networksecurity

package
v8.0.0-alpha.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 10, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AddressGroup 

type AddressGroup struct {
	pulumi.CustomResourceState

	// Capacity of the Address Group.
	Capacity pulumi.IntOutput `pulumi:"capacity"`
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// List of items.
	Items pulumi.StringArrayOutput `pulumi:"items"`
	// Set of label tags associated with the AddressGroup resource.
	// An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the gateway security policy.
	// The default value is `global`.
	//
	// ***
	Location pulumi.StringOutput `pulumi:"location"`
	// Name of the AddressGroup resource.
	Name pulumi.StringOutput `pulumi:"name"`
	// The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.
	Parent pulumi.StringPtrOutput `pulumi:"parent"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// List of supported purposes of the Address Group.
	// Each value may be one of: `DEFAULT`, `CLOUD_ARMOR`.
	Purposes pulumi.StringArrayOutput `pulumi:"purposes"`
	// The type of the Address Group. Possible values are "IPV4" or "IPV6".
	// Possible values are: `IPV4`, `IPV6`.
	Type pulumi.StringOutput `pulumi:"type"`
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

AddressGroup is a resource that specifies how a collection of IP/DNS used in Firewall Policy.

To get more information about AddressGroup, see:

* [API documentation](https://cloud.google.com/traffic-director/docs/reference/network-security/rest/v1beta1/organizations.locations.addressGroups) * How-to Guides

## Example Usage

### Network Security Address Groups Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAddressGroup(ctx, "default", &networksecurity.AddressGroupArgs{
			Name:     pulumi.String("my-address-groups"),
			Parent:   pulumi.String("projects/my-project-name"),
			Location: pulumi.String("us-central1"),
			Type:     pulumi.String("IPV4"),
			Capacity: pulumi.Int(100),
			Items: pulumi.StringArray{
				pulumi.String("208.80.154.224/32"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Address Groups Organization Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAddressGroup(ctx, "default", &networksecurity.AddressGroupArgs{
			Name:     pulumi.String("my-address-groups"),
			Parent:   pulumi.String("organizations/123456789"),
			Location: pulumi.String("us-central1"),
			Type:     pulumi.String("IPV4"),
			Capacity: pulumi.Int(100),
			Items: pulumi.StringArray{
				pulumi.String("208.80.154.224/32"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Address Groups Advanced

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAddressGroup(ctx, "default", &networksecurity.AddressGroupArgs{
			Name:        pulumi.String("my-address-groups"),
			Parent:      pulumi.String("projects/my-project-name"),
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("my description"),
			Type:        pulumi.String("IPV4"),
			Capacity:    pulumi.Int(100),
			Items: pulumi.StringArray{
				pulumi.String("208.80.154.224/32"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Address Groups Cloud Armor

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAddressGroup(ctx, "default", &networksecurity.AddressGroupArgs{
			Name:     pulumi.String("my-address-groups"),
			Parent:   pulumi.String("projects/my-project-name"),
			Location: pulumi.String("global"),
			Type:     pulumi.String("IPV4"),
			Capacity: pulumi.Int(100),
			Purposes: pulumi.StringArray{
				pulumi.String("CLOUD_ARMOR"),
			},
			Items: pulumi.StringArray{
				pulumi.String("208.80.154.224/32"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

AddressGroup can be imported using any of these accepted formats:

* `{{parent}}/locations/{{location}}/addressGroups/{{name}}`

When using the `pulumi import` command, AddressGroup can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/addressGroup:AddressGroup default {{parent}}/locations/{{location}}/addressGroups/{{name}} ```

func GetAddressGroup 

func GetAddressGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupState, opts ...pulumi.ResourceOption) (*AddressGroup, error)

GetAddressGroup gets an existing AddressGroup resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroup 

func NewAddressGroup(ctx *pulumi.Context,
	name string, args *AddressGroupArgs, opts ...pulumi.ResourceOption) (*AddressGroup, error)

NewAddressGroup registers a new resource with the given unique name, arguments, and options.

func (*AddressGroup) ElementType 

func (*AddressGroup) ElementType() reflect.Type

func (*AddressGroup) ToAddressGroupOutput 

func (i *AddressGroup) ToAddressGroupOutput() AddressGroupOutput

func (*AddressGroup) ToAddressGroupOutputWithContext 

func (i *AddressGroup) ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput

type AddressGroupArgs 

type AddressGroupArgs struct {
	// Capacity of the Address Group.
	Capacity pulumi.IntInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// List of items.
	Items pulumi.StringArrayInput
	// Set of label tags associated with the AddressGroup resource.
	// An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the gateway security policy.
	// The default value is `global`.
	//
	// ***
	Location pulumi.StringInput
	// Name of the AddressGroup resource.
	Name pulumi.StringPtrInput
	// The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.
	Parent pulumi.StringPtrInput
	// List of supported purposes of the Address Group.
	// Each value may be one of: `DEFAULT`, `CLOUD_ARMOR`.
	Purposes pulumi.StringArrayInput
	// The type of the Address Group. Possible values are "IPV4" or "IPV6".
	// Possible values are: `IPV4`, `IPV6`.
	Type pulumi.StringInput
}

The set of arguments for constructing a AddressGroup resource.

func (AddressGroupArgs) ElementType 

func (AddressGroupArgs) ElementType() reflect.Type

type AddressGroupArray 

type AddressGroupArray []AddressGroupInput

func (AddressGroupArray) ElementType 

func (AddressGroupArray) ElementType() reflect.Type

func (AddressGroupArray) ToAddressGroupArrayOutput 

func (i AddressGroupArray) ToAddressGroupArrayOutput() AddressGroupArrayOutput

func (AddressGroupArray) ToAddressGroupArrayOutputWithContext 

func (i AddressGroupArray) ToAddressGroupArrayOutputWithContext(ctx context.Context) AddressGroupArrayOutput

type AddressGroupArrayInput 

type AddressGroupArrayInput interface {
	pulumi.Input

	ToAddressGroupArrayOutput() AddressGroupArrayOutput
	ToAddressGroupArrayOutputWithContext(context.Context) AddressGroupArrayOutput
}

AddressGroupArrayInput is an input type that accepts AddressGroupArray and AddressGroupArrayOutput values. You can construct a concrete instance of `AddressGroupArrayInput` via: 

AddressGroupArray{ AddressGroupArgs{...} }

type AddressGroupArrayOutput 

type AddressGroupArrayOutput struct{ *pulumi.OutputState }

func (AddressGroupArrayOutput) ElementType 

func (AddressGroupArrayOutput) ElementType() reflect.Type

func (AddressGroupArrayOutput) Index 

func (o AddressGroupArrayOutput) Index(i pulumi.IntInput) AddressGroupOutput

func (AddressGroupArrayOutput) ToAddressGroupArrayOutput 

func (o AddressGroupArrayOutput) ToAddressGroupArrayOutput() AddressGroupArrayOutput

func (AddressGroupArrayOutput) ToAddressGroupArrayOutputWithContext 

func (o AddressGroupArrayOutput) ToAddressGroupArrayOutputWithContext(ctx context.Context) AddressGroupArrayOutput

type AddressGroupIamBinding 

type AddressGroupIamBinding struct {
	pulumi.CustomResourceState

	Condition AddressGroupIamBindingConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringOutput `pulumi:"location"`
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Three different resources help you manage your IAM policy for Network security ProjectAddressGroup. Each of these resources serves a different use case:

* `networksecurity.AddressGroupIamPolicy`: Authoritative. Sets the IAM policy for the projectaddressgroup and replaces any existing policy already attached. * `networksecurity.AddressGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the projectaddressgroup are preserved. * `networksecurity.AddressGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the projectaddressgroup are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `networksecurity.AddressGroupIamPolicy`: Retrieves the IAM policy for the projectaddressgroup

> **Note:** `networksecurity.AddressGroupIamPolicy` **cannot** be used in conjunction with `networksecurity.AddressGroupIamBinding` and `networksecurity.AddressGroupIamMember` or they will fight over what your policy should be.

> **Note:** `networksecurity.AddressGroupIamBinding` resources **can be** used in conjunction with `networksecurity.AddressGroupIamMember` resources **only if** they do not grant privilege to the same role.

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/locations/{{location}}/addressGroups/{{name}}

* {{project}}/{{location}}/{{name}}

* {{location}}/{{name}}

* {{name}}

Any variables not passed in the import command will be taken from the provider configuration.

Network security projectaddressgroup IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamBinding:AddressGroupIamBinding editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamBinding:AddressGroupIamBinding editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamBinding:AddressGroupIamBinding editor projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} ```

-> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the 

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetAddressGroupIamBinding 

func GetAddressGroupIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupIamBindingState, opts ...pulumi.ResourceOption) (*AddressGroupIamBinding, error)

GetAddressGroupIamBinding gets an existing AddressGroupIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroupIamBinding 

func NewAddressGroupIamBinding(ctx *pulumi.Context,
	name string, args *AddressGroupIamBindingArgs, opts ...pulumi.ResourceOption) (*AddressGroupIamBinding, error)

NewAddressGroupIamBinding registers a new resource with the given unique name, arguments, and options.

func (*AddressGroupIamBinding) ElementType 

func (*AddressGroupIamBinding) ElementType() reflect.Type

func (*AddressGroupIamBinding) ToAddressGroupIamBindingOutput 

func (i *AddressGroupIamBinding) ToAddressGroupIamBindingOutput() AddressGroupIamBindingOutput

func (*AddressGroupIamBinding) ToAddressGroupIamBindingOutputWithContext 

func (i *AddressGroupIamBinding) ToAddressGroupIamBindingOutputWithContext(ctx context.Context) AddressGroupIamBindingOutput

type AddressGroupIamBindingArgs 

type AddressGroupIamBindingArgs struct {
	Condition AddressGroupIamBindingConditionPtrInput
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a AddressGroupIamBinding resource.

func (AddressGroupIamBindingArgs) ElementType 

func (AddressGroupIamBindingArgs) ElementType() reflect.Type

type AddressGroupIamBindingArray 

type AddressGroupIamBindingArray []AddressGroupIamBindingInput

func (AddressGroupIamBindingArray) ElementType 

func (AddressGroupIamBindingArray) ElementType() reflect.Type

func (AddressGroupIamBindingArray) ToAddressGroupIamBindingArrayOutput 

func (i AddressGroupIamBindingArray) ToAddressGroupIamBindingArrayOutput() AddressGroupIamBindingArrayOutput

func (AddressGroupIamBindingArray) ToAddressGroupIamBindingArrayOutputWithContext 

func (i AddressGroupIamBindingArray) ToAddressGroupIamBindingArrayOutputWithContext(ctx context.Context) AddressGroupIamBindingArrayOutput

type AddressGroupIamBindingArrayInput 

type AddressGroupIamBindingArrayInput interface {
	pulumi.Input

	ToAddressGroupIamBindingArrayOutput() AddressGroupIamBindingArrayOutput
	ToAddressGroupIamBindingArrayOutputWithContext(context.Context) AddressGroupIamBindingArrayOutput
}

AddressGroupIamBindingArrayInput is an input type that accepts AddressGroupIamBindingArray and AddressGroupIamBindingArrayOutput values. You can construct a concrete instance of `AddressGroupIamBindingArrayInput` via: 

AddressGroupIamBindingArray{ AddressGroupIamBindingArgs{...} }

type AddressGroupIamBindingArrayOutput 

type AddressGroupIamBindingArrayOutput struct{ *pulumi.OutputState }

func (AddressGroupIamBindingArrayOutput) ElementType 

func (AddressGroupIamBindingArrayOutput) ElementType() reflect.Type

func (AddressGroupIamBindingArrayOutput) Index 

func (o AddressGroupIamBindingArrayOutput) Index(i pulumi.IntInput) AddressGroupIamBindingOutput

func (AddressGroupIamBindingArrayOutput) ToAddressGroupIamBindingArrayOutput 

func (o AddressGroupIamBindingArrayOutput) ToAddressGroupIamBindingArrayOutput() AddressGroupIamBindingArrayOutput

func (AddressGroupIamBindingArrayOutput) ToAddressGroupIamBindingArrayOutputWithContext 

func (o AddressGroupIamBindingArrayOutput) ToAddressGroupIamBindingArrayOutputWithContext(ctx context.Context) AddressGroupIamBindingArrayOutput

type AddressGroupIamBindingCondition 

type AddressGroupIamBindingCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type AddressGroupIamBindingConditionArgs 

type AddressGroupIamBindingConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (AddressGroupIamBindingConditionArgs) ElementType 

func (AddressGroupIamBindingConditionArgs) ElementType() reflect.Type

func (AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionOutput 

func (i AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionOutput() AddressGroupIamBindingConditionOutput

func (AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionOutputWithContext 

func (i AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionOutputWithContext(ctx context.Context) AddressGroupIamBindingConditionOutput

func (AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionPtrOutput 

func (i AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionPtrOutput() AddressGroupIamBindingConditionPtrOutput

func (AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionPtrOutputWithContext 

func (i AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamBindingConditionPtrOutput

type AddressGroupIamBindingConditionInput 

type AddressGroupIamBindingConditionInput interface {
	pulumi.Input

	ToAddressGroupIamBindingConditionOutput() AddressGroupIamBindingConditionOutput
	ToAddressGroupIamBindingConditionOutputWithContext(context.Context) AddressGroupIamBindingConditionOutput
}

AddressGroupIamBindingConditionInput is an input type that accepts AddressGroupIamBindingConditionArgs and AddressGroupIamBindingConditionOutput values. You can construct a concrete instance of `AddressGroupIamBindingConditionInput` via: 

AddressGroupIamBindingConditionArgs{...}

type AddressGroupIamBindingConditionOutput 

type AddressGroupIamBindingConditionOutput struct{ *pulumi.OutputState }

func (AddressGroupIamBindingConditionOutput) Description 

func (o AddressGroupIamBindingConditionOutput) Description() pulumi.StringPtrOutput

func (AddressGroupIamBindingConditionOutput) ElementType 

func (AddressGroupIamBindingConditionOutput) ElementType() reflect.Type

func (AddressGroupIamBindingConditionOutput) Expression 

func (o AddressGroupIamBindingConditionOutput) Expression() pulumi.StringOutput

func (AddressGroupIamBindingConditionOutput) Title 

func (o AddressGroupIamBindingConditionOutput) Title() pulumi.StringOutput

func (AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionOutput 

func (o AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionOutput() AddressGroupIamBindingConditionOutput

func (AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionOutputWithContext 

func (o AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionOutputWithContext(ctx context.Context) AddressGroupIamBindingConditionOutput

func (AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionPtrOutput 

func (o AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionPtrOutput() AddressGroupIamBindingConditionPtrOutput

func (AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionPtrOutputWithContext 

func (o AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamBindingConditionPtrOutput

type AddressGroupIamBindingConditionPtrInput 

type AddressGroupIamBindingConditionPtrInput interface {
	pulumi.Input

	ToAddressGroupIamBindingConditionPtrOutput() AddressGroupIamBindingConditionPtrOutput
	ToAddressGroupIamBindingConditionPtrOutputWithContext(context.Context) AddressGroupIamBindingConditionPtrOutput
}

AddressGroupIamBindingConditionPtrInput is an input type that accepts AddressGroupIamBindingConditionArgs, AddressGroupIamBindingConditionPtr and AddressGroupIamBindingConditionPtrOutput values. You can construct a concrete instance of `AddressGroupIamBindingConditionPtrInput` via: 

        AddressGroupIamBindingConditionArgs{...}

or:

        nil

func AddressGroupIamBindingConditionPtr 

func AddressGroupIamBindingConditionPtr(v *AddressGroupIamBindingConditionArgs) AddressGroupIamBindingConditionPtrInput

type AddressGroupIamBindingConditionPtrOutput 

type AddressGroupIamBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (AddressGroupIamBindingConditionPtrOutput) Description 

func (o AddressGroupIamBindingConditionPtrOutput) Description() pulumi.StringPtrOutput

func (AddressGroupIamBindingConditionPtrOutput) Elem 

func (o AddressGroupIamBindingConditionPtrOutput) Elem() AddressGroupIamBindingConditionOutput

func (AddressGroupIamBindingConditionPtrOutput) ElementType 

func (AddressGroupIamBindingConditionPtrOutput) ElementType() reflect.Type

func (AddressGroupIamBindingConditionPtrOutput) Expression 

func (o AddressGroupIamBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput

func (AddressGroupIamBindingConditionPtrOutput) Title 

func (o AddressGroupIamBindingConditionPtrOutput) Title() pulumi.StringPtrOutput

func (AddressGroupIamBindingConditionPtrOutput) ToAddressGroupIamBindingConditionPtrOutput 

func (o AddressGroupIamBindingConditionPtrOutput) ToAddressGroupIamBindingConditionPtrOutput() AddressGroupIamBindingConditionPtrOutput

func (AddressGroupIamBindingConditionPtrOutput) ToAddressGroupIamBindingConditionPtrOutputWithContext 

func (o AddressGroupIamBindingConditionPtrOutput) ToAddressGroupIamBindingConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamBindingConditionPtrOutput

type AddressGroupIamBindingInput 

type AddressGroupIamBindingInput interface {
	pulumi.Input

	ToAddressGroupIamBindingOutput() AddressGroupIamBindingOutput
	ToAddressGroupIamBindingOutputWithContext(ctx context.Context) AddressGroupIamBindingOutput
}

type AddressGroupIamBindingMap 

type AddressGroupIamBindingMap map[string]AddressGroupIamBindingInput

func (AddressGroupIamBindingMap) ElementType 

func (AddressGroupIamBindingMap) ElementType() reflect.Type

func (AddressGroupIamBindingMap) ToAddressGroupIamBindingMapOutput 

func (i AddressGroupIamBindingMap) ToAddressGroupIamBindingMapOutput() AddressGroupIamBindingMapOutput

func (AddressGroupIamBindingMap) ToAddressGroupIamBindingMapOutputWithContext 

func (i AddressGroupIamBindingMap) ToAddressGroupIamBindingMapOutputWithContext(ctx context.Context) AddressGroupIamBindingMapOutput

type AddressGroupIamBindingMapInput 

type AddressGroupIamBindingMapInput interface {
	pulumi.Input

	ToAddressGroupIamBindingMapOutput() AddressGroupIamBindingMapOutput
	ToAddressGroupIamBindingMapOutputWithContext(context.Context) AddressGroupIamBindingMapOutput
}

AddressGroupIamBindingMapInput is an input type that accepts AddressGroupIamBindingMap and AddressGroupIamBindingMapOutput values. You can construct a concrete instance of `AddressGroupIamBindingMapInput` via: 

AddressGroupIamBindingMap{ "key": AddressGroupIamBindingArgs{...} }

type AddressGroupIamBindingMapOutput 

type AddressGroupIamBindingMapOutput struct{ *pulumi.OutputState }

func (AddressGroupIamBindingMapOutput) ElementType 

func (AddressGroupIamBindingMapOutput) ElementType() reflect.Type

func (AddressGroupIamBindingMapOutput) MapIndex 

func (o AddressGroupIamBindingMapOutput) MapIndex(k pulumi.StringInput) AddressGroupIamBindingOutput

func (AddressGroupIamBindingMapOutput) ToAddressGroupIamBindingMapOutput 

func (o AddressGroupIamBindingMapOutput) ToAddressGroupIamBindingMapOutput() AddressGroupIamBindingMapOutput

func (AddressGroupIamBindingMapOutput) ToAddressGroupIamBindingMapOutputWithContext 

func (o AddressGroupIamBindingMapOutput) ToAddressGroupIamBindingMapOutputWithContext(ctx context.Context) AddressGroupIamBindingMapOutput

type AddressGroupIamBindingOutput 

type AddressGroupIamBindingOutput struct{ *pulumi.OutputState }

func (AddressGroupIamBindingOutput) Condition 

func (o AddressGroupIamBindingOutput) Condition() AddressGroupIamBindingConditionPtrOutput

func (AddressGroupIamBindingOutput) ElementType 

func (AddressGroupIamBindingOutput) ElementType() reflect.Type

func (AddressGroupIamBindingOutput) Etag 

func (o AddressGroupIamBindingOutput) Etag() pulumi.StringOutput

(Computed) The etag of the IAM policy.

func (AddressGroupIamBindingOutput) Location 

func (o AddressGroupIamBindingOutput) Location() pulumi.StringOutput

The location of the gateway security policy. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.

func (AddressGroupIamBindingOutput) Members 

func (o AddressGroupIamBindingOutput) Members() pulumi.StringArrayOutput

Identities that will be granted the privilege in `role`. Each entry can have one of the following values: * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (AddressGroupIamBindingOutput) Name 

func (o AddressGroupIamBindingOutput) Name() pulumi.StringOutput

Used to find the parent resource to bind the IAM policy to

func (AddressGroupIamBindingOutput) Project 

func (o AddressGroupIamBindingOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (AddressGroupIamBindingOutput) Role 

func (o AddressGroupIamBindingOutput) Role() pulumi.StringOutput

The role that should be applied. Only one `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutput 

func (o AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutput() AddressGroupIamBindingOutput

func (AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutputWithContext 

func (o AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutputWithContext(ctx context.Context) AddressGroupIamBindingOutput

type AddressGroupIamBindingState 

type AddressGroupIamBindingState struct {
	Condition AddressGroupIamBindingConditionPtrInput
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (AddressGroupIamBindingState) ElementType 

func (AddressGroupIamBindingState) ElementType() reflect.Type

type AddressGroupIamMember 

type AddressGroupIamMember struct {
	pulumi.CustomResourceState

	Condition AddressGroupIamMemberConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringOutput `pulumi:"location"`
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringOutput `pulumi:"member"`
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Three different resources help you manage your IAM policy for Network security ProjectAddressGroup. Each of these resources serves a different use case:

* `networksecurity.AddressGroupIamPolicy`: Authoritative. Sets the IAM policy for the projectaddressgroup and replaces any existing policy already attached. * `networksecurity.AddressGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the projectaddressgroup are preserved. * `networksecurity.AddressGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the projectaddressgroup are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `networksecurity.AddressGroupIamPolicy`: Retrieves the IAM policy for the projectaddressgroup

> **Note:** `networksecurity.AddressGroupIamPolicy` **cannot** be used in conjunction with `networksecurity.AddressGroupIamBinding` and `networksecurity.AddressGroupIamMember` or they will fight over what your policy should be.

> **Note:** `networksecurity.AddressGroupIamBinding` resources **can be** used in conjunction with `networksecurity.AddressGroupIamMember` resources **only if** they do not grant privilege to the same role.

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/locations/{{location}}/addressGroups/{{name}}

* {{project}}/{{location}}/{{name}}

* {{location}}/{{name}}

* {{name}}

Any variables not passed in the import command will be taken from the provider configuration.

Network security projectaddressgroup IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamMember:AddressGroupIamMember editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamMember:AddressGroupIamMember editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamMember:AddressGroupIamMember editor projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} ```

-> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the 

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetAddressGroupIamMember 

func GetAddressGroupIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupIamMemberState, opts ...pulumi.ResourceOption) (*AddressGroupIamMember, error)

GetAddressGroupIamMember gets an existing AddressGroupIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroupIamMember 

func NewAddressGroupIamMember(ctx *pulumi.Context,
	name string, args *AddressGroupIamMemberArgs, opts ...pulumi.ResourceOption) (*AddressGroupIamMember, error)

NewAddressGroupIamMember registers a new resource with the given unique name, arguments, and options.

func (*AddressGroupIamMember) ElementType 

func (*AddressGroupIamMember) ElementType() reflect.Type

func (*AddressGroupIamMember) ToAddressGroupIamMemberOutput 

func (i *AddressGroupIamMember) ToAddressGroupIamMemberOutput() AddressGroupIamMemberOutput

func (*AddressGroupIamMember) ToAddressGroupIamMemberOutputWithContext 

func (i *AddressGroupIamMember) ToAddressGroupIamMemberOutputWithContext(ctx context.Context) AddressGroupIamMemberOutput

type AddressGroupIamMemberArgs 

type AddressGroupIamMemberArgs struct {
	Condition AddressGroupIamMemberConditionPtrInput
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a AddressGroupIamMember resource.

func (AddressGroupIamMemberArgs) ElementType 

func (AddressGroupIamMemberArgs) ElementType() reflect.Type

type AddressGroupIamMemberArray 

type AddressGroupIamMemberArray []AddressGroupIamMemberInput

func (AddressGroupIamMemberArray) ElementType 

func (AddressGroupIamMemberArray) ElementType() reflect.Type

func (AddressGroupIamMemberArray) ToAddressGroupIamMemberArrayOutput 

func (i AddressGroupIamMemberArray) ToAddressGroupIamMemberArrayOutput() AddressGroupIamMemberArrayOutput

func (AddressGroupIamMemberArray) ToAddressGroupIamMemberArrayOutputWithContext 

func (i AddressGroupIamMemberArray) ToAddressGroupIamMemberArrayOutputWithContext(ctx context.Context) AddressGroupIamMemberArrayOutput

type AddressGroupIamMemberArrayInput 

type AddressGroupIamMemberArrayInput interface {
	pulumi.Input

	ToAddressGroupIamMemberArrayOutput() AddressGroupIamMemberArrayOutput
	ToAddressGroupIamMemberArrayOutputWithContext(context.Context) AddressGroupIamMemberArrayOutput
}

AddressGroupIamMemberArrayInput is an input type that accepts AddressGroupIamMemberArray and AddressGroupIamMemberArrayOutput values. You can construct a concrete instance of `AddressGroupIamMemberArrayInput` via: 

AddressGroupIamMemberArray{ AddressGroupIamMemberArgs{...} }

type AddressGroupIamMemberArrayOutput 

type AddressGroupIamMemberArrayOutput struct{ *pulumi.OutputState }

func (AddressGroupIamMemberArrayOutput) ElementType 

func (AddressGroupIamMemberArrayOutput) ElementType() reflect.Type

func (AddressGroupIamMemberArrayOutput) Index 

func (o AddressGroupIamMemberArrayOutput) Index(i pulumi.IntInput) AddressGroupIamMemberOutput

func (AddressGroupIamMemberArrayOutput) ToAddressGroupIamMemberArrayOutput 

func (o AddressGroupIamMemberArrayOutput) ToAddressGroupIamMemberArrayOutput() AddressGroupIamMemberArrayOutput

func (AddressGroupIamMemberArrayOutput) ToAddressGroupIamMemberArrayOutputWithContext 

func (o AddressGroupIamMemberArrayOutput) ToAddressGroupIamMemberArrayOutputWithContext(ctx context.Context) AddressGroupIamMemberArrayOutput

type AddressGroupIamMemberCondition 

type AddressGroupIamMemberCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type AddressGroupIamMemberConditionArgs 

type AddressGroupIamMemberConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (AddressGroupIamMemberConditionArgs) ElementType 

func (AddressGroupIamMemberConditionArgs) ElementType() reflect.Type

func (AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionOutput 

func (i AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionOutput() AddressGroupIamMemberConditionOutput

func (AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionOutputWithContext 

func (i AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionOutputWithContext(ctx context.Context) AddressGroupIamMemberConditionOutput

func (AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionPtrOutput 

func (i AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionPtrOutput() AddressGroupIamMemberConditionPtrOutput

func (AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionPtrOutputWithContext 

func (i AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamMemberConditionPtrOutput

type AddressGroupIamMemberConditionInput 

type AddressGroupIamMemberConditionInput interface {
	pulumi.Input

	ToAddressGroupIamMemberConditionOutput() AddressGroupIamMemberConditionOutput
	ToAddressGroupIamMemberConditionOutputWithContext(context.Context) AddressGroupIamMemberConditionOutput
}

AddressGroupIamMemberConditionInput is an input type that accepts AddressGroupIamMemberConditionArgs and AddressGroupIamMemberConditionOutput values. You can construct a concrete instance of `AddressGroupIamMemberConditionInput` via: 

AddressGroupIamMemberConditionArgs{...}

type AddressGroupIamMemberConditionOutput 

type AddressGroupIamMemberConditionOutput struct{ *pulumi.OutputState }

func (AddressGroupIamMemberConditionOutput) Description 

func (o AddressGroupIamMemberConditionOutput) Description() pulumi.StringPtrOutput

func (AddressGroupIamMemberConditionOutput) ElementType 

func (AddressGroupIamMemberConditionOutput) ElementType() reflect.Type

func (AddressGroupIamMemberConditionOutput) Expression 

func (o AddressGroupIamMemberConditionOutput) Expression() pulumi.StringOutput

func (AddressGroupIamMemberConditionOutput) Title 

func (o AddressGroupIamMemberConditionOutput) Title() pulumi.StringOutput

func (AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionOutput 

func (o AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionOutput() AddressGroupIamMemberConditionOutput

func (AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionOutputWithContext 

func (o AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionOutputWithContext(ctx context.Context) AddressGroupIamMemberConditionOutput

func (AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionPtrOutput 

func (o AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionPtrOutput() AddressGroupIamMemberConditionPtrOutput

func (AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionPtrOutputWithContext 

func (o AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamMemberConditionPtrOutput

type AddressGroupIamMemberConditionPtrInput 

type AddressGroupIamMemberConditionPtrInput interface {
	pulumi.Input

	ToAddressGroupIamMemberConditionPtrOutput() AddressGroupIamMemberConditionPtrOutput
	ToAddressGroupIamMemberConditionPtrOutputWithContext(context.Context) AddressGroupIamMemberConditionPtrOutput
}

AddressGroupIamMemberConditionPtrInput is an input type that accepts AddressGroupIamMemberConditionArgs, AddressGroupIamMemberConditionPtr and AddressGroupIamMemberConditionPtrOutput values. You can construct a concrete instance of `AddressGroupIamMemberConditionPtrInput` via: 

        AddressGroupIamMemberConditionArgs{...}

or:

        nil

func AddressGroupIamMemberConditionPtr 

func AddressGroupIamMemberConditionPtr(v *AddressGroupIamMemberConditionArgs) AddressGroupIamMemberConditionPtrInput

type AddressGroupIamMemberConditionPtrOutput 

type AddressGroupIamMemberConditionPtrOutput struct{ *pulumi.OutputState }

func (AddressGroupIamMemberConditionPtrOutput) Description 

func (o AddressGroupIamMemberConditionPtrOutput) Description() pulumi.StringPtrOutput

func (AddressGroupIamMemberConditionPtrOutput) Elem 

func (o AddressGroupIamMemberConditionPtrOutput) Elem() AddressGroupIamMemberConditionOutput

func (AddressGroupIamMemberConditionPtrOutput) ElementType 

func (AddressGroupIamMemberConditionPtrOutput) ElementType() reflect.Type

func (AddressGroupIamMemberConditionPtrOutput) Expression 

func (o AddressGroupIamMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput

func (AddressGroupIamMemberConditionPtrOutput) Title 

func (o AddressGroupIamMemberConditionPtrOutput) Title() pulumi.StringPtrOutput

func (AddressGroupIamMemberConditionPtrOutput) ToAddressGroupIamMemberConditionPtrOutput 

func (o AddressGroupIamMemberConditionPtrOutput) ToAddressGroupIamMemberConditionPtrOutput() AddressGroupIamMemberConditionPtrOutput

func (AddressGroupIamMemberConditionPtrOutput) ToAddressGroupIamMemberConditionPtrOutputWithContext 

func (o AddressGroupIamMemberConditionPtrOutput) ToAddressGroupIamMemberConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamMemberConditionPtrOutput

type AddressGroupIamMemberInput 

type AddressGroupIamMemberInput interface {
	pulumi.Input

	ToAddressGroupIamMemberOutput() AddressGroupIamMemberOutput
	ToAddressGroupIamMemberOutputWithContext(ctx context.Context) AddressGroupIamMemberOutput
}

type AddressGroupIamMemberMap 

type AddressGroupIamMemberMap map[string]AddressGroupIamMemberInput

func (AddressGroupIamMemberMap) ElementType 

func (AddressGroupIamMemberMap) ElementType() reflect.Type

func (AddressGroupIamMemberMap) ToAddressGroupIamMemberMapOutput 

func (i AddressGroupIamMemberMap) ToAddressGroupIamMemberMapOutput() AddressGroupIamMemberMapOutput

func (AddressGroupIamMemberMap) ToAddressGroupIamMemberMapOutputWithContext 

func (i AddressGroupIamMemberMap) ToAddressGroupIamMemberMapOutputWithContext(ctx context.Context) AddressGroupIamMemberMapOutput

type AddressGroupIamMemberMapInput 

type AddressGroupIamMemberMapInput interface {
	pulumi.Input

	ToAddressGroupIamMemberMapOutput() AddressGroupIamMemberMapOutput
	ToAddressGroupIamMemberMapOutputWithContext(context.Context) AddressGroupIamMemberMapOutput
}

AddressGroupIamMemberMapInput is an input type that accepts AddressGroupIamMemberMap and AddressGroupIamMemberMapOutput values. You can construct a concrete instance of `AddressGroupIamMemberMapInput` via: 

AddressGroupIamMemberMap{ "key": AddressGroupIamMemberArgs{...} }

type AddressGroupIamMemberMapOutput 

type AddressGroupIamMemberMapOutput struct{ *pulumi.OutputState }

func (AddressGroupIamMemberMapOutput) ElementType 

func (AddressGroupIamMemberMapOutput) ElementType() reflect.Type

func (AddressGroupIamMemberMapOutput) MapIndex 

func (o AddressGroupIamMemberMapOutput) MapIndex(k pulumi.StringInput) AddressGroupIamMemberOutput

func (AddressGroupIamMemberMapOutput) ToAddressGroupIamMemberMapOutput 

func (o AddressGroupIamMemberMapOutput) ToAddressGroupIamMemberMapOutput() AddressGroupIamMemberMapOutput

func (AddressGroupIamMemberMapOutput) ToAddressGroupIamMemberMapOutputWithContext 

func (o AddressGroupIamMemberMapOutput) ToAddressGroupIamMemberMapOutputWithContext(ctx context.Context) AddressGroupIamMemberMapOutput

type AddressGroupIamMemberOutput 

type AddressGroupIamMemberOutput struct{ *pulumi.OutputState }

func (AddressGroupIamMemberOutput) Condition 

func (o AddressGroupIamMemberOutput) Condition() AddressGroupIamMemberConditionPtrOutput

func (AddressGroupIamMemberOutput) ElementType 

func (AddressGroupIamMemberOutput) ElementType() reflect.Type

func (AddressGroupIamMemberOutput) Etag 

func (o AddressGroupIamMemberOutput) Etag() pulumi.StringOutput

(Computed) The etag of the IAM policy.

func (AddressGroupIamMemberOutput) Location 

func (o AddressGroupIamMemberOutput) Location() pulumi.StringOutput

The location of the gateway security policy. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.

func (AddressGroupIamMemberOutput) Member 

func (o AddressGroupIamMemberOutput) Member() pulumi.StringOutput

Identities that will be granted the privilege in `role`. Each entry can have one of the following values: * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (AddressGroupIamMemberOutput) Name 

func (o AddressGroupIamMemberOutput) Name() pulumi.StringOutput

Used to find the parent resource to bind the IAM policy to

func (AddressGroupIamMemberOutput) Project 

func (o AddressGroupIamMemberOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (AddressGroupIamMemberOutput) Role 

func (o AddressGroupIamMemberOutput) Role() pulumi.StringOutput

The role that should be applied. Only one `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutput 

func (o AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutput() AddressGroupIamMemberOutput

func (AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutputWithContext 

func (o AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutputWithContext(ctx context.Context) AddressGroupIamMemberOutput

type AddressGroupIamMemberState 

type AddressGroupIamMemberState struct {
	Condition AddressGroupIamMemberConditionPtrInput
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringPtrInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (AddressGroupIamMemberState) ElementType 

func (AddressGroupIamMemberState) ElementType() reflect.Type

type AddressGroupIamPolicy 

type AddressGroupIamPolicy struct {
	pulumi.CustomResourceState

	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringOutput `pulumi:"location"`
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringOutput `pulumi:"name"`
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringOutput `pulumi:"policyData"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
}

Three different resources help you manage your IAM policy for Network security ProjectAddressGroup. Each of these resources serves a different use case:

* `networksecurity.AddressGroupIamPolicy`: Authoritative. Sets the IAM policy for the projectaddressgroup and replaces any existing policy already attached. * `networksecurity.AddressGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the projectaddressgroup are preserved. * `networksecurity.AddressGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the projectaddressgroup are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `networksecurity.AddressGroupIamPolicy`: Retrieves the IAM policy for the projectaddressgroup

> **Note:** `networksecurity.AddressGroupIamPolicy` **cannot** be used in conjunction with `networksecurity.AddressGroupIamBinding` and `networksecurity.AddressGroupIamMember` or they will fight over what your policy should be.

> **Note:** `networksecurity.AddressGroupIamBinding` resources **can be** used in conjunction with `networksecurity.AddressGroupIamMember` resources **only if** they do not grant privilege to the same role.

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/locations/{{location}}/addressGroups/{{name}}

* {{project}}/{{location}}/{{name}}

* {{location}}/{{name}}

* {{name}}

Any variables not passed in the import command will be taken from the provider configuration.

Network security projectaddressgroup IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamPolicy:AddressGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamPolicy:AddressGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamPolicy:AddressGroupIamPolicy editor projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} ```

-> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the 

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetAddressGroupIamPolicy 

func GetAddressGroupIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupIamPolicyState, opts ...pulumi.ResourceOption) (*AddressGroupIamPolicy, error)

GetAddressGroupIamPolicy gets an existing AddressGroupIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroupIamPolicy 

func NewAddressGroupIamPolicy(ctx *pulumi.Context,
	name string, args *AddressGroupIamPolicyArgs, opts ...pulumi.ResourceOption) (*AddressGroupIamPolicy, error)

NewAddressGroupIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*AddressGroupIamPolicy) ElementType 

func (*AddressGroupIamPolicy) ElementType() reflect.Type

func (*AddressGroupIamPolicy) ToAddressGroupIamPolicyOutput 

func (i *AddressGroupIamPolicy) ToAddressGroupIamPolicyOutput() AddressGroupIamPolicyOutput

func (*AddressGroupIamPolicy) ToAddressGroupIamPolicyOutputWithContext 

func (i *AddressGroupIamPolicy) ToAddressGroupIamPolicyOutputWithContext(ctx context.Context) AddressGroupIamPolicyOutput

type AddressGroupIamPolicyArgs 

type AddressGroupIamPolicyArgs struct {
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a AddressGroupIamPolicy resource.

func (AddressGroupIamPolicyArgs) ElementType 

func (AddressGroupIamPolicyArgs) ElementType() reflect.Type

type AddressGroupIamPolicyArray 

type AddressGroupIamPolicyArray []AddressGroupIamPolicyInput

func (AddressGroupIamPolicyArray) ElementType 

func (AddressGroupIamPolicyArray) ElementType() reflect.Type

func (AddressGroupIamPolicyArray) ToAddressGroupIamPolicyArrayOutput 

func (i AddressGroupIamPolicyArray) ToAddressGroupIamPolicyArrayOutput() AddressGroupIamPolicyArrayOutput

func (AddressGroupIamPolicyArray) ToAddressGroupIamPolicyArrayOutputWithContext 

func (i AddressGroupIamPolicyArray) ToAddressGroupIamPolicyArrayOutputWithContext(ctx context.Context) AddressGroupIamPolicyArrayOutput

type AddressGroupIamPolicyArrayInput 

type AddressGroupIamPolicyArrayInput interface {
	pulumi.Input

	ToAddressGroupIamPolicyArrayOutput() AddressGroupIamPolicyArrayOutput
	ToAddressGroupIamPolicyArrayOutputWithContext(context.Context) AddressGroupIamPolicyArrayOutput
}

AddressGroupIamPolicyArrayInput is an input type that accepts AddressGroupIamPolicyArray and AddressGroupIamPolicyArrayOutput values. You can construct a concrete instance of `AddressGroupIamPolicyArrayInput` via: 

AddressGroupIamPolicyArray{ AddressGroupIamPolicyArgs{...} }

type AddressGroupIamPolicyArrayOutput 

type AddressGroupIamPolicyArrayOutput struct{ *pulumi.OutputState }

func (AddressGroupIamPolicyArrayOutput) ElementType 

func (AddressGroupIamPolicyArrayOutput) ElementType() reflect.Type

func (AddressGroupIamPolicyArrayOutput) Index 

func (o AddressGroupIamPolicyArrayOutput) Index(i pulumi.IntInput) AddressGroupIamPolicyOutput

func (AddressGroupIamPolicyArrayOutput) ToAddressGroupIamPolicyArrayOutput 

func (o AddressGroupIamPolicyArrayOutput) ToAddressGroupIamPolicyArrayOutput() AddressGroupIamPolicyArrayOutput

func (AddressGroupIamPolicyArrayOutput) ToAddressGroupIamPolicyArrayOutputWithContext 

func (o AddressGroupIamPolicyArrayOutput) ToAddressGroupIamPolicyArrayOutputWithContext(ctx context.Context) AddressGroupIamPolicyArrayOutput

type AddressGroupIamPolicyInput 

type AddressGroupIamPolicyInput interface {
	pulumi.Input

	ToAddressGroupIamPolicyOutput() AddressGroupIamPolicyOutput
	ToAddressGroupIamPolicyOutputWithContext(ctx context.Context) AddressGroupIamPolicyOutput
}

type AddressGroupIamPolicyMap 

type AddressGroupIamPolicyMap map[string]AddressGroupIamPolicyInput

func (AddressGroupIamPolicyMap) ElementType 

func (AddressGroupIamPolicyMap) ElementType() reflect.Type

func (AddressGroupIamPolicyMap) ToAddressGroupIamPolicyMapOutput 

func (i AddressGroupIamPolicyMap) ToAddressGroupIamPolicyMapOutput() AddressGroupIamPolicyMapOutput

func (AddressGroupIamPolicyMap) ToAddressGroupIamPolicyMapOutputWithContext 

func (i AddressGroupIamPolicyMap) ToAddressGroupIamPolicyMapOutputWithContext(ctx context.Context) AddressGroupIamPolicyMapOutput

type AddressGroupIamPolicyMapInput 

type AddressGroupIamPolicyMapInput interface {
	pulumi.Input

	ToAddressGroupIamPolicyMapOutput() AddressGroupIamPolicyMapOutput
	ToAddressGroupIamPolicyMapOutputWithContext(context.Context) AddressGroupIamPolicyMapOutput
}

AddressGroupIamPolicyMapInput is an input type that accepts AddressGroupIamPolicyMap and AddressGroupIamPolicyMapOutput values. You can construct a concrete instance of `AddressGroupIamPolicyMapInput` via: 

AddressGroupIamPolicyMap{ "key": AddressGroupIamPolicyArgs{...} }

type AddressGroupIamPolicyMapOutput 

type AddressGroupIamPolicyMapOutput struct{ *pulumi.OutputState }

func (AddressGroupIamPolicyMapOutput) ElementType 

func (AddressGroupIamPolicyMapOutput) ElementType() reflect.Type

func (AddressGroupIamPolicyMapOutput) MapIndex 

func (o AddressGroupIamPolicyMapOutput) MapIndex(k pulumi.StringInput) AddressGroupIamPolicyOutput

func (AddressGroupIamPolicyMapOutput) ToAddressGroupIamPolicyMapOutput 

func (o AddressGroupIamPolicyMapOutput) ToAddressGroupIamPolicyMapOutput() AddressGroupIamPolicyMapOutput

func (AddressGroupIamPolicyMapOutput) ToAddressGroupIamPolicyMapOutputWithContext 

func (o AddressGroupIamPolicyMapOutput) ToAddressGroupIamPolicyMapOutputWithContext(ctx context.Context) AddressGroupIamPolicyMapOutput

type AddressGroupIamPolicyOutput 

type AddressGroupIamPolicyOutput struct{ *pulumi.OutputState }

func (AddressGroupIamPolicyOutput) ElementType 

func (AddressGroupIamPolicyOutput) ElementType() reflect.Type

func (AddressGroupIamPolicyOutput) Etag 

func (o AddressGroupIamPolicyOutput) Etag() pulumi.StringOutput

(Computed) The etag of the IAM policy.

func (AddressGroupIamPolicyOutput) Location 

func (o AddressGroupIamPolicyOutput) Location() pulumi.StringOutput

The location of the gateway security policy. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.

func (AddressGroupIamPolicyOutput) Name 

func (o AddressGroupIamPolicyOutput) Name() pulumi.StringOutput

Used to find the parent resource to bind the IAM policy to

func (AddressGroupIamPolicyOutput) PolicyData 

func (o AddressGroupIamPolicyOutput) PolicyData() pulumi.StringOutput

The policy data generated by a `organizations.getIAMPolicy` data source.

func (AddressGroupIamPolicyOutput) Project 

func (o AddressGroupIamPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutput 

func (o AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutput() AddressGroupIamPolicyOutput

func (AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutputWithContext 

func (o AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutputWithContext(ctx context.Context) AddressGroupIamPolicyOutput

type AddressGroupIamPolicyState 

type AddressGroupIamPolicyState struct {
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
}

func (AddressGroupIamPolicyState) ElementType 

func (AddressGroupIamPolicyState) ElementType() reflect.Type

type AddressGroupInput 

type AddressGroupInput interface {
	pulumi.Input

	ToAddressGroupOutput() AddressGroupOutput
	ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput
}

type AddressGroupMap 

type AddressGroupMap map[string]AddressGroupInput

func (AddressGroupMap) ElementType 

func (AddressGroupMap) ElementType() reflect.Type

func (AddressGroupMap) ToAddressGroupMapOutput 

func (i AddressGroupMap) ToAddressGroupMapOutput() AddressGroupMapOutput

func (AddressGroupMap) ToAddressGroupMapOutputWithContext 

func (i AddressGroupMap) ToAddressGroupMapOutputWithContext(ctx context.Context) AddressGroupMapOutput

type AddressGroupMapInput 

type AddressGroupMapInput interface {
	pulumi.Input

	ToAddressGroupMapOutput() AddressGroupMapOutput
	ToAddressGroupMapOutputWithContext(context.Context) AddressGroupMapOutput
}

AddressGroupMapInput is an input type that accepts AddressGroupMap and AddressGroupMapOutput values. You can construct a concrete instance of `AddressGroupMapInput` via: 

AddressGroupMap{ "key": AddressGroupArgs{...} }

type AddressGroupMapOutput 

type AddressGroupMapOutput struct{ *pulumi.OutputState }

func (AddressGroupMapOutput) ElementType 

func (AddressGroupMapOutput) ElementType() reflect.Type

func (AddressGroupMapOutput) MapIndex 

func (o AddressGroupMapOutput) MapIndex(k pulumi.StringInput) AddressGroupOutput

func (AddressGroupMapOutput) ToAddressGroupMapOutput 

func (o AddressGroupMapOutput) ToAddressGroupMapOutput() AddressGroupMapOutput

func (AddressGroupMapOutput) ToAddressGroupMapOutputWithContext 

func (o AddressGroupMapOutput) ToAddressGroupMapOutputWithContext(ctx context.Context) AddressGroupMapOutput

type AddressGroupOutput 

type AddressGroupOutput struct{ *pulumi.OutputState }

func (AddressGroupOutput) Capacity 

func (o AddressGroupOutput) Capacity() pulumi.IntOutput

Capacity of the Address Group.

func (AddressGroupOutput) CreateTime 

func (o AddressGroupOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

func (AddressGroupOutput) Description 

func (o AddressGroupOutput) Description() pulumi.StringPtrOutput

Free-text description of the resource.

func (AddressGroupOutput) EffectiveLabels 

func (o AddressGroupOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (AddressGroupOutput) ElementType 

func (AddressGroupOutput) ElementType() reflect.Type

func (AddressGroupOutput) Items 

func (o AddressGroupOutput) Items() pulumi.StringArrayOutput

List of items.

func (AddressGroupOutput) Labels 

func (o AddressGroupOutput) Labels() pulumi.StringMapOutput

Set of label tags associated with the AddressGroup resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (AddressGroupOutput) Location 

func (o AddressGroupOutput) Location() pulumi.StringOutput

The location of the gateway security policy. The default value is `global`.

***

func (AddressGroupOutput) Name 

func (o AddressGroupOutput) Name() pulumi.StringOutput

Name of the AddressGroup resource.

func (AddressGroupOutput) Parent 

func (o AddressGroupOutput) Parent() pulumi.StringPtrOutput

The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.

func (AddressGroupOutput) PulumiLabels 

func (o AddressGroupOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (AddressGroupOutput) Purposes 

func (o AddressGroupOutput) Purposes() pulumi.StringArrayOutput

List of supported purposes of the Address Group. Each value may be one of: `DEFAULT`, `CLOUD_ARMOR`.

func (AddressGroupOutput) ToAddressGroupOutput 

func (o AddressGroupOutput) ToAddressGroupOutput() AddressGroupOutput

func (AddressGroupOutput) ToAddressGroupOutputWithContext 

func (o AddressGroupOutput) ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput

func (AddressGroupOutput) Type 

func (o AddressGroupOutput) Type() pulumi.StringOutput

The type of the Address Group. Possible values are "IPV4" or "IPV6". Possible values are: `IPV4`, `IPV6`.

func (AddressGroupOutput) UpdateTime 

func (o AddressGroupOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

type AddressGroupState 

type AddressGroupState struct {
	// Capacity of the Address Group.
	Capacity pulumi.IntPtrInput
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringPtrInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// List of items.
	Items pulumi.StringArrayInput
	// Set of label tags associated with the AddressGroup resource.
	// An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the gateway security policy.
	// The default value is `global`.
	//
	// ***
	Location pulumi.StringPtrInput
	// Name of the AddressGroup resource.
	Name pulumi.StringPtrInput
	// The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.
	Parent pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// List of supported purposes of the Address Group.
	// Each value may be one of: `DEFAULT`, `CLOUD_ARMOR`.
	Purposes pulumi.StringArrayInput
	// The type of the Address Group. Possible values are "IPV4" or "IPV6".
	// Possible values are: `IPV4`, `IPV6`.
	Type pulumi.StringPtrInput
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringPtrInput
}

func (AddressGroupState) ElementType 

func (AddressGroupState) ElementType() reflect.Type

type AuthorizationPolicy 

type AuthorizationPolicy struct {
	pulumi.CustomResourceState

	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	// Possible values are: `ALLOW`, `DENY`.
	Action pulumi.StringOutput `pulumi:"action"`
	// Time the AuthorizationPolicy was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Set of label tags associated with the AuthorizationPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the authorization policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Name of the AuthorizationPolicy resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
	// A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
	// Structure is documented below.
	Rules AuthorizationPolicyRuleArrayOutput `pulumi:"rules"`
	// Time the AuthorizationPolicy was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Authorization Policy Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAuthorizationPolicy(ctx, "default", &networksecurity.AuthorizationPolicyArgs{
			Name: pulumi.String("my-authorization-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Action:      pulumi.String("ALLOW"),
			Rules: networksecurity.AuthorizationPolicyRuleArray{
				&networksecurity.AuthorizationPolicyRuleArgs{
					Sources: networksecurity.AuthorizationPolicyRuleSourceArray{
						&networksecurity.AuthorizationPolicyRuleSourceArgs{
							Principals: pulumi.StringArray{
								pulumi.String("namespace/*"),
							},
							IpBlocks: pulumi.StringArray{
								pulumi.String("1.2.3.0/24"),
							},
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Authorization Policy Destinations

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAuthorizationPolicy(ctx, "default", &networksecurity.AuthorizationPolicyArgs{
			Name: pulumi.String("my-authorization-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Action:      pulumi.String("ALLOW"),
			Rules: networksecurity.AuthorizationPolicyRuleArray{
				&networksecurity.AuthorizationPolicyRuleArgs{
					Sources: networksecurity.AuthorizationPolicyRuleSourceArray{
						&networksecurity.AuthorizationPolicyRuleSourceArgs{
							Principals: pulumi.StringArray{
								pulumi.String("namespace/*"),
							},
							IpBlocks: pulumi.StringArray{
								pulumi.String("1.2.3.0/24"),
							},
						},
					},
					Destinations: networksecurity.AuthorizationPolicyRuleDestinationArray{
						&networksecurity.AuthorizationPolicyRuleDestinationArgs{
							Hosts: pulumi.StringArray{
								pulumi.String("mydomain.*"),
							},
							Ports: pulumi.IntArray{
								pulumi.Int(8080),
							},
							Methods: pulumi.StringArray{
								pulumi.String("GET"),
							},
							HttpHeaderMatch: &networksecurity.AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs{
								HeaderName: pulumi.String(":method"),
								RegexMatch: pulumi.String("GET"),
							},
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

AuthorizationPolicy can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/authorizationPolicies/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, AuthorizationPolicy can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default projects/{{project}}/locations/{{location}}/authorizationPolicies/{{name}} ```

```sh $ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default {{location}}/{{name}} ```

func GetAuthorizationPolicy 

func GetAuthorizationPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthorizationPolicyState, opts ...pulumi.ResourceOption) (*AuthorizationPolicy, error)

GetAuthorizationPolicy gets an existing AuthorizationPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthorizationPolicy 

func NewAuthorizationPolicy(ctx *pulumi.Context,
	name string, args *AuthorizationPolicyArgs, opts ...pulumi.ResourceOption) (*AuthorizationPolicy, error)

NewAuthorizationPolicy registers a new resource with the given unique name, arguments, and options.

func (*AuthorizationPolicy) ElementType 

func (*AuthorizationPolicy) ElementType() reflect.Type

func (*AuthorizationPolicy) ToAuthorizationPolicyOutput 

func (i *AuthorizationPolicy) ToAuthorizationPolicyOutput() AuthorizationPolicyOutput

func (*AuthorizationPolicy) ToAuthorizationPolicyOutputWithContext 

func (i *AuthorizationPolicy) ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput

type AuthorizationPolicyArgs 

type AuthorizationPolicyArgs struct {
	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	// Possible values are: `ALLOW`, `DENY`.
	Action pulumi.StringInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// Set of label tags associated with the AuthorizationPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the authorization policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the AuthorizationPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
	// A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
	// Structure is documented below.
	Rules AuthorizationPolicyRuleArrayInput
}

The set of arguments for constructing a AuthorizationPolicy resource.

func (AuthorizationPolicyArgs) ElementType 

func (AuthorizationPolicyArgs) ElementType() reflect.Type

type AuthorizationPolicyArray 

type AuthorizationPolicyArray []AuthorizationPolicyInput

func (AuthorizationPolicyArray) ElementType 

func (AuthorizationPolicyArray) ElementType() reflect.Type

func (AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutput 

func (i AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutput() AuthorizationPolicyArrayOutput

func (AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutputWithContext 

func (i AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutputWithContext(ctx context.Context) AuthorizationPolicyArrayOutput

type AuthorizationPolicyArrayInput 

type AuthorizationPolicyArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyArrayOutput() AuthorizationPolicyArrayOutput
	ToAuthorizationPolicyArrayOutputWithContext(context.Context) AuthorizationPolicyArrayOutput
}

AuthorizationPolicyArrayInput is an input type that accepts AuthorizationPolicyArray and AuthorizationPolicyArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyArrayInput` via: 

AuthorizationPolicyArray{ AuthorizationPolicyArgs{...} }

type AuthorizationPolicyArrayOutput 

type AuthorizationPolicyArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyArrayOutput) ElementType 

func (AuthorizationPolicyArrayOutput) ElementType() reflect.Type

func (AuthorizationPolicyArrayOutput) Index 

func (o AuthorizationPolicyArrayOutput) Index(i pulumi.IntInput) AuthorizationPolicyOutput

func (AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutput 

func (o AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutput() AuthorizationPolicyArrayOutput

func (AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutputWithContext 

func (o AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutputWithContext(ctx context.Context) AuthorizationPolicyArrayOutput

type AuthorizationPolicyInput 

type AuthorizationPolicyInput interface {
	pulumi.Input

	ToAuthorizationPolicyOutput() AuthorizationPolicyOutput
	ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput
}

type AuthorizationPolicyMap 

type AuthorizationPolicyMap map[string]AuthorizationPolicyInput

func (AuthorizationPolicyMap) ElementType 

func (AuthorizationPolicyMap) ElementType() reflect.Type

func (AuthorizationPolicyMap) ToAuthorizationPolicyMapOutput 

func (i AuthorizationPolicyMap) ToAuthorizationPolicyMapOutput() AuthorizationPolicyMapOutput

func (AuthorizationPolicyMap) ToAuthorizationPolicyMapOutputWithContext 

func (i AuthorizationPolicyMap) ToAuthorizationPolicyMapOutputWithContext(ctx context.Context) AuthorizationPolicyMapOutput

type AuthorizationPolicyMapInput 

type AuthorizationPolicyMapInput interface {
	pulumi.Input

	ToAuthorizationPolicyMapOutput() AuthorizationPolicyMapOutput
	ToAuthorizationPolicyMapOutputWithContext(context.Context) AuthorizationPolicyMapOutput
}

AuthorizationPolicyMapInput is an input type that accepts AuthorizationPolicyMap and AuthorizationPolicyMapOutput values. You can construct a concrete instance of `AuthorizationPolicyMapInput` via: 

AuthorizationPolicyMap{ "key": AuthorizationPolicyArgs{...} }

type AuthorizationPolicyMapOutput 

type AuthorizationPolicyMapOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyMapOutput) ElementType 

func (AuthorizationPolicyMapOutput) ElementType() reflect.Type

func (AuthorizationPolicyMapOutput) MapIndex 

func (o AuthorizationPolicyMapOutput) MapIndex(k pulumi.StringInput) AuthorizationPolicyOutput

func (AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutput 

func (o AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutput() AuthorizationPolicyMapOutput

func (AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutputWithContext 

func (o AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutputWithContext(ctx context.Context) AuthorizationPolicyMapOutput

type AuthorizationPolicyOutput 

type AuthorizationPolicyOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyOutput) Action 

func (o AuthorizationPolicyOutput) Action() pulumi.StringOutput

The action to take when a rule match is found. Possible values are "ALLOW" or "DENY". Possible values are: `ALLOW`, `DENY`.

func (AuthorizationPolicyOutput) CreateTime 

func (o AuthorizationPolicyOutput) CreateTime() pulumi.StringOutput

Time the AuthorizationPolicy was created in UTC.

func (AuthorizationPolicyOutput) Description 

func (o AuthorizationPolicyOutput) Description() pulumi.StringPtrOutput

A free-text description of the resource. Max length 1024 characters.

func (AuthorizationPolicyOutput) EffectiveLabels 

func (o AuthorizationPolicyOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (AuthorizationPolicyOutput) ElementType 

func (AuthorizationPolicyOutput) ElementType() reflect.Type

func (AuthorizationPolicyOutput) Labels 

func (o AuthorizationPolicyOutput) Labels() pulumi.StringMapOutput

Set of label tags associated with the AuthorizationPolicy resource. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (AuthorizationPolicyOutput) Location 

func (o AuthorizationPolicyOutput) Location() pulumi.StringPtrOutput

The location of the authorization policy. The default value is `global`.

func (AuthorizationPolicyOutput) Name 

func (o AuthorizationPolicyOutput) Name() pulumi.StringOutput

Name of the AuthorizationPolicy resource.

***

func (AuthorizationPolicyOutput) Project 

func (o AuthorizationPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (AuthorizationPolicyOutput) PulumiLabels 

func (o AuthorizationPolicyOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (AuthorizationPolicyOutput) Rules 

func (o AuthorizationPolicyOutput) Rules() AuthorizationPolicyRuleArrayOutput

List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken. A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request. Structure is documented below.

func (AuthorizationPolicyOutput) ToAuthorizationPolicyOutput 

func (o AuthorizationPolicyOutput) ToAuthorizationPolicyOutput() AuthorizationPolicyOutput

func (AuthorizationPolicyOutput) ToAuthorizationPolicyOutputWithContext 

func (o AuthorizationPolicyOutput) ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput

func (AuthorizationPolicyOutput) UpdateTime 

func (o AuthorizationPolicyOutput) UpdateTime() pulumi.StringOutput

Time the AuthorizationPolicy was updated in UTC.

type AuthorizationPolicyRule 

type AuthorizationPolicyRule struct {
	// List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the destination.
	// Structure is documented below.
	Destinations []AuthorizationPolicyRuleDestination `pulumi:"destinations"`
	// List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ipBlocks match.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the source.
	// Structure is documented below.
	Sources []AuthorizationPolicyRuleSource `pulumi:"sources"`
}

type AuthorizationPolicyRuleArgs 

type AuthorizationPolicyRuleArgs struct {
	// List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the destination.
	// Structure is documented below.
	Destinations AuthorizationPolicyRuleDestinationArrayInput `pulumi:"destinations"`
	// List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ipBlocks match.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the source.
	// Structure is documented below.
	Sources AuthorizationPolicyRuleSourceArrayInput `pulumi:"sources"`
}

func (AuthorizationPolicyRuleArgs) ElementType 

func (AuthorizationPolicyRuleArgs) ElementType() reflect.Type

func (AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutput 

func (i AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutput() AuthorizationPolicyRuleOutput

func (AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutputWithContext 

func (i AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutputWithContext(ctx context.Context) AuthorizationPolicyRuleOutput

type AuthorizationPolicyRuleArray 

type AuthorizationPolicyRuleArray []AuthorizationPolicyRuleInput

func (AuthorizationPolicyRuleArray) ElementType 

func (AuthorizationPolicyRuleArray) ElementType() reflect.Type

func (AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutput 

func (i AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutput() AuthorizationPolicyRuleArrayOutput

func (AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutputWithContext 

func (i AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleArrayOutput

type AuthorizationPolicyRuleArrayInput 

type AuthorizationPolicyRuleArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleArrayOutput() AuthorizationPolicyRuleArrayOutput
	ToAuthorizationPolicyRuleArrayOutputWithContext(context.Context) AuthorizationPolicyRuleArrayOutput
}

AuthorizationPolicyRuleArrayInput is an input type that accepts AuthorizationPolicyRuleArray and AuthorizationPolicyRuleArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleArrayInput` via: 

AuthorizationPolicyRuleArray{ AuthorizationPolicyRuleArgs{...} }

type AuthorizationPolicyRuleArrayOutput 

type AuthorizationPolicyRuleArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleArrayOutput) ElementType 

func (AuthorizationPolicyRuleArrayOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleArrayOutput) Index 

func (o AuthorizationPolicyRuleArrayOutput) Index(i pulumi.IntInput) AuthorizationPolicyRuleOutput

func (AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutput 

func (o AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutput() AuthorizationPolicyRuleArrayOutput

func (AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutputWithContext 

func (o AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleArrayOutput

type AuthorizationPolicyRuleDestination 

type AuthorizationPolicyRuleDestination struct {
	// List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".
	Hosts []string `pulumi:"hosts"`
	// Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match.
	// Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy.
	// Structure is documented below.
	HttpHeaderMatch *AuthorizationPolicyRuleDestinationHttpHeaderMatch `pulumi:"httpHeaderMatch"`
	// A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.
	Methods []string `pulumi:"methods"`
	// List of destination ports to match. At least one port should match.
	Ports []int `pulumi:"ports"`
}

type AuthorizationPolicyRuleDestinationArgs 

type AuthorizationPolicyRuleDestinationArgs struct {
	// List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".
	Hosts pulumi.StringArrayInput `pulumi:"hosts"`
	// Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match.
	// Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy.
	// Structure is documented below.
	HttpHeaderMatch AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput `pulumi:"httpHeaderMatch"`
	// A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.
	Methods pulumi.StringArrayInput `pulumi:"methods"`
	// List of destination ports to match. At least one port should match.
	Ports pulumi.IntArrayInput `pulumi:"ports"`
}

func (AuthorizationPolicyRuleDestinationArgs) ElementType 

func (AuthorizationPolicyRuleDestinationArgs) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutput 

func (i AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutput() AuthorizationPolicyRuleDestinationOutput

func (AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutputWithContext 

func (i AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationOutput

type AuthorizationPolicyRuleDestinationArray 

type AuthorizationPolicyRuleDestinationArray []AuthorizationPolicyRuleDestinationInput

func (AuthorizationPolicyRuleDestinationArray) ElementType 

func (AuthorizationPolicyRuleDestinationArray) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutput 

func (i AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutput() AuthorizationPolicyRuleDestinationArrayOutput

func (AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext 

func (i AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationArrayOutput

type AuthorizationPolicyRuleDestinationArrayInput 

type AuthorizationPolicyRuleDestinationArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationArrayOutput() AuthorizationPolicyRuleDestinationArrayOutput
	ToAuthorizationPolicyRuleDestinationArrayOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationArrayOutput
}

AuthorizationPolicyRuleDestinationArrayInput is an input type that accepts AuthorizationPolicyRuleDestinationArray and AuthorizationPolicyRuleDestinationArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationArrayInput` via: 

AuthorizationPolicyRuleDestinationArray{ AuthorizationPolicyRuleDestinationArgs{...} }

type AuthorizationPolicyRuleDestinationArrayOutput 

type AuthorizationPolicyRuleDestinationArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationArrayOutput) ElementType 

func (AuthorizationPolicyRuleDestinationArrayOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationArrayOutput) Index 

func (o AuthorizationPolicyRuleDestinationArrayOutput) Index(i pulumi.IntInput) AuthorizationPolicyRuleDestinationOutput

func (AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutput 

func (o AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutput() AuthorizationPolicyRuleDestinationArrayOutput

func (AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext 

func (o AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationArrayOutput

type AuthorizationPolicyRuleDestinationHttpHeaderMatch 

type AuthorizationPolicyRuleDestinationHttpHeaderMatch struct {
	// The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".
	HeaderName string `pulumi:"headerName"`
	// The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.
	RegexMatch string `pulumi:"regexMatch"`
}

type AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs 

type AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs struct {
	// The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".
	HeaderName pulumi.StringInput `pulumi:"headerName"`
	// The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.
	RegexMatch pulumi.StringInput `pulumi:"regexMatch"`
}

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ElementType 

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput 

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext 

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput 

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext 

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchInput 

type AuthorizationPolicyRuleDestinationHttpHeaderMatchInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput
	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput
}

AuthorizationPolicyRuleDestinationHttpHeaderMatchInput is an input type that accepts AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs and AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationHttpHeaderMatchInput` via: 

AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs{...}

type AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput 

type AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ElementType 

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) HeaderName 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) HeaderName() pulumi.StringOutput

The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) RegexMatch 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) RegexMatch() pulumi.StringOutput

The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput 

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput
	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput
}

AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput is an input type that accepts AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs, AuthorizationPolicyRuleDestinationHttpHeaderMatchPtr and AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput` via: 

        AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs{...}

or:

        nil

func AuthorizationPolicyRuleDestinationHttpHeaderMatchPtr 

func AuthorizationPolicyRuleDestinationHttpHeaderMatchPtr(v *AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput 

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) Elem 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) Elem() AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ElementType 

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) HeaderName 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) HeaderName() pulumi.StringPtrOutput

The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) RegexMatch 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) RegexMatch() pulumi.StringPtrOutput

The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext 

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

type AuthorizationPolicyRuleDestinationInput 

type AuthorizationPolicyRuleDestinationInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationOutput() AuthorizationPolicyRuleDestinationOutput
	ToAuthorizationPolicyRuleDestinationOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationOutput
}

AuthorizationPolicyRuleDestinationInput is an input type that accepts AuthorizationPolicyRuleDestinationArgs and AuthorizationPolicyRuleDestinationOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationInput` via: 

AuthorizationPolicyRuleDestinationArgs{...}

type AuthorizationPolicyRuleDestinationOutput 

type AuthorizationPolicyRuleDestinationOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationOutput) ElementType 

func (AuthorizationPolicyRuleDestinationOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleDestinationOutput) Hosts 

func (o AuthorizationPolicyRuleDestinationOutput) Hosts() pulumi.StringArrayOutput

List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".

func (AuthorizationPolicyRuleDestinationOutput) HttpHeaderMatch 

func (o AuthorizationPolicyRuleDestinationOutput) HttpHeaderMatch() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match. Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy. Structure is documented below.

func (AuthorizationPolicyRuleDestinationOutput) Methods 

func (o AuthorizationPolicyRuleDestinationOutput) Methods() pulumi.StringArrayOutput

A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.

func (AuthorizationPolicyRuleDestinationOutput) Ports 

func (o AuthorizationPolicyRuleDestinationOutput) Ports() pulumi.IntArrayOutput

List of destination ports to match. At least one port should match.

func (AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutput 

func (o AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutput() AuthorizationPolicyRuleDestinationOutput

func (AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutputWithContext 

func (o AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationOutput

type AuthorizationPolicyRuleInput 

type AuthorizationPolicyRuleInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleOutput() AuthorizationPolicyRuleOutput
	ToAuthorizationPolicyRuleOutputWithContext(context.Context) AuthorizationPolicyRuleOutput
}

AuthorizationPolicyRuleInput is an input type that accepts AuthorizationPolicyRuleArgs and AuthorizationPolicyRuleOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleInput` via: 

AuthorizationPolicyRuleArgs{...}

type AuthorizationPolicyRuleOutput 

type AuthorizationPolicyRuleOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleOutput) Destinations 

func (o AuthorizationPolicyRuleOutput) Destinations() AuthorizationPolicyRuleDestinationArrayOutput

List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers. If not set, the action specified in the 'action' field will be applied without any rule checks for the destination. Structure is documented below.

func (AuthorizationPolicyRuleOutput) ElementType 

func (AuthorizationPolicyRuleOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleOutput) Sources 

func (o AuthorizationPolicyRuleOutput) Sources() AuthorizationPolicyRuleSourceArrayOutput

List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ipBlocks match. If not set, the action specified in the 'action' field will be applied without any rule checks for the source. Structure is documented below.

func (AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutput 

func (o AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutput() AuthorizationPolicyRuleOutput

func (AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutputWithContext 

func (o AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutputWithContext(ctx context.Context) AuthorizationPolicyRuleOutput

type AuthorizationPolicyRuleSource 

type AuthorizationPolicyRuleSource struct {
	// List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided.
	// The IP addresses of any load balancers or proxies should be considered untrusted.
	IpBlocks []string `pulumi:"ipBlocks"`
	// List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*".
	// Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.
	Principals []string `pulumi:"principals"`
}

type AuthorizationPolicyRuleSourceArgs 

type AuthorizationPolicyRuleSourceArgs struct {
	// List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided.
	// The IP addresses of any load balancers or proxies should be considered untrusted.
	IpBlocks pulumi.StringArrayInput `pulumi:"ipBlocks"`
	// List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*".
	// Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.
	Principals pulumi.StringArrayInput `pulumi:"principals"`
}

func (AuthorizationPolicyRuleSourceArgs) ElementType 

func (AuthorizationPolicyRuleSourceArgs) ElementType() reflect.Type

func (AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutput 

func (i AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutput() AuthorizationPolicyRuleSourceOutput

func (AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutputWithContext 

func (i AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceOutput

type AuthorizationPolicyRuleSourceArray 

type AuthorizationPolicyRuleSourceArray []AuthorizationPolicyRuleSourceInput

func (AuthorizationPolicyRuleSourceArray) ElementType 

func (AuthorizationPolicyRuleSourceArray) ElementType() reflect.Type

func (AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutput 

func (i AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutput() AuthorizationPolicyRuleSourceArrayOutput

func (AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutputWithContext 

func (i AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceArrayOutput

type AuthorizationPolicyRuleSourceArrayInput 

type AuthorizationPolicyRuleSourceArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleSourceArrayOutput() AuthorizationPolicyRuleSourceArrayOutput
	ToAuthorizationPolicyRuleSourceArrayOutputWithContext(context.Context) AuthorizationPolicyRuleSourceArrayOutput
}

AuthorizationPolicyRuleSourceArrayInput is an input type that accepts AuthorizationPolicyRuleSourceArray and AuthorizationPolicyRuleSourceArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleSourceArrayInput` via: 

AuthorizationPolicyRuleSourceArray{ AuthorizationPolicyRuleSourceArgs{...} }

type AuthorizationPolicyRuleSourceArrayOutput 

type AuthorizationPolicyRuleSourceArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleSourceArrayOutput) ElementType 

func (AuthorizationPolicyRuleSourceArrayOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleSourceArrayOutput) Index 

func (o AuthorizationPolicyRuleSourceArrayOutput) Index(i pulumi.IntInput) AuthorizationPolicyRuleSourceOutput

func (AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutput 

func (o AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutput() AuthorizationPolicyRuleSourceArrayOutput

func (AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutputWithContext 

func (o AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceArrayOutput

type AuthorizationPolicyRuleSourceInput 

type AuthorizationPolicyRuleSourceInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleSourceOutput() AuthorizationPolicyRuleSourceOutput
	ToAuthorizationPolicyRuleSourceOutputWithContext(context.Context) AuthorizationPolicyRuleSourceOutput
}

AuthorizationPolicyRuleSourceInput is an input type that accepts AuthorizationPolicyRuleSourceArgs and AuthorizationPolicyRuleSourceOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleSourceInput` via: 

AuthorizationPolicyRuleSourceArgs{...}

type AuthorizationPolicyRuleSourceOutput 

type AuthorizationPolicyRuleSourceOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleSourceOutput) ElementType 

func (AuthorizationPolicyRuleSourceOutput) ElementType() reflect.Type

func (AuthorizationPolicyRuleSourceOutput) IpBlocks 

func (o AuthorizationPolicyRuleSourceOutput) IpBlocks() pulumi.StringArrayOutput

List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided. The IP addresses of any load balancers or proxies should be considered untrusted.

func (AuthorizationPolicyRuleSourceOutput) Principals 

func (o AuthorizationPolicyRuleSourceOutput) Principals() pulumi.StringArrayOutput

List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*". Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.

func (AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutput 

func (o AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutput() AuthorizationPolicyRuleSourceOutput

func (AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutputWithContext 

func (o AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceOutput

type AuthorizationPolicyState 

type AuthorizationPolicyState struct {
	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	// Possible values are: `ALLOW`, `DENY`.
	Action pulumi.StringPtrInput
	// Time the AuthorizationPolicy was created in UTC.
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Set of label tags associated with the AuthorizationPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the authorization policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the AuthorizationPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
	// A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
	// Structure is documented below.
	Rules AuthorizationPolicyRuleArrayInput
	// Time the AuthorizationPolicy was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (AuthorizationPolicyState) ElementType 

func (AuthorizationPolicyState) ElementType() reflect.Type

type ClientTlsPolicy 

type ClientTlsPolicy struct {
	pulumi.CustomResourceState

	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ClientCertificate ClientTlsPolicyClientCertificatePtrOutput `pulumi:"clientCertificate"`
	// Time the ClientTlsPolicy was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Set of label tags associated with the ClientTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the client tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Name of the ClientTlsPolicy resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	// Structure is documented below.
	ServerValidationCas ClientTlsPolicyServerValidationCaArrayOutput `pulumi:"serverValidationCas"`
	// Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni pulumi.StringPtrOutput `pulumi:"sni"`
	// Time the ClientTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Client Tls Policy Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewClientTlsPolicy(ctx, "default", &networksecurity.ClientTlsPolicyArgs{
			Name: pulumi.String("my-client-tls-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Sni:         pulumi.String("secure.example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Client Tls Policy Advanced

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewClientTlsPolicy(ctx, "default", &networksecurity.ClientTlsPolicyArgs{
			Name: pulumi.String("my-client-tls-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			ClientCertificate: &networksecurity.ClientTlsPolicyClientCertificateArgs{
				CertificateProviderInstance: &networksecurity.ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs{
					PluginInstance: pulumi.String("google_cloud_private_spiffe"),
				},
			},
			ServerValidationCas: networksecurity.ClientTlsPolicyServerValidationCaArray{
				&networksecurity.ClientTlsPolicyServerValidationCaArgs{
					GrpcEndpoint: &networksecurity.ClientTlsPolicyServerValidationCaGrpcEndpointArgs{
						TargetUri: pulumi.String("unix:mypath"),
					},
				},
				&networksecurity.ClientTlsPolicyServerValidationCaArgs{
					GrpcEndpoint: &networksecurity.ClientTlsPolicyServerValidationCaGrpcEndpointArgs{
						TargetUri: pulumi.String("unix:mypath1"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

ClientTlsPolicy can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/clientTlsPolicies/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, ClientTlsPolicy can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/clientTlsPolicy:ClientTlsPolicy default projects/{{project}}/locations/{{location}}/clientTlsPolicies/{{name}} ```

```sh $ pulumi import gcp:networksecurity/clientTlsPolicy:ClientTlsPolicy default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/clientTlsPolicy:ClientTlsPolicy default {{location}}/{{name}} ```

func GetClientTlsPolicy 

func GetClientTlsPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClientTlsPolicyState, opts ...pulumi.ResourceOption) (*ClientTlsPolicy, error)

GetClientTlsPolicy gets an existing ClientTlsPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClientTlsPolicy 

func NewClientTlsPolicy(ctx *pulumi.Context,
	name string, args *ClientTlsPolicyArgs, opts ...pulumi.ResourceOption) (*ClientTlsPolicy, error)

NewClientTlsPolicy registers a new resource with the given unique name, arguments, and options.

func (*ClientTlsPolicy) ElementType 

func (*ClientTlsPolicy) ElementType() reflect.Type

func (*ClientTlsPolicy) ToClientTlsPolicyOutput 

func (i *ClientTlsPolicy) ToClientTlsPolicyOutput() ClientTlsPolicyOutput

func (*ClientTlsPolicy) ToClientTlsPolicyOutputWithContext 

func (i *ClientTlsPolicy) ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput

type ClientTlsPolicyArgs 

type ClientTlsPolicyArgs struct {
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ClientCertificate ClientTlsPolicyClientCertificatePtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// Set of label tags associated with the ClientTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the client tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the ClientTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	// Structure is documented below.
	ServerValidationCas ClientTlsPolicyServerValidationCaArrayInput
	// Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni pulumi.StringPtrInput
}

The set of arguments for constructing a ClientTlsPolicy resource.

func (ClientTlsPolicyArgs) ElementType 

func (ClientTlsPolicyArgs) ElementType() reflect.Type

type ClientTlsPolicyArray 

type ClientTlsPolicyArray []ClientTlsPolicyInput

func (ClientTlsPolicyArray) ElementType 

func (ClientTlsPolicyArray) ElementType() reflect.Type

func (ClientTlsPolicyArray) ToClientTlsPolicyArrayOutput 

func (i ClientTlsPolicyArray) ToClientTlsPolicyArrayOutput() ClientTlsPolicyArrayOutput

func (ClientTlsPolicyArray) ToClientTlsPolicyArrayOutputWithContext 

func (i ClientTlsPolicyArray) ToClientTlsPolicyArrayOutputWithContext(ctx context.Context) ClientTlsPolicyArrayOutput

type ClientTlsPolicyArrayInput 

type ClientTlsPolicyArrayInput interface {
	pulumi.Input

	ToClientTlsPolicyArrayOutput() ClientTlsPolicyArrayOutput
	ToClientTlsPolicyArrayOutputWithContext(context.Context) ClientTlsPolicyArrayOutput
}

ClientTlsPolicyArrayInput is an input type that accepts ClientTlsPolicyArray and ClientTlsPolicyArrayOutput values. You can construct a concrete instance of `ClientTlsPolicyArrayInput` via: 

ClientTlsPolicyArray{ ClientTlsPolicyArgs{...} }

type ClientTlsPolicyArrayOutput 

type ClientTlsPolicyArrayOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyArrayOutput) ElementType 

func (ClientTlsPolicyArrayOutput) ElementType() reflect.Type

func (ClientTlsPolicyArrayOutput) Index 

func (o ClientTlsPolicyArrayOutput) Index(i pulumi.IntInput) ClientTlsPolicyOutput

func (ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutput 

func (o ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutput() ClientTlsPolicyArrayOutput

func (ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutputWithContext 

func (o ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutputWithContext(ctx context.Context) ClientTlsPolicyArrayOutput

type ClientTlsPolicyClientCertificate 

type ClientTlsPolicyClientCertificate struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance *ClientTlsPolicyClientCertificateCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ClientTlsPolicyClientCertificateGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ClientTlsPolicyClientCertificateArgs 

type ClientTlsPolicyClientCertificateArgs struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ClientTlsPolicyClientCertificateGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ClientTlsPolicyClientCertificateArgs) ElementType 

func (ClientTlsPolicyClientCertificateArgs) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutput 

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutput() ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutputWithContext 

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutput 

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutputWithContext 

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificatePtrOutput

type ClientTlsPolicyClientCertificateCertificateProviderInstance 

type ClientTlsPolicyClientCertificateCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs 

type ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ElementType 

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput 

func (i ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput() ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext 

func (i ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput 

func (i ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext 

func (i ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

type ClientTlsPolicyClientCertificateCertificateProviderInstanceInput 

type ClientTlsPolicyClientCertificateCertificateProviderInstanceInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput() ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput
	ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext(context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput
}

ClientTlsPolicyClientCertificateCertificateProviderInstanceInput is an input type that accepts ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs and ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateCertificateProviderInstanceInput` via: 

ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs{...}

type ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput 

type ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ElementType 

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) PluginInstance 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) PluginInstance() pulumi.StringOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput() ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput 

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput
	ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput
}

ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput is an input type that accepts ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs, ClientTlsPolicyClientCertificateCertificateProviderInstancePtr and ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput` via: 

        ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs{...}

or:

        nil

func ClientTlsPolicyClientCertificateCertificateProviderInstancePtr 

func ClientTlsPolicyClientCertificateCertificateProviderInstancePtr(v *ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput 

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) Elem 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) Elem() ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ElementType 

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) PluginInstance 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) PluginInstance() pulumi.StringPtrOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext 

func (o ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

type ClientTlsPolicyClientCertificateGrpcEndpoint 

type ClientTlsPolicyClientCertificateGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ClientTlsPolicyClientCertificateGrpcEndpointArgs 

type ClientTlsPolicyClientCertificateGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ElementType 

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutput 

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutput() ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext 

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput 

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext 

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

type ClientTlsPolicyClientCertificateGrpcEndpointInput 

type ClientTlsPolicyClientCertificateGrpcEndpointInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateGrpcEndpointOutput() ClientTlsPolicyClientCertificateGrpcEndpointOutput
	ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext(context.Context) ClientTlsPolicyClientCertificateGrpcEndpointOutput
}

ClientTlsPolicyClientCertificateGrpcEndpointInput is an input type that accepts ClientTlsPolicyClientCertificateGrpcEndpointArgs and ClientTlsPolicyClientCertificateGrpcEndpointOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateGrpcEndpointInput` via: 

ClientTlsPolicyClientCertificateGrpcEndpointArgs{...}

type ClientTlsPolicyClientCertificateGrpcEndpointOutput 

type ClientTlsPolicyClientCertificateGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ElementType 

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) TargetUri 

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) TargetUri() pulumi.StringOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutput 

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutput() ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext 

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput 

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext 

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

type ClientTlsPolicyClientCertificateGrpcEndpointPtrInput 

type ClientTlsPolicyClientCertificateGrpcEndpointPtrInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput
	ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput
}

ClientTlsPolicyClientCertificateGrpcEndpointPtrInput is an input type that accepts ClientTlsPolicyClientCertificateGrpcEndpointArgs, ClientTlsPolicyClientCertificateGrpcEndpointPtr and ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateGrpcEndpointPtrInput` via: 

        ClientTlsPolicyClientCertificateGrpcEndpointArgs{...}

or:

        nil

func ClientTlsPolicyClientCertificateGrpcEndpointPtr 

func ClientTlsPolicyClientCertificateGrpcEndpointPtr(v *ClientTlsPolicyClientCertificateGrpcEndpointArgs) ClientTlsPolicyClientCertificateGrpcEndpointPtrInput

type ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput 

type ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) Elem 

func (o ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) Elem() ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ElementType 

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) TargetUri 

func (o ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) TargetUri() pulumi.StringPtrOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput 

func (o ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext 

func (o ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

type ClientTlsPolicyClientCertificateInput 

type ClientTlsPolicyClientCertificateInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateOutput() ClientTlsPolicyClientCertificateOutput
	ToClientTlsPolicyClientCertificateOutputWithContext(context.Context) ClientTlsPolicyClientCertificateOutput
}

ClientTlsPolicyClientCertificateInput is an input type that accepts ClientTlsPolicyClientCertificateArgs and ClientTlsPolicyClientCertificateOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateInput` via: 

ClientTlsPolicyClientCertificateArgs{...}

type ClientTlsPolicyClientCertificateOutput 

type ClientTlsPolicyClientCertificateOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateOutput) CertificateProviderInstance 

func (o ClientTlsPolicyClientCertificateOutput) CertificateProviderInstance() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information. Structure is documented below.

func (ClientTlsPolicyClientCertificateOutput) ElementType 

func (ClientTlsPolicyClientCertificateOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificateOutput) GrpcEndpoint 

func (o ClientTlsPolicyClientCertificateOutput) GrpcEndpoint() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutput 

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutput() ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutputWithContext 

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutput 

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext 

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificatePtrOutput

type ClientTlsPolicyClientCertificatePtrInput 

type ClientTlsPolicyClientCertificatePtrInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput
	ToClientTlsPolicyClientCertificatePtrOutputWithContext(context.Context) ClientTlsPolicyClientCertificatePtrOutput
}

ClientTlsPolicyClientCertificatePtrInput is an input type that accepts ClientTlsPolicyClientCertificateArgs, ClientTlsPolicyClientCertificatePtr and ClientTlsPolicyClientCertificatePtrOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificatePtrInput` via: 

        ClientTlsPolicyClientCertificateArgs{...}

or:

        nil

func ClientTlsPolicyClientCertificatePtr 

func ClientTlsPolicyClientCertificatePtr(v *ClientTlsPolicyClientCertificateArgs) ClientTlsPolicyClientCertificatePtrInput

type ClientTlsPolicyClientCertificatePtrOutput 

type ClientTlsPolicyClientCertificatePtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificatePtrOutput) CertificateProviderInstance 

func (o ClientTlsPolicyClientCertificatePtrOutput) CertificateProviderInstance() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information. Structure is documented below.

func (ClientTlsPolicyClientCertificatePtrOutput) Elem 

func (o ClientTlsPolicyClientCertificatePtrOutput) Elem() ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificatePtrOutput) ElementType 

func (ClientTlsPolicyClientCertificatePtrOutput) ElementType() reflect.Type

func (ClientTlsPolicyClientCertificatePtrOutput) GrpcEndpoint 

func (o ClientTlsPolicyClientCertificatePtrOutput) GrpcEndpoint() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutput 

func (o ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput

func (ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext 

func (o ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificatePtrOutput

type ClientTlsPolicyInput 

type ClientTlsPolicyInput interface {
	pulumi.Input

	ToClientTlsPolicyOutput() ClientTlsPolicyOutput
	ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput
}

type ClientTlsPolicyMap 

type ClientTlsPolicyMap map[string]ClientTlsPolicyInput

func (ClientTlsPolicyMap) ElementType 

func (ClientTlsPolicyMap) ElementType() reflect.Type

func (ClientTlsPolicyMap) ToClientTlsPolicyMapOutput 

func (i ClientTlsPolicyMap) ToClientTlsPolicyMapOutput() ClientTlsPolicyMapOutput

func (ClientTlsPolicyMap) ToClientTlsPolicyMapOutputWithContext 

func (i ClientTlsPolicyMap) ToClientTlsPolicyMapOutputWithContext(ctx context.Context) ClientTlsPolicyMapOutput

type ClientTlsPolicyMapInput 

type ClientTlsPolicyMapInput interface {
	pulumi.Input

	ToClientTlsPolicyMapOutput() ClientTlsPolicyMapOutput
	ToClientTlsPolicyMapOutputWithContext(context.Context) ClientTlsPolicyMapOutput
}

ClientTlsPolicyMapInput is an input type that accepts ClientTlsPolicyMap and ClientTlsPolicyMapOutput values. You can construct a concrete instance of `ClientTlsPolicyMapInput` via: 

ClientTlsPolicyMap{ "key": ClientTlsPolicyArgs{...} }

type ClientTlsPolicyMapOutput 

type ClientTlsPolicyMapOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyMapOutput) ElementType 

func (ClientTlsPolicyMapOutput) ElementType() reflect.Type

func (ClientTlsPolicyMapOutput) MapIndex 

func (o ClientTlsPolicyMapOutput) MapIndex(k pulumi.StringInput) ClientTlsPolicyOutput

func (ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutput 

func (o ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutput() ClientTlsPolicyMapOutput

func (ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutputWithContext 

func (o ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutputWithContext(ctx context.Context) ClientTlsPolicyMapOutput

type ClientTlsPolicyOutput 

type ClientTlsPolicyOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyOutput) ClientCertificate 

func (o ClientTlsPolicyOutput) ClientCertificate() ClientTlsPolicyClientCertificatePtrOutput

Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS. Structure is documented below.

func (ClientTlsPolicyOutput) CreateTime 

func (o ClientTlsPolicyOutput) CreateTime() pulumi.StringOutput

Time the ClientTlsPolicy was created in UTC.

func (ClientTlsPolicyOutput) Description 

func (o ClientTlsPolicyOutput) Description() pulumi.StringPtrOutput

A free-text description of the resource. Max length 1024 characters.

func (ClientTlsPolicyOutput) EffectiveLabels 

func (o ClientTlsPolicyOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (ClientTlsPolicyOutput) ElementType 

func (ClientTlsPolicyOutput) ElementType() reflect.Type

func (ClientTlsPolicyOutput) Labels 

func (o ClientTlsPolicyOutput) Labels() pulumi.StringMapOutput

Set of label tags associated with the ClientTlsPolicy resource. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (ClientTlsPolicyOutput) Location 

func (o ClientTlsPolicyOutput) Location() pulumi.StringPtrOutput

The location of the client tls policy. The default value is `global`.

func (ClientTlsPolicyOutput) Name 

func (o ClientTlsPolicyOutput) Name() pulumi.StringOutput

Name of the ClientTlsPolicy resource.

***

func (ClientTlsPolicyOutput) Project 

func (o ClientTlsPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (ClientTlsPolicyOutput) PulumiLabels 

func (o ClientTlsPolicyOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (ClientTlsPolicyOutput) ServerValidationCas 

func (o ClientTlsPolicyOutput) ServerValidationCas() ClientTlsPolicyServerValidationCaArrayOutput

Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate. Structure is documented below.

func (ClientTlsPolicyOutput) Sni 

func (o ClientTlsPolicyOutput) Sni() pulumi.StringPtrOutput

Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

func (ClientTlsPolicyOutput) ToClientTlsPolicyOutput 

func (o ClientTlsPolicyOutput) ToClientTlsPolicyOutput() ClientTlsPolicyOutput

func (ClientTlsPolicyOutput) ToClientTlsPolicyOutputWithContext 

func (o ClientTlsPolicyOutput) ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput

func (ClientTlsPolicyOutput) UpdateTime 

func (o ClientTlsPolicyOutput) UpdateTime() pulumi.StringOutput

Time the ClientTlsPolicy was updated in UTC.

type ClientTlsPolicyServerValidationCa 

type ClientTlsPolicyServerValidationCa struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance *ClientTlsPolicyServerValidationCaCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ClientTlsPolicyServerValidationCaGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ClientTlsPolicyServerValidationCaArgs 

type ClientTlsPolicyServerValidationCaArgs struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ClientTlsPolicyServerValidationCaArgs) ElementType 

func (ClientTlsPolicyServerValidationCaArgs) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutput 

func (i ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutput() ClientTlsPolicyServerValidationCaOutput

func (ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutputWithContext 

func (i ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaOutput

type ClientTlsPolicyServerValidationCaArray 

type ClientTlsPolicyServerValidationCaArray []ClientTlsPolicyServerValidationCaInput

func (ClientTlsPolicyServerValidationCaArray) ElementType 

func (ClientTlsPolicyServerValidationCaArray) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutput 

func (i ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutput() ClientTlsPolicyServerValidationCaArrayOutput

func (ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutputWithContext 

func (i ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaArrayOutput

type ClientTlsPolicyServerValidationCaArrayInput 

type ClientTlsPolicyServerValidationCaArrayInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaArrayOutput() ClientTlsPolicyServerValidationCaArrayOutput
	ToClientTlsPolicyServerValidationCaArrayOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaArrayOutput
}

ClientTlsPolicyServerValidationCaArrayInput is an input type that accepts ClientTlsPolicyServerValidationCaArray and ClientTlsPolicyServerValidationCaArrayOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaArrayInput` via: 

ClientTlsPolicyServerValidationCaArray{ ClientTlsPolicyServerValidationCaArgs{...} }

type ClientTlsPolicyServerValidationCaArrayOutput 

type ClientTlsPolicyServerValidationCaArrayOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaArrayOutput) ElementType 

func (ClientTlsPolicyServerValidationCaArrayOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaArrayOutput) Index 

func (o ClientTlsPolicyServerValidationCaArrayOutput) Index(i pulumi.IntInput) ClientTlsPolicyServerValidationCaOutput

func (ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutput 

func (o ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutput() ClientTlsPolicyServerValidationCaArrayOutput

func (ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutputWithContext 

func (o ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaArrayOutput

type ClientTlsPolicyServerValidationCaCertificateProviderInstance 

type ClientTlsPolicyServerValidationCaCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs 

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ElementType 

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput 

func (i ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext 

func (i ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput 

func (i ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext 

func (i ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput 

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput
	ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput
}

ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput is an input type that accepts ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs and ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput` via: 

ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs{...}

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput 

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ElementType 

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) PluginInstance 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) PluginInstance() pulumi.StringOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput 

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput
	ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput
}

ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput is an input type that accepts ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs, ClientTlsPolicyServerValidationCaCertificateProviderInstancePtr and ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput` via: 

        ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs{...}

or:

        nil

func ClientTlsPolicyServerValidationCaCertificateProviderInstancePtr 

func ClientTlsPolicyServerValidationCaCertificateProviderInstancePtr(v *ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput 

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) Elem 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) Elem() ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ElementType 

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) PluginInstance 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) PluginInstance() pulumi.StringPtrOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext 

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

type ClientTlsPolicyServerValidationCaGrpcEndpoint 

type ClientTlsPolicyServerValidationCaGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ClientTlsPolicyServerValidationCaGrpcEndpointArgs 

type ClientTlsPolicyServerValidationCaGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ElementType 

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput 

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput() ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext 

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput 

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext 

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

type ClientTlsPolicyServerValidationCaGrpcEndpointInput 

type ClientTlsPolicyServerValidationCaGrpcEndpointInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaGrpcEndpointOutput() ClientTlsPolicyServerValidationCaGrpcEndpointOutput
	ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointOutput
}

ClientTlsPolicyServerValidationCaGrpcEndpointInput is an input type that accepts ClientTlsPolicyServerValidationCaGrpcEndpointArgs and ClientTlsPolicyServerValidationCaGrpcEndpointOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaGrpcEndpointInput` via: 

ClientTlsPolicyServerValidationCaGrpcEndpointArgs{...}

type ClientTlsPolicyServerValidationCaGrpcEndpointOutput 

type ClientTlsPolicyServerValidationCaGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ElementType 

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) TargetUri 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) TargetUri() pulumi.StringOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput() ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput 

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput
	ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput
}

ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput is an input type that accepts ClientTlsPolicyServerValidationCaGrpcEndpointArgs, ClientTlsPolicyServerValidationCaGrpcEndpointPtr and ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput` via: 

        ClientTlsPolicyServerValidationCaGrpcEndpointArgs{...}

or:

        nil

func ClientTlsPolicyServerValidationCaGrpcEndpointPtr 

func ClientTlsPolicyServerValidationCaGrpcEndpointPtr(v *ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput 

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) Elem 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) Elem() ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ElementType 

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) TargetUri 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) TargetUri() pulumi.StringPtrOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext 

func (o ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

type ClientTlsPolicyServerValidationCaInput 

type ClientTlsPolicyServerValidationCaInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaOutput() ClientTlsPolicyServerValidationCaOutput
	ToClientTlsPolicyServerValidationCaOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaOutput
}

ClientTlsPolicyServerValidationCaInput is an input type that accepts ClientTlsPolicyServerValidationCaArgs and ClientTlsPolicyServerValidationCaOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaInput` via: 

ClientTlsPolicyServerValidationCaArgs{...}

type ClientTlsPolicyServerValidationCaOutput 

type ClientTlsPolicyServerValidationCaOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaOutput) CertificateProviderInstance 

func (o ClientTlsPolicyServerValidationCaOutput) CertificateProviderInstance() ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information. Structure is documented below.

func (ClientTlsPolicyServerValidationCaOutput) ElementType 

func (ClientTlsPolicyServerValidationCaOutput) ElementType() reflect.Type

func (ClientTlsPolicyServerValidationCaOutput) GrpcEndpoint 

func (o ClientTlsPolicyServerValidationCaOutput) GrpcEndpoint() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutput 

func (o ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutput() ClientTlsPolicyServerValidationCaOutput

func (ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutputWithContext 

func (o ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaOutput

type ClientTlsPolicyState 

type ClientTlsPolicyState struct {
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ClientCertificate ClientTlsPolicyClientCertificatePtrInput
	// Time the ClientTlsPolicy was created in UTC.
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Set of label tags associated with the ClientTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the client tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the ClientTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	// Structure is documented below.
	ServerValidationCas ClientTlsPolicyServerValidationCaArrayInput
	// Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni pulumi.StringPtrInput
	// Time the ClientTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (ClientTlsPolicyState) ElementType 

func (ClientTlsPolicyState) ElementType() reflect.Type

type FirewallEndpoint 

type FirewallEndpoint struct {
	pulumi.CustomResourceState

	// List of networks that are associated with this endpoint in the local zone.
	// This is a projection of the FirewallEndpointAssociations pointing at this
	// endpoint. A network will only appear in this list after traffic routing is
	// fully configured. Format: projects/{project}/global/networks/{name}.
	AssociatedNetworks pulumi.StringArrayOutput `pulumi:"associatedNetworks"`
	// Project to bill on endpoint uptime usage.
	BillingProjectId pulumi.StringOutput `pulumi:"billingProjectId"`
	// Time the firewall endpoint was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location (zone) of the firewall endpoint.
	Location pulumi.StringOutput `pulumi:"location"`
	// The name of the firewall endpoint resource.
	Name pulumi.StringOutput `pulumi:"name"`
	// The name of the parent this firewall endpoint belongs to.
	// Format: organizations/{organization_id}.
	//
	// ***
	Parent pulumi.StringOutput `pulumi:"parent"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Whether reconciling is in progress, recommended per https://google.aip.dev/128.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// The current state of the endpoint.
	State pulumi.StringOutput `pulumi:"state"`
	// Time the firewall endpoint was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

A Firewall endpoint is a Cloud Firewall resource that enables layer 7 advanced protection capabilities, such as intrusion prevention, in your network.

To get more information about FirewallEndpoint, see:

* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/organizations.locations.firewallEndpoints) * How-to Guides

> **Warning:** If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billingProjectId` and set `userProjectOverride` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billingProjectId` you defined.

## Example Usage

### Network Security Firewall Endpoint Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewFirewallEndpoint(ctx, "default", &networksecurity.FirewallEndpointArgs{
			Name:             pulumi.String("my-firewall-endpoint"),
			Parent:           pulumi.String("organizations/123456789"),
			Location:         pulumi.String("us-central1-a"),
			BillingProjectId: pulumi.String("my-project-name"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

FirewallEndpoint can be imported using any of these accepted formats:

* `{{parent}}/locations/{{location}}/firewallEndpoints/{{name}}`

When using the `pulumi import` command, FirewallEndpoint can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/firewallEndpoint:FirewallEndpoint default {{parent}}/locations/{{location}}/firewallEndpoints/{{name}} ```

func GetFirewallEndpoint 

func GetFirewallEndpoint(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *FirewallEndpointState, opts ...pulumi.ResourceOption) (*FirewallEndpoint, error)

GetFirewallEndpoint gets an existing FirewallEndpoint resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewFirewallEndpoint 

func NewFirewallEndpoint(ctx *pulumi.Context,
	name string, args *FirewallEndpointArgs, opts ...pulumi.ResourceOption) (*FirewallEndpoint, error)

NewFirewallEndpoint registers a new resource with the given unique name, arguments, and options.

func (*FirewallEndpoint) ElementType 

func (*FirewallEndpoint) ElementType() reflect.Type

func (*FirewallEndpoint) ToFirewallEndpointOutput 

func (i *FirewallEndpoint) ToFirewallEndpointOutput() FirewallEndpointOutput

func (*FirewallEndpoint) ToFirewallEndpointOutputWithContext 

func (i *FirewallEndpoint) ToFirewallEndpointOutputWithContext(ctx context.Context) FirewallEndpointOutput

type FirewallEndpointArgs 

type FirewallEndpointArgs struct {
	// Project to bill on endpoint uptime usage.
	BillingProjectId pulumi.StringInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location (zone) of the firewall endpoint.
	Location pulumi.StringInput
	// The name of the firewall endpoint resource.
	Name pulumi.StringPtrInput
	// The name of the parent this firewall endpoint belongs to.
	// Format: organizations/{organization_id}.
	//
	// ***
	Parent pulumi.StringInput
}

The set of arguments for constructing a FirewallEndpoint resource.

func (FirewallEndpointArgs) ElementType 

func (FirewallEndpointArgs) ElementType() reflect.Type

type FirewallEndpointArray 

type FirewallEndpointArray []FirewallEndpointInput

func (FirewallEndpointArray) ElementType 

func (FirewallEndpointArray) ElementType() reflect.Type

func (FirewallEndpointArray) ToFirewallEndpointArrayOutput 

func (i FirewallEndpointArray) ToFirewallEndpointArrayOutput() FirewallEndpointArrayOutput

func (FirewallEndpointArray) ToFirewallEndpointArrayOutputWithContext 

func (i FirewallEndpointArray) ToFirewallEndpointArrayOutputWithContext(ctx context.Context) FirewallEndpointArrayOutput

type FirewallEndpointArrayInput 

type FirewallEndpointArrayInput interface {
	pulumi.Input

	ToFirewallEndpointArrayOutput() FirewallEndpointArrayOutput
	ToFirewallEndpointArrayOutputWithContext(context.Context) FirewallEndpointArrayOutput
}

FirewallEndpointArrayInput is an input type that accepts FirewallEndpointArray and FirewallEndpointArrayOutput values. You can construct a concrete instance of `FirewallEndpointArrayInput` via: 

FirewallEndpointArray{ FirewallEndpointArgs{...} }

type FirewallEndpointArrayOutput 

type FirewallEndpointArrayOutput struct{ *pulumi.OutputState }

func (FirewallEndpointArrayOutput) ElementType 

func (FirewallEndpointArrayOutput) ElementType() reflect.Type

func (FirewallEndpointArrayOutput) Index 

func (o FirewallEndpointArrayOutput) Index(i pulumi.IntInput) FirewallEndpointOutput

func (FirewallEndpointArrayOutput) ToFirewallEndpointArrayOutput 

func (o FirewallEndpointArrayOutput) ToFirewallEndpointArrayOutput() FirewallEndpointArrayOutput

func (FirewallEndpointArrayOutput) ToFirewallEndpointArrayOutputWithContext 

func (o FirewallEndpointArrayOutput) ToFirewallEndpointArrayOutputWithContext(ctx context.Context) FirewallEndpointArrayOutput

type FirewallEndpointAssociation 

type FirewallEndpointAssociation struct {
	pulumi.CustomResourceState

	// Time the firewall endpoint was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Whether the association is disabled. True indicates that traffic will not be intercepted.
	// > **Note:** The API will reject the request if this value is set to true when creating the resource,
	// otherwise on an update the association can be disabled.
	Disabled pulumi.BoolPtrOutput `pulumi:"disabled"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// The URL of the firewall endpoint that is being associated.
	FirewallEndpoint pulumi.StringOutput `pulumi:"firewallEndpoint"`
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location (zone) of the firewall endpoint association.
	//
	// ***
	Location pulumi.StringOutput `pulumi:"location"`
	// The name of the firewall endpoint association resource.
	Name pulumi.StringOutput `pulumi:"name"`
	// The URL of the network that is being associated.
	Network pulumi.StringOutput `pulumi:"network"`
	// The name of the parent this firewall endpoint association belongs to.
	// Format: projects/{project_id}.
	Parent pulumi.StringPtrOutput `pulumi:"parent"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Whether reconciling is in progress, recommended per https://google.aip.dev/128.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// The current state of the endpoint.
	State pulumi.StringOutput `pulumi:"state"`
	// The URL of the TlsInspectionPolicy that is being associated.
	TlsInspectionPolicy pulumi.StringPtrOutput `pulumi:"tlsInspectionPolicy"`
	// Time the firewall endpoint was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Firewall endpoint association links a firewall endpoint to a VPC network in the same zone. After you define this association, Cloud Firewall forwards the zonal workload traffic in your VPC network that requires layer 7 inspection to the attached firewall endpoint.

To get more information about FirewallEndpointAssociation, see:

* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/projects.locations.firewallEndpointAssociations#FirewallEndpointAssociation) * How-to Guides

> **Warning:** If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billingProjectId` and set `userProjectOverride` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billingProjectId` you defined.

## Example Usage

## Import

FirewallEndpointAssociation can be imported using any of these accepted formats:

* `{{parent}}/locations/{{location}}/firewallEndpointAssociations/{{name}}`

When using the `pulumi import` command, FirewallEndpointAssociation can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/firewallEndpointAssociation:FirewallEndpointAssociation default {{parent}}/locations/{{location}}/firewallEndpointAssociations/{{name}} ```

func GetFirewallEndpointAssociation 

func GetFirewallEndpointAssociation(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *FirewallEndpointAssociationState, opts ...pulumi.ResourceOption) (*FirewallEndpointAssociation, error)

GetFirewallEndpointAssociation gets an existing FirewallEndpointAssociation resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewFirewallEndpointAssociation 

func NewFirewallEndpointAssociation(ctx *pulumi.Context,
	name string, args *FirewallEndpointAssociationArgs, opts ...pulumi.ResourceOption) (*FirewallEndpointAssociation, error)

NewFirewallEndpointAssociation registers a new resource with the given unique name, arguments, and options.

func (*FirewallEndpointAssociation) ElementType 

func (*FirewallEndpointAssociation) ElementType() reflect.Type

func (*FirewallEndpointAssociation) ToFirewallEndpointAssociationOutput 

func (i *FirewallEndpointAssociation) ToFirewallEndpointAssociationOutput() FirewallEndpointAssociationOutput

func (*FirewallEndpointAssociation) ToFirewallEndpointAssociationOutputWithContext 

func (i *FirewallEndpointAssociation) ToFirewallEndpointAssociationOutputWithContext(ctx context.Context) FirewallEndpointAssociationOutput

type FirewallEndpointAssociationArgs 

type FirewallEndpointAssociationArgs struct {
	// Whether the association is disabled. True indicates that traffic will not be intercepted.
	// > **Note:** The API will reject the request if this value is set to true when creating the resource,
	// otherwise on an update the association can be disabled.
	Disabled pulumi.BoolPtrInput
	// The URL of the firewall endpoint that is being associated.
	FirewallEndpoint pulumi.StringInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location (zone) of the firewall endpoint association.
	//
	// ***
	Location pulumi.StringInput
	// The name of the firewall endpoint association resource.
	Name pulumi.StringPtrInput
	// The URL of the network that is being associated.
	Network pulumi.StringInput
	// The name of the parent this firewall endpoint association belongs to.
	// Format: projects/{project_id}.
	Parent pulumi.StringPtrInput
	// The URL of the TlsInspectionPolicy that is being associated.
	TlsInspectionPolicy pulumi.StringPtrInput
}

The set of arguments for constructing a FirewallEndpointAssociation resource.

func (FirewallEndpointAssociationArgs) ElementType 

func (FirewallEndpointAssociationArgs) ElementType() reflect.Type

type FirewallEndpointAssociationArray 

type FirewallEndpointAssociationArray []FirewallEndpointAssociationInput

func (FirewallEndpointAssociationArray) ElementType 

func (FirewallEndpointAssociationArray) ElementType() reflect.Type

func (FirewallEndpointAssociationArray) ToFirewallEndpointAssociationArrayOutput 

func (i FirewallEndpointAssociationArray) ToFirewallEndpointAssociationArrayOutput() FirewallEndpointAssociationArrayOutput

func (FirewallEndpointAssociationArray) ToFirewallEndpointAssociationArrayOutputWithContext 

func (i FirewallEndpointAssociationArray) ToFirewallEndpointAssociationArrayOutputWithContext(ctx context.Context) FirewallEndpointAssociationArrayOutput

type FirewallEndpointAssociationArrayInput 

type FirewallEndpointAssociationArrayInput interface {
	pulumi.Input

	ToFirewallEndpointAssociationArrayOutput() FirewallEndpointAssociationArrayOutput
	ToFirewallEndpointAssociationArrayOutputWithContext(context.Context) FirewallEndpointAssociationArrayOutput
}

FirewallEndpointAssociationArrayInput is an input type that accepts FirewallEndpointAssociationArray and FirewallEndpointAssociationArrayOutput values. You can construct a concrete instance of `FirewallEndpointAssociationArrayInput` via: 

FirewallEndpointAssociationArray{ FirewallEndpointAssociationArgs{...} }

type FirewallEndpointAssociationArrayOutput 

type FirewallEndpointAssociationArrayOutput struct{ *pulumi.OutputState }

func (FirewallEndpointAssociationArrayOutput) ElementType 

func (FirewallEndpointAssociationArrayOutput) ElementType() reflect.Type

func (FirewallEndpointAssociationArrayOutput) Index 

func (o FirewallEndpointAssociationArrayOutput) Index(i pulumi.IntInput) FirewallEndpointAssociationOutput

func (FirewallEndpointAssociationArrayOutput) ToFirewallEndpointAssociationArrayOutput 

func (o FirewallEndpointAssociationArrayOutput) ToFirewallEndpointAssociationArrayOutput() FirewallEndpointAssociationArrayOutput

func (FirewallEndpointAssociationArrayOutput) ToFirewallEndpointAssociationArrayOutputWithContext 

func (o FirewallEndpointAssociationArrayOutput) ToFirewallEndpointAssociationArrayOutputWithContext(ctx context.Context) FirewallEndpointAssociationArrayOutput

type FirewallEndpointAssociationInput 

type FirewallEndpointAssociationInput interface {
	pulumi.Input

	ToFirewallEndpointAssociationOutput() FirewallEndpointAssociationOutput
	ToFirewallEndpointAssociationOutputWithContext(ctx context.Context) FirewallEndpointAssociationOutput
}

type FirewallEndpointAssociationMap 

type FirewallEndpointAssociationMap map[string]FirewallEndpointAssociationInput

func (FirewallEndpointAssociationMap) ElementType 

func (FirewallEndpointAssociationMap) ElementType() reflect.Type

func (FirewallEndpointAssociationMap) ToFirewallEndpointAssociationMapOutput 

func (i FirewallEndpointAssociationMap) ToFirewallEndpointAssociationMapOutput() FirewallEndpointAssociationMapOutput

func (FirewallEndpointAssociationMap) ToFirewallEndpointAssociationMapOutputWithContext 

func (i FirewallEndpointAssociationMap) ToFirewallEndpointAssociationMapOutputWithContext(ctx context.Context) FirewallEndpointAssociationMapOutput

type FirewallEndpointAssociationMapInput 

type FirewallEndpointAssociationMapInput interface {
	pulumi.Input

	ToFirewallEndpointAssociationMapOutput() FirewallEndpointAssociationMapOutput
	ToFirewallEndpointAssociationMapOutputWithContext(context.Context) FirewallEndpointAssociationMapOutput
}

FirewallEndpointAssociationMapInput is an input type that accepts FirewallEndpointAssociationMap and FirewallEndpointAssociationMapOutput values. You can construct a concrete instance of `FirewallEndpointAssociationMapInput` via: 

FirewallEndpointAssociationMap{ "key": FirewallEndpointAssociationArgs{...} }

type FirewallEndpointAssociationMapOutput 

type FirewallEndpointAssociationMapOutput struct{ *pulumi.OutputState }

func (FirewallEndpointAssociationMapOutput) ElementType 

func (FirewallEndpointAssociationMapOutput) ElementType() reflect.Type

func (FirewallEndpointAssociationMapOutput) MapIndex 

func (o FirewallEndpointAssociationMapOutput) MapIndex(k pulumi.StringInput) FirewallEndpointAssociationOutput

func (FirewallEndpointAssociationMapOutput) ToFirewallEndpointAssociationMapOutput 

func (o FirewallEndpointAssociationMapOutput) ToFirewallEndpointAssociationMapOutput() FirewallEndpointAssociationMapOutput

func (FirewallEndpointAssociationMapOutput) ToFirewallEndpointAssociationMapOutputWithContext 

func (o FirewallEndpointAssociationMapOutput) ToFirewallEndpointAssociationMapOutputWithContext(ctx context.Context) FirewallEndpointAssociationMapOutput

type FirewallEndpointAssociationOutput 

type FirewallEndpointAssociationOutput struct{ *pulumi.OutputState }

func (FirewallEndpointAssociationOutput) CreateTime 

func (o FirewallEndpointAssociationOutput) CreateTime() pulumi.StringOutput

Time the firewall endpoint was created in UTC.

func (FirewallEndpointAssociationOutput) Disabled 

func (o FirewallEndpointAssociationOutput) Disabled() pulumi.BoolPtrOutput

Whether the association is disabled. True indicates that traffic will not be intercepted. > **Note:** The API will reject the request if this value is set to true when creating the resource, otherwise on an update the association can be disabled.

func (FirewallEndpointAssociationOutput) EffectiveLabels 

func (o FirewallEndpointAssociationOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (FirewallEndpointAssociationOutput) ElementType 

func (FirewallEndpointAssociationOutput) ElementType() reflect.Type

func (FirewallEndpointAssociationOutput) FirewallEndpoint 

func (o FirewallEndpointAssociationOutput) FirewallEndpoint() pulumi.StringOutput

The URL of the firewall endpoint that is being associated.

func (FirewallEndpointAssociationOutput) Labels 

func (o FirewallEndpointAssociationOutput) Labels() pulumi.StringMapOutput

A map of key/value label pairs to assign to the resource.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (FirewallEndpointAssociationOutput) Location 

func (o FirewallEndpointAssociationOutput) Location() pulumi.StringOutput

The location (zone) of the firewall endpoint association.

***

func (FirewallEndpointAssociationOutput) Name 

func (o FirewallEndpointAssociationOutput) Name() pulumi.StringOutput

The name of the firewall endpoint association resource.

func (FirewallEndpointAssociationOutput) Network 

func (o FirewallEndpointAssociationOutput) Network() pulumi.StringOutput

The URL of the network that is being associated.

func (FirewallEndpointAssociationOutput) Parent 

func (o FirewallEndpointAssociationOutput) Parent() pulumi.StringPtrOutput

The name of the parent this firewall endpoint association belongs to. Format: projects/{project_id}.

func (FirewallEndpointAssociationOutput) PulumiLabels 

func (o FirewallEndpointAssociationOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (FirewallEndpointAssociationOutput) Reconciling 

func (o FirewallEndpointAssociationOutput) Reconciling() pulumi.BoolOutput

Whether reconciling is in progress, recommended per https://google.aip.dev/128. 

func (o FirewallEndpointAssociationOutput) SelfLink() pulumi.StringOutput

Server-defined URL of this resource.

func (FirewallEndpointAssociationOutput) State 

func (o FirewallEndpointAssociationOutput) State() pulumi.StringOutput

The current state of the endpoint.

func (FirewallEndpointAssociationOutput) TlsInspectionPolicy 

func (o FirewallEndpointAssociationOutput) TlsInspectionPolicy() pulumi.StringPtrOutput

The URL of the TlsInspectionPolicy that is being associated.

func (FirewallEndpointAssociationOutput) ToFirewallEndpointAssociationOutput 

func (o FirewallEndpointAssociationOutput) ToFirewallEndpointAssociationOutput() FirewallEndpointAssociationOutput

func (FirewallEndpointAssociationOutput) ToFirewallEndpointAssociationOutputWithContext 

func (o FirewallEndpointAssociationOutput) ToFirewallEndpointAssociationOutputWithContext(ctx context.Context) FirewallEndpointAssociationOutput

func (FirewallEndpointAssociationOutput) UpdateTime 

func (o FirewallEndpointAssociationOutput) UpdateTime() pulumi.StringOutput

Time the firewall endpoint was updated in UTC.

type FirewallEndpointAssociationState 

type FirewallEndpointAssociationState struct {
	// Time the firewall endpoint was created in UTC.
	CreateTime pulumi.StringPtrInput
	// Whether the association is disabled. True indicates that traffic will not be intercepted.
	// > **Note:** The API will reject the request if this value is set to true when creating the resource,
	// otherwise on an update the association can be disabled.
	Disabled pulumi.BoolPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// The URL of the firewall endpoint that is being associated.
	FirewallEndpoint pulumi.StringPtrInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location (zone) of the firewall endpoint association.
	//
	// ***
	Location pulumi.StringPtrInput
	// The name of the firewall endpoint association resource.
	Name pulumi.StringPtrInput
	// The URL of the network that is being associated.
	Network pulumi.StringPtrInput
	// The name of the parent this firewall endpoint association belongs to.
	// Format: projects/{project_id}.
	Parent pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Whether reconciling is in progress, recommended per https://google.aip.dev/128.
	Reconciling pulumi.BoolPtrInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// The current state of the endpoint.
	State pulumi.StringPtrInput
	// The URL of the TlsInspectionPolicy that is being associated.
	TlsInspectionPolicy pulumi.StringPtrInput
	// Time the firewall endpoint was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (FirewallEndpointAssociationState) ElementType 

func (FirewallEndpointAssociationState) ElementType() reflect.Type

type FirewallEndpointInput 

type FirewallEndpointInput interface {
	pulumi.Input

	ToFirewallEndpointOutput() FirewallEndpointOutput
	ToFirewallEndpointOutputWithContext(ctx context.Context) FirewallEndpointOutput
}

type FirewallEndpointMap 

type FirewallEndpointMap map[string]FirewallEndpointInput

func (FirewallEndpointMap) ElementType 

func (FirewallEndpointMap) ElementType() reflect.Type

func (FirewallEndpointMap) ToFirewallEndpointMapOutput 

func (i FirewallEndpointMap) ToFirewallEndpointMapOutput() FirewallEndpointMapOutput

func (FirewallEndpointMap) ToFirewallEndpointMapOutputWithContext 

func (i FirewallEndpointMap) ToFirewallEndpointMapOutputWithContext(ctx context.Context) FirewallEndpointMapOutput

type FirewallEndpointMapInput 

type FirewallEndpointMapInput interface {
	pulumi.Input

	ToFirewallEndpointMapOutput() FirewallEndpointMapOutput
	ToFirewallEndpointMapOutputWithContext(context.Context) FirewallEndpointMapOutput
}

FirewallEndpointMapInput is an input type that accepts FirewallEndpointMap and FirewallEndpointMapOutput values. You can construct a concrete instance of `FirewallEndpointMapInput` via: 

FirewallEndpointMap{ "key": FirewallEndpointArgs{...} }

type FirewallEndpointMapOutput 

type FirewallEndpointMapOutput struct{ *pulumi.OutputState }

func (FirewallEndpointMapOutput) ElementType 

func (FirewallEndpointMapOutput) ElementType() reflect.Type

func (FirewallEndpointMapOutput) MapIndex 

func (o FirewallEndpointMapOutput) MapIndex(k pulumi.StringInput) FirewallEndpointOutput

func (FirewallEndpointMapOutput) ToFirewallEndpointMapOutput 

func (o FirewallEndpointMapOutput) ToFirewallEndpointMapOutput() FirewallEndpointMapOutput

func (FirewallEndpointMapOutput) ToFirewallEndpointMapOutputWithContext 

func (o FirewallEndpointMapOutput) ToFirewallEndpointMapOutputWithContext(ctx context.Context) FirewallEndpointMapOutput

type FirewallEndpointOutput 

type FirewallEndpointOutput struct{ *pulumi.OutputState }

func (FirewallEndpointOutput) AssociatedNetworks 

func (o FirewallEndpointOutput) AssociatedNetworks() pulumi.StringArrayOutput

List of networks that are associated with this endpoint in the local zone. This is a projection of the FirewallEndpointAssociations pointing at this endpoint. A network will only appear in this list after traffic routing is fully configured. Format: projects/{project}/global/networks/{name}.

func (FirewallEndpointOutput) BillingProjectId 

func (o FirewallEndpointOutput) BillingProjectId() pulumi.StringOutput

Project to bill on endpoint uptime usage.

func (FirewallEndpointOutput) CreateTime 

func (o FirewallEndpointOutput) CreateTime() pulumi.StringOutput

Time the firewall endpoint was created in UTC.

func (FirewallEndpointOutput) EffectiveLabels 

func (o FirewallEndpointOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (FirewallEndpointOutput) ElementType 

func (FirewallEndpointOutput) ElementType() reflect.Type

func (FirewallEndpointOutput) Labels 

func (o FirewallEndpointOutput) Labels() pulumi.StringMapOutput

A map of key/value label pairs to assign to the resource.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (FirewallEndpointOutput) Location 

func (o FirewallEndpointOutput) Location() pulumi.StringOutput

The location (zone) of the firewall endpoint.

func (FirewallEndpointOutput) Name 

func (o FirewallEndpointOutput) Name() pulumi.StringOutput

The name of the firewall endpoint resource.

func (FirewallEndpointOutput) Parent 

func (o FirewallEndpointOutput) Parent() pulumi.StringOutput

The name of the parent this firewall endpoint belongs to. Format: organizations/{organization_id}.

***

func (FirewallEndpointOutput) PulumiLabels 

func (o FirewallEndpointOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (FirewallEndpointOutput) Reconciling 

func (o FirewallEndpointOutput) Reconciling() pulumi.BoolOutput

Whether reconciling is in progress, recommended per https://google.aip.dev/128. 

func (o FirewallEndpointOutput) SelfLink() pulumi.StringOutput

Server-defined URL of this resource.

func (FirewallEndpointOutput) State 

func (o FirewallEndpointOutput) State() pulumi.StringOutput

The current state of the endpoint.

func (FirewallEndpointOutput) ToFirewallEndpointOutput 

func (o FirewallEndpointOutput) ToFirewallEndpointOutput() FirewallEndpointOutput

func (FirewallEndpointOutput) ToFirewallEndpointOutputWithContext 

func (o FirewallEndpointOutput) ToFirewallEndpointOutputWithContext(ctx context.Context) FirewallEndpointOutput

func (FirewallEndpointOutput) UpdateTime 

func (o FirewallEndpointOutput) UpdateTime() pulumi.StringOutput

Time the firewall endpoint was updated in UTC.

type FirewallEndpointState 

type FirewallEndpointState struct {
	// List of networks that are associated with this endpoint in the local zone.
	// This is a projection of the FirewallEndpointAssociations pointing at this
	// endpoint. A network will only appear in this list after traffic routing is
	// fully configured. Format: projects/{project}/global/networks/{name}.
	AssociatedNetworks pulumi.StringArrayInput
	// Project to bill on endpoint uptime usage.
	BillingProjectId pulumi.StringPtrInput
	// Time the firewall endpoint was created in UTC.
	CreateTime pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location (zone) of the firewall endpoint.
	Location pulumi.StringPtrInput
	// The name of the firewall endpoint resource.
	Name pulumi.StringPtrInput
	// The name of the parent this firewall endpoint belongs to.
	// Format: organizations/{organization_id}.
	//
	// ***
	Parent pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Whether reconciling is in progress, recommended per https://google.aip.dev/128.
	Reconciling pulumi.BoolPtrInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// The current state of the endpoint.
	State pulumi.StringPtrInput
	// Time the firewall endpoint was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (FirewallEndpointState) ElementType 

func (FirewallEndpointState) ElementType() reflect.Type

type GatewaySecurityPolicy 

type GatewaySecurityPolicy struct {
	pulumi.CustomResourceState

	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The location of the gateway security policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy}
	// gatewaySecurityPolicy should match the pattern:(^a-z?$).
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.
	TlsInspectionPolicy pulumi.StringPtrOutput `pulumi:"tlsInspectionPolicy"`
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

The GatewaySecurityPolicy resource contains a collection of GatewaySecurityPolicyRules and associated metadata.

To get more information about GatewaySecurityPolicy, see:

* [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.gatewaySecurityPolicies)

## Example Usage

### Network Security Gateway Security Policy Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
			Name:        pulumi.String("my-gateway-security-policy"),
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("my description"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Gateway Security Policy Tls Inspection Basic

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificateauthority"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := certificateauthority.NewCaPool(ctx, "default", &certificateauthority.CaPoolArgs{
			Name:     pulumi.String("my-basic-ca-pool"),
			Location: pulumi.String("us-central1"),
			Tier:     pulumi.String("DEVOPS"),
			PublishingOptions: &certificateauthority.CaPoolPublishingOptionsArgs{
				PublishCaCert: pulumi.Bool(false),
				PublishCrl:    pulumi.Bool(false),
			},
			IssuancePolicy: &certificateauthority.CaPoolIssuancePolicyArgs{
				MaximumLifetime: pulumi.String("1209600s"),
				BaselineValues: &certificateauthority.CaPoolIssuancePolicyBaselineValuesArgs{
					CaOptions: &certificateauthority.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs{
						IsCa: pulumi.Bool(false),
					},
					KeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs{
						BaseKeyUsage: nil,
						ExtendedKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(true),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		defaultAuthority, err := certificateauthority.NewAuthority(ctx, "default", &certificateauthority.AuthorityArgs{
			Pool:                               _default.Name,
			CertificateAuthorityId:             pulumi.String("my-basic-certificate-authority"),
			Location:                           pulumi.String("us-central1"),
			Lifetime:                           pulumi.String("86400s"),
			Type:                               pulumi.String("SELF_SIGNED"),
			DeletionProtection:                 pulumi.Bool(false),
			SkipGracePeriod:                    pulumi.Bool(true),
			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
			Config: &certificateauthority.AuthorityConfigArgs{
				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
						Organization: pulumi.String("Test LLC"),
						CommonName:   pulumi.String("my-ca"),
					},
				},
				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
						IsCa: pulumi.Bool(true),
					},
					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
							CertSign: pulumi.Bool(true),
							CrlSign:  pulumi.Bool(true),
						},
						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(false),
						},
					},
				},
			},
			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
			},
		})
		if err != nil {
			return err
		}
		project, err := organizations.LookupProject(ctx, nil, nil)
		if err != nil {
			return err
		}
		tlsInspectionPermission, err := certificateauthority.NewCaPoolIamMember(ctx, "tls_inspection_permission", &certificateauthority.CaPoolIamMemberArgs{
			CaPool: _default.ID(),
			Role:   pulumi.String("roles/privateca.certificateManager"),
			Member: pulumi.Sprintf("serviceAccount:service-%v@gcp-sa-networksecurity.iam.gserviceaccount.com", project.Number),
		})
		if err != nil {
			return err
		}
		defaultTlsInspectionPolicy, err := networksecurity.NewTlsInspectionPolicy(ctx, "default", &networksecurity.TlsInspectionPolicyArgs{
			Name:     pulumi.String("my-tls-inspection-policy"),
			Location: pulumi.String("us-central1"),
			CaPool:   _default.ID(),
		}, pulumi.DependsOn([]pulumi.Resource{
			_default,
			defaultAuthority,
			tlsInspectionPermission,
		}))
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
			Name:                pulumi.String("my-gateway-security-policy"),
			Location:            pulumi.String("us-central1"),
			Description:         pulumi.String("my description"),
			TlsInspectionPolicy: defaultTlsInspectionPolicy.ID(),
		}, pulumi.DependsOn([]pulumi.Resource{
			defaultTlsInspectionPolicy,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

GatewaySecurityPolicy can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, GatewaySecurityPolicy can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{name}} ```

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{location}}/{{name}} ```

func GetGatewaySecurityPolicy 

func GetGatewaySecurityPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GatewaySecurityPolicyState, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicy, error)

GetGatewaySecurityPolicy gets an existing GatewaySecurityPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGatewaySecurityPolicy 

func NewGatewaySecurityPolicy(ctx *pulumi.Context,
	name string, args *GatewaySecurityPolicyArgs, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicy, error)

NewGatewaySecurityPolicy registers a new resource with the given unique name, arguments, and options.

func (*GatewaySecurityPolicy) ElementType 

func (*GatewaySecurityPolicy) ElementType() reflect.Type

func (*GatewaySecurityPolicy) ToGatewaySecurityPolicyOutput 

func (i *GatewaySecurityPolicy) ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput

func (*GatewaySecurityPolicy) ToGatewaySecurityPolicyOutputWithContext 

func (i *GatewaySecurityPolicy) ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput

type GatewaySecurityPolicyArgs 

type GatewaySecurityPolicyArgs struct {
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// The location of the gateway security policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy}
	// gatewaySecurityPolicy should match the pattern:(^a-z?$).
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.
	TlsInspectionPolicy pulumi.StringPtrInput
}

The set of arguments for constructing a GatewaySecurityPolicy resource.

func (GatewaySecurityPolicyArgs) ElementType 

func (GatewaySecurityPolicyArgs) ElementType() reflect.Type

type GatewaySecurityPolicyArray 

type GatewaySecurityPolicyArray []GatewaySecurityPolicyInput

func (GatewaySecurityPolicyArray) ElementType 

func (GatewaySecurityPolicyArray) ElementType() reflect.Type

func (GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutput 

func (i GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutput() GatewaySecurityPolicyArrayOutput

func (GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutputWithContext 

func (i GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyArrayOutput

type GatewaySecurityPolicyArrayInput 

type GatewaySecurityPolicyArrayInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyArrayOutput() GatewaySecurityPolicyArrayOutput
	ToGatewaySecurityPolicyArrayOutputWithContext(context.Context) GatewaySecurityPolicyArrayOutput
}

GatewaySecurityPolicyArrayInput is an input type that accepts GatewaySecurityPolicyArray and GatewaySecurityPolicyArrayOutput values. You can construct a concrete instance of `GatewaySecurityPolicyArrayInput` via: 

GatewaySecurityPolicyArray{ GatewaySecurityPolicyArgs{...} }

type GatewaySecurityPolicyArrayOutput 

type GatewaySecurityPolicyArrayOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyArrayOutput) ElementType 

func (GatewaySecurityPolicyArrayOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyArrayOutput) Index 

func (o GatewaySecurityPolicyArrayOutput) Index(i pulumi.IntInput) GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutput 

func (o GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutput() GatewaySecurityPolicyArrayOutput

func (GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutputWithContext 

func (o GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyArrayOutput

type GatewaySecurityPolicyInput 

type GatewaySecurityPolicyInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput
	ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput
}

type GatewaySecurityPolicyMap 

type GatewaySecurityPolicyMap map[string]GatewaySecurityPolicyInput

func (GatewaySecurityPolicyMap) ElementType 

func (GatewaySecurityPolicyMap) ElementType() reflect.Type

func (GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutput 

func (i GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutput() GatewaySecurityPolicyMapOutput

func (GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutputWithContext 

func (i GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyMapOutput

type GatewaySecurityPolicyMapInput 

type GatewaySecurityPolicyMapInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyMapOutput() GatewaySecurityPolicyMapOutput
	ToGatewaySecurityPolicyMapOutputWithContext(context.Context) GatewaySecurityPolicyMapOutput
}

GatewaySecurityPolicyMapInput is an input type that accepts GatewaySecurityPolicyMap and GatewaySecurityPolicyMapOutput values. You can construct a concrete instance of `GatewaySecurityPolicyMapInput` via: 

GatewaySecurityPolicyMap{ "key": GatewaySecurityPolicyArgs{...} }

type GatewaySecurityPolicyMapOutput 

type GatewaySecurityPolicyMapOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyMapOutput) ElementType 

func (GatewaySecurityPolicyMapOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyMapOutput) MapIndex 

func (o GatewaySecurityPolicyMapOutput) MapIndex(k pulumi.StringInput) GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutput 

func (o GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutput() GatewaySecurityPolicyMapOutput

func (GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutputWithContext 

func (o GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyMapOutput

type GatewaySecurityPolicyOutput 

type GatewaySecurityPolicyOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyOutput) CreateTime 

func (o GatewaySecurityPolicyOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

func (GatewaySecurityPolicyOutput) Description 

func (o GatewaySecurityPolicyOutput) Description() pulumi.StringPtrOutput

A free-text description of the resource. Max length 1024 characters.

func (GatewaySecurityPolicyOutput) ElementType 

func (GatewaySecurityPolicyOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyOutput) Location 

func (o GatewaySecurityPolicyOutput) Location() pulumi.StringPtrOutput

The location of the gateway security policy. The default value is `global`.

func (GatewaySecurityPolicyOutput) Name 

func (o GatewaySecurityPolicyOutput) Name() pulumi.StringOutput

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).

***

func (GatewaySecurityPolicyOutput) Project 

func (o GatewaySecurityPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used. 

func (o GatewaySecurityPolicyOutput) SelfLink() pulumi.StringOutput

Server-defined URL of this resource.

func (GatewaySecurityPolicyOutput) TlsInspectionPolicy 

func (o GatewaySecurityPolicyOutput) TlsInspectionPolicy() pulumi.StringPtrOutput

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

func (GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutput 

func (o GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutputWithContext 

func (o GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyOutput) UpdateTime 

func (o GatewaySecurityPolicyOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

type GatewaySecurityPolicyRule 

type GatewaySecurityPolicyRule struct {
	pulumi.CustomResourceState

	// CEL expression for matching on L7/application level criteria.
	ApplicationMatcher pulumi.StringPtrOutput `pulumi:"applicationMatcher"`
	// Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY.
	// Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.
	BasicProfile pulumi.StringOutput `pulumi:"basicProfile"`
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Whether the rule is enforced.
	Enabled pulumi.BoolOutput `pulumi:"enabled"`
	// The name of the gatewat security policy this rule belongs to.
	//
	// ***
	GatewaySecurityPolicy pulumi.StringOutput `pulumi:"gatewaySecurityPolicy"`
	// The location of the gateway security policy.
	Location pulumi.StringOutput `pulumi:"location"`
	// Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule}
	// rule should match the pattern: (^a-z?$).
	Name pulumi.StringOutput `pulumi:"name"`
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority pulumi.IntOutput `pulumi:"priority"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// CEL expression for matching on session criteria.
	SessionMatcher pulumi.StringOutput `pulumi:"sessionMatcher"`
	// Flag to enable TLS inspection of traffic matching on. Can only be true if the
	// parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled pulumi.BoolPtrOutput `pulumi:"tlsInspectionEnabled"`
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

The GatewaySecurityPolicyRule resource is in a nested collection within a GatewaySecurityPolicy and represents a traffic matching condition and associated action to perform.

To get more information about GatewaySecurityPolicyRule, see:

* [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.gatewaySecurityPolicies.rules)

## Example Usage

### Network Security Gateway Security Policy Rules Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
			Name:        pulumi.String("my-gateway-security-policy"),
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("gateway security policy created to be used as reference by the rule."),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicyRule(ctx, "default", &networksecurity.GatewaySecurityPolicyRuleArgs{
			Name:                  pulumi.String("my-gateway-security-policy-rule"),
			Location:              pulumi.String("us-central1"),
			GatewaySecurityPolicy: _default.Name,
			Enabled:               pulumi.Bool(true),
			Description:           pulumi.String("my description"),
			Priority:              pulumi.Int(0),
			SessionMatcher:        pulumi.String("host() == 'example.com'"),
			BasicProfile:          pulumi.String("ALLOW"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Gateway Security Policy Rules Advanced

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
			Name:        pulumi.String("my-gateway-security-policy"),
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("gateway security policy created to be used as reference by the rule."),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicyRule(ctx, "default", &networksecurity.GatewaySecurityPolicyRuleArgs{
			Name:                  pulumi.String("my-gateway-security-policy-rule"),
			Location:              pulumi.String("us-central1"),
			GatewaySecurityPolicy: _default.Name,
			Enabled:               pulumi.Bool(true),
			Description:           pulumi.String("my description"),
			Priority:              pulumi.Int(0),
			SessionMatcher:        pulumi.String("host() == 'example.com'"),
			ApplicationMatcher:    pulumi.String("request.method == 'POST'"),
			TlsInspectionEnabled:  pulumi.Bool(false),
			BasicProfile:          pulumi.String("ALLOW"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

GatewaySecurityPolicyRule can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{gateway_security_policy}}/rules/{{name}}`

* `{{project}}/{{location}}/{{gateway_security_policy}}/{{name}}`

* `{{location}}/{{gateway_security_policy}}/{{name}}`

When using the `pulumi import` command, GatewaySecurityPolicyRule can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{gateway_security_policy}}/rules/{{name}} ```

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default {{project}}/{{location}}/{{gateway_security_policy}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default {{location}}/{{gateway_security_policy}}/{{name}} ```

func GetGatewaySecurityPolicyRule 

func GetGatewaySecurityPolicyRule(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GatewaySecurityPolicyRuleState, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicyRule, error)

GetGatewaySecurityPolicyRule gets an existing GatewaySecurityPolicyRule resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGatewaySecurityPolicyRule 

func NewGatewaySecurityPolicyRule(ctx *pulumi.Context,
	name string, args *GatewaySecurityPolicyRuleArgs, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicyRule, error)

NewGatewaySecurityPolicyRule registers a new resource with the given unique name, arguments, and options.

func (*GatewaySecurityPolicyRule) ElementType 

func (*GatewaySecurityPolicyRule) ElementType() reflect.Type

func (*GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutput 

func (i *GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutput() GatewaySecurityPolicyRuleOutput

func (*GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutputWithContext 

func (i *GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleOutput

type GatewaySecurityPolicyRuleArgs 

type GatewaySecurityPolicyRuleArgs struct {
	// CEL expression for matching on L7/application level criteria.
	ApplicationMatcher pulumi.StringPtrInput
	// Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY.
	// Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.
	BasicProfile pulumi.StringInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Whether the rule is enforced.
	Enabled pulumi.BoolInput
	// The name of the gatewat security policy this rule belongs to.
	//
	// ***
	GatewaySecurityPolicy pulumi.StringInput
	// The location of the gateway security policy.
	Location pulumi.StringInput
	// Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule}
	// rule should match the pattern: (^a-z?$).
	Name pulumi.StringPtrInput
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority pulumi.IntInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// CEL expression for matching on session criteria.
	SessionMatcher pulumi.StringInput
	// Flag to enable TLS inspection of traffic matching on. Can only be true if the
	// parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled pulumi.BoolPtrInput
}

The set of arguments for constructing a GatewaySecurityPolicyRule resource.

func (GatewaySecurityPolicyRuleArgs) ElementType 

func (GatewaySecurityPolicyRuleArgs) ElementType() reflect.Type

type GatewaySecurityPolicyRuleArray 

type GatewaySecurityPolicyRuleArray []GatewaySecurityPolicyRuleInput

func (GatewaySecurityPolicyRuleArray) ElementType 

func (GatewaySecurityPolicyRuleArray) ElementType() reflect.Type

func (GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutput 

func (i GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutput() GatewaySecurityPolicyRuleArrayOutput

func (GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutputWithContext 

func (i GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleArrayOutput

type GatewaySecurityPolicyRuleArrayInput 

type GatewaySecurityPolicyRuleArrayInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyRuleArrayOutput() GatewaySecurityPolicyRuleArrayOutput
	ToGatewaySecurityPolicyRuleArrayOutputWithContext(context.Context) GatewaySecurityPolicyRuleArrayOutput
}

GatewaySecurityPolicyRuleArrayInput is an input type that accepts GatewaySecurityPolicyRuleArray and GatewaySecurityPolicyRuleArrayOutput values. You can construct a concrete instance of `GatewaySecurityPolicyRuleArrayInput` via: 

GatewaySecurityPolicyRuleArray{ GatewaySecurityPolicyRuleArgs{...} }

type GatewaySecurityPolicyRuleArrayOutput 

type GatewaySecurityPolicyRuleArrayOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyRuleArrayOutput) ElementType 

func (GatewaySecurityPolicyRuleArrayOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyRuleArrayOutput) Index 

func (o GatewaySecurityPolicyRuleArrayOutput) Index(i pulumi.IntInput) GatewaySecurityPolicyRuleOutput

func (GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutput 

func (o GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutput() GatewaySecurityPolicyRuleArrayOutput

func (GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutputWithContext 

func (o GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleArrayOutput

type GatewaySecurityPolicyRuleInput 

type GatewaySecurityPolicyRuleInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyRuleOutput() GatewaySecurityPolicyRuleOutput
	ToGatewaySecurityPolicyRuleOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleOutput
}

type GatewaySecurityPolicyRuleMap 

type GatewaySecurityPolicyRuleMap map[string]GatewaySecurityPolicyRuleInput

func (GatewaySecurityPolicyRuleMap) ElementType 

func (GatewaySecurityPolicyRuleMap) ElementType() reflect.Type

func (GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutput 

func (i GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutput() GatewaySecurityPolicyRuleMapOutput

func (GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutputWithContext 

func (i GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleMapOutput

type GatewaySecurityPolicyRuleMapInput 

type GatewaySecurityPolicyRuleMapInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyRuleMapOutput() GatewaySecurityPolicyRuleMapOutput
	ToGatewaySecurityPolicyRuleMapOutputWithContext(context.Context) GatewaySecurityPolicyRuleMapOutput
}

GatewaySecurityPolicyRuleMapInput is an input type that accepts GatewaySecurityPolicyRuleMap and GatewaySecurityPolicyRuleMapOutput values. You can construct a concrete instance of `GatewaySecurityPolicyRuleMapInput` via: 

GatewaySecurityPolicyRuleMap{ "key": GatewaySecurityPolicyRuleArgs{...} }

type GatewaySecurityPolicyRuleMapOutput 

type GatewaySecurityPolicyRuleMapOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyRuleMapOutput) ElementType 

func (GatewaySecurityPolicyRuleMapOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyRuleMapOutput) MapIndex 

func (o GatewaySecurityPolicyRuleMapOutput) MapIndex(k pulumi.StringInput) GatewaySecurityPolicyRuleOutput

func (GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutput 

func (o GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutput() GatewaySecurityPolicyRuleMapOutput

func (GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutputWithContext 

func (o GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleMapOutput

type GatewaySecurityPolicyRuleOutput 

type GatewaySecurityPolicyRuleOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyRuleOutput) ApplicationMatcher 

func (o GatewaySecurityPolicyRuleOutput) ApplicationMatcher() pulumi.StringPtrOutput

CEL expression for matching on L7/application level criteria.

func (GatewaySecurityPolicyRuleOutput) BasicProfile 

func (o GatewaySecurityPolicyRuleOutput) BasicProfile() pulumi.StringOutput

Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.

func (GatewaySecurityPolicyRuleOutput) CreateTime 

func (o GatewaySecurityPolicyRuleOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

func (GatewaySecurityPolicyRuleOutput) Description 

func (o GatewaySecurityPolicyRuleOutput) Description() pulumi.StringPtrOutput

Free-text description of the resource.

func (GatewaySecurityPolicyRuleOutput) ElementType 

func (GatewaySecurityPolicyRuleOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyRuleOutput) Enabled 

func (o GatewaySecurityPolicyRuleOutput) Enabled() pulumi.BoolOutput

Whether the rule is enforced.

func (GatewaySecurityPolicyRuleOutput) GatewaySecurityPolicy 

func (o GatewaySecurityPolicyRuleOutput) GatewaySecurityPolicy() pulumi.StringOutput

The name of the gatewat security policy this rule belongs to.

***

func (GatewaySecurityPolicyRuleOutput) Location 

func (o GatewaySecurityPolicyRuleOutput) Location() pulumi.StringOutput

The location of the gateway security policy.

func (GatewaySecurityPolicyRuleOutput) Name 

func (o GatewaySecurityPolicyRuleOutput) Name() pulumi.StringOutput

Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).

func (GatewaySecurityPolicyRuleOutput) Priority 

func (o GatewaySecurityPolicyRuleOutput) Priority() pulumi.IntOutput

Priority of the rule. Lower number corresponds to higher precedence.

func (GatewaySecurityPolicyRuleOutput) Project 

func (o GatewaySecurityPolicyRuleOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used. 

func (o GatewaySecurityPolicyRuleOutput) SelfLink() pulumi.StringOutput

Server-defined URL of this resource.

func (GatewaySecurityPolicyRuleOutput) SessionMatcher 

func (o GatewaySecurityPolicyRuleOutput) SessionMatcher() pulumi.StringOutput

CEL expression for matching on session criteria.

func (GatewaySecurityPolicyRuleOutput) TlsInspectionEnabled 

func (o GatewaySecurityPolicyRuleOutput) TlsInspectionEnabled() pulumi.BoolPtrOutput

Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

func (GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutput 

func (o GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutput() GatewaySecurityPolicyRuleOutput

func (GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutputWithContext 

func (o GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleOutput

func (GatewaySecurityPolicyRuleOutput) UpdateTime 

func (o GatewaySecurityPolicyRuleOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

type GatewaySecurityPolicyRuleState 

type GatewaySecurityPolicyRuleState struct {
	// CEL expression for matching on L7/application level criteria.
	ApplicationMatcher pulumi.StringPtrInput
	// Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY.
	// Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.
	BasicProfile pulumi.StringPtrInput
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringPtrInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Whether the rule is enforced.
	Enabled pulumi.BoolPtrInput
	// The name of the gatewat security policy this rule belongs to.
	//
	// ***
	GatewaySecurityPolicy pulumi.StringPtrInput
	// The location of the gateway security policy.
	Location pulumi.StringPtrInput
	// Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule}
	// rule should match the pattern: (^a-z?$).
	Name pulumi.StringPtrInput
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority pulumi.IntPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// CEL expression for matching on session criteria.
	SessionMatcher pulumi.StringPtrInput
	// Flag to enable TLS inspection of traffic matching on. Can only be true if the
	// parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled pulumi.BoolPtrInput
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringPtrInput
}

func (GatewaySecurityPolicyRuleState) ElementType 

func (GatewaySecurityPolicyRuleState) ElementType() reflect.Type

type GatewaySecurityPolicyState 

type GatewaySecurityPolicyState struct {
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// The location of the gateway security policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy}
	// gatewaySecurityPolicy should match the pattern:(^a-z?$).
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.
	TlsInspectionPolicy pulumi.StringPtrInput
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringPtrInput
}

func (GatewaySecurityPolicyState) ElementType 

func (GatewaySecurityPolicyState) ElementType() reflect.Type

type LookupAddressGroupIamPolicyArgs 

type LookupAddressGroupIamPolicyArgs struct {
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location *string `pulumi:"location"`
	// Used to find the parent resource to bind the IAM policy to
	Name string `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project *string `pulumi:"project"`
}

A collection of arguments for invoking getAddressGroupIamPolicy.

type LookupAddressGroupIamPolicyOutputArgs 

type LookupAddressGroupIamPolicyOutputArgs struct {
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput `pulumi:"location"`
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringInput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput `pulumi:"project"`
}

A collection of arguments for invoking getAddressGroupIamPolicy.

func (LookupAddressGroupIamPolicyOutputArgs) ElementType 

func (LookupAddressGroupIamPolicyOutputArgs) ElementType() reflect.Type

type LookupAddressGroupIamPolicyResult 

type LookupAddressGroupIamPolicyResult struct {
	// (Computed) The etag of the IAM policy.
	Etag string `pulumi:"etag"`
	// The provider-assigned unique ID for this managed resource.
	Id       string `pulumi:"id"`
	Location string `pulumi:"location"`
	Name     string `pulumi:"name"`
	// (Required only by `networksecurity.AddressGroupIamPolicy`) The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData string `pulumi:"policyData"`
	Project    string `pulumi:"project"`
}

A collection of values returned by getAddressGroupIamPolicy.

func LookupAddressGroupIamPolicy 

func LookupAddressGroupIamPolicy(ctx *pulumi.Context, args *LookupAddressGroupIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupAddressGroupIamPolicyResult, error)

Retrieves the current IAM policy data for projectaddressgroup

type LookupAddressGroupIamPolicyResultOutput 

type LookupAddressGroupIamPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getAddressGroupIamPolicy.

func LookupAddressGroupIamPolicyOutput 

func LookupAddressGroupIamPolicyOutput(ctx *pulumi.Context, args LookupAddressGroupIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupAddressGroupIamPolicyResultOutput

func (LookupAddressGroupIamPolicyResultOutput) ElementType 

func (LookupAddressGroupIamPolicyResultOutput) ElementType() reflect.Type

func (LookupAddressGroupIamPolicyResultOutput) Etag 

func (o LookupAddressGroupIamPolicyResultOutput) Etag() pulumi.StringOutput

(Computed) The etag of the IAM policy.

func (LookupAddressGroupIamPolicyResultOutput) Id 

func (o LookupAddressGroupIamPolicyResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupAddressGroupIamPolicyResultOutput) Location 

func (o LookupAddressGroupIamPolicyResultOutput) Location() pulumi.StringOutput

func (LookupAddressGroupIamPolicyResultOutput) Name 

func (o LookupAddressGroupIamPolicyResultOutput) Name() pulumi.StringOutput

func (LookupAddressGroupIamPolicyResultOutput) PolicyData 

func (o LookupAddressGroupIamPolicyResultOutput) PolicyData() pulumi.StringOutput

(Required only by `networksecurity.AddressGroupIamPolicy`) The policy data generated by a `organizations.getIAMPolicy` data source.

func (LookupAddressGroupIamPolicyResultOutput) Project 

func (o LookupAddressGroupIamPolicyResultOutput) Project() pulumi.StringOutput

func (LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutput 

func (o LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutput() LookupAddressGroupIamPolicyResultOutput

func (LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutputWithContext 

func (o LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutputWithContext(ctx context.Context) LookupAddressGroupIamPolicyResultOutput

type SecurityProfile 

type SecurityProfile struct {
	pulumi.CustomResourceState

	// Time the security profile was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// An optional description of the security profile. The Max length is 512 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// This checksum is computed by the server based on the value of other fields,
	// and may be sent on update and delete requests to ensure the client has an up-to-date
	// value before proceeding.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the security profile.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// The name of the security profile resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The name of the parent this security profile belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrOutput `pulumi:"parent"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// The threat prevention configuration for the security profile.
	// Structure is documented below.
	ThreatPreventionProfile SecurityProfileThreatPreventionProfilePtrOutput `pulumi:"threatPreventionProfile"`
	// The type of security profile.
	// Possible values are: `THREAT_PREVENTION`.
	Type pulumi.StringOutput `pulumi:"type"`
	// Time the security profile was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

A security profile defines the behavior associated to a profile type.

To get more information about SecurityProfile, see:

* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/projects.locations.securityProfiles) * How-to Guides

## Example Usage

### Network Security Security Profile Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
			Name:        pulumi.String("my-security-profile"),
			Parent:      pulumi.String("organizations/123456789"),
			Description: pulumi.String("my description"),
			Type:        pulumi.String("THREAT_PREVENTION"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Security Profile Overrides

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
			Name:        pulumi.String("my-security-profile"),
			Parent:      pulumi.String("organizations/123456789"),
			Description: pulumi.String("my description"),
			Type:        pulumi.String("THREAT_PREVENTION"),
			ThreatPreventionProfile: &networksecurity.SecurityProfileThreatPreventionProfileArgs{
				SeverityOverrides: networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArray{
					&networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{
						Action:   pulumi.String("ALLOW"),
						Severity: pulumi.String("INFORMATIONAL"),
					},
					&networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{
						Action:   pulumi.String("DENY"),
						Severity: pulumi.String("HIGH"),
					},
				},
				ThreatOverrides: networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArray{
					&networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArgs{
						Action:   pulumi.String("ALLOW"),
						ThreatId: pulumi.String("280647"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

SecurityProfile can be imported using any of these accepted formats:

* `{{parent}}/locations/{{location}}/securityProfiles/{{name}}`

When using the `pulumi import` command, SecurityProfile can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/securityProfile:SecurityProfile default {{parent}}/locations/{{location}}/securityProfiles/{{name}} ```

func GetSecurityProfile 

func GetSecurityProfile(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecurityProfileState, opts ...pulumi.ResourceOption) (*SecurityProfile, error)

GetSecurityProfile gets an existing SecurityProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecurityProfile 

func NewSecurityProfile(ctx *pulumi.Context,
	name string, args *SecurityProfileArgs, opts ...pulumi.ResourceOption) (*SecurityProfile, error)

NewSecurityProfile registers a new resource with the given unique name, arguments, and options.

func (*SecurityProfile) ElementType 

func (*SecurityProfile) ElementType() reflect.Type

func (*SecurityProfile) ToSecurityProfileOutput 

func (i *SecurityProfile) ToSecurityProfileOutput() SecurityProfileOutput

func (*SecurityProfile) ToSecurityProfileOutputWithContext 

func (i *SecurityProfile) ToSecurityProfileOutputWithContext(ctx context.Context) SecurityProfileOutput

type SecurityProfileArgs 

type SecurityProfileArgs struct {
	// An optional description of the security profile. The Max length is 512 characters.
	Description pulumi.StringPtrInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the security profile.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// The name of the security profile resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The name of the parent this security profile belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrInput
	// The threat prevention configuration for the security profile.
	// Structure is documented below.
	ThreatPreventionProfile SecurityProfileThreatPreventionProfilePtrInput
	// The type of security profile.
	// Possible values are: `THREAT_PREVENTION`.
	Type pulumi.StringInput
}

The set of arguments for constructing a SecurityProfile resource.

func (SecurityProfileArgs) ElementType 

func (SecurityProfileArgs) ElementType() reflect.Type

type SecurityProfileArray 

type SecurityProfileArray []SecurityProfileInput

func (SecurityProfileArray) ElementType 

func (SecurityProfileArray) ElementType() reflect.Type

func (SecurityProfileArray) ToSecurityProfileArrayOutput 

func (i SecurityProfileArray) ToSecurityProfileArrayOutput() SecurityProfileArrayOutput

func (SecurityProfileArray) ToSecurityProfileArrayOutputWithContext 

func (i SecurityProfileArray) ToSecurityProfileArrayOutputWithContext(ctx context.Context) SecurityProfileArrayOutput

type SecurityProfileArrayInput 

type SecurityProfileArrayInput interface {
	pulumi.Input

	ToSecurityProfileArrayOutput() SecurityProfileArrayOutput
	ToSecurityProfileArrayOutputWithContext(context.Context) SecurityProfileArrayOutput
}

SecurityProfileArrayInput is an input type that accepts SecurityProfileArray and SecurityProfileArrayOutput values. You can construct a concrete instance of `SecurityProfileArrayInput` via: 

SecurityProfileArray{ SecurityProfileArgs{...} }

type SecurityProfileArrayOutput 

type SecurityProfileArrayOutput struct{ *pulumi.OutputState }

func (SecurityProfileArrayOutput) ElementType 

func (SecurityProfileArrayOutput) ElementType() reflect.Type

func (SecurityProfileArrayOutput) Index 

func (o SecurityProfileArrayOutput) Index(i pulumi.IntInput) SecurityProfileOutput

func (SecurityProfileArrayOutput) ToSecurityProfileArrayOutput 

func (o SecurityProfileArrayOutput) ToSecurityProfileArrayOutput() SecurityProfileArrayOutput

func (SecurityProfileArrayOutput) ToSecurityProfileArrayOutputWithContext 

func (o SecurityProfileArrayOutput) ToSecurityProfileArrayOutputWithContext(ctx context.Context) SecurityProfileArrayOutput

type SecurityProfileGroup 

type SecurityProfileGroup struct {
	pulumi.CustomResourceState

	// Time the security profile group was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// An optional description of the profile. The Max length is 512 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// This checksum is computed by the server based on the value of other fields,
	// and may be sent on update and delete requests to ensure the client has an up-to-date
	// value before proceeding.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the security profile group.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// The name of the security profile group resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The name of the parent this security profile group belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrOutput `pulumi:"parent"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Reference to a SecurityProfile with the threat prevention configuration for the SecurityProfileGroup.
	ThreatPreventionProfile pulumi.StringPtrOutput `pulumi:"threatPreventionProfile"`
	// Time the security profile group was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

A security profile group defines a container for security profiles.

To get more information about SecurityProfileGroup, see:

* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/organizations.locations.securityProfileGroups) * How-to Guides

## Example Usage

### Network Security Security Profile Group Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		securityProfile, err := networksecurity.NewSecurityProfile(ctx, "security_profile", &networksecurity.SecurityProfileArgs{
			Name:     pulumi.String("sec-profile"),
			Type:     pulumi.String("THREAT_PREVENTION"),
			Parent:   pulumi.String("organizations/123456789"),
			Location: pulumi.String("global"),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewSecurityProfileGroup(ctx, "default", &networksecurity.SecurityProfileGroupArgs{
			Name:                    pulumi.String("sec-profile-group"),
			Parent:                  pulumi.String("organizations/123456789"),
			Description:             pulumi.String("my description"),
			ThreatPreventionProfile: securityProfile.ID(),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

SecurityProfileGroup can be imported using any of these accepted formats:

* `{{parent}}/locations/{{location}}/securityProfileGroups/{{name}}`

When using the `pulumi import` command, SecurityProfileGroup can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/securityProfileGroup:SecurityProfileGroup default {{parent}}/locations/{{location}}/securityProfileGroups/{{name}} ```

func GetSecurityProfileGroup 

func GetSecurityProfileGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecurityProfileGroupState, opts ...pulumi.ResourceOption) (*SecurityProfileGroup, error)

GetSecurityProfileGroup gets an existing SecurityProfileGroup resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecurityProfileGroup 

func NewSecurityProfileGroup(ctx *pulumi.Context,
	name string, args *SecurityProfileGroupArgs, opts ...pulumi.ResourceOption) (*SecurityProfileGroup, error)

NewSecurityProfileGroup registers a new resource with the given unique name, arguments, and options.

func (*SecurityProfileGroup) ElementType 

func (*SecurityProfileGroup) ElementType() reflect.Type

func (*SecurityProfileGroup) ToSecurityProfileGroupOutput 

func (i *SecurityProfileGroup) ToSecurityProfileGroupOutput() SecurityProfileGroupOutput

func (*SecurityProfileGroup) ToSecurityProfileGroupOutputWithContext 

func (i *SecurityProfileGroup) ToSecurityProfileGroupOutputWithContext(ctx context.Context) SecurityProfileGroupOutput

type SecurityProfileGroupArgs 

type SecurityProfileGroupArgs struct {
	// An optional description of the profile. The Max length is 512 characters.
	Description pulumi.StringPtrInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the security profile group.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// The name of the security profile group resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The name of the parent this security profile group belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrInput
	// Reference to a SecurityProfile with the threat prevention configuration for the SecurityProfileGroup.
	ThreatPreventionProfile pulumi.StringPtrInput
}

The set of arguments for constructing a SecurityProfileGroup resource.

func (SecurityProfileGroupArgs) ElementType 

func (SecurityProfileGroupArgs) ElementType() reflect.Type

type SecurityProfileGroupArray 

type SecurityProfileGroupArray []SecurityProfileGroupInput

func (SecurityProfileGroupArray) ElementType 

func (SecurityProfileGroupArray) ElementType() reflect.Type

func (SecurityProfileGroupArray) ToSecurityProfileGroupArrayOutput 

func (i SecurityProfileGroupArray) ToSecurityProfileGroupArrayOutput() SecurityProfileGroupArrayOutput

func (SecurityProfileGroupArray) ToSecurityProfileGroupArrayOutputWithContext 

func (i SecurityProfileGroupArray) ToSecurityProfileGroupArrayOutputWithContext(ctx context.Context) SecurityProfileGroupArrayOutput

type SecurityProfileGroupArrayInput 

type SecurityProfileGroupArrayInput interface {
	pulumi.Input

	ToSecurityProfileGroupArrayOutput() SecurityProfileGroupArrayOutput
	ToSecurityProfileGroupArrayOutputWithContext(context.Context) SecurityProfileGroupArrayOutput
}

SecurityProfileGroupArrayInput is an input type that accepts SecurityProfileGroupArray and SecurityProfileGroupArrayOutput values. You can construct a concrete instance of `SecurityProfileGroupArrayInput` via: 

SecurityProfileGroupArray{ SecurityProfileGroupArgs{...} }

type SecurityProfileGroupArrayOutput 

type SecurityProfileGroupArrayOutput struct{ *pulumi.OutputState }

func (SecurityProfileGroupArrayOutput) ElementType 

func (SecurityProfileGroupArrayOutput) ElementType() reflect.Type

func (SecurityProfileGroupArrayOutput) Index 

func (o SecurityProfileGroupArrayOutput) Index(i pulumi.IntInput) SecurityProfileGroupOutput

func (SecurityProfileGroupArrayOutput) ToSecurityProfileGroupArrayOutput 

func (o SecurityProfileGroupArrayOutput) ToSecurityProfileGroupArrayOutput() SecurityProfileGroupArrayOutput

func (SecurityProfileGroupArrayOutput) ToSecurityProfileGroupArrayOutputWithContext 

func (o SecurityProfileGroupArrayOutput) ToSecurityProfileGroupArrayOutputWithContext(ctx context.Context) SecurityProfileGroupArrayOutput

type SecurityProfileGroupInput 

type SecurityProfileGroupInput interface {
	pulumi.Input

	ToSecurityProfileGroupOutput() SecurityProfileGroupOutput
	ToSecurityProfileGroupOutputWithContext(ctx context.Context) SecurityProfileGroupOutput
}

type SecurityProfileGroupMap 

type SecurityProfileGroupMap map[string]SecurityProfileGroupInput

func (SecurityProfileGroupMap) ElementType 

func (SecurityProfileGroupMap) ElementType() reflect.Type

func (SecurityProfileGroupMap) ToSecurityProfileGroupMapOutput 

func (i SecurityProfileGroupMap) ToSecurityProfileGroupMapOutput() SecurityProfileGroupMapOutput

func (SecurityProfileGroupMap) ToSecurityProfileGroupMapOutputWithContext 

func (i SecurityProfileGroupMap) ToSecurityProfileGroupMapOutputWithContext(ctx context.Context) SecurityProfileGroupMapOutput

type SecurityProfileGroupMapInput 

type SecurityProfileGroupMapInput interface {
	pulumi.Input

	ToSecurityProfileGroupMapOutput() SecurityProfileGroupMapOutput
	ToSecurityProfileGroupMapOutputWithContext(context.Context) SecurityProfileGroupMapOutput
}

SecurityProfileGroupMapInput is an input type that accepts SecurityProfileGroupMap and SecurityProfileGroupMapOutput values. You can construct a concrete instance of `SecurityProfileGroupMapInput` via: 

SecurityProfileGroupMap{ "key": SecurityProfileGroupArgs{...} }

type SecurityProfileGroupMapOutput 

type SecurityProfileGroupMapOutput struct{ *pulumi.OutputState }

func (SecurityProfileGroupMapOutput) ElementType 

func (SecurityProfileGroupMapOutput) ElementType() reflect.Type

func (SecurityProfileGroupMapOutput) MapIndex 

func (o SecurityProfileGroupMapOutput) MapIndex(k pulumi.StringInput) SecurityProfileGroupOutput

func (SecurityProfileGroupMapOutput) ToSecurityProfileGroupMapOutput 

func (o SecurityProfileGroupMapOutput) ToSecurityProfileGroupMapOutput() SecurityProfileGroupMapOutput

func (SecurityProfileGroupMapOutput) ToSecurityProfileGroupMapOutputWithContext 

func (o SecurityProfileGroupMapOutput) ToSecurityProfileGroupMapOutputWithContext(ctx context.Context) SecurityProfileGroupMapOutput

type SecurityProfileGroupOutput 

type SecurityProfileGroupOutput struct{ *pulumi.OutputState }

func (SecurityProfileGroupOutput) CreateTime 

func (o SecurityProfileGroupOutput) CreateTime() pulumi.StringOutput

Time the security profile group was created in UTC.

func (SecurityProfileGroupOutput) Description 

func (o SecurityProfileGroupOutput) Description() pulumi.StringPtrOutput

An optional description of the profile. The Max length is 512 characters.

func (SecurityProfileGroupOutput) EffectiveLabels 

func (o SecurityProfileGroupOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (SecurityProfileGroupOutput) ElementType 

func (SecurityProfileGroupOutput) ElementType() reflect.Type

func (SecurityProfileGroupOutput) Etag 

func (o SecurityProfileGroupOutput) Etag() pulumi.StringOutput

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

func (SecurityProfileGroupOutput) Labels 

func (o SecurityProfileGroupOutput) Labels() pulumi.StringMapOutput

A map of key/value label pairs to assign to the resource.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (SecurityProfileGroupOutput) Location 

func (o SecurityProfileGroupOutput) Location() pulumi.StringPtrOutput

The location of the security profile group. The default value is `global`.

func (SecurityProfileGroupOutput) Name 

func (o SecurityProfileGroupOutput) Name() pulumi.StringOutput

The name of the security profile group resource.

***

func (SecurityProfileGroupOutput) Parent 

func (o SecurityProfileGroupOutput) Parent() pulumi.StringPtrOutput

The name of the parent this security profile group belongs to. Format: organizations/{organization_id}.

func (SecurityProfileGroupOutput) PulumiLabels 

func (o SecurityProfileGroupOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (SecurityProfileGroupOutput) ThreatPreventionProfile 

func (o SecurityProfileGroupOutput) ThreatPreventionProfile() pulumi.StringPtrOutput

Reference to a SecurityProfile with the threat prevention configuration for the SecurityProfileGroup.

func (SecurityProfileGroupOutput) ToSecurityProfileGroupOutput 

func (o SecurityProfileGroupOutput) ToSecurityProfileGroupOutput() SecurityProfileGroupOutput

func (SecurityProfileGroupOutput) ToSecurityProfileGroupOutputWithContext 

func (o SecurityProfileGroupOutput) ToSecurityProfileGroupOutputWithContext(ctx context.Context) SecurityProfileGroupOutput

func (SecurityProfileGroupOutput) UpdateTime 

func (o SecurityProfileGroupOutput) UpdateTime() pulumi.StringOutput

Time the security profile group was updated in UTC.

type SecurityProfileGroupState 

type SecurityProfileGroupState struct {
	// Time the security profile group was created in UTC.
	CreateTime pulumi.StringPtrInput
	// An optional description of the profile. The Max length is 512 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// This checksum is computed by the server based on the value of other fields,
	// and may be sent on update and delete requests to ensure the client has an up-to-date
	// value before proceeding.
	Etag pulumi.StringPtrInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the security profile group.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// The name of the security profile group resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The name of the parent this security profile group belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Reference to a SecurityProfile with the threat prevention configuration for the SecurityProfileGroup.
	ThreatPreventionProfile pulumi.StringPtrInput
	// Time the security profile group was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (SecurityProfileGroupState) ElementType 

func (SecurityProfileGroupState) ElementType() reflect.Type

type SecurityProfileInput 

type SecurityProfileInput interface {
	pulumi.Input

	ToSecurityProfileOutput() SecurityProfileOutput
	ToSecurityProfileOutputWithContext(ctx context.Context) SecurityProfileOutput
}

type SecurityProfileMap 

type SecurityProfileMap map[string]SecurityProfileInput

func (SecurityProfileMap) ElementType 

func (SecurityProfileMap) ElementType() reflect.Type

func (SecurityProfileMap) ToSecurityProfileMapOutput 

func (i SecurityProfileMap) ToSecurityProfileMapOutput() SecurityProfileMapOutput

func (SecurityProfileMap) ToSecurityProfileMapOutputWithContext 

func (i SecurityProfileMap) ToSecurityProfileMapOutputWithContext(ctx context.Context) SecurityProfileMapOutput

type SecurityProfileMapInput 

type SecurityProfileMapInput interface {
	pulumi.Input

	ToSecurityProfileMapOutput() SecurityProfileMapOutput
	ToSecurityProfileMapOutputWithContext(context.Context) SecurityProfileMapOutput
}

SecurityProfileMapInput is an input type that accepts SecurityProfileMap and SecurityProfileMapOutput values. You can construct a concrete instance of `SecurityProfileMapInput` via: 

SecurityProfileMap{ "key": SecurityProfileArgs{...} }

type SecurityProfileMapOutput 

type SecurityProfileMapOutput struct{ *pulumi.OutputState }

func (SecurityProfileMapOutput) ElementType 

func (SecurityProfileMapOutput) ElementType() reflect.Type

func (SecurityProfileMapOutput) MapIndex 

func (o SecurityProfileMapOutput) MapIndex(k pulumi.StringInput) SecurityProfileOutput

func (SecurityProfileMapOutput) ToSecurityProfileMapOutput 

func (o SecurityProfileMapOutput) ToSecurityProfileMapOutput() SecurityProfileMapOutput

func (SecurityProfileMapOutput) ToSecurityProfileMapOutputWithContext 

func (o SecurityProfileMapOutput) ToSecurityProfileMapOutputWithContext(ctx context.Context) SecurityProfileMapOutput

type SecurityProfileOutput 

type SecurityProfileOutput struct{ *pulumi.OutputState }

func (SecurityProfileOutput) CreateTime 

func (o SecurityProfileOutput) CreateTime() pulumi.StringOutput

Time the security profile was created in UTC.

func (SecurityProfileOutput) Description 

func (o SecurityProfileOutput) Description() pulumi.StringPtrOutput

An optional description of the security profile. The Max length is 512 characters.

func (SecurityProfileOutput) EffectiveLabels 

func (o SecurityProfileOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (SecurityProfileOutput) ElementType 

func (SecurityProfileOutput) ElementType() reflect.Type

func (SecurityProfileOutput) Etag 

func (o SecurityProfileOutput) Etag() pulumi.StringOutput

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

func (SecurityProfileOutput) Labels 

func (o SecurityProfileOutput) Labels() pulumi.StringMapOutput

A map of key/value label pairs to assign to the resource.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (SecurityProfileOutput) Location 

func (o SecurityProfileOutput) Location() pulumi.StringPtrOutput

The location of the security profile. The default value is `global`.

func (SecurityProfileOutput) Name 

func (o SecurityProfileOutput) Name() pulumi.StringOutput

The name of the security profile resource.

***

func (SecurityProfileOutput) Parent 

func (o SecurityProfileOutput) Parent() pulumi.StringPtrOutput

The name of the parent this security profile belongs to. Format: organizations/{organization_id}.

func (SecurityProfileOutput) PulumiLabels 

func (o SecurityProfileOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider. 

func (o SecurityProfileOutput) SelfLink() pulumi.StringOutput

Server-defined URL of this resource.

func (SecurityProfileOutput) ThreatPreventionProfile 

func (o SecurityProfileOutput) ThreatPreventionProfile() SecurityProfileThreatPreventionProfilePtrOutput

The threat prevention configuration for the security profile. Structure is documented below.

func (SecurityProfileOutput) ToSecurityProfileOutput 

func (o SecurityProfileOutput) ToSecurityProfileOutput() SecurityProfileOutput

func (SecurityProfileOutput) ToSecurityProfileOutputWithContext 

func (o SecurityProfileOutput) ToSecurityProfileOutputWithContext(ctx context.Context) SecurityProfileOutput

func (SecurityProfileOutput) Type 

func (o SecurityProfileOutput) Type() pulumi.StringOutput

The type of security profile. Possible values are: `THREAT_PREVENTION`.

func (SecurityProfileOutput) UpdateTime 

func (o SecurityProfileOutput) UpdateTime() pulumi.StringOutput

Time the security profile was updated in UTC.

type SecurityProfileState 

type SecurityProfileState struct {
	// Time the security profile was created in UTC.
	CreateTime pulumi.StringPtrInput
	// An optional description of the security profile. The Max length is 512 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// This checksum is computed by the server based on the value of other fields,
	// and may be sent on update and delete requests to ensure the client has an up-to-date
	// value before proceeding.
	Etag pulumi.StringPtrInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the security profile.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// The name of the security profile resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The name of the parent this security profile belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// The threat prevention configuration for the security profile.
	// Structure is documented below.
	ThreatPreventionProfile SecurityProfileThreatPreventionProfilePtrInput
	// The type of security profile.
	// Possible values are: `THREAT_PREVENTION`.
	Type pulumi.StringPtrInput
	// Time the security profile was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (SecurityProfileState) ElementType 

func (SecurityProfileState) ElementType() reflect.Type

type SecurityProfileThreatPreventionProfile 

type SecurityProfileThreatPreventionProfile struct {
	// The configuration for overriding threats actions by severity match.
	// Structure is documented below.
	SeverityOverrides []SecurityProfileThreatPreventionProfileSeverityOverride `pulumi:"severityOverrides"`
	// The configuration for overriding threats actions by threat id match.
	// If a threat is matched both by configuration provided in severity overrides
	// and threat overrides, the threat overrides action is applied.
	// Structure is documented below.
	ThreatOverrides []SecurityProfileThreatPreventionProfileThreatOverride `pulumi:"threatOverrides"`
}

type SecurityProfileThreatPreventionProfileArgs 

type SecurityProfileThreatPreventionProfileArgs struct {
	// The configuration for overriding threats actions by severity match.
	// Structure is documented below.
	SeverityOverrides SecurityProfileThreatPreventionProfileSeverityOverrideArrayInput `pulumi:"severityOverrides"`
	// The configuration for overriding threats actions by threat id match.
	// If a threat is matched both by configuration provided in severity overrides
	// and threat overrides, the threat overrides action is applied.
	// Structure is documented below.
	ThreatOverrides SecurityProfileThreatPreventionProfileThreatOverrideArrayInput `pulumi:"threatOverrides"`
}

func (SecurityProfileThreatPreventionProfileArgs) ElementType 

func (SecurityProfileThreatPreventionProfileArgs) ElementType() reflect.Type

func (SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfileOutput 

func (i SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfileOutput() SecurityProfileThreatPreventionProfileOutput

func (SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfileOutputWithContext 

func (i SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfileOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileOutput

func (SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfilePtrOutput 

func (i SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfilePtrOutput() SecurityProfileThreatPreventionProfilePtrOutput

func (SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext 

func (i SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfilePtrOutput

type SecurityProfileThreatPreventionProfileInput 

type SecurityProfileThreatPreventionProfileInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfileOutput() SecurityProfileThreatPreventionProfileOutput
	ToSecurityProfileThreatPreventionProfileOutputWithContext(context.Context) SecurityProfileThreatPreventionProfileOutput
}

SecurityProfileThreatPreventionProfileInput is an input type that accepts SecurityProfileThreatPreventionProfileArgs and SecurityProfileThreatPreventionProfileOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfileInput` via: 

SecurityProfileThreatPreventionProfileArgs{...}

type SecurityProfileThreatPreventionProfileOutput 

type SecurityProfileThreatPreventionProfileOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfileOutput) ElementType 

func (SecurityProfileThreatPreventionProfileOutput) ElementType() reflect.Type

func (SecurityProfileThreatPreventionProfileOutput) SeverityOverrides 

func (o SecurityProfileThreatPreventionProfileOutput) SeverityOverrides() SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput

The configuration for overriding threats actions by severity match. Structure is documented below.

func (SecurityProfileThreatPreventionProfileOutput) ThreatOverrides 

func (o SecurityProfileThreatPreventionProfileOutput) ThreatOverrides() SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

The configuration for overriding threats actions by threat id match. If a threat is matched both by configuration provided in severity overrides and threat overrides, the threat overrides action is applied. Structure is documented below.

func (SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfileOutput 

func (o SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfileOutput() SecurityProfileThreatPreventionProfileOutput

func (SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfileOutputWithContext 

func (o SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfileOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileOutput

func (SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfilePtrOutput 

func (o SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfilePtrOutput() SecurityProfileThreatPreventionProfilePtrOutput

func (SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext 

func (o SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfilePtrOutput

type SecurityProfileThreatPreventionProfilePtrInput 

type SecurityProfileThreatPreventionProfilePtrInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfilePtrOutput() SecurityProfileThreatPreventionProfilePtrOutput
	ToSecurityProfileThreatPreventionProfilePtrOutputWithContext(context.Context) SecurityProfileThreatPreventionProfilePtrOutput
}

SecurityProfileThreatPreventionProfilePtrInput is an input type that accepts SecurityProfileThreatPreventionProfileArgs, SecurityProfileThreatPreventionProfilePtr and SecurityProfileThreatPreventionProfilePtrOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfilePtrInput` via: 

        SecurityProfileThreatPreventionProfileArgs{...}

or:

        nil

func SecurityProfileThreatPreventionProfilePtr 

func SecurityProfileThreatPreventionProfilePtr(v *SecurityProfileThreatPreventionProfileArgs) SecurityProfileThreatPreventionProfilePtrInput

type SecurityProfileThreatPreventionProfilePtrOutput 

type SecurityProfileThreatPreventionProfilePtrOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfilePtrOutput) Elem 

func (o SecurityProfileThreatPreventionProfilePtrOutput) Elem() SecurityProfileThreatPreventionProfileOutput

func (SecurityProfileThreatPreventionProfilePtrOutput) ElementType 

func (SecurityProfileThreatPreventionProfilePtrOutput) ElementType() reflect.Type

func (SecurityProfileThreatPreventionProfilePtrOutput) SeverityOverrides 

func (o SecurityProfileThreatPreventionProfilePtrOutput) SeverityOverrides() SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput

The configuration for overriding threats actions by severity match. Structure is documented below.

func (SecurityProfileThreatPreventionProfilePtrOutput) ThreatOverrides 

func (o SecurityProfileThreatPreventionProfilePtrOutput) ThreatOverrides() SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

The configuration for overriding threats actions by threat id match. If a threat is matched both by configuration provided in severity overrides and threat overrides, the threat overrides action is applied. Structure is documented below.

func (SecurityProfileThreatPreventionProfilePtrOutput) ToSecurityProfileThreatPreventionProfilePtrOutput 

func (o SecurityProfileThreatPreventionProfilePtrOutput) ToSecurityProfileThreatPreventionProfilePtrOutput() SecurityProfileThreatPreventionProfilePtrOutput

func (SecurityProfileThreatPreventionProfilePtrOutput) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext 

func (o SecurityProfileThreatPreventionProfilePtrOutput) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfilePtrOutput

type SecurityProfileThreatPreventionProfileSeverityOverride 

type SecurityProfileThreatPreventionProfileSeverityOverride struct {
	// Threat action override.
	// Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.
	Action string `pulumi:"action"`
	// Severity level to match.
	// Possible values are: `CRITICAL`, `HIGH`, `INFORMATIONAL`, `LOW`, `MEDIUM`.
	Severity string `pulumi:"severity"`
}

type SecurityProfileThreatPreventionProfileSeverityOverrideArgs 

type SecurityProfileThreatPreventionProfileSeverityOverrideArgs struct {
	// Threat action override.
	// Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.
	Action pulumi.StringInput `pulumi:"action"`
	// Severity level to match.
	// Possible values are: `CRITICAL`, `HIGH`, `INFORMATIONAL`, `LOW`, `MEDIUM`.
	Severity pulumi.StringInput `pulumi:"severity"`
}

func (SecurityProfileThreatPreventionProfileSeverityOverrideArgs) ElementType 

func (SecurityProfileThreatPreventionProfileSeverityOverrideArgs) ElementType() reflect.Type

func (SecurityProfileThreatPreventionProfileSeverityOverrideArgs) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutput 

func (i SecurityProfileThreatPreventionProfileSeverityOverrideArgs) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutput() SecurityProfileThreatPreventionProfileSeverityOverrideOutput

func (SecurityProfileThreatPreventionProfileSeverityOverrideArgs) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutputWithContext 

func (i SecurityProfileThreatPreventionProfileSeverityOverrideArgs) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideOutput

type SecurityProfileThreatPreventionProfileSeverityOverrideArray 

type SecurityProfileThreatPreventionProfileSeverityOverrideArray []SecurityProfileThreatPreventionProfileSeverityOverrideInput

func (SecurityProfileThreatPreventionProfileSeverityOverrideArray) ElementType 

func (SecurityProfileThreatPreventionProfileSeverityOverrideArray) ElementType() reflect.Type

func (SecurityProfileThreatPreventionProfileSeverityOverrideArray) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput 

func (i SecurityProfileThreatPreventionProfileSeverityOverrideArray) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput() SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput

func (SecurityProfileThreatPreventionProfileSeverityOverrideArray) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutputWithContext 

func (i SecurityProfileThreatPreventionProfileSeverityOverrideArray) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput

type SecurityProfileThreatPreventionProfileSeverityOverrideArrayInput 

type SecurityProfileThreatPreventionProfileSeverityOverrideArrayInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput() SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput
	ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutputWithContext(context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput
}

SecurityProfileThreatPreventionProfileSeverityOverrideArrayInput is an input type that accepts SecurityProfileThreatPreventionProfileSeverityOverrideArray and SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfileSeverityOverrideArrayInput` via: 

SecurityProfileThreatPreventionProfileSeverityOverrideArray{ SecurityProfileThreatPreventionProfileSeverityOverrideArgs{...} }

type SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput 

type SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) ElementType 

func (SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) ElementType() reflect.Type

func (SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) Index 

func (o SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) Index(i pulumi.IntInput) SecurityProfileThreatPreventionProfileSeverityOverrideOutput

func (SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput 

func (o SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput() SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput

func (SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutputWithContext 

func (o SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput

type SecurityProfileThreatPreventionProfileSeverityOverrideInput 

type SecurityProfileThreatPreventionProfileSeverityOverrideInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfileSeverityOverrideOutput() SecurityProfileThreatPreventionProfileSeverityOverrideOutput
	ToSecurityProfileThreatPreventionProfileSeverityOverrideOutputWithContext(context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideOutput
}

SecurityProfileThreatPreventionProfileSeverityOverrideInput is an input type that accepts SecurityProfileThreatPreventionProfileSeverityOverrideArgs and SecurityProfileThreatPreventionProfileSeverityOverrideOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfileSeverityOverrideInput` via: 

SecurityProfileThreatPreventionProfileSeverityOverrideArgs{...}

type SecurityProfileThreatPreventionProfileSeverityOverrideOutput 

type SecurityProfileThreatPreventionProfileSeverityOverrideOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfileSeverityOverrideOutput) Action 

func (o SecurityProfileThreatPreventionProfileSeverityOverrideOutput) Action() pulumi.StringOutput

Threat action override. Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.

func (SecurityProfileThreatPreventionProfileSeverityOverrideOutput) ElementType 

func (SecurityProfileThreatPreventionProfileSeverityOverrideOutput) ElementType() reflect.Type

func (SecurityProfileThreatPreventionProfileSeverityOverrideOutput) Severity 

func (o SecurityProfileThreatPreventionProfileSeverityOverrideOutput) Severity() pulumi.StringOutput

Severity level to match. Possible values are: `CRITICAL`, `HIGH`, `INFORMATIONAL`, `LOW`, `MEDIUM`.

func (SecurityProfileThreatPreventionProfileSeverityOverrideOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutput 

func (o SecurityProfileThreatPreventionProfileSeverityOverrideOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutput() SecurityProfileThreatPreventionProfileSeverityOverrideOutput

func (SecurityProfileThreatPreventionProfileSeverityOverrideOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutputWithContext 

func (o SecurityProfileThreatPreventionProfileSeverityOverrideOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideOutput

type SecurityProfileThreatPreventionProfileThreatOverride 

type SecurityProfileThreatPreventionProfileThreatOverride struct {
	// Threat action.
	// Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.
	Action string `pulumi:"action"`
	// Vendor-specific ID of a threat to override.
	ThreatId string `pulumi:"threatId"`
	// (Output)
	// Type of threat.
	Type *string `pulumi:"type"`
}

type SecurityProfileThreatPreventionProfileThreatOverrideArgs 

type SecurityProfileThreatPreventionProfileThreatOverrideArgs struct {
	// Threat action.
	// Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.
	Action pulumi.StringInput `pulumi:"action"`
	// Vendor-specific ID of a threat to override.
	ThreatId pulumi.StringInput `pulumi:"threatId"`
	// (Output)
	// Type of threat.
	Type pulumi.StringPtrInput `pulumi:"type"`
}

func (SecurityProfileThreatPreventionProfileThreatOverrideArgs) ElementType 

func (SecurityProfileThreatPreventionProfileThreatOverrideArgs) ElementType() reflect.Type

func (SecurityProfileThreatPreventionProfileThreatOverrideArgs) ToSecurityProfileThreatPreventionProfileThreatOverrideOutput 

func (i SecurityProfileThreatPreventionProfileThreatOverrideArgs) ToSecurityProfileThreatPreventionProfileThreatOverrideOutput() SecurityProfileThreatPreventionProfileThreatOverrideOutput

func (SecurityProfileThreatPreventionProfileThreatOverrideArgs) ToSecurityProfileThreatPreventionProfileThreatOverrideOutputWithContext 

func (i SecurityProfileThreatPreventionProfileThreatOverrideArgs) ToSecurityProfileThreatPreventionProfileThreatOverrideOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileThreatOverrideOutput

type SecurityProfileThreatPreventionProfileThreatOverrideArray 

type SecurityProfileThreatPreventionProfileThreatOverrideArray []SecurityProfileThreatPreventionProfileThreatOverrideInput

func (SecurityProfileThreatPreventionProfileThreatOverrideArray) ElementType 

func (SecurityProfileThreatPreventionProfileThreatOverrideArray) ElementType() reflect.Type

func (SecurityProfileThreatPreventionProfileThreatOverrideArray) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutput 

func (i SecurityProfileThreatPreventionProfileThreatOverrideArray) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutput() SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

func (SecurityProfileThreatPreventionProfileThreatOverrideArray) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutputWithContext 

func (i SecurityProfileThreatPreventionProfileThreatOverrideArray) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

type SecurityProfileThreatPreventionProfileThreatOverrideArrayInput 

type SecurityProfileThreatPreventionProfileThreatOverrideArrayInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutput() SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput
	ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutputWithContext(context.Context) SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput
}

SecurityProfileThreatPreventionProfileThreatOverrideArrayInput is an input type that accepts SecurityProfileThreatPreventionProfileThreatOverrideArray and SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfileThreatOverrideArrayInput` via: 

SecurityProfileThreatPreventionProfileThreatOverrideArray{ SecurityProfileThreatPreventionProfileThreatOverrideArgs{...} }

type SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput 

type SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) ElementType 

func (SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) ElementType() reflect.Type

func (SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) Index 

func (o SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) Index(i pulumi.IntInput) SecurityProfileThreatPreventionProfileThreatOverrideOutput

func (SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutput 

func (o SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutput() SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

func (SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutputWithContext 

func (o SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

type SecurityProfileThreatPreventionProfileThreatOverrideInput 

type SecurityProfileThreatPreventionProfileThreatOverrideInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfileThreatOverrideOutput() SecurityProfileThreatPreventionProfileThreatOverrideOutput
	ToSecurityProfileThreatPreventionProfileThreatOverrideOutputWithContext(context.Context) SecurityProfileThreatPreventionProfileThreatOverrideOutput
}

SecurityProfileThreatPreventionProfileThreatOverrideInput is an input type that accepts SecurityProfileThreatPreventionProfileThreatOverrideArgs and SecurityProfileThreatPreventionProfileThreatOverrideOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfileThreatOverrideInput` via: 

SecurityProfileThreatPreventionProfileThreatOverrideArgs{...}

type SecurityProfileThreatPreventionProfileThreatOverrideOutput 

type SecurityProfileThreatPreventionProfileThreatOverrideOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) Action 

func (o SecurityProfileThreatPreventionProfileThreatOverrideOutput) Action() pulumi.StringOutput

Threat action. Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) ElementType 

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) ElementType() reflect.Type

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) ThreatId 

func (o SecurityProfileThreatPreventionProfileThreatOverrideOutput) ThreatId() pulumi.StringOutput

Vendor-specific ID of a threat to override.

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideOutput 

func (o SecurityProfileThreatPreventionProfileThreatOverrideOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideOutput() SecurityProfileThreatPreventionProfileThreatOverrideOutput

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideOutputWithContext 

func (o SecurityProfileThreatPreventionProfileThreatOverrideOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileThreatOverrideOutput

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) Type 

func (o SecurityProfileThreatPreventionProfileThreatOverrideOutput) Type() pulumi.StringPtrOutput

(Output) Type of threat.

type ServerTlsPolicy 

type ServerTlsPolicy struct {
	pulumi.CustomResourceState

	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies.
	// Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.
	// Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen pulumi.BoolPtrOutput `pulumi:"allowOpen"`
	// Time the ServerTlsPolicy was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Set of label tags associated with the ServerTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the server tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director.
	// Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections.
	// Structure is documented below.
	MtlsPolicy ServerTlsPolicyMtlsPolicyPtrOutput `pulumi:"mtlsPolicy"`
	// Name of the ServerTlsPolicy resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ServerCertificate ServerTlsPolicyServerCertificatePtrOutput `pulumi:"serverCertificate"`
	// Time the ServerTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Server Tls Policy Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
			Name: pulumi.String("my-server-tls-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			AllowOpen:   pulumi.Bool(false),
			ServerCertificate: &networksecurity.ServerTlsPolicyServerCertificateArgs{
				CertificateProviderInstance: &networksecurity.ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs{
					PluginInstance: pulumi.String("google_cloud_private_spiffe"),
				},
			},
			MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
				ClientValidationCas: networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaArray{
					&networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaArgs{
						GrpcEndpoint: &networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs{
							TargetUri: pulumi.String("unix:mypath"),
						},
					},
					&networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaArgs{
						GrpcEndpoint: &networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs{
							TargetUri: pulumi.String("unix:abc/mypath"),
						},
					},
					&networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaArgs{
						CertificateProviderInstance: &networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs{
							PluginInstance: pulumi.String("google_cloud_private_spiffe"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Server Tls Policy Advanced

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
			Name: pulumi.String("my-server-tls-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Location:    pulumi.String("global"),
			AllowOpen:   pulumi.Bool(false),
			MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
				ClientValidationMode: pulumi.String("ALLOW_INVALID_OR_MISSING_CLIENT_CERT"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Server Tls Policy Server Cert

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
			Name: pulumi.String("my-server-tls-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Location:    pulumi.String("global"),
			AllowOpen:   pulumi.Bool(false),
			ServerCertificate: &networksecurity.ServerTlsPolicyServerCertificateArgs{
				GrpcEndpoint: &networksecurity.ServerTlsPolicyServerCertificateGrpcEndpointArgs{
					TargetUri: pulumi.String("unix:mypath"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Server Tls Policy Mtls

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificatemanager"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		project, err := organizations.LookupProject(ctx, nil, nil)
		if err != nil {
			return err
		}
		invokeFile, err := std.File(ctx, &std.FileArgs{
			Input: "test-fixtures/ca_cert.pem",
		}, nil)
		if err != nil {
			return err
		}
		invokeFile1, err := std.File(ctx, &std.FileArgs{
			Input: "test-fixtures/ca_cert.pem",
		}, nil)
		if err != nil {
			return err
		}
		defaultTrustConfig, err := certificatemanager.NewTrustConfig(ctx, "default", &certificatemanager.TrustConfigArgs{
			Name:        pulumi.String("my-trust-config"),
			Description: pulumi.String("sample trust config description"),
			Location:    pulumi.String("global"),
			TrustStores: certificatemanager.TrustConfigTrustStoreArray{
				&certificatemanager.TrustConfigTrustStoreArgs{
					TrustAnchors: certificatemanager.TrustConfigTrustStoreTrustAnchorArray{
						&certificatemanager.TrustConfigTrustStoreTrustAnchorArgs{
							PemCertificate: pulumi.String(invokeFile.Result),
						},
					},
					IntermediateCas: certificatemanager.TrustConfigTrustStoreIntermediateCaArray{
						&certificatemanager.TrustConfigTrustStoreIntermediateCaArgs{
							PemCertificate: pulumi.String(invokeFile1.Result),
						},
					},
				},
			},
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
			Name:        pulumi.String("my-server-tls-policy"),
			Description: pulumi.String("my description"),
			Location:    pulumi.String("global"),
			AllowOpen:   pulumi.Bool(false),
			MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
				ClientValidationMode: pulumi.String("REJECT_INVALID"),
				ClientValidationTrustConfig: defaultTrustConfig.Name.ApplyT(func(name string) (string, error) {
					return fmt.Sprintf("projects/%v/locations/global/trustConfigs/%v", project.Number, name), nil
				}).(pulumi.StringOutput),
			},
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

ServerTlsPolicy can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/serverTlsPolicies/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, ServerTlsPolicy can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default projects/{{project}}/locations/{{location}}/serverTlsPolicies/{{name}} ```

```sh $ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default {{location}}/{{name}} ```

func GetServerTlsPolicy 

func GetServerTlsPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServerTlsPolicyState, opts ...pulumi.ResourceOption) (*ServerTlsPolicy, error)

GetServerTlsPolicy gets an existing ServerTlsPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServerTlsPolicy 

func NewServerTlsPolicy(ctx *pulumi.Context,
	name string, args *ServerTlsPolicyArgs, opts ...pulumi.ResourceOption) (*ServerTlsPolicy, error)

NewServerTlsPolicy registers a new resource with the given unique name, arguments, and options.

func (*ServerTlsPolicy) ElementType 

func (*ServerTlsPolicy) ElementType() reflect.Type

func (*ServerTlsPolicy) ToServerTlsPolicyOutput 

func (i *ServerTlsPolicy) ToServerTlsPolicyOutput() ServerTlsPolicyOutput

func (*ServerTlsPolicy) ToServerTlsPolicyOutputWithContext 

func (i *ServerTlsPolicy) ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput

type ServerTlsPolicyArgs 

type ServerTlsPolicyArgs struct {
	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies.
	// Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.
	// Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen pulumi.BoolPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// Set of label tags associated with the ServerTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the server tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director.
	// Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections.
	// Structure is documented below.
	MtlsPolicy ServerTlsPolicyMtlsPolicyPtrInput
	// Name of the ServerTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ServerCertificate ServerTlsPolicyServerCertificatePtrInput
}

The set of arguments for constructing a ServerTlsPolicy resource.

func (ServerTlsPolicyArgs) ElementType 

func (ServerTlsPolicyArgs) ElementType() reflect.Type

type ServerTlsPolicyArray 

type ServerTlsPolicyArray []ServerTlsPolicyInput

func (ServerTlsPolicyArray) ElementType 

func (ServerTlsPolicyArray) ElementType() reflect.Type

func (ServerTlsPolicyArray) ToServerTlsPolicyArrayOutput 

func (i ServerTlsPolicyArray) ToServerTlsPolicyArrayOutput() ServerTlsPolicyArrayOutput

func (ServerTlsPolicyArray) ToServerTlsPolicyArrayOutputWithContext 

func (i ServerTlsPolicyArray) ToServerTlsPolicyArrayOutputWithContext(ctx context.Context) ServerTlsPolicyArrayOutput

type ServerTlsPolicyArrayInput 

type ServerTlsPolicyArrayInput interface {
	pulumi.Input

	ToServerTlsPolicyArrayOutput() ServerTlsPolicyArrayOutput
	ToServerTlsPolicyArrayOutputWithContext(context.Context) ServerTlsPolicyArrayOutput
}

ServerTlsPolicyArrayInput is an input type that accepts ServerTlsPolicyArray and ServerTlsPolicyArrayOutput values. You can construct a concrete instance of `ServerTlsPolicyArrayInput` via: 

ServerTlsPolicyArray{ ServerTlsPolicyArgs{...} }

type ServerTlsPolicyArrayOutput 

type ServerTlsPolicyArrayOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyArrayOutput) ElementType 

func (ServerTlsPolicyArrayOutput) ElementType() reflect.Type

func (ServerTlsPolicyArrayOutput) Index 

func (o ServerTlsPolicyArrayOutput) Index(i pulumi.IntInput) ServerTlsPolicyOutput

func (ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutput 

func (o ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutput() ServerTlsPolicyArrayOutput

func (ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutputWithContext 

func (o ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutputWithContext(ctx context.Context) ServerTlsPolicyArrayOutput

type ServerTlsPolicyInput 

type ServerTlsPolicyInput interface {
	pulumi.Input

	ToServerTlsPolicyOutput() ServerTlsPolicyOutput
	ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput
}

type ServerTlsPolicyMap 

type ServerTlsPolicyMap map[string]ServerTlsPolicyInput

func (ServerTlsPolicyMap) ElementType 

func (ServerTlsPolicyMap) ElementType() reflect.Type

func (ServerTlsPolicyMap) ToServerTlsPolicyMapOutput 

func (i ServerTlsPolicyMap) ToServerTlsPolicyMapOutput() ServerTlsPolicyMapOutput

func (ServerTlsPolicyMap) ToServerTlsPolicyMapOutputWithContext 

func (i ServerTlsPolicyMap) ToServerTlsPolicyMapOutputWithContext(ctx context.Context) ServerTlsPolicyMapOutput

type ServerTlsPolicyMapInput 

type ServerTlsPolicyMapInput interface {
	pulumi.Input

	ToServerTlsPolicyMapOutput() ServerTlsPolicyMapOutput
	ToServerTlsPolicyMapOutputWithContext(context.Context) ServerTlsPolicyMapOutput
}

ServerTlsPolicyMapInput is an input type that accepts ServerTlsPolicyMap and ServerTlsPolicyMapOutput values. You can construct a concrete instance of `ServerTlsPolicyMapInput` via: 

ServerTlsPolicyMap{ "key": ServerTlsPolicyArgs{...} }

type ServerTlsPolicyMapOutput 

type ServerTlsPolicyMapOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMapOutput) ElementType 

func (ServerTlsPolicyMapOutput) ElementType() reflect.Type

func (ServerTlsPolicyMapOutput) MapIndex 

func (o ServerTlsPolicyMapOutput) MapIndex(k pulumi.StringInput) ServerTlsPolicyOutput

func (ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutput 

func (o ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutput() ServerTlsPolicyMapOutput

func (ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutputWithContext 

func (o ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutputWithContext(ctx context.Context) ServerTlsPolicyMapOutput

type ServerTlsPolicyMtlsPolicy 

type ServerTlsPolicyMtlsPolicy struct {
	// Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty.
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.
	// Structure is documented below.
	ClientValidationCas []ServerTlsPolicyMtlsPolicyClientValidationCa `pulumi:"clientValidationCas"`
	// When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled.
	// Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.
	// Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.
	ClientValidationMode *string `pulumi:"clientValidationMode"`
	// Reference to the TrustConfig from certificatemanager.googleapis.com namespace.
	// If specified, the chain validation will be performed against certificates configured in the given TrustConfig.
	// Allowed only if the policy is to be used with external HTTPS load balancers.
	ClientValidationTrustConfig *string `pulumi:"clientValidationTrustConfig"`
}

type ServerTlsPolicyMtlsPolicyArgs 

type ServerTlsPolicyMtlsPolicyArgs struct {
	// Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty.
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.
	// Structure is documented below.
	ClientValidationCas ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput `pulumi:"clientValidationCas"`
	// When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled.
	// Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.
	// Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.
	ClientValidationMode pulumi.StringPtrInput `pulumi:"clientValidationMode"`
	// Reference to the TrustConfig from certificatemanager.googleapis.com namespace.
	// If specified, the chain validation will be performed against certificates configured in the given TrustConfig.
	// Allowed only if the policy is to be used with external HTTPS load balancers.
	ClientValidationTrustConfig pulumi.StringPtrInput `pulumi:"clientValidationTrustConfig"`
}

func (ServerTlsPolicyMtlsPolicyArgs) ElementType 

func (ServerTlsPolicyMtlsPolicyArgs) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutput 

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutput() ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutput 

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCa 

type ServerTlsPolicyMtlsPolicyClientValidationCa struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance *ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ServerTlsPolicyMtlsPolicyClientValidationCaArgs 

type ServerTlsPolicyMtlsPolicyClientValidationCaArgs struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput() ServerTlsPolicyMtlsPolicyClientValidationCaOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaArray 

type ServerTlsPolicyMtlsPolicyClientValidationCaArray []ServerTlsPolicyMtlsPolicyClientValidationCaInput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArray) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaArray) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaArray and ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput` via: 

ServerTlsPolicyMtlsPolicyClientValidationCaArray{ ServerTlsPolicyMtlsPolicyClientValidationCaArgs{...} }

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) Index 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) Index(i pulumi.IntInput) ServerTlsPolicyMtlsPolicyClientValidationCaOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstance 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs and ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput` via: 

ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs{...}

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) PluginInstance 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) PluginInstance() pulumi.StringOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs, ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtr and ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput` via: 

        ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs{...}

or:

        nil

func ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtr 

func ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtr(v *ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) Elem 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) Elem() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) PluginInstance 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) PluginInstance() pulumi.StringPtrOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpoint 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext 

func (i ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs and ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput` via: 

ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs{...}

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) TargetUri 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) TargetUri() pulumi.StringOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs, ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtr and ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput` via: 

        ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs{...}

or:

        nil

func ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtr 

func ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtr(v *ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) Elem 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) Elem() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) TargetUri 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) TargetUri() pulumi.StringPtrOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaInput 

type ServerTlsPolicyMtlsPolicyClientValidationCaInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaOutput() ServerTlsPolicyMtlsPolicyClientValidationCaOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaArgs and ServerTlsPolicyMtlsPolicyClientValidationCaOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaInput` via: 

ServerTlsPolicyMtlsPolicyClientValidationCaArgs{...}

type ServerTlsPolicyMtlsPolicyClientValidationCaOutput 

type ServerTlsPolicyMtlsPolicyClientValidationCaOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) CertificateProviderInstance 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaOutput) CertificateProviderInstance() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) GrpcEndpoint 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaOutput) GrpcEndpoint() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput() ServerTlsPolicyMtlsPolicyClientValidationCaOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaOutput

type ServerTlsPolicyMtlsPolicyInput 

type ServerTlsPolicyMtlsPolicyInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyOutput() ServerTlsPolicyMtlsPolicyOutput
	ToServerTlsPolicyMtlsPolicyOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyOutput
}

ServerTlsPolicyMtlsPolicyInput is an input type that accepts ServerTlsPolicyMtlsPolicyArgs and ServerTlsPolicyMtlsPolicyOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyInput` via: 

ServerTlsPolicyMtlsPolicyArgs{...}

type ServerTlsPolicyMtlsPolicyOutput 

type ServerTlsPolicyMtlsPolicyOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyOutput) ClientValidationCas 

func (o ServerTlsPolicyMtlsPolicyOutput) ClientValidationCas() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyOutput) ClientValidationMode 

func (o ServerTlsPolicyMtlsPolicyOutput) ClientValidationMode() pulumi.StringPtrOutput

When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty. Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.

func (ServerTlsPolicyMtlsPolicyOutput) ClientValidationTrustConfig 

func (o ServerTlsPolicyMtlsPolicyOutput) ClientValidationTrustConfig() pulumi.StringPtrOutput

Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.

func (ServerTlsPolicyMtlsPolicyOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutput 

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutput() ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutput 

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyPtrOutput

type ServerTlsPolicyMtlsPolicyPtrInput 

type ServerTlsPolicyMtlsPolicyPtrInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput
	ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyPtrOutput
}

ServerTlsPolicyMtlsPolicyPtrInput is an input type that accepts ServerTlsPolicyMtlsPolicyArgs, ServerTlsPolicyMtlsPolicyPtr and ServerTlsPolicyMtlsPolicyPtrOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyPtrInput` via: 

        ServerTlsPolicyMtlsPolicyArgs{...}

or:

        nil

func ServerTlsPolicyMtlsPolicyPtr 

func ServerTlsPolicyMtlsPolicyPtr(v *ServerTlsPolicyMtlsPolicyArgs) ServerTlsPolicyMtlsPolicyPtrInput

type ServerTlsPolicyMtlsPolicyPtrOutput 

type ServerTlsPolicyMtlsPolicyPtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationCas 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationCas() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationMode 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationMode() pulumi.StringPtrOutput

When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty. Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.

func (ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationTrustConfig 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationTrustConfig() pulumi.StringPtrOutput

Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.

func (ServerTlsPolicyMtlsPolicyPtrOutput) Elem 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) Elem() ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyPtrOutput) ElementType 

func (ServerTlsPolicyMtlsPolicyPtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutput 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput

func (ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext 

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyPtrOutput

type ServerTlsPolicyOutput 

type ServerTlsPolicyOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyOutput) AllowOpen 

func (o ServerTlsPolicyOutput) AllowOpen() pulumi.BoolPtrOutput

This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies. Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility. Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.

func (ServerTlsPolicyOutput) CreateTime 

func (o ServerTlsPolicyOutput) CreateTime() pulumi.StringOutput

Time the ServerTlsPolicy was created in UTC.

func (ServerTlsPolicyOutput) Description 

func (o ServerTlsPolicyOutput) Description() pulumi.StringPtrOutput

A free-text description of the resource. Max length 1024 characters.

func (ServerTlsPolicyOutput) EffectiveLabels 

func (o ServerTlsPolicyOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (ServerTlsPolicyOutput) ElementType 

func (ServerTlsPolicyOutput) ElementType() reflect.Type

func (ServerTlsPolicyOutput) Labels 

func (o ServerTlsPolicyOutput) Labels() pulumi.StringMapOutput

Set of label tags associated with the ServerTlsPolicy resource. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (ServerTlsPolicyOutput) Location 

func (o ServerTlsPolicyOutput) Location() pulumi.StringPtrOutput

The location of the server tls policy. The default value is `global`.

func (ServerTlsPolicyOutput) MtlsPolicy 

func (o ServerTlsPolicyOutput) MtlsPolicy() ServerTlsPolicyMtlsPolicyPtrOutput

This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director. Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. Structure is documented below.

func (ServerTlsPolicyOutput) Name 

func (o ServerTlsPolicyOutput) Name() pulumi.StringOutput

Name of the ServerTlsPolicy resource.

***

func (ServerTlsPolicyOutput) Project 

func (o ServerTlsPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (ServerTlsPolicyOutput) PulumiLabels 

func (o ServerTlsPolicyOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (ServerTlsPolicyOutput) ServerCertificate 

func (o ServerTlsPolicyOutput) ServerCertificate() ServerTlsPolicyServerCertificatePtrOutput

Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS. Structure is documented below.

func (ServerTlsPolicyOutput) ToServerTlsPolicyOutput 

func (o ServerTlsPolicyOutput) ToServerTlsPolicyOutput() ServerTlsPolicyOutput

func (ServerTlsPolicyOutput) ToServerTlsPolicyOutputWithContext 

func (o ServerTlsPolicyOutput) ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput

func (ServerTlsPolicyOutput) UpdateTime 

func (o ServerTlsPolicyOutput) UpdateTime() pulumi.StringOutput

Time the ServerTlsPolicy was updated in UTC.

type ServerTlsPolicyServerCertificate 

type ServerTlsPolicyServerCertificate struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance *ServerTlsPolicyServerCertificateCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ServerTlsPolicyServerCertificateGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ServerTlsPolicyServerCertificateArgs 

type ServerTlsPolicyServerCertificateArgs struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ServerTlsPolicyServerCertificateGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ServerTlsPolicyServerCertificateArgs) ElementType 

func (ServerTlsPolicyServerCertificateArgs) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutput 

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutput() ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutputWithContext 

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutput 

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutputWithContext 

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificatePtrOutput

type ServerTlsPolicyServerCertificateCertificateProviderInstance 

type ServerTlsPolicyServerCertificateCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs 

type ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ElementType 

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput 

func (i ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput() ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext 

func (i ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput 

func (i ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext 

func (i ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

type ServerTlsPolicyServerCertificateCertificateProviderInstanceInput 

type ServerTlsPolicyServerCertificateCertificateProviderInstanceInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput() ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput
	ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext(context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput
}

ServerTlsPolicyServerCertificateCertificateProviderInstanceInput is an input type that accepts ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs and ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateCertificateProviderInstanceInput` via: 

ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs{...}

type ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput 

type ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ElementType 

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) PluginInstance 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) PluginInstance() pulumi.StringOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput() ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput 

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput
	ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput
}

ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput is an input type that accepts ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs, ServerTlsPolicyServerCertificateCertificateProviderInstancePtr and ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput` via: 

        ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs{...}

or:

        nil

func ServerTlsPolicyServerCertificateCertificateProviderInstancePtr 

func ServerTlsPolicyServerCertificateCertificateProviderInstancePtr(v *ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput 

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) Elem 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) Elem() ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ElementType 

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) PluginInstance 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) PluginInstance() pulumi.StringPtrOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext 

func (o ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

type ServerTlsPolicyServerCertificateGrpcEndpoint 

type ServerTlsPolicyServerCertificateGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ServerTlsPolicyServerCertificateGrpcEndpointArgs 

type ServerTlsPolicyServerCertificateGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ElementType 

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutput 

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutput() ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext 

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput 

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext 

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

type ServerTlsPolicyServerCertificateGrpcEndpointInput 

type ServerTlsPolicyServerCertificateGrpcEndpointInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateGrpcEndpointOutput() ServerTlsPolicyServerCertificateGrpcEndpointOutput
	ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext(context.Context) ServerTlsPolicyServerCertificateGrpcEndpointOutput
}

ServerTlsPolicyServerCertificateGrpcEndpointInput is an input type that accepts ServerTlsPolicyServerCertificateGrpcEndpointArgs and ServerTlsPolicyServerCertificateGrpcEndpointOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateGrpcEndpointInput` via: 

ServerTlsPolicyServerCertificateGrpcEndpointArgs{...}

type ServerTlsPolicyServerCertificateGrpcEndpointOutput 

type ServerTlsPolicyServerCertificateGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ElementType 

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) TargetUri 

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) TargetUri() pulumi.StringOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutput 

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutput() ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext 

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput 

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext 

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

type ServerTlsPolicyServerCertificateGrpcEndpointPtrInput 

type ServerTlsPolicyServerCertificateGrpcEndpointPtrInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput
	ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput
}

ServerTlsPolicyServerCertificateGrpcEndpointPtrInput is an input type that accepts ServerTlsPolicyServerCertificateGrpcEndpointArgs, ServerTlsPolicyServerCertificateGrpcEndpointPtr and ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateGrpcEndpointPtrInput` via: 

        ServerTlsPolicyServerCertificateGrpcEndpointArgs{...}

or:

        nil

func ServerTlsPolicyServerCertificateGrpcEndpointPtr 

func ServerTlsPolicyServerCertificateGrpcEndpointPtr(v *ServerTlsPolicyServerCertificateGrpcEndpointArgs) ServerTlsPolicyServerCertificateGrpcEndpointPtrInput

type ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput 

type ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) Elem 

func (o ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) Elem() ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ElementType 

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) TargetUri 

func (o ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) TargetUri() pulumi.StringPtrOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput 

func (o ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext 

func (o ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

type ServerTlsPolicyServerCertificateInput 

type ServerTlsPolicyServerCertificateInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateOutput() ServerTlsPolicyServerCertificateOutput
	ToServerTlsPolicyServerCertificateOutputWithContext(context.Context) ServerTlsPolicyServerCertificateOutput
}

ServerTlsPolicyServerCertificateInput is an input type that accepts ServerTlsPolicyServerCertificateArgs and ServerTlsPolicyServerCertificateOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateInput` via: 

ServerTlsPolicyServerCertificateArgs{...}

type ServerTlsPolicyServerCertificateOutput 

type ServerTlsPolicyServerCertificateOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateOutput) CertificateProviderInstance 

func (o ServerTlsPolicyServerCertificateOutput) CertificateProviderInstance() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported. Structure is documented below.

func (ServerTlsPolicyServerCertificateOutput) ElementType 

func (ServerTlsPolicyServerCertificateOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificateOutput) GrpcEndpoint 

func (o ServerTlsPolicyServerCertificateOutput) GrpcEndpoint() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutput 

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutput() ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutputWithContext 

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutput 

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext 

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificatePtrOutput

type ServerTlsPolicyServerCertificatePtrInput 

type ServerTlsPolicyServerCertificatePtrInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput
	ToServerTlsPolicyServerCertificatePtrOutputWithContext(context.Context) ServerTlsPolicyServerCertificatePtrOutput
}

ServerTlsPolicyServerCertificatePtrInput is an input type that accepts ServerTlsPolicyServerCertificateArgs, ServerTlsPolicyServerCertificatePtr and ServerTlsPolicyServerCertificatePtrOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificatePtrInput` via: 

        ServerTlsPolicyServerCertificateArgs{...}

or:

        nil

func ServerTlsPolicyServerCertificatePtr 

func ServerTlsPolicyServerCertificatePtr(v *ServerTlsPolicyServerCertificateArgs) ServerTlsPolicyServerCertificatePtrInput

type ServerTlsPolicyServerCertificatePtrOutput 

type ServerTlsPolicyServerCertificatePtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificatePtrOutput) CertificateProviderInstance 

func (o ServerTlsPolicyServerCertificatePtrOutput) CertificateProviderInstance() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported. Structure is documented below.

func (ServerTlsPolicyServerCertificatePtrOutput) Elem 

func (o ServerTlsPolicyServerCertificatePtrOutput) Elem() ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificatePtrOutput) ElementType 

func (ServerTlsPolicyServerCertificatePtrOutput) ElementType() reflect.Type

func (ServerTlsPolicyServerCertificatePtrOutput) GrpcEndpoint 

func (o ServerTlsPolicyServerCertificatePtrOutput) GrpcEndpoint() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutput 

func (o ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput

func (ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext 

func (o ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificatePtrOutput

type ServerTlsPolicyState 

type ServerTlsPolicyState struct {
	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies.
	// Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.
	// Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen pulumi.BoolPtrInput
	// Time the ServerTlsPolicy was created in UTC.
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Set of label tags associated with the ServerTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the server tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director.
	// Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections.
	// Structure is documented below.
	MtlsPolicy ServerTlsPolicyMtlsPolicyPtrInput
	// Name of the ServerTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ServerCertificate ServerTlsPolicyServerCertificatePtrInput
	// Time the ServerTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (ServerTlsPolicyState) ElementType 

func (ServerTlsPolicyState) ElementType() reflect.Type

type TlsInspectionPolicy 

type TlsInspectionPolicy struct {
	pulumi.CustomResourceState

	// A CA pool resource used to issue interception certificates.
	CaPool pulumi.StringOutput `pulumi:"caPool"`
	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// List of custom TLS cipher suites selected. This field is valid only if the selected tlsFeatureProfile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
	CustomTlsFeatures pulumi.StringArrayOutput `pulumi:"customTlsFeatures"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.
	ExcludePublicCaSet pulumi.BoolPtrOutput `pulumi:"excludePublicCaSet"`
	// The location of the tls inspection policy.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `TLS_VERSION_UNSPECIFIED`, `TLS_1_0`, `TLS_1_1`, `TLS_1_2`, `TLS_1_3`.
	MinTlsVersion pulumi.StringPtrOutput `pulumi:"minTlsVersion"`
	// Short name of the TlsInspectionPolicy resource to be created.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers (\"PROFILE_COMPATIBLE\"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `PROFILE_UNSPECIFIED`, `PROFILE_COMPATIBLE`, `PROFILE_MODERN`, `PROFILE_RESTRICTED`, `PROFILE_CUSTOM`.
	TlsFeatureProfile pulumi.StringPtrOutput `pulumi:"tlsFeatureProfile"`
	// A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form \"projects/{project}/locations/{location}/trustConfigs/{trust_config}\". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Trust config and the TLS inspection policy must be in the same region. Note that Secure Web Proxy does not yet honor this field.
	TrustConfig pulumi.StringPtrOutput `pulumi:"trustConfig"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

The TlsInspectionPolicy resource contains references to CA pools in Certificate Authority Service and associated metadata.

To get more information about TlsInspectionPolicy, see:

* [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.tlsInspectionPolicies) * How-to Guides

## Example Usage

### Network Security Tls Inspection Policy Basic

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificateauthority"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := certificateauthority.NewCaPool(ctx, "default", &certificateauthority.CaPoolArgs{
			Name:     pulumi.String("my-basic-ca-pool"),
			Location: pulumi.String("us-central1"),
			Tier:     pulumi.String("DEVOPS"),
			PublishingOptions: &certificateauthority.CaPoolPublishingOptionsArgs{
				PublishCaCert: pulumi.Bool(false),
				PublishCrl:    pulumi.Bool(false),
			},
			IssuancePolicy: &certificateauthority.CaPoolIssuancePolicyArgs{
				MaximumLifetime: pulumi.String("1209600s"),
				BaselineValues: &certificateauthority.CaPoolIssuancePolicyBaselineValuesArgs{
					CaOptions: &certificateauthority.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs{
						IsCa: pulumi.Bool(false),
					},
					KeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs{
						BaseKeyUsage: nil,
						ExtendedKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(true),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		defaultAuthority, err := certificateauthority.NewAuthority(ctx, "default", &certificateauthority.AuthorityArgs{
			Pool:                               _default.Name,
			CertificateAuthorityId:             pulumi.String("my-basic-certificate-authority"),
			Location:                           pulumi.String("us-central1"),
			Lifetime:                           pulumi.String("86400s"),
			Type:                               pulumi.String("SELF_SIGNED"),
			DeletionProtection:                 pulumi.Bool(false),
			SkipGracePeriod:                    pulumi.Bool(true),
			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
			Config: &certificateauthority.AuthorityConfigArgs{
				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
						Organization: pulumi.String("Test LLC"),
						CommonName:   pulumi.String("my-ca"),
					},
				},
				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
						IsCa: pulumi.Bool(true),
					},
					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
							CertSign: pulumi.Bool(true),
							CrlSign:  pulumi.Bool(true),
						},
						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(false),
						},
					},
				},
			},
			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
			},
		})
		if err != nil {
			return err
		}
		project, err := organizations.LookupProject(ctx, nil, nil)
		if err != nil {
			return err
		}
		tlsInspectionPermission, err := certificateauthority.NewCaPoolIamMember(ctx, "tls_inspection_permission", &certificateauthority.CaPoolIamMemberArgs{
			CaPool: _default.ID(),
			Role:   pulumi.String("roles/privateca.certificateManager"),
			Member: pulumi.Sprintf("serviceAccount:service-%v@gcp-sa-networksecurity.iam.gserviceaccount.com", project.Number),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewTlsInspectionPolicy(ctx, "default", &networksecurity.TlsInspectionPolicyArgs{
			Name:               pulumi.String("my-tls-inspection-policy"),
			Location:           pulumi.String("us-central1"),
			CaPool:             _default.ID(),
			ExcludePublicCaSet: pulumi.Bool(false),
		}, pulumi.DependsOn([]pulumi.Resource{
			_default,
			defaultAuthority,
			tlsInspectionPermission,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Tls Inspection Policy Custom

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificateauthority"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificatemanager"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/projects"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := certificateauthority.NewCaPool(ctx, "default", &certificateauthority.CaPoolArgs{
			Name:     pulumi.String("my-basic-ca-pool"),
			Location: pulumi.String("us-central1"),
			Tier:     pulumi.String("DEVOPS"),
			PublishingOptions: &certificateauthority.CaPoolPublishingOptionsArgs{
				PublishCaCert: pulumi.Bool(false),
				PublishCrl:    pulumi.Bool(false),
			},
			IssuancePolicy: &certificateauthority.CaPoolIssuancePolicyArgs{
				MaximumLifetime: pulumi.String("1209600s"),
				BaselineValues: &certificateauthority.CaPoolIssuancePolicyBaselineValuesArgs{
					CaOptions: &certificateauthority.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs{
						IsCa: pulumi.Bool(false),
					},
					KeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs{
						BaseKeyUsage: nil,
						ExtendedKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(true),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		defaultAuthority, err := certificateauthority.NewAuthority(ctx, "default", &certificateauthority.AuthorityArgs{
			Pool:                               _default.Name,
			CertificateAuthorityId:             pulumi.String("my-basic-certificate-authority"),
			Location:                           pulumi.String("us-central1"),
			Lifetime:                           pulumi.String("86400s"),
			Type:                               pulumi.String("SELF_SIGNED"),
			DeletionProtection:                 pulumi.Bool(false),
			SkipGracePeriod:                    pulumi.Bool(true),
			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
			Config: &certificateauthority.AuthorityConfigArgs{
				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
						Organization: pulumi.String("Test LLC"),
						CommonName:   pulumi.String("my-ca"),
					},
				},
				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
						IsCa: pulumi.Bool(true),
					},
					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
							CertSign: pulumi.Bool(true),
							CrlSign:  pulumi.Bool(true),
						},
						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(false),
						},
					},
				},
			},
			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
			},
		})
		if err != nil {
			return err
		}
		nsSa, err := projects.NewServiceIdentity(ctx, "ns_sa", &projects.ServiceIdentityArgs{
			Service: pulumi.String("networksecurity.googleapis.com"),
		})
		if err != nil {
			return err
		}
		defaultCaPoolIamMember, err := certificateauthority.NewCaPoolIamMember(ctx, "default", &certificateauthority.CaPoolIamMemberArgs{
			CaPool: _default.ID(),
			Role:   pulumi.String("roles/privateca.certificateManager"),
			Member: nsSa.Member,
		})
		if err != nil {
			return err
		}
		invokeFile, err := std.File(ctx, &std.FileArgs{
			Input: "test-fixtures/ca_cert.pem",
		}, nil)
		if err != nil {
			return err
		}
		invokeFile1, err := std.File(ctx, &std.FileArgs{
			Input: "test-fixtures/ca_cert.pem",
		}, nil)
		if err != nil {
			return err
		}
		defaultTrustConfig, err := certificatemanager.NewTrustConfig(ctx, "default", &certificatemanager.TrustConfigArgs{
			Name:        pulumi.String("my-trust-config"),
			Description: pulumi.String("sample trust config description"),
			Location:    pulumi.String("us-central1"),
			TrustStores: certificatemanager.TrustConfigTrustStoreArray{
				&certificatemanager.TrustConfigTrustStoreArgs{
					TrustAnchors: certificatemanager.TrustConfigTrustStoreTrustAnchorArray{
						&certificatemanager.TrustConfigTrustStoreTrustAnchorArgs{
							PemCertificate: pulumi.String(invokeFile.Result),
						},
					},
					IntermediateCas: certificatemanager.TrustConfigTrustStoreIntermediateCaArray{
						&certificatemanager.TrustConfigTrustStoreIntermediateCaArgs{
							PemCertificate: pulumi.String(invokeFile1.Result),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewTlsInspectionPolicy(ctx, "default", &networksecurity.TlsInspectionPolicyArgs{
			Name:               pulumi.String("my-tls-inspection-policy"),
			Location:           pulumi.String("us-central1"),
			CaPool:             _default.ID(),
			ExcludePublicCaSet: pulumi.Bool(false),
			MinTlsVersion:      pulumi.String("TLS_1_0"),
			TrustConfig:        defaultTrustConfig.ID(),
			TlsFeatureProfile:  pulumi.String("PROFILE_CUSTOM"),
			CustomTlsFeatures: pulumi.StringArray{
				pulumi.String("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"),
				pulumi.String("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"),
				pulumi.String("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"),
				pulumi.String("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"),
				pulumi.String("TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"),
				pulumi.String("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"),
				pulumi.String("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"),
				pulumi.String("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"),
				pulumi.String("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"),
				pulumi.String("TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"),
				pulumi.String("TLS_RSA_WITH_3DES_EDE_CBC_SHA"),
				pulumi.String("TLS_RSA_WITH_AES_128_CBC_SHA"),
				pulumi.String("TLS_RSA_WITH_AES_128_GCM_SHA256"),
				pulumi.String("TLS_RSA_WITH_AES_256_CBC_SHA"),
				pulumi.String("TLS_RSA_WITH_AES_256_GCM_SHA384"),
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			defaultAuthority,
			defaultCaPoolIamMember,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

TlsInspectionPolicy can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/tlsInspectionPolicies/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, TlsInspectionPolicy can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/tlsInspectionPolicy:TlsInspectionPolicy default projects/{{project}}/locations/{{location}}/tlsInspectionPolicies/{{name}} ```

```sh $ pulumi import gcp:networksecurity/tlsInspectionPolicy:TlsInspectionPolicy default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/tlsInspectionPolicy:TlsInspectionPolicy default {{location}}/{{name}} ```

func GetTlsInspectionPolicy 

func GetTlsInspectionPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *TlsInspectionPolicyState, opts ...pulumi.ResourceOption) (*TlsInspectionPolicy, error)

GetTlsInspectionPolicy gets an existing TlsInspectionPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewTlsInspectionPolicy 

func NewTlsInspectionPolicy(ctx *pulumi.Context,
	name string, args *TlsInspectionPolicyArgs, opts ...pulumi.ResourceOption) (*TlsInspectionPolicy, error)

NewTlsInspectionPolicy registers a new resource with the given unique name, arguments, and options.

func (*TlsInspectionPolicy) ElementType 

func (*TlsInspectionPolicy) ElementType() reflect.Type

func (*TlsInspectionPolicy) ToTlsInspectionPolicyOutput 

func (i *TlsInspectionPolicy) ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput

func (*TlsInspectionPolicy) ToTlsInspectionPolicyOutputWithContext 

func (i *TlsInspectionPolicy) ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput

type TlsInspectionPolicyArgs 

type TlsInspectionPolicyArgs struct {
	// A CA pool resource used to issue interception certificates.
	CaPool pulumi.StringInput
	// List of custom TLS cipher suites selected. This field is valid only if the selected tlsFeatureProfile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
	CustomTlsFeatures pulumi.StringArrayInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.
	ExcludePublicCaSet pulumi.BoolPtrInput
	// The location of the tls inspection policy.
	Location pulumi.StringPtrInput
	// Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `TLS_VERSION_UNSPECIFIED`, `TLS_1_0`, `TLS_1_1`, `TLS_1_2`, `TLS_1_3`.
	MinTlsVersion pulumi.StringPtrInput
	// Short name of the TlsInspectionPolicy resource to be created.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers (\"PROFILE_COMPATIBLE\"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `PROFILE_UNSPECIFIED`, `PROFILE_COMPATIBLE`, `PROFILE_MODERN`, `PROFILE_RESTRICTED`, `PROFILE_CUSTOM`.
	TlsFeatureProfile pulumi.StringPtrInput
	// A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form \"projects/{project}/locations/{location}/trustConfigs/{trust_config}\". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Trust config and the TLS inspection policy must be in the same region. Note that Secure Web Proxy does not yet honor this field.
	TrustConfig pulumi.StringPtrInput
}

The set of arguments for constructing a TlsInspectionPolicy resource.

func (TlsInspectionPolicyArgs) ElementType 

func (TlsInspectionPolicyArgs) ElementType() reflect.Type

type TlsInspectionPolicyArray 

type TlsInspectionPolicyArray []TlsInspectionPolicyInput

func (TlsInspectionPolicyArray) ElementType 

func (TlsInspectionPolicyArray) ElementType() reflect.Type

func (TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutput 

func (i TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutput() TlsInspectionPolicyArrayOutput

func (TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutputWithContext 

func (i TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutputWithContext(ctx context.Context) TlsInspectionPolicyArrayOutput

type TlsInspectionPolicyArrayInput 

type TlsInspectionPolicyArrayInput interface {
	pulumi.Input

	ToTlsInspectionPolicyArrayOutput() TlsInspectionPolicyArrayOutput
	ToTlsInspectionPolicyArrayOutputWithContext(context.Context) TlsInspectionPolicyArrayOutput
}

TlsInspectionPolicyArrayInput is an input type that accepts TlsInspectionPolicyArray and TlsInspectionPolicyArrayOutput values. You can construct a concrete instance of `TlsInspectionPolicyArrayInput` via: 

TlsInspectionPolicyArray{ TlsInspectionPolicyArgs{...} }

type TlsInspectionPolicyArrayOutput 

type TlsInspectionPolicyArrayOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyArrayOutput) ElementType 

func (TlsInspectionPolicyArrayOutput) ElementType() reflect.Type

func (TlsInspectionPolicyArrayOutput) Index 

func (o TlsInspectionPolicyArrayOutput) Index(i pulumi.IntInput) TlsInspectionPolicyOutput

func (TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutput 

func (o TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutput() TlsInspectionPolicyArrayOutput

func (TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutputWithContext 

func (o TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutputWithContext(ctx context.Context) TlsInspectionPolicyArrayOutput

type TlsInspectionPolicyInput 

type TlsInspectionPolicyInput interface {
	pulumi.Input

	ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput
	ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput
}

type TlsInspectionPolicyMap 

type TlsInspectionPolicyMap map[string]TlsInspectionPolicyInput

func (TlsInspectionPolicyMap) ElementType 

func (TlsInspectionPolicyMap) ElementType() reflect.Type

func (TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutput 

func (i TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutput() TlsInspectionPolicyMapOutput

func (TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutputWithContext 

func (i TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutputWithContext(ctx context.Context) TlsInspectionPolicyMapOutput

type TlsInspectionPolicyMapInput 

type TlsInspectionPolicyMapInput interface {
	pulumi.Input

	ToTlsInspectionPolicyMapOutput() TlsInspectionPolicyMapOutput
	ToTlsInspectionPolicyMapOutputWithContext(context.Context) TlsInspectionPolicyMapOutput
}

TlsInspectionPolicyMapInput is an input type that accepts TlsInspectionPolicyMap and TlsInspectionPolicyMapOutput values. You can construct a concrete instance of `TlsInspectionPolicyMapInput` via: 

TlsInspectionPolicyMap{ "key": TlsInspectionPolicyArgs{...} }

type TlsInspectionPolicyMapOutput 

type TlsInspectionPolicyMapOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyMapOutput) ElementType 

func (TlsInspectionPolicyMapOutput) ElementType() reflect.Type

func (TlsInspectionPolicyMapOutput) MapIndex 

func (o TlsInspectionPolicyMapOutput) MapIndex(k pulumi.StringInput) TlsInspectionPolicyOutput

func (TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutput 

func (o TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutput() TlsInspectionPolicyMapOutput

func (TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutputWithContext 

func (o TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutputWithContext(ctx context.Context) TlsInspectionPolicyMapOutput

type TlsInspectionPolicyOutput 

type TlsInspectionPolicyOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyOutput) CaPool 

func (o TlsInspectionPolicyOutput) CaPool() pulumi.StringOutput

A CA pool resource used to issue interception certificates.

func (TlsInspectionPolicyOutput) CreateTime 

func (o TlsInspectionPolicyOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (TlsInspectionPolicyOutput) CustomTlsFeatures 

func (o TlsInspectionPolicyOutput) CustomTlsFeatures() pulumi.StringArrayOutput

List of custom TLS cipher suites selected. This field is valid only if the selected tlsFeatureProfile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.

func (TlsInspectionPolicyOutput) Description 

func (o TlsInspectionPolicyOutput) Description() pulumi.StringPtrOutput

Free-text description of the resource.

func (TlsInspectionPolicyOutput) ElementType 

func (TlsInspectionPolicyOutput) ElementType() reflect.Type

func (TlsInspectionPolicyOutput) ExcludePublicCaSet 

func (o TlsInspectionPolicyOutput) ExcludePublicCaSet() pulumi.BoolPtrOutput

If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.

func (TlsInspectionPolicyOutput) Location 

func (o TlsInspectionPolicyOutput) Location() pulumi.StringPtrOutput

The location of the tls inspection policy.

func (TlsInspectionPolicyOutput) MinTlsVersion 

func (o TlsInspectionPolicyOutput) MinTlsVersion() pulumi.StringPtrOutput

Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field. Possible values are: `TLS_VERSION_UNSPECIFIED`, `TLS_1_0`, `TLS_1_1`, `TLS_1_2`, `TLS_1_3`.

func (TlsInspectionPolicyOutput) Name 

func (o TlsInspectionPolicyOutput) Name() pulumi.StringOutput

Short name of the TlsInspectionPolicy resource to be created.

***

func (TlsInspectionPolicyOutput) Project 

func (o TlsInspectionPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (TlsInspectionPolicyOutput) TlsFeatureProfile 

func (o TlsInspectionPolicyOutput) TlsFeatureProfile() pulumi.StringPtrOutput

The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers (\"PROFILE_COMPATIBLE\"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field. Possible values are: `PROFILE_UNSPECIFIED`, `PROFILE_COMPATIBLE`, `PROFILE_MODERN`, `PROFILE_RESTRICTED`, `PROFILE_CUSTOM`.

func (TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutput 

func (o TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput

func (TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutputWithContext 

func (o TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput

func (TlsInspectionPolicyOutput) TrustConfig 

func (o TlsInspectionPolicyOutput) TrustConfig() pulumi.StringPtrOutput

A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form \"projects/{project}/locations/{location}/trustConfigs/{trust_config}\". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Trust config and the TLS inspection policy must be in the same region. Note that Secure Web Proxy does not yet honor this field.

func (TlsInspectionPolicyOutput) UpdateTime 

func (o TlsInspectionPolicyOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type TlsInspectionPolicyState 

type TlsInspectionPolicyState struct {
	// A CA pool resource used to issue interception certificates.
	CaPool pulumi.StringPtrInput
	// The timestamp when the resource was created.
	CreateTime pulumi.StringPtrInput
	// List of custom TLS cipher suites selected. This field is valid only if the selected tlsFeatureProfile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
	CustomTlsFeatures pulumi.StringArrayInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.
	ExcludePublicCaSet pulumi.BoolPtrInput
	// The location of the tls inspection policy.
	Location pulumi.StringPtrInput
	// Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `TLS_VERSION_UNSPECIFIED`, `TLS_1_0`, `TLS_1_1`, `TLS_1_2`, `TLS_1_3`.
	MinTlsVersion pulumi.StringPtrInput
	// Short name of the TlsInspectionPolicy resource to be created.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers (\"PROFILE_COMPATIBLE\"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `PROFILE_UNSPECIFIED`, `PROFILE_COMPATIBLE`, `PROFILE_MODERN`, `PROFILE_RESTRICTED`, `PROFILE_CUSTOM`.
	TlsFeatureProfile pulumi.StringPtrInput
	// A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form \"projects/{project}/locations/{location}/trustConfigs/{trust_config}\". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Trust config and the TLS inspection policy must be in the same region. Note that Secure Web Proxy does not yet honor this field.
	TrustConfig pulumi.StringPtrInput
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringPtrInput
}

func (TlsInspectionPolicyState) ElementType 

func (TlsInspectionPolicyState) ElementType() reflect.Type

type UrlList 

type UrlList struct {
	pulumi.CustomResourceState

	// Output only. Time when the security policy was created.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The location of the url lists.
	//
	// ***
	Location pulumi.StringOutput `pulumi:"location"`
	// Short name of the UrlList resource to be created.
	// This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// Output only. Time when the security policy was updated.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
	// FQDNs and URLs.
	Values pulumi.StringArrayOutput `pulumi:"values"`
}

UrlList proto helps users to set reusable, independently manageable lists of hosts, host patterns, URLs, URL patterns.

To get more information about UrlLists, see:

* [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.urlLists) * How-to Guides

  • Use UrlLists

## Example Usage

### Network Security Url Lists Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewUrlList(ctx, "default", &networksecurity.UrlListArgs{
			Name:     pulumi.String("my-url-lists"),
			Location: pulumi.String("us-central1"),
			Values: pulumi.StringArray{
				pulumi.String("www.example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Url Lists Advanced

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewUrlList(ctx, "default", &networksecurity.UrlListArgs{
			Name:        pulumi.String("my-url-lists"),
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("my description"),
			Values: pulumi.StringArray{
				pulumi.String("www.example.com"),
				pulumi.String("about.example.com"),
				pulumi.String("github.com/example-org/*"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

UrlLists can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/urlLists/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, UrlLists can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/urlList:UrlList default projects/{{project}}/locations/{{location}}/urlLists/{{name}} ```

```sh $ pulumi import gcp:networksecurity/urlList:UrlList default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/urlList:UrlList default {{location}}/{{name}} ```

func GetUrlList 

func GetUrlList(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UrlListState, opts ...pulumi.ResourceOption) (*UrlList, error)

GetUrlList gets an existing UrlList resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUrlList 

func NewUrlList(ctx *pulumi.Context,
	name string, args *UrlListArgs, opts ...pulumi.ResourceOption) (*UrlList, error)

NewUrlList registers a new resource with the given unique name, arguments, and options.

func (*UrlList) ElementType 

func (*UrlList) ElementType() reflect.Type

func (*UrlList) ToUrlListOutput 

func (i *UrlList) ToUrlListOutput() UrlListOutput

func (*UrlList) ToUrlListOutputWithContext 

func (i *UrlList) ToUrlListOutputWithContext(ctx context.Context) UrlListOutput

type UrlListArgs 

type UrlListArgs struct {
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// The location of the url lists.
	//
	// ***
	Location pulumi.StringInput
	// Short name of the UrlList resource to be created.
	// This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// FQDNs and URLs.
	Values pulumi.StringArrayInput
}

The set of arguments for constructing a UrlList resource.

func (UrlListArgs) ElementType 

func (UrlListArgs) ElementType() reflect.Type

type UrlListArray 

type UrlListArray []UrlListInput

func (UrlListArray) ElementType 

func (UrlListArray) ElementType() reflect.Type

func (UrlListArray) ToUrlListArrayOutput 

func (i UrlListArray) ToUrlListArrayOutput() UrlListArrayOutput

func (UrlListArray) ToUrlListArrayOutputWithContext 

func (i UrlListArray) ToUrlListArrayOutputWithContext(ctx context.Context) UrlListArrayOutput

type UrlListArrayInput 

type UrlListArrayInput interface {
	pulumi.Input

	ToUrlListArrayOutput() UrlListArrayOutput
	ToUrlListArrayOutputWithContext(context.Context) UrlListArrayOutput
}

UrlListArrayInput is an input type that accepts UrlListArray and UrlListArrayOutput values. You can construct a concrete instance of `UrlListArrayInput` via: 

UrlListArray{ UrlListArgs{...} }

type UrlListArrayOutput 

type UrlListArrayOutput struct{ *pulumi.OutputState }

func (UrlListArrayOutput) ElementType 

func (UrlListArrayOutput) ElementType() reflect.Type

func (UrlListArrayOutput) Index 

func (o UrlListArrayOutput) Index(i pulumi.IntInput) UrlListOutput

func (UrlListArrayOutput) ToUrlListArrayOutput 

func (o UrlListArrayOutput) ToUrlListArrayOutput() UrlListArrayOutput

func (UrlListArrayOutput) ToUrlListArrayOutputWithContext 

func (o UrlListArrayOutput) ToUrlListArrayOutputWithContext(ctx context.Context) UrlListArrayOutput

type UrlListInput 

type UrlListInput interface {
	pulumi.Input

	ToUrlListOutput() UrlListOutput
	ToUrlListOutputWithContext(ctx context.Context) UrlListOutput
}

type UrlListMap 

type UrlListMap map[string]UrlListInput

func (UrlListMap) ElementType 

func (UrlListMap) ElementType() reflect.Type

func (UrlListMap) ToUrlListMapOutput 

func (i UrlListMap) ToUrlListMapOutput() UrlListMapOutput

func (UrlListMap) ToUrlListMapOutputWithContext 

func (i UrlListMap) ToUrlListMapOutputWithContext(ctx context.Context) UrlListMapOutput

type UrlListMapInput 

type UrlListMapInput interface {
	pulumi.Input

	ToUrlListMapOutput() UrlListMapOutput
	ToUrlListMapOutputWithContext(context.Context) UrlListMapOutput
}

UrlListMapInput is an input type that accepts UrlListMap and UrlListMapOutput values. You can construct a concrete instance of `UrlListMapInput` via: 

UrlListMap{ "key": UrlListArgs{...} }

type UrlListMapOutput 

type UrlListMapOutput struct{ *pulumi.OutputState }

func (UrlListMapOutput) ElementType 

func (UrlListMapOutput) ElementType() reflect.Type

func (UrlListMapOutput) MapIndex 

func (o UrlListMapOutput) MapIndex(k pulumi.StringInput) UrlListOutput

func (UrlListMapOutput) ToUrlListMapOutput 

func (o UrlListMapOutput) ToUrlListMapOutput() UrlListMapOutput

func (UrlListMapOutput) ToUrlListMapOutputWithContext 

func (o UrlListMapOutput) ToUrlListMapOutputWithContext(ctx context.Context) UrlListMapOutput

type UrlListOutput 

type UrlListOutput struct{ *pulumi.OutputState }

func (UrlListOutput) CreateTime 

func (o UrlListOutput) CreateTime() pulumi.StringOutput

Output only. Time when the security policy was created. A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits. Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'

func (UrlListOutput) Description 

func (o UrlListOutput) Description() pulumi.StringPtrOutput

Free-text description of the resource.

func (UrlListOutput) ElementType 

func (UrlListOutput) ElementType() reflect.Type

func (UrlListOutput) Location 

func (o UrlListOutput) Location() pulumi.StringOutput

The location of the url lists.

***

func (UrlListOutput) Name 

func (o UrlListOutput) Name() pulumi.StringOutput

Short name of the UrlList resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.

func (UrlListOutput) Project 

func (o UrlListOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (UrlListOutput) ToUrlListOutput 

func (o UrlListOutput) ToUrlListOutput() UrlListOutput

func (UrlListOutput) ToUrlListOutputWithContext 

func (o UrlListOutput) ToUrlListOutputWithContext(ctx context.Context) UrlListOutput

func (UrlListOutput) UpdateTime 

func (o UrlListOutput) UpdateTime() pulumi.StringOutput

Output only. Time when the security policy was updated. A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits. Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'.

func (UrlListOutput) Values 

func (o UrlListOutput) Values() pulumi.StringArrayOutput

FQDNs and URLs.

type UrlListState 

type UrlListState struct {
	// Output only. Time when the security policy was created.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'
	CreateTime pulumi.StringPtrInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// The location of the url lists.
	//
	// ***
	Location pulumi.StringPtrInput
	// Short name of the UrlList resource to be created.
	// This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Output only. Time when the security policy was updated.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'.
	UpdateTime pulumi.StringPtrInput
	// FQDNs and URLs.
	Values pulumi.StringArrayInput
}

func (UrlListState) ElementType 

func (UrlListState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.