviderInstance() ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information. Structure is documented below.

func (ClientTlsPolicyServerValidationCaOutput) ElementType 

func (ClientTlsPolicyServerValidationCaOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaOutput) GrpcEndpoint 

func (o ClientTlsPolicyServerValidationCaOutput) GrpcEndpoint() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutput 

func (o ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutput() ClientTlsPolicyServerValidationCaOutput

func (ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutputWithContext 

func (o ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaOutput

type ClientTlsPolicyState 

type ClientTlsPolicyState struct {
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ClientCertificate ClientTlsPolicyClientCertificatePtrInput
	// Time the ClientTlsPolicy was created in UTC.
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Set of label tags associated with the ClientTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the client tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the ClientTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	// Structure is documented below.
	ServerValidationCas ClientTlsPolicyServerValidationCaArrayInput
	// Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni pulumi.StringPtrInput
	// Time the ClientTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (ClientTlsPolicyState) ElementType 

func (ClientTlsPolicyState) ElementType() reflect.Type

type GatewaySecurityPolicy 

type GatewaySecurityPolicy struct {
	pulumi.CustomResourceState

	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The location of the gateway security policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy}
	// gatewaySecurityPolicy should match the pattern:(^a-z?$).
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.
	TlsInspectionPolicy pulumi.StringPtrOutput `pulumi:"tlsInspectionPolicy"`
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

The GatewaySecurityPolicy resource contains a collection of GatewaySecurityPolicyRules and associated metadata.

To get more information about GatewaySecurityPolicy, see:

* [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.gatewaySecurityPolicies)

## Example Usage ### Network Security Gateway Security Policy Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
			Description: pulumi.String("my description"),
			Location:    pulumi.String("us-central1"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Gateway Security Policy Tls Inspection Basic

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificateauthority"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		defaultCaPool, err := certificateauthority.NewCaPool(ctx, "defaultCaPool", &certificateauthority.CaPoolArgs{
			Location: pulumi.String("us-central1"),
			Tier:     pulumi.String("DEVOPS"),
			PublishingOptions: &certificateauthority.CaPoolPublishingOptionsArgs{
				PublishCaCert: pulumi.Bool(false),
				PublishCrl:    pulumi.Bool(false),
			},
			IssuancePolicy: &certificateauthority.CaPoolIssuancePolicyArgs{
				MaximumLifetime: pulumi.String("1209600s"),
				BaselineValues: &certificateauthority.CaPoolIssuancePolicyBaselineValuesArgs{
					CaOptions: &certificateauthority.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs{
						IsCa: pulumi.Bool(false),
					},
					KeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs{
						BaseKeyUsage: nil,
						ExtendedKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(true),
						},
					},
				},
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		defaultAuthority, err := certificateauthority.NewAuthority(ctx, "defaultAuthority", &certificateauthority.AuthorityArgs{
			Pool:                               defaultCaPool.Name,
			CertificateAuthorityId:             pulumi.String("my-basic-certificate-authority"),
			Location:                           pulumi.String("us-central1"),
			Lifetime:                           pulumi.String("86400s"),
			Type:                               pulumi.String("SELF_SIGNED"),
			DeletionProtection:                 pulumi.Bool(false),
			SkipGracePeriod:                    pulumi.Bool(true),
			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
			Config: &certificateauthority.AuthorityConfigArgs{
				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
						Organization: pulumi.String("Test LLC"),
						CommonName:   pulumi.String("my-ca"),
					},
				},
				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
						IsCa: pulumi.Bool(true),
					},
					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
							CertSign: pulumi.Bool(true),
							CrlSign:  pulumi.Bool(true),
						},
						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(false),
						},
					},
				},
			},
			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		nsSa, err := projects.NewServiceIdentity(ctx, "nsSa", &projects.ServiceIdentityArgs{
			Service: pulumi.String("networksecurity.googleapis.com"),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		tlsInspectionPermission, err := certificateauthority.NewCaPoolIamMember(ctx, "tlsInspectionPermission", &certificateauthority.CaPoolIamMemberArgs{
			CaPool: defaultCaPool.ID(),
			Role:   pulumi.String("roles/privateca.certificateManager"),
			Member: nsSa.Email.ApplyT(func(email string) (string, error) {
				return fmt.Sprintf("serviceAccount:%v", email), nil
			}).(pulumi.StringOutput),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		defaultTlsInspectionPolicy, err := networksecurity.NewTlsInspectionPolicy(ctx, "defaultTlsInspectionPolicy", &networksecurity.TlsInspectionPolicyArgs{
			Location: pulumi.String("us-central1"),
			CaPool:   defaultCaPool.ID(),
		}, pulumi.Provider(google_beta), pulumi.DependsOn([]pulumi.Resource{
			defaultCaPool,
			defaultAuthority,
			tlsInspectionPermission,
		}))
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicy(ctx, "defaultGatewaySecurityPolicy", &networksecurity.GatewaySecurityPolicyArgs{
			Location:            pulumi.String("us-central1"),
			Description:         pulumi.String("my description"),
			TlsInspectionPolicy: defaultTlsInspectionPolicy.ID(),
		}, pulumi.Provider(google_beta), pulumi.DependsOn([]pulumi.Resource{
			defaultTlsInspectionPolicy,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

GatewaySecurityPolicy can be imported using any of these accepted formats* `projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{name}}` * `{{project}}/{{location}}/{{name}}` * `{{location}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import GatewaySecurityPolicy using one of the formats above. For exampletf import { 

id = "projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{name}}"

to = google_network_security_gateway_security_policy.default }

```sh 

$ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), GatewaySecurityPolicy can be imported using one of the formats above. For example

```

```sh 

$ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{project}}/{{location}}/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{location}}/{{name}}

```

func GetGatewaySecurityPolicy 

func GetGatewaySecurityPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GatewaySecurityPolicyState, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicy, error)

GetGatewaySecurityPolicy gets an existing GatewaySecurityPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGatewaySecurityPolicy 

func NewGatewaySecurityPolicy(ctx *pulumi.Context,
	name string, args *GatewaySecurityPolicyArgs, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicy, error)

NewGatewaySecurityPolicy registers a new resource with the given unique name, arguments, and options.

func (*GatewaySecurityPolicy) ElementType 

func (*GatewaySecurityPolicy) ElementType() reflect.Type

func (*GatewaySecurityPolicy) ToGatewaySecurityPolicyOutput 

func (i *GatewaySecurityPolicy) ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput

func (*GatewaySecurityPolicy) ToGatewaySecurityPolicyOutputWithContext 

func (i *GatewaySecurityPolicy) ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput

type GatewaySecurityPolicyArgs 

type GatewaySecurityPolicyArgs struct {
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// The location of the gateway security policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy}
	// gatewaySecurityPolicy should match the pattern:(^a-z?$).
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.
	TlsInspectionPolicy pulumi.StringPtrInput
}

The set of arguments for constructing a GatewaySecurityPolicy resource.

func (GatewaySecurityPolicyArgs) ElementType 

func (GatewaySecurityPolicyArgs) ElementType() reflect.Type

type GatewaySecurityPolicyArray 

type GatewaySecurityPolicyArray []GatewaySecurityPolicyInput

func (GatewaySecurityPolicyArray) ElementType 

func (GatewaySecurityPolicyArray) ElementType() reflect.Type

func (GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutput 

func (i GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutput() GatewaySecurityPolicyArrayOutput

func (GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutputWithContext 

func (i GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyArrayOutput

type GatewaySecurityPolicyArrayInput 

type GatewaySecurityPolicyArrayInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyArrayOutput() GatewaySecurityPolicyArrayOutput
	ToGatewaySecurityPolicyArrayOutputWithContext(context.Context) GatewaySecurityPolicyArrayOutput
}

GatewaySecurityPolicyArrayInput is an input type that accepts GatewaySecurityPolicyArray and GatewaySecurityPolicyArrayOutput values. You can construct a concrete instance of `GatewaySecurityPolicyArrayInput` via: 

GatewaySecurityPolicyArray{ GatewaySecurityPolicyArgs{...} }

type GatewaySecurityPolicyArrayOutput 

type GatewaySecurityPolicyArrayOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyArrayOutput) ElementType 

func (GatewaySecurityPolicyArrayOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyArrayOutput) Index 

func (o GatewaySecurityPolicyArrayOutput) Index(i pulumi.IntInput) GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutput 

func (o GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutput() GatewaySecurityPolicyArrayOutput

func (GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutputWithContext 

func (o GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyArrayOutput

type GatewaySecurityPolicyInput 

type GatewaySecurityPolicyInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput
	ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput
}

type GatewaySecurityPolicyMap 

type GatewaySecurityPolicyMap map[string]GatewaySecurityPolicyInput

func (GatewaySecurityPolicyMap) ElementType 

func (GatewaySecurityPolicyMap) ElementType() reflect.Type

func (GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutput 

func (i GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutput() GatewaySecurityPolicyMapOutput

func (GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutputWithContext 

func (i GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyMapOutput

type GatewaySecurityPolicyMapInput 

type GatewaySecurityPolicyMapInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyMapOutput() GatewaySecurityPolicyMapOutput
	ToGatewaySecurityPolicyMapOutputWithContext(context.Context) GatewaySecurityPolicyMapOutput
}

GatewaySecurityPolicyMapInput is an input type that accepts GatewaySecurityPolicyMap and GatewaySecurityPolicyMapOutput values. You can construct a concrete instance of `GatewaySecurityPolicyMapInput` via: 

GatewaySecurityPolicyMap{ "key": GatewaySecurityPolicyArgs{...} }

type GatewaySecurityPolicyMapOutput 

type GatewaySecurityPolicyMapOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyMapOutput) ElementType 

func (GatewaySecurityPolicyMapOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyMapOutput) MapIndex 

func (o GatewaySecurityPolicyMapOutput) MapIndex(k pulumi.StringInput) GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutput 

func (o GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutput() GatewaySecurityPolicyMapOutput

func (GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutputWithContext 

func (o GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyMapOutput

type GatewaySecurityPolicyOutput 

type GatewaySecurityPolicyOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyOutput) CreateTime 

func (o GatewaySecurityPolicyOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

func (GatewaySecurityPolicyOutput) Description 

func (o GatewaySecurityPolicyOutput) Description() pulumi.StringPtrOutput

A free-text description of the resource. Max length 1024 characters.

func (GatewaySecurityPolicyOutput) ElementType 

func (GatewaySecurityPolicyOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyOutput) Location 

func (o GatewaySecurityPolicyOutput) Location() pulumi.StringPtrOutput

The location of the gateway security policy. The default value is `global`.

func (GatewaySecurityPolicyOutput) Name 

func (o GatewaySecurityPolicyOutput) Name() pulumi.StringOutput

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).

***

func (GatewaySecurityPolicyOutput) Project 

func (o GatewaySecurityPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used. 

func (o GatewaySecurityPolicyOutput) SelfLink() pulumi.StringOutput

Server-defined URL of this resource.

func (GatewaySecurityPolicyOutput) TlsInspectionPolicy 

func (o GatewaySecurityPolicyOutput) TlsInspectionPolicy() pulumi.StringPtrOutput

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

func (GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutput 

func (o GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutputWithContext 

func (o GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyOutput) UpdateTime 

func (o GatewaySecurityPolicyOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

type GatewaySecurityPolicyRule 

type GatewaySecurityPolicyRule struct {
	pulumi.CustomResourceState

	// CEL expression for matching on L7/application level criteria.
	ApplicationMatcher pulumi.StringPtrOutput `pulumi:"applicationMatcher"`
	// Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY.
	// Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.
	BasicProfile pulumi.StringOutput `pulumi:"basicProfile"`
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Whether the rule is enforced.
	Enabled pulumi.BoolOutput `pulumi:"enabled"`
	// The name of the gatewat security policy this rule belongs to.
	//
	// ***
	GatewaySecurityPolicy pulumi.StringOutput `pulumi:"gatewaySecurityPolicy"`
	// The location of the gateway security policy.
	Location pulumi.StringOutput `pulumi:"location"`
	// Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule}
	// rule should match the pattern: (^a-z?$).
	Name pulumi.StringOutput `pulumi:"name"`
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority pulumi.IntOutput `pulumi:"priority"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// CEL expression for matching on session criteria.
	SessionMatcher pulumi.StringOutput `pulumi:"sessionMatcher"`
	// Flag to enable TLS inspection of traffic matching on. Can only be true if the
	// parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled pulumi.BoolPtrOutput `pulumi:"tlsInspectionEnabled"`
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

The GatewaySecurityPolicyRule resource is in a nested collection within a GatewaySecurityPolicy and represents a traffic matching condition and associated action to perform.

To get more information about GatewaySecurityPolicyRule, see:

* [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.gatewaySecurityPolicies.rules)

## Example Usage ### Network Security Gateway Security Policy Rules Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		defaultGatewaySecurityPolicy, err := networksecurity.NewGatewaySecurityPolicy(ctx, "defaultGatewaySecurityPolicy", &networksecurity.GatewaySecurityPolicyArgs{
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("gateway security policy created to be used as reference by the rule."),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicyRule(ctx, "defaultGatewaySecurityPolicyRule", &networksecurity.GatewaySecurityPolicyRuleArgs{
			Location:              pulumi.String("us-central1"),
			GatewaySecurityPolicy: defaultGatewaySecurityPolicy.Name,
			Enabled:               pulumi.Bool(true),
			Description:           pulumi.String("my description"),
			Priority:              pulumi.Int(0),
			SessionMatcher:        pulumi.String("host() == 'example.com'"),
			BasicProfile:          pulumi.String("ALLOW"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Gateway Security Policy Rules Advanced

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		defaultGatewaySecurityPolicy, err := networksecurity.NewGatewaySecurityPolicy(ctx, "defaultGatewaySecurityPolicy", &networksecurity.GatewaySecurityPolicyArgs{
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("gateway security policy created to be used as reference by the rule."),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicyRule(ctx, "defaultGatewaySecurityPolicyRule", &networksecurity.GatewaySecurityPolicyRuleArgs{
			Location:              pulumi.String("us-central1"),
			GatewaySecurityPolicy: defaultGatewaySecurityPolicy.Name,
			Enabled:               pulumi.Bool(true),
			Description:           pulumi.String("my description"),
			Priority:              pulumi.Int(0),
			SessionMatcher:        pulumi.String("host() == 'example.com'"),
			ApplicationMatcher:    pulumi.String("request.method == 'POST'"),
			TlsInspectionEnabled:  pulumi.Bool(false),
			BasicProfile:          pulumi.String("ALLOW"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

GatewaySecurityPolicyRule can be imported using any of these accepted formats* `projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{gateway_security_policy}}/rules/{{name}}` * `{{project}}/{{location}}/{{gateway_security_policy}}/{{name}}` * `{{location}}/{{gateway_security_policy}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import GatewaySecurityPolicyRule using one of the formats above. For exampletf import { 

id = "projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{gateway_security_policy}}/rules/{{name}}"

to = google_network_security_gateway_security_policy_rule.default }

```sh 

$ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), GatewaySecurityPolicyRule can be imported using one of the formats above. For example

```

```sh 

$ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{gateway_security_policy}}/rules/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default {{project}}/{{location}}/{{gateway_security_policy}}/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default {{location}}/{{gateway_security_policy}}/{{name}}

```

func GetGatewaySecurityPolicyRule 

func GetGatewaySecurityPolicyRule(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GatewaySecurityPolicyRuleState, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicyRule, error)

GetGatewaySecurityPolicyRule gets an existing GatewaySecurityPolicyRule resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGatewaySecurityPolicyRule 

func NewGatewaySecurityPolicyRule(ctx *pulumi.Context,
	name string, args *GatewaySecurityPolicyRuleArgs, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicyRule, error)

NewGatewaySecurityPolicyRule registers a new resource with the given unique name, arguments, and options.

func (*GatewaySecurityPolicyRule) ElementType 

func (*GatewaySecurityPolicyRule) ElementType() reflect.Type

func (*GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutput 

func (i *GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutput() GatewaySecurityPolicyRuleOutput

func (*GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutputWithContext 

func (i *GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleOutput

type GatewaySecurityPolicyRuleArgs 

type GatewaySecurityPolicyRuleArgs struct {
	// CEL expression for matching on L7/application level criteria.
	ApplicationMatcher pulumi.StringPtrInput
	// Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY.
	// Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.
	BasicProfile pulumi.StringInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Whether the rule is enforced.
	Enabled pulumi.BoolInput
	// The name of the gatewat security policy this rule belongs to.
	//
	// ***
	GatewaySecurityPolicy pulumi.StringInput
	// The location of the gateway security policy.
	Location pulumi.StringInput
	// Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule}
	// rule should match the pattern: (^a-z?$).
	Name pulumi.StringPtrInput
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority pulumi.IntInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// CEL expression for matching on session criteria.
	SessionMatcher pulumi.StringInput
	// Flag to enable TLS inspection of traffic matching on. Can only be true if the
	// parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled pulumi.BoolPtrInput
}

The set of arguments for constructing a GatewaySecurityPolicyRule resource.

func (GatewaySecurityPolicyRuleArgs) ElementType 

func (GatewaySecurityPolicyRuleArgs) ElementType() reflect.Type

type GatewaySecurityPolicyRuleArray 

type GatewaySecurityPolicyRuleArray []GatewaySecurityPolicyRuleInput

func (GatewaySecurityPolicyRuleArray) ElementType 

func (GatewaySecurityPolicyRuleArray) ElementType() reflect.Type

func (GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutput 

func (i GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutput() GatewaySecurityPolicyRuleArrayOutput

func (GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutputWithContext 

func (i GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleArrayOutput

type GatewaySecurityPolicyRuleArrayInput 

type GatewaySecurityPolicyRuleArrayInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyRuleArrayOutput() GatewaySecurityPolicyRuleArrayOutput
	ToGatewaySecurityPolicyRuleArrayOutputWithContext(context.Context) GatewaySecurityPolicyRuleArrayOutput
}

GatewaySecurityPolicyRuleArrayInput is an input type that accepts GatewaySecurityPolicyRuleArray and GatewaySecurityPolicyRuleArrayOutput values. You can construct a concrete instance of `GatewaySecurityPolicyRuleArrayInput` via: 

GatewaySecurityPolicyRuleArray{ GatewaySecurityPolicyRuleArgs{...} }

type GatewaySecurityPolicyRuleArrayOutput 

type GatewaySecurityPolicyRuleArrayOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyRuleArrayOutput) ElementType 

func (GatewaySecurityPolicyRuleArrayOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyRuleArrayOutput) Index 

func (o GatewaySecurityPolicyRuleArrayOutput) Index(i pulumi.IntInput) GatewaySecurityPolicyRuleOutput

func (GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutput 

func (o GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutput() GatewaySecurityPolicyRuleArrayOutput

func (GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutputWithContext 

func (o GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleArrayOutput

type GatewaySecurityPolicyRuleInput 

type GatewaySecurityPolicyRuleInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyRuleOutput() GatewaySecurityPolicyRuleOutput
	ToGatewaySecurityPolicyRuleOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleOutput
}

type GatewaySecurityPolicyRuleMap 

type GatewaySecurityPolicyRuleMap map[string]GatewaySecurityPolicyRuleInput

func (GatewaySecurityPolicyRuleMap) ElementType 

func (GatewaySecurityPolicyRuleMap) ElementType() reflect.Type

func (GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutput 

func (i GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutput() GatewaySecurityPolicyRuleMapOutput

func (GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutputWithContext 

func (i GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleMapOutput

type GatewaySecurityPolicyRuleMapInput 

type GatewaySecurityPolicyRuleMapInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyRuleMapOutput() GatewaySecurityPolicyRuleMapOutput
	ToGatewaySecurityPolicyRuleMapOutputWithContext(context.Context) GatewaySecurityPolicyRuleMapOutput
}

GatewaySecurityPolicyRuleMapInput is an input type that accepts GatewaySecurityPolicyRuleMap and GatewaySecurityPolicyRuleMapOutput values. You can construct a concrete instance of `GatewaySecurityPolicyRuleMapInput` via: 

GatewaySecurityPolicyRuleMap{ "key": GatewaySecurityPolicyRuleArgs{...} }

type GatewaySecurityPolicyRuleMapOutput 

type GatewaySecurityPolicyRuleMapOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyRuleMapOutput) ElementType 

func (GatewaySecurityPolicyRuleMapOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyRuleMapOutput) MapIndex 

func (o GatewaySecurityPolicyRuleMapOutput) MapIndex(k pulumi.StringInput) GatewaySecurityPolicyRuleOutput

func (GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutput 

func (o GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutput() GatewaySecurityPolicyRuleMapOutput

func (GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutputWithContext 

func (o GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleMapOutput

type GatewaySecurityPolicyRuleOutput 

type GatewaySecurityPolicyRuleOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyRuleOutput) ApplicationMatcher 

func (o GatewaySecurityPolicyRuleOutput) ApplicationMatcher() pulumi.StringPtrOutput

CEL expression for matching on L7/application level criteria.

func (GatewaySecurityPolicyRuleOutput) BasicProfile 

func (o GatewaySecurityPolicyRuleOutput) BasicProfile() pulumi.StringOutput

Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.

func (GatewaySecurityPolicyRuleOutput) CreateTime 

func (o GatewaySecurityPolicyRuleOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

func (GatewaySecurityPolicyRuleOutput) Description 

func (o GatewaySecurityPolicyRuleOutput) Description() pulumi.StringPtrOutput

Free-text description of the resource.

func (GatewaySecurityPolicyRuleOutput) ElementType 

func (GatewaySecurityPolicyRuleOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyRuleOutput) Enabled 

func (o GatewaySecurityPolicyRuleOutput) Enabled() pulumi.BoolOutput

Whether the rule is enforced.

func (GatewaySecurityPolicyRuleOutput) GatewaySecurityPolicy 

func (o GatewaySecurityPolicyRuleOutput) GatewaySecurityPolicy() pulumi.StringOutput

The name of the gatewat security policy this rule belongs to.

***

func (GatewaySecurityPolicyRuleOutput) Location 

func (o GatewaySecurityPolicyRuleOutput) Location() pulumi.StringOutput

The location of the gateway security policy.

func (GatewaySecurityPolicyRuleOutput) Name 

func (o GatewaySecurityPolicyRuleOutput) Name() pulumi.StringOutput

Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).

func (GatewaySecurityPolicyRuleOutput) Priority 

func (o GatewaySecurityPolicyRuleOutput) Priority() pulumi.IntOutput

Priority of the rule. Lower number corresponds to higher precedence.

func (GatewaySecurityPolicyRuleOutput) Project 

func (o GatewaySecurityPolicyRuleOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used. 

func (o GatewaySecurityPolicyRuleOutput) SelfLink() pulumi.StringOutput

Server-defined URL of this resource.

func (GatewaySecurityPolicyRuleOutput) SessionMatcher 

func (o GatewaySecurityPolicyRuleOutput) SessionMatcher() pulumi.StringOutput

CEL expression for matching on session criteria.

func (GatewaySecurityPolicyRuleOutput) TlsInspectionEnabled 

func (o GatewaySecurityPolicyRuleOutput) TlsInspectionEnabled() pulumi.BoolPtrOutput

Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

func (GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutput 

func (o GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutput() GatewaySecurityPolicyRuleOutput

func (GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutputWithContext 

func (o GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleOutput

func (GatewaySecurityPolicyRuleOutput) UpdateTime 

func (o GatewaySecurityPolicyRuleOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

type GatewaySecurityPolicyRuleState 

type GatewaySecurityPolicyRuleState struct {
	// CEL expression for matching on L7/application level criteria.
	ApplicationMatcher pulumi.StringPtrInput
	// Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY.
	// Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.
	BasicProfile pulumi.StringPtrInput
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringPtrInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Whether the rule is enforced.
	Enabled pulumi.BoolPtrInput
	// The name of the gatewat security policy this rule belongs to.
	//
	// ***
	GatewaySecurityPolicy pulumi.StringPtrInput
	// The location of the gateway security policy.
	Location pulumi.StringPtrInput
	// Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule}
	// rule should match the pattern: (^a-z?$).
	Name pulumi.StringPtrInput
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority pulumi.IntPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// CEL expression for matching on session criteria.
	SessionMatcher pulumi.StringPtrInput
	// Flag to enable TLS inspection of traffic matching on. Can only be true if the
	// parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled pulumi.BoolPtrInput
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringPtrInput
}

func (GatewaySecurityPolicyRuleState) ElementType 

func (GatewaySecurityPolicyRuleState) ElementType() reflect.Type

type GatewaySecurityPolicyState 

type GatewaySecurityPolicyState struct {
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// The location of the gateway security policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy}
	// gatewaySecurityPolicy should match the pattern:(^a-z?$).
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.
	TlsInspectionPolicy pulumi.StringPtrInput
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringPtrInput
}

func (GatewaySecurityPolicyState) ElementType 

func (GatewaySecurityPolicyState) ElementType() reflect.Type

type ServerTlsPolicy 

type ServerTlsPolicy struct {
	pulumi.CustomResourceState

	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies.
	// Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.
	// Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen pulumi.BoolPtrOutput `pulumi:"allowOpen"`
	// Time the ServerTlsPolicy was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Set of label tags associated with the ServerTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the server tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director.
	// Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections.
	// Structure is documented below.
	MtlsPolicy ServerTlsPolicyMtlsPolicyPtrOutput `pulumi:"mtlsPolicy"`
	// Name of the ServerTlsPolicy resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ServerCertificate ServerTlsPolicyServerCertificatePtrOutput `pulumi:"serverCertificate"`
	// Time the ServerTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage ### Network Security Server Tls Policy Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			AllowOpen:   pulumi.Bool(false),
			ServerCertificate: &networksecurity.ServerTlsPolicyServerCertificateArgs{
				CertificateProviderInstance: &networksecurity.ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs{
					PluginInstance: pulumi.String("google_cloud_private_spiffe"),
				},
			},
			MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
				ClientValidationCas: networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaArray{
					&networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaArgs{
						GrpcEndpoint: &networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs{
							TargetUri: pulumi.String("unix:mypath"),
						},
					},
					&networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaArgs{
						GrpcEndpoint: &networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs{
							TargetUri: pulumi.String("unix:abc/mypath"),
						},
					},
					&networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaArgs{
						CertificateProviderInstance: &networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs{
							PluginInstance: pulumi.String("google_cloud_private_spiffe"),
						},
					},
				},
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Server Tls Policy Advanced

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Location:    pulumi.String("global"),
			AllowOpen:   pulumi.Bool(false),
			MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
				ClientValidationMode: pulumi.String("ALLOW_INVALID_OR_MISSING_CLIENT_CERT"),
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Server Tls Policy Server Cert

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Location:    pulumi.String("global"),
			AllowOpen:   pulumi.Bool(false),
			ServerCertificate: &networksecurity.ServerTlsPolicyServerCertificateArgs{
				GrpcEndpoint: &networksecurity.ServerTlsPolicyServerCertificateGrpcEndpointArgs{
					TargetUri: pulumi.String("unix:mypath"),
				},
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Server Tls Policy Mtls

```go package main

import ( 

"fmt"
"os"

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		project, err := organizations.LookupProject(ctx, nil, nil)
		if err != nil {
			return err
		}
		defaultTrustConfig, err := certificatemanager.NewTrustConfig(ctx, "defaultTrustConfig", &certificatemanager.TrustConfigArgs{
			Description: pulumi.String("sample trust config description"),
			Location:    pulumi.String("global"),
			TrustStores: certificatemanager.TrustConfigTrustStoreArray{
				&certificatemanager.TrustConfigTrustStoreArgs{
					TrustAnchors: certificatemanager.TrustConfigTrustStoreTrustAnchorArray{
						&certificatemanager.TrustConfigTrustStoreTrustAnchorArgs{
							PemCertificate: readFileOrPanic("test-fixtures/ca_cert.pem"),
						},
					},
					IntermediateCas: certificatemanager.TrustConfigTrustStoreIntermediateCaArray{
						&certificatemanager.TrustConfigTrustStoreIntermediateCaArgs{
							PemCertificate: readFileOrPanic("test-fixtures/ca_cert.pem"),
						},
					},
				},
			},
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		_, err = networksecurity.NewServerTlsPolicy(ctx, "defaultServerTlsPolicy", &networksecurity.ServerTlsPolicyArgs{
			Description: pulumi.String("my description"),
			Location:    pulumi.String("global"),
			AllowOpen:   pulumi.Bool(false),
			MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
				ClientValidationMode: pulumi.String("REJECT_INVALID"),
				ClientValidationTrustConfig: defaultTrustConfig.Name.ApplyT(func(name string) (string, error) {
					return fmt.Sprintf("projects/%v/locations/global/trustConfigs/%v", project.Number, name), nil
				}).(pulumi.StringOutput),
			},
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

ServerTlsPolicy can be imported using any of these accepted formats* `projects/{{project}}/locations/{{location}}/serverTlsPolicies/{{name}}` * `{{project}}/{{location}}/{{name}}` * `{{location}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import ServerTlsPolicy using one of the formats above. For exampletf import { 

id = "projects/{{project}}/locations/{{location}}/serverTlsPolicies/{{name}}"

to = google_network_security_server_tls_policy.default }

```sh 

$ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), ServerTlsPolicy can be imported using one of the formats above. For example

```

```sh 

$ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default projects/{{project}}/locations/{{location}}/serverTlsPolicies/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default {{project}}/{{location}}/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default {{location}}/{{name}}

```

func GetServerTlsPolicy 

func GetServerTlsPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServerTlsPolicyState, opts ...pulumi.ResourceOption) (*ServerTlsPolicy, error)

GetServerTlsPolicy gets an existing ServerTlsPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServerTlsPolicy 

func NewServerTlsPolicy(ctx *pulumi.Context,
	name string, args *ServerTlsPolicyArgs, opts ...pulumi.ResourceOption) (*ServerTlsPolicy, error)

NewServerTlsPolicy registers a new resource with the given unique name, arguments, and options.

func (*ServerTlsPolicy) ElementType 

func (*ServerTlsPolicy) ElementType() reflect.Type

func (*ServerTlsPolicy) ToServerTlsPolicyOutput 

func (i *ServerTlsPolicy) ToServerTlsPolicyOutput() ServerTlsPolicyOutput

func (*ServerTlsPolicy) ToServerTlsPolicyOutputWithContext 

func (i *ServerTlsPolicy) ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput

type ServerTlsPolicyArgs 

type ServerTlsPolicyArgs struct {
	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies.
	// Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.
	// Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen pulumi.BoolPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// Set of label tags associated with the ServerTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the server tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director.
	// Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections.
	// Structure is documented below.
	MtlsPolicy ServerTlsPolicyMtlsPolicyPtrInput
	// Name of the ServerTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ServerCertificate ServerTlsPolicyServerCertificatePtrInput
}

The set of arguments for constructing a ServerTlsPolicy resource.

func (ServerTlsPolicyArgs) ElementType 

func (ServerTlsPolicyArgs) ElementType() reflect.Type

type ServerTlsPolicyArray 

type ServerTlsPolicyArray []ServerTlsPolicyInput

func (ServerTlsPolicyArray) ElementType 

func (ServerTlsPolicyArray) ElementType() reflect.Type

func (ServerTlsPolicyArray) ToServerTlsPolicyArrayOutput 

func (i ServerTlsPolicyArray) ToServerTlsPolicyArrayOutput() ServerTlsPolicyArrayOutput

func (ServerTlsPolicyArray) ToServerTlsPolicyArrayOutputWithContext 

func (i ServerTlsPolicyArray) ToServerTlsPolicyArrayOutputWithContext(ctx context.Context) ServerTlsPolicyArrayOutput

type ServerTlsPolicyArrayInput 

type ServerTlsPolicyArrayInput interface {
	pulumi.Input

	ToServerTlsPolicyArrayOutput() ServerTlsPolicyArrayOutput
	ToServerTlsPolicyArrayOutputWithContext(context.Context) ServerTlsPolicyArrayOutput
}

ServerTlsPolicyArrayInput is an input type that accepts ServerTlsPolicyArray and ServerTlsPolicyArrayOutput values. You can construct a concrete instance of `ServerTlsPolicyArrayInput` via: 

ServerTlsPolicyArray{ ServerTlsPolicyArgs{...} }

type ServerTlsPolicyArrayOutput 

type ServerTlsPolicyArrayOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyArrayOutput) ElementType 

func (ServerTlsPolicyArrayOutput) ElementType() reflect.Type

func (ServerTlsPolicyArrayOutput) Index 

func (o ServerTlsPolicyArrayOutput) Index(i pulumi.IntInput) ServerTlsPolicyOutput

func (ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutput 

func (o ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutput() ServerTlsPolicyArrayOutput

func (ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutputWithContext 

func (o ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutputWithContext(ctx context.Context) ServerTlsPolicyArrayOutput

type ServerTlsPolicyInput 

type ServerTlsPolicyInput interface {
	pulumi.Input

	ToServerTlsPolicyOutput() ServerTlsPolicyOutput
	ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput
}

type ServerTlsPolicyMap 

type ServerTlsPolicyMap map[string]ServerTlsPolicyInput

func (ServerTlsPolicyMap) ElementType 

func (ServerTlsPolicyMap) ElementType() reflect.Type

func (ServerTlsPolicyMap) ToServerTlsPolicyMapOutput 

func (i ServerTlsPolicyMap) ToServerTlsPolicyMapOutput() ServerTlsPolicyMapOutput

func (ServerTlsPolicyMap) ToServerTlsPolicyMapOutputWithContext 

func (i ServerTlsPolicyMap) ToServerTlsPolicyMapOutputWithContext(ctx context.Context) ServerTlsPolicyMapOutput

type ServerTlsPolicyMapInput 

type ServerTlsPolicyMapInput interface {
	pulumi.Input

	ToServerTlsPolicyMapOutput() ServerTlsPolicyMapOutput
	ToServerTlsPolicyMapOutputWithContext(context.Context) ServerTlsPolicyMapOutput
}

ServerTlsPolicyMapInput is an input type that accepts ServerTlsPolicyMap and ServerTlsPolicyMapOutput values. You can construct a concrete instance of `ServerTlsPolicyMapInput` via: 

ServerTlsPolicyMap{ "key": ServerTlsPolicyArgs{...} }

type ServerTlsPolicyMapOutput 

type ServerTlsPolicyMapOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMapOutput) ElementType 

func (ServerTlsPolicyMapOutput) ElementType() reflect.Type

func (ServerTlsPolicyMapOutput) MapIndex 

func (o ServerTlsPolicyMapOutput) MapIndex(k pulumi.StringInput) ServerTlsPolicyOutput

func (ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutput 

func (o ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutput() ServerTlsPolicyMapOutput

func (ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutputWithContext 

func (o ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutputWithContext(ctx context.Context) ServerTlsPolicyMapOutput

type ServerTlsPolicyMtlsPolicy 

type ServerTlsPolicyMtlsPolicy struct {
	// Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty.
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.
	// Structure is documented below.
	ClientValidationCas []ServerTlsPolicyMtlsPolicyClientValidationCa `pulumi:"clientValidationCas"`
	// When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled.
	// Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.
	// Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.
	ClientValidationMode *string `pulumi:"clientValidationMode"`
	// Reference to the TrustConfig from certificatemanager.googleapis.com namespace.
	// If specified, the chain validation will be performed against certificates configured in the given TrustConfig.
	// Allowed only if the policy is to be used with external HTTPS load balancers.
	ClientValidationTrustConfig *string `pulumi:"clientValidationTrustConfig"`
}

type ServerTlsPolicyMtlsPolicyArgs 

type ServerTlsPolicyMtlsPolicyArgs struct {
	// Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty.
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.
	// Structure is documented below.
	ClientValidationCas ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput `pulumi:"clientValidationCas"`
	// When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled.
	// Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.
	// Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.
	ClientValidationMode pulumi.StringPtrInput `pulumi:"clientValidationMode"`
	// Reference to the TrustConfig from certificatemanager.googleapis.com namespace.
	// If specified, the chain validation will be performed against certificates configured in the given TrustConfig.
	// Allowed only if the policy is to be used with external HTTPS load balancers.
	ClientValidationTrustConfig pulumi.StringPtrInput `pulumi:"clientValidationTrustConfig"`
}

func (ServerTlsPolicyMtlsPolicyArgs) ElementType 

func (ServerTlsPolicyMtlsPolicyArgs) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutput 

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutput() ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutput 

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCa 

type ServerTlsPolicyMtlsPolicyClientValidationCa struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance *ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ServerTlsPolicyMtlsPolicyClientValidationCaArgs 

type ServerTlsPolicyMtlsPolicyClientValidationCaArgs struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput() ServerTlsPolicyMtlsPolicyClientValidationCaOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaArray 

type ServerTlsPolicyMtlsPolicyClientValidationCaArray []ServerTlsPolicyMtlsPolicyClientValidationCaInput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArray) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaArray) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaArray and ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput` via: 

ServerTlsPolicyMtlsPolicyClientValidationCaArray{ ServerTlsPolicyMtlsPolicyClientValidationCaArgs{...} }

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) Index 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) Index(i pulumi.IntInput) ServerTlsPolicyMtlsPolicyClientValidationCaOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstance 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs and ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput` via: 

ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs{...}

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) PluginInstance 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) PluginInstance() pulumi.StringOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs, ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtr and ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput` via: 

        ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs{...}

or:

        nil

func ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtr 

func ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtr(v *ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) Elem 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) Elem() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) PluginInstance 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) PluginInstance() pulumi.StringPtrOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpoint 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs and ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput` via: 

ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs{...}

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) TargetUri 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) TargetUri() pulumi.StringOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs, ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtr and ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput` via: 

        ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs{...}

or:

        nil

func ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtr 

func ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtr(v *ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) Elem 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) Elem() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) TargetUri 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) TargetUri() pulumi.StringPtrOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaOutput() ServerTlsPolicyMtlsPolicyClientValidationCaOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaArgs and ServerTlsPolicyMtlsPolicyClientValidationCaOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaInput` via: 

ServerTlsPolicyMtlsPolicyClientValidationCaArgs{...}

type ServerTlsPolicyMtlsPolicyClientValidationCaOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) CertificateProviderInstance 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaOutput) CertificateProviderInstance() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) GrpcEndpoint 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaOutput) GrpcEndpoint() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput() ServerTlsPolicyMtlsPolicyClientValidationCaOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaOutput

type ServerTlsPolicyMtlsPolicyInput 

type ServerTlsPolicyMtlsPolicyInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyOutput() ServerTlsPolicyMtlsPolicyOutput
	ToServerTlsPolicyMtlsPolicyOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyOutput
}

ServerTlsPolicyMtlsPolicyInput is an input type that accepts ServerTlsPolicyMtlsPolicyArgs and ServerTlsPolicyMtlsPolicyOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyInput` via: 

ServerTlsPolicyMtlsPolicyArgs{...}

type ServerTlsPolicyMtlsPolicyOutput 

type ServerTlsPolicyMtlsPolicyOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyOutput) ClientValidationCas 

func (o ServerTlsPolicyMtlsPolicyOutput) ClientValidationCas() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyOutput) ClientValidationMode 

func (o ServerTlsPolicyMtlsPolicyOutput) ClientValidationMode() pulumi.StringPtrOutput

When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty. Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.

func (ServerTlsPolicyMtlsPolicyOutput) ClientValidationTrustConfig 

func (o ServerTlsPolicyMtlsPolicyOutput) ClientValidationTrustConfig() pulumi.StringPtrOutput

Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.

func (ServerTlsPolicyMtlsPolicyOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutput 

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutput() ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutput 

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyPtrOutput

type ServerTlsPolicyMtlsPolicyPtrInput 

type ServerTlsPolicyMtlsPolicyPtrInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput
	ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyPtrOutput
}

ServerTlsPolicyMtlsPolicyPtrInput is an input type that accepts ServerTlsPolicyMtlsPolicyArgs, ServerTlsPolicyMtlsPolicyPtr and ServerTlsPolicyMtlsPolicyPtrOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyPtrInput` via: 

        ServerTlsPolicyMtlsPolicyArgs{...}

or:

        nil

func ServerTlsPolicyMtlsPolicyPtr 

func ServerTlsPolicyMtlsPolicyPtr(v *ServerTlsPolicyMtlsPolicyArgs) ServerTlsPolicyMtlsPolicyPtrInput

type ServerTlsPolicyMtlsPolicyPtrOutput 

type ServerTlsPolicyMtlsPolicyPtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationCas 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationCas() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationMode 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationMode() pulumi.StringPtrOutput

When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty. Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.

func (ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationTrustConfig 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationTrustConfig() pulumi.StringPtrOutput

Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.

func (ServerTlsPolicyMtlsPolicyPtrOutput) Elem 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) Elem() ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyPtrOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyPtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutput 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput

func (ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyPtrOutput

type ServerTlsPolicyOutput 

type ServerTlsPolicyOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyOutput) AllowOpen 

func (o ServerTlsPolicyOutput) AllowOpen() pulumi.BoolPtrOutput

This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies. Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility. Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.

func (ServerTlsPolicyOutput) CreateTime 

func (o ServerTlsPolicyOutput) CreateTime() pulumi.StringOutput

Time the ServerTlsPolicy was created in UTC.

func (ServerTlsPolicyOutput) Description 

func (o ServerTlsPolicyOutput) Description() pulumi.StringPtrOutput

A free-text description of the resource. Max length 1024 characters.

func (ServerTlsPolicyOutput) EffectiveLabels 

func (o ServerTlsPolicyOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (ServerTlsPolicyOutput) ElementType 

func (ServerTlsPolicyOutput) ElementType() reflect.Type

func (ServerTlsPolicyOutput) Labels 

func (o ServerTlsPolicyOutput) Labels() pulumi.StringMapOutput

Set of label tags associated with the ServerTlsPolicy resource. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (ServerTlsPolicyOutput) Location 

func (o ServerTlsPolicyOutput) Location() pulumi.StringPtrOutput

The location of the server tls policy. The default value is `global`.

func (ServerTlsPolicyOutput) MtlsPolicy 

func (o ServerTlsPolicyOutput) MtlsPolicy() ServerTlsPolicyMtlsPolicyPtrOutput

This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director. Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. Structure is documented below.

func (ServerTlsPolicyOutput) Name 

func (o ServerTlsPolicyOutput) Name() pulumi.StringOutput

Name of the ServerTlsPolicy resource.

***

func (ServerTlsPolicyOutput) Project 

func (o ServerTlsPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (ServerTlsPolicyOutput) PulumiLabels 

func (o ServerTlsPolicyOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (ServerTlsPolicyOutput) ServerCertificate 

func (o ServerTlsPolicyOutput) ServerCertificate() ServerTlsPolicyServerCertificatePtrOutput

Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS. Structure is documented below.

func (ServerTlsPolicyOutput) ToServerTlsPolicyOutput 

func (o ServerTlsPolicyOutput) ToServerTlsPolicyOutput() ServerTlsPolicyOutput

func (ServerTlsPolicyOutput) ToServerTlsPolicyOutputWithContext 

func (o ServerTlsPolicyOutput) ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput

func (ServerTlsPolicyOutput) UpdateTime 

func (o ServerTlsPolicyOutput) UpdateTime() pulumi.StringOutput

Time the ServerTlsPolicy was updated in UTC.

type ServerTlsPolicyServerCertificate 

type ServerTlsPolicyServerCertificate struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance *ServerTlsPolicyServerCertificateCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ServerTlsPolicyServerCertificateGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ServerTlsPolicyServerCertificateArgs 

type ServerTlsPolicyServerCertificateArgs struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ServerTlsPolicyServerCertificateGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ServerTlsPolicyServerCertificateArgs) ElementType 

func (ServerTlsPolicyServerCertificateArgs) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutput 

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutput() ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutputWithContext 

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutput 

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutputWithContext 

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificatePtrOutput

type ServerTlsPolicyServerCertificateCertificateProviderInstance 

type ServerTlsPolicyServerCertificateCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs 

type ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ElementType 

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput 

func (i ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput() ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext 

func (i ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput 

func (i ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext 

func (i ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

type ServerTlsPolicyServerCertificateCertificateProviderInstanceInput 

type ServerTlsPolicyServerCertificateCertificateProviderInstanceInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput() ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput
	ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext(context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput
}

ServerTlsPolicyServerCertificateCertificateProviderInstanceInput is an input type that accepts ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs and ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateCertificateProviderInstanceInput` via: 

ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs{...}

type ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput 

type ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ElementType 

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) PluginInstance 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) PluginInstance() pulumi.StringOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput() ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput 

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput
	ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput
}

ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput is an input type that accepts ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs, ServerTlsPolicyServerCertificateCertificateProviderInstancePtr and ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput` via: 

        ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs{...}

or:

        nil

func ServerTlsPolicyServerCertificateCertificateProviderInstancePtr 

func ServerTlsPolicyServerCertificateCertificateProviderInstancePtr(v *ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput 

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) Elem 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) Elem() ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ElementType 

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) PluginInstance 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) PluginInstance() pulumi.StringPtrOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

type ServerTlsPolicyServerCertificateGrpcEndpoint 

type ServerTlsPolicyServerCertificateGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ServerTlsPolicyServerCertificateGrpcEndpointArgs 

type ServerTlsPolicyServerCertificateGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ElementType 

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutput 

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutput() ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext 

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput 

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext 

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

type ServerTlsPolicyServerCertificateGrpcEndpointInput 

type ServerTlsPolicyServerCertificateGrpcEndpointInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateGrpcEndpointOutput() ServerTlsPolicyServerCertificateGrpcEndpointOutput
	ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext(context.Context) ServerTlsPolicyServerCertificateGrpcEndpointOutput
}

ServerTlsPolicyServerCertificateGrpcEndpointInput is an input type that accepts ServerTlsPolicyServerCertificateGrpcEndpointArgs and ServerTlsPolicyServerCertificateGrpcEndpointOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateGrpcEndpointInput` via: 

ServerTlsPolicyServerCertificateGrpcEndpointArgs{...}

type ServerTlsPolicyServerCertificateGrpcEndpointOutput 

type ServerTlsPolicyServerCertificateGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ElementType 

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) TargetUri 

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) TargetUri() pulumi.StringOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutput 

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutput() ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext 

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput 

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext 

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

type ServerTlsPolicyServerCertificateGrpcEndpointPtrInput 

type ServerTlsPolicyServerCertificateGrpcEndpointPtrInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput
	ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput
}

ServerTlsPolicyServerCertificateGrpcEndpointPtrInput is an input type that accepts ServerTlsPolicyServerCertificateGrpcEndpointArgs, ServerTlsPolicyServerCertificateGrpcEndpointPtr and ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateGrpcEndpointPtrInput` via: 

        ServerTlsPolicyServerCertificateGrpcEndpointArgs{...}

or:

        nil

func ServerTlsPolicyServerCertificateGrpcEndpointPtr 

func ServerTlsPolicyServerCertificateGrpcEndpointPtr(v *ServerTlsPolicyServerCertificateGrpcEndpointArgs) ServerTlsPolicyServerCertificateGrpcEndpointPtrInput

type ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput 

type ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) Elem 

func (o ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) Elem() ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ElementType 

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) TargetUri 

func (o ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) TargetUri() pulumi.StringPtrOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput 

func (o ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext 

func (o ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

type ServerTlsPolicyServerCertificateInput 

type ServerTlsPolicyServerCertificateInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateOutput() ServerTlsPolicyServerCertificateOutput
	ToServerTlsPolicyServerCertificateOutputWithContext(context.Context) ServerTlsPolicyServerCertificateOutput
}

ServerTlsPolicyServerCertificateInput is an input type that accepts ServerTlsPolicyServerCertificateArgs and ServerTlsPolicyServerCertificateOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateInput` via: 

ServerTlsPolicyServerCertificateArgs{...}

type ServerTlsPolicyServerCertificateOutput 

type ServerTlsPolicyServerCertificateOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateOutput) CertificateProviderInstance 

func (o ServerTlsPolicyServerCertificateOutput) CertificateProviderInstance() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported. Structure is documented below.

func (ServerTlsPolicyServerCertificateOutput) ElementType 

func (ServerTlsPolicyServerCertificateOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateOutput) GrpcEndpoint 

func (o ServerTlsPolicyServerCertificateOutput) GrpcEndpoint() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutput 

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutput() ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutputWithContext 

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutput 

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext 

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificatePtrOutput

type ServerTlsPolicyServerCertificatePtrInput 

type ServerTlsPolicyServerCertificatePtrInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput
	ToServerTlsPolicyServerCertificatePtrOutputWithContext(context.Context) ServerTlsPolicyServerCertificatePtrOutput
}

ServerTlsPolicyServerCertificatePtrInput is an input type that accepts ServerTlsPolicyServerCertificateArgs, ServerTlsPolicyServerCertificatePtr and ServerTlsPolicyServerCertificatePtrOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificatePtrInput` via: 

        ServerTlsPolicyServerCertificateArgs{...}

or:

        nil

func ServerTlsPolicyServerCertificatePtr 

func ServerTlsPolicyServerCertificatePtr(v *ServerTlsPolicyServerCertificateArgs) ServerTlsPolicyServerCertificatePtrInput

type ServerTlsPolicyServerCertificatePtrOutput 

type ServerTlsPolicyServerCertificatePtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificatePtrOutput) CertificateProviderInstance 

func (o ServerTlsPolicyServerCertificatePtrOutput) CertificateProviderInstance() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported. Structure is documented below.

func (ServerTlsPolicyServerCertificatePtrOutput) Elem 

func (o ServerTlsPolicyServerCertificatePtrOutput) Elem() ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificatePtrOutput) ElementType 

func (ServerTlsPolicyServerCertificatePtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificatePtrOutput) GrpcEndpoint 

func (o ServerTlsPolicyServerCertificatePtrOutput) GrpcEndpoint() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutput 

func (o ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput

func (ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext 

func (o ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificatePtrOutput

type ServerTlsPolicyState 

type ServerTlsPolicyState struct {
	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies.
	// Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.
	// Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen pulumi.BoolPtrInput
	// Time the ServerTlsPolicy was created in UTC.
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Set of label tags associated with the ServerTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the server tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director.
	// Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections.
	// Structure is documented below.
	MtlsPolicy ServerTlsPolicyMtlsPolicyPtrInput
	// Name of the ServerTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ServerCertificate ServerTlsPolicyServerCertificatePtrInput
	// Time the ServerTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (ServerTlsPolicyState) ElementType 

func (ServerTlsPolicyState) ElementType() reflect.Type

type TlsInspectionPolicy 

type TlsInspectionPolicy struct {
	pulumi.CustomResourceState

	// A CA pool resource used to issue interception certificates.
	CaPool pulumi.StringOutput `pulumi:"caPool"`
	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.
	ExcludePublicCaSet pulumi.BoolPtrOutput `pulumi:"excludePublicCaSet"`
	// The location of the tls inspection policy.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Short name of the TlsInspectionPolicy resource to be created.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage ### Network Security Tls Inspection Policy Basic

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificateauthority"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		defaultCaPool, err := certificateauthority.NewCaPool(ctx, "defaultCaPool", &certificateauthority.CaPoolArgs{
			Location: pulumi.String("us-central1"),
			Tier:     pulumi.String("DEVOPS"),
			PublishingOptions: &certificateauthority.CaPoolPublishingOptionsArgs{
				PublishCaCert: pulumi.Bool(false),
				PublishCrl:    pulumi.Bool(false),
			},
			IssuancePolicy: &certificateauthority.CaPoolIssuancePolicyArgs{
				MaximumLifetime: pulumi.String("1209600s"),
				BaselineValues: &certificateauthority.CaPoolIssuancePolicyBaselineValuesArgs{
					CaOptions: &certificateauthority.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs{
						IsCa: pulumi.Bool(false),
					},
					KeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs{
						BaseKeyUsage: nil,
						ExtendedKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(true),
						},
					},
				},
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		defaultAuthority, err := certificateauthority.NewAuthority(ctx, "defaultAuthority", &certificateauthority.AuthorityArgs{
			Pool:                               defaultCaPool.Name,
			CertificateAuthorityId:             pulumi.String("my-basic-certificate-authority"),
			Location:                           pulumi.String("us-central1"),
			Lifetime:                           pulumi.String("86400s"),
			Type:                               pulumi.String("SELF_SIGNED"),
			DeletionProtection:                 pulumi.Bool(false),
			SkipGracePeriod:                    pulumi.Bool(true),
			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
			Config: &certificateauthority.AuthorityConfigArgs{
				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
						Organization: pulumi.String("Test LLC"),
						CommonName:   pulumi.String("my-ca"),
					},
				},
				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
						IsCa: pulumi.Bool(true),
					},
					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
							CertSign: pulumi.Bool(true),
							CrlSign:  pulumi.Bool(true),
						},
						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(false),
						},
					},
				},
			},
			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		nsSa, err := projects.NewServiceIdentity(ctx, "nsSa", &projects.ServiceIdentityArgs{
			Service: pulumi.String("networksecurity.googleapis.com"),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		tlsInspectionPermission, err := certificateauthority.NewCaPoolIamMember(ctx, "tlsInspectionPermission", &certificateauthority.CaPoolIamMemberArgs{
			CaPool: defaultCaPool.ID(),
			Role:   pulumi.String("roles/privateca.certificateManager"),
			Member: nsSa.Email.ApplyT(func(email string) (string, error) {
				return fmt.Sprintf("serviceAccount:%v", email), nil
			}).(pulumi.StringOutput),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		_, err = networksecurity.NewTlsInspectionPolicy(ctx, "defaultTlsInspectionPolicy", &networksecurity.TlsInspectionPolicyArgs{
			Location:           pulumi.String("us-central1"),
			CaPool:             defaultCaPool.ID(),
			ExcludePublicCaSet: pulumi.Bool(false),
		}, pulumi.Provider(google_beta), pulumi.DependsOn([]pulumi.Resource{
			defaultCaPool,
			defaultAuthority,
			tlsInspectionPermission,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

TlsInspectionPolicy can be imported using any of these accepted formats* `projects/{{project}}/locations/{{location}}/tlsInspectionPolicies/{{name}}` * `{{project}}/{{location}}/{{name}}` * `{{location}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import TlsInspectionPolicy using one of the formats above. For exampletf import { 

id = "projects/{{project}}/locations/{{location}}/tlsInspectionPolicies/{{name}}"

to = google_network_security_tls_inspection_policy.default }

```sh 

$ pulumi import gcp:networksecurity/tlsInspectionPolicy:TlsInspectionPolicy When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), TlsInspectionPolicy can be imported using one of the formats above. For example

```

```sh 

$ pulumi import gcp:networksecurity/tlsInspectionPolicy:TlsInspectionPolicy default projects/{{project}}/locations/{{location}}/tlsInspectionPolicies/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/tlsInspectionPolicy:TlsInspectionPolicy default {{project}}/{{location}}/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/tlsInspectionPolicy:TlsInspectionPolicy default {{location}}/{{name}}

```

func GetTlsInspectionPolicy 

func GetTlsInspectionPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *TlsInspectionPolicyState, opts ...pulumi.ResourceOption) (*TlsInspectionPolicy, error)

GetTlsInspectionPolicy gets an existing TlsInspectionPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewTlsInspectionPolicy 

func NewTlsInspectionPolicy(ctx *pulumi.Context,
	name string, args *TlsInspectionPolicyArgs, opts ...pulumi.ResourceOption) (*TlsInspectionPolicy, error)

NewTlsInspectionPolicy registers a new resource with the given unique name, arguments, and options.

func (*TlsInspectionPolicy) ElementType 

func (*TlsInspectionPolicy) ElementType() reflect.Type

func (*TlsInspectionPolicy) ToTlsInspectionPolicyOutput 

func (i *TlsInspectionPolicy) ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput

func (*TlsInspectionPolicy) ToTlsInspectionPolicyOutputWithContext 

func (i *TlsInspectionPolicy) ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput

type TlsInspectionPolicyArgs 

type TlsInspectionPolicyArgs struct {
	// A CA pool resource used to issue interception certificates.
	CaPool pulumi.StringInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.
	ExcludePublicCaSet pulumi.BoolPtrInput
	// The location of the tls inspection policy.
	Location pulumi.StringPtrInput
	// Short name of the TlsInspectionPolicy resource to be created.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a TlsInspectionPolicy resource.

func (TlsInspectionPolicyArgs) ElementType 

func (TlsInspectionPolicyArgs) ElementType() reflect.Type

type TlsInspectionPolicyArray 

type TlsInspectionPolicyArray []TlsInspectionPolicyInput

func (TlsInspectionPolicyArray) ElementType 

func (TlsInspectionPolicyArray) ElementType() reflect.Type

func (TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutput 

func (i TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutput() TlsInspectionPolicyArrayOutput

func (TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutputWithContext 

func (i TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutputWithContext(ctx context.Context) TlsInspectionPolicyArrayOutput

type TlsInspectionPolicyArrayInput 

type TlsInspectionPolicyArrayInput interface {
	pulumi.Input

	ToTlsInspectionPolicyArrayOutput() TlsInspectionPolicyArrayOutput
	ToTlsInspectionPolicyArrayOutputWithContext(context.Context) TlsInspectionPolicyArrayOutput
}

TlsInspectionPolicyArrayInput is an input type that accepts TlsInspectionPolicyArray and TlsInspectionPolicyArrayOutput values. You can construct a concrete instance of `TlsInspectionPolicyArrayInput` via: 

TlsInspectionPolicyArray{ TlsInspectionPolicyArgs{...} }

type TlsInspectionPolicyArrayOutput 

type TlsInspectionPolicyArrayOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyArrayOutput) ElementType 

func (TlsInspectionPolicyArrayOutput) ElementType() reflect.Type

func (TlsInspectionPolicyArrayOutput) Index 

func (o TlsInspectionPolicyArrayOutput) Index(i pulumi.IntInput) TlsInspectionPolicyOutput

func (TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutput 

func (o TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutput() TlsInspectionPolicyArrayOutput

func (TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutputWithContext 

func (o TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutputWithContext(ctx context.Context) TlsInspectionPolicyArrayOutput

type TlsInspectionPolicyInput 

type TlsInspectionPolicyInput interface {
	pulumi.Input

	ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput
	ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput
}

type TlsInspectionPolicyMap 

type TlsInspectionPolicyMap map[string]TlsInspectionPolicyInput

func (TlsInspectionPolicyMap) ElementType 

func (TlsInspectionPolicyMap) ElementType() reflect.Type

func (TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutput 

func (i TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutput() TlsInspectionPolicyMapOutput

func (TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutputWithContext 

func (i TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutputWithContext(ctx context.Context) TlsInspectionPolicyMapOutput

type TlsInspectionPolicyMapInput 

type TlsInspectionPolicyMapInput interface {
	pulumi.Input

	ToTlsInspectionPolicyMapOutput() TlsInspectionPolicyMapOutput
	ToTlsInspectionPolicyMapOutputWithContext(context.Context) TlsInspectionPolicyMapOutput
}

TlsInspectionPolicyMapInput is an input type that accepts TlsInspectionPolicyMap and TlsInspectionPolicyMapOutput values. You can construct a concrete instance of `TlsInspectionPolicyMapInput` via: 

TlsInspectionPolicyMap{ "key": TlsInspectionPolicyArgs{...} }

type TlsInspectionPolicyMapOutput 

type TlsInspectionPolicyMapOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyMapOutput) ElementType 

func (TlsInspectionPolicyMapOutput) ElementType() reflect.Type

func (TlsInspectionPolicyMapOutput) MapIndex 

func (o TlsInspectionPolicyMapOutput) MapIndex(k pulumi.StringInput) TlsInspectionPolicyOutput

func (TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutput 

func (o TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutput() TlsInspectionPolicyMapOutput

func (TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutputWithContext 

func (o TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutputWithContext(ctx context.Context) TlsInspectionPolicyMapOutput

type TlsInspectionPolicyOutput 

type TlsInspectionPolicyOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyOutput) CaPool 

func (o TlsInspectionPolicyOutput) CaPool() pulumi.StringOutput

A CA pool resource used to issue interception certificates.

func (TlsInspectionPolicyOutput) CreateTime 

func (o TlsInspectionPolicyOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (TlsInspectionPolicyOutput) Description 

func (o TlsInspectionPolicyOutput) Description() pulumi.StringPtrOutput

Free-text description of the resource.

func (TlsInspectionPolicyOutput) ElementType 

func (TlsInspectionPolicyOutput) ElementType() reflect.Type

func (TlsInspectionPolicyOutput) ExcludePublicCaSet 

func (o TlsInspectionPolicyOutput) ExcludePublicCaSet() pulumi.BoolPtrOutput

If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.

func (TlsInspectionPolicyOutput) Location 

func (o TlsInspectionPolicyOutput) Location() pulumi.StringPtrOutput

The location of the tls inspection policy.

func (TlsInspectionPolicyOutput) Name 

func (o TlsInspectionPolicyOutput) Name() pulumi.StringOutput

Short name of the TlsInspectionPolicy resource to be created.

***

func (TlsInspectionPolicyOutput) Project 

func (o TlsInspectionPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutput 

func (o TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput

func (TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutputWithContext 

func (o TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput

func (TlsInspectionPolicyOutput) UpdateTime 

func (o TlsInspectionPolicyOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type TlsInspectionPolicyState 

type TlsInspectionPolicyState struct {
	// A CA pool resource used to issue interception certificates.
	CaPool pulumi.StringPtrInput
	// The timestamp when the resource was created.
	CreateTime pulumi.StringPtrInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.
	ExcludePublicCaSet pulumi.BoolPtrInput
	// The location of the tls inspection policy.
	Location pulumi.StringPtrInput
	// Short name of the TlsInspectionPolicy resource to be created.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringPtrInput
}

func (TlsInspectionPolicyState) ElementType 

func (TlsInspectionPolicyState) ElementType() reflect.Type

type UrlList 

type UrlList struct {
	pulumi.CustomResourceState

	// Output only. Time when the security policy was created.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The location of the url lists.
	//
	// ***
	Location pulumi.StringOutput `pulumi:"location"`
	// Short name of the UrlList resource to be created.
	// This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// Output only. Time when the security policy was updated.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
	// FQDNs and URLs.
	Values pulumi.StringArrayOutput `pulumi:"values"`
}

UrlList proto helps users to set reusable, independently manageable lists of hosts, host patterns, URLs, URL patterns.

To get more information about UrlLists, see:

* [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.urlLists) * How-to Guides

  • Use UrlLists

## Example Usage ### Network Security Url Lists Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewUrlList(ctx, "default", &networksecurity.UrlListArgs{
			Location: pulumi.String("us-central1"),
			Values: pulumi.StringArray{
				pulumi.String("www.example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Url Lists Advanced

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewUrlList(ctx, "default", &networksecurity.UrlListArgs{
			Description: pulumi.String("my description"),
			Location:    pulumi.String("us-central1"),
			Values: pulumi.StringArray{
				pulumi.String("www.example.com"),
				pulumi.String("about.example.com"),
				pulumi.String("github.com/example-org/*"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

UrlLists can be imported using any of these accepted formats* `projects/{{project}}/locations/{{location}}/urlLists/{{name}}` * `{{project}}/{{location}}/{{name}}` * `{{location}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import UrlLists using one of the formats above. For exampletf import { 

id = "projects/{{project}}/locations/{{location}}/urlLists/{{name}}"

to = google_network_security_url_lists.default }

```sh 

$ pulumi import gcp:networksecurity/urlList:UrlList When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), UrlLists can be imported using one of the formats above. For example

```

```sh 

$ pulumi import gcp:networksecurity/urlList:UrlList default projects/{{project}}/locations/{{location}}/urlLists/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/urlList:UrlList default {{project}}/{{location}}/{{name}}

```

```sh 

$ pulumi import gcp:networksecurity/urlList:UrlList default {{location}}/{{name}}

```

func GetUrlList 

func GetUrlList(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UrlListState, opts ...pulumi.ResourceOption) (*UrlList, error)

GetUrlList gets an existing UrlList resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUrlList 

func NewUrlList(ctx *pulumi.Context,
	name string, args *UrlListArgs, opts ...pulumi.ResourceOption) (*UrlList, error)

NewUrlList registers a new resource with the given unique name, arguments, and options.

func (*UrlList) ElementType 

func (*UrlList) ElementType() reflect.Type

func (*UrlList) ToUrlListOutput 

func (i *UrlList) ToUrlListOutput() UrlListOutput

func (*UrlList) ToUrlListOutputWithContext 

func (i *UrlList) ToUrlListOutputWithContext(ctx context.Context) UrlListOutput

type UrlListArgs 

type UrlListArgs struct {
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// The location of the url lists.
	//
	// ***
	Location pulumi.StringInput
	// Short name of the UrlList resource to be created.
	// This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// FQDNs and URLs.
	Values pulumi.StringArrayInput
}

The set of arguments for constructing a UrlList resource.

func (UrlListArgs) ElementType 

func (UrlListArgs) ElementType() reflect.Type

type UrlListArray 

type UrlListArray []UrlListInput

func (UrlListArray) ElementType 

func (UrlListArray) ElementType() reflect.Type

func (UrlListArray) ToUrlListArrayOutput 

func (i UrlListArray) ToUrlListArrayOutput() UrlListArrayOutput

func (UrlListArray) ToUrlListArrayOutputWithContext 

func (i UrlListArray) ToUrlListArrayOutputWithContext(ctx context.Context) UrlListArrayOutput

type UrlListArrayInput 

type UrlListArrayInput interface {
	pulumi.Input

	ToUrlListArrayOutput() UrlListArrayOutput
	ToUrlListArrayOutputWithContext(context.Context) UrlListArrayOutput
}

UrlListArrayInput is an input type that accepts UrlListArray and UrlListArrayOutput values. You can construct a concrete instance of `UrlListArrayInput` via: 

UrlListArray{ UrlListArgs{...} }

type UrlListArrayOutput 

type UrlListArrayOutput struct{ *pulumi.OutputState }

func (UrlListArrayOutput) ElementType 

func (UrlListArrayOutput) ElementType() reflect.Type

func (UrlListArrayOutput) Index 

func (o UrlListArrayOutput) Index(i pulumi.IntInput) UrlListOutput

func (UrlListArrayOutput) ToUrlListArrayOutput 

func (o UrlListArrayOutput) ToUrlListArrayOutput() UrlListArrayOutput

func (UrlListArrayOutput) ToUrlListArrayOutputWithContext 

func (o UrlListArrayOutput) ToUrlListArrayOutputWithContext(ctx context.Context) UrlListArrayOutput

type UrlListInput 

type UrlListInput interface {
	pulumi.Input

	ToUrlListOutput() UrlListOutput
	ToUrlListOutputWithContext(ctx context.Context) UrlListOutput
}

type UrlListMap 

type UrlListMap map[string]UrlListInput

func (UrlListMap) ElementType 

func (UrlListMap) ElementType() reflect.Type

func (UrlListMap) ToUrlListMapOutput 

func (i UrlListMap) ToUrlListMapOutput() UrlListMapOutput

func (UrlListMap) ToUrlListMapOutputWithContext 

func (i UrlListMap) ToUrlListMapOutputWithContext(ctx context.Context) UrlListMapOutput

type UrlListMapInput 

type UrlListMapInput interface {
	pulumi.Input

	ToUrlListMapOutput() UrlListMapOutput
	ToUrlListMapOutputWithContext(context.Context) UrlListMapOutput
}

UrlListMapInput is an input type that accepts UrlListMap and UrlListMapOutput values. You can construct a concrete instance of `UrlListMapInput` via: 

UrlListMap{ "key": UrlListArgs{...} }

type UrlListMapOutput 

type UrlListMapOutput struct{ *pulumi.OutputState }

func (UrlListMapOutput) ElementType 

func (UrlListMapOutput) ElementType() reflect.Type

func (UrlListMapOutput) MapIndex 

func (o UrlListMapOutput) MapIndex(k pulumi.StringInput) UrlListOutput

func (UrlListMapOutput) ToUrlListMapOutput 

func (o UrlListMapOutput) ToUrlListMapOutput() UrlListMapOutput

func (UrlListMapOutput) ToUrlListMapOutputWithContext 

func (o UrlListMapOutput) ToUrlListMapOutputWithContext(ctx context.Context) UrlListMapOutput

type UrlListOutput 

type UrlListOutput struct{ *pulumi.OutputState }

func (UrlListOutput) CreateTime 

func (o UrlListOutput) CreateTime() pulumi.StringOutput

Output only. Time when the security policy was created. A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits. Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'

func (UrlListOutput) Description 

func (o UrlListOutput) Description() pulumi.StringPtrOutput

Free-text description of the resource.

func (UrlListOutput) ElementType 

func (UrlListOutput) ElementType() reflect.Type

func (UrlListOutput) Location 

func (o UrlListOutput) Location() pulumi.StringOutput

The location of the url lists.

***

func (UrlListOutput) Name 

func (o UrlListOutput) Name() pulumi.StringOutput

Short name of the UrlList resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.

func (UrlListOutput) Project 

func (o UrlListOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (UrlListOutput) ToUrlListOutput 

func (o UrlListOutput) ToUrlListOutput() UrlListOutput

func (UrlListOutput) ToUrlListOutputWithContext 

func (o UrlListOutput) ToUrlListOutputWithContext(ctx context.Context) UrlListOutput

func (UrlListOutput) UpdateTime 

func (o UrlListOutput) UpdateTime() pulumi.StringOutput

Output only. Time when the security policy was updated. A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits. Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'.

func (UrlListOutput) Values 

func (o UrlListOutput) Values() pulumi.StringArrayOutput

FQDNs and URLs.

type UrlListState 

type UrlListState struct {
	// Output only. Time when the security policy was created.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'
	CreateTime pulumi.StringPtrInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// The location of the url lists.
	//
	// ***
	Location pulumi.StringPtrInput
	// Short name of the UrlList resource to be created.
	// This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Output only. Time when the security policy was updated.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'.
	UpdateTime pulumi.StringPtrInput
	// FQDNs and URLs.
	Values pulumi.StringArrayInput
}

func (UrlListState) ElementType 

func (UrlListState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.