networksecurity

package
v8.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 15, 2025 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AddressGroup

type AddressGroup struct {
	pulumi.CustomResourceState

	// Capacity of the Address Group.
	Capacity pulumi.IntOutput `pulumi:"capacity"`
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// List of items.
	Items pulumi.StringArrayOutput `pulumi:"items"`
	// Set of label tags associated with the AddressGroup resource.
	// An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the gateway security policy.
	// The default value is `global`.
	//
	// ***
	Location pulumi.StringOutput `pulumi:"location"`
	// Name of the AddressGroup resource.
	Name pulumi.StringOutput `pulumi:"name"`
	// The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.
	Parent pulumi.StringPtrOutput `pulumi:"parent"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// List of supported purposes of the Address Group.
	// Each value may be one of: `DEFAULT`, `CLOUD_ARMOR`.
	Purposes pulumi.StringArrayOutput `pulumi:"purposes"`
	// The type of the Address Group. Possible values are "IPV4" or "IPV6".
	// Possible values are: `IPV4`, `IPV6`.
	Type pulumi.StringOutput `pulumi:"type"`
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

AddressGroup is a resource that specifies how a collection of IP/DNS used in Firewall Policy.

To get more information about AddressGroup, see:

* [API documentation](https://cloud.google.com/traffic-director/docs/reference/network-security/rest/v1beta1/organizations.locations.addressGroups) * How-to Guides

## Example Usage

### Network Security Address Groups Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAddressGroup(ctx, "default", &networksecurity.AddressGroupArgs{
			Name:     pulumi.String("my-address-groups"),
			Parent:   pulumi.String("projects/my-project-name"),
			Location: pulumi.String("us-central1"),
			Type:     pulumi.String("IPV4"),
			Capacity: pulumi.Int(100),
			Items: pulumi.StringArray{
				pulumi.String("208.80.154.224/32"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Address Groups Organization Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAddressGroup(ctx, "default", &networksecurity.AddressGroupArgs{
			Name:     pulumi.String("my-address-groups"),
			Parent:   pulumi.String("organizations/123456789"),
			Location: pulumi.String("us-central1"),
			Type:     pulumi.String("IPV4"),
			Capacity: pulumi.Int(100),
			Items: pulumi.StringArray{
				pulumi.String("208.80.154.224/32"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Address Groups Advanced

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAddressGroup(ctx, "default", &networksecurity.AddressGroupArgs{
			Name:        pulumi.String("my-address-groups"),
			Parent:      pulumi.String("projects/my-project-name"),
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("my description"),
			Type:        pulumi.String("IPV4"),
			Capacity:    pulumi.Int(100),
			Items: pulumi.StringArray{
				pulumi.String("208.80.154.224/32"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Address Groups Cloud Armor

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAddressGroup(ctx, "default", &networksecurity.AddressGroupArgs{
			Name:     pulumi.String("my-address-groups"),
			Parent:   pulumi.String("projects/my-project-name"),
			Location: pulumi.String("global"),
			Type:     pulumi.String("IPV4"),
			Capacity: pulumi.Int(100),
			Purposes: pulumi.StringArray{
				pulumi.String("CLOUD_ARMOR"),
			},
			Items: pulumi.StringArray{
				pulumi.String("208.80.154.224/32"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

AddressGroup can be imported using any of these accepted formats:

* `{{parent}}/locations/{{location}}/addressGroups/{{name}}`

When using the `pulumi import` command, AddressGroup can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/addressGroup:AddressGroup default {{parent}}/locations/{{location}}/addressGroups/{{name}} ```

func GetAddressGroup

func GetAddressGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupState, opts ...pulumi.ResourceOption) (*AddressGroup, error)

GetAddressGroup gets an existing AddressGroup resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroup

func NewAddressGroup(ctx *pulumi.Context,
	name string, args *AddressGroupArgs, opts ...pulumi.ResourceOption) (*AddressGroup, error)

NewAddressGroup registers a new resource with the given unique name, arguments, and options.

func (*AddressGroup) ElementType

func (*AddressGroup) ElementType() reflect.Type

func (*AddressGroup) ToAddressGroupOutput

func (i *AddressGroup) ToAddressGroupOutput() AddressGroupOutput

func (*AddressGroup) ToAddressGroupOutputWithContext

func (i *AddressGroup) ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput

type AddressGroupArgs

type AddressGroupArgs struct {
	// Capacity of the Address Group.
	Capacity pulumi.IntInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// List of items.
	Items pulumi.StringArrayInput
	// Set of label tags associated with the AddressGroup resource.
	// An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the gateway security policy.
	// The default value is `global`.
	//
	// ***
	Location pulumi.StringInput
	// Name of the AddressGroup resource.
	Name pulumi.StringPtrInput
	// The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.
	Parent pulumi.StringPtrInput
	// List of supported purposes of the Address Group.
	// Each value may be one of: `DEFAULT`, `CLOUD_ARMOR`.
	Purposes pulumi.StringArrayInput
	// The type of the Address Group. Possible values are "IPV4" or "IPV6".
	// Possible values are: `IPV4`, `IPV6`.
	Type pulumi.StringInput
}

The set of arguments for constructing a AddressGroup resource.

func (AddressGroupArgs) ElementType

func (AddressGroupArgs) ElementType() reflect.Type

type AddressGroupArray

type AddressGroupArray []AddressGroupInput

func (AddressGroupArray) ElementType

func (AddressGroupArray) ElementType() reflect.Type

func (AddressGroupArray) ToAddressGroupArrayOutput

func (i AddressGroupArray) ToAddressGroupArrayOutput() AddressGroupArrayOutput

func (AddressGroupArray) ToAddressGroupArrayOutputWithContext

func (i AddressGroupArray) ToAddressGroupArrayOutputWithContext(ctx context.Context) AddressGroupArrayOutput

type AddressGroupArrayInput

type AddressGroupArrayInput interface {
	pulumi.Input

	ToAddressGroupArrayOutput() AddressGroupArrayOutput
	ToAddressGroupArrayOutputWithContext(context.Context) AddressGroupArrayOutput
}

AddressGroupArrayInput is an input type that accepts AddressGroupArray and AddressGroupArrayOutput values. You can construct a concrete instance of `AddressGroupArrayInput` via:

AddressGroupArray{ AddressGroupArgs{...} }

type AddressGroupArrayOutput

type AddressGroupArrayOutput struct{ *pulumi.OutputState }

func (AddressGroupArrayOutput) ElementType

func (AddressGroupArrayOutput) ElementType() reflect.Type

func (AddressGroupArrayOutput) Index

func (AddressGroupArrayOutput) ToAddressGroupArrayOutput

func (o AddressGroupArrayOutput) ToAddressGroupArrayOutput() AddressGroupArrayOutput

func (AddressGroupArrayOutput) ToAddressGroupArrayOutputWithContext

func (o AddressGroupArrayOutput) ToAddressGroupArrayOutputWithContext(ctx context.Context) AddressGroupArrayOutput

type AddressGroupIamBinding

type AddressGroupIamBinding struct {
	pulumi.CustomResourceState

	Condition AddressGroupIamBindingConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringOutput `pulumi:"location"`
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Three different resources help you manage your IAM policy for Network security ProjectAddressGroup. Each of these resources serves a different use case:

* `networksecurity.AddressGroupIamPolicy`: Authoritative. Sets the IAM policy for the projectaddressgroup and replaces any existing policy already attached. * `networksecurity.AddressGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the projectaddressgroup are preserved. * `networksecurity.AddressGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the projectaddressgroup are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `networksecurity.AddressGroupIamPolicy`: Retrieves the IAM policy for the projectaddressgroup

> **Note:** `networksecurity.AddressGroupIamPolicy` **cannot** be used in conjunction with `networksecurity.AddressGroupIamBinding` and `networksecurity.AddressGroupIamMember` or they will fight over what your policy should be.

> **Note:** `networksecurity.AddressGroupIamBinding` resources **can be** used in conjunction with `networksecurity.AddressGroupIamMember` resources **only if** they do not grant privilege to the same role.

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/locations/{{location}}/addressGroups/{{name}}

* {{project}}/{{location}}/{{name}}

* {{location}}/{{name}}

* {{name}}

Any variables not passed in the import command will be taken from the provider configuration.

Network security projectaddressgroup IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamBinding:AddressGroupIamBinding editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamBinding:AddressGroupIamBinding editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamBinding:AddressGroupIamBinding editor projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} ```

-> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetAddressGroupIamBinding

func GetAddressGroupIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupIamBindingState, opts ...pulumi.ResourceOption) (*AddressGroupIamBinding, error)

GetAddressGroupIamBinding gets an existing AddressGroupIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroupIamBinding

func NewAddressGroupIamBinding(ctx *pulumi.Context,
	name string, args *AddressGroupIamBindingArgs, opts ...pulumi.ResourceOption) (*AddressGroupIamBinding, error)

NewAddressGroupIamBinding registers a new resource with the given unique name, arguments, and options.

func (*AddressGroupIamBinding) ElementType

func (*AddressGroupIamBinding) ElementType() reflect.Type

func (*AddressGroupIamBinding) ToAddressGroupIamBindingOutput

func (i *AddressGroupIamBinding) ToAddressGroupIamBindingOutput() AddressGroupIamBindingOutput

func (*AddressGroupIamBinding) ToAddressGroupIamBindingOutputWithContext

func (i *AddressGroupIamBinding) ToAddressGroupIamBindingOutputWithContext(ctx context.Context) AddressGroupIamBindingOutput

type AddressGroupIamBindingArgs

type AddressGroupIamBindingArgs struct {
	Condition AddressGroupIamBindingConditionPtrInput
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a AddressGroupIamBinding resource.

func (AddressGroupIamBindingArgs) ElementType

func (AddressGroupIamBindingArgs) ElementType() reflect.Type

type AddressGroupIamBindingArray

type AddressGroupIamBindingArray []AddressGroupIamBindingInput

func (AddressGroupIamBindingArray) ElementType

func (AddressGroupIamBindingArray) ToAddressGroupIamBindingArrayOutput

func (i AddressGroupIamBindingArray) ToAddressGroupIamBindingArrayOutput() AddressGroupIamBindingArrayOutput

func (AddressGroupIamBindingArray) ToAddressGroupIamBindingArrayOutputWithContext

func (i AddressGroupIamBindingArray) ToAddressGroupIamBindingArrayOutputWithContext(ctx context.Context) AddressGroupIamBindingArrayOutput

type AddressGroupIamBindingArrayInput

type AddressGroupIamBindingArrayInput interface {
	pulumi.Input

	ToAddressGroupIamBindingArrayOutput() AddressGroupIamBindingArrayOutput
	ToAddressGroupIamBindingArrayOutputWithContext(context.Context) AddressGroupIamBindingArrayOutput
}

AddressGroupIamBindingArrayInput is an input type that accepts AddressGroupIamBindingArray and AddressGroupIamBindingArrayOutput values. You can construct a concrete instance of `AddressGroupIamBindingArrayInput` via:

AddressGroupIamBindingArray{ AddressGroupIamBindingArgs{...} }

type AddressGroupIamBindingArrayOutput

type AddressGroupIamBindingArrayOutput struct{ *pulumi.OutputState }

func (AddressGroupIamBindingArrayOutput) ElementType

func (AddressGroupIamBindingArrayOutput) Index

func (AddressGroupIamBindingArrayOutput) ToAddressGroupIamBindingArrayOutput

func (o AddressGroupIamBindingArrayOutput) ToAddressGroupIamBindingArrayOutput() AddressGroupIamBindingArrayOutput

func (AddressGroupIamBindingArrayOutput) ToAddressGroupIamBindingArrayOutputWithContext

func (o AddressGroupIamBindingArrayOutput) ToAddressGroupIamBindingArrayOutputWithContext(ctx context.Context) AddressGroupIamBindingArrayOutput

type AddressGroupIamBindingCondition

type AddressGroupIamBindingCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type AddressGroupIamBindingConditionArgs

type AddressGroupIamBindingConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (AddressGroupIamBindingConditionArgs) ElementType

func (AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionOutput

func (i AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionOutput() AddressGroupIamBindingConditionOutput

func (AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionOutputWithContext

func (i AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionOutputWithContext(ctx context.Context) AddressGroupIamBindingConditionOutput

func (AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionPtrOutput

func (i AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionPtrOutput() AddressGroupIamBindingConditionPtrOutput

func (AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionPtrOutputWithContext

func (i AddressGroupIamBindingConditionArgs) ToAddressGroupIamBindingConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamBindingConditionPtrOutput

type AddressGroupIamBindingConditionInput

type AddressGroupIamBindingConditionInput interface {
	pulumi.Input

	ToAddressGroupIamBindingConditionOutput() AddressGroupIamBindingConditionOutput
	ToAddressGroupIamBindingConditionOutputWithContext(context.Context) AddressGroupIamBindingConditionOutput
}

AddressGroupIamBindingConditionInput is an input type that accepts AddressGroupIamBindingConditionArgs and AddressGroupIamBindingConditionOutput values. You can construct a concrete instance of `AddressGroupIamBindingConditionInput` via:

AddressGroupIamBindingConditionArgs{...}

type AddressGroupIamBindingConditionOutput

type AddressGroupIamBindingConditionOutput struct{ *pulumi.OutputState }

func (AddressGroupIamBindingConditionOutput) Description

func (AddressGroupIamBindingConditionOutput) ElementType

func (AddressGroupIamBindingConditionOutput) Expression

func (AddressGroupIamBindingConditionOutput) Title

func (AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionOutput

func (o AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionOutput() AddressGroupIamBindingConditionOutput

func (AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionOutputWithContext

func (o AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionOutputWithContext(ctx context.Context) AddressGroupIamBindingConditionOutput

func (AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionPtrOutput

func (o AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionPtrOutput() AddressGroupIamBindingConditionPtrOutput

func (AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionPtrOutputWithContext

func (o AddressGroupIamBindingConditionOutput) ToAddressGroupIamBindingConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamBindingConditionPtrOutput

type AddressGroupIamBindingConditionPtrInput

type AddressGroupIamBindingConditionPtrInput interface {
	pulumi.Input

	ToAddressGroupIamBindingConditionPtrOutput() AddressGroupIamBindingConditionPtrOutput
	ToAddressGroupIamBindingConditionPtrOutputWithContext(context.Context) AddressGroupIamBindingConditionPtrOutput
}

AddressGroupIamBindingConditionPtrInput is an input type that accepts AddressGroupIamBindingConditionArgs, AddressGroupIamBindingConditionPtr and AddressGroupIamBindingConditionPtrOutput values. You can construct a concrete instance of `AddressGroupIamBindingConditionPtrInput` via:

        AddressGroupIamBindingConditionArgs{...}

or:

        nil

type AddressGroupIamBindingConditionPtrOutput

type AddressGroupIamBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (AddressGroupIamBindingConditionPtrOutput) Description

func (AddressGroupIamBindingConditionPtrOutput) Elem

func (AddressGroupIamBindingConditionPtrOutput) ElementType

func (AddressGroupIamBindingConditionPtrOutput) Expression

func (AddressGroupIamBindingConditionPtrOutput) Title

func (AddressGroupIamBindingConditionPtrOutput) ToAddressGroupIamBindingConditionPtrOutput

func (o AddressGroupIamBindingConditionPtrOutput) ToAddressGroupIamBindingConditionPtrOutput() AddressGroupIamBindingConditionPtrOutput

func (AddressGroupIamBindingConditionPtrOutput) ToAddressGroupIamBindingConditionPtrOutputWithContext

func (o AddressGroupIamBindingConditionPtrOutput) ToAddressGroupIamBindingConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamBindingConditionPtrOutput

type AddressGroupIamBindingInput

type AddressGroupIamBindingInput interface {
	pulumi.Input

	ToAddressGroupIamBindingOutput() AddressGroupIamBindingOutput
	ToAddressGroupIamBindingOutputWithContext(ctx context.Context) AddressGroupIamBindingOutput
}

type AddressGroupIamBindingMap

type AddressGroupIamBindingMap map[string]AddressGroupIamBindingInput

func (AddressGroupIamBindingMap) ElementType

func (AddressGroupIamBindingMap) ElementType() reflect.Type

func (AddressGroupIamBindingMap) ToAddressGroupIamBindingMapOutput

func (i AddressGroupIamBindingMap) ToAddressGroupIamBindingMapOutput() AddressGroupIamBindingMapOutput

func (AddressGroupIamBindingMap) ToAddressGroupIamBindingMapOutputWithContext

func (i AddressGroupIamBindingMap) ToAddressGroupIamBindingMapOutputWithContext(ctx context.Context) AddressGroupIamBindingMapOutput

type AddressGroupIamBindingMapInput

type AddressGroupIamBindingMapInput interface {
	pulumi.Input

	ToAddressGroupIamBindingMapOutput() AddressGroupIamBindingMapOutput
	ToAddressGroupIamBindingMapOutputWithContext(context.Context) AddressGroupIamBindingMapOutput
}

AddressGroupIamBindingMapInput is an input type that accepts AddressGroupIamBindingMap and AddressGroupIamBindingMapOutput values. You can construct a concrete instance of `AddressGroupIamBindingMapInput` via:

AddressGroupIamBindingMap{ "key": AddressGroupIamBindingArgs{...} }

type AddressGroupIamBindingMapOutput

type AddressGroupIamBindingMapOutput struct{ *pulumi.OutputState }

func (AddressGroupIamBindingMapOutput) ElementType

func (AddressGroupIamBindingMapOutput) MapIndex

func (AddressGroupIamBindingMapOutput) ToAddressGroupIamBindingMapOutput

func (o AddressGroupIamBindingMapOutput) ToAddressGroupIamBindingMapOutput() AddressGroupIamBindingMapOutput

func (AddressGroupIamBindingMapOutput) ToAddressGroupIamBindingMapOutputWithContext

func (o AddressGroupIamBindingMapOutput) ToAddressGroupIamBindingMapOutputWithContext(ctx context.Context) AddressGroupIamBindingMapOutput

type AddressGroupIamBindingOutput

type AddressGroupIamBindingOutput struct{ *pulumi.OutputState }

func (AddressGroupIamBindingOutput) Condition

func (AddressGroupIamBindingOutput) ElementType

func (AddressGroupIamBindingOutput) Etag

(Computed) The etag of the IAM policy.

func (AddressGroupIamBindingOutput) Location

The location of the gateway security policy. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.

func (AddressGroupIamBindingOutput) Members

Identities that will be granted the privilege in `role`. Each entry can have one of the following values: * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (AddressGroupIamBindingOutput) Name

Used to find the parent resource to bind the IAM policy to

func (AddressGroupIamBindingOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (AddressGroupIamBindingOutput) Role

The role that should be applied. Only one `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutput

func (o AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutput() AddressGroupIamBindingOutput

func (AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutputWithContext

func (o AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutputWithContext(ctx context.Context) AddressGroupIamBindingOutput

type AddressGroupIamBindingState

type AddressGroupIamBindingState struct {
	Condition AddressGroupIamBindingConditionPtrInput
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (AddressGroupIamBindingState) ElementType

type AddressGroupIamMember

type AddressGroupIamMember struct {
	pulumi.CustomResourceState

	Condition AddressGroupIamMemberConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringOutput `pulumi:"location"`
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringOutput `pulumi:"member"`
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Three different resources help you manage your IAM policy for Network security ProjectAddressGroup. Each of these resources serves a different use case:

* `networksecurity.AddressGroupIamPolicy`: Authoritative. Sets the IAM policy for the projectaddressgroup and replaces any existing policy already attached. * `networksecurity.AddressGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the projectaddressgroup are preserved. * `networksecurity.AddressGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the projectaddressgroup are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `networksecurity.AddressGroupIamPolicy`: Retrieves the IAM policy for the projectaddressgroup

> **Note:** `networksecurity.AddressGroupIamPolicy` **cannot** be used in conjunction with `networksecurity.AddressGroupIamBinding` and `networksecurity.AddressGroupIamMember` or they will fight over what your policy should be.

> **Note:** `networksecurity.AddressGroupIamBinding` resources **can be** used in conjunction with `networksecurity.AddressGroupIamMember` resources **only if** they do not grant privilege to the same role.

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/locations/{{location}}/addressGroups/{{name}}

* {{project}}/{{location}}/{{name}}

* {{location}}/{{name}}

* {{name}}

Any variables not passed in the import command will be taken from the provider configuration.

Network security projectaddressgroup IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamMember:AddressGroupIamMember editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamMember:AddressGroupIamMember editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamMember:AddressGroupIamMember editor projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} ```

-> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetAddressGroupIamMember

func GetAddressGroupIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupIamMemberState, opts ...pulumi.ResourceOption) (*AddressGroupIamMember, error)

GetAddressGroupIamMember gets an existing AddressGroupIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroupIamMember

func NewAddressGroupIamMember(ctx *pulumi.Context,
	name string, args *AddressGroupIamMemberArgs, opts ...pulumi.ResourceOption) (*AddressGroupIamMember, error)

NewAddressGroupIamMember registers a new resource with the given unique name, arguments, and options.

func (*AddressGroupIamMember) ElementType

func (*AddressGroupIamMember) ElementType() reflect.Type

func (*AddressGroupIamMember) ToAddressGroupIamMemberOutput

func (i *AddressGroupIamMember) ToAddressGroupIamMemberOutput() AddressGroupIamMemberOutput

func (*AddressGroupIamMember) ToAddressGroupIamMemberOutputWithContext

func (i *AddressGroupIamMember) ToAddressGroupIamMemberOutputWithContext(ctx context.Context) AddressGroupIamMemberOutput

type AddressGroupIamMemberArgs

type AddressGroupIamMemberArgs struct {
	Condition AddressGroupIamMemberConditionPtrInput
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a AddressGroupIamMember resource.

func (AddressGroupIamMemberArgs) ElementType

func (AddressGroupIamMemberArgs) ElementType() reflect.Type

type AddressGroupIamMemberArray

type AddressGroupIamMemberArray []AddressGroupIamMemberInput

func (AddressGroupIamMemberArray) ElementType

func (AddressGroupIamMemberArray) ElementType() reflect.Type

func (AddressGroupIamMemberArray) ToAddressGroupIamMemberArrayOutput

func (i AddressGroupIamMemberArray) ToAddressGroupIamMemberArrayOutput() AddressGroupIamMemberArrayOutput

func (AddressGroupIamMemberArray) ToAddressGroupIamMemberArrayOutputWithContext

func (i AddressGroupIamMemberArray) ToAddressGroupIamMemberArrayOutputWithContext(ctx context.Context) AddressGroupIamMemberArrayOutput

type AddressGroupIamMemberArrayInput

type AddressGroupIamMemberArrayInput interface {
	pulumi.Input

	ToAddressGroupIamMemberArrayOutput() AddressGroupIamMemberArrayOutput
	ToAddressGroupIamMemberArrayOutputWithContext(context.Context) AddressGroupIamMemberArrayOutput
}

AddressGroupIamMemberArrayInput is an input type that accepts AddressGroupIamMemberArray and AddressGroupIamMemberArrayOutput values. You can construct a concrete instance of `AddressGroupIamMemberArrayInput` via:

AddressGroupIamMemberArray{ AddressGroupIamMemberArgs{...} }

type AddressGroupIamMemberArrayOutput

type AddressGroupIamMemberArrayOutput struct{ *pulumi.OutputState }

func (AddressGroupIamMemberArrayOutput) ElementType

func (AddressGroupIamMemberArrayOutput) Index

func (AddressGroupIamMemberArrayOutput) ToAddressGroupIamMemberArrayOutput

func (o AddressGroupIamMemberArrayOutput) ToAddressGroupIamMemberArrayOutput() AddressGroupIamMemberArrayOutput

func (AddressGroupIamMemberArrayOutput) ToAddressGroupIamMemberArrayOutputWithContext

func (o AddressGroupIamMemberArrayOutput) ToAddressGroupIamMemberArrayOutputWithContext(ctx context.Context) AddressGroupIamMemberArrayOutput

type AddressGroupIamMemberCondition

type AddressGroupIamMemberCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type AddressGroupIamMemberConditionArgs

type AddressGroupIamMemberConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (AddressGroupIamMemberConditionArgs) ElementType

func (AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionOutput

func (i AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionOutput() AddressGroupIamMemberConditionOutput

func (AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionOutputWithContext

func (i AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionOutputWithContext(ctx context.Context) AddressGroupIamMemberConditionOutput

func (AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionPtrOutput

func (i AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionPtrOutput() AddressGroupIamMemberConditionPtrOutput

func (AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionPtrOutputWithContext

func (i AddressGroupIamMemberConditionArgs) ToAddressGroupIamMemberConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamMemberConditionPtrOutput

type AddressGroupIamMemberConditionInput

type AddressGroupIamMemberConditionInput interface {
	pulumi.Input

	ToAddressGroupIamMemberConditionOutput() AddressGroupIamMemberConditionOutput
	ToAddressGroupIamMemberConditionOutputWithContext(context.Context) AddressGroupIamMemberConditionOutput
}

AddressGroupIamMemberConditionInput is an input type that accepts AddressGroupIamMemberConditionArgs and AddressGroupIamMemberConditionOutput values. You can construct a concrete instance of `AddressGroupIamMemberConditionInput` via:

AddressGroupIamMemberConditionArgs{...}

type AddressGroupIamMemberConditionOutput

type AddressGroupIamMemberConditionOutput struct{ *pulumi.OutputState }

func (AddressGroupIamMemberConditionOutput) Description

func (AddressGroupIamMemberConditionOutput) ElementType

func (AddressGroupIamMemberConditionOutput) Expression

func (AddressGroupIamMemberConditionOutput) Title

func (AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionOutput

func (o AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionOutput() AddressGroupIamMemberConditionOutput

func (AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionOutputWithContext

func (o AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionOutputWithContext(ctx context.Context) AddressGroupIamMemberConditionOutput

func (AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionPtrOutput

func (o AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionPtrOutput() AddressGroupIamMemberConditionPtrOutput

func (AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionPtrOutputWithContext

func (o AddressGroupIamMemberConditionOutput) ToAddressGroupIamMemberConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamMemberConditionPtrOutput

type AddressGroupIamMemberConditionPtrInput

type AddressGroupIamMemberConditionPtrInput interface {
	pulumi.Input

	ToAddressGroupIamMemberConditionPtrOutput() AddressGroupIamMemberConditionPtrOutput
	ToAddressGroupIamMemberConditionPtrOutputWithContext(context.Context) AddressGroupIamMemberConditionPtrOutput
}

AddressGroupIamMemberConditionPtrInput is an input type that accepts AddressGroupIamMemberConditionArgs, AddressGroupIamMemberConditionPtr and AddressGroupIamMemberConditionPtrOutput values. You can construct a concrete instance of `AddressGroupIamMemberConditionPtrInput` via:

        AddressGroupIamMemberConditionArgs{...}

or:

        nil

type AddressGroupIamMemberConditionPtrOutput

type AddressGroupIamMemberConditionPtrOutput struct{ *pulumi.OutputState }

func (AddressGroupIamMemberConditionPtrOutput) Description

func (AddressGroupIamMemberConditionPtrOutput) Elem

func (AddressGroupIamMemberConditionPtrOutput) ElementType

func (AddressGroupIamMemberConditionPtrOutput) Expression

func (AddressGroupIamMemberConditionPtrOutput) Title

func (AddressGroupIamMemberConditionPtrOutput) ToAddressGroupIamMemberConditionPtrOutput

func (o AddressGroupIamMemberConditionPtrOutput) ToAddressGroupIamMemberConditionPtrOutput() AddressGroupIamMemberConditionPtrOutput

func (AddressGroupIamMemberConditionPtrOutput) ToAddressGroupIamMemberConditionPtrOutputWithContext

func (o AddressGroupIamMemberConditionPtrOutput) ToAddressGroupIamMemberConditionPtrOutputWithContext(ctx context.Context) AddressGroupIamMemberConditionPtrOutput

type AddressGroupIamMemberInput

type AddressGroupIamMemberInput interface {
	pulumi.Input

	ToAddressGroupIamMemberOutput() AddressGroupIamMemberOutput
	ToAddressGroupIamMemberOutputWithContext(ctx context.Context) AddressGroupIamMemberOutput
}

type AddressGroupIamMemberMap

type AddressGroupIamMemberMap map[string]AddressGroupIamMemberInput

func (AddressGroupIamMemberMap) ElementType

func (AddressGroupIamMemberMap) ElementType() reflect.Type

func (AddressGroupIamMemberMap) ToAddressGroupIamMemberMapOutput

func (i AddressGroupIamMemberMap) ToAddressGroupIamMemberMapOutput() AddressGroupIamMemberMapOutput

func (AddressGroupIamMemberMap) ToAddressGroupIamMemberMapOutputWithContext

func (i AddressGroupIamMemberMap) ToAddressGroupIamMemberMapOutputWithContext(ctx context.Context) AddressGroupIamMemberMapOutput

type AddressGroupIamMemberMapInput

type AddressGroupIamMemberMapInput interface {
	pulumi.Input

	ToAddressGroupIamMemberMapOutput() AddressGroupIamMemberMapOutput
	ToAddressGroupIamMemberMapOutputWithContext(context.Context) AddressGroupIamMemberMapOutput
}

AddressGroupIamMemberMapInput is an input type that accepts AddressGroupIamMemberMap and AddressGroupIamMemberMapOutput values. You can construct a concrete instance of `AddressGroupIamMemberMapInput` via:

AddressGroupIamMemberMap{ "key": AddressGroupIamMemberArgs{...} }

type AddressGroupIamMemberMapOutput

type AddressGroupIamMemberMapOutput struct{ *pulumi.OutputState }

func (AddressGroupIamMemberMapOutput) ElementType

func (AddressGroupIamMemberMapOutput) MapIndex

func (AddressGroupIamMemberMapOutput) ToAddressGroupIamMemberMapOutput

func (o AddressGroupIamMemberMapOutput) ToAddressGroupIamMemberMapOutput() AddressGroupIamMemberMapOutput

func (AddressGroupIamMemberMapOutput) ToAddressGroupIamMemberMapOutputWithContext

func (o AddressGroupIamMemberMapOutput) ToAddressGroupIamMemberMapOutputWithContext(ctx context.Context) AddressGroupIamMemberMapOutput

type AddressGroupIamMemberOutput

type AddressGroupIamMemberOutput struct{ *pulumi.OutputState }

func (AddressGroupIamMemberOutput) Condition

func (AddressGroupIamMemberOutput) ElementType

func (AddressGroupIamMemberOutput) Etag

(Computed) The etag of the IAM policy.

func (AddressGroupIamMemberOutput) Location

The location of the gateway security policy. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.

func (AddressGroupIamMemberOutput) Member

Identities that will be granted the privilege in `role`. Each entry can have one of the following values: * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (AddressGroupIamMemberOutput) Name

Used to find the parent resource to bind the IAM policy to

func (AddressGroupIamMemberOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (AddressGroupIamMemberOutput) Role

The role that should be applied. Only one `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutput

func (o AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutput() AddressGroupIamMemberOutput

func (AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutputWithContext

func (o AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutputWithContext(ctx context.Context) AddressGroupIamMemberOutput

type AddressGroupIamMemberState

type AddressGroupIamMemberState struct {
	Condition AddressGroupIamMemberConditionPtrInput
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringPtrInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `networksecurity.AddressGroupIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (AddressGroupIamMemberState) ElementType

func (AddressGroupIamMemberState) ElementType() reflect.Type

type AddressGroupIamPolicy

type AddressGroupIamPolicy struct {
	pulumi.CustomResourceState

	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringOutput `pulumi:"location"`
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringOutput `pulumi:"name"`
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringOutput `pulumi:"policyData"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
}

Three different resources help you manage your IAM policy for Network security ProjectAddressGroup. Each of these resources serves a different use case:

* `networksecurity.AddressGroupIamPolicy`: Authoritative. Sets the IAM policy for the projectaddressgroup and replaces any existing policy already attached. * `networksecurity.AddressGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the projectaddressgroup are preserved. * `networksecurity.AddressGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the projectaddressgroup are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `networksecurity.AddressGroupIamPolicy`: Retrieves the IAM policy for the projectaddressgroup

> **Note:** `networksecurity.AddressGroupIamPolicy` **cannot** be used in conjunction with `networksecurity.AddressGroupIamBinding` and `networksecurity.AddressGroupIamMember` or they will fight over what your policy should be.

> **Note:** `networksecurity.AddressGroupIamBinding` resources **can be** used in conjunction with `networksecurity.AddressGroupIamMember` resources **only if** they do not grant privilege to the same role.

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/locations/{{location}}/addressGroups/{{name}}

* {{project}}/{{location}}/{{name}}

* {{location}}/{{name}}

* {{name}}

Any variables not passed in the import command will be taken from the provider configuration.

Network security projectaddressgroup IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamPolicy:AddressGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamPolicy:AddressGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} roles/compute.networkAdmin" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:networksecurity/addressGroupIamPolicy:AddressGroupIamPolicy editor projects/{{project}}/locations/{{location}}/addressGroups/{{project_address_group}} ```

-> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetAddressGroupIamPolicy

func GetAddressGroupIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupIamPolicyState, opts ...pulumi.ResourceOption) (*AddressGroupIamPolicy, error)

GetAddressGroupIamPolicy gets an existing AddressGroupIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroupIamPolicy

func NewAddressGroupIamPolicy(ctx *pulumi.Context,
	name string, args *AddressGroupIamPolicyArgs, opts ...pulumi.ResourceOption) (*AddressGroupIamPolicy, error)

NewAddressGroupIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*AddressGroupIamPolicy) ElementType

func (*AddressGroupIamPolicy) ElementType() reflect.Type

func (*AddressGroupIamPolicy) ToAddressGroupIamPolicyOutput

func (i *AddressGroupIamPolicy) ToAddressGroupIamPolicyOutput() AddressGroupIamPolicyOutput

func (*AddressGroupIamPolicy) ToAddressGroupIamPolicyOutputWithContext

func (i *AddressGroupIamPolicy) ToAddressGroupIamPolicyOutputWithContext(ctx context.Context) AddressGroupIamPolicyOutput

type AddressGroupIamPolicyArgs

type AddressGroupIamPolicyArgs struct {
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a AddressGroupIamPolicy resource.

func (AddressGroupIamPolicyArgs) ElementType

func (AddressGroupIamPolicyArgs) ElementType() reflect.Type

type AddressGroupIamPolicyArray

type AddressGroupIamPolicyArray []AddressGroupIamPolicyInput

func (AddressGroupIamPolicyArray) ElementType

func (AddressGroupIamPolicyArray) ElementType() reflect.Type

func (AddressGroupIamPolicyArray) ToAddressGroupIamPolicyArrayOutput

func (i AddressGroupIamPolicyArray) ToAddressGroupIamPolicyArrayOutput() AddressGroupIamPolicyArrayOutput

func (AddressGroupIamPolicyArray) ToAddressGroupIamPolicyArrayOutputWithContext

func (i AddressGroupIamPolicyArray) ToAddressGroupIamPolicyArrayOutputWithContext(ctx context.Context) AddressGroupIamPolicyArrayOutput

type AddressGroupIamPolicyArrayInput

type AddressGroupIamPolicyArrayInput interface {
	pulumi.Input

	ToAddressGroupIamPolicyArrayOutput() AddressGroupIamPolicyArrayOutput
	ToAddressGroupIamPolicyArrayOutputWithContext(context.Context) AddressGroupIamPolicyArrayOutput
}

AddressGroupIamPolicyArrayInput is an input type that accepts AddressGroupIamPolicyArray and AddressGroupIamPolicyArrayOutput values. You can construct a concrete instance of `AddressGroupIamPolicyArrayInput` via:

AddressGroupIamPolicyArray{ AddressGroupIamPolicyArgs{...} }

type AddressGroupIamPolicyArrayOutput

type AddressGroupIamPolicyArrayOutput struct{ *pulumi.OutputState }

func (AddressGroupIamPolicyArrayOutput) ElementType

func (AddressGroupIamPolicyArrayOutput) Index

func (AddressGroupIamPolicyArrayOutput) ToAddressGroupIamPolicyArrayOutput

func (o AddressGroupIamPolicyArrayOutput) ToAddressGroupIamPolicyArrayOutput() AddressGroupIamPolicyArrayOutput

func (AddressGroupIamPolicyArrayOutput) ToAddressGroupIamPolicyArrayOutputWithContext

func (o AddressGroupIamPolicyArrayOutput) ToAddressGroupIamPolicyArrayOutputWithContext(ctx context.Context) AddressGroupIamPolicyArrayOutput

type AddressGroupIamPolicyInput

type AddressGroupIamPolicyInput interface {
	pulumi.Input

	ToAddressGroupIamPolicyOutput() AddressGroupIamPolicyOutput
	ToAddressGroupIamPolicyOutputWithContext(ctx context.Context) AddressGroupIamPolicyOutput
}

type AddressGroupIamPolicyMap

type AddressGroupIamPolicyMap map[string]AddressGroupIamPolicyInput

func (AddressGroupIamPolicyMap) ElementType

func (AddressGroupIamPolicyMap) ElementType() reflect.Type

func (AddressGroupIamPolicyMap) ToAddressGroupIamPolicyMapOutput

func (i AddressGroupIamPolicyMap) ToAddressGroupIamPolicyMapOutput() AddressGroupIamPolicyMapOutput

func (AddressGroupIamPolicyMap) ToAddressGroupIamPolicyMapOutputWithContext

func (i AddressGroupIamPolicyMap) ToAddressGroupIamPolicyMapOutputWithContext(ctx context.Context) AddressGroupIamPolicyMapOutput

type AddressGroupIamPolicyMapInput

type AddressGroupIamPolicyMapInput interface {
	pulumi.Input

	ToAddressGroupIamPolicyMapOutput() AddressGroupIamPolicyMapOutput
	ToAddressGroupIamPolicyMapOutputWithContext(context.Context) AddressGroupIamPolicyMapOutput
}

AddressGroupIamPolicyMapInput is an input type that accepts AddressGroupIamPolicyMap and AddressGroupIamPolicyMapOutput values. You can construct a concrete instance of `AddressGroupIamPolicyMapInput` via:

AddressGroupIamPolicyMap{ "key": AddressGroupIamPolicyArgs{...} }

type AddressGroupIamPolicyMapOutput

type AddressGroupIamPolicyMapOutput struct{ *pulumi.OutputState }

func (AddressGroupIamPolicyMapOutput) ElementType

func (AddressGroupIamPolicyMapOutput) MapIndex

func (AddressGroupIamPolicyMapOutput) ToAddressGroupIamPolicyMapOutput

func (o AddressGroupIamPolicyMapOutput) ToAddressGroupIamPolicyMapOutput() AddressGroupIamPolicyMapOutput

func (AddressGroupIamPolicyMapOutput) ToAddressGroupIamPolicyMapOutputWithContext

func (o AddressGroupIamPolicyMapOutput) ToAddressGroupIamPolicyMapOutputWithContext(ctx context.Context) AddressGroupIamPolicyMapOutput

type AddressGroupIamPolicyOutput

type AddressGroupIamPolicyOutput struct{ *pulumi.OutputState }

func (AddressGroupIamPolicyOutput) ElementType

func (AddressGroupIamPolicyOutput) Etag

(Computed) The etag of the IAM policy.

func (AddressGroupIamPolicyOutput) Location

The location of the gateway security policy. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.

func (AddressGroupIamPolicyOutput) Name

Used to find the parent resource to bind the IAM policy to

func (AddressGroupIamPolicyOutput) PolicyData

The policy data generated by a `organizations.getIAMPolicy` data source.

func (AddressGroupIamPolicyOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutput

func (o AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutput() AddressGroupIamPolicyOutput

func (AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutputWithContext

func (o AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutputWithContext(ctx context.Context) AddressGroupIamPolicyOutput

type AddressGroupIamPolicyState

type AddressGroupIamPolicyState struct {
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
}

func (AddressGroupIamPolicyState) ElementType

func (AddressGroupIamPolicyState) ElementType() reflect.Type

type AddressGroupInput

type AddressGroupInput interface {
	pulumi.Input

	ToAddressGroupOutput() AddressGroupOutput
	ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput
}

type AddressGroupMap

type AddressGroupMap map[string]AddressGroupInput

func (AddressGroupMap) ElementType

func (AddressGroupMap) ElementType() reflect.Type

func (AddressGroupMap) ToAddressGroupMapOutput

func (i AddressGroupMap) ToAddressGroupMapOutput() AddressGroupMapOutput

func (AddressGroupMap) ToAddressGroupMapOutputWithContext

func (i AddressGroupMap) ToAddressGroupMapOutputWithContext(ctx context.Context) AddressGroupMapOutput

type AddressGroupMapInput

type AddressGroupMapInput interface {
	pulumi.Input

	ToAddressGroupMapOutput() AddressGroupMapOutput
	ToAddressGroupMapOutputWithContext(context.Context) AddressGroupMapOutput
}

AddressGroupMapInput is an input type that accepts AddressGroupMap and AddressGroupMapOutput values. You can construct a concrete instance of `AddressGroupMapInput` via:

AddressGroupMap{ "key": AddressGroupArgs{...} }

type AddressGroupMapOutput

type AddressGroupMapOutput struct{ *pulumi.OutputState }

func (AddressGroupMapOutput) ElementType

func (AddressGroupMapOutput) ElementType() reflect.Type

func (AddressGroupMapOutput) MapIndex

func (AddressGroupMapOutput) ToAddressGroupMapOutput

func (o AddressGroupMapOutput) ToAddressGroupMapOutput() AddressGroupMapOutput

func (AddressGroupMapOutput) ToAddressGroupMapOutputWithContext

func (o AddressGroupMapOutput) ToAddressGroupMapOutputWithContext(ctx context.Context) AddressGroupMapOutput

type AddressGroupOutput

type AddressGroupOutput struct{ *pulumi.OutputState }

func (AddressGroupOutput) Capacity

func (o AddressGroupOutput) Capacity() pulumi.IntOutput

Capacity of the Address Group.

func (AddressGroupOutput) CreateTime

func (o AddressGroupOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

func (AddressGroupOutput) Description

func (o AddressGroupOutput) Description() pulumi.StringPtrOutput

Free-text description of the resource.

func (AddressGroupOutput) EffectiveLabels

func (o AddressGroupOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (AddressGroupOutput) ElementType

func (AddressGroupOutput) ElementType() reflect.Type

func (AddressGroupOutput) Items

List of items.

func (AddressGroupOutput) Labels

Set of label tags associated with the AddressGroup resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (AddressGroupOutput) Location

func (o AddressGroupOutput) Location() pulumi.StringOutput

The location of the gateway security policy. The default value is `global`.

***

func (AddressGroupOutput) Name

Name of the AddressGroup resource.

func (AddressGroupOutput) Parent

The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.

func (AddressGroupOutput) PulumiLabels

func (o AddressGroupOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (AddressGroupOutput) Purposes

List of supported purposes of the Address Group. Each value may be one of: `DEFAULT`, `CLOUD_ARMOR`.

func (AddressGroupOutput) ToAddressGroupOutput

func (o AddressGroupOutput) ToAddressGroupOutput() AddressGroupOutput

func (AddressGroupOutput) ToAddressGroupOutputWithContext

func (o AddressGroupOutput) ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput

func (AddressGroupOutput) Type

The type of the Address Group. Possible values are "IPV4" or "IPV6". Possible values are: `IPV4`, `IPV6`.

func (AddressGroupOutput) UpdateTime

func (o AddressGroupOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

type AddressGroupState

type AddressGroupState struct {
	// Capacity of the Address Group.
	Capacity pulumi.IntPtrInput
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringPtrInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// List of items.
	Items pulumi.StringArrayInput
	// Set of label tags associated with the AddressGroup resource.
	// An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the gateway security policy.
	// The default value is `global`.
	//
	// ***
	Location pulumi.StringPtrInput
	// Name of the AddressGroup resource.
	Name pulumi.StringPtrInput
	// The name of the parent this address group belongs to. Format: organizations/{organization_id} or projects/{project_id}.
	Parent pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// List of supported purposes of the Address Group.
	// Each value may be one of: `DEFAULT`, `CLOUD_ARMOR`.
	Purposes pulumi.StringArrayInput
	// The type of the Address Group. Possible values are "IPV4" or "IPV6".
	// Possible values are: `IPV4`, `IPV6`.
	Type pulumi.StringPtrInput
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringPtrInput
}

func (AddressGroupState) ElementType

func (AddressGroupState) ElementType() reflect.Type

type AuthorizationPolicy

type AuthorizationPolicy struct {
	pulumi.CustomResourceState

	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	// Possible values are: `ALLOW`, `DENY`.
	Action pulumi.StringOutput `pulumi:"action"`
	// Time the AuthorizationPolicy was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Set of label tags associated with the AuthorizationPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the authorization policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Name of the AuthorizationPolicy resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
	// A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
	// Structure is documented below.
	Rules AuthorizationPolicyRuleArrayOutput `pulumi:"rules"`
	// Time the AuthorizationPolicy was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Authorization Policy Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAuthorizationPolicy(ctx, "default", &networksecurity.AuthorizationPolicyArgs{
			Name: pulumi.String("my-authorization-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Action:      pulumi.String("ALLOW"),
			Rules: networksecurity.AuthorizationPolicyRuleArray{
				&networksecurity.AuthorizationPolicyRuleArgs{
					Sources: networksecurity.AuthorizationPolicyRuleSourceArray{
						&networksecurity.AuthorizationPolicyRuleSourceArgs{
							Principals: pulumi.StringArray{
								pulumi.String("namespace/*"),
							},
							IpBlocks: pulumi.StringArray{
								pulumi.String("1.2.3.0/24"),
							},
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Authorization Policy Destinations

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewAuthorizationPolicy(ctx, "default", &networksecurity.AuthorizationPolicyArgs{
			Name: pulumi.String("my-authorization-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Action:      pulumi.String("ALLOW"),
			Rules: networksecurity.AuthorizationPolicyRuleArray{
				&networksecurity.AuthorizationPolicyRuleArgs{
					Sources: networksecurity.AuthorizationPolicyRuleSourceArray{
						&networksecurity.AuthorizationPolicyRuleSourceArgs{
							Principals: pulumi.StringArray{
								pulumi.String("namespace/*"),
							},
							IpBlocks: pulumi.StringArray{
								pulumi.String("1.2.3.0/24"),
							},
						},
					},
					Destinations: networksecurity.AuthorizationPolicyRuleDestinationArray{
						&networksecurity.AuthorizationPolicyRuleDestinationArgs{
							Hosts: pulumi.StringArray{
								pulumi.String("mydomain.*"),
							},
							Ports: pulumi.IntArray{
								pulumi.Int(8080),
							},
							Methods: pulumi.StringArray{
								pulumi.String("GET"),
							},
							HttpHeaderMatch: &networksecurity.AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs{
								HeaderName: pulumi.String(":method"),
								RegexMatch: pulumi.String("GET"),
							},
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

AuthorizationPolicy can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/authorizationPolicies/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, AuthorizationPolicy can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default projects/{{project}}/locations/{{location}}/authorizationPolicies/{{name}} ```

```sh $ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default {{location}}/{{name}} ```

func GetAuthorizationPolicy

func GetAuthorizationPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthorizationPolicyState, opts ...pulumi.ResourceOption) (*AuthorizationPolicy, error)

GetAuthorizationPolicy gets an existing AuthorizationPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthorizationPolicy

func NewAuthorizationPolicy(ctx *pulumi.Context,
	name string, args *AuthorizationPolicyArgs, opts ...pulumi.ResourceOption) (*AuthorizationPolicy, error)

NewAuthorizationPolicy registers a new resource with the given unique name, arguments, and options.

func (*AuthorizationPolicy) ElementType

func (*AuthorizationPolicy) ElementType() reflect.Type

func (*AuthorizationPolicy) ToAuthorizationPolicyOutput

func (i *AuthorizationPolicy) ToAuthorizationPolicyOutput() AuthorizationPolicyOutput

func (*AuthorizationPolicy) ToAuthorizationPolicyOutputWithContext

func (i *AuthorizationPolicy) ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput

type AuthorizationPolicyArgs

type AuthorizationPolicyArgs struct {
	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	// Possible values are: `ALLOW`, `DENY`.
	Action pulumi.StringInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// Set of label tags associated with the AuthorizationPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the authorization policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the AuthorizationPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
	// A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
	// Structure is documented below.
	Rules AuthorizationPolicyRuleArrayInput
}

The set of arguments for constructing a AuthorizationPolicy resource.

func (AuthorizationPolicyArgs) ElementType

func (AuthorizationPolicyArgs) ElementType() reflect.Type

type AuthorizationPolicyArray

type AuthorizationPolicyArray []AuthorizationPolicyInput

func (AuthorizationPolicyArray) ElementType

func (AuthorizationPolicyArray) ElementType() reflect.Type

func (AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutput

func (i AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutput() AuthorizationPolicyArrayOutput

func (AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutputWithContext

func (i AuthorizationPolicyArray) ToAuthorizationPolicyArrayOutputWithContext(ctx context.Context) AuthorizationPolicyArrayOutput

type AuthorizationPolicyArrayInput

type AuthorizationPolicyArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyArrayOutput() AuthorizationPolicyArrayOutput
	ToAuthorizationPolicyArrayOutputWithContext(context.Context) AuthorizationPolicyArrayOutput
}

AuthorizationPolicyArrayInput is an input type that accepts AuthorizationPolicyArray and AuthorizationPolicyArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyArrayInput` via:

AuthorizationPolicyArray{ AuthorizationPolicyArgs{...} }

type AuthorizationPolicyArrayOutput

type AuthorizationPolicyArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyArrayOutput) ElementType

func (AuthorizationPolicyArrayOutput) Index

func (AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutput

func (o AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutput() AuthorizationPolicyArrayOutput

func (AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutputWithContext

func (o AuthorizationPolicyArrayOutput) ToAuthorizationPolicyArrayOutputWithContext(ctx context.Context) AuthorizationPolicyArrayOutput

type AuthorizationPolicyInput

type AuthorizationPolicyInput interface {
	pulumi.Input

	ToAuthorizationPolicyOutput() AuthorizationPolicyOutput
	ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput
}

type AuthorizationPolicyMap

type AuthorizationPolicyMap map[string]AuthorizationPolicyInput

func (AuthorizationPolicyMap) ElementType

func (AuthorizationPolicyMap) ElementType() reflect.Type

func (AuthorizationPolicyMap) ToAuthorizationPolicyMapOutput

func (i AuthorizationPolicyMap) ToAuthorizationPolicyMapOutput() AuthorizationPolicyMapOutput

func (AuthorizationPolicyMap) ToAuthorizationPolicyMapOutputWithContext

func (i AuthorizationPolicyMap) ToAuthorizationPolicyMapOutputWithContext(ctx context.Context) AuthorizationPolicyMapOutput

type AuthorizationPolicyMapInput

type AuthorizationPolicyMapInput interface {
	pulumi.Input

	ToAuthorizationPolicyMapOutput() AuthorizationPolicyMapOutput
	ToAuthorizationPolicyMapOutputWithContext(context.Context) AuthorizationPolicyMapOutput
}

AuthorizationPolicyMapInput is an input type that accepts AuthorizationPolicyMap and AuthorizationPolicyMapOutput values. You can construct a concrete instance of `AuthorizationPolicyMapInput` via:

AuthorizationPolicyMap{ "key": AuthorizationPolicyArgs{...} }

type AuthorizationPolicyMapOutput

type AuthorizationPolicyMapOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyMapOutput) ElementType

func (AuthorizationPolicyMapOutput) MapIndex

func (AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutput

func (o AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutput() AuthorizationPolicyMapOutput

func (AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutputWithContext

func (o AuthorizationPolicyMapOutput) ToAuthorizationPolicyMapOutputWithContext(ctx context.Context) AuthorizationPolicyMapOutput

type AuthorizationPolicyOutput

type AuthorizationPolicyOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyOutput) Action

The action to take when a rule match is found. Possible values are "ALLOW" or "DENY". Possible values are: `ALLOW`, `DENY`.

func (AuthorizationPolicyOutput) CreateTime

Time the AuthorizationPolicy was created in UTC.

func (AuthorizationPolicyOutput) Description

A free-text description of the resource. Max length 1024 characters.

func (AuthorizationPolicyOutput) EffectiveLabels

func (o AuthorizationPolicyOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (AuthorizationPolicyOutput) ElementType

func (AuthorizationPolicyOutput) ElementType() reflect.Type

func (AuthorizationPolicyOutput) Labels

Set of label tags associated with the AuthorizationPolicy resource. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (AuthorizationPolicyOutput) Location

The location of the authorization policy. The default value is `global`.

func (AuthorizationPolicyOutput) Name

Name of the AuthorizationPolicy resource.

***

func (AuthorizationPolicyOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (AuthorizationPolicyOutput) PulumiLabels

The combination of labels configured directly on the resource and default labels configured on the provider.

func (AuthorizationPolicyOutput) Rules

List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken. A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request. Structure is documented below.

func (AuthorizationPolicyOutput) ToAuthorizationPolicyOutput

func (o AuthorizationPolicyOutput) ToAuthorizationPolicyOutput() AuthorizationPolicyOutput

func (AuthorizationPolicyOutput) ToAuthorizationPolicyOutputWithContext

func (o AuthorizationPolicyOutput) ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput

func (AuthorizationPolicyOutput) UpdateTime

Time the AuthorizationPolicy was updated in UTC.

type AuthorizationPolicyRule

type AuthorizationPolicyRule struct {
	// List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the destination.
	// Structure is documented below.
	Destinations []AuthorizationPolicyRuleDestination `pulumi:"destinations"`
	// List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ipBlocks match.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the source.
	// Structure is documented below.
	Sources []AuthorizationPolicyRuleSource `pulumi:"sources"`
}

type AuthorizationPolicyRuleArgs

type AuthorizationPolicyRuleArgs struct {
	// List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the destination.
	// Structure is documented below.
	Destinations AuthorizationPolicyRuleDestinationArrayInput `pulumi:"destinations"`
	// List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ipBlocks match.
	// If not set, the action specified in the 'action' field will be applied without any rule checks for the source.
	// Structure is documented below.
	Sources AuthorizationPolicyRuleSourceArrayInput `pulumi:"sources"`
}

func (AuthorizationPolicyRuleArgs) ElementType

func (AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutput

func (i AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutput() AuthorizationPolicyRuleOutput

func (AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutputWithContext

func (i AuthorizationPolicyRuleArgs) ToAuthorizationPolicyRuleOutputWithContext(ctx context.Context) AuthorizationPolicyRuleOutput

type AuthorizationPolicyRuleArray

type AuthorizationPolicyRuleArray []AuthorizationPolicyRuleInput

func (AuthorizationPolicyRuleArray) ElementType

func (AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutput

func (i AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutput() AuthorizationPolicyRuleArrayOutput

func (AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutputWithContext

func (i AuthorizationPolicyRuleArray) ToAuthorizationPolicyRuleArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleArrayOutput

type AuthorizationPolicyRuleArrayInput

type AuthorizationPolicyRuleArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleArrayOutput() AuthorizationPolicyRuleArrayOutput
	ToAuthorizationPolicyRuleArrayOutputWithContext(context.Context) AuthorizationPolicyRuleArrayOutput
}

AuthorizationPolicyRuleArrayInput is an input type that accepts AuthorizationPolicyRuleArray and AuthorizationPolicyRuleArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleArrayInput` via:

AuthorizationPolicyRuleArray{ AuthorizationPolicyRuleArgs{...} }

type AuthorizationPolicyRuleArrayOutput

type AuthorizationPolicyRuleArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleArrayOutput) ElementType

func (AuthorizationPolicyRuleArrayOutput) Index

func (AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutput

func (o AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutput() AuthorizationPolicyRuleArrayOutput

func (AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutputWithContext

func (o AuthorizationPolicyRuleArrayOutput) ToAuthorizationPolicyRuleArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleArrayOutput

type AuthorizationPolicyRuleDestination

type AuthorizationPolicyRuleDestination struct {
	// List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".
	Hosts []string `pulumi:"hosts"`
	// Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match.
	// Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy.
	// Structure is documented below.
	HttpHeaderMatch *AuthorizationPolicyRuleDestinationHttpHeaderMatch `pulumi:"httpHeaderMatch"`
	// A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.
	Methods []string `pulumi:"methods"`
	// List of destination ports to match. At least one port should match.
	Ports []int `pulumi:"ports"`
}

type AuthorizationPolicyRuleDestinationArgs

type AuthorizationPolicyRuleDestinationArgs struct {
	// List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".
	Hosts pulumi.StringArrayInput `pulumi:"hosts"`
	// Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match.
	// Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy.
	// Structure is documented below.
	HttpHeaderMatch AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput `pulumi:"httpHeaderMatch"`
	// A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.
	Methods pulumi.StringArrayInput `pulumi:"methods"`
	// List of destination ports to match. At least one port should match.
	Ports pulumi.IntArrayInput `pulumi:"ports"`
}

func (AuthorizationPolicyRuleDestinationArgs) ElementType

func (AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutput

func (i AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutput() AuthorizationPolicyRuleDestinationOutput

func (AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutputWithContext

func (i AuthorizationPolicyRuleDestinationArgs) ToAuthorizationPolicyRuleDestinationOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationOutput

type AuthorizationPolicyRuleDestinationArray

type AuthorizationPolicyRuleDestinationArray []AuthorizationPolicyRuleDestinationInput

func (AuthorizationPolicyRuleDestinationArray) ElementType

func (AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutput

func (i AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutput() AuthorizationPolicyRuleDestinationArrayOutput

func (AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext

func (i AuthorizationPolicyRuleDestinationArray) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationArrayOutput

type AuthorizationPolicyRuleDestinationArrayInput

type AuthorizationPolicyRuleDestinationArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationArrayOutput() AuthorizationPolicyRuleDestinationArrayOutput
	ToAuthorizationPolicyRuleDestinationArrayOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationArrayOutput
}

AuthorizationPolicyRuleDestinationArrayInput is an input type that accepts AuthorizationPolicyRuleDestinationArray and AuthorizationPolicyRuleDestinationArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationArrayInput` via:

AuthorizationPolicyRuleDestinationArray{ AuthorizationPolicyRuleDestinationArgs{...} }

type AuthorizationPolicyRuleDestinationArrayOutput

type AuthorizationPolicyRuleDestinationArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationArrayOutput) ElementType

func (AuthorizationPolicyRuleDestinationArrayOutput) Index

func (AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutput

func (o AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutput() AuthorizationPolicyRuleDestinationArrayOutput

func (AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext

func (o AuthorizationPolicyRuleDestinationArrayOutput) ToAuthorizationPolicyRuleDestinationArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationArrayOutput

type AuthorizationPolicyRuleDestinationHttpHeaderMatch

type AuthorizationPolicyRuleDestinationHttpHeaderMatch struct {
	// The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".
	HeaderName string `pulumi:"headerName"`
	// The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.
	RegexMatch string `pulumi:"regexMatch"`
}

type AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs

type AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs struct {
	// The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".
	HeaderName pulumi.StringInput `pulumi:"headerName"`
	// The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.
	RegexMatch pulumi.StringInput `pulumi:"regexMatch"`
}

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ElementType

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext

func (i AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchInput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput
	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput
}

AuthorizationPolicyRuleDestinationHttpHeaderMatchInput is an input type that accepts AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs and AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationHttpHeaderMatchInput` via:

AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs{...}

type AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ElementType

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) HeaderName

The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) RegexMatch

The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput() AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput
	ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput
}

AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput is an input type that accepts AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs, AuthorizationPolicyRuleDestinationHttpHeaderMatchPtr and AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrInput` via:

        AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs{...}

or:

        nil

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

type AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) Elem

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ElementType

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) HeaderName

The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) RegexMatch

The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

func (AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext

func (o AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput) ToAuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationHttpHeaderMatchPtrOutput

type AuthorizationPolicyRuleDestinationInput

type AuthorizationPolicyRuleDestinationInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleDestinationOutput() AuthorizationPolicyRuleDestinationOutput
	ToAuthorizationPolicyRuleDestinationOutputWithContext(context.Context) AuthorizationPolicyRuleDestinationOutput
}

AuthorizationPolicyRuleDestinationInput is an input type that accepts AuthorizationPolicyRuleDestinationArgs and AuthorizationPolicyRuleDestinationOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleDestinationInput` via:

AuthorizationPolicyRuleDestinationArgs{...}

type AuthorizationPolicyRuleDestinationOutput

type AuthorizationPolicyRuleDestinationOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleDestinationOutput) ElementType

func (AuthorizationPolicyRuleDestinationOutput) Hosts

List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".

func (AuthorizationPolicyRuleDestinationOutput) HttpHeaderMatch

Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match. Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy. Structure is documented below.

func (AuthorizationPolicyRuleDestinationOutput) Methods

A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.

func (AuthorizationPolicyRuleDestinationOutput) Ports

List of destination ports to match. At least one port should match.

func (AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutput

func (o AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutput() AuthorizationPolicyRuleDestinationOutput

func (AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutputWithContext

func (o AuthorizationPolicyRuleDestinationOutput) ToAuthorizationPolicyRuleDestinationOutputWithContext(ctx context.Context) AuthorizationPolicyRuleDestinationOutput

type AuthorizationPolicyRuleInput

type AuthorizationPolicyRuleInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleOutput() AuthorizationPolicyRuleOutput
	ToAuthorizationPolicyRuleOutputWithContext(context.Context) AuthorizationPolicyRuleOutput
}

AuthorizationPolicyRuleInput is an input type that accepts AuthorizationPolicyRuleArgs and AuthorizationPolicyRuleOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleInput` via:

AuthorizationPolicyRuleArgs{...}

type AuthorizationPolicyRuleOutput

type AuthorizationPolicyRuleOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleOutput) Destinations

List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers. If not set, the action specified in the 'action' field will be applied without any rule checks for the destination. Structure is documented below.

func (AuthorizationPolicyRuleOutput) ElementType

func (AuthorizationPolicyRuleOutput) Sources

List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ipBlocks match. If not set, the action specified in the 'action' field will be applied without any rule checks for the source. Structure is documented below.

func (AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutput

func (o AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutput() AuthorizationPolicyRuleOutput

func (AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutputWithContext

func (o AuthorizationPolicyRuleOutput) ToAuthorizationPolicyRuleOutputWithContext(ctx context.Context) AuthorizationPolicyRuleOutput

type AuthorizationPolicyRuleSource

type AuthorizationPolicyRuleSource struct {
	// List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided.
	// The IP addresses of any load balancers or proxies should be considered untrusted.
	IpBlocks []string `pulumi:"ipBlocks"`
	// List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*".
	// Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.
	Principals []string `pulumi:"principals"`
}

type AuthorizationPolicyRuleSourceArgs

type AuthorizationPolicyRuleSourceArgs struct {
	// List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided.
	// The IP addresses of any load balancers or proxies should be considered untrusted.
	IpBlocks pulumi.StringArrayInput `pulumi:"ipBlocks"`
	// List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*".
	// Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.
	Principals pulumi.StringArrayInput `pulumi:"principals"`
}

func (AuthorizationPolicyRuleSourceArgs) ElementType

func (AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutput

func (i AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutput() AuthorizationPolicyRuleSourceOutput

func (AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutputWithContext

func (i AuthorizationPolicyRuleSourceArgs) ToAuthorizationPolicyRuleSourceOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceOutput

type AuthorizationPolicyRuleSourceArray

type AuthorizationPolicyRuleSourceArray []AuthorizationPolicyRuleSourceInput

func (AuthorizationPolicyRuleSourceArray) ElementType

func (AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutput

func (i AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutput() AuthorizationPolicyRuleSourceArrayOutput

func (AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutputWithContext

func (i AuthorizationPolicyRuleSourceArray) ToAuthorizationPolicyRuleSourceArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceArrayOutput

type AuthorizationPolicyRuleSourceArrayInput

type AuthorizationPolicyRuleSourceArrayInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleSourceArrayOutput() AuthorizationPolicyRuleSourceArrayOutput
	ToAuthorizationPolicyRuleSourceArrayOutputWithContext(context.Context) AuthorizationPolicyRuleSourceArrayOutput
}

AuthorizationPolicyRuleSourceArrayInput is an input type that accepts AuthorizationPolicyRuleSourceArray and AuthorizationPolicyRuleSourceArrayOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleSourceArrayInput` via:

AuthorizationPolicyRuleSourceArray{ AuthorizationPolicyRuleSourceArgs{...} }

type AuthorizationPolicyRuleSourceArrayOutput

type AuthorizationPolicyRuleSourceArrayOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleSourceArrayOutput) ElementType

func (AuthorizationPolicyRuleSourceArrayOutput) Index

func (AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutput

func (o AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutput() AuthorizationPolicyRuleSourceArrayOutput

func (AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutputWithContext

func (o AuthorizationPolicyRuleSourceArrayOutput) ToAuthorizationPolicyRuleSourceArrayOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceArrayOutput

type AuthorizationPolicyRuleSourceInput

type AuthorizationPolicyRuleSourceInput interface {
	pulumi.Input

	ToAuthorizationPolicyRuleSourceOutput() AuthorizationPolicyRuleSourceOutput
	ToAuthorizationPolicyRuleSourceOutputWithContext(context.Context) AuthorizationPolicyRuleSourceOutput
}

AuthorizationPolicyRuleSourceInput is an input type that accepts AuthorizationPolicyRuleSourceArgs and AuthorizationPolicyRuleSourceOutput values. You can construct a concrete instance of `AuthorizationPolicyRuleSourceInput` via:

AuthorizationPolicyRuleSourceArgs{...}

type AuthorizationPolicyRuleSourceOutput

type AuthorizationPolicyRuleSourceOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyRuleSourceOutput) ElementType

func (AuthorizationPolicyRuleSourceOutput) IpBlocks

List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided. The IP addresses of any load balancers or proxies should be considered untrusted.

func (AuthorizationPolicyRuleSourceOutput) Principals

List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*". Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.

func (AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutput

func (o AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutput() AuthorizationPolicyRuleSourceOutput

func (AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutputWithContext

func (o AuthorizationPolicyRuleSourceOutput) ToAuthorizationPolicyRuleSourceOutputWithContext(ctx context.Context) AuthorizationPolicyRuleSourceOutput

type AuthorizationPolicyState

type AuthorizationPolicyState struct {
	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	// Possible values are: `ALLOW`, `DENY`.
	Action pulumi.StringPtrInput
	// Time the AuthorizationPolicy was created in UTC.
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Set of label tags associated with the AuthorizationPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the authorization policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the AuthorizationPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
	// A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
	// Structure is documented below.
	Rules AuthorizationPolicyRuleArrayInput
	// Time the AuthorizationPolicy was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (AuthorizationPolicyState) ElementType

func (AuthorizationPolicyState) ElementType() reflect.Type

type AuthzPolicy added in v8.12.0

type AuthzPolicy struct {
	pulumi.CustomResourceState

	// When the action is CUSTOM, customProvider must be specified.
	// When the action is ALLOW, only requests matching the policy will be allowed.
	// When the action is DENY, only requests matching the policy will be denied.
	// When a request arrives, the policies are evaluated in the following order:
	// 1. If there is a CUSTOM policy that matches the request, the CUSTOM policy is evaluated using the custom authorization providers and the request is denied if the provider rejects the request.
	// 2. If there are any DENY policies that match the request, the request is denied.
	// 3. If there are no ALLOW policies for the resource or if any of the ALLOW policies match the request, the request is allowed.
	// 4. Else the request is denied by default if none of the configured AuthzPolicies with ALLOW action match the request.
	//    Possible values are: `ALLOW`, `DENY`, `CUSTOM`.
	Action pulumi.StringOutput `pulumi:"action"`
	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Required if the action is CUSTOM. Allows delegating authorization decisions to Cloud IAP or to Service Extensions. One
	// of cloudIap or authzExtension must be specified.
	CustomProvider AuthzPolicyCustomProviderPtrOutput `pulumi:"customProvider"`
	// A human-readable description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// A list of authorization HTTP rules to match against the incoming request.A policy match occurs when at least one HTTP
	// rule matches the request or when no HTTP rules are specified in the policy. At least one HTTP Rule is required for Allow
	// or Deny Action. Limited to 5 rules.
	HttpRules AuthzPolicyHttpRuleArrayOutput `pulumi:"httpRules"`
	// Set of labels associated with the AuthzExtension resource. **Note**: This field is non-authoritative, and will only
	// manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels
	// present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the resource.
	Location pulumi.StringOutput `pulumi:"location"`
	// Identifier. Name of the AuthzPolicy resource.
	Name    pulumi.StringOutput `pulumi:"name"`
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Specifies the set of resources to which this policy should be applied to.
	// Structure is documented below.
	Target AuthzPolicyTargetOutput `pulumi:"target"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

AuthzPolicy is a resource that allows to forward traffic to a callout backend designed to scan the traffic for security purposes.

To get more information about AuthzPolicy, see:

* [API documentation](https://cloud.google.com/load-balancing/docs/reference/network-security/rest/v1beta1/projects.locations.authzPolicies)

## Example Usage

### Network Services Authz Policy Advanced

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkservices"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
			Name:                  pulumi.String("lb-network"),
			Project:               pulumi.String("my-project-name"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{
			Name:        pulumi.String("backend-subnet"),
			Project:     pulumi.String("my-project-name"),
			Region:      pulumi.String("us-west1"),
			IpCidrRange: pulumi.String("10.1.2.0/24"),
			Network:     _default.ID(),
		})
		if err != nil {
			return err
		}
		proxyOnly, err := compute.NewSubnetwork(ctx, "proxy_only", &compute.SubnetworkArgs{
			Name:        pulumi.String("proxy-only-subnet"),
			Project:     pulumi.String("my-project-name"),
			Region:      pulumi.String("us-west1"),
			IpCidrRange: pulumi.String("10.129.0.0/23"),
			Purpose:     pulumi.String("REGIONAL_MANAGED_PROXY"),
			Role:        pulumi.String("ACTIVE"),
			Network:     _default.ID(),
		})
		if err != nil {
			return err
		}
		defaultAddress, err := compute.NewAddress(ctx, "default", &compute.AddressArgs{
			Name:        pulumi.String("l7-ilb-ip-address"),
			Project:     pulumi.String("my-project-name"),
			Region:      pulumi.String("us-west1"),
			Subnetwork:  defaultSubnetwork.ID(),
			AddressType: pulumi.String("INTERNAL"),
			Purpose:     pulumi.String("GCE_ENDPOINT"),
		})
		if err != nil {
			return err
		}
		defaultRegionHealthCheck, err := compute.NewRegionHealthCheck(ctx, "default", &compute.RegionHealthCheckArgs{
			Name:    pulumi.String("l7-ilb-basic-check"),
			Project: pulumi.String("my-project-name"),
			Region:  pulumi.String("us-west1"),
			HttpHealthCheck: &compute.RegionHealthCheckHttpHealthCheckArgs{
				PortSpecification: pulumi.String("USE_SERVING_PORT"),
			},
		})
		if err != nil {
			return err
		}
		urlMap, err := compute.NewRegionBackendService(ctx, "url_map", &compute.RegionBackendServiceArgs{
			Name:                pulumi.String("l7-ilb-backend-service"),
			Project:             pulumi.String("my-project-name"),
			Region:              pulumi.String("us-west1"),
			LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
			HealthChecks:        defaultRegionHealthCheck.ID(),
		})
		if err != nil {
			return err
		}
		defaultRegionUrlMap, err := compute.NewRegionUrlMap(ctx, "default", &compute.RegionUrlMapArgs{
			Name:           pulumi.String("l7-ilb-map"),
			Project:        pulumi.String("my-project-name"),
			Region:         pulumi.String("us-west1"),
			DefaultService: urlMap.ID(),
		})
		if err != nil {
			return err
		}
		defaultRegionTargetHttpProxy, err := compute.NewRegionTargetHttpProxy(ctx, "default", &compute.RegionTargetHttpProxyArgs{
			Name:    pulumi.String("l7-ilb-proxy"),
			Project: pulumi.String("my-project-name"),
			Region:  pulumi.String("us-west1"),
			UrlMap:  defaultRegionUrlMap.ID(),
		})
		if err != nil {
			return err
		}
		defaultForwardingRule, err := compute.NewForwardingRule(ctx, "default", &compute.ForwardingRuleArgs{
			Name:                pulumi.String("l7-ilb-forwarding-rule"),
			Project:             pulumi.String("my-project-name"),
			Region:              pulumi.String("us-west1"),
			LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
			Network:             _default.ID(),
			Subnetwork:          defaultSubnetwork.ID(),
			IpProtocol:          pulumi.String("TCP"),
			PortRange:           pulumi.String("80"),
			Target:              defaultRegionTargetHttpProxy.ID(),
			IpAddress:           defaultAddress.ID(),
		}, pulumi.DependsOn([]pulumi.Resource{
			proxyOnly,
		}))
		if err != nil {
			return err
		}
		authzExtension, err := compute.NewRegionBackendService(ctx, "authz_extension", &compute.RegionBackendServiceArgs{
			Name:                pulumi.String("authz-service"),
			Project:             pulumi.String("my-project-name"),
			Region:              pulumi.String("us-west1"),
			Protocol:            pulumi.String("HTTP2"),
			LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
			PortName:            pulumi.String("grpc"),
		})
		if err != nil {
			return err
		}
		defaultAuthzExtension, err := networkservices.NewAuthzExtension(ctx, "default", &networkservices.AuthzExtensionArgs{
			Name:                pulumi.String("my-authz-ext"),
			Project:             pulumi.String("my-project-name"),
			Location:            pulumi.String("us-west1"),
			Description:         pulumi.String("my description"),
			LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
			Authority:           pulumi.String("ext11.com"),
			Service:             authzExtension.SelfLink,
			Timeout:             pulumi.String("0.1s"),
			FailOpen:            pulumi.Bool(false),
			ForwardHeaders: pulumi.StringArray{
				pulumi.String("Authorization"),
			},
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewAuthzPolicy(ctx, "default", &networksecurity.AuthzPolicyArgs{
			Name:        pulumi.String("my-authz-policy"),
			Project:     pulumi.String("my-project-name"),
			Location:    pulumi.String("us-west1"),
			Description: pulumi.String("my description"),
			Target: &networksecurity.AuthzPolicyTargetArgs{
				LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
				Resources: pulumi.StringArray{
					defaultForwardingRule.SelfLink,
				},
			},
			Action: pulumi.String("CUSTOM"),
			CustomProvider: &networksecurity.AuthzPolicyCustomProviderArgs{
				AuthzExtension: &networksecurity.AuthzPolicyCustomProviderAuthzExtensionArgs{
					Resources: pulumi.StringArray{
						defaultAuthzExtension.ID(),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

AuthzPolicy can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/authzPolicies/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

* `{{name}}`

When using the `pulumi import` command, AuthzPolicy can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/authzPolicy:AuthzPolicy default projects/{{project}}/locations/{{location}}/authzPolicies/{{name}} ```

```sh $ pulumi import gcp:networksecurity/authzPolicy:AuthzPolicy default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/authzPolicy:AuthzPolicy default {{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/authzPolicy:AuthzPolicy default {{name}} ```

func GetAuthzPolicy added in v8.12.0

func GetAuthzPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthzPolicyState, opts ...pulumi.ResourceOption) (*AuthzPolicy, error)

GetAuthzPolicy gets an existing AuthzPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthzPolicy added in v8.12.0

func NewAuthzPolicy(ctx *pulumi.Context,
	name string, args *AuthzPolicyArgs, opts ...pulumi.ResourceOption) (*AuthzPolicy, error)

NewAuthzPolicy registers a new resource with the given unique name, arguments, and options.

func (*AuthzPolicy) ElementType added in v8.12.0

func (*AuthzPolicy) ElementType() reflect.Type

func (*AuthzPolicy) ToAuthzPolicyOutput added in v8.12.0

func (i *AuthzPolicy) ToAuthzPolicyOutput() AuthzPolicyOutput

func (*AuthzPolicy) ToAuthzPolicyOutputWithContext added in v8.12.0

func (i *AuthzPolicy) ToAuthzPolicyOutputWithContext(ctx context.Context) AuthzPolicyOutput

type AuthzPolicyArgs added in v8.12.0

type AuthzPolicyArgs struct {
	// When the action is CUSTOM, customProvider must be specified.
	// When the action is ALLOW, only requests matching the policy will be allowed.
	// When the action is DENY, only requests matching the policy will be denied.
	// When a request arrives, the policies are evaluated in the following order:
	// 1. If there is a CUSTOM policy that matches the request, the CUSTOM policy is evaluated using the custom authorization providers and the request is denied if the provider rejects the request.
	// 2. If there are any DENY policies that match the request, the request is denied.
	// 3. If there are no ALLOW policies for the resource or if any of the ALLOW policies match the request, the request is allowed.
	// 4. Else the request is denied by default if none of the configured AuthzPolicies with ALLOW action match the request.
	//    Possible values are: `ALLOW`, `DENY`, `CUSTOM`.
	Action pulumi.StringInput
	// Required if the action is CUSTOM. Allows delegating authorization decisions to Cloud IAP or to Service Extensions. One
	// of cloudIap or authzExtension must be specified.
	CustomProvider AuthzPolicyCustomProviderPtrInput
	// A human-readable description of the resource.
	Description pulumi.StringPtrInput
	// A list of authorization HTTP rules to match against the incoming request.A policy match occurs when at least one HTTP
	// rule matches the request or when no HTTP rules are specified in the policy. At least one HTTP Rule is required for Allow
	// or Deny Action. Limited to 5 rules.
	HttpRules AuthzPolicyHttpRuleArrayInput
	// Set of labels associated with the AuthzExtension resource. **Note**: This field is non-authoritative, and will only
	// manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels
	// present on the resource.
	Labels pulumi.StringMapInput
	// The location of the resource.
	Location pulumi.StringInput
	// Identifier. Name of the AuthzPolicy resource.
	Name    pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// Specifies the set of resources to which this policy should be applied to.
	// Structure is documented below.
	Target AuthzPolicyTargetInput
}

The set of arguments for constructing a AuthzPolicy resource.

func (AuthzPolicyArgs) ElementType added in v8.12.0

func (AuthzPolicyArgs) ElementType() reflect.Type

type AuthzPolicyArray added in v8.12.0

type AuthzPolicyArray []AuthzPolicyInput

func (AuthzPolicyArray) ElementType added in v8.12.0

func (AuthzPolicyArray) ElementType() reflect.Type

func (AuthzPolicyArray) ToAuthzPolicyArrayOutput added in v8.12.0

func (i AuthzPolicyArray) ToAuthzPolicyArrayOutput() AuthzPolicyArrayOutput

func (AuthzPolicyArray) ToAuthzPolicyArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyArray) ToAuthzPolicyArrayOutputWithContext(ctx context.Context) AuthzPolicyArrayOutput

type AuthzPolicyArrayInput added in v8.12.0

type AuthzPolicyArrayInput interface {
	pulumi.Input

	ToAuthzPolicyArrayOutput() AuthzPolicyArrayOutput
	ToAuthzPolicyArrayOutputWithContext(context.Context) AuthzPolicyArrayOutput
}

AuthzPolicyArrayInput is an input type that accepts AuthzPolicyArray and AuthzPolicyArrayOutput values. You can construct a concrete instance of `AuthzPolicyArrayInput` via:

AuthzPolicyArray{ AuthzPolicyArgs{...} }

type AuthzPolicyArrayOutput added in v8.12.0

type AuthzPolicyArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyArrayOutput) ElementType() reflect.Type

func (AuthzPolicyArrayOutput) Index added in v8.12.0

func (AuthzPolicyArrayOutput) ToAuthzPolicyArrayOutput added in v8.12.0

func (o AuthzPolicyArrayOutput) ToAuthzPolicyArrayOutput() AuthzPolicyArrayOutput

func (AuthzPolicyArrayOutput) ToAuthzPolicyArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyArrayOutput) ToAuthzPolicyArrayOutputWithContext(ctx context.Context) AuthzPolicyArrayOutput

type AuthzPolicyCustomProvider added in v8.12.0

type AuthzPolicyCustomProvider struct {
	// Delegate authorization decision to user authored Service Extension. Only one of cloudIap or authzExtension can be specified.
	// Structure is documented below.
	AuthzExtension *AuthzPolicyCustomProviderAuthzExtension `pulumi:"authzExtension"`
	// Delegates authorization decisions to Cloud IAP. Applicable only for managed load balancers. Enabling Cloud IAP at the AuthzPolicy level is not compatible with Cloud IAP settings in the BackendService. Enabling IAP in both places will result in request failure. Ensure that IAP is enabled in either the AuthzPolicy or the BackendService but not in both places.
	// Structure is documented below.
	CloudIap *AuthzPolicyCustomProviderCloudIap `pulumi:"cloudIap"`
}

type AuthzPolicyCustomProviderArgs added in v8.12.0

type AuthzPolicyCustomProviderArgs struct {
	// Delegate authorization decision to user authored Service Extension. Only one of cloudIap or authzExtension can be specified.
	// Structure is documented below.
	AuthzExtension AuthzPolicyCustomProviderAuthzExtensionPtrInput `pulumi:"authzExtension"`
	// Delegates authorization decisions to Cloud IAP. Applicable only for managed load balancers. Enabling Cloud IAP at the AuthzPolicy level is not compatible with Cloud IAP settings in the BackendService. Enabling IAP in both places will result in request failure. Ensure that IAP is enabled in either the AuthzPolicy or the BackendService but not in both places.
	// Structure is documented below.
	CloudIap AuthzPolicyCustomProviderCloudIapPtrInput `pulumi:"cloudIap"`
}

func (AuthzPolicyCustomProviderArgs) ElementType added in v8.12.0

func (AuthzPolicyCustomProviderArgs) ToAuthzPolicyCustomProviderOutput added in v8.12.0

func (i AuthzPolicyCustomProviderArgs) ToAuthzPolicyCustomProviderOutput() AuthzPolicyCustomProviderOutput

func (AuthzPolicyCustomProviderArgs) ToAuthzPolicyCustomProviderOutputWithContext added in v8.12.0

func (i AuthzPolicyCustomProviderArgs) ToAuthzPolicyCustomProviderOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderOutput

func (AuthzPolicyCustomProviderArgs) ToAuthzPolicyCustomProviderPtrOutput added in v8.12.0

func (i AuthzPolicyCustomProviderArgs) ToAuthzPolicyCustomProviderPtrOutput() AuthzPolicyCustomProviderPtrOutput

func (AuthzPolicyCustomProviderArgs) ToAuthzPolicyCustomProviderPtrOutputWithContext added in v8.12.0

func (i AuthzPolicyCustomProviderArgs) ToAuthzPolicyCustomProviderPtrOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderPtrOutput

type AuthzPolicyCustomProviderAuthzExtension added in v8.12.0

type AuthzPolicyCustomProviderAuthzExtension struct {
	// A list of references to authorization extensions that will be invoked for requests matching this policy. Limited to 1 custom provider.
	Resources []string `pulumi:"resources"`
}

type AuthzPolicyCustomProviderAuthzExtensionArgs added in v8.12.0

type AuthzPolicyCustomProviderAuthzExtensionArgs struct {
	// A list of references to authorization extensions that will be invoked for requests matching this policy. Limited to 1 custom provider.
	Resources pulumi.StringArrayInput `pulumi:"resources"`
}

func (AuthzPolicyCustomProviderAuthzExtensionArgs) ElementType added in v8.12.0

func (AuthzPolicyCustomProviderAuthzExtensionArgs) ToAuthzPolicyCustomProviderAuthzExtensionOutput added in v8.12.0

func (i AuthzPolicyCustomProviderAuthzExtensionArgs) ToAuthzPolicyCustomProviderAuthzExtensionOutput() AuthzPolicyCustomProviderAuthzExtensionOutput

func (AuthzPolicyCustomProviderAuthzExtensionArgs) ToAuthzPolicyCustomProviderAuthzExtensionOutputWithContext added in v8.12.0

func (i AuthzPolicyCustomProviderAuthzExtensionArgs) ToAuthzPolicyCustomProviderAuthzExtensionOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderAuthzExtensionOutput

func (AuthzPolicyCustomProviderAuthzExtensionArgs) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutput added in v8.12.0

func (i AuthzPolicyCustomProviderAuthzExtensionArgs) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutput() AuthzPolicyCustomProviderAuthzExtensionPtrOutput

func (AuthzPolicyCustomProviderAuthzExtensionArgs) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutputWithContext added in v8.12.0

func (i AuthzPolicyCustomProviderAuthzExtensionArgs) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderAuthzExtensionPtrOutput

type AuthzPolicyCustomProviderAuthzExtensionInput added in v8.12.0

type AuthzPolicyCustomProviderAuthzExtensionInput interface {
	pulumi.Input

	ToAuthzPolicyCustomProviderAuthzExtensionOutput() AuthzPolicyCustomProviderAuthzExtensionOutput
	ToAuthzPolicyCustomProviderAuthzExtensionOutputWithContext(context.Context) AuthzPolicyCustomProviderAuthzExtensionOutput
}

AuthzPolicyCustomProviderAuthzExtensionInput is an input type that accepts AuthzPolicyCustomProviderAuthzExtensionArgs and AuthzPolicyCustomProviderAuthzExtensionOutput values. You can construct a concrete instance of `AuthzPolicyCustomProviderAuthzExtensionInput` via:

AuthzPolicyCustomProviderAuthzExtensionArgs{...}

type AuthzPolicyCustomProviderAuthzExtensionOutput added in v8.12.0

type AuthzPolicyCustomProviderAuthzExtensionOutput struct{ *pulumi.OutputState }

func (AuthzPolicyCustomProviderAuthzExtensionOutput) ElementType added in v8.12.0

func (AuthzPolicyCustomProviderAuthzExtensionOutput) Resources added in v8.12.0

A list of references to authorization extensions that will be invoked for requests matching this policy. Limited to 1 custom provider.

func (AuthzPolicyCustomProviderAuthzExtensionOutput) ToAuthzPolicyCustomProviderAuthzExtensionOutput added in v8.12.0

func (o AuthzPolicyCustomProviderAuthzExtensionOutput) ToAuthzPolicyCustomProviderAuthzExtensionOutput() AuthzPolicyCustomProviderAuthzExtensionOutput

func (AuthzPolicyCustomProviderAuthzExtensionOutput) ToAuthzPolicyCustomProviderAuthzExtensionOutputWithContext added in v8.12.0

func (o AuthzPolicyCustomProviderAuthzExtensionOutput) ToAuthzPolicyCustomProviderAuthzExtensionOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderAuthzExtensionOutput

func (AuthzPolicyCustomProviderAuthzExtensionOutput) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutput added in v8.12.0

func (o AuthzPolicyCustomProviderAuthzExtensionOutput) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutput() AuthzPolicyCustomProviderAuthzExtensionPtrOutput

func (AuthzPolicyCustomProviderAuthzExtensionOutput) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyCustomProviderAuthzExtensionOutput) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderAuthzExtensionPtrOutput

type AuthzPolicyCustomProviderAuthzExtensionPtrInput added in v8.12.0

type AuthzPolicyCustomProviderAuthzExtensionPtrInput interface {
	pulumi.Input

	ToAuthzPolicyCustomProviderAuthzExtensionPtrOutput() AuthzPolicyCustomProviderAuthzExtensionPtrOutput
	ToAuthzPolicyCustomProviderAuthzExtensionPtrOutputWithContext(context.Context) AuthzPolicyCustomProviderAuthzExtensionPtrOutput
}

AuthzPolicyCustomProviderAuthzExtensionPtrInput is an input type that accepts AuthzPolicyCustomProviderAuthzExtensionArgs, AuthzPolicyCustomProviderAuthzExtensionPtr and AuthzPolicyCustomProviderAuthzExtensionPtrOutput values. You can construct a concrete instance of `AuthzPolicyCustomProviderAuthzExtensionPtrInput` via:

        AuthzPolicyCustomProviderAuthzExtensionArgs{...}

or:

        nil

type AuthzPolicyCustomProviderAuthzExtensionPtrOutput added in v8.12.0

type AuthzPolicyCustomProviderAuthzExtensionPtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyCustomProviderAuthzExtensionPtrOutput) Elem added in v8.12.0

func (AuthzPolicyCustomProviderAuthzExtensionPtrOutput) ElementType added in v8.12.0

func (AuthzPolicyCustomProviderAuthzExtensionPtrOutput) Resources added in v8.12.0

A list of references to authorization extensions that will be invoked for requests matching this policy. Limited to 1 custom provider.

func (AuthzPolicyCustomProviderAuthzExtensionPtrOutput) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutput added in v8.12.0

func (o AuthzPolicyCustomProviderAuthzExtensionPtrOutput) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutput() AuthzPolicyCustomProviderAuthzExtensionPtrOutput

func (AuthzPolicyCustomProviderAuthzExtensionPtrOutput) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyCustomProviderAuthzExtensionPtrOutput) ToAuthzPolicyCustomProviderAuthzExtensionPtrOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderAuthzExtensionPtrOutput

type AuthzPolicyCustomProviderCloudIap added in v8.12.0

type AuthzPolicyCustomProviderCloudIap struct {
	// Enable Cloud IAP at the AuthzPolicy level.
	Enabled bool `pulumi:"enabled"`
}

type AuthzPolicyCustomProviderCloudIapArgs added in v8.12.0

type AuthzPolicyCustomProviderCloudIapArgs struct {
	// Enable Cloud IAP at the AuthzPolicy level.
	Enabled pulumi.BoolInput `pulumi:"enabled"`
}

func (AuthzPolicyCustomProviderCloudIapArgs) ElementType added in v8.12.0

func (AuthzPolicyCustomProviderCloudIapArgs) ToAuthzPolicyCustomProviderCloudIapOutput added in v8.12.0

func (i AuthzPolicyCustomProviderCloudIapArgs) ToAuthzPolicyCustomProviderCloudIapOutput() AuthzPolicyCustomProviderCloudIapOutput

func (AuthzPolicyCustomProviderCloudIapArgs) ToAuthzPolicyCustomProviderCloudIapOutputWithContext added in v8.12.0

func (i AuthzPolicyCustomProviderCloudIapArgs) ToAuthzPolicyCustomProviderCloudIapOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderCloudIapOutput

func (AuthzPolicyCustomProviderCloudIapArgs) ToAuthzPolicyCustomProviderCloudIapPtrOutput added in v8.12.0

func (i AuthzPolicyCustomProviderCloudIapArgs) ToAuthzPolicyCustomProviderCloudIapPtrOutput() AuthzPolicyCustomProviderCloudIapPtrOutput

func (AuthzPolicyCustomProviderCloudIapArgs) ToAuthzPolicyCustomProviderCloudIapPtrOutputWithContext added in v8.12.0

func (i AuthzPolicyCustomProviderCloudIapArgs) ToAuthzPolicyCustomProviderCloudIapPtrOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderCloudIapPtrOutput

type AuthzPolicyCustomProviderCloudIapInput added in v8.12.0

type AuthzPolicyCustomProviderCloudIapInput interface {
	pulumi.Input

	ToAuthzPolicyCustomProviderCloudIapOutput() AuthzPolicyCustomProviderCloudIapOutput
	ToAuthzPolicyCustomProviderCloudIapOutputWithContext(context.Context) AuthzPolicyCustomProviderCloudIapOutput
}

AuthzPolicyCustomProviderCloudIapInput is an input type that accepts AuthzPolicyCustomProviderCloudIapArgs and AuthzPolicyCustomProviderCloudIapOutput values. You can construct a concrete instance of `AuthzPolicyCustomProviderCloudIapInput` via:

AuthzPolicyCustomProviderCloudIapArgs{...}

type AuthzPolicyCustomProviderCloudIapOutput added in v8.12.0

type AuthzPolicyCustomProviderCloudIapOutput struct{ *pulumi.OutputState }

func (AuthzPolicyCustomProviderCloudIapOutput) ElementType added in v8.12.0

func (AuthzPolicyCustomProviderCloudIapOutput) Enabled added in v8.12.0

Enable Cloud IAP at the AuthzPolicy level.

func (AuthzPolicyCustomProviderCloudIapOutput) ToAuthzPolicyCustomProviderCloudIapOutput added in v8.12.0

func (o AuthzPolicyCustomProviderCloudIapOutput) ToAuthzPolicyCustomProviderCloudIapOutput() AuthzPolicyCustomProviderCloudIapOutput

func (AuthzPolicyCustomProviderCloudIapOutput) ToAuthzPolicyCustomProviderCloudIapOutputWithContext added in v8.12.0

func (o AuthzPolicyCustomProviderCloudIapOutput) ToAuthzPolicyCustomProviderCloudIapOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderCloudIapOutput

func (AuthzPolicyCustomProviderCloudIapOutput) ToAuthzPolicyCustomProviderCloudIapPtrOutput added in v8.12.0

func (o AuthzPolicyCustomProviderCloudIapOutput) ToAuthzPolicyCustomProviderCloudIapPtrOutput() AuthzPolicyCustomProviderCloudIapPtrOutput

func (AuthzPolicyCustomProviderCloudIapOutput) ToAuthzPolicyCustomProviderCloudIapPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyCustomProviderCloudIapOutput) ToAuthzPolicyCustomProviderCloudIapPtrOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderCloudIapPtrOutput

type AuthzPolicyCustomProviderCloudIapPtrInput added in v8.12.0

type AuthzPolicyCustomProviderCloudIapPtrInput interface {
	pulumi.Input

	ToAuthzPolicyCustomProviderCloudIapPtrOutput() AuthzPolicyCustomProviderCloudIapPtrOutput
	ToAuthzPolicyCustomProviderCloudIapPtrOutputWithContext(context.Context) AuthzPolicyCustomProviderCloudIapPtrOutput
}

AuthzPolicyCustomProviderCloudIapPtrInput is an input type that accepts AuthzPolicyCustomProviderCloudIapArgs, AuthzPolicyCustomProviderCloudIapPtr and AuthzPolicyCustomProviderCloudIapPtrOutput values. You can construct a concrete instance of `AuthzPolicyCustomProviderCloudIapPtrInput` via:

        AuthzPolicyCustomProviderCloudIapArgs{...}

or:

        nil

type AuthzPolicyCustomProviderCloudIapPtrOutput added in v8.12.0

type AuthzPolicyCustomProviderCloudIapPtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyCustomProviderCloudIapPtrOutput) Elem added in v8.12.0

func (AuthzPolicyCustomProviderCloudIapPtrOutput) ElementType added in v8.12.0

func (AuthzPolicyCustomProviderCloudIapPtrOutput) Enabled added in v8.12.0

Enable Cloud IAP at the AuthzPolicy level.

func (AuthzPolicyCustomProviderCloudIapPtrOutput) ToAuthzPolicyCustomProviderCloudIapPtrOutput added in v8.12.0

func (o AuthzPolicyCustomProviderCloudIapPtrOutput) ToAuthzPolicyCustomProviderCloudIapPtrOutput() AuthzPolicyCustomProviderCloudIapPtrOutput

func (AuthzPolicyCustomProviderCloudIapPtrOutput) ToAuthzPolicyCustomProviderCloudIapPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyCustomProviderCloudIapPtrOutput) ToAuthzPolicyCustomProviderCloudIapPtrOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderCloudIapPtrOutput

type AuthzPolicyCustomProviderInput added in v8.12.0

type AuthzPolicyCustomProviderInput interface {
	pulumi.Input

	ToAuthzPolicyCustomProviderOutput() AuthzPolicyCustomProviderOutput
	ToAuthzPolicyCustomProviderOutputWithContext(context.Context) AuthzPolicyCustomProviderOutput
}

AuthzPolicyCustomProviderInput is an input type that accepts AuthzPolicyCustomProviderArgs and AuthzPolicyCustomProviderOutput values. You can construct a concrete instance of `AuthzPolicyCustomProviderInput` via:

AuthzPolicyCustomProviderArgs{...}

type AuthzPolicyCustomProviderOutput added in v8.12.0

type AuthzPolicyCustomProviderOutput struct{ *pulumi.OutputState }

func (AuthzPolicyCustomProviderOutput) AuthzExtension added in v8.12.0

Delegate authorization decision to user authored Service Extension. Only one of cloudIap or authzExtension can be specified. Structure is documented below.

func (AuthzPolicyCustomProviderOutput) CloudIap added in v8.12.0

Delegates authorization decisions to Cloud IAP. Applicable only for managed load balancers. Enabling Cloud IAP at the AuthzPolicy level is not compatible with Cloud IAP settings in the BackendService. Enabling IAP in both places will result in request failure. Ensure that IAP is enabled in either the AuthzPolicy or the BackendService but not in both places. Structure is documented below.

func (AuthzPolicyCustomProviderOutput) ElementType added in v8.12.0

func (AuthzPolicyCustomProviderOutput) ToAuthzPolicyCustomProviderOutput added in v8.12.0

func (o AuthzPolicyCustomProviderOutput) ToAuthzPolicyCustomProviderOutput() AuthzPolicyCustomProviderOutput

func (AuthzPolicyCustomProviderOutput) ToAuthzPolicyCustomProviderOutputWithContext added in v8.12.0

func (o AuthzPolicyCustomProviderOutput) ToAuthzPolicyCustomProviderOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderOutput

func (AuthzPolicyCustomProviderOutput) ToAuthzPolicyCustomProviderPtrOutput added in v8.12.0

func (o AuthzPolicyCustomProviderOutput) ToAuthzPolicyCustomProviderPtrOutput() AuthzPolicyCustomProviderPtrOutput

func (AuthzPolicyCustomProviderOutput) ToAuthzPolicyCustomProviderPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyCustomProviderOutput) ToAuthzPolicyCustomProviderPtrOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderPtrOutput

type AuthzPolicyCustomProviderPtrInput added in v8.12.0

type AuthzPolicyCustomProviderPtrInput interface {
	pulumi.Input

	ToAuthzPolicyCustomProviderPtrOutput() AuthzPolicyCustomProviderPtrOutput
	ToAuthzPolicyCustomProviderPtrOutputWithContext(context.Context) AuthzPolicyCustomProviderPtrOutput
}

AuthzPolicyCustomProviderPtrInput is an input type that accepts AuthzPolicyCustomProviderArgs, AuthzPolicyCustomProviderPtr and AuthzPolicyCustomProviderPtrOutput values. You can construct a concrete instance of `AuthzPolicyCustomProviderPtrInput` via:

        AuthzPolicyCustomProviderArgs{...}

or:

        nil

func AuthzPolicyCustomProviderPtr added in v8.12.0

type AuthzPolicyCustomProviderPtrOutput added in v8.12.0

type AuthzPolicyCustomProviderPtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyCustomProviderPtrOutput) AuthzExtension added in v8.12.0

Delegate authorization decision to user authored Service Extension. Only one of cloudIap or authzExtension can be specified. Structure is documented below.

func (AuthzPolicyCustomProviderPtrOutput) CloudIap added in v8.12.0

Delegates authorization decisions to Cloud IAP. Applicable only for managed load balancers. Enabling Cloud IAP at the AuthzPolicy level is not compatible with Cloud IAP settings in the BackendService. Enabling IAP in both places will result in request failure. Ensure that IAP is enabled in either the AuthzPolicy or the BackendService but not in both places. Structure is documented below.

func (AuthzPolicyCustomProviderPtrOutput) Elem added in v8.12.0

func (AuthzPolicyCustomProviderPtrOutput) ElementType added in v8.12.0

func (AuthzPolicyCustomProviderPtrOutput) ToAuthzPolicyCustomProviderPtrOutput added in v8.12.0

func (o AuthzPolicyCustomProviderPtrOutput) ToAuthzPolicyCustomProviderPtrOutput() AuthzPolicyCustomProviderPtrOutput

func (AuthzPolicyCustomProviderPtrOutput) ToAuthzPolicyCustomProviderPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyCustomProviderPtrOutput) ToAuthzPolicyCustomProviderPtrOutputWithContext(ctx context.Context) AuthzPolicyCustomProviderPtrOutput

type AuthzPolicyHttpRule added in v8.12.0

type AuthzPolicyHttpRule struct {
	// Describes properties of one or more sources of a request.
	// Structure is documented below.
	From *AuthzPolicyHttpRuleFrom `pulumi:"from"`
	// Describes properties of one or more targets of a request
	// Structure is documented below.
	To *AuthzPolicyHttpRuleTo `pulumi:"to"`
	// CEL expression that describes the conditions to be satisfied for the action. The result of the CEL expression is ANDed with the from and to. Refer to the CEL language reference for a list of available attributes.
	When *string `pulumi:"when"`
}

type AuthzPolicyHttpRuleArgs added in v8.12.0

type AuthzPolicyHttpRuleArgs struct {
	// Describes properties of one or more sources of a request.
	// Structure is documented below.
	From AuthzPolicyHttpRuleFromPtrInput `pulumi:"from"`
	// Describes properties of one or more targets of a request
	// Structure is documented below.
	To AuthzPolicyHttpRuleToPtrInput `pulumi:"to"`
	// CEL expression that describes the conditions to be satisfied for the action. The result of the CEL expression is ANDed with the from and to. Refer to the CEL language reference for a list of available attributes.
	When pulumi.StringPtrInput `pulumi:"when"`
}

func (AuthzPolicyHttpRuleArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleArgs) ElementType() reflect.Type

func (AuthzPolicyHttpRuleArgs) ToAuthzPolicyHttpRuleOutput added in v8.12.0

func (i AuthzPolicyHttpRuleArgs) ToAuthzPolicyHttpRuleOutput() AuthzPolicyHttpRuleOutput

func (AuthzPolicyHttpRuleArgs) ToAuthzPolicyHttpRuleOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleArgs) ToAuthzPolicyHttpRuleOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleOutput

type AuthzPolicyHttpRuleArray added in v8.12.0

type AuthzPolicyHttpRuleArray []AuthzPolicyHttpRuleInput

func (AuthzPolicyHttpRuleArray) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleArray) ElementType() reflect.Type

func (AuthzPolicyHttpRuleArray) ToAuthzPolicyHttpRuleArrayOutput added in v8.12.0

func (i AuthzPolicyHttpRuleArray) ToAuthzPolicyHttpRuleArrayOutput() AuthzPolicyHttpRuleArrayOutput

func (AuthzPolicyHttpRuleArray) ToAuthzPolicyHttpRuleArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleArray) ToAuthzPolicyHttpRuleArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleArrayOutput

type AuthzPolicyHttpRuleArrayInput added in v8.12.0

type AuthzPolicyHttpRuleArrayInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleArrayOutput() AuthzPolicyHttpRuleArrayOutput
	ToAuthzPolicyHttpRuleArrayOutputWithContext(context.Context) AuthzPolicyHttpRuleArrayOutput
}

AuthzPolicyHttpRuleArrayInput is an input type that accepts AuthzPolicyHttpRuleArray and AuthzPolicyHttpRuleArrayOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleArrayInput` via:

AuthzPolicyHttpRuleArray{ AuthzPolicyHttpRuleArgs{...} }

type AuthzPolicyHttpRuleArrayOutput added in v8.12.0

type AuthzPolicyHttpRuleArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleArrayOutput) Index added in v8.12.0

func (AuthzPolicyHttpRuleArrayOutput) ToAuthzPolicyHttpRuleArrayOutput added in v8.12.0

func (o AuthzPolicyHttpRuleArrayOutput) ToAuthzPolicyHttpRuleArrayOutput() AuthzPolicyHttpRuleArrayOutput

func (AuthzPolicyHttpRuleArrayOutput) ToAuthzPolicyHttpRuleArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleArrayOutput) ToAuthzPolicyHttpRuleArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleArrayOutput

type AuthzPolicyHttpRuleFrom added in v8.12.0

type AuthzPolicyHttpRuleFrom struct {
	// Describes the properties of a request's sources. At least one of sources or notSources must be specified. Limited to 5 sources. A match occurs when ANY source (in sources or notSources) matches the request. Within a single source, the match follows AND semantics across fields and OR semantics within a single field, i.e. a match occurs when ANY principal matches AND ANY ipBlocks match.
	// Structure is documented below.
	NotSources []AuthzPolicyHttpRuleFromNotSource `pulumi:"notSources"`
	// Describes the properties of a request's sources. At least one of sources or notSources must be specified. Limited to 5 sources. A match occurs when ANY source (in sources or notSources) matches the request. Within a single source, the match follows AND semantics across fields and OR semantics within a single field, i.e. a match occurs when ANY principal matches AND ANY ipBlocks match.
	// Structure is documented below.
	Sources []AuthzPolicyHttpRuleFromSource `pulumi:"sources"`
}

type AuthzPolicyHttpRuleFromArgs added in v8.12.0

type AuthzPolicyHttpRuleFromArgs struct {
	// Describes the properties of a request's sources. At least one of sources or notSources must be specified. Limited to 5 sources. A match occurs when ANY source (in sources or notSources) matches the request. Within a single source, the match follows AND semantics across fields and OR semantics within a single field, i.e. a match occurs when ANY principal matches AND ANY ipBlocks match.
	// Structure is documented below.
	NotSources AuthzPolicyHttpRuleFromNotSourceArrayInput `pulumi:"notSources"`
	// Describes the properties of a request's sources. At least one of sources or notSources must be specified. Limited to 5 sources. A match occurs when ANY source (in sources or notSources) matches the request. Within a single source, the match follows AND semantics across fields and OR semantics within a single field, i.e. a match occurs when ANY principal matches AND ANY ipBlocks match.
	// Structure is documented below.
	Sources AuthzPolicyHttpRuleFromSourceArrayInput `pulumi:"sources"`
}

func (AuthzPolicyHttpRuleFromArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromArgs) ToAuthzPolicyHttpRuleFromOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromArgs) ToAuthzPolicyHttpRuleFromOutput() AuthzPolicyHttpRuleFromOutput

func (AuthzPolicyHttpRuleFromArgs) ToAuthzPolicyHttpRuleFromOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromArgs) ToAuthzPolicyHttpRuleFromOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromOutput

func (AuthzPolicyHttpRuleFromArgs) ToAuthzPolicyHttpRuleFromPtrOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromArgs) ToAuthzPolicyHttpRuleFromPtrOutput() AuthzPolicyHttpRuleFromPtrOutput

func (AuthzPolicyHttpRuleFromArgs) ToAuthzPolicyHttpRuleFromPtrOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromArgs) ToAuthzPolicyHttpRuleFromPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromPtrOutput

type AuthzPolicyHttpRuleFromInput added in v8.12.0

type AuthzPolicyHttpRuleFromInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromOutput() AuthzPolicyHttpRuleFromOutput
	ToAuthzPolicyHttpRuleFromOutputWithContext(context.Context) AuthzPolicyHttpRuleFromOutput
}

AuthzPolicyHttpRuleFromInput is an input type that accepts AuthzPolicyHttpRuleFromArgs and AuthzPolicyHttpRuleFromOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromInput` via:

AuthzPolicyHttpRuleFromArgs{...}

type AuthzPolicyHttpRuleFromNotSource added in v8.12.0

type AuthzPolicyHttpRuleFromNotSource struct {
	// A list of identities derived from the client's certificate. This field will not match on a request unless mutual TLS is enabled for the Forwarding rule or Gateway. Each identity is a string whose value is matched against the URI SAN, or DNS SAN or the subject field in the client's certificate. The match can be exact, prefix, suffix or a substring match. One of exact, prefix, suffix or contains must be specified.
	// Limited to 5 principals.
	// Structure is documented below.
	Principals []AuthzPolicyHttpRuleFromNotSourcePrincipal `pulumi:"principals"`
	// A list of resources to match against the resource of the source VM of a request.
	// Limited to 5 resources.
	// Structure is documented below.
	Resources []AuthzPolicyHttpRuleFromNotSourceResource `pulumi:"resources"`
}

type AuthzPolicyHttpRuleFromNotSourceArgs added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceArgs struct {
	// A list of identities derived from the client's certificate. This field will not match on a request unless mutual TLS is enabled for the Forwarding rule or Gateway. Each identity is a string whose value is matched against the URI SAN, or DNS SAN or the subject field in the client's certificate. The match can be exact, prefix, suffix or a substring match. One of exact, prefix, suffix or contains must be specified.
	// Limited to 5 principals.
	// Structure is documented below.
	Principals AuthzPolicyHttpRuleFromNotSourcePrincipalArrayInput `pulumi:"principals"`
	// A list of resources to match against the resource of the source VM of a request.
	// Limited to 5 resources.
	// Structure is documented below.
	Resources AuthzPolicyHttpRuleFromNotSourceResourceArrayInput `pulumi:"resources"`
}

func (AuthzPolicyHttpRuleFromNotSourceArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceArgs) ToAuthzPolicyHttpRuleFromNotSourceOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceArgs) ToAuthzPolicyHttpRuleFromNotSourceOutput() AuthzPolicyHttpRuleFromNotSourceOutput

func (AuthzPolicyHttpRuleFromNotSourceArgs) ToAuthzPolicyHttpRuleFromNotSourceOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceArgs) ToAuthzPolicyHttpRuleFromNotSourceOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceOutput

type AuthzPolicyHttpRuleFromNotSourceArray added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceArray []AuthzPolicyHttpRuleFromNotSourceInput

func (AuthzPolicyHttpRuleFromNotSourceArray) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceArray) ToAuthzPolicyHttpRuleFromNotSourceArrayOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceArray) ToAuthzPolicyHttpRuleFromNotSourceArrayOutput() AuthzPolicyHttpRuleFromNotSourceArrayOutput

func (AuthzPolicyHttpRuleFromNotSourceArray) ToAuthzPolicyHttpRuleFromNotSourceArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceArray) ToAuthzPolicyHttpRuleFromNotSourceArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceArrayOutput

type AuthzPolicyHttpRuleFromNotSourceArrayInput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceArrayInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromNotSourceArrayOutput() AuthzPolicyHttpRuleFromNotSourceArrayOutput
	ToAuthzPolicyHttpRuleFromNotSourceArrayOutputWithContext(context.Context) AuthzPolicyHttpRuleFromNotSourceArrayOutput
}

AuthzPolicyHttpRuleFromNotSourceArrayInput is an input type that accepts AuthzPolicyHttpRuleFromNotSourceArray and AuthzPolicyHttpRuleFromNotSourceArrayOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromNotSourceArrayInput` via:

AuthzPolicyHttpRuleFromNotSourceArray{ AuthzPolicyHttpRuleFromNotSourceArgs{...} }

type AuthzPolicyHttpRuleFromNotSourceArrayOutput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromNotSourceArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceArrayOutput) Index added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceArrayOutput) ToAuthzPolicyHttpRuleFromNotSourceArrayOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceArrayOutput) ToAuthzPolicyHttpRuleFromNotSourceArrayOutput() AuthzPolicyHttpRuleFromNotSourceArrayOutput

func (AuthzPolicyHttpRuleFromNotSourceArrayOutput) ToAuthzPolicyHttpRuleFromNotSourceArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceArrayOutput) ToAuthzPolicyHttpRuleFromNotSourceArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceArrayOutput

type AuthzPolicyHttpRuleFromNotSourceInput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromNotSourceOutput() AuthzPolicyHttpRuleFromNotSourceOutput
	ToAuthzPolicyHttpRuleFromNotSourceOutputWithContext(context.Context) AuthzPolicyHttpRuleFromNotSourceOutput
}

AuthzPolicyHttpRuleFromNotSourceInput is an input type that accepts AuthzPolicyHttpRuleFromNotSourceArgs and AuthzPolicyHttpRuleFromNotSourceOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromNotSourceInput` via:

AuthzPolicyHttpRuleFromNotSourceArgs{...}

type AuthzPolicyHttpRuleFromNotSourceOutput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromNotSourceOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceOutput) Principals added in v8.12.0

A list of identities derived from the client's certificate. This field will not match on a request unless mutual TLS is enabled for the Forwarding rule or Gateway. Each identity is a string whose value is matched against the URI SAN, or DNS SAN or the subject field in the client's certificate. The match can be exact, prefix, suffix or a substring match. One of exact, prefix, suffix or contains must be specified. Limited to 5 principals. Structure is documented below.

func (AuthzPolicyHttpRuleFromNotSourceOutput) Resources added in v8.12.0

A list of resources to match against the resource of the source VM of a request. Limited to 5 resources. Structure is documented below.

func (AuthzPolicyHttpRuleFromNotSourceOutput) ToAuthzPolicyHttpRuleFromNotSourceOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceOutput) ToAuthzPolicyHttpRuleFromNotSourceOutput() AuthzPolicyHttpRuleFromNotSourceOutput

func (AuthzPolicyHttpRuleFromNotSourceOutput) ToAuthzPolicyHttpRuleFromNotSourceOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceOutput) ToAuthzPolicyHttpRuleFromNotSourceOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceOutput

type AuthzPolicyHttpRuleFromNotSourcePrincipal added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourcePrincipal struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains *string `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact *string `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase *bool `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix *string `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix *string `pulumi:"suffix"`
}

type AuthzPolicyHttpRuleFromNotSourcePrincipalArgs added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourcePrincipalArgs struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains pulumi.StringPtrInput `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact pulumi.StringPtrInput `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase pulumi.BoolPtrInput `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix pulumi.StringPtrInput `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix pulumi.StringPtrInput `pulumi:"suffix"`
}

func (AuthzPolicyHttpRuleFromNotSourcePrincipalArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourcePrincipalArgs) ToAuthzPolicyHttpRuleFromNotSourcePrincipalOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourcePrincipalArgs) ToAuthzPolicyHttpRuleFromNotSourcePrincipalOutput() AuthzPolicyHttpRuleFromNotSourcePrincipalOutput

func (AuthzPolicyHttpRuleFromNotSourcePrincipalArgs) ToAuthzPolicyHttpRuleFromNotSourcePrincipalOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourcePrincipalArgs) ToAuthzPolicyHttpRuleFromNotSourcePrincipalOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourcePrincipalOutput

type AuthzPolicyHttpRuleFromNotSourcePrincipalArray added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourcePrincipalArray []AuthzPolicyHttpRuleFromNotSourcePrincipalInput

func (AuthzPolicyHttpRuleFromNotSourcePrincipalArray) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourcePrincipalArray) ToAuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourcePrincipalArray) ToAuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput() AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput

func (AuthzPolicyHttpRuleFromNotSourcePrincipalArray) ToAuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourcePrincipalArray) ToAuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput

type AuthzPolicyHttpRuleFromNotSourcePrincipalArrayInput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourcePrincipalArrayInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput() AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput
	ToAuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutputWithContext(context.Context) AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput
}

AuthzPolicyHttpRuleFromNotSourcePrincipalArrayInput is an input type that accepts AuthzPolicyHttpRuleFromNotSourcePrincipalArray and AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromNotSourcePrincipalArrayInput` via:

AuthzPolicyHttpRuleFromNotSourcePrincipalArray{ AuthzPolicyHttpRuleFromNotSourcePrincipalArgs{...} }

type AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput) Index added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput) ToAuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput) ToAuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput) ToAuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourcePrincipalArrayOutput

type AuthzPolicyHttpRuleFromNotSourcePrincipalInput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourcePrincipalInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromNotSourcePrincipalOutput() AuthzPolicyHttpRuleFromNotSourcePrincipalOutput
	ToAuthzPolicyHttpRuleFromNotSourcePrincipalOutputWithContext(context.Context) AuthzPolicyHttpRuleFromNotSourcePrincipalOutput
}

AuthzPolicyHttpRuleFromNotSourcePrincipalInput is an input type that accepts AuthzPolicyHttpRuleFromNotSourcePrincipalArgs and AuthzPolicyHttpRuleFromNotSourcePrincipalOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromNotSourcePrincipalInput` via:

AuthzPolicyHttpRuleFromNotSourcePrincipalArgs{...}

type AuthzPolicyHttpRuleFromNotSourcePrincipalOutput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourcePrincipalOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromNotSourcePrincipalOutput) Contains added in v8.12.0

The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc.def

func (AuthzPolicyHttpRuleFromNotSourcePrincipalOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourcePrincipalOutput) Exact added in v8.12.0

The input string must match exactly the string specified here. Examples: * abc only matches the value abc.

func (AuthzPolicyHttpRuleFromNotSourcePrincipalOutput) IgnoreCase added in v8.12.0

If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.

func (AuthzPolicyHttpRuleFromNotSourcePrincipalOutput) Prefix added in v8.12.0

The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value abc.xyz

func (AuthzPolicyHttpRuleFromNotSourcePrincipalOutput) Suffix added in v8.12.0

The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc

func (AuthzPolicyHttpRuleFromNotSourcePrincipalOutput) ToAuthzPolicyHttpRuleFromNotSourcePrincipalOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourcePrincipalOutput) ToAuthzPolicyHttpRuleFromNotSourcePrincipalOutput() AuthzPolicyHttpRuleFromNotSourcePrincipalOutput

func (AuthzPolicyHttpRuleFromNotSourcePrincipalOutput) ToAuthzPolicyHttpRuleFromNotSourcePrincipalOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourcePrincipalOutput) ToAuthzPolicyHttpRuleFromNotSourcePrincipalOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourcePrincipalOutput

type AuthzPolicyHttpRuleFromNotSourceResource added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResource struct {
	// An IAM service account to match against the source service account of the VM sending the request.
	// Structure is documented below.
	IamServiceAccount *AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccount `pulumi:"iamServiceAccount"`
	// A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request.
	// Structure is documented below.
	TagValueIdSet *AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSet `pulumi:"tagValueIdSet"`
}

type AuthzPolicyHttpRuleFromNotSourceResourceArgs added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceArgs struct {
	// An IAM service account to match against the source service account of the VM sending the request.
	// Structure is documented below.
	IamServiceAccount AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrInput `pulumi:"iamServiceAccount"`
	// A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request.
	// Structure is documented below.
	TagValueIdSet AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrInput `pulumi:"tagValueIdSet"`
}

func (AuthzPolicyHttpRuleFromNotSourceResourceArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceResourceArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceOutput() AuthzPolicyHttpRuleFromNotSourceResourceOutput

func (AuthzPolicyHttpRuleFromNotSourceResourceArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceResourceArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceOutput

type AuthzPolicyHttpRuleFromNotSourceResourceArray added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceArray []AuthzPolicyHttpRuleFromNotSourceResourceInput

func (AuthzPolicyHttpRuleFromNotSourceResourceArray) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceArray) ToAuthzPolicyHttpRuleFromNotSourceResourceArrayOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceResourceArray) ToAuthzPolicyHttpRuleFromNotSourceResourceArrayOutput() AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput

func (AuthzPolicyHttpRuleFromNotSourceResourceArray) ToAuthzPolicyHttpRuleFromNotSourceResourceArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceResourceArray) ToAuthzPolicyHttpRuleFromNotSourceResourceArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput

type AuthzPolicyHttpRuleFromNotSourceResourceArrayInput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceArrayInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromNotSourceResourceArrayOutput() AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput
	ToAuthzPolicyHttpRuleFromNotSourceResourceArrayOutputWithContext(context.Context) AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput
}

AuthzPolicyHttpRuleFromNotSourceResourceArrayInput is an input type that accepts AuthzPolicyHttpRuleFromNotSourceResourceArray and AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromNotSourceResourceArrayInput` via:

AuthzPolicyHttpRuleFromNotSourceResourceArray{ AuthzPolicyHttpRuleFromNotSourceResourceArgs{...} }

type AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput) Index added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceArrayOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceArrayOutput() AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput

func (AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceArrayOutput

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccount added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccount struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains *string `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact *string `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase *bool `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix *string `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix *string `pulumi:"suffix"`
}

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains pulumi.StringPtrInput `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact pulumi.StringPtrInput `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase pulumi.BoolPtrInput `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix pulumi.StringPtrInput `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix pulumi.StringPtrInput `pulumi:"suffix"`
}

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountInput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput() AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput
	ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutputWithContext(context.Context) AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput
}

AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountInput is an input type that accepts AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs and AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountInput` via:

AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs{...}

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) Contains added in v8.12.0

The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc.def

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) Exact added in v8.12.0

The input string must match exactly the string specified here. Examples: * abc only matches the value abc.

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) IgnoreCase added in v8.12.0

If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) Prefix added in v8.12.0

The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value abc.xyz

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) Suffix added in v8.12.0

The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrInput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput() AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput
	ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutputWithContext(context.Context) AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput
}

AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrInput is an input type that accepts AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs, AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtr and AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrInput` via:

        AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountArgs{...}

or:

        nil

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput) Contains added in v8.12.0

The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc.def

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput) Elem added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput) Exact added in v8.12.0

The input string must match exactly the string specified here. Examples: * abc only matches the value abc.

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput) IgnoreCase added in v8.12.0

If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput) Prefix added in v8.12.0

The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value abc.xyz

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput) Suffix added in v8.12.0

The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceIamServiceAccountPtrOutput

type AuthzPolicyHttpRuleFromNotSourceResourceInput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromNotSourceResourceOutput() AuthzPolicyHttpRuleFromNotSourceResourceOutput
	ToAuthzPolicyHttpRuleFromNotSourceResourceOutputWithContext(context.Context) AuthzPolicyHttpRuleFromNotSourceResourceOutput
}

AuthzPolicyHttpRuleFromNotSourceResourceInput is an input type that accepts AuthzPolicyHttpRuleFromNotSourceResourceArgs and AuthzPolicyHttpRuleFromNotSourceResourceOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromNotSourceResourceInput` via:

AuthzPolicyHttpRuleFromNotSourceResourceArgs{...}

type AuthzPolicyHttpRuleFromNotSourceResourceOutput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromNotSourceResourceOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceOutput) IamServiceAccount added in v8.12.0

An IAM service account to match against the source service account of the VM sending the request. Structure is documented below.

func (AuthzPolicyHttpRuleFromNotSourceResourceOutput) TagValueIdSet added in v8.12.0

A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. Structure is documented below.

func (AuthzPolicyHttpRuleFromNotSourceResourceOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceResourceOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceOutput() AuthzPolicyHttpRuleFromNotSourceResourceOutput

func (AuthzPolicyHttpRuleFromNotSourceResourceOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceResourceOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceOutput

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSet added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSet struct {
	// A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match.
	// Limited to 5 matches.
	Ids []string `pulumi:"ids"`
}

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs struct {
	// A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match.
	// Limited to 5 matches.
	Ids pulumi.StringArrayInput `pulumi:"ids"`
}

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetInput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput() AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput
	ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutputWithContext(context.Context) AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput
}

AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetInput is an input type that accepts AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs and AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetInput` via:

AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs{...}

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput) Ids added in v8.12.0

A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match. Limited to 5 matches.

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrInput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput() AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput
	ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutputWithContext(context.Context) AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput
}

AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrInput is an input type that accepts AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs, AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtr and AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrInput` via:

        AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetArgs{...}

or:

        nil

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput added in v8.12.0

type AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput) Elem added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput) Ids added in v8.12.0

A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match. Limited to 5 matches.

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput) ToAuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromNotSourceResourceTagValueIdSetPtrOutput

type AuthzPolicyHttpRuleFromOutput added in v8.12.0

type AuthzPolicyHttpRuleFromOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromOutput) NotSources added in v8.12.0

Describes the properties of a request's sources. At least one of sources or notSources must be specified. Limited to 5 sources. A match occurs when ANY source (in sources or notSources) matches the request. Within a single source, the match follows AND semantics across fields and OR semantics within a single field, i.e. a match occurs when ANY principal matches AND ANY ipBlocks match. Structure is documented below.

func (AuthzPolicyHttpRuleFromOutput) Sources added in v8.12.0

Describes the properties of a request's sources. At least one of sources or notSources must be specified. Limited to 5 sources. A match occurs when ANY source (in sources or notSources) matches the request. Within a single source, the match follows AND semantics across fields and OR semantics within a single field, i.e. a match occurs when ANY principal matches AND ANY ipBlocks match. Structure is documented below.

func (AuthzPolicyHttpRuleFromOutput) ToAuthzPolicyHttpRuleFromOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromOutput) ToAuthzPolicyHttpRuleFromOutput() AuthzPolicyHttpRuleFromOutput

func (AuthzPolicyHttpRuleFromOutput) ToAuthzPolicyHttpRuleFromOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromOutput) ToAuthzPolicyHttpRuleFromOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromOutput

func (AuthzPolicyHttpRuleFromOutput) ToAuthzPolicyHttpRuleFromPtrOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromOutput) ToAuthzPolicyHttpRuleFromPtrOutput() AuthzPolicyHttpRuleFromPtrOutput

func (AuthzPolicyHttpRuleFromOutput) ToAuthzPolicyHttpRuleFromPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromOutput) ToAuthzPolicyHttpRuleFromPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromPtrOutput

type AuthzPolicyHttpRuleFromPtrInput added in v8.12.0

type AuthzPolicyHttpRuleFromPtrInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromPtrOutput() AuthzPolicyHttpRuleFromPtrOutput
	ToAuthzPolicyHttpRuleFromPtrOutputWithContext(context.Context) AuthzPolicyHttpRuleFromPtrOutput
}

AuthzPolicyHttpRuleFromPtrInput is an input type that accepts AuthzPolicyHttpRuleFromArgs, AuthzPolicyHttpRuleFromPtr and AuthzPolicyHttpRuleFromPtrOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromPtrInput` via:

        AuthzPolicyHttpRuleFromArgs{...}

or:

        nil

func AuthzPolicyHttpRuleFromPtr added in v8.12.0

func AuthzPolicyHttpRuleFromPtr(v *AuthzPolicyHttpRuleFromArgs) AuthzPolicyHttpRuleFromPtrInput

type AuthzPolicyHttpRuleFromPtrOutput added in v8.12.0

type AuthzPolicyHttpRuleFromPtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromPtrOutput) Elem added in v8.12.0

func (AuthzPolicyHttpRuleFromPtrOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromPtrOutput) NotSources added in v8.12.0

Describes the properties of a request's sources. At least one of sources or notSources must be specified. Limited to 5 sources. A match occurs when ANY source (in sources or notSources) matches the request. Within a single source, the match follows AND semantics across fields and OR semantics within a single field, i.e. a match occurs when ANY principal matches AND ANY ipBlocks match. Structure is documented below.

func (AuthzPolicyHttpRuleFromPtrOutput) Sources added in v8.12.0

Describes the properties of a request's sources. At least one of sources or notSources must be specified. Limited to 5 sources. A match occurs when ANY source (in sources or notSources) matches the request. Within a single source, the match follows AND semantics across fields and OR semantics within a single field, i.e. a match occurs when ANY principal matches AND ANY ipBlocks match. Structure is documented below.

func (AuthzPolicyHttpRuleFromPtrOutput) ToAuthzPolicyHttpRuleFromPtrOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromPtrOutput) ToAuthzPolicyHttpRuleFromPtrOutput() AuthzPolicyHttpRuleFromPtrOutput

func (AuthzPolicyHttpRuleFromPtrOutput) ToAuthzPolicyHttpRuleFromPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromPtrOutput) ToAuthzPolicyHttpRuleFromPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromPtrOutput

type AuthzPolicyHttpRuleFromSource added in v8.12.0

type AuthzPolicyHttpRuleFromSource struct {
	// A list of identities derived from the client's certificate. This field will not match on a request unless mutual TLS is enabled for the Forwarding rule or Gateway. Each identity is a string whose value is matched against the URI SAN, or DNS SAN or the subject field in the client's certificate. The match can be exact, prefix, suffix or a substring match. One of exact, prefix, suffix or contains must be specified.
	// Limited to 5 principals.
	// Structure is documented below.
	Principals []AuthzPolicyHttpRuleFromSourcePrincipal `pulumi:"principals"`
	// A list of resources to match against the resource of the source VM of a request.
	// Limited to 5 resources.
	// Structure is documented below.
	Resources []AuthzPolicyHttpRuleFromSourceResource `pulumi:"resources"`
}

type AuthzPolicyHttpRuleFromSourceArgs added in v8.12.0

type AuthzPolicyHttpRuleFromSourceArgs struct {
	// A list of identities derived from the client's certificate. This field will not match on a request unless mutual TLS is enabled for the Forwarding rule or Gateway. Each identity is a string whose value is matched against the URI SAN, or DNS SAN or the subject field in the client's certificate. The match can be exact, prefix, suffix or a substring match. One of exact, prefix, suffix or contains must be specified.
	// Limited to 5 principals.
	// Structure is documented below.
	Principals AuthzPolicyHttpRuleFromSourcePrincipalArrayInput `pulumi:"principals"`
	// A list of resources to match against the resource of the source VM of a request.
	// Limited to 5 resources.
	// Structure is documented below.
	Resources AuthzPolicyHttpRuleFromSourceResourceArrayInput `pulumi:"resources"`
}

func (AuthzPolicyHttpRuleFromSourceArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceArgs) ToAuthzPolicyHttpRuleFromSourceOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceArgs) ToAuthzPolicyHttpRuleFromSourceOutput() AuthzPolicyHttpRuleFromSourceOutput

func (AuthzPolicyHttpRuleFromSourceArgs) ToAuthzPolicyHttpRuleFromSourceOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceArgs) ToAuthzPolicyHttpRuleFromSourceOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceOutput

type AuthzPolicyHttpRuleFromSourceArray added in v8.12.0

type AuthzPolicyHttpRuleFromSourceArray []AuthzPolicyHttpRuleFromSourceInput

func (AuthzPolicyHttpRuleFromSourceArray) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceArray) ToAuthzPolicyHttpRuleFromSourceArrayOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceArray) ToAuthzPolicyHttpRuleFromSourceArrayOutput() AuthzPolicyHttpRuleFromSourceArrayOutput

func (AuthzPolicyHttpRuleFromSourceArray) ToAuthzPolicyHttpRuleFromSourceArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceArray) ToAuthzPolicyHttpRuleFromSourceArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceArrayOutput

type AuthzPolicyHttpRuleFromSourceArrayInput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceArrayInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromSourceArrayOutput() AuthzPolicyHttpRuleFromSourceArrayOutput
	ToAuthzPolicyHttpRuleFromSourceArrayOutputWithContext(context.Context) AuthzPolicyHttpRuleFromSourceArrayOutput
}

AuthzPolicyHttpRuleFromSourceArrayInput is an input type that accepts AuthzPolicyHttpRuleFromSourceArray and AuthzPolicyHttpRuleFromSourceArrayOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromSourceArrayInput` via:

AuthzPolicyHttpRuleFromSourceArray{ AuthzPolicyHttpRuleFromSourceArgs{...} }

type AuthzPolicyHttpRuleFromSourceArrayOutput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromSourceArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceArrayOutput) Index added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceArrayOutput) ToAuthzPolicyHttpRuleFromSourceArrayOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceArrayOutput) ToAuthzPolicyHttpRuleFromSourceArrayOutput() AuthzPolicyHttpRuleFromSourceArrayOutput

func (AuthzPolicyHttpRuleFromSourceArrayOutput) ToAuthzPolicyHttpRuleFromSourceArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceArrayOutput) ToAuthzPolicyHttpRuleFromSourceArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceArrayOutput

type AuthzPolicyHttpRuleFromSourceInput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromSourceOutput() AuthzPolicyHttpRuleFromSourceOutput
	ToAuthzPolicyHttpRuleFromSourceOutputWithContext(context.Context) AuthzPolicyHttpRuleFromSourceOutput
}

AuthzPolicyHttpRuleFromSourceInput is an input type that accepts AuthzPolicyHttpRuleFromSourceArgs and AuthzPolicyHttpRuleFromSourceOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromSourceInput` via:

AuthzPolicyHttpRuleFromSourceArgs{...}

type AuthzPolicyHttpRuleFromSourceOutput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromSourceOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceOutput) Principals added in v8.12.0

A list of identities derived from the client's certificate. This field will not match on a request unless mutual TLS is enabled for the Forwarding rule or Gateway. Each identity is a string whose value is matched against the URI SAN, or DNS SAN or the subject field in the client's certificate. The match can be exact, prefix, suffix or a substring match. One of exact, prefix, suffix or contains must be specified. Limited to 5 principals. Structure is documented below.

func (AuthzPolicyHttpRuleFromSourceOutput) Resources added in v8.12.0

A list of resources to match against the resource of the source VM of a request. Limited to 5 resources. Structure is documented below.

func (AuthzPolicyHttpRuleFromSourceOutput) ToAuthzPolicyHttpRuleFromSourceOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceOutput) ToAuthzPolicyHttpRuleFromSourceOutput() AuthzPolicyHttpRuleFromSourceOutput

func (AuthzPolicyHttpRuleFromSourceOutput) ToAuthzPolicyHttpRuleFromSourceOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceOutput) ToAuthzPolicyHttpRuleFromSourceOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceOutput

type AuthzPolicyHttpRuleFromSourcePrincipal added in v8.12.0

type AuthzPolicyHttpRuleFromSourcePrincipal struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains *string `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact *string `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase *bool `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix *string `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix *string `pulumi:"suffix"`
}

type AuthzPolicyHttpRuleFromSourcePrincipalArgs added in v8.12.0

type AuthzPolicyHttpRuleFromSourcePrincipalArgs struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains pulumi.StringPtrInput `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact pulumi.StringPtrInput `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase pulumi.BoolPtrInput `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix pulumi.StringPtrInput `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix pulumi.StringPtrInput `pulumi:"suffix"`
}

func (AuthzPolicyHttpRuleFromSourcePrincipalArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourcePrincipalArgs) ToAuthzPolicyHttpRuleFromSourcePrincipalOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourcePrincipalArgs) ToAuthzPolicyHttpRuleFromSourcePrincipalOutput() AuthzPolicyHttpRuleFromSourcePrincipalOutput

func (AuthzPolicyHttpRuleFromSourcePrincipalArgs) ToAuthzPolicyHttpRuleFromSourcePrincipalOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourcePrincipalArgs) ToAuthzPolicyHttpRuleFromSourcePrincipalOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourcePrincipalOutput

type AuthzPolicyHttpRuleFromSourcePrincipalArray added in v8.12.0

type AuthzPolicyHttpRuleFromSourcePrincipalArray []AuthzPolicyHttpRuleFromSourcePrincipalInput

func (AuthzPolicyHttpRuleFromSourcePrincipalArray) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourcePrincipalArray) ToAuthzPolicyHttpRuleFromSourcePrincipalArrayOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourcePrincipalArray) ToAuthzPolicyHttpRuleFromSourcePrincipalArrayOutput() AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput

func (AuthzPolicyHttpRuleFromSourcePrincipalArray) ToAuthzPolicyHttpRuleFromSourcePrincipalArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourcePrincipalArray) ToAuthzPolicyHttpRuleFromSourcePrincipalArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput

type AuthzPolicyHttpRuleFromSourcePrincipalArrayInput added in v8.12.0

type AuthzPolicyHttpRuleFromSourcePrincipalArrayInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromSourcePrincipalArrayOutput() AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput
	ToAuthzPolicyHttpRuleFromSourcePrincipalArrayOutputWithContext(context.Context) AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput
}

AuthzPolicyHttpRuleFromSourcePrincipalArrayInput is an input type that accepts AuthzPolicyHttpRuleFromSourcePrincipalArray and AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromSourcePrincipalArrayInput` via:

AuthzPolicyHttpRuleFromSourcePrincipalArray{ AuthzPolicyHttpRuleFromSourcePrincipalArgs{...} }

type AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput added in v8.12.0

type AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput) Index added in v8.12.0

func (AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput) ToAuthzPolicyHttpRuleFromSourcePrincipalArrayOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput) ToAuthzPolicyHttpRuleFromSourcePrincipalArrayOutput() AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput

func (AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput) ToAuthzPolicyHttpRuleFromSourcePrincipalArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput) ToAuthzPolicyHttpRuleFromSourcePrincipalArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourcePrincipalArrayOutput

type AuthzPolicyHttpRuleFromSourcePrincipalInput added in v8.12.0

type AuthzPolicyHttpRuleFromSourcePrincipalInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromSourcePrincipalOutput() AuthzPolicyHttpRuleFromSourcePrincipalOutput
	ToAuthzPolicyHttpRuleFromSourcePrincipalOutputWithContext(context.Context) AuthzPolicyHttpRuleFromSourcePrincipalOutput
}

AuthzPolicyHttpRuleFromSourcePrincipalInput is an input type that accepts AuthzPolicyHttpRuleFromSourcePrincipalArgs and AuthzPolicyHttpRuleFromSourcePrincipalOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromSourcePrincipalInput` via:

AuthzPolicyHttpRuleFromSourcePrincipalArgs{...}

type AuthzPolicyHttpRuleFromSourcePrincipalOutput added in v8.12.0

type AuthzPolicyHttpRuleFromSourcePrincipalOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromSourcePrincipalOutput) Contains added in v8.12.0

The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc.def

func (AuthzPolicyHttpRuleFromSourcePrincipalOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourcePrincipalOutput) Exact added in v8.12.0

The input string must match exactly the string specified here. Examples: * abc only matches the value abc.

func (AuthzPolicyHttpRuleFromSourcePrincipalOutput) IgnoreCase added in v8.12.0

If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.

func (AuthzPolicyHttpRuleFromSourcePrincipalOutput) Prefix added in v8.12.0

The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value abc.xyz

func (AuthzPolicyHttpRuleFromSourcePrincipalOutput) Suffix added in v8.12.0

The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc

func (AuthzPolicyHttpRuleFromSourcePrincipalOutput) ToAuthzPolicyHttpRuleFromSourcePrincipalOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourcePrincipalOutput) ToAuthzPolicyHttpRuleFromSourcePrincipalOutput() AuthzPolicyHttpRuleFromSourcePrincipalOutput

func (AuthzPolicyHttpRuleFromSourcePrincipalOutput) ToAuthzPolicyHttpRuleFromSourcePrincipalOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourcePrincipalOutput) ToAuthzPolicyHttpRuleFromSourcePrincipalOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourcePrincipalOutput

type AuthzPolicyHttpRuleFromSourceResource added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResource struct {
	// An IAM service account to match against the source service account of the VM sending the request.
	// Structure is documented below.
	IamServiceAccount *AuthzPolicyHttpRuleFromSourceResourceIamServiceAccount `pulumi:"iamServiceAccount"`
	// A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request.
	// Structure is documented below.
	TagValueIdSet *AuthzPolicyHttpRuleFromSourceResourceTagValueIdSet `pulumi:"tagValueIdSet"`
}

type AuthzPolicyHttpRuleFromSourceResourceArgs added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceArgs struct {
	// An IAM service account to match against the source service account of the VM sending the request.
	// Structure is documented below.
	IamServiceAccount AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrInput `pulumi:"iamServiceAccount"`
	// A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request.
	// Structure is documented below.
	TagValueIdSet AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrInput `pulumi:"tagValueIdSet"`
}

func (AuthzPolicyHttpRuleFromSourceResourceArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceArgs) ToAuthzPolicyHttpRuleFromSourceResourceOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceResourceArgs) ToAuthzPolicyHttpRuleFromSourceResourceOutput() AuthzPolicyHttpRuleFromSourceResourceOutput

func (AuthzPolicyHttpRuleFromSourceResourceArgs) ToAuthzPolicyHttpRuleFromSourceResourceOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceResourceArgs) ToAuthzPolicyHttpRuleFromSourceResourceOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceOutput

type AuthzPolicyHttpRuleFromSourceResourceArray added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceArray []AuthzPolicyHttpRuleFromSourceResourceInput

func (AuthzPolicyHttpRuleFromSourceResourceArray) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceArray) ToAuthzPolicyHttpRuleFromSourceResourceArrayOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceResourceArray) ToAuthzPolicyHttpRuleFromSourceResourceArrayOutput() AuthzPolicyHttpRuleFromSourceResourceArrayOutput

func (AuthzPolicyHttpRuleFromSourceResourceArray) ToAuthzPolicyHttpRuleFromSourceResourceArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceResourceArray) ToAuthzPolicyHttpRuleFromSourceResourceArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceArrayOutput

type AuthzPolicyHttpRuleFromSourceResourceArrayInput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceArrayInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromSourceResourceArrayOutput() AuthzPolicyHttpRuleFromSourceResourceArrayOutput
	ToAuthzPolicyHttpRuleFromSourceResourceArrayOutputWithContext(context.Context) AuthzPolicyHttpRuleFromSourceResourceArrayOutput
}

AuthzPolicyHttpRuleFromSourceResourceArrayInput is an input type that accepts AuthzPolicyHttpRuleFromSourceResourceArray and AuthzPolicyHttpRuleFromSourceResourceArrayOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromSourceResourceArrayInput` via:

AuthzPolicyHttpRuleFromSourceResourceArray{ AuthzPolicyHttpRuleFromSourceResourceArgs{...} }

type AuthzPolicyHttpRuleFromSourceResourceArrayOutput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromSourceResourceArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceArrayOutput) Index added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceArrayOutput) ToAuthzPolicyHttpRuleFromSourceResourceArrayOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceResourceArrayOutput) ToAuthzPolicyHttpRuleFromSourceResourceArrayOutput() AuthzPolicyHttpRuleFromSourceResourceArrayOutput

func (AuthzPolicyHttpRuleFromSourceResourceArrayOutput) ToAuthzPolicyHttpRuleFromSourceResourceArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceResourceArrayOutput) ToAuthzPolicyHttpRuleFromSourceResourceArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceArrayOutput

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccount added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccount struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains *string `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact *string `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase *bool `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix *string `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix *string `pulumi:"suffix"`
}

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains pulumi.StringPtrInput `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact pulumi.StringPtrInput `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase pulumi.BoolPtrInput `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix pulumi.StringPtrInput `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix pulumi.StringPtrInput `pulumi:"suffix"`
}

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountInput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput() AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput
	ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutputWithContext(context.Context) AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput
}

AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountInput is an input type that accepts AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs and AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountInput` via:

AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs{...}

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) Contains added in v8.12.0

The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc.def

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) Exact added in v8.12.0

The input string must match exactly the string specified here. Examples: * abc only matches the value abc.

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) IgnoreCase added in v8.12.0

If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) Prefix added in v8.12.0

The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value abc.xyz

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) Suffix added in v8.12.0

The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountOutput) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrInput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput() AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput
	ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutputWithContext(context.Context) AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput
}

AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrInput is an input type that accepts AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs, AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtr and AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrInput` via:

        AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountArgs{...}

or:

        nil

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput) Contains added in v8.12.0

The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc.def

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput) Elem added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput) Exact added in v8.12.0

The input string must match exactly the string specified here. Examples: * abc only matches the value abc.

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput) IgnoreCase added in v8.12.0

If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput) Prefix added in v8.12.0

The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value abc.xyz

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput) Suffix added in v8.12.0

The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput) ToAuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceIamServiceAccountPtrOutput

type AuthzPolicyHttpRuleFromSourceResourceInput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromSourceResourceOutput() AuthzPolicyHttpRuleFromSourceResourceOutput
	ToAuthzPolicyHttpRuleFromSourceResourceOutputWithContext(context.Context) AuthzPolicyHttpRuleFromSourceResourceOutput
}

AuthzPolicyHttpRuleFromSourceResourceInput is an input type that accepts AuthzPolicyHttpRuleFromSourceResourceArgs and AuthzPolicyHttpRuleFromSourceResourceOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromSourceResourceInput` via:

AuthzPolicyHttpRuleFromSourceResourceArgs{...}

type AuthzPolicyHttpRuleFromSourceResourceOutput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromSourceResourceOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceOutput) IamServiceAccount added in v8.12.0

An IAM service account to match against the source service account of the VM sending the request. Structure is documented below.

func (AuthzPolicyHttpRuleFromSourceResourceOutput) TagValueIdSet added in v8.12.0

A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. Structure is documented below.

func (AuthzPolicyHttpRuleFromSourceResourceOutput) ToAuthzPolicyHttpRuleFromSourceResourceOutput added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceResourceOutput) ToAuthzPolicyHttpRuleFromSourceResourceOutput() AuthzPolicyHttpRuleFromSourceResourceOutput

func (AuthzPolicyHttpRuleFromSourceResourceOutput) ToAuthzPolicyHttpRuleFromSourceResourceOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceResourceOutput) ToAuthzPolicyHttpRuleFromSourceResourceOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceOutput

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSet added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSet struct {
	// A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match.
	// Limited to 5 matches.
	Ids []string `pulumi:"ids"`
}

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs struct {
	// A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match.
	// Limited to 5 matches.
	Ids pulumi.StringArrayInput `pulumi:"ids"`
}

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput() AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetInput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput() AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput
	ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutputWithContext(context.Context) AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput
}

AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetInput is an input type that accepts AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs and AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetInput` via:

AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs{...}

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput) Ids added in v8.12.0

A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match. Limited to 5 matches.

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetOutput) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrInput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput() AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput
	ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutputWithContext(context.Context) AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput
}

AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrInput is an input type that accepts AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs, AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtr and AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrInput` via:

        AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetArgs{...}

or:

        nil

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput added in v8.12.0

type AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput) Elem added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput) Ids added in v8.12.0

A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match. Limited to 5 matches.

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput) ToAuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleFromSourceResourceTagValueIdSetPtrOutput

type AuthzPolicyHttpRuleInput added in v8.12.0

type AuthzPolicyHttpRuleInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleOutput() AuthzPolicyHttpRuleOutput
	ToAuthzPolicyHttpRuleOutputWithContext(context.Context) AuthzPolicyHttpRuleOutput
}

AuthzPolicyHttpRuleInput is an input type that accepts AuthzPolicyHttpRuleArgs and AuthzPolicyHttpRuleOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleInput` via:

AuthzPolicyHttpRuleArgs{...}

type AuthzPolicyHttpRuleOutput added in v8.12.0

type AuthzPolicyHttpRuleOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleOutput) ElementType() reflect.Type

func (AuthzPolicyHttpRuleOutput) From added in v8.12.0

Describes properties of one or more sources of a request. Structure is documented below.

func (AuthzPolicyHttpRuleOutput) To added in v8.12.0

Describes properties of one or more targets of a request Structure is documented below.

func (AuthzPolicyHttpRuleOutput) ToAuthzPolicyHttpRuleOutput added in v8.12.0

func (o AuthzPolicyHttpRuleOutput) ToAuthzPolicyHttpRuleOutput() AuthzPolicyHttpRuleOutput

func (AuthzPolicyHttpRuleOutput) ToAuthzPolicyHttpRuleOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleOutput) ToAuthzPolicyHttpRuleOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleOutput

func (AuthzPolicyHttpRuleOutput) When added in v8.12.0

CEL expression that describes the conditions to be satisfied for the action. The result of the CEL expression is ANDed with the from and to. Refer to the CEL language reference for a list of available attributes.

type AuthzPolicyHttpRuleTo added in v8.12.0

type AuthzPolicyHttpRuleTo struct {
	// Describes properties of one or more targets of a request. At least one of operations or notOperations must be specified. Limited to 5 operations. A match occurs when ANY operation (in operations or notOperations) matches. Within an operation, the match follows AND semantics across fields and OR semantics within a field, i.e. a match occurs when ANY path matches AND ANY header matches and ANY method matches.
	// Structure is documented below.
	Operations []AuthzPolicyHttpRuleToOperation `pulumi:"operations"`
}

type AuthzPolicyHttpRuleToArgs added in v8.12.0

type AuthzPolicyHttpRuleToArgs struct {
	// Describes properties of one or more targets of a request. At least one of operations or notOperations must be specified. Limited to 5 operations. A match occurs when ANY operation (in operations or notOperations) matches. Within an operation, the match follows AND semantics across fields and OR semantics within a field, i.e. a match occurs when ANY path matches AND ANY header matches and ANY method matches.
	// Structure is documented below.
	Operations AuthzPolicyHttpRuleToOperationArrayInput `pulumi:"operations"`
}

func (AuthzPolicyHttpRuleToArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToArgs) ElementType() reflect.Type

func (AuthzPolicyHttpRuleToArgs) ToAuthzPolicyHttpRuleToOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToArgs) ToAuthzPolicyHttpRuleToOutput() AuthzPolicyHttpRuleToOutput

func (AuthzPolicyHttpRuleToArgs) ToAuthzPolicyHttpRuleToOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToArgs) ToAuthzPolicyHttpRuleToOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOutput

func (AuthzPolicyHttpRuleToArgs) ToAuthzPolicyHttpRuleToPtrOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToArgs) ToAuthzPolicyHttpRuleToPtrOutput() AuthzPolicyHttpRuleToPtrOutput

func (AuthzPolicyHttpRuleToArgs) ToAuthzPolicyHttpRuleToPtrOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToArgs) ToAuthzPolicyHttpRuleToPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToPtrOutput

type AuthzPolicyHttpRuleToInput added in v8.12.0

type AuthzPolicyHttpRuleToInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOutput() AuthzPolicyHttpRuleToOutput
	ToAuthzPolicyHttpRuleToOutputWithContext(context.Context) AuthzPolicyHttpRuleToOutput
}

AuthzPolicyHttpRuleToInput is an input type that accepts AuthzPolicyHttpRuleToArgs and AuthzPolicyHttpRuleToOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToInput` via:

AuthzPolicyHttpRuleToArgs{...}

type AuthzPolicyHttpRuleToOperation added in v8.12.0

type AuthzPolicyHttpRuleToOperation struct {
	// A list of headers to match against in http header.
	// Structure is documented below.
	HeaderSet *AuthzPolicyHttpRuleToOperationHeaderSet `pulumi:"headerSet"`
	// A list of HTTP Hosts to match against. The match can be one of exact, prefix, suffix, or contains (substring match). Matches are always case sensitive unless the ignoreCase is set.
	// Limited to 5 matches.
	// Structure is documented below.
	Hosts []AuthzPolicyHttpRuleToOperationHost `pulumi:"hosts"`
	// A list of HTTP methods to match against. Each entry must be a valid HTTP method name (GET, PUT, POST, HEAD, PATCH, DELETE, OPTIONS). It only allows exact match and is always case sensitive.
	Methods []string `pulumi:"methods"`
	// A list of paths to match against. The match can be one of exact, prefix, suffix, or contains (substring match). Matches are always case sensitive unless the ignoreCase is set.
	// Limited to 5 matches.
	// Note that this path match includes the query parameters. For gRPC services, this should be a fully-qualified name of the form /package.service/method.
	// Structure is documented below.
	Paths []AuthzPolicyHttpRuleToOperationPath `pulumi:"paths"`
}

type AuthzPolicyHttpRuleToOperationArgs added in v8.12.0

type AuthzPolicyHttpRuleToOperationArgs struct {
	// A list of headers to match against in http header.
	// Structure is documented below.
	HeaderSet AuthzPolicyHttpRuleToOperationHeaderSetPtrInput `pulumi:"headerSet"`
	// A list of HTTP Hosts to match against. The match can be one of exact, prefix, suffix, or contains (substring match). Matches are always case sensitive unless the ignoreCase is set.
	// Limited to 5 matches.
	// Structure is documented below.
	Hosts AuthzPolicyHttpRuleToOperationHostArrayInput `pulumi:"hosts"`
	// A list of HTTP methods to match against. Each entry must be a valid HTTP method name (GET, PUT, POST, HEAD, PATCH, DELETE, OPTIONS). It only allows exact match and is always case sensitive.
	Methods pulumi.StringArrayInput `pulumi:"methods"`
	// A list of paths to match against. The match can be one of exact, prefix, suffix, or contains (substring match). Matches are always case sensitive unless the ignoreCase is set.
	// Limited to 5 matches.
	// Note that this path match includes the query parameters. For gRPC services, this should be a fully-qualified name of the form /package.service/method.
	// Structure is documented below.
	Paths AuthzPolicyHttpRuleToOperationPathArrayInput `pulumi:"paths"`
}

func (AuthzPolicyHttpRuleToOperationArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationArgs) ToAuthzPolicyHttpRuleToOperationOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationArgs) ToAuthzPolicyHttpRuleToOperationOutput() AuthzPolicyHttpRuleToOperationOutput

func (AuthzPolicyHttpRuleToOperationArgs) ToAuthzPolicyHttpRuleToOperationOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationArgs) ToAuthzPolicyHttpRuleToOperationOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationOutput

type AuthzPolicyHttpRuleToOperationArray added in v8.12.0

type AuthzPolicyHttpRuleToOperationArray []AuthzPolicyHttpRuleToOperationInput

func (AuthzPolicyHttpRuleToOperationArray) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationArray) ToAuthzPolicyHttpRuleToOperationArrayOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationArray) ToAuthzPolicyHttpRuleToOperationArrayOutput() AuthzPolicyHttpRuleToOperationArrayOutput

func (AuthzPolicyHttpRuleToOperationArray) ToAuthzPolicyHttpRuleToOperationArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationArray) ToAuthzPolicyHttpRuleToOperationArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationArrayOutput

type AuthzPolicyHttpRuleToOperationArrayInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationArrayInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationArrayOutput() AuthzPolicyHttpRuleToOperationArrayOutput
	ToAuthzPolicyHttpRuleToOperationArrayOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationArrayOutput
}

AuthzPolicyHttpRuleToOperationArrayInput is an input type that accepts AuthzPolicyHttpRuleToOperationArray and AuthzPolicyHttpRuleToOperationArrayOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationArrayInput` via:

AuthzPolicyHttpRuleToOperationArray{ AuthzPolicyHttpRuleToOperationArgs{...} }

type AuthzPolicyHttpRuleToOperationArrayOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationArrayOutput) Index added in v8.12.0

func (AuthzPolicyHttpRuleToOperationArrayOutput) ToAuthzPolicyHttpRuleToOperationArrayOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationArrayOutput) ToAuthzPolicyHttpRuleToOperationArrayOutput() AuthzPolicyHttpRuleToOperationArrayOutput

func (AuthzPolicyHttpRuleToOperationArrayOutput) ToAuthzPolicyHttpRuleToOperationArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationArrayOutput) ToAuthzPolicyHttpRuleToOperationArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationArrayOutput

type AuthzPolicyHttpRuleToOperationHeaderSet added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSet struct {
	// A list of headers to match against in http header. The match can be one of exact, prefix, suffix, or contains (substring match). The match follows AND semantics which means all the headers must match. Matches are always case sensitive unless the ignoreCase is set. Limited to 5 matches.
	// Structure is documented below.
	Headers []AuthzPolicyHttpRuleToOperationHeaderSetHeader `pulumi:"headers"`
}

type AuthzPolicyHttpRuleToOperationHeaderSetArgs added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetArgs struct {
	// A list of headers to match against in http header. The match can be one of exact, prefix, suffix, or contains (substring match). The match follows AND semantics which means all the headers must match. Matches are always case sensitive unless the ignoreCase is set. Limited to 5 matches.
	// Structure is documented below.
	Headers AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayInput `pulumi:"headers"`
}

func (AuthzPolicyHttpRuleToOperationHeaderSetArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHeaderSetArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetOutput() AuthzPolicyHttpRuleToOperationHeaderSetOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHeaderSetArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHeaderSetArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutput() AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHeaderSetArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput

type AuthzPolicyHttpRuleToOperationHeaderSetHeader added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeader struct {
	// Specifies the name of the header in the request.
	Name *string `pulumi:"name"`
	// Specifies how the header match will be performed.
	// Structure is documented below.
	Value *AuthzPolicyHttpRuleToOperationHeaderSetHeaderValue `pulumi:"value"`
}

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderArgs added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderArgs struct {
	// Specifies the name of the header in the request.
	Name pulumi.StringPtrInput `pulumi:"name"`
	// Specifies how the header match will be performed.
	// Structure is documented below.
	Value AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrInput `pulumi:"value"`
}

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHeaderSetHeaderArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput() AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHeaderSetHeaderArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderArray added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderArray []AuthzPolicyHttpRuleToOperationHeaderSetHeaderInput

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderArray) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderArray) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHeaderSetHeaderArray) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput() AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderArray) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHeaderSetHeaderArray) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput() AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput
	ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput
}

AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayInput is an input type that accepts AuthzPolicyHttpRuleToOperationHeaderSetHeaderArray and AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayInput` via:

AuthzPolicyHttpRuleToOperationHeaderSetHeaderArray{ AuthzPolicyHttpRuleToOperationHeaderSetHeaderArgs{...} }

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput) Index added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderArrayOutput

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput() AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput
	ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput
}

AuthzPolicyHttpRuleToOperationHeaderSetHeaderInput is an input type that accepts AuthzPolicyHttpRuleToOperationHeaderSetHeaderArgs and AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationHeaderSetHeaderInput` via:

AuthzPolicyHttpRuleToOperationHeaderSetHeaderArgs{...}

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput) Name added in v8.12.0

Specifies the name of the header in the request.

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput() AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderOutput) Value added in v8.12.0

Specifies how the header match will be performed. Structure is documented below.

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValue added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValue struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains *string `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact *string `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase *bool `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix *string `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix *string `pulumi:"suffix"`
}

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains pulumi.StringPtrInput `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact pulumi.StringPtrInput `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase pulumi.BoolPtrInput `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix pulumi.StringPtrInput `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix pulumi.StringPtrInput `pulumi:"suffix"`
}

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput() AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput() AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput
	ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput
}

AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueInput is an input type that accepts AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs and AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueInput` via:

AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs{...}

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) Contains added in v8.12.0

The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc.def

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) Exact added in v8.12.0

The input string must match exactly the string specified here. Examples: * abc only matches the value abc.

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) IgnoreCase added in v8.12.0

If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) Prefix added in v8.12.0

The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value abc.xyz

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) Suffix added in v8.12.0

The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput() AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput
	ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput
}

AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrInput is an input type that accepts AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs, AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtr and AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrInput` via:

        AuthzPolicyHttpRuleToOperationHeaderSetHeaderValueArgs{...}

or:

        nil

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput) Contains added in v8.12.0

The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc.def

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput) Elem added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput) Exact added in v8.12.0

The input string must match exactly the string specified here. Examples: * abc only matches the value abc.

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput) IgnoreCase added in v8.12.0

If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput) Prefix added in v8.12.0

The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value abc.xyz

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput) Suffix added in v8.12.0

The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetHeaderValuePtrOutput

type AuthzPolicyHttpRuleToOperationHeaderSetInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationHeaderSetOutput() AuthzPolicyHttpRuleToOperationHeaderSetOutput
	ToAuthzPolicyHttpRuleToOperationHeaderSetOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationHeaderSetOutput
}

AuthzPolicyHttpRuleToOperationHeaderSetInput is an input type that accepts AuthzPolicyHttpRuleToOperationHeaderSetArgs and AuthzPolicyHttpRuleToOperationHeaderSetOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationHeaderSetInput` via:

AuthzPolicyHttpRuleToOperationHeaderSetArgs{...}

type AuthzPolicyHttpRuleToOperationHeaderSetOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationHeaderSetOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetOutput) Headers added in v8.12.0

A list of headers to match against in http header. The match can be one of exact, prefix, suffix, or contains (substring match). The match follows AND semantics which means all the headers must match. Matches are always case sensitive unless the ignoreCase is set. Limited to 5 matches. Structure is documented below.

func (AuthzPolicyHttpRuleToOperationHeaderSetOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetOutput() AuthzPolicyHttpRuleToOperationHeaderSetOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutput() AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput

type AuthzPolicyHttpRuleToOperationHeaderSetPtrInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetPtrInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutput() AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput
	ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput
}

AuthzPolicyHttpRuleToOperationHeaderSetPtrInput is an input type that accepts AuthzPolicyHttpRuleToOperationHeaderSetArgs, AuthzPolicyHttpRuleToOperationHeaderSetPtr and AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationHeaderSetPtrInput` via:

        AuthzPolicyHttpRuleToOperationHeaderSetArgs{...}

or:

        nil

type AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput) Elem added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput) Headers added in v8.12.0

A list of headers to match against in http header. The match can be one of exact, prefix, suffix, or contains (substring match). The match follows AND semantics which means all the headers must match. Matches are always case sensitive unless the ignoreCase is set. Limited to 5 matches. Structure is documented below.

func (AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutput() AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput

func (AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput) ToAuthzPolicyHttpRuleToOperationHeaderSetPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHeaderSetPtrOutput

type AuthzPolicyHttpRuleToOperationHost added in v8.12.0

type AuthzPolicyHttpRuleToOperationHost struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains *string `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact *string `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase *bool `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix *string `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix *string `pulumi:"suffix"`
}

type AuthzPolicyHttpRuleToOperationHostArgs added in v8.12.0

type AuthzPolicyHttpRuleToOperationHostArgs struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains pulumi.StringPtrInput `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact pulumi.StringPtrInput `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase pulumi.BoolPtrInput `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix pulumi.StringPtrInput `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix pulumi.StringPtrInput `pulumi:"suffix"`
}

func (AuthzPolicyHttpRuleToOperationHostArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHostArgs) ToAuthzPolicyHttpRuleToOperationHostOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHostArgs) ToAuthzPolicyHttpRuleToOperationHostOutput() AuthzPolicyHttpRuleToOperationHostOutput

func (AuthzPolicyHttpRuleToOperationHostArgs) ToAuthzPolicyHttpRuleToOperationHostOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHostArgs) ToAuthzPolicyHttpRuleToOperationHostOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHostOutput

type AuthzPolicyHttpRuleToOperationHostArray added in v8.12.0

type AuthzPolicyHttpRuleToOperationHostArray []AuthzPolicyHttpRuleToOperationHostInput

func (AuthzPolicyHttpRuleToOperationHostArray) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHostArray) ToAuthzPolicyHttpRuleToOperationHostArrayOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHostArray) ToAuthzPolicyHttpRuleToOperationHostArrayOutput() AuthzPolicyHttpRuleToOperationHostArrayOutput

func (AuthzPolicyHttpRuleToOperationHostArray) ToAuthzPolicyHttpRuleToOperationHostArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationHostArray) ToAuthzPolicyHttpRuleToOperationHostArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHostArrayOutput

type AuthzPolicyHttpRuleToOperationHostArrayInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHostArrayInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationHostArrayOutput() AuthzPolicyHttpRuleToOperationHostArrayOutput
	ToAuthzPolicyHttpRuleToOperationHostArrayOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationHostArrayOutput
}

AuthzPolicyHttpRuleToOperationHostArrayInput is an input type that accepts AuthzPolicyHttpRuleToOperationHostArray and AuthzPolicyHttpRuleToOperationHostArrayOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationHostArrayInput` via:

AuthzPolicyHttpRuleToOperationHostArray{ AuthzPolicyHttpRuleToOperationHostArgs{...} }

type AuthzPolicyHttpRuleToOperationHostArrayOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHostArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationHostArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHostArrayOutput) Index added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHostArrayOutput) ToAuthzPolicyHttpRuleToOperationHostArrayOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHostArrayOutput) ToAuthzPolicyHttpRuleToOperationHostArrayOutput() AuthzPolicyHttpRuleToOperationHostArrayOutput

func (AuthzPolicyHttpRuleToOperationHostArrayOutput) ToAuthzPolicyHttpRuleToOperationHostArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHostArrayOutput) ToAuthzPolicyHttpRuleToOperationHostArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHostArrayOutput

type AuthzPolicyHttpRuleToOperationHostInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHostInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationHostOutput() AuthzPolicyHttpRuleToOperationHostOutput
	ToAuthzPolicyHttpRuleToOperationHostOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationHostOutput
}

AuthzPolicyHttpRuleToOperationHostInput is an input type that accepts AuthzPolicyHttpRuleToOperationHostArgs and AuthzPolicyHttpRuleToOperationHostOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationHostInput` via:

AuthzPolicyHttpRuleToOperationHostArgs{...}

type AuthzPolicyHttpRuleToOperationHostOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationHostOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationHostOutput) Contains added in v8.12.0

The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc.def

func (AuthzPolicyHttpRuleToOperationHostOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationHostOutput) Exact added in v8.12.0

The input string must match exactly the string specified here. Examples: * abc only matches the value abc.

func (AuthzPolicyHttpRuleToOperationHostOutput) IgnoreCase added in v8.12.0

If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.

func (AuthzPolicyHttpRuleToOperationHostOutput) Prefix added in v8.12.0

The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value abc.xyz

func (AuthzPolicyHttpRuleToOperationHostOutput) Suffix added in v8.12.0

The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc

func (AuthzPolicyHttpRuleToOperationHostOutput) ToAuthzPolicyHttpRuleToOperationHostOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHostOutput) ToAuthzPolicyHttpRuleToOperationHostOutput() AuthzPolicyHttpRuleToOperationHostOutput

func (AuthzPolicyHttpRuleToOperationHostOutput) ToAuthzPolicyHttpRuleToOperationHostOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationHostOutput) ToAuthzPolicyHttpRuleToOperationHostOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationHostOutput

type AuthzPolicyHttpRuleToOperationInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationOutput() AuthzPolicyHttpRuleToOperationOutput
	ToAuthzPolicyHttpRuleToOperationOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationOutput
}

AuthzPolicyHttpRuleToOperationInput is an input type that accepts AuthzPolicyHttpRuleToOperationArgs and AuthzPolicyHttpRuleToOperationOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationInput` via:

AuthzPolicyHttpRuleToOperationArgs{...}

type AuthzPolicyHttpRuleToOperationOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationOutput) HeaderSet added in v8.12.0

A list of headers to match against in http header. Structure is documented below.

func (AuthzPolicyHttpRuleToOperationOutput) Hosts added in v8.12.0

A list of HTTP Hosts to match against. The match can be one of exact, prefix, suffix, or contains (substring match). Matches are always case sensitive unless the ignoreCase is set. Limited to 5 matches. Structure is documented below.

func (AuthzPolicyHttpRuleToOperationOutput) Methods added in v8.12.0

A list of HTTP methods to match against. Each entry must be a valid HTTP method name (GET, PUT, POST, HEAD, PATCH, DELETE, OPTIONS). It only allows exact match and is always case sensitive.

func (AuthzPolicyHttpRuleToOperationOutput) Paths added in v8.12.0

A list of paths to match against. The match can be one of exact, prefix, suffix, or contains (substring match). Matches are always case sensitive unless the ignoreCase is set. Limited to 5 matches. Note that this path match includes the query parameters. For gRPC services, this should be a fully-qualified name of the form /package.service/method. Structure is documented below.

func (AuthzPolicyHttpRuleToOperationOutput) ToAuthzPolicyHttpRuleToOperationOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationOutput) ToAuthzPolicyHttpRuleToOperationOutput() AuthzPolicyHttpRuleToOperationOutput

func (AuthzPolicyHttpRuleToOperationOutput) ToAuthzPolicyHttpRuleToOperationOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationOutput) ToAuthzPolicyHttpRuleToOperationOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationOutput

type AuthzPolicyHttpRuleToOperationPath added in v8.12.0

type AuthzPolicyHttpRuleToOperationPath struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains *string `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact *string `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase *bool `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix *string `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix *string `pulumi:"suffix"`
}

type AuthzPolicyHttpRuleToOperationPathArgs added in v8.12.0

type AuthzPolicyHttpRuleToOperationPathArgs struct {
	// The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc.def
	Contains pulumi.StringPtrInput `pulumi:"contains"`
	// The input string must match exactly the string specified here.
	// Examples:
	// * abc only matches the value abc.
	Exact pulumi.StringPtrInput `pulumi:"exact"`
	// If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.
	IgnoreCase pulumi.BoolPtrInput `pulumi:"ignoreCase"`
	// The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value abc.xyz
	Prefix pulumi.StringPtrInput `pulumi:"prefix"`
	// The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead.
	// Examples:
	// * abc matches the value xyz.abc
	Suffix pulumi.StringPtrInput `pulumi:"suffix"`
}

func (AuthzPolicyHttpRuleToOperationPathArgs) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationPathArgs) ToAuthzPolicyHttpRuleToOperationPathOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationPathArgs) ToAuthzPolicyHttpRuleToOperationPathOutput() AuthzPolicyHttpRuleToOperationPathOutput

func (AuthzPolicyHttpRuleToOperationPathArgs) ToAuthzPolicyHttpRuleToOperationPathOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationPathArgs) ToAuthzPolicyHttpRuleToOperationPathOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationPathOutput

type AuthzPolicyHttpRuleToOperationPathArray added in v8.12.0

type AuthzPolicyHttpRuleToOperationPathArray []AuthzPolicyHttpRuleToOperationPathInput

func (AuthzPolicyHttpRuleToOperationPathArray) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationPathArray) ToAuthzPolicyHttpRuleToOperationPathArrayOutput added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationPathArray) ToAuthzPolicyHttpRuleToOperationPathArrayOutput() AuthzPolicyHttpRuleToOperationPathArrayOutput

func (AuthzPolicyHttpRuleToOperationPathArray) ToAuthzPolicyHttpRuleToOperationPathArrayOutputWithContext added in v8.12.0

func (i AuthzPolicyHttpRuleToOperationPathArray) ToAuthzPolicyHttpRuleToOperationPathArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationPathArrayOutput

type AuthzPolicyHttpRuleToOperationPathArrayInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationPathArrayInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationPathArrayOutput() AuthzPolicyHttpRuleToOperationPathArrayOutput
	ToAuthzPolicyHttpRuleToOperationPathArrayOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationPathArrayOutput
}

AuthzPolicyHttpRuleToOperationPathArrayInput is an input type that accepts AuthzPolicyHttpRuleToOperationPathArray and AuthzPolicyHttpRuleToOperationPathArrayOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationPathArrayInput` via:

AuthzPolicyHttpRuleToOperationPathArray{ AuthzPolicyHttpRuleToOperationPathArgs{...} }

type AuthzPolicyHttpRuleToOperationPathArrayOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationPathArrayOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationPathArrayOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationPathArrayOutput) Index added in v8.12.0

func (AuthzPolicyHttpRuleToOperationPathArrayOutput) ToAuthzPolicyHttpRuleToOperationPathArrayOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationPathArrayOutput) ToAuthzPolicyHttpRuleToOperationPathArrayOutput() AuthzPolicyHttpRuleToOperationPathArrayOutput

func (AuthzPolicyHttpRuleToOperationPathArrayOutput) ToAuthzPolicyHttpRuleToOperationPathArrayOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationPathArrayOutput) ToAuthzPolicyHttpRuleToOperationPathArrayOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationPathArrayOutput

type AuthzPolicyHttpRuleToOperationPathInput added in v8.12.0

type AuthzPolicyHttpRuleToOperationPathInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToOperationPathOutput() AuthzPolicyHttpRuleToOperationPathOutput
	ToAuthzPolicyHttpRuleToOperationPathOutputWithContext(context.Context) AuthzPolicyHttpRuleToOperationPathOutput
}

AuthzPolicyHttpRuleToOperationPathInput is an input type that accepts AuthzPolicyHttpRuleToOperationPathArgs and AuthzPolicyHttpRuleToOperationPathOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToOperationPathInput` via:

AuthzPolicyHttpRuleToOperationPathArgs{...}

type AuthzPolicyHttpRuleToOperationPathOutput added in v8.12.0

type AuthzPolicyHttpRuleToOperationPathOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOperationPathOutput) Contains added in v8.12.0

The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc.def

func (AuthzPolicyHttpRuleToOperationPathOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOperationPathOutput) Exact added in v8.12.0

The input string must match exactly the string specified here. Examples: * abc only matches the value abc.

func (AuthzPolicyHttpRuleToOperationPathOutput) IgnoreCase added in v8.12.0

If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true.

func (AuthzPolicyHttpRuleToOperationPathOutput) Prefix added in v8.12.0

The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value abc.xyz

func (AuthzPolicyHttpRuleToOperationPathOutput) Suffix added in v8.12.0

The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * abc matches the value xyz.abc

func (AuthzPolicyHttpRuleToOperationPathOutput) ToAuthzPolicyHttpRuleToOperationPathOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationPathOutput) ToAuthzPolicyHttpRuleToOperationPathOutput() AuthzPolicyHttpRuleToOperationPathOutput

func (AuthzPolicyHttpRuleToOperationPathOutput) ToAuthzPolicyHttpRuleToOperationPathOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOperationPathOutput) ToAuthzPolicyHttpRuleToOperationPathOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOperationPathOutput

type AuthzPolicyHttpRuleToOutput added in v8.12.0

type AuthzPolicyHttpRuleToOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToOutput) Operations added in v8.12.0

Describes properties of one or more targets of a request. At least one of operations or notOperations must be specified. Limited to 5 operations. A match occurs when ANY operation (in operations or notOperations) matches. Within an operation, the match follows AND semantics across fields and OR semantics within a field, i.e. a match occurs when ANY path matches AND ANY header matches and ANY method matches. Structure is documented below.

func (AuthzPolicyHttpRuleToOutput) ToAuthzPolicyHttpRuleToOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOutput) ToAuthzPolicyHttpRuleToOutput() AuthzPolicyHttpRuleToOutput

func (AuthzPolicyHttpRuleToOutput) ToAuthzPolicyHttpRuleToOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOutput) ToAuthzPolicyHttpRuleToOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToOutput

func (AuthzPolicyHttpRuleToOutput) ToAuthzPolicyHttpRuleToPtrOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToOutput) ToAuthzPolicyHttpRuleToPtrOutput() AuthzPolicyHttpRuleToPtrOutput

func (AuthzPolicyHttpRuleToOutput) ToAuthzPolicyHttpRuleToPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToOutput) ToAuthzPolicyHttpRuleToPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToPtrOutput

type AuthzPolicyHttpRuleToPtrInput added in v8.12.0

type AuthzPolicyHttpRuleToPtrInput interface {
	pulumi.Input

	ToAuthzPolicyHttpRuleToPtrOutput() AuthzPolicyHttpRuleToPtrOutput
	ToAuthzPolicyHttpRuleToPtrOutputWithContext(context.Context) AuthzPolicyHttpRuleToPtrOutput
}

AuthzPolicyHttpRuleToPtrInput is an input type that accepts AuthzPolicyHttpRuleToArgs, AuthzPolicyHttpRuleToPtr and AuthzPolicyHttpRuleToPtrOutput values. You can construct a concrete instance of `AuthzPolicyHttpRuleToPtrInput` via:

        AuthzPolicyHttpRuleToArgs{...}

or:

        nil

func AuthzPolicyHttpRuleToPtr added in v8.12.0

func AuthzPolicyHttpRuleToPtr(v *AuthzPolicyHttpRuleToArgs) AuthzPolicyHttpRuleToPtrInput

type AuthzPolicyHttpRuleToPtrOutput added in v8.12.0

type AuthzPolicyHttpRuleToPtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyHttpRuleToPtrOutput) Elem added in v8.12.0

func (AuthzPolicyHttpRuleToPtrOutput) ElementType added in v8.12.0

func (AuthzPolicyHttpRuleToPtrOutput) Operations added in v8.12.0

Describes properties of one or more targets of a request. At least one of operations or notOperations must be specified. Limited to 5 operations. A match occurs when ANY operation (in operations or notOperations) matches. Within an operation, the match follows AND semantics across fields and OR semantics within a field, i.e. a match occurs when ANY path matches AND ANY header matches and ANY method matches. Structure is documented below.

func (AuthzPolicyHttpRuleToPtrOutput) ToAuthzPolicyHttpRuleToPtrOutput added in v8.12.0

func (o AuthzPolicyHttpRuleToPtrOutput) ToAuthzPolicyHttpRuleToPtrOutput() AuthzPolicyHttpRuleToPtrOutput

func (AuthzPolicyHttpRuleToPtrOutput) ToAuthzPolicyHttpRuleToPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyHttpRuleToPtrOutput) ToAuthzPolicyHttpRuleToPtrOutputWithContext(ctx context.Context) AuthzPolicyHttpRuleToPtrOutput

type AuthzPolicyInput added in v8.12.0

type AuthzPolicyInput interface {
	pulumi.Input

	ToAuthzPolicyOutput() AuthzPolicyOutput
	ToAuthzPolicyOutputWithContext(ctx context.Context) AuthzPolicyOutput
}

type AuthzPolicyMap added in v8.12.0

type AuthzPolicyMap map[string]AuthzPolicyInput

func (AuthzPolicyMap) ElementType added in v8.12.0

func (AuthzPolicyMap) ElementType() reflect.Type

func (AuthzPolicyMap) ToAuthzPolicyMapOutput added in v8.12.0

func (i AuthzPolicyMap) ToAuthzPolicyMapOutput() AuthzPolicyMapOutput

func (AuthzPolicyMap) ToAuthzPolicyMapOutputWithContext added in v8.12.0

func (i AuthzPolicyMap) ToAuthzPolicyMapOutputWithContext(ctx context.Context) AuthzPolicyMapOutput

type AuthzPolicyMapInput added in v8.12.0

type AuthzPolicyMapInput interface {
	pulumi.Input

	ToAuthzPolicyMapOutput() AuthzPolicyMapOutput
	ToAuthzPolicyMapOutputWithContext(context.Context) AuthzPolicyMapOutput
}

AuthzPolicyMapInput is an input type that accepts AuthzPolicyMap and AuthzPolicyMapOutput values. You can construct a concrete instance of `AuthzPolicyMapInput` via:

AuthzPolicyMap{ "key": AuthzPolicyArgs{...} }

type AuthzPolicyMapOutput added in v8.12.0

type AuthzPolicyMapOutput struct{ *pulumi.OutputState }

func (AuthzPolicyMapOutput) ElementType added in v8.12.0

func (AuthzPolicyMapOutput) ElementType() reflect.Type

func (AuthzPolicyMapOutput) MapIndex added in v8.12.0

func (AuthzPolicyMapOutput) ToAuthzPolicyMapOutput added in v8.12.0

func (o AuthzPolicyMapOutput) ToAuthzPolicyMapOutput() AuthzPolicyMapOutput

func (AuthzPolicyMapOutput) ToAuthzPolicyMapOutputWithContext added in v8.12.0

func (o AuthzPolicyMapOutput) ToAuthzPolicyMapOutputWithContext(ctx context.Context) AuthzPolicyMapOutput

type AuthzPolicyOutput added in v8.12.0

type AuthzPolicyOutput struct{ *pulumi.OutputState }

func (AuthzPolicyOutput) Action added in v8.12.0

When the action is CUSTOM, customProvider must be specified. When the action is ALLOW, only requests matching the policy will be allowed. When the action is DENY, only requests matching the policy will be denied. When a request arrives, the policies are evaluated in the following order:

  1. If there is a CUSTOM policy that matches the request, the CUSTOM policy is evaluated using the custom authorization providers and the request is denied if the provider rejects the request.
  2. If there are any DENY policies that match the request, the request is denied.
  3. If there are no ALLOW policies for the resource or if any of the ALLOW policies match the request, the request is allowed.
  4. Else the request is denied by default if none of the configured AuthzPolicies with ALLOW action match the request. Possible values are: `ALLOW`, `DENY`, `CUSTOM`.

func (AuthzPolicyOutput) CreateTime added in v8.12.0

func (o AuthzPolicyOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (AuthzPolicyOutput) CustomProvider added in v8.12.0

Required if the action is CUSTOM. Allows delegating authorization decisions to Cloud IAP or to Service Extensions. One of cloudIap or authzExtension must be specified.

func (AuthzPolicyOutput) Description added in v8.12.0

func (o AuthzPolicyOutput) Description() pulumi.StringPtrOutput

A human-readable description of the resource.

func (AuthzPolicyOutput) EffectiveLabels added in v8.12.0

func (o AuthzPolicyOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (AuthzPolicyOutput) ElementType added in v8.12.0

func (AuthzPolicyOutput) ElementType() reflect.Type

func (AuthzPolicyOutput) HttpRules added in v8.12.0

A list of authorization HTTP rules to match against the incoming request.A policy match occurs when at least one HTTP rule matches the request or when no HTTP rules are specified in the policy. At least one HTTP Rule is required for Allow or Deny Action. Limited to 5 rules.

func (AuthzPolicyOutput) Labels added in v8.12.0

Set of labels associated with the AuthzExtension resource. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.

func (AuthzPolicyOutput) Location added in v8.12.0

func (o AuthzPolicyOutput) Location() pulumi.StringOutput

The location of the resource.

func (AuthzPolicyOutput) Name added in v8.12.0

Identifier. Name of the AuthzPolicy resource.

func (AuthzPolicyOutput) Project added in v8.12.0

func (AuthzPolicyOutput) PulumiLabels added in v8.12.0

func (o AuthzPolicyOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (AuthzPolicyOutput) Target added in v8.12.0

Specifies the set of resources to which this policy should be applied to. Structure is documented below.

func (AuthzPolicyOutput) ToAuthzPolicyOutput added in v8.12.0

func (o AuthzPolicyOutput) ToAuthzPolicyOutput() AuthzPolicyOutput

func (AuthzPolicyOutput) ToAuthzPolicyOutputWithContext added in v8.12.0

func (o AuthzPolicyOutput) ToAuthzPolicyOutputWithContext(ctx context.Context) AuthzPolicyOutput

func (AuthzPolicyOutput) UpdateTime added in v8.12.0

func (o AuthzPolicyOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type AuthzPolicyState added in v8.12.0

type AuthzPolicyState struct {
	// When the action is CUSTOM, customProvider must be specified.
	// When the action is ALLOW, only requests matching the policy will be allowed.
	// When the action is DENY, only requests matching the policy will be denied.
	// When a request arrives, the policies are evaluated in the following order:
	// 1. If there is a CUSTOM policy that matches the request, the CUSTOM policy is evaluated using the custom authorization providers and the request is denied if the provider rejects the request.
	// 2. If there are any DENY policies that match the request, the request is denied.
	// 3. If there are no ALLOW policies for the resource or if any of the ALLOW policies match the request, the request is allowed.
	// 4. Else the request is denied by default if none of the configured AuthzPolicies with ALLOW action match the request.
	//    Possible values are: `ALLOW`, `DENY`, `CUSTOM`.
	Action pulumi.StringPtrInput
	// The timestamp when the resource was created.
	CreateTime pulumi.StringPtrInput
	// Required if the action is CUSTOM. Allows delegating authorization decisions to Cloud IAP or to Service Extensions. One
	// of cloudIap or authzExtension must be specified.
	CustomProvider AuthzPolicyCustomProviderPtrInput
	// A human-readable description of the resource.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// A list of authorization HTTP rules to match against the incoming request.A policy match occurs when at least one HTTP
	// rule matches the request or when no HTTP rules are specified in the policy. At least one HTTP Rule is required for Allow
	// or Deny Action. Limited to 5 rules.
	HttpRules AuthzPolicyHttpRuleArrayInput
	// Set of labels associated with the AuthzExtension resource. **Note**: This field is non-authoritative, and will only
	// manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels
	// present on the resource.
	Labels pulumi.StringMapInput
	// The location of the resource.
	Location pulumi.StringPtrInput
	// Identifier. Name of the AuthzPolicy resource.
	Name    pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Specifies the set of resources to which this policy should be applied to.
	// Structure is documented below.
	Target AuthzPolicyTargetPtrInput
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringPtrInput
}

func (AuthzPolicyState) ElementType added in v8.12.0

func (AuthzPolicyState) ElementType() reflect.Type

type AuthzPolicyTarget added in v8.12.0

type AuthzPolicyTarget struct {
	// All gateways and forwarding rules referenced by this policy and extensions must share the same load balancing scheme.
	// For more information, refer to [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service).
	// Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`, `INTERNAL_SELF_MANAGED`.
	LoadBalancingScheme string `pulumi:"loadBalancingScheme"`
	// A list of references to the Forwarding Rules on which this policy will be applied.
	//
	// ***
	Resources []string `pulumi:"resources"`
}

type AuthzPolicyTargetArgs added in v8.12.0

type AuthzPolicyTargetArgs struct {
	// All gateways and forwarding rules referenced by this policy and extensions must share the same load balancing scheme.
	// For more information, refer to [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service).
	// Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`, `INTERNAL_SELF_MANAGED`.
	LoadBalancingScheme pulumi.StringInput `pulumi:"loadBalancingScheme"`
	// A list of references to the Forwarding Rules on which this policy will be applied.
	//
	// ***
	Resources pulumi.StringArrayInput `pulumi:"resources"`
}

func (AuthzPolicyTargetArgs) ElementType added in v8.12.0

func (AuthzPolicyTargetArgs) ElementType() reflect.Type

func (AuthzPolicyTargetArgs) ToAuthzPolicyTargetOutput added in v8.12.0

func (i AuthzPolicyTargetArgs) ToAuthzPolicyTargetOutput() AuthzPolicyTargetOutput

func (AuthzPolicyTargetArgs) ToAuthzPolicyTargetOutputWithContext added in v8.12.0

func (i AuthzPolicyTargetArgs) ToAuthzPolicyTargetOutputWithContext(ctx context.Context) AuthzPolicyTargetOutput

func (AuthzPolicyTargetArgs) ToAuthzPolicyTargetPtrOutput added in v8.12.0

func (i AuthzPolicyTargetArgs) ToAuthzPolicyTargetPtrOutput() AuthzPolicyTargetPtrOutput

func (AuthzPolicyTargetArgs) ToAuthzPolicyTargetPtrOutputWithContext added in v8.12.0

func (i AuthzPolicyTargetArgs) ToAuthzPolicyTargetPtrOutputWithContext(ctx context.Context) AuthzPolicyTargetPtrOutput

type AuthzPolicyTargetInput added in v8.12.0

type AuthzPolicyTargetInput interface {
	pulumi.Input

	ToAuthzPolicyTargetOutput() AuthzPolicyTargetOutput
	ToAuthzPolicyTargetOutputWithContext(context.Context) AuthzPolicyTargetOutput
}

AuthzPolicyTargetInput is an input type that accepts AuthzPolicyTargetArgs and AuthzPolicyTargetOutput values. You can construct a concrete instance of `AuthzPolicyTargetInput` via:

AuthzPolicyTargetArgs{...}

type AuthzPolicyTargetOutput added in v8.12.0

type AuthzPolicyTargetOutput struct{ *pulumi.OutputState }

func (AuthzPolicyTargetOutput) ElementType added in v8.12.0

func (AuthzPolicyTargetOutput) ElementType() reflect.Type

func (AuthzPolicyTargetOutput) LoadBalancingScheme added in v8.12.0

func (o AuthzPolicyTargetOutput) LoadBalancingScheme() pulumi.StringOutput

All gateways and forwarding rules referenced by this policy and extensions must share the same load balancing scheme. For more information, refer to [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service). Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`, `INTERNAL_SELF_MANAGED`.

func (AuthzPolicyTargetOutput) Resources added in v8.12.0

A list of references to the Forwarding Rules on which this policy will be applied.

***

func (AuthzPolicyTargetOutput) ToAuthzPolicyTargetOutput added in v8.12.0

func (o AuthzPolicyTargetOutput) ToAuthzPolicyTargetOutput() AuthzPolicyTargetOutput

func (AuthzPolicyTargetOutput) ToAuthzPolicyTargetOutputWithContext added in v8.12.0

func (o AuthzPolicyTargetOutput) ToAuthzPolicyTargetOutputWithContext(ctx context.Context) AuthzPolicyTargetOutput

func (AuthzPolicyTargetOutput) ToAuthzPolicyTargetPtrOutput added in v8.12.0

func (o AuthzPolicyTargetOutput) ToAuthzPolicyTargetPtrOutput() AuthzPolicyTargetPtrOutput

func (AuthzPolicyTargetOutput) ToAuthzPolicyTargetPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyTargetOutput) ToAuthzPolicyTargetPtrOutputWithContext(ctx context.Context) AuthzPolicyTargetPtrOutput

type AuthzPolicyTargetPtrInput added in v8.12.0

type AuthzPolicyTargetPtrInput interface {
	pulumi.Input

	ToAuthzPolicyTargetPtrOutput() AuthzPolicyTargetPtrOutput
	ToAuthzPolicyTargetPtrOutputWithContext(context.Context) AuthzPolicyTargetPtrOutput
}

AuthzPolicyTargetPtrInput is an input type that accepts AuthzPolicyTargetArgs, AuthzPolicyTargetPtr and AuthzPolicyTargetPtrOutput values. You can construct a concrete instance of `AuthzPolicyTargetPtrInput` via:

        AuthzPolicyTargetArgs{...}

or:

        nil

func AuthzPolicyTargetPtr added in v8.12.0

func AuthzPolicyTargetPtr(v *AuthzPolicyTargetArgs) AuthzPolicyTargetPtrInput

type AuthzPolicyTargetPtrOutput added in v8.12.0

type AuthzPolicyTargetPtrOutput struct{ *pulumi.OutputState }

func (AuthzPolicyTargetPtrOutput) Elem added in v8.12.0

func (AuthzPolicyTargetPtrOutput) ElementType added in v8.12.0

func (AuthzPolicyTargetPtrOutput) ElementType() reflect.Type

func (AuthzPolicyTargetPtrOutput) LoadBalancingScheme added in v8.12.0

func (o AuthzPolicyTargetPtrOutput) LoadBalancingScheme() pulumi.StringPtrOutput

All gateways and forwarding rules referenced by this policy and extensions must share the same load balancing scheme. For more information, refer to [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service). Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`, `INTERNAL_SELF_MANAGED`.

func (AuthzPolicyTargetPtrOutput) Resources added in v8.12.0

A list of references to the Forwarding Rules on which this policy will be applied.

***

func (AuthzPolicyTargetPtrOutput) ToAuthzPolicyTargetPtrOutput added in v8.12.0

func (o AuthzPolicyTargetPtrOutput) ToAuthzPolicyTargetPtrOutput() AuthzPolicyTargetPtrOutput

func (AuthzPolicyTargetPtrOutput) ToAuthzPolicyTargetPtrOutputWithContext added in v8.12.0

func (o AuthzPolicyTargetPtrOutput) ToAuthzPolicyTargetPtrOutputWithContext(ctx context.Context) AuthzPolicyTargetPtrOutput

type ClientTlsPolicy

type ClientTlsPolicy struct {
	pulumi.CustomResourceState

	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ClientCertificate ClientTlsPolicyClientCertificatePtrOutput `pulumi:"clientCertificate"`
	// Time the ClientTlsPolicy was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Set of label tags associated with the ClientTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the client tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Name of the ClientTlsPolicy resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	// Structure is documented below.
	ServerValidationCas ClientTlsPolicyServerValidationCaArrayOutput `pulumi:"serverValidationCas"`
	// Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni pulumi.StringPtrOutput `pulumi:"sni"`
	// Time the ClientTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

ClientTlsPolicy is a resource that specifies how a client should authenticate connections to backends of a service. This resource itself does not affect configuration unless it is attached to a backend service resource.

To get more information about ClientTlsPolicy, see:

* [API documentation](https://cloud.google.com/traffic-director/docs/reference/network-security/rest/v1beta1/projects.locations.clientTlsPolicies) * How-to Guides

## Example Usage

### Network Security Client Tls Policy Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewClientTlsPolicy(ctx, "default", &networksecurity.ClientTlsPolicyArgs{
			Name: pulumi.String("my-client-tls-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Sni:         pulumi.String("secure.example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Client Tls Policy Advanced

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewClientTlsPolicy(ctx, "default", &networksecurity.ClientTlsPolicyArgs{
			Name: pulumi.String("my-client-tls-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			ClientCertificate: &networksecurity.ClientTlsPolicyClientCertificateArgs{
				CertificateProviderInstance: &networksecurity.ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs{
					PluginInstance: pulumi.String("google_cloud_private_spiffe"),
				},
			},
			ServerValidationCas: networksecurity.ClientTlsPolicyServerValidationCaArray{
				&networksecurity.ClientTlsPolicyServerValidationCaArgs{
					GrpcEndpoint: &networksecurity.ClientTlsPolicyServerValidationCaGrpcEndpointArgs{
						TargetUri: pulumi.String("unix:mypath"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

ClientTlsPolicy can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/clientTlsPolicies/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, ClientTlsPolicy can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/clientTlsPolicy:ClientTlsPolicy default projects/{{project}}/locations/{{location}}/clientTlsPolicies/{{name}} ```

```sh $ pulumi import gcp:networksecurity/clientTlsPolicy:ClientTlsPolicy default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/clientTlsPolicy:ClientTlsPolicy default {{location}}/{{name}} ```

func GetClientTlsPolicy

func GetClientTlsPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClientTlsPolicyState, opts ...pulumi.ResourceOption) (*ClientTlsPolicy, error)

GetClientTlsPolicy gets an existing ClientTlsPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClientTlsPolicy

func NewClientTlsPolicy(ctx *pulumi.Context,
	name string, args *ClientTlsPolicyArgs, opts ...pulumi.ResourceOption) (*ClientTlsPolicy, error)

NewClientTlsPolicy registers a new resource with the given unique name, arguments, and options.

func (*ClientTlsPolicy) ElementType

func (*ClientTlsPolicy) ElementType() reflect.Type

func (*ClientTlsPolicy) ToClientTlsPolicyOutput

func (i *ClientTlsPolicy) ToClientTlsPolicyOutput() ClientTlsPolicyOutput

func (*ClientTlsPolicy) ToClientTlsPolicyOutputWithContext

func (i *ClientTlsPolicy) ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput

type ClientTlsPolicyArgs

type ClientTlsPolicyArgs struct {
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ClientCertificate ClientTlsPolicyClientCertificatePtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// Set of label tags associated with the ClientTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the client tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the ClientTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	// Structure is documented below.
	ServerValidationCas ClientTlsPolicyServerValidationCaArrayInput
	// Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni pulumi.StringPtrInput
}

The set of arguments for constructing a ClientTlsPolicy resource.

func (ClientTlsPolicyArgs) ElementType

func (ClientTlsPolicyArgs) ElementType() reflect.Type

type ClientTlsPolicyArray

type ClientTlsPolicyArray []ClientTlsPolicyInput

func (ClientTlsPolicyArray) ElementType

func (ClientTlsPolicyArray) ElementType() reflect.Type

func (ClientTlsPolicyArray) ToClientTlsPolicyArrayOutput

func (i ClientTlsPolicyArray) ToClientTlsPolicyArrayOutput() ClientTlsPolicyArrayOutput

func (ClientTlsPolicyArray) ToClientTlsPolicyArrayOutputWithContext

func (i ClientTlsPolicyArray) ToClientTlsPolicyArrayOutputWithContext(ctx context.Context) ClientTlsPolicyArrayOutput

type ClientTlsPolicyArrayInput

type ClientTlsPolicyArrayInput interface {
	pulumi.Input

	ToClientTlsPolicyArrayOutput() ClientTlsPolicyArrayOutput
	ToClientTlsPolicyArrayOutputWithContext(context.Context) ClientTlsPolicyArrayOutput
}

ClientTlsPolicyArrayInput is an input type that accepts ClientTlsPolicyArray and ClientTlsPolicyArrayOutput values. You can construct a concrete instance of `ClientTlsPolicyArrayInput` via:

ClientTlsPolicyArray{ ClientTlsPolicyArgs{...} }

type ClientTlsPolicyArrayOutput

type ClientTlsPolicyArrayOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyArrayOutput) ElementType

func (ClientTlsPolicyArrayOutput) ElementType() reflect.Type

func (ClientTlsPolicyArrayOutput) Index

func (ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutput

func (o ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutput() ClientTlsPolicyArrayOutput

func (ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutputWithContext

func (o ClientTlsPolicyArrayOutput) ToClientTlsPolicyArrayOutputWithContext(ctx context.Context) ClientTlsPolicyArrayOutput

type ClientTlsPolicyClientCertificate

type ClientTlsPolicyClientCertificate struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance *ClientTlsPolicyClientCertificateCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ClientTlsPolicyClientCertificateGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ClientTlsPolicyClientCertificateArgs

type ClientTlsPolicyClientCertificateArgs struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ClientTlsPolicyClientCertificateGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ClientTlsPolicyClientCertificateArgs) ElementType

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutput

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutput() ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutputWithContext

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificateOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutput

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput

func (ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutputWithContext

func (i ClientTlsPolicyClientCertificateArgs) ToClientTlsPolicyClientCertificatePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificatePtrOutput

type ClientTlsPolicyClientCertificateCertificateProviderInstance

type ClientTlsPolicyClientCertificateCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs

type ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ElementType

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext

func (i ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext

func (i ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

type ClientTlsPolicyClientCertificateCertificateProviderInstanceInput

type ClientTlsPolicyClientCertificateCertificateProviderInstanceInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput() ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput
	ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext(context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput
}

ClientTlsPolicyClientCertificateCertificateProviderInstanceInput is an input type that accepts ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs and ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateCertificateProviderInstanceInput` via:

ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs{...}

type ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

type ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ElementType

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) PluginInstance

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext

func (o ClientTlsPolicyClientCertificateCertificateProviderInstanceOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput() ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput
	ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput
}

ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput is an input type that accepts ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs, ClientTlsPolicyClientCertificateCertificateProviderInstancePtr and ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateCertificateProviderInstancePtrInput` via:

        ClientTlsPolicyClientCertificateCertificateProviderInstanceArgs{...}

or:

        nil

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

type ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) Elem

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ElementType

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) PluginInstance

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

func (ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext

func (o ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput) ToClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateCertificateProviderInstancePtrOutput

type ClientTlsPolicyClientCertificateGrpcEndpoint

type ClientTlsPolicyClientCertificateGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ClientTlsPolicyClientCertificateGrpcEndpointArgs

type ClientTlsPolicyClientCertificateGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ElementType

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutput

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutput() ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext

func (i ClientTlsPolicyClientCertificateGrpcEndpointArgs) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

type ClientTlsPolicyClientCertificateGrpcEndpointInput

type ClientTlsPolicyClientCertificateGrpcEndpointInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateGrpcEndpointOutput() ClientTlsPolicyClientCertificateGrpcEndpointOutput
	ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext(context.Context) ClientTlsPolicyClientCertificateGrpcEndpointOutput
}

ClientTlsPolicyClientCertificateGrpcEndpointInput is an input type that accepts ClientTlsPolicyClientCertificateGrpcEndpointArgs and ClientTlsPolicyClientCertificateGrpcEndpointOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateGrpcEndpointInput` via:

ClientTlsPolicyClientCertificateGrpcEndpointArgs{...}

type ClientTlsPolicyClientCertificateGrpcEndpointOutput

type ClientTlsPolicyClientCertificateGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ElementType

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) TargetUri

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutput

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutput() ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext

func (o ClientTlsPolicyClientCertificateGrpcEndpointOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

type ClientTlsPolicyClientCertificateGrpcEndpointPtrInput

type ClientTlsPolicyClientCertificateGrpcEndpointPtrInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput() ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput
	ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput
}

ClientTlsPolicyClientCertificateGrpcEndpointPtrInput is an input type that accepts ClientTlsPolicyClientCertificateGrpcEndpointArgs, ClientTlsPolicyClientCertificateGrpcEndpointPtr and ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateGrpcEndpointPtrInput` via:

        ClientTlsPolicyClientCertificateGrpcEndpointArgs{...}

or:

        nil

type ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

type ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) Elem

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ElementType

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) TargetUri

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

func (ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext

func (o ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput) ToClientTlsPolicyClientCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateGrpcEndpointPtrOutput

type ClientTlsPolicyClientCertificateInput

type ClientTlsPolicyClientCertificateInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificateOutput() ClientTlsPolicyClientCertificateOutput
	ToClientTlsPolicyClientCertificateOutputWithContext(context.Context) ClientTlsPolicyClientCertificateOutput
}

ClientTlsPolicyClientCertificateInput is an input type that accepts ClientTlsPolicyClientCertificateArgs and ClientTlsPolicyClientCertificateOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificateInput` via:

ClientTlsPolicyClientCertificateArgs{...}

type ClientTlsPolicyClientCertificateOutput

type ClientTlsPolicyClientCertificateOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificateOutput) CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information. Structure is documented below.

func (ClientTlsPolicyClientCertificateOutput) ElementType

func (ClientTlsPolicyClientCertificateOutput) GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutput

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutput() ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutputWithContext

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificateOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificateOutput

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutput

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput

func (ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext

func (o ClientTlsPolicyClientCertificateOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificatePtrOutput

type ClientTlsPolicyClientCertificatePtrInput

type ClientTlsPolicyClientCertificatePtrInput interface {
	pulumi.Input

	ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput
	ToClientTlsPolicyClientCertificatePtrOutputWithContext(context.Context) ClientTlsPolicyClientCertificatePtrOutput
}

ClientTlsPolicyClientCertificatePtrInput is an input type that accepts ClientTlsPolicyClientCertificateArgs, ClientTlsPolicyClientCertificatePtr and ClientTlsPolicyClientCertificatePtrOutput values. You can construct a concrete instance of `ClientTlsPolicyClientCertificatePtrInput` via:

        ClientTlsPolicyClientCertificateArgs{...}

or:

        nil

type ClientTlsPolicyClientCertificatePtrOutput

type ClientTlsPolicyClientCertificatePtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyClientCertificatePtrOutput) CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information. Structure is documented below.

func (ClientTlsPolicyClientCertificatePtrOutput) Elem

func (ClientTlsPolicyClientCertificatePtrOutput) ElementType

func (ClientTlsPolicyClientCertificatePtrOutput) GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutput

func (o ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutput() ClientTlsPolicyClientCertificatePtrOutput

func (ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext

func (o ClientTlsPolicyClientCertificatePtrOutput) ToClientTlsPolicyClientCertificatePtrOutputWithContext(ctx context.Context) ClientTlsPolicyClientCertificatePtrOutput

type ClientTlsPolicyInput

type ClientTlsPolicyInput interface {
	pulumi.Input

	ToClientTlsPolicyOutput() ClientTlsPolicyOutput
	ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput
}

type ClientTlsPolicyMap

type ClientTlsPolicyMap map[string]ClientTlsPolicyInput

func (ClientTlsPolicyMap) ElementType

func (ClientTlsPolicyMap) ElementType() reflect.Type

func (ClientTlsPolicyMap) ToClientTlsPolicyMapOutput

func (i ClientTlsPolicyMap) ToClientTlsPolicyMapOutput() ClientTlsPolicyMapOutput

func (ClientTlsPolicyMap) ToClientTlsPolicyMapOutputWithContext

func (i ClientTlsPolicyMap) ToClientTlsPolicyMapOutputWithContext(ctx context.Context) ClientTlsPolicyMapOutput

type ClientTlsPolicyMapInput

type ClientTlsPolicyMapInput interface {
	pulumi.Input

	ToClientTlsPolicyMapOutput() ClientTlsPolicyMapOutput
	ToClientTlsPolicyMapOutputWithContext(context.Context) ClientTlsPolicyMapOutput
}

ClientTlsPolicyMapInput is an input type that accepts ClientTlsPolicyMap and ClientTlsPolicyMapOutput values. You can construct a concrete instance of `ClientTlsPolicyMapInput` via:

ClientTlsPolicyMap{ "key": ClientTlsPolicyArgs{...} }

type ClientTlsPolicyMapOutput

type ClientTlsPolicyMapOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyMapOutput) ElementType

func (ClientTlsPolicyMapOutput) ElementType() reflect.Type

func (ClientTlsPolicyMapOutput) MapIndex

func (ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutput

func (o ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutput() ClientTlsPolicyMapOutput

func (ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutputWithContext

func (o ClientTlsPolicyMapOutput) ToClientTlsPolicyMapOutputWithContext(ctx context.Context) ClientTlsPolicyMapOutput

type ClientTlsPolicyOutput

type ClientTlsPolicyOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyOutput) ClientCertificate

Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS. Structure is documented below.

func (ClientTlsPolicyOutput) CreateTime

func (o ClientTlsPolicyOutput) CreateTime() pulumi.StringOutput

Time the ClientTlsPolicy was created in UTC.

func (ClientTlsPolicyOutput) Description

A free-text description of the resource. Max length 1024 characters.

func (ClientTlsPolicyOutput) EffectiveLabels

func (o ClientTlsPolicyOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (ClientTlsPolicyOutput) ElementType

func (ClientTlsPolicyOutput) ElementType() reflect.Type

func (ClientTlsPolicyOutput) Labels

Set of label tags associated with the ClientTlsPolicy resource. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (ClientTlsPolicyOutput) Location

The location of the client tls policy. The default value is `global`.

func (ClientTlsPolicyOutput) Name

Name of the ClientTlsPolicy resource.

***

func (ClientTlsPolicyOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (ClientTlsPolicyOutput) PulumiLabels

func (o ClientTlsPolicyOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (ClientTlsPolicyOutput) ServerValidationCas

Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate. Structure is documented below.

func (ClientTlsPolicyOutput) Sni

Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

func (ClientTlsPolicyOutput) ToClientTlsPolicyOutput

func (o ClientTlsPolicyOutput) ToClientTlsPolicyOutput() ClientTlsPolicyOutput

func (ClientTlsPolicyOutput) ToClientTlsPolicyOutputWithContext

func (o ClientTlsPolicyOutput) ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput

func (ClientTlsPolicyOutput) UpdateTime

func (o ClientTlsPolicyOutput) UpdateTime() pulumi.StringOutput

Time the ClientTlsPolicy was updated in UTC.

type ClientTlsPolicyServerValidationCa

type ClientTlsPolicyServerValidationCa struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance *ClientTlsPolicyServerValidationCaCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ClientTlsPolicyServerValidationCaGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ClientTlsPolicyServerValidationCaArgs

type ClientTlsPolicyServerValidationCaArgs struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	// Structure is documented below.
	CertificateProviderInstance ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ClientTlsPolicyServerValidationCaArgs) ElementType

func (ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutput

func (i ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutput() ClientTlsPolicyServerValidationCaOutput

func (ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutputWithContext

func (i ClientTlsPolicyServerValidationCaArgs) ToClientTlsPolicyServerValidationCaOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaOutput

type ClientTlsPolicyServerValidationCaArray

type ClientTlsPolicyServerValidationCaArray []ClientTlsPolicyServerValidationCaInput

func (ClientTlsPolicyServerValidationCaArray) ElementType

func (ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutput

func (i ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutput() ClientTlsPolicyServerValidationCaArrayOutput

func (ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutputWithContext

func (i ClientTlsPolicyServerValidationCaArray) ToClientTlsPolicyServerValidationCaArrayOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaArrayOutput

type ClientTlsPolicyServerValidationCaArrayInput

type ClientTlsPolicyServerValidationCaArrayInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaArrayOutput() ClientTlsPolicyServerValidationCaArrayOutput
	ToClientTlsPolicyServerValidationCaArrayOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaArrayOutput
}

ClientTlsPolicyServerValidationCaArrayInput is an input type that accepts ClientTlsPolicyServerValidationCaArray and ClientTlsPolicyServerValidationCaArrayOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaArrayInput` via:

ClientTlsPolicyServerValidationCaArray{ ClientTlsPolicyServerValidationCaArgs{...} }

type ClientTlsPolicyServerValidationCaArrayOutput

type ClientTlsPolicyServerValidationCaArrayOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaArrayOutput) ElementType

func (ClientTlsPolicyServerValidationCaArrayOutput) Index

func (ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutput

func (o ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutput() ClientTlsPolicyServerValidationCaArrayOutput

func (ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutputWithContext

func (o ClientTlsPolicyServerValidationCaArrayOutput) ToClientTlsPolicyServerValidationCaArrayOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaArrayOutput

type ClientTlsPolicyServerValidationCaCertificateProviderInstance

type ClientTlsPolicyServerValidationCaCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ElementType

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext

func (i ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext

func (i ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput
	ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput
}

ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput is an input type that accepts ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs and ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaCertificateProviderInstanceInput` via:

ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs{...}

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

type ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ElementType

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) PluginInstance

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstanceOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstanceOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput() ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput
	ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput
}

ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput is an input type that accepts ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs, ClientTlsPolicyServerValidationCaCertificateProviderInstancePtr and ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrInput` via:

        ClientTlsPolicyServerValidationCaCertificateProviderInstanceArgs{...}

or:

        nil

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

type ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) Elem

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ElementType

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) PluginInstance

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

func (ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext

func (o ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput) ToClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaCertificateProviderInstancePtrOutput

type ClientTlsPolicyServerValidationCaGrpcEndpoint

type ClientTlsPolicyServerValidationCaGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ClientTlsPolicyServerValidationCaGrpcEndpointArgs

type ClientTlsPolicyServerValidationCaGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ElementType

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput() ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext

func (i ClientTlsPolicyServerValidationCaGrpcEndpointArgs) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

type ClientTlsPolicyServerValidationCaGrpcEndpointInput

type ClientTlsPolicyServerValidationCaGrpcEndpointInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaGrpcEndpointOutput() ClientTlsPolicyServerValidationCaGrpcEndpointOutput
	ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointOutput
}

ClientTlsPolicyServerValidationCaGrpcEndpointInput is an input type that accepts ClientTlsPolicyServerValidationCaGrpcEndpointArgs and ClientTlsPolicyServerValidationCaGrpcEndpointOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaGrpcEndpointInput` via:

ClientTlsPolicyServerValidationCaGrpcEndpointArgs{...}

type ClientTlsPolicyServerValidationCaGrpcEndpointOutput

type ClientTlsPolicyServerValidationCaGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ElementType

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) TargetUri

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutput() ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext

func (o ClientTlsPolicyServerValidationCaGrpcEndpointOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput() ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput
	ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput
}

ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput is an input type that accepts ClientTlsPolicyServerValidationCaGrpcEndpointArgs, ClientTlsPolicyServerValidationCaGrpcEndpointPtr and ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaGrpcEndpointPtrInput` via:

        ClientTlsPolicyServerValidationCaGrpcEndpointArgs{...}

or:

        nil

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

type ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) Elem

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ElementType

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) TargetUri

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

func (ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext

func (o ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput) ToClientTlsPolicyServerValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaGrpcEndpointPtrOutput

type ClientTlsPolicyServerValidationCaInput

type ClientTlsPolicyServerValidationCaInput interface {
	pulumi.Input

	ToClientTlsPolicyServerValidationCaOutput() ClientTlsPolicyServerValidationCaOutput
	ToClientTlsPolicyServerValidationCaOutputWithContext(context.Context) ClientTlsPolicyServerValidationCaOutput
}

ClientTlsPolicyServerValidationCaInput is an input type that accepts ClientTlsPolicyServerValidationCaArgs and ClientTlsPolicyServerValidationCaOutput values. You can construct a concrete instance of `ClientTlsPolicyServerValidationCaInput` via:

ClientTlsPolicyServerValidationCaArgs{...}

type ClientTlsPolicyServerValidationCaOutput

type ClientTlsPolicyServerValidationCaOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyServerValidationCaOutput) CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information. Structure is documented below.

func (ClientTlsPolicyServerValidationCaOutput) ElementType

func (ClientTlsPolicyServerValidationCaOutput) GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutput

func (o ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutput() ClientTlsPolicyServerValidationCaOutput

func (ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutputWithContext

func (o ClientTlsPolicyServerValidationCaOutput) ToClientTlsPolicyServerValidationCaOutputWithContext(ctx context.Context) ClientTlsPolicyServerValidationCaOutput

type ClientTlsPolicyState

type ClientTlsPolicyState struct {
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ClientCertificate ClientTlsPolicyClientCertificatePtrInput
	// Time the ClientTlsPolicy was created in UTC.
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Set of label tags associated with the ClientTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the client tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the ClientTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	// Structure is documented below.
	ServerValidationCas ClientTlsPolicyServerValidationCaArrayInput
	// Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni pulumi.StringPtrInput
	// Time the ClientTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (ClientTlsPolicyState) ElementType

func (ClientTlsPolicyState) ElementType() reflect.Type

type FirewallEndpoint

type FirewallEndpoint struct {
	pulumi.CustomResourceState

	// List of networks that are associated with this endpoint in the local zone.
	// This is a projection of the FirewallEndpointAssociations pointing at this
	// endpoint. A network will only appear in this list after traffic routing is
	// fully configured. Format: projects/{project}/global/networks/{name}.
	AssociatedNetworks pulumi.StringArrayOutput `pulumi:"associatedNetworks"`
	// Project to bill on endpoint uptime usage.
	BillingProjectId pulumi.StringOutput `pulumi:"billingProjectId"`
	// Time the firewall endpoint was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location (zone) of the firewall endpoint.
	Location pulumi.StringOutput `pulumi:"location"`
	// The name of the firewall endpoint resource.
	Name pulumi.StringOutput `pulumi:"name"`
	// The name of the parent this firewall endpoint belongs to.
	// Format: organizations/{organization_id}.
	//
	// ***
	Parent pulumi.StringOutput `pulumi:"parent"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Whether reconciling is in progress, recommended per https://google.aip.dev/128.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// The current state of the endpoint.
	State pulumi.StringOutput `pulumi:"state"`
	// Time the firewall endpoint was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

A Firewall endpoint is a Cloud Firewall resource that enables layer 7 advanced protection capabilities, such as intrusion prevention, in your network.

To get more information about FirewallEndpoint, see:

* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/organizations.locations.firewallEndpoints) * How-to Guides

> **Warning:** If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billingProjectId` and set `userProjectOverride` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billingProjectId` you defined.

## Example Usage

### Network Security Firewall Endpoint Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewFirewallEndpoint(ctx, "default", &networksecurity.FirewallEndpointArgs{
			Name:             pulumi.String("my-firewall-endpoint"),
			Parent:           pulumi.String("organizations/123456789"),
			Location:         pulumi.String("us-central1-a"),
			BillingProjectId: pulumi.String("my-project-name"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

FirewallEndpoint can be imported using any of these accepted formats:

* `{{parent}}/locations/{{location}}/firewallEndpoints/{{name}}`

When using the `pulumi import` command, FirewallEndpoint can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/firewallEndpoint:FirewallEndpoint default {{parent}}/locations/{{location}}/firewallEndpoints/{{name}} ```

func GetFirewallEndpoint

func GetFirewallEndpoint(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *FirewallEndpointState, opts ...pulumi.ResourceOption) (*FirewallEndpoint, error)

GetFirewallEndpoint gets an existing FirewallEndpoint resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewFirewallEndpoint

func NewFirewallEndpoint(ctx *pulumi.Context,
	name string, args *FirewallEndpointArgs, opts ...pulumi.ResourceOption) (*FirewallEndpoint, error)

NewFirewallEndpoint registers a new resource with the given unique name, arguments, and options.

func (*FirewallEndpoint) ElementType

func (*FirewallEndpoint) ElementType() reflect.Type

func (*FirewallEndpoint) ToFirewallEndpointOutput

func (i *FirewallEndpoint) ToFirewallEndpointOutput() FirewallEndpointOutput

func (*FirewallEndpoint) ToFirewallEndpointOutputWithContext

func (i *FirewallEndpoint) ToFirewallEndpointOutputWithContext(ctx context.Context) FirewallEndpointOutput

type FirewallEndpointArgs

type FirewallEndpointArgs struct {
	// Project to bill on endpoint uptime usage.
	BillingProjectId pulumi.StringInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location (zone) of the firewall endpoint.
	Location pulumi.StringInput
	// The name of the firewall endpoint resource.
	Name pulumi.StringPtrInput
	// The name of the parent this firewall endpoint belongs to.
	// Format: organizations/{organization_id}.
	//
	// ***
	Parent pulumi.StringInput
}

The set of arguments for constructing a FirewallEndpoint resource.

func (FirewallEndpointArgs) ElementType

func (FirewallEndpointArgs) ElementType() reflect.Type

type FirewallEndpointArray

type FirewallEndpointArray []FirewallEndpointInput

func (FirewallEndpointArray) ElementType

func (FirewallEndpointArray) ElementType() reflect.Type

func (FirewallEndpointArray) ToFirewallEndpointArrayOutput

func (i FirewallEndpointArray) ToFirewallEndpointArrayOutput() FirewallEndpointArrayOutput

func (FirewallEndpointArray) ToFirewallEndpointArrayOutputWithContext

func (i FirewallEndpointArray) ToFirewallEndpointArrayOutputWithContext(ctx context.Context) FirewallEndpointArrayOutput

type FirewallEndpointArrayInput

type FirewallEndpointArrayInput interface {
	pulumi.Input

	ToFirewallEndpointArrayOutput() FirewallEndpointArrayOutput
	ToFirewallEndpointArrayOutputWithContext(context.Context) FirewallEndpointArrayOutput
}

FirewallEndpointArrayInput is an input type that accepts FirewallEndpointArray and FirewallEndpointArrayOutput values. You can construct a concrete instance of `FirewallEndpointArrayInput` via:

FirewallEndpointArray{ FirewallEndpointArgs{...} }

type FirewallEndpointArrayOutput

type FirewallEndpointArrayOutput struct{ *pulumi.OutputState }

func (FirewallEndpointArrayOutput) ElementType

func (FirewallEndpointArrayOutput) Index

func (FirewallEndpointArrayOutput) ToFirewallEndpointArrayOutput

func (o FirewallEndpointArrayOutput) ToFirewallEndpointArrayOutput() FirewallEndpointArrayOutput

func (FirewallEndpointArrayOutput) ToFirewallEndpointArrayOutputWithContext

func (o FirewallEndpointArrayOutput) ToFirewallEndpointArrayOutputWithContext(ctx context.Context) FirewallEndpointArrayOutput

type FirewallEndpointAssociation

type FirewallEndpointAssociation struct {
	pulumi.CustomResourceState

	// Time the firewall endpoint was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Whether the association is disabled. True indicates that traffic will not be intercepted.
	// > **Note:** The API will reject the request if this value is set to true when creating the resource,
	// otherwise on an update the association can be disabled.
	Disabled pulumi.BoolPtrOutput `pulumi:"disabled"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// The URL of the firewall endpoint that is being associated.
	FirewallEndpoint pulumi.StringOutput `pulumi:"firewallEndpoint"`
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location (zone) of the firewall endpoint association.
	//
	// ***
	Location pulumi.StringOutput `pulumi:"location"`
	// The name of the firewall endpoint association resource.
	Name pulumi.StringOutput `pulumi:"name"`
	// The URL of the network that is being associated.
	Network pulumi.StringOutput `pulumi:"network"`
	// The name of the parent this firewall endpoint association belongs to.
	// Format: projects/{project_id}.
	Parent pulumi.StringPtrOutput `pulumi:"parent"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Whether reconciling is in progress, recommended per https://google.aip.dev/128.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// The current state of the endpoint.
	State pulumi.StringOutput `pulumi:"state"`
	// The URL of the TlsInspectionPolicy that is being associated.
	TlsInspectionPolicy pulumi.StringPtrOutput `pulumi:"tlsInspectionPolicy"`
	// Time the firewall endpoint was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Firewall endpoint association links a firewall endpoint to a VPC network in the same zone. After you define this association, Cloud Firewall forwards the zonal workload traffic in your VPC network that requires layer 7 inspection to the attached firewall endpoint.

To get more information about FirewallEndpointAssociation, see:

* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/projects.locations.firewallEndpointAssociations#FirewallEndpointAssociation) * How-to Guides

> **Warning:** If you are using User ADCs (Application Default Credentials) with this resource, you must specify a `billingProjectId` and set `userProjectOverride` to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the `serviceusage.services.use` permission on the `billingProjectId` you defined.

## Example Usage

## Import

FirewallEndpointAssociation can be imported using any of these accepted formats:

* `{{parent}}/locations/{{location}}/firewallEndpointAssociations/{{name}}`

When using the `pulumi import` command, FirewallEndpointAssociation can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/firewallEndpointAssociation:FirewallEndpointAssociation default {{parent}}/locations/{{location}}/firewallEndpointAssociations/{{name}} ```

func GetFirewallEndpointAssociation

func GetFirewallEndpointAssociation(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *FirewallEndpointAssociationState, opts ...pulumi.ResourceOption) (*FirewallEndpointAssociation, error)

GetFirewallEndpointAssociation gets an existing FirewallEndpointAssociation resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewFirewallEndpointAssociation

func NewFirewallEndpointAssociation(ctx *pulumi.Context,
	name string, args *FirewallEndpointAssociationArgs, opts ...pulumi.ResourceOption) (*FirewallEndpointAssociation, error)

NewFirewallEndpointAssociation registers a new resource with the given unique name, arguments, and options.

func (*FirewallEndpointAssociation) ElementType

func (*FirewallEndpointAssociation) ElementType() reflect.Type

func (*FirewallEndpointAssociation) ToFirewallEndpointAssociationOutput

func (i *FirewallEndpointAssociation) ToFirewallEndpointAssociationOutput() FirewallEndpointAssociationOutput

func (*FirewallEndpointAssociation) ToFirewallEndpointAssociationOutputWithContext

func (i *FirewallEndpointAssociation) ToFirewallEndpointAssociationOutputWithContext(ctx context.Context) FirewallEndpointAssociationOutput

type FirewallEndpointAssociationArgs

type FirewallEndpointAssociationArgs struct {
	// Whether the association is disabled. True indicates that traffic will not be intercepted.
	// > **Note:** The API will reject the request if this value is set to true when creating the resource,
	// otherwise on an update the association can be disabled.
	Disabled pulumi.BoolPtrInput
	// The URL of the firewall endpoint that is being associated.
	FirewallEndpoint pulumi.StringInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location (zone) of the firewall endpoint association.
	//
	// ***
	Location pulumi.StringInput
	// The name of the firewall endpoint association resource.
	Name pulumi.StringPtrInput
	// The URL of the network that is being associated.
	Network pulumi.StringInput
	// The name of the parent this firewall endpoint association belongs to.
	// Format: projects/{project_id}.
	Parent pulumi.StringPtrInput
	// The URL of the TlsInspectionPolicy that is being associated.
	TlsInspectionPolicy pulumi.StringPtrInput
}

The set of arguments for constructing a FirewallEndpointAssociation resource.

func (FirewallEndpointAssociationArgs) ElementType

type FirewallEndpointAssociationArray

type FirewallEndpointAssociationArray []FirewallEndpointAssociationInput

func (FirewallEndpointAssociationArray) ElementType

func (FirewallEndpointAssociationArray) ToFirewallEndpointAssociationArrayOutput

func (i FirewallEndpointAssociationArray) ToFirewallEndpointAssociationArrayOutput() FirewallEndpointAssociationArrayOutput

func (FirewallEndpointAssociationArray) ToFirewallEndpointAssociationArrayOutputWithContext

func (i FirewallEndpointAssociationArray) ToFirewallEndpointAssociationArrayOutputWithContext(ctx context.Context) FirewallEndpointAssociationArrayOutput

type FirewallEndpointAssociationArrayInput

type FirewallEndpointAssociationArrayInput interface {
	pulumi.Input

	ToFirewallEndpointAssociationArrayOutput() FirewallEndpointAssociationArrayOutput
	ToFirewallEndpointAssociationArrayOutputWithContext(context.Context) FirewallEndpointAssociationArrayOutput
}

FirewallEndpointAssociationArrayInput is an input type that accepts FirewallEndpointAssociationArray and FirewallEndpointAssociationArrayOutput values. You can construct a concrete instance of `FirewallEndpointAssociationArrayInput` via:

FirewallEndpointAssociationArray{ FirewallEndpointAssociationArgs{...} }

type FirewallEndpointAssociationArrayOutput

type FirewallEndpointAssociationArrayOutput struct{ *pulumi.OutputState }

func (FirewallEndpointAssociationArrayOutput) ElementType

func (FirewallEndpointAssociationArrayOutput) Index

func (FirewallEndpointAssociationArrayOutput) ToFirewallEndpointAssociationArrayOutput

func (o FirewallEndpointAssociationArrayOutput) ToFirewallEndpointAssociationArrayOutput() FirewallEndpointAssociationArrayOutput

func (FirewallEndpointAssociationArrayOutput) ToFirewallEndpointAssociationArrayOutputWithContext

func (o FirewallEndpointAssociationArrayOutput) ToFirewallEndpointAssociationArrayOutputWithContext(ctx context.Context) FirewallEndpointAssociationArrayOutput

type FirewallEndpointAssociationInput

type FirewallEndpointAssociationInput interface {
	pulumi.Input

	ToFirewallEndpointAssociationOutput() FirewallEndpointAssociationOutput
	ToFirewallEndpointAssociationOutputWithContext(ctx context.Context) FirewallEndpointAssociationOutput
}

type FirewallEndpointAssociationMap

type FirewallEndpointAssociationMap map[string]FirewallEndpointAssociationInput

func (FirewallEndpointAssociationMap) ElementType

func (FirewallEndpointAssociationMap) ToFirewallEndpointAssociationMapOutput

func (i FirewallEndpointAssociationMap) ToFirewallEndpointAssociationMapOutput() FirewallEndpointAssociationMapOutput

func (FirewallEndpointAssociationMap) ToFirewallEndpointAssociationMapOutputWithContext

func (i FirewallEndpointAssociationMap) ToFirewallEndpointAssociationMapOutputWithContext(ctx context.Context) FirewallEndpointAssociationMapOutput

type FirewallEndpointAssociationMapInput

type FirewallEndpointAssociationMapInput interface {
	pulumi.Input

	ToFirewallEndpointAssociationMapOutput() FirewallEndpointAssociationMapOutput
	ToFirewallEndpointAssociationMapOutputWithContext(context.Context) FirewallEndpointAssociationMapOutput
}

FirewallEndpointAssociationMapInput is an input type that accepts FirewallEndpointAssociationMap and FirewallEndpointAssociationMapOutput values. You can construct a concrete instance of `FirewallEndpointAssociationMapInput` via:

FirewallEndpointAssociationMap{ "key": FirewallEndpointAssociationArgs{...} }

type FirewallEndpointAssociationMapOutput

type FirewallEndpointAssociationMapOutput struct{ *pulumi.OutputState }

func (FirewallEndpointAssociationMapOutput) ElementType

func (FirewallEndpointAssociationMapOutput) MapIndex

func (FirewallEndpointAssociationMapOutput) ToFirewallEndpointAssociationMapOutput

func (o FirewallEndpointAssociationMapOutput) ToFirewallEndpointAssociationMapOutput() FirewallEndpointAssociationMapOutput

func (FirewallEndpointAssociationMapOutput) ToFirewallEndpointAssociationMapOutputWithContext

func (o FirewallEndpointAssociationMapOutput) ToFirewallEndpointAssociationMapOutputWithContext(ctx context.Context) FirewallEndpointAssociationMapOutput

type FirewallEndpointAssociationOutput

type FirewallEndpointAssociationOutput struct{ *pulumi.OutputState }

func (FirewallEndpointAssociationOutput) CreateTime

Time the firewall endpoint was created in UTC.

func (FirewallEndpointAssociationOutput) Disabled

Whether the association is disabled. True indicates that traffic will not be intercepted. > **Note:** The API will reject the request if this value is set to true when creating the resource, otherwise on an update the association can be disabled.

func (FirewallEndpointAssociationOutput) EffectiveLabels

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (FirewallEndpointAssociationOutput) ElementType

func (FirewallEndpointAssociationOutput) FirewallEndpoint

The URL of the firewall endpoint that is being associated.

func (FirewallEndpointAssociationOutput) Labels

A map of key/value label pairs to assign to the resource.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (FirewallEndpointAssociationOutput) Location

The location (zone) of the firewall endpoint association.

***

func (FirewallEndpointAssociationOutput) Name

The name of the firewall endpoint association resource.

func (FirewallEndpointAssociationOutput) Network

The URL of the network that is being associated.

func (FirewallEndpointAssociationOutput) Parent

The name of the parent this firewall endpoint association belongs to. Format: projects/{project_id}.

func (FirewallEndpointAssociationOutput) PulumiLabels

The combination of labels configured directly on the resource and default labels configured on the provider.

func (FirewallEndpointAssociationOutput) Reconciling

Whether reconciling is in progress, recommended per https://google.aip.dev/128.

Server-defined URL of this resource.

func (FirewallEndpointAssociationOutput) State

The current state of the endpoint.

func (FirewallEndpointAssociationOutput) TlsInspectionPolicy

The URL of the TlsInspectionPolicy that is being associated.

func (FirewallEndpointAssociationOutput) ToFirewallEndpointAssociationOutput

func (o FirewallEndpointAssociationOutput) ToFirewallEndpointAssociationOutput() FirewallEndpointAssociationOutput

func (FirewallEndpointAssociationOutput) ToFirewallEndpointAssociationOutputWithContext

func (o FirewallEndpointAssociationOutput) ToFirewallEndpointAssociationOutputWithContext(ctx context.Context) FirewallEndpointAssociationOutput

func (FirewallEndpointAssociationOutput) UpdateTime

Time the firewall endpoint was updated in UTC.

type FirewallEndpointAssociationState

type FirewallEndpointAssociationState struct {
	// Time the firewall endpoint was created in UTC.
	CreateTime pulumi.StringPtrInput
	// Whether the association is disabled. True indicates that traffic will not be intercepted.
	// > **Note:** The API will reject the request if this value is set to true when creating the resource,
	// otherwise on an update the association can be disabled.
	Disabled pulumi.BoolPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// The URL of the firewall endpoint that is being associated.
	FirewallEndpoint pulumi.StringPtrInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location (zone) of the firewall endpoint association.
	//
	// ***
	Location pulumi.StringPtrInput
	// The name of the firewall endpoint association resource.
	Name pulumi.StringPtrInput
	// The URL of the network that is being associated.
	Network pulumi.StringPtrInput
	// The name of the parent this firewall endpoint association belongs to.
	// Format: projects/{project_id}.
	Parent pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Whether reconciling is in progress, recommended per https://google.aip.dev/128.
	Reconciling pulumi.BoolPtrInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// The current state of the endpoint.
	State pulumi.StringPtrInput
	// The URL of the TlsInspectionPolicy that is being associated.
	TlsInspectionPolicy pulumi.StringPtrInput
	// Time the firewall endpoint was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (FirewallEndpointAssociationState) ElementType

type FirewallEndpointInput

type FirewallEndpointInput interface {
	pulumi.Input

	ToFirewallEndpointOutput() FirewallEndpointOutput
	ToFirewallEndpointOutputWithContext(ctx context.Context) FirewallEndpointOutput
}

type FirewallEndpointMap

type FirewallEndpointMap map[string]FirewallEndpointInput

func (FirewallEndpointMap) ElementType

func (FirewallEndpointMap) ElementType() reflect.Type

func (FirewallEndpointMap) ToFirewallEndpointMapOutput

func (i FirewallEndpointMap) ToFirewallEndpointMapOutput() FirewallEndpointMapOutput

func (FirewallEndpointMap) ToFirewallEndpointMapOutputWithContext

func (i FirewallEndpointMap) ToFirewallEndpointMapOutputWithContext(ctx context.Context) FirewallEndpointMapOutput

type FirewallEndpointMapInput

type FirewallEndpointMapInput interface {
	pulumi.Input

	ToFirewallEndpointMapOutput() FirewallEndpointMapOutput
	ToFirewallEndpointMapOutputWithContext(context.Context) FirewallEndpointMapOutput
}

FirewallEndpointMapInput is an input type that accepts FirewallEndpointMap and FirewallEndpointMapOutput values. You can construct a concrete instance of `FirewallEndpointMapInput` via:

FirewallEndpointMap{ "key": FirewallEndpointArgs{...} }

type FirewallEndpointMapOutput

type FirewallEndpointMapOutput struct{ *pulumi.OutputState }

func (FirewallEndpointMapOutput) ElementType

func (FirewallEndpointMapOutput) ElementType() reflect.Type

func (FirewallEndpointMapOutput) MapIndex

func (FirewallEndpointMapOutput) ToFirewallEndpointMapOutput

func (o FirewallEndpointMapOutput) ToFirewallEndpointMapOutput() FirewallEndpointMapOutput

func (FirewallEndpointMapOutput) ToFirewallEndpointMapOutputWithContext

func (o FirewallEndpointMapOutput) ToFirewallEndpointMapOutputWithContext(ctx context.Context) FirewallEndpointMapOutput

type FirewallEndpointOutput

type FirewallEndpointOutput struct{ *pulumi.OutputState }

func (FirewallEndpointOutput) AssociatedNetworks

func (o FirewallEndpointOutput) AssociatedNetworks() pulumi.StringArrayOutput

List of networks that are associated with this endpoint in the local zone. This is a projection of the FirewallEndpointAssociations pointing at this endpoint. A network will only appear in this list after traffic routing is fully configured. Format: projects/{project}/global/networks/{name}.

func (FirewallEndpointOutput) BillingProjectId

func (o FirewallEndpointOutput) BillingProjectId() pulumi.StringOutput

Project to bill on endpoint uptime usage.

func (FirewallEndpointOutput) CreateTime

Time the firewall endpoint was created in UTC.

func (FirewallEndpointOutput) EffectiveLabels

func (o FirewallEndpointOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (FirewallEndpointOutput) ElementType

func (FirewallEndpointOutput) ElementType() reflect.Type

func (FirewallEndpointOutput) Labels

A map of key/value label pairs to assign to the resource.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (FirewallEndpointOutput) Location

The location (zone) of the firewall endpoint.

func (FirewallEndpointOutput) Name

The name of the firewall endpoint resource.

func (FirewallEndpointOutput) Parent

The name of the parent this firewall endpoint belongs to. Format: organizations/{organization_id}.

***

func (FirewallEndpointOutput) PulumiLabels

The combination of labels configured directly on the resource and default labels configured on the provider.

func (FirewallEndpointOutput) Reconciling

func (o FirewallEndpointOutput) Reconciling() pulumi.BoolOutput

Whether reconciling is in progress, recommended per https://google.aip.dev/128.

Server-defined URL of this resource.

func (FirewallEndpointOutput) State

The current state of the endpoint.

func (FirewallEndpointOutput) ToFirewallEndpointOutput

func (o FirewallEndpointOutput) ToFirewallEndpointOutput() FirewallEndpointOutput

func (FirewallEndpointOutput) ToFirewallEndpointOutputWithContext

func (o FirewallEndpointOutput) ToFirewallEndpointOutputWithContext(ctx context.Context) FirewallEndpointOutput

func (FirewallEndpointOutput) UpdateTime

Time the firewall endpoint was updated in UTC.

type FirewallEndpointState

type FirewallEndpointState struct {
	// List of networks that are associated with this endpoint in the local zone.
	// This is a projection of the FirewallEndpointAssociations pointing at this
	// endpoint. A network will only appear in this list after traffic routing is
	// fully configured. Format: projects/{project}/global/networks/{name}.
	AssociatedNetworks pulumi.StringArrayInput
	// Project to bill on endpoint uptime usage.
	BillingProjectId pulumi.StringPtrInput
	// Time the firewall endpoint was created in UTC.
	CreateTime pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location (zone) of the firewall endpoint.
	Location pulumi.StringPtrInput
	// The name of the firewall endpoint resource.
	Name pulumi.StringPtrInput
	// The name of the parent this firewall endpoint belongs to.
	// Format: organizations/{organization_id}.
	//
	// ***
	Parent pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Whether reconciling is in progress, recommended per https://google.aip.dev/128.
	Reconciling pulumi.BoolPtrInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// The current state of the endpoint.
	State pulumi.StringPtrInput
	// Time the firewall endpoint was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (FirewallEndpointState) ElementType

func (FirewallEndpointState) ElementType() reflect.Type

type GatewaySecurityPolicy

type GatewaySecurityPolicy struct {
	pulumi.CustomResourceState

	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The location of the gateway security policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy}
	// gatewaySecurityPolicy should match the pattern:(^a-z?$).
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.
	// Note: networksecurity.TlsInspectionPolicy resource is still in Beta therefore it will need to import the provider.
	TlsInspectionPolicy pulumi.StringPtrOutput `pulumi:"tlsInspectionPolicy"`
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

The GatewaySecurityPolicy resource contains a collection of GatewaySecurityPolicyRules and associated metadata.

To get more information about GatewaySecurityPolicy, see:

* [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.gatewaySecurityPolicies)

## Example Usage

### Network Security Gateway Security Policy Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
			Name:        pulumi.String("my-gateway-security-policy"),
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("my description"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Gateway Security Policy Tls Inspection Basic

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificateauthority"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := certificateauthority.NewCaPool(ctx, "default", &certificateauthority.CaPoolArgs{
			Name:     pulumi.String("my-basic-ca-pool"),
			Location: pulumi.String("us-central1"),
			Tier:     pulumi.String("DEVOPS"),
			PublishingOptions: &certificateauthority.CaPoolPublishingOptionsArgs{
				PublishCaCert: pulumi.Bool(false),
				PublishCrl:    pulumi.Bool(false),
			},
			IssuancePolicy: &certificateauthority.CaPoolIssuancePolicyArgs{
				MaximumLifetime: pulumi.String("1209600s"),
				BaselineValues: &certificateauthority.CaPoolIssuancePolicyBaselineValuesArgs{
					CaOptions: &certificateauthority.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs{
						IsCa: pulumi.Bool(false),
					},
					KeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageBaseKeyUsageArgs{},
						ExtendedKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(true),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		defaultAuthority, err := certificateauthority.NewAuthority(ctx, "default", &certificateauthority.AuthorityArgs{
			Pool:                               _default.Name,
			CertificateAuthorityId:             pulumi.String("my-basic-certificate-authority"),
			Location:                           pulumi.String("us-central1"),
			Lifetime:                           pulumi.String("86400s"),
			Type:                               pulumi.String("SELF_SIGNED"),
			DeletionProtection:                 pulumi.Bool(false),
			SkipGracePeriod:                    pulumi.Bool(true),
			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
			Config: &certificateauthority.AuthorityConfigArgs{
				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
						Organization: pulumi.String("Test LLC"),
						CommonName:   pulumi.String("my-ca"),
					},
				},
				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
						IsCa: pulumi.Bool(true),
					},
					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
							CertSign: pulumi.Bool(true),
							CrlSign:  pulumi.Bool(true),
						},
						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(false),
						},
					},
				},
			},
			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
			},
		})
		if err != nil {
			return err
		}
		project, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil)
		if err != nil {
			return err
		}
		tlsInspectionPermission, err := certificateauthority.NewCaPoolIamMember(ctx, "tls_inspection_permission", &certificateauthority.CaPoolIamMemberArgs{
			CaPool: _default.ID(),
			Role:   pulumi.String("roles/privateca.certificateManager"),
			Member: pulumi.Sprintf("serviceAccount:service-%v@gcp-sa-networksecurity.iam.gserviceaccount.com", project.Number),
		})
		if err != nil {
			return err
		}
		defaultTlsInspectionPolicy, err := networksecurity.NewTlsInspectionPolicy(ctx, "default", &networksecurity.TlsInspectionPolicyArgs{
			Name:     pulumi.String("my-tls-inspection-policy"),
			Location: pulumi.String("us-central1"),
			CaPool:   _default.ID(),
		}, pulumi.DependsOn([]pulumi.Resource{
			_default,
			defaultAuthority,
			tlsInspectionPermission,
		}))
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
			Name:                pulumi.String("my-gateway-security-policy"),
			Location:            pulumi.String("us-central1"),
			Description:         pulumi.String("my description"),
			TlsInspectionPolicy: defaultTlsInspectionPolicy.ID(),
		}, pulumi.DependsOn([]pulumi.Resource{
			defaultTlsInspectionPolicy,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

GatewaySecurityPolicy can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, GatewaySecurityPolicy can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{name}} ```

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{location}}/{{name}} ```

func GetGatewaySecurityPolicy

func GetGatewaySecurityPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GatewaySecurityPolicyState, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicy, error)

GetGatewaySecurityPolicy gets an existing GatewaySecurityPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGatewaySecurityPolicy

func NewGatewaySecurityPolicy(ctx *pulumi.Context,
	name string, args *GatewaySecurityPolicyArgs, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicy, error)

NewGatewaySecurityPolicy registers a new resource with the given unique name, arguments, and options.

func (*GatewaySecurityPolicy) ElementType

func (*GatewaySecurityPolicy) ElementType() reflect.Type

func (*GatewaySecurityPolicy) ToGatewaySecurityPolicyOutput

func (i *GatewaySecurityPolicy) ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput

func (*GatewaySecurityPolicy) ToGatewaySecurityPolicyOutputWithContext

func (i *GatewaySecurityPolicy) ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput

type GatewaySecurityPolicyArgs

type GatewaySecurityPolicyArgs struct {
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// The location of the gateway security policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy}
	// gatewaySecurityPolicy should match the pattern:(^a-z?$).
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.
	// Note: networksecurity.TlsInspectionPolicy resource is still in Beta therefore it will need to import the provider.
	TlsInspectionPolicy pulumi.StringPtrInput
}

The set of arguments for constructing a GatewaySecurityPolicy resource.

func (GatewaySecurityPolicyArgs) ElementType

func (GatewaySecurityPolicyArgs) ElementType() reflect.Type

type GatewaySecurityPolicyArray

type GatewaySecurityPolicyArray []GatewaySecurityPolicyInput

func (GatewaySecurityPolicyArray) ElementType

func (GatewaySecurityPolicyArray) ElementType() reflect.Type

func (GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutput

func (i GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutput() GatewaySecurityPolicyArrayOutput

func (GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutputWithContext

func (i GatewaySecurityPolicyArray) ToGatewaySecurityPolicyArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyArrayOutput

type GatewaySecurityPolicyArrayInput

type GatewaySecurityPolicyArrayInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyArrayOutput() GatewaySecurityPolicyArrayOutput
	ToGatewaySecurityPolicyArrayOutputWithContext(context.Context) GatewaySecurityPolicyArrayOutput
}

GatewaySecurityPolicyArrayInput is an input type that accepts GatewaySecurityPolicyArray and GatewaySecurityPolicyArrayOutput values. You can construct a concrete instance of `GatewaySecurityPolicyArrayInput` via:

GatewaySecurityPolicyArray{ GatewaySecurityPolicyArgs{...} }

type GatewaySecurityPolicyArrayOutput

type GatewaySecurityPolicyArrayOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyArrayOutput) ElementType

func (GatewaySecurityPolicyArrayOutput) Index

func (GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutput

func (o GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutput() GatewaySecurityPolicyArrayOutput

func (GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutputWithContext

func (o GatewaySecurityPolicyArrayOutput) ToGatewaySecurityPolicyArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyArrayOutput

type GatewaySecurityPolicyInput

type GatewaySecurityPolicyInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput
	ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput
}

type GatewaySecurityPolicyMap

type GatewaySecurityPolicyMap map[string]GatewaySecurityPolicyInput

func (GatewaySecurityPolicyMap) ElementType

func (GatewaySecurityPolicyMap) ElementType() reflect.Type

func (GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutput

func (i GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutput() GatewaySecurityPolicyMapOutput

func (GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutputWithContext

func (i GatewaySecurityPolicyMap) ToGatewaySecurityPolicyMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyMapOutput

type GatewaySecurityPolicyMapInput

type GatewaySecurityPolicyMapInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyMapOutput() GatewaySecurityPolicyMapOutput
	ToGatewaySecurityPolicyMapOutputWithContext(context.Context) GatewaySecurityPolicyMapOutput
}

GatewaySecurityPolicyMapInput is an input type that accepts GatewaySecurityPolicyMap and GatewaySecurityPolicyMapOutput values. You can construct a concrete instance of `GatewaySecurityPolicyMapInput` via:

GatewaySecurityPolicyMap{ "key": GatewaySecurityPolicyArgs{...} }

type GatewaySecurityPolicyMapOutput

type GatewaySecurityPolicyMapOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyMapOutput) ElementType

func (GatewaySecurityPolicyMapOutput) MapIndex

func (GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutput

func (o GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutput() GatewaySecurityPolicyMapOutput

func (GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutputWithContext

func (o GatewaySecurityPolicyMapOutput) ToGatewaySecurityPolicyMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyMapOutput

type GatewaySecurityPolicyOutput

type GatewaySecurityPolicyOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyOutput) CreateTime

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

func (GatewaySecurityPolicyOutput) Description

A free-text description of the resource. Max length 1024 characters.

func (GatewaySecurityPolicyOutput) ElementType

func (GatewaySecurityPolicyOutput) Location

The location of the gateway security policy. The default value is `global`.

func (GatewaySecurityPolicyOutput) Name

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).

***

func (GatewaySecurityPolicyOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Server-defined URL of this resource.

func (GatewaySecurityPolicyOutput) TlsInspectionPolicy

func (o GatewaySecurityPolicyOutput) TlsInspectionPolicy() pulumi.StringPtrOutput

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it. Note: networksecurity.TlsInspectionPolicy resource is still in Beta therefore it will need to import the provider.

func (GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutput

func (o GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutputWithContext

func (o GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyOutput) UpdateTime

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

type GatewaySecurityPolicyRule

type GatewaySecurityPolicyRule struct {
	pulumi.CustomResourceState

	// CEL expression for matching on L7/application level criteria.
	ApplicationMatcher pulumi.StringPtrOutput `pulumi:"applicationMatcher"`
	// Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY.
	// Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.
	BasicProfile pulumi.StringOutput `pulumi:"basicProfile"`
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Whether the rule is enforced.
	Enabled pulumi.BoolOutput `pulumi:"enabled"`
	// The name of the gatewat security policy this rule belongs to.
	//
	// ***
	GatewaySecurityPolicy pulumi.StringOutput `pulumi:"gatewaySecurityPolicy"`
	// The location of the gateway security policy.
	Location pulumi.StringOutput `pulumi:"location"`
	// Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule}
	// rule should match the pattern: (^a-z?$).
	Name pulumi.StringOutput `pulumi:"name"`
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority pulumi.IntOutput `pulumi:"priority"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// CEL expression for matching on session criteria.
	SessionMatcher pulumi.StringOutput `pulumi:"sessionMatcher"`
	// Flag to enable TLS inspection of traffic matching on. Can only be true if the
	// parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled pulumi.BoolPtrOutput `pulumi:"tlsInspectionEnabled"`
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

The GatewaySecurityPolicyRule resource is in a nested collection within a GatewaySecurityPolicy and represents a traffic matching condition and associated action to perform.

To get more information about GatewaySecurityPolicyRule, see:

* [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.gatewaySecurityPolicies.rules)

## Example Usage

### Network Security Gateway Security Policy Rules Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
			Name:        pulumi.String("my-gateway-security-policy"),
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("gateway security policy created to be used as reference by the rule."),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicyRule(ctx, "default", &networksecurity.GatewaySecurityPolicyRuleArgs{
			Name:                  pulumi.String("my-gateway-security-policy-rule"),
			Location:              pulumi.String("us-central1"),
			GatewaySecurityPolicy: _default.Name,
			Enabled:               pulumi.Bool(true),
			Description:           pulumi.String("my description"),
			Priority:              pulumi.Int(0),
			SessionMatcher:        pulumi.String("host() == 'example.com'"),
			BasicProfile:          pulumi.String("ALLOW"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Gateway Security Policy Rules Advanced

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
			Name:        pulumi.String("my-gateway-security-policy"),
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("gateway security policy created to be used as reference by the rule."),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicyRule(ctx, "default", &networksecurity.GatewaySecurityPolicyRuleArgs{
			Name:                  pulumi.String("my-gateway-security-policy-rule"),
			Location:              pulumi.String("us-central1"),
			GatewaySecurityPolicy: _default.Name,
			Enabled:               pulumi.Bool(true),
			Description:           pulumi.String("my description"),
			Priority:              pulumi.Int(0),
			SessionMatcher:        pulumi.String("host() == 'example.com'"),
			ApplicationMatcher:    pulumi.String("request.method == 'POST'"),
			TlsInspectionEnabled:  pulumi.Bool(false),
			BasicProfile:          pulumi.String("ALLOW"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

GatewaySecurityPolicyRule can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{gateway_security_policy}}/rules/{{name}}`

* `{{project}}/{{location}}/{{gateway_security_policy}}/{{name}}`

* `{{location}}/{{gateway_security_policy}}/{{name}}`

When using the `pulumi import` command, GatewaySecurityPolicyRule can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{gateway_security_policy}}/rules/{{name}} ```

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default {{project}}/{{location}}/{{gateway_security_policy}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default {{location}}/{{gateway_security_policy}}/{{name}} ```

func GetGatewaySecurityPolicyRule

func GetGatewaySecurityPolicyRule(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GatewaySecurityPolicyRuleState, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicyRule, error)

GetGatewaySecurityPolicyRule gets an existing GatewaySecurityPolicyRule resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGatewaySecurityPolicyRule

func NewGatewaySecurityPolicyRule(ctx *pulumi.Context,
	name string, args *GatewaySecurityPolicyRuleArgs, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicyRule, error)

NewGatewaySecurityPolicyRule registers a new resource with the given unique name, arguments, and options.

func (*GatewaySecurityPolicyRule) ElementType

func (*GatewaySecurityPolicyRule) ElementType() reflect.Type

func (*GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutput

func (i *GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutput() GatewaySecurityPolicyRuleOutput

func (*GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutputWithContext

func (i *GatewaySecurityPolicyRule) ToGatewaySecurityPolicyRuleOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleOutput

type GatewaySecurityPolicyRuleArgs

type GatewaySecurityPolicyRuleArgs struct {
	// CEL expression for matching on L7/application level criteria.
	ApplicationMatcher pulumi.StringPtrInput
	// Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY.
	// Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.
	BasicProfile pulumi.StringInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Whether the rule is enforced.
	Enabled pulumi.BoolInput
	// The name of the gatewat security policy this rule belongs to.
	//
	// ***
	GatewaySecurityPolicy pulumi.StringInput
	// The location of the gateway security policy.
	Location pulumi.StringInput
	// Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule}
	// rule should match the pattern: (^a-z?$).
	Name pulumi.StringPtrInput
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority pulumi.IntInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// CEL expression for matching on session criteria.
	SessionMatcher pulumi.StringInput
	// Flag to enable TLS inspection of traffic matching on. Can only be true if the
	// parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled pulumi.BoolPtrInput
}

The set of arguments for constructing a GatewaySecurityPolicyRule resource.

func (GatewaySecurityPolicyRuleArgs) ElementType

type GatewaySecurityPolicyRuleArray

type GatewaySecurityPolicyRuleArray []GatewaySecurityPolicyRuleInput

func (GatewaySecurityPolicyRuleArray) ElementType

func (GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutput

func (i GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutput() GatewaySecurityPolicyRuleArrayOutput

func (GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutputWithContext

func (i GatewaySecurityPolicyRuleArray) ToGatewaySecurityPolicyRuleArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleArrayOutput

type GatewaySecurityPolicyRuleArrayInput

type GatewaySecurityPolicyRuleArrayInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyRuleArrayOutput() GatewaySecurityPolicyRuleArrayOutput
	ToGatewaySecurityPolicyRuleArrayOutputWithContext(context.Context) GatewaySecurityPolicyRuleArrayOutput
}

GatewaySecurityPolicyRuleArrayInput is an input type that accepts GatewaySecurityPolicyRuleArray and GatewaySecurityPolicyRuleArrayOutput values. You can construct a concrete instance of `GatewaySecurityPolicyRuleArrayInput` via:

GatewaySecurityPolicyRuleArray{ GatewaySecurityPolicyRuleArgs{...} }

type GatewaySecurityPolicyRuleArrayOutput

type GatewaySecurityPolicyRuleArrayOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyRuleArrayOutput) ElementType

func (GatewaySecurityPolicyRuleArrayOutput) Index

func (GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutput

func (o GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutput() GatewaySecurityPolicyRuleArrayOutput

func (GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutputWithContext

func (o GatewaySecurityPolicyRuleArrayOutput) ToGatewaySecurityPolicyRuleArrayOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleArrayOutput

type GatewaySecurityPolicyRuleInput

type GatewaySecurityPolicyRuleInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyRuleOutput() GatewaySecurityPolicyRuleOutput
	ToGatewaySecurityPolicyRuleOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleOutput
}

type GatewaySecurityPolicyRuleMap

type GatewaySecurityPolicyRuleMap map[string]GatewaySecurityPolicyRuleInput

func (GatewaySecurityPolicyRuleMap) ElementType

func (GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutput

func (i GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutput() GatewaySecurityPolicyRuleMapOutput

func (GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutputWithContext

func (i GatewaySecurityPolicyRuleMap) ToGatewaySecurityPolicyRuleMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleMapOutput

type GatewaySecurityPolicyRuleMapInput

type GatewaySecurityPolicyRuleMapInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyRuleMapOutput() GatewaySecurityPolicyRuleMapOutput
	ToGatewaySecurityPolicyRuleMapOutputWithContext(context.Context) GatewaySecurityPolicyRuleMapOutput
}

GatewaySecurityPolicyRuleMapInput is an input type that accepts GatewaySecurityPolicyRuleMap and GatewaySecurityPolicyRuleMapOutput values. You can construct a concrete instance of `GatewaySecurityPolicyRuleMapInput` via:

GatewaySecurityPolicyRuleMap{ "key": GatewaySecurityPolicyRuleArgs{...} }

type GatewaySecurityPolicyRuleMapOutput

type GatewaySecurityPolicyRuleMapOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyRuleMapOutput) ElementType

func (GatewaySecurityPolicyRuleMapOutput) MapIndex

func (GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutput

func (o GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutput() GatewaySecurityPolicyRuleMapOutput

func (GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutputWithContext

func (o GatewaySecurityPolicyRuleMapOutput) ToGatewaySecurityPolicyRuleMapOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleMapOutput

type GatewaySecurityPolicyRuleOutput

type GatewaySecurityPolicyRuleOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyRuleOutput) ApplicationMatcher

CEL expression for matching on L7/application level criteria.

func (GatewaySecurityPolicyRuleOutput) BasicProfile

Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.

func (GatewaySecurityPolicyRuleOutput) CreateTime

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

func (GatewaySecurityPolicyRuleOutput) Description

Free-text description of the resource.

func (GatewaySecurityPolicyRuleOutput) ElementType

func (GatewaySecurityPolicyRuleOutput) Enabled

Whether the rule is enforced.

func (GatewaySecurityPolicyRuleOutput) GatewaySecurityPolicy

func (o GatewaySecurityPolicyRuleOutput) GatewaySecurityPolicy() pulumi.StringOutput

The name of the gatewat security policy this rule belongs to.

***

func (GatewaySecurityPolicyRuleOutput) Location

The location of the gateway security policy.

func (GatewaySecurityPolicyRuleOutput) Name

Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).

func (GatewaySecurityPolicyRuleOutput) Priority

Priority of the rule. Lower number corresponds to higher precedence.

func (GatewaySecurityPolicyRuleOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Server-defined URL of this resource.

func (GatewaySecurityPolicyRuleOutput) SessionMatcher

CEL expression for matching on session criteria.

func (GatewaySecurityPolicyRuleOutput) TlsInspectionEnabled

func (o GatewaySecurityPolicyRuleOutput) TlsInspectionEnabled() pulumi.BoolPtrOutput

Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

func (GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutput

func (o GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutput() GatewaySecurityPolicyRuleOutput

func (GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutputWithContext

func (o GatewaySecurityPolicyRuleOutput) ToGatewaySecurityPolicyRuleOutputWithContext(ctx context.Context) GatewaySecurityPolicyRuleOutput

func (GatewaySecurityPolicyRuleOutput) UpdateTime

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

type GatewaySecurityPolicyRuleState

type GatewaySecurityPolicyRuleState struct {
	// CEL expression for matching on L7/application level criteria.
	ApplicationMatcher pulumi.StringPtrInput
	// Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY.
	// Possible values are: `BASIC_PROFILE_UNSPECIFIED`, `ALLOW`, `DENY`.
	BasicProfile pulumi.StringPtrInput
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringPtrInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Whether the rule is enforced.
	Enabled pulumi.BoolPtrInput
	// The name of the gatewat security policy this rule belongs to.
	//
	// ***
	GatewaySecurityPolicy pulumi.StringPtrInput
	// The location of the gateway security policy.
	Location pulumi.StringPtrInput
	// Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule}
	// rule should match the pattern: (^a-z?$).
	Name pulumi.StringPtrInput
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority pulumi.IntPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// CEL expression for matching on session criteria.
	SessionMatcher pulumi.StringPtrInput
	// Flag to enable TLS inspection of traffic matching on. Can only be true if the
	// parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled pulumi.BoolPtrInput
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringPtrInput
}

func (GatewaySecurityPolicyRuleState) ElementType

type GatewaySecurityPolicyState

type GatewaySecurityPolicyState struct {
	// The timestamp when the resource was created.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// The location of the gateway security policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy}
	// gatewaySecurityPolicy should match the pattern:(^a-z?$).
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.
	// Note: networksecurity.TlsInspectionPolicy resource is still in Beta therefore it will need to import the provider.
	TlsInspectionPolicy pulumi.StringPtrInput
	// The timestamp when the resource was updated.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	UpdateTime pulumi.StringPtrInput
}

func (GatewaySecurityPolicyState) ElementType

func (GatewaySecurityPolicyState) ElementType() reflect.Type

type InterceptDeployment added in v8.12.0

type InterceptDeployment struct {
	pulumi.CustomResourceState

	// Create time stamp
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Immutable. The regional load balancer which the intercepted traffic should be forwarded
	// to. Format is:
	// projects/{project}/regions/{region}/forwardingRules/{forwardingRule}
	ForwardingRule pulumi.StringOutput `pulumi:"forwardingRule"`
	// Immutable. The Intercept Deployment Group that this resource is part of. Format is:
	// `projects/{project}/locations/global/interceptDeploymentGroups/{interceptDeploymentGroup}`
	InterceptDeploymentGroup pulumi.StringOutput `pulumi:"interceptDeploymentGroup"`
	// Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// interceptDeploymentId from the methodSignature of Create RPC
	//
	// ***
	InterceptDeploymentId pulumi.StringOutput `pulumi:"interceptDeploymentId"`
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/InterceptDeployment`.
	Location pulumi.StringOutput `pulumi:"location"`
	// Identifier. The name of the InterceptDeployment.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// Current state of the deployment.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CREATING
	// DELETING
	// OUT_OF_SYNC
	// DELETE_FAILED
	State pulumi.StringOutput `pulumi:"state"`
	// Update time stamp
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Intercept Deployment Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{
			Name:                  pulumi.String("example-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		subnetwork, err := compute.NewSubnetwork(ctx, "subnetwork", &compute.SubnetworkArgs{
			Name:        pulumi.String("example-subnet"),
			Region:      pulumi.String("us-central1"),
			IpCidrRange: pulumi.String("10.1.0.0/16"),
			Network:     network.Name,
		})
		if err != nil {
			return err
		}
		healthCheck, err := compute.NewRegionHealthCheck(ctx, "health_check", &compute.RegionHealthCheckArgs{
			Name:   pulumi.String("example-hc"),
			Region: pulumi.String("us-central1"),
			HttpHealthCheck: &compute.RegionHealthCheckHttpHealthCheckArgs{
				Port: pulumi.Int(80),
			},
		})
		if err != nil {
			return err
		}
		backendService, err := compute.NewRegionBackendService(ctx, "backend_service", &compute.RegionBackendServiceArgs{
			Name:                pulumi.String("example-bs"),
			Region:              pulumi.String("us-central1"),
			HealthChecks:        healthCheck.ID(),
			Protocol:            pulumi.String("UDP"),
			LoadBalancingScheme: pulumi.String("INTERNAL"),
		})
		if err != nil {
			return err
		}
		forwardingRule, err := compute.NewForwardingRule(ctx, "forwarding_rule", &compute.ForwardingRuleArgs{
			Name:                pulumi.String("example-fwr"),
			Region:              pulumi.String("us-central1"),
			Network:             network.Name,
			Subnetwork:          subnetwork.Name,
			BackendService:      backendService.ID(),
			LoadBalancingScheme: pulumi.String("INTERNAL"),
			Ports: pulumi.StringArray{
				pulumi.String("6081"),
			},
			IpProtocol: pulumi.String("UDP"),
		})
		if err != nil {
			return err
		}
		deploymentGroup, err := networksecurity.NewInterceptDeploymentGroup(ctx, "deployment_group", &networksecurity.InterceptDeploymentGroupArgs{
			InterceptDeploymentGroupId: pulumi.String("example-dg"),
			Location:                   pulumi.String("global"),
			Network:                    network.ID(),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewInterceptDeployment(ctx, "default", &networksecurity.InterceptDeploymentArgs{
			InterceptDeploymentId:    pulumi.String("example-deployment"),
			Location:                 pulumi.String("us-central1-a"),
			ForwardingRule:           forwardingRule.ID(),
			InterceptDeploymentGroup: deploymentGroup.ID(),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

InterceptDeployment can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/interceptDeployments/{{intercept_deployment_id}}`

* `{{project}}/{{location}}/{{intercept_deployment_id}}`

* `{{location}}/{{intercept_deployment_id}}`

When using the `pulumi import` command, InterceptDeployment can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/interceptDeployment:InterceptDeployment default projects/{{project}}/locations/{{location}}/interceptDeployments/{{intercept_deployment_id}} ```

```sh $ pulumi import gcp:networksecurity/interceptDeployment:InterceptDeployment default {{project}}/{{location}}/{{intercept_deployment_id}} ```

```sh $ pulumi import gcp:networksecurity/interceptDeployment:InterceptDeployment default {{location}}/{{intercept_deployment_id}} ```

func GetInterceptDeployment added in v8.12.0

func GetInterceptDeployment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InterceptDeploymentState, opts ...pulumi.ResourceOption) (*InterceptDeployment, error)

GetInterceptDeployment gets an existing InterceptDeployment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInterceptDeployment added in v8.12.0

func NewInterceptDeployment(ctx *pulumi.Context,
	name string, args *InterceptDeploymentArgs, opts ...pulumi.ResourceOption) (*InterceptDeployment, error)

NewInterceptDeployment registers a new resource with the given unique name, arguments, and options.

func (*InterceptDeployment) ElementType added in v8.12.0

func (*InterceptDeployment) ElementType() reflect.Type

func (*InterceptDeployment) ToInterceptDeploymentOutput added in v8.12.0

func (i *InterceptDeployment) ToInterceptDeploymentOutput() InterceptDeploymentOutput

func (*InterceptDeployment) ToInterceptDeploymentOutputWithContext added in v8.12.0

func (i *InterceptDeployment) ToInterceptDeploymentOutputWithContext(ctx context.Context) InterceptDeploymentOutput

type InterceptDeploymentArgs added in v8.12.0

type InterceptDeploymentArgs struct {
	// Immutable. The regional load balancer which the intercepted traffic should be forwarded
	// to. Format is:
	// projects/{project}/regions/{region}/forwardingRules/{forwardingRule}
	ForwardingRule pulumi.StringInput
	// Immutable. The Intercept Deployment Group that this resource is part of. Format is:
	// `projects/{project}/locations/global/interceptDeploymentGroups/{interceptDeploymentGroup}`
	InterceptDeploymentGroup pulumi.StringInput
	// Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// interceptDeploymentId from the methodSignature of Create RPC
	//
	// ***
	InterceptDeploymentId pulumi.StringInput
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/InterceptDeployment`.
	Location pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a InterceptDeployment resource.

func (InterceptDeploymentArgs) ElementType added in v8.12.0

func (InterceptDeploymentArgs) ElementType() reflect.Type

type InterceptDeploymentArray added in v8.12.0

type InterceptDeploymentArray []InterceptDeploymentInput

func (InterceptDeploymentArray) ElementType added in v8.12.0

func (InterceptDeploymentArray) ElementType() reflect.Type

func (InterceptDeploymentArray) ToInterceptDeploymentArrayOutput added in v8.12.0

func (i InterceptDeploymentArray) ToInterceptDeploymentArrayOutput() InterceptDeploymentArrayOutput

func (InterceptDeploymentArray) ToInterceptDeploymentArrayOutputWithContext added in v8.12.0

func (i InterceptDeploymentArray) ToInterceptDeploymentArrayOutputWithContext(ctx context.Context) InterceptDeploymentArrayOutput

type InterceptDeploymentArrayInput added in v8.12.0

type InterceptDeploymentArrayInput interface {
	pulumi.Input

	ToInterceptDeploymentArrayOutput() InterceptDeploymentArrayOutput
	ToInterceptDeploymentArrayOutputWithContext(context.Context) InterceptDeploymentArrayOutput
}

InterceptDeploymentArrayInput is an input type that accepts InterceptDeploymentArray and InterceptDeploymentArrayOutput values. You can construct a concrete instance of `InterceptDeploymentArrayInput` via:

InterceptDeploymentArray{ InterceptDeploymentArgs{...} }

type InterceptDeploymentArrayOutput added in v8.12.0

type InterceptDeploymentArrayOutput struct{ *pulumi.OutputState }

func (InterceptDeploymentArrayOutput) ElementType added in v8.12.0

func (InterceptDeploymentArrayOutput) Index added in v8.12.0

func (InterceptDeploymentArrayOutput) ToInterceptDeploymentArrayOutput added in v8.12.0

func (o InterceptDeploymentArrayOutput) ToInterceptDeploymentArrayOutput() InterceptDeploymentArrayOutput

func (InterceptDeploymentArrayOutput) ToInterceptDeploymentArrayOutputWithContext added in v8.12.0

func (o InterceptDeploymentArrayOutput) ToInterceptDeploymentArrayOutputWithContext(ctx context.Context) InterceptDeploymentArrayOutput

type InterceptDeploymentGroup added in v8.12.0

type InterceptDeploymentGroup struct {
	pulumi.CustomResourceState

	// Output only. The list of Intercept Endpoint Groups that are connected to this resource.
	// Structure is documented below.
	ConnectedEndpointGroups InterceptDeploymentGroupConnectedEndpointGroupArrayOutput `pulumi:"connectedEndpointGroups"`
	// Output only. [Output only] Create time stamp
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// interceptDeploymentGroupId from the methodSignature of Create RPC
	//
	// ***
	InterceptDeploymentGroupId pulumi.StringOutput `pulumi:"interceptDeploymentGroupId"`
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/InterceptDeploymentGroup`.
	Location pulumi.StringOutput `pulumi:"location"`
	// (Output)
	// Output only. A connected intercept endpoint group.
	Name pulumi.StringOutput `pulumi:"name"`
	// Required. Immutable. The network that is being used for the deployment. Format is:
	// projects/{project}/global/networks/{network}.
	Network pulumi.StringOutput `pulumi:"network"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Output only. Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// Output only. Current state of the deployment group.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CREATING
	// DELETING
	State pulumi.StringOutput `pulumi:"state"`
	// Output only. [Output only] Update time stamp
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Intercept Deployment Group Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{
			Name:                  pulumi.String("example-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewInterceptDeploymentGroup(ctx, "default", &networksecurity.InterceptDeploymentGroupArgs{
			InterceptDeploymentGroupId: pulumi.String("example-dg"),
			Location:                   pulumi.String("global"),
			Network:                    network.ID(),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

InterceptDeploymentGroup can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/interceptDeploymentGroups/{{intercept_deployment_group_id}}`

* `{{project}}/{{location}}/{{intercept_deployment_group_id}}`

* `{{location}}/{{intercept_deployment_group_id}}`

When using the `pulumi import` command, InterceptDeploymentGroup can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/interceptDeploymentGroup:InterceptDeploymentGroup default projects/{{project}}/locations/{{location}}/interceptDeploymentGroups/{{intercept_deployment_group_id}} ```

```sh $ pulumi import gcp:networksecurity/interceptDeploymentGroup:InterceptDeploymentGroup default {{project}}/{{location}}/{{intercept_deployment_group_id}} ```

```sh $ pulumi import gcp:networksecurity/interceptDeploymentGroup:InterceptDeploymentGroup default {{location}}/{{intercept_deployment_group_id}} ```

func GetInterceptDeploymentGroup added in v8.12.0

func GetInterceptDeploymentGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InterceptDeploymentGroupState, opts ...pulumi.ResourceOption) (*InterceptDeploymentGroup, error)

GetInterceptDeploymentGroup gets an existing InterceptDeploymentGroup resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInterceptDeploymentGroup added in v8.12.0

func NewInterceptDeploymentGroup(ctx *pulumi.Context,
	name string, args *InterceptDeploymentGroupArgs, opts ...pulumi.ResourceOption) (*InterceptDeploymentGroup, error)

NewInterceptDeploymentGroup registers a new resource with the given unique name, arguments, and options.

func (*InterceptDeploymentGroup) ElementType added in v8.12.0

func (*InterceptDeploymentGroup) ElementType() reflect.Type

func (*InterceptDeploymentGroup) ToInterceptDeploymentGroupOutput added in v8.12.0

func (i *InterceptDeploymentGroup) ToInterceptDeploymentGroupOutput() InterceptDeploymentGroupOutput

func (*InterceptDeploymentGroup) ToInterceptDeploymentGroupOutputWithContext added in v8.12.0

func (i *InterceptDeploymentGroup) ToInterceptDeploymentGroupOutputWithContext(ctx context.Context) InterceptDeploymentGroupOutput

type InterceptDeploymentGroupArgs added in v8.12.0

type InterceptDeploymentGroupArgs struct {
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// interceptDeploymentGroupId from the methodSignature of Create RPC
	//
	// ***
	InterceptDeploymentGroupId pulumi.StringInput
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/InterceptDeploymentGroup`.
	Location pulumi.StringInput
	// Required. Immutable. The network that is being used for the deployment. Format is:
	// projects/{project}/global/networks/{network}.
	Network pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a InterceptDeploymentGroup resource.

func (InterceptDeploymentGroupArgs) ElementType added in v8.12.0

type InterceptDeploymentGroupArray added in v8.12.0

type InterceptDeploymentGroupArray []InterceptDeploymentGroupInput

func (InterceptDeploymentGroupArray) ElementType added in v8.12.0

func (InterceptDeploymentGroupArray) ToInterceptDeploymentGroupArrayOutput added in v8.12.0

func (i InterceptDeploymentGroupArray) ToInterceptDeploymentGroupArrayOutput() InterceptDeploymentGroupArrayOutput

func (InterceptDeploymentGroupArray) ToInterceptDeploymentGroupArrayOutputWithContext added in v8.12.0

func (i InterceptDeploymentGroupArray) ToInterceptDeploymentGroupArrayOutputWithContext(ctx context.Context) InterceptDeploymentGroupArrayOutput

type InterceptDeploymentGroupArrayInput added in v8.12.0

type InterceptDeploymentGroupArrayInput interface {
	pulumi.Input

	ToInterceptDeploymentGroupArrayOutput() InterceptDeploymentGroupArrayOutput
	ToInterceptDeploymentGroupArrayOutputWithContext(context.Context) InterceptDeploymentGroupArrayOutput
}

InterceptDeploymentGroupArrayInput is an input type that accepts InterceptDeploymentGroupArray and InterceptDeploymentGroupArrayOutput values. You can construct a concrete instance of `InterceptDeploymentGroupArrayInput` via:

InterceptDeploymentGroupArray{ InterceptDeploymentGroupArgs{...} }

type InterceptDeploymentGroupArrayOutput added in v8.12.0

type InterceptDeploymentGroupArrayOutput struct{ *pulumi.OutputState }

func (InterceptDeploymentGroupArrayOutput) ElementType added in v8.12.0

func (InterceptDeploymentGroupArrayOutput) Index added in v8.12.0

func (InterceptDeploymentGroupArrayOutput) ToInterceptDeploymentGroupArrayOutput added in v8.12.0

func (o InterceptDeploymentGroupArrayOutput) ToInterceptDeploymentGroupArrayOutput() InterceptDeploymentGroupArrayOutput

func (InterceptDeploymentGroupArrayOutput) ToInterceptDeploymentGroupArrayOutputWithContext added in v8.12.0

func (o InterceptDeploymentGroupArrayOutput) ToInterceptDeploymentGroupArrayOutputWithContext(ctx context.Context) InterceptDeploymentGroupArrayOutput

type InterceptDeploymentGroupConnectedEndpointGroup added in v8.12.0

type InterceptDeploymentGroupConnectedEndpointGroup struct {
	// (Output)
	// Output only. A connected intercept endpoint group.
	Name *string `pulumi:"name"`
}

type InterceptDeploymentGroupConnectedEndpointGroupArgs added in v8.12.0

type InterceptDeploymentGroupConnectedEndpointGroupArgs struct {
	// (Output)
	// Output only. A connected intercept endpoint group.
	Name pulumi.StringPtrInput `pulumi:"name"`
}

func (InterceptDeploymentGroupConnectedEndpointGroupArgs) ElementType added in v8.12.0

func (InterceptDeploymentGroupConnectedEndpointGroupArgs) ToInterceptDeploymentGroupConnectedEndpointGroupOutput added in v8.12.0

func (i InterceptDeploymentGroupConnectedEndpointGroupArgs) ToInterceptDeploymentGroupConnectedEndpointGroupOutput() InterceptDeploymentGroupConnectedEndpointGroupOutput

func (InterceptDeploymentGroupConnectedEndpointGroupArgs) ToInterceptDeploymentGroupConnectedEndpointGroupOutputWithContext added in v8.12.0

func (i InterceptDeploymentGroupConnectedEndpointGroupArgs) ToInterceptDeploymentGroupConnectedEndpointGroupOutputWithContext(ctx context.Context) InterceptDeploymentGroupConnectedEndpointGroupOutput

type InterceptDeploymentGroupConnectedEndpointGroupArray added in v8.12.0

type InterceptDeploymentGroupConnectedEndpointGroupArray []InterceptDeploymentGroupConnectedEndpointGroupInput

func (InterceptDeploymentGroupConnectedEndpointGroupArray) ElementType added in v8.12.0

func (InterceptDeploymentGroupConnectedEndpointGroupArray) ToInterceptDeploymentGroupConnectedEndpointGroupArrayOutput added in v8.12.0

func (i InterceptDeploymentGroupConnectedEndpointGroupArray) ToInterceptDeploymentGroupConnectedEndpointGroupArrayOutput() InterceptDeploymentGroupConnectedEndpointGroupArrayOutput

func (InterceptDeploymentGroupConnectedEndpointGroupArray) ToInterceptDeploymentGroupConnectedEndpointGroupArrayOutputWithContext added in v8.12.0

func (i InterceptDeploymentGroupConnectedEndpointGroupArray) ToInterceptDeploymentGroupConnectedEndpointGroupArrayOutputWithContext(ctx context.Context) InterceptDeploymentGroupConnectedEndpointGroupArrayOutput

type InterceptDeploymentGroupConnectedEndpointGroupArrayInput added in v8.12.0

type InterceptDeploymentGroupConnectedEndpointGroupArrayInput interface {
	pulumi.Input

	ToInterceptDeploymentGroupConnectedEndpointGroupArrayOutput() InterceptDeploymentGroupConnectedEndpointGroupArrayOutput
	ToInterceptDeploymentGroupConnectedEndpointGroupArrayOutputWithContext(context.Context) InterceptDeploymentGroupConnectedEndpointGroupArrayOutput
}

InterceptDeploymentGroupConnectedEndpointGroupArrayInput is an input type that accepts InterceptDeploymentGroupConnectedEndpointGroupArray and InterceptDeploymentGroupConnectedEndpointGroupArrayOutput values. You can construct a concrete instance of `InterceptDeploymentGroupConnectedEndpointGroupArrayInput` via:

InterceptDeploymentGroupConnectedEndpointGroupArray{ InterceptDeploymentGroupConnectedEndpointGroupArgs{...} }

type InterceptDeploymentGroupConnectedEndpointGroupArrayOutput added in v8.12.0

type InterceptDeploymentGroupConnectedEndpointGroupArrayOutput struct{ *pulumi.OutputState }

func (InterceptDeploymentGroupConnectedEndpointGroupArrayOutput) ElementType added in v8.12.0

func (InterceptDeploymentGroupConnectedEndpointGroupArrayOutput) Index added in v8.12.0

func (InterceptDeploymentGroupConnectedEndpointGroupArrayOutput) ToInterceptDeploymentGroupConnectedEndpointGroupArrayOutput added in v8.12.0

func (InterceptDeploymentGroupConnectedEndpointGroupArrayOutput) ToInterceptDeploymentGroupConnectedEndpointGroupArrayOutputWithContext added in v8.12.0

func (o InterceptDeploymentGroupConnectedEndpointGroupArrayOutput) ToInterceptDeploymentGroupConnectedEndpointGroupArrayOutputWithContext(ctx context.Context) InterceptDeploymentGroupConnectedEndpointGroupArrayOutput

type InterceptDeploymentGroupConnectedEndpointGroupInput added in v8.12.0

type InterceptDeploymentGroupConnectedEndpointGroupInput interface {
	pulumi.Input

	ToInterceptDeploymentGroupConnectedEndpointGroupOutput() InterceptDeploymentGroupConnectedEndpointGroupOutput
	ToInterceptDeploymentGroupConnectedEndpointGroupOutputWithContext(context.Context) InterceptDeploymentGroupConnectedEndpointGroupOutput
}

InterceptDeploymentGroupConnectedEndpointGroupInput is an input type that accepts InterceptDeploymentGroupConnectedEndpointGroupArgs and InterceptDeploymentGroupConnectedEndpointGroupOutput values. You can construct a concrete instance of `InterceptDeploymentGroupConnectedEndpointGroupInput` via:

InterceptDeploymentGroupConnectedEndpointGroupArgs{...}

type InterceptDeploymentGroupConnectedEndpointGroupOutput added in v8.12.0

type InterceptDeploymentGroupConnectedEndpointGroupOutput struct{ *pulumi.OutputState }

func (InterceptDeploymentGroupConnectedEndpointGroupOutput) ElementType added in v8.12.0

func (InterceptDeploymentGroupConnectedEndpointGroupOutput) Name added in v8.12.0

(Output) Output only. A connected intercept endpoint group.

func (InterceptDeploymentGroupConnectedEndpointGroupOutput) ToInterceptDeploymentGroupConnectedEndpointGroupOutput added in v8.12.0

func (InterceptDeploymentGroupConnectedEndpointGroupOutput) ToInterceptDeploymentGroupConnectedEndpointGroupOutputWithContext added in v8.12.0

func (o InterceptDeploymentGroupConnectedEndpointGroupOutput) ToInterceptDeploymentGroupConnectedEndpointGroupOutputWithContext(ctx context.Context) InterceptDeploymentGroupConnectedEndpointGroupOutput

type InterceptDeploymentGroupInput added in v8.12.0

type InterceptDeploymentGroupInput interface {
	pulumi.Input

	ToInterceptDeploymentGroupOutput() InterceptDeploymentGroupOutput
	ToInterceptDeploymentGroupOutputWithContext(ctx context.Context) InterceptDeploymentGroupOutput
}

type InterceptDeploymentGroupMap added in v8.12.0

type InterceptDeploymentGroupMap map[string]InterceptDeploymentGroupInput

func (InterceptDeploymentGroupMap) ElementType added in v8.12.0

func (InterceptDeploymentGroupMap) ToInterceptDeploymentGroupMapOutput added in v8.12.0

func (i InterceptDeploymentGroupMap) ToInterceptDeploymentGroupMapOutput() InterceptDeploymentGroupMapOutput

func (InterceptDeploymentGroupMap) ToInterceptDeploymentGroupMapOutputWithContext added in v8.12.0

func (i InterceptDeploymentGroupMap) ToInterceptDeploymentGroupMapOutputWithContext(ctx context.Context) InterceptDeploymentGroupMapOutput

type InterceptDeploymentGroupMapInput added in v8.12.0

type InterceptDeploymentGroupMapInput interface {
	pulumi.Input

	ToInterceptDeploymentGroupMapOutput() InterceptDeploymentGroupMapOutput
	ToInterceptDeploymentGroupMapOutputWithContext(context.Context) InterceptDeploymentGroupMapOutput
}

InterceptDeploymentGroupMapInput is an input type that accepts InterceptDeploymentGroupMap and InterceptDeploymentGroupMapOutput values. You can construct a concrete instance of `InterceptDeploymentGroupMapInput` via:

InterceptDeploymentGroupMap{ "key": InterceptDeploymentGroupArgs{...} }

type InterceptDeploymentGroupMapOutput added in v8.12.0

type InterceptDeploymentGroupMapOutput struct{ *pulumi.OutputState }

func (InterceptDeploymentGroupMapOutput) ElementType added in v8.12.0

func (InterceptDeploymentGroupMapOutput) MapIndex added in v8.12.0

func (InterceptDeploymentGroupMapOutput) ToInterceptDeploymentGroupMapOutput added in v8.12.0

func (o InterceptDeploymentGroupMapOutput) ToInterceptDeploymentGroupMapOutput() InterceptDeploymentGroupMapOutput

func (InterceptDeploymentGroupMapOutput) ToInterceptDeploymentGroupMapOutputWithContext added in v8.12.0

func (o InterceptDeploymentGroupMapOutput) ToInterceptDeploymentGroupMapOutputWithContext(ctx context.Context) InterceptDeploymentGroupMapOutput

type InterceptDeploymentGroupOutput added in v8.12.0

type InterceptDeploymentGroupOutput struct{ *pulumi.OutputState }

func (InterceptDeploymentGroupOutput) ConnectedEndpointGroups added in v8.12.0

Output only. The list of Intercept Endpoint Groups that are connected to this resource. Structure is documented below.

func (InterceptDeploymentGroupOutput) CreateTime added in v8.12.0

Output only. [Output only] Create time stamp

func (InterceptDeploymentGroupOutput) EffectiveLabels added in v8.12.0

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (InterceptDeploymentGroupOutput) ElementType added in v8.12.0

func (InterceptDeploymentGroupOutput) InterceptDeploymentGroupId added in v8.12.0

func (o InterceptDeploymentGroupOutput) InterceptDeploymentGroupId() pulumi.StringOutput

Required. Id of the requesting object If auto-generating Id server-side, remove this field and interceptDeploymentGroupId from the methodSignature of Create RPC

***

func (InterceptDeploymentGroupOutput) Labels added in v8.12.0

Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (InterceptDeploymentGroupOutput) Location added in v8.12.0

Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/InterceptDeploymentGroup`.

func (InterceptDeploymentGroupOutput) Name added in v8.12.0

(Output) Output only. A connected intercept endpoint group.

func (InterceptDeploymentGroupOutput) Network added in v8.12.0

Required. Immutable. The network that is being used for the deployment. Format is: projects/{project}/global/networks/{network}.

func (InterceptDeploymentGroupOutput) Project added in v8.12.0

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (InterceptDeploymentGroupOutput) PulumiLabels added in v8.12.0

The combination of labels configured directly on the resource and default labels configured on the provider.

func (InterceptDeploymentGroupOutput) Reconciling added in v8.12.0

Output only. Whether reconciling is in progress, recommended per https://google.aip.dev/128.

func (InterceptDeploymentGroupOutput) State added in v8.12.0

Output only. Current state of the deployment group. Possible values: STATE_UNSPECIFIED ACTIVE CREATING DELETING

func (InterceptDeploymentGroupOutput) ToInterceptDeploymentGroupOutput added in v8.12.0

func (o InterceptDeploymentGroupOutput) ToInterceptDeploymentGroupOutput() InterceptDeploymentGroupOutput

func (InterceptDeploymentGroupOutput) ToInterceptDeploymentGroupOutputWithContext added in v8.12.0

func (o InterceptDeploymentGroupOutput) ToInterceptDeploymentGroupOutputWithContext(ctx context.Context) InterceptDeploymentGroupOutput

func (InterceptDeploymentGroupOutput) UpdateTime added in v8.12.0

Output only. [Output only] Update time stamp

type InterceptDeploymentGroupState added in v8.12.0

type InterceptDeploymentGroupState struct {
	// Output only. The list of Intercept Endpoint Groups that are connected to this resource.
	// Structure is documented below.
	ConnectedEndpointGroups InterceptDeploymentGroupConnectedEndpointGroupArrayInput
	// Output only. [Output only] Create time stamp
	CreateTime pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// interceptDeploymentGroupId from the methodSignature of Create RPC
	//
	// ***
	InterceptDeploymentGroupId pulumi.StringPtrInput
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/InterceptDeploymentGroup`.
	Location pulumi.StringPtrInput
	// (Output)
	// Output only. A connected intercept endpoint group.
	Name pulumi.StringPtrInput
	// Required. Immutable. The network that is being used for the deployment. Format is:
	// projects/{project}/global/networks/{network}.
	Network pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Output only. Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolPtrInput
	// Output only. Current state of the deployment group.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CREATING
	// DELETING
	State pulumi.StringPtrInput
	// Output only. [Output only] Update time stamp
	UpdateTime pulumi.StringPtrInput
}

func (InterceptDeploymentGroupState) ElementType added in v8.12.0

type InterceptDeploymentInput added in v8.12.0

type InterceptDeploymentInput interface {
	pulumi.Input

	ToInterceptDeploymentOutput() InterceptDeploymentOutput
	ToInterceptDeploymentOutputWithContext(ctx context.Context) InterceptDeploymentOutput
}

type InterceptDeploymentMap added in v8.12.0

type InterceptDeploymentMap map[string]InterceptDeploymentInput

func (InterceptDeploymentMap) ElementType added in v8.12.0

func (InterceptDeploymentMap) ElementType() reflect.Type

func (InterceptDeploymentMap) ToInterceptDeploymentMapOutput added in v8.12.0

func (i InterceptDeploymentMap) ToInterceptDeploymentMapOutput() InterceptDeploymentMapOutput

func (InterceptDeploymentMap) ToInterceptDeploymentMapOutputWithContext added in v8.12.0

func (i InterceptDeploymentMap) ToInterceptDeploymentMapOutputWithContext(ctx context.Context) InterceptDeploymentMapOutput

type InterceptDeploymentMapInput added in v8.12.0

type InterceptDeploymentMapInput interface {
	pulumi.Input

	ToInterceptDeploymentMapOutput() InterceptDeploymentMapOutput
	ToInterceptDeploymentMapOutputWithContext(context.Context) InterceptDeploymentMapOutput
}

InterceptDeploymentMapInput is an input type that accepts InterceptDeploymentMap and InterceptDeploymentMapOutput values. You can construct a concrete instance of `InterceptDeploymentMapInput` via:

InterceptDeploymentMap{ "key": InterceptDeploymentArgs{...} }

type InterceptDeploymentMapOutput added in v8.12.0

type InterceptDeploymentMapOutput struct{ *pulumi.OutputState }

func (InterceptDeploymentMapOutput) ElementType added in v8.12.0

func (InterceptDeploymentMapOutput) MapIndex added in v8.12.0

func (InterceptDeploymentMapOutput) ToInterceptDeploymentMapOutput added in v8.12.0

func (o InterceptDeploymentMapOutput) ToInterceptDeploymentMapOutput() InterceptDeploymentMapOutput

func (InterceptDeploymentMapOutput) ToInterceptDeploymentMapOutputWithContext added in v8.12.0

func (o InterceptDeploymentMapOutput) ToInterceptDeploymentMapOutputWithContext(ctx context.Context) InterceptDeploymentMapOutput

type InterceptDeploymentOutput added in v8.12.0

type InterceptDeploymentOutput struct{ *pulumi.OutputState }

func (InterceptDeploymentOutput) CreateTime added in v8.12.0

Create time stamp

func (InterceptDeploymentOutput) EffectiveLabels added in v8.12.0

func (o InterceptDeploymentOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (InterceptDeploymentOutput) ElementType added in v8.12.0

func (InterceptDeploymentOutput) ElementType() reflect.Type

func (InterceptDeploymentOutput) ForwardingRule added in v8.12.0

func (o InterceptDeploymentOutput) ForwardingRule() pulumi.StringOutput

Immutable. The regional load balancer which the intercepted traffic should be forwarded to. Format is: projects/{project}/regions/{region}/forwardingRules/{forwardingRule}

func (InterceptDeploymentOutput) InterceptDeploymentGroup added in v8.12.0

func (o InterceptDeploymentOutput) InterceptDeploymentGroup() pulumi.StringOutput

Immutable. The Intercept Deployment Group that this resource is part of. Format is: `projects/{project}/locations/global/interceptDeploymentGroups/{interceptDeploymentGroup}`

func (InterceptDeploymentOutput) InterceptDeploymentId added in v8.12.0

func (o InterceptDeploymentOutput) InterceptDeploymentId() pulumi.StringOutput

Id of the requesting object If auto-generating Id server-side, remove this field and interceptDeploymentId from the methodSignature of Create RPC

***

func (InterceptDeploymentOutput) Labels added in v8.12.0

Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (InterceptDeploymentOutput) Location added in v8.12.0

Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/InterceptDeployment`.

func (InterceptDeploymentOutput) Name added in v8.12.0

Identifier. The name of the InterceptDeployment.

func (InterceptDeploymentOutput) Project added in v8.12.0

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (InterceptDeploymentOutput) PulumiLabels added in v8.12.0

The combination of labels configured directly on the resource and default labels configured on the provider.

func (InterceptDeploymentOutput) Reconciling added in v8.12.0

Whether reconciling is in progress, recommended per https://google.aip.dev/128.

func (InterceptDeploymentOutput) State added in v8.12.0

Current state of the deployment. Possible values: STATE_UNSPECIFIED ACTIVE CREATING DELETING OUT_OF_SYNC DELETE_FAILED

func (InterceptDeploymentOutput) ToInterceptDeploymentOutput added in v8.12.0

func (o InterceptDeploymentOutput) ToInterceptDeploymentOutput() InterceptDeploymentOutput

func (InterceptDeploymentOutput) ToInterceptDeploymentOutputWithContext added in v8.12.0

func (o InterceptDeploymentOutput) ToInterceptDeploymentOutputWithContext(ctx context.Context) InterceptDeploymentOutput

func (InterceptDeploymentOutput) UpdateTime added in v8.12.0

Update time stamp

type InterceptDeploymentState added in v8.12.0

type InterceptDeploymentState struct {
	// Create time stamp
	CreateTime pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Immutable. The regional load balancer which the intercepted traffic should be forwarded
	// to. Format is:
	// projects/{project}/regions/{region}/forwardingRules/{forwardingRule}
	ForwardingRule pulumi.StringPtrInput
	// Immutable. The Intercept Deployment Group that this resource is part of. Format is:
	// `projects/{project}/locations/global/interceptDeploymentGroups/{interceptDeploymentGroup}`
	InterceptDeploymentGroup pulumi.StringPtrInput
	// Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// interceptDeploymentId from the methodSignature of Create RPC
	//
	// ***
	InterceptDeploymentId pulumi.StringPtrInput
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/InterceptDeployment`.
	Location pulumi.StringPtrInput
	// Identifier. The name of the InterceptDeployment.
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolPtrInput
	// Current state of the deployment.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CREATING
	// DELETING
	// OUT_OF_SYNC
	// DELETE_FAILED
	State pulumi.StringPtrInput
	// Update time stamp
	UpdateTime pulumi.StringPtrInput
}

func (InterceptDeploymentState) ElementType added in v8.12.0

func (InterceptDeploymentState) ElementType() reflect.Type

type InterceptEndpointGroup added in v8.13.0

type InterceptEndpointGroup struct {
	pulumi.CustomResourceState

	// Create time stamp.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Immutable. The Intercept Deployment Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/interceptDeploymentGroups/{interceptDeploymentGroup}`
	InterceptDeploymentGroup pulumi.StringOutput `pulumi:"interceptDeploymentGroup"`
	// ID of the Intercept Endpoint Group.
	//
	// ***
	InterceptEndpointGroupId pulumi.StringOutput `pulumi:"interceptEndpointGroupId"`
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the Intercept Endpoint Group, currently restricted to `global`.
	Location pulumi.StringOutput `pulumi:"location"`
	// Identifier. The name of the Intercept Endpoint Group.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// Current state of the endpoint group.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CLOSED
	// CREATING
	// DELETING
	// OUT_OF_SYNC
	State pulumi.StringOutput `pulumi:"state"`
	// Update time stamp.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Intercept Endpoint Group Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{
			Name:                  pulumi.String("example-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		deploymentGroup, err := networksecurity.NewInterceptDeploymentGroup(ctx, "deployment_group", &networksecurity.InterceptDeploymentGroupArgs{
			InterceptDeploymentGroupId: pulumi.String("example-dg"),
			Location:                   pulumi.String("global"),
			Network:                    network.ID(),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewInterceptEndpointGroup(ctx, "default", &networksecurity.InterceptEndpointGroupArgs{
			InterceptEndpointGroupId: pulumi.String("example-eg"),
			Location:                 pulumi.String("global"),
			InterceptDeploymentGroup: deploymentGroup.ID(),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

InterceptEndpointGroup can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/interceptEndpointGroups/{{intercept_endpoint_group_id}}`

* `{{project}}/{{location}}/{{intercept_endpoint_group_id}}`

* `{{location}}/{{intercept_endpoint_group_id}}`

When using the `pulumi import` command, InterceptEndpointGroup can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/interceptEndpointGroup:InterceptEndpointGroup default projects/{{project}}/locations/{{location}}/interceptEndpointGroups/{{intercept_endpoint_group_id}} ```

```sh $ pulumi import gcp:networksecurity/interceptEndpointGroup:InterceptEndpointGroup default {{project}}/{{location}}/{{intercept_endpoint_group_id}} ```

```sh $ pulumi import gcp:networksecurity/interceptEndpointGroup:InterceptEndpointGroup default {{location}}/{{intercept_endpoint_group_id}} ```

func GetInterceptEndpointGroup added in v8.13.0

func GetInterceptEndpointGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InterceptEndpointGroupState, opts ...pulumi.ResourceOption) (*InterceptEndpointGroup, error)

GetInterceptEndpointGroup gets an existing InterceptEndpointGroup resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInterceptEndpointGroup added in v8.13.0

func NewInterceptEndpointGroup(ctx *pulumi.Context,
	name string, args *InterceptEndpointGroupArgs, opts ...pulumi.ResourceOption) (*InterceptEndpointGroup, error)

NewInterceptEndpointGroup registers a new resource with the given unique name, arguments, and options.

func (*InterceptEndpointGroup) ElementType added in v8.13.0

func (*InterceptEndpointGroup) ElementType() reflect.Type

func (*InterceptEndpointGroup) ToInterceptEndpointGroupOutput added in v8.13.0

func (i *InterceptEndpointGroup) ToInterceptEndpointGroupOutput() InterceptEndpointGroupOutput

func (*InterceptEndpointGroup) ToInterceptEndpointGroupOutputWithContext added in v8.13.0

func (i *InterceptEndpointGroup) ToInterceptEndpointGroupOutputWithContext(ctx context.Context) InterceptEndpointGroupOutput

type InterceptEndpointGroupArgs added in v8.13.0

type InterceptEndpointGroupArgs struct {
	// Immutable. The Intercept Deployment Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/interceptDeploymentGroups/{interceptDeploymentGroup}`
	InterceptDeploymentGroup pulumi.StringInput
	// ID of the Intercept Endpoint Group.
	//
	// ***
	InterceptEndpointGroupId pulumi.StringInput
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the Intercept Endpoint Group, currently restricted to `global`.
	Location pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a InterceptEndpointGroup resource.

func (InterceptEndpointGroupArgs) ElementType added in v8.13.0

func (InterceptEndpointGroupArgs) ElementType() reflect.Type

type InterceptEndpointGroupArray added in v8.13.0

type InterceptEndpointGroupArray []InterceptEndpointGroupInput

func (InterceptEndpointGroupArray) ElementType added in v8.13.0

func (InterceptEndpointGroupArray) ToInterceptEndpointGroupArrayOutput added in v8.13.0

func (i InterceptEndpointGroupArray) ToInterceptEndpointGroupArrayOutput() InterceptEndpointGroupArrayOutput

func (InterceptEndpointGroupArray) ToInterceptEndpointGroupArrayOutputWithContext added in v8.13.0

func (i InterceptEndpointGroupArray) ToInterceptEndpointGroupArrayOutputWithContext(ctx context.Context) InterceptEndpointGroupArrayOutput

type InterceptEndpointGroupArrayInput added in v8.13.0

type InterceptEndpointGroupArrayInput interface {
	pulumi.Input

	ToInterceptEndpointGroupArrayOutput() InterceptEndpointGroupArrayOutput
	ToInterceptEndpointGroupArrayOutputWithContext(context.Context) InterceptEndpointGroupArrayOutput
}

InterceptEndpointGroupArrayInput is an input type that accepts InterceptEndpointGroupArray and InterceptEndpointGroupArrayOutput values. You can construct a concrete instance of `InterceptEndpointGroupArrayInput` via:

InterceptEndpointGroupArray{ InterceptEndpointGroupArgs{...} }

type InterceptEndpointGroupArrayOutput added in v8.13.0

type InterceptEndpointGroupArrayOutput struct{ *pulumi.OutputState }

func (InterceptEndpointGroupArrayOutput) ElementType added in v8.13.0

func (InterceptEndpointGroupArrayOutput) Index added in v8.13.0

func (InterceptEndpointGroupArrayOutput) ToInterceptEndpointGroupArrayOutput added in v8.13.0

func (o InterceptEndpointGroupArrayOutput) ToInterceptEndpointGroupArrayOutput() InterceptEndpointGroupArrayOutput

func (InterceptEndpointGroupArrayOutput) ToInterceptEndpointGroupArrayOutputWithContext added in v8.13.0

func (o InterceptEndpointGroupArrayOutput) ToInterceptEndpointGroupArrayOutputWithContext(ctx context.Context) InterceptEndpointGroupArrayOutput

type InterceptEndpointGroupAssociation added in v8.13.0

type InterceptEndpointGroupAssociation struct {
	pulumi.CustomResourceState

	// Create time stamp.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Immutable. The Intercept Endpoint Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/interceptEndpointGroups/{interceptEndpointGroup}`.
	InterceptEndpointGroup pulumi.StringOutput `pulumi:"interceptEndpointGroup"`
	// ID of the Intercept Endpoint Group Association.
	InterceptEndpointGroupAssociationId pulumi.StringPtrOutput `pulumi:"interceptEndpointGroupAssociationId"`
	// Optional. Labels as key value pairs.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the Intercept Endpoint Group Association, currently restricted to `global`.
	//
	// ***
	Location pulumi.StringOutput `pulumi:"location"`
	// The list of locations that are currently supported by the associated Intercept Deployment Group and their state.
	// Structure is documented below.
	LocationsDetails InterceptEndpointGroupAssociationLocationsDetailArrayOutput `pulumi:"locationsDetails"`
	// Identifier. The name of the Intercept Endpoint Group Association.
	Name pulumi.StringOutput `pulumi:"name"`
	// Immutable. The VPC network associated. Format:
	// `projects/{project}/global/networks/{network}`.
	Network pulumi.StringOutput `pulumi:"network"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Whether reconciling is in progress.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// (Output)
	// The association state in this location.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// OUT_OF_SYNC
	State pulumi.StringOutput `pulumi:"state"`
	// Update time stamp.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Intercept Endpoint Group Association Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		producerNetwork, err := compute.NewNetwork(ctx, "producer_network", &compute.NetworkArgs{
			Name:                  pulumi.String("example-prod-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		consumerNetwork, err := compute.NewNetwork(ctx, "consumer_network", &compute.NetworkArgs{
			Name:                  pulumi.String("example-cons-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		deploymentGroup, err := networksecurity.NewInterceptDeploymentGroup(ctx, "deployment_group", &networksecurity.InterceptDeploymentGroupArgs{
			InterceptDeploymentGroupId: pulumi.String("example-dg"),
			Location:                   pulumi.String("global"),
			Network:                    producerNetwork.ID(),
		})
		if err != nil {
			return err
		}
		endpointGroup, err := networksecurity.NewInterceptEndpointGroup(ctx, "endpoint_group", &networksecurity.InterceptEndpointGroupArgs{
			InterceptEndpointGroupId: pulumi.String("example-eg"),
			Location:                 pulumi.String("global"),
			InterceptDeploymentGroup: deploymentGroup.ID(),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewInterceptEndpointGroupAssociation(ctx, "default", &networksecurity.InterceptEndpointGroupAssociationArgs{
			InterceptEndpointGroupAssociationId: pulumi.String("example-ega"),
			Location:                            pulumi.String("global"),
			Network:                             consumerNetwork.ID(),
			InterceptEndpointGroup:              endpointGroup.ID(),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

InterceptEndpointGroupAssociation can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/interceptEndpointGroupAssociations/{{intercept_endpoint_group_association_id}}`

* `{{project}}/{{location}}/{{intercept_endpoint_group_association_id}}`

* `{{location}}/{{intercept_endpoint_group_association_id}}`

When using the `pulumi import` command, InterceptEndpointGroupAssociation can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/interceptEndpointGroupAssociation:InterceptEndpointGroupAssociation default projects/{{project}}/locations/{{location}}/interceptEndpointGroupAssociations/{{intercept_endpoint_group_association_id}} ```

```sh $ pulumi import gcp:networksecurity/interceptEndpointGroupAssociation:InterceptEndpointGroupAssociation default {{project}}/{{location}}/{{intercept_endpoint_group_association_id}} ```

```sh $ pulumi import gcp:networksecurity/interceptEndpointGroupAssociation:InterceptEndpointGroupAssociation default {{location}}/{{intercept_endpoint_group_association_id}} ```

func GetInterceptEndpointGroupAssociation added in v8.13.0

func GetInterceptEndpointGroupAssociation(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InterceptEndpointGroupAssociationState, opts ...pulumi.ResourceOption) (*InterceptEndpointGroupAssociation, error)

GetInterceptEndpointGroupAssociation gets an existing InterceptEndpointGroupAssociation resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInterceptEndpointGroupAssociation added in v8.13.0

func NewInterceptEndpointGroupAssociation(ctx *pulumi.Context,
	name string, args *InterceptEndpointGroupAssociationArgs, opts ...pulumi.ResourceOption) (*InterceptEndpointGroupAssociation, error)

NewInterceptEndpointGroupAssociation registers a new resource with the given unique name, arguments, and options.

func (*InterceptEndpointGroupAssociation) ElementType added in v8.13.0

func (*InterceptEndpointGroupAssociation) ToInterceptEndpointGroupAssociationOutput added in v8.13.0

func (i *InterceptEndpointGroupAssociation) ToInterceptEndpointGroupAssociationOutput() InterceptEndpointGroupAssociationOutput

func (*InterceptEndpointGroupAssociation) ToInterceptEndpointGroupAssociationOutputWithContext added in v8.13.0

func (i *InterceptEndpointGroupAssociation) ToInterceptEndpointGroupAssociationOutputWithContext(ctx context.Context) InterceptEndpointGroupAssociationOutput

type InterceptEndpointGroupAssociationArgs added in v8.13.0

type InterceptEndpointGroupAssociationArgs struct {
	// Immutable. The Intercept Endpoint Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/interceptEndpointGroups/{interceptEndpointGroup}`.
	InterceptEndpointGroup pulumi.StringInput
	// ID of the Intercept Endpoint Group Association.
	InterceptEndpointGroupAssociationId pulumi.StringPtrInput
	// Optional. Labels as key value pairs.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the Intercept Endpoint Group Association, currently restricted to `global`.
	//
	// ***
	Location pulumi.StringInput
	// Immutable. The VPC network associated. Format:
	// `projects/{project}/global/networks/{network}`.
	Network pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a InterceptEndpointGroupAssociation resource.

func (InterceptEndpointGroupAssociationArgs) ElementType added in v8.13.0

type InterceptEndpointGroupAssociationArray added in v8.13.0

type InterceptEndpointGroupAssociationArray []InterceptEndpointGroupAssociationInput

func (InterceptEndpointGroupAssociationArray) ElementType added in v8.13.0

func (InterceptEndpointGroupAssociationArray) ToInterceptEndpointGroupAssociationArrayOutput added in v8.13.0

func (i InterceptEndpointGroupAssociationArray) ToInterceptEndpointGroupAssociationArrayOutput() InterceptEndpointGroupAssociationArrayOutput

func (InterceptEndpointGroupAssociationArray) ToInterceptEndpointGroupAssociationArrayOutputWithContext added in v8.13.0

func (i InterceptEndpointGroupAssociationArray) ToInterceptEndpointGroupAssociationArrayOutputWithContext(ctx context.Context) InterceptEndpointGroupAssociationArrayOutput

type InterceptEndpointGroupAssociationArrayInput added in v8.13.0

type InterceptEndpointGroupAssociationArrayInput interface {
	pulumi.Input

	ToInterceptEndpointGroupAssociationArrayOutput() InterceptEndpointGroupAssociationArrayOutput
	ToInterceptEndpointGroupAssociationArrayOutputWithContext(context.Context) InterceptEndpointGroupAssociationArrayOutput
}

InterceptEndpointGroupAssociationArrayInput is an input type that accepts InterceptEndpointGroupAssociationArray and InterceptEndpointGroupAssociationArrayOutput values. You can construct a concrete instance of `InterceptEndpointGroupAssociationArrayInput` via:

InterceptEndpointGroupAssociationArray{ InterceptEndpointGroupAssociationArgs{...} }

type InterceptEndpointGroupAssociationArrayOutput added in v8.13.0

type InterceptEndpointGroupAssociationArrayOutput struct{ *pulumi.OutputState }

func (InterceptEndpointGroupAssociationArrayOutput) ElementType added in v8.13.0

func (InterceptEndpointGroupAssociationArrayOutput) Index added in v8.13.0

func (InterceptEndpointGroupAssociationArrayOutput) ToInterceptEndpointGroupAssociationArrayOutput added in v8.13.0

func (o InterceptEndpointGroupAssociationArrayOutput) ToInterceptEndpointGroupAssociationArrayOutput() InterceptEndpointGroupAssociationArrayOutput

func (InterceptEndpointGroupAssociationArrayOutput) ToInterceptEndpointGroupAssociationArrayOutputWithContext added in v8.13.0

func (o InterceptEndpointGroupAssociationArrayOutput) ToInterceptEndpointGroupAssociationArrayOutputWithContext(ctx context.Context) InterceptEndpointGroupAssociationArrayOutput

type InterceptEndpointGroupAssociationInput added in v8.13.0

type InterceptEndpointGroupAssociationInput interface {
	pulumi.Input

	ToInterceptEndpointGroupAssociationOutput() InterceptEndpointGroupAssociationOutput
	ToInterceptEndpointGroupAssociationOutputWithContext(ctx context.Context) InterceptEndpointGroupAssociationOutput
}

type InterceptEndpointGroupAssociationLocationsDetail added in v8.13.0

type InterceptEndpointGroupAssociationLocationsDetail struct {
	// The location of the Intercept Endpoint Group Association, currently restricted to `global`.
	//
	// ***
	Location *string `pulumi:"location"`
	// (Output)
	// The association state in this location.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// OUT_OF_SYNC
	State *string `pulumi:"state"`
}

type InterceptEndpointGroupAssociationLocationsDetailArgs added in v8.13.0

type InterceptEndpointGroupAssociationLocationsDetailArgs struct {
	// The location of the Intercept Endpoint Group Association, currently restricted to `global`.
	//
	// ***
	Location pulumi.StringPtrInput `pulumi:"location"`
	// (Output)
	// The association state in this location.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// OUT_OF_SYNC
	State pulumi.StringPtrInput `pulumi:"state"`
}

func (InterceptEndpointGroupAssociationLocationsDetailArgs) ElementType added in v8.13.0

func (InterceptEndpointGroupAssociationLocationsDetailArgs) ToInterceptEndpointGroupAssociationLocationsDetailOutput added in v8.13.0

func (i InterceptEndpointGroupAssociationLocationsDetailArgs) ToInterceptEndpointGroupAssociationLocationsDetailOutput() InterceptEndpointGroupAssociationLocationsDetailOutput

func (InterceptEndpointGroupAssociationLocationsDetailArgs) ToInterceptEndpointGroupAssociationLocationsDetailOutputWithContext added in v8.13.0

func (i InterceptEndpointGroupAssociationLocationsDetailArgs) ToInterceptEndpointGroupAssociationLocationsDetailOutputWithContext(ctx context.Context) InterceptEndpointGroupAssociationLocationsDetailOutput

type InterceptEndpointGroupAssociationLocationsDetailArray added in v8.13.0

type InterceptEndpointGroupAssociationLocationsDetailArray []InterceptEndpointGroupAssociationLocationsDetailInput

func (InterceptEndpointGroupAssociationLocationsDetailArray) ElementType added in v8.13.0

func (InterceptEndpointGroupAssociationLocationsDetailArray) ToInterceptEndpointGroupAssociationLocationsDetailArrayOutput added in v8.13.0

func (i InterceptEndpointGroupAssociationLocationsDetailArray) ToInterceptEndpointGroupAssociationLocationsDetailArrayOutput() InterceptEndpointGroupAssociationLocationsDetailArrayOutput

func (InterceptEndpointGroupAssociationLocationsDetailArray) ToInterceptEndpointGroupAssociationLocationsDetailArrayOutputWithContext added in v8.13.0

func (i InterceptEndpointGroupAssociationLocationsDetailArray) ToInterceptEndpointGroupAssociationLocationsDetailArrayOutputWithContext(ctx context.Context) InterceptEndpointGroupAssociationLocationsDetailArrayOutput

type InterceptEndpointGroupAssociationLocationsDetailArrayInput added in v8.13.0

type InterceptEndpointGroupAssociationLocationsDetailArrayInput interface {
	pulumi.Input

	ToInterceptEndpointGroupAssociationLocationsDetailArrayOutput() InterceptEndpointGroupAssociationLocationsDetailArrayOutput
	ToInterceptEndpointGroupAssociationLocationsDetailArrayOutputWithContext(context.Context) InterceptEndpointGroupAssociationLocationsDetailArrayOutput
}

InterceptEndpointGroupAssociationLocationsDetailArrayInput is an input type that accepts InterceptEndpointGroupAssociationLocationsDetailArray and InterceptEndpointGroupAssociationLocationsDetailArrayOutput values. You can construct a concrete instance of `InterceptEndpointGroupAssociationLocationsDetailArrayInput` via:

InterceptEndpointGroupAssociationLocationsDetailArray{ InterceptEndpointGroupAssociationLocationsDetailArgs{...} }

type InterceptEndpointGroupAssociationLocationsDetailArrayOutput added in v8.13.0

type InterceptEndpointGroupAssociationLocationsDetailArrayOutput struct{ *pulumi.OutputState }

func (InterceptEndpointGroupAssociationLocationsDetailArrayOutput) ElementType added in v8.13.0

func (InterceptEndpointGroupAssociationLocationsDetailArrayOutput) Index added in v8.13.0

func (InterceptEndpointGroupAssociationLocationsDetailArrayOutput) ToInterceptEndpointGroupAssociationLocationsDetailArrayOutput added in v8.13.0

func (InterceptEndpointGroupAssociationLocationsDetailArrayOutput) ToInterceptEndpointGroupAssociationLocationsDetailArrayOutputWithContext added in v8.13.0

func (o InterceptEndpointGroupAssociationLocationsDetailArrayOutput) ToInterceptEndpointGroupAssociationLocationsDetailArrayOutputWithContext(ctx context.Context) InterceptEndpointGroupAssociationLocationsDetailArrayOutput

type InterceptEndpointGroupAssociationLocationsDetailInput added in v8.13.0

type InterceptEndpointGroupAssociationLocationsDetailInput interface {
	pulumi.Input

	ToInterceptEndpointGroupAssociationLocationsDetailOutput() InterceptEndpointGroupAssociationLocationsDetailOutput
	ToInterceptEndpointGroupAssociationLocationsDetailOutputWithContext(context.Context) InterceptEndpointGroupAssociationLocationsDetailOutput
}

InterceptEndpointGroupAssociationLocationsDetailInput is an input type that accepts InterceptEndpointGroupAssociationLocationsDetailArgs and InterceptEndpointGroupAssociationLocationsDetailOutput values. You can construct a concrete instance of `InterceptEndpointGroupAssociationLocationsDetailInput` via:

InterceptEndpointGroupAssociationLocationsDetailArgs{...}

type InterceptEndpointGroupAssociationLocationsDetailOutput added in v8.13.0

type InterceptEndpointGroupAssociationLocationsDetailOutput struct{ *pulumi.OutputState }

func (InterceptEndpointGroupAssociationLocationsDetailOutput) ElementType added in v8.13.0

func (InterceptEndpointGroupAssociationLocationsDetailOutput) Location added in v8.13.0

The location of the Intercept Endpoint Group Association, currently restricted to `global`.

***

func (InterceptEndpointGroupAssociationLocationsDetailOutput) State added in v8.13.0

(Output) The association state in this location. Possible values: STATE_UNSPECIFIED ACTIVE OUT_OF_SYNC

func (InterceptEndpointGroupAssociationLocationsDetailOutput) ToInterceptEndpointGroupAssociationLocationsDetailOutput added in v8.13.0

func (InterceptEndpointGroupAssociationLocationsDetailOutput) ToInterceptEndpointGroupAssociationLocationsDetailOutputWithContext added in v8.13.0

func (o InterceptEndpointGroupAssociationLocationsDetailOutput) ToInterceptEndpointGroupAssociationLocationsDetailOutputWithContext(ctx context.Context) InterceptEndpointGroupAssociationLocationsDetailOutput

type InterceptEndpointGroupAssociationMap added in v8.13.0

type InterceptEndpointGroupAssociationMap map[string]InterceptEndpointGroupAssociationInput

func (InterceptEndpointGroupAssociationMap) ElementType added in v8.13.0

func (InterceptEndpointGroupAssociationMap) ToInterceptEndpointGroupAssociationMapOutput added in v8.13.0

func (i InterceptEndpointGroupAssociationMap) ToInterceptEndpointGroupAssociationMapOutput() InterceptEndpointGroupAssociationMapOutput

func (InterceptEndpointGroupAssociationMap) ToInterceptEndpointGroupAssociationMapOutputWithContext added in v8.13.0

func (i InterceptEndpointGroupAssociationMap) ToInterceptEndpointGroupAssociationMapOutputWithContext(ctx context.Context) InterceptEndpointGroupAssociationMapOutput

type InterceptEndpointGroupAssociationMapInput added in v8.13.0

type InterceptEndpointGroupAssociationMapInput interface {
	pulumi.Input

	ToInterceptEndpointGroupAssociationMapOutput() InterceptEndpointGroupAssociationMapOutput
	ToInterceptEndpointGroupAssociationMapOutputWithContext(context.Context) InterceptEndpointGroupAssociationMapOutput
}

InterceptEndpointGroupAssociationMapInput is an input type that accepts InterceptEndpointGroupAssociationMap and InterceptEndpointGroupAssociationMapOutput values. You can construct a concrete instance of `InterceptEndpointGroupAssociationMapInput` via:

InterceptEndpointGroupAssociationMap{ "key": InterceptEndpointGroupAssociationArgs{...} }

type InterceptEndpointGroupAssociationMapOutput added in v8.13.0

type InterceptEndpointGroupAssociationMapOutput struct{ *pulumi.OutputState }

func (InterceptEndpointGroupAssociationMapOutput) ElementType added in v8.13.0

func (InterceptEndpointGroupAssociationMapOutput) MapIndex added in v8.13.0

func (InterceptEndpointGroupAssociationMapOutput) ToInterceptEndpointGroupAssociationMapOutput added in v8.13.0

func (o InterceptEndpointGroupAssociationMapOutput) ToInterceptEndpointGroupAssociationMapOutput() InterceptEndpointGroupAssociationMapOutput

func (InterceptEndpointGroupAssociationMapOutput) ToInterceptEndpointGroupAssociationMapOutputWithContext added in v8.13.0

func (o InterceptEndpointGroupAssociationMapOutput) ToInterceptEndpointGroupAssociationMapOutputWithContext(ctx context.Context) InterceptEndpointGroupAssociationMapOutput

type InterceptEndpointGroupAssociationOutput added in v8.13.0

type InterceptEndpointGroupAssociationOutput struct{ *pulumi.OutputState }

func (InterceptEndpointGroupAssociationOutput) CreateTime added in v8.13.0

Create time stamp.

func (InterceptEndpointGroupAssociationOutput) EffectiveLabels added in v8.13.0

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (InterceptEndpointGroupAssociationOutput) ElementType added in v8.13.0

func (InterceptEndpointGroupAssociationOutput) InterceptEndpointGroup added in v8.13.0

func (o InterceptEndpointGroupAssociationOutput) InterceptEndpointGroup() pulumi.StringOutput

Immutable. The Intercept Endpoint Group that this resource is connected to. Format is: `projects/{project}/locations/global/interceptEndpointGroups/{interceptEndpointGroup}`.

func (InterceptEndpointGroupAssociationOutput) InterceptEndpointGroupAssociationId added in v8.13.0

func (o InterceptEndpointGroupAssociationOutput) InterceptEndpointGroupAssociationId() pulumi.StringPtrOutput

ID of the Intercept Endpoint Group Association.

func (InterceptEndpointGroupAssociationOutput) Labels added in v8.13.0

Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (InterceptEndpointGroupAssociationOutput) Location added in v8.13.0

The location of the Intercept Endpoint Group Association, currently restricted to `global`.

***

func (InterceptEndpointGroupAssociationOutput) LocationsDetails added in v8.13.0

The list of locations that are currently supported by the associated Intercept Deployment Group and their state. Structure is documented below.

func (InterceptEndpointGroupAssociationOutput) Name added in v8.13.0

Identifier. The name of the Intercept Endpoint Group Association.

func (InterceptEndpointGroupAssociationOutput) Network added in v8.13.0

Immutable. The VPC network associated. Format: `projects/{project}/global/networks/{network}`.

func (InterceptEndpointGroupAssociationOutput) Project added in v8.13.0

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (InterceptEndpointGroupAssociationOutput) PulumiLabels added in v8.13.0

The combination of labels configured directly on the resource and default labels configured on the provider.

func (InterceptEndpointGroupAssociationOutput) Reconciling added in v8.13.0

Whether reconciling is in progress.

func (InterceptEndpointGroupAssociationOutput) State added in v8.13.0

(Output) The association state in this location. Possible values: STATE_UNSPECIFIED ACTIVE OUT_OF_SYNC

func (InterceptEndpointGroupAssociationOutput) ToInterceptEndpointGroupAssociationOutput added in v8.13.0

func (o InterceptEndpointGroupAssociationOutput) ToInterceptEndpointGroupAssociationOutput() InterceptEndpointGroupAssociationOutput

func (InterceptEndpointGroupAssociationOutput) ToInterceptEndpointGroupAssociationOutputWithContext added in v8.13.0

func (o InterceptEndpointGroupAssociationOutput) ToInterceptEndpointGroupAssociationOutputWithContext(ctx context.Context) InterceptEndpointGroupAssociationOutput

func (InterceptEndpointGroupAssociationOutput) UpdateTime added in v8.13.0

Update time stamp.

type InterceptEndpointGroupAssociationState added in v8.13.0

type InterceptEndpointGroupAssociationState struct {
	// Create time stamp.
	CreateTime pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Immutable. The Intercept Endpoint Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/interceptEndpointGroups/{interceptEndpointGroup}`.
	InterceptEndpointGroup pulumi.StringPtrInput
	// ID of the Intercept Endpoint Group Association.
	InterceptEndpointGroupAssociationId pulumi.StringPtrInput
	// Optional. Labels as key value pairs.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the Intercept Endpoint Group Association, currently restricted to `global`.
	//
	// ***
	Location pulumi.StringPtrInput
	// The list of locations that are currently supported by the associated Intercept Deployment Group and their state.
	// Structure is documented below.
	LocationsDetails InterceptEndpointGroupAssociationLocationsDetailArrayInput
	// Identifier. The name of the Intercept Endpoint Group Association.
	Name pulumi.StringPtrInput
	// Immutable. The VPC network associated. Format:
	// `projects/{project}/global/networks/{network}`.
	Network pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Whether reconciling is in progress.
	Reconciling pulumi.BoolPtrInput
	// (Output)
	// The association state in this location.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// OUT_OF_SYNC
	State pulumi.StringPtrInput
	// Update time stamp.
	UpdateTime pulumi.StringPtrInput
}

func (InterceptEndpointGroupAssociationState) ElementType added in v8.13.0

type InterceptEndpointGroupInput added in v8.13.0

type InterceptEndpointGroupInput interface {
	pulumi.Input

	ToInterceptEndpointGroupOutput() InterceptEndpointGroupOutput
	ToInterceptEndpointGroupOutputWithContext(ctx context.Context) InterceptEndpointGroupOutput
}

type InterceptEndpointGroupMap added in v8.13.0

type InterceptEndpointGroupMap map[string]InterceptEndpointGroupInput

func (InterceptEndpointGroupMap) ElementType added in v8.13.0

func (InterceptEndpointGroupMap) ElementType() reflect.Type

func (InterceptEndpointGroupMap) ToInterceptEndpointGroupMapOutput added in v8.13.0

func (i InterceptEndpointGroupMap) ToInterceptEndpointGroupMapOutput() InterceptEndpointGroupMapOutput

func (InterceptEndpointGroupMap) ToInterceptEndpointGroupMapOutputWithContext added in v8.13.0

func (i InterceptEndpointGroupMap) ToInterceptEndpointGroupMapOutputWithContext(ctx context.Context) InterceptEndpointGroupMapOutput

type InterceptEndpointGroupMapInput added in v8.13.0

type InterceptEndpointGroupMapInput interface {
	pulumi.Input

	ToInterceptEndpointGroupMapOutput() InterceptEndpointGroupMapOutput
	ToInterceptEndpointGroupMapOutputWithContext(context.Context) InterceptEndpointGroupMapOutput
}

InterceptEndpointGroupMapInput is an input type that accepts InterceptEndpointGroupMap and InterceptEndpointGroupMapOutput values. You can construct a concrete instance of `InterceptEndpointGroupMapInput` via:

InterceptEndpointGroupMap{ "key": InterceptEndpointGroupArgs{...} }

type InterceptEndpointGroupMapOutput added in v8.13.0

type InterceptEndpointGroupMapOutput struct{ *pulumi.OutputState }

func (InterceptEndpointGroupMapOutput) ElementType added in v8.13.0

func (InterceptEndpointGroupMapOutput) MapIndex added in v8.13.0

func (InterceptEndpointGroupMapOutput) ToInterceptEndpointGroupMapOutput added in v8.13.0

func (o InterceptEndpointGroupMapOutput) ToInterceptEndpointGroupMapOutput() InterceptEndpointGroupMapOutput

func (InterceptEndpointGroupMapOutput) ToInterceptEndpointGroupMapOutputWithContext added in v8.13.0

func (o InterceptEndpointGroupMapOutput) ToInterceptEndpointGroupMapOutputWithContext(ctx context.Context) InterceptEndpointGroupMapOutput

type InterceptEndpointGroupOutput added in v8.13.0

type InterceptEndpointGroupOutput struct{ *pulumi.OutputState }

func (InterceptEndpointGroupOutput) CreateTime added in v8.13.0

Create time stamp.

func (InterceptEndpointGroupOutput) EffectiveLabels added in v8.13.0

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (InterceptEndpointGroupOutput) ElementType added in v8.13.0

func (InterceptEndpointGroupOutput) InterceptDeploymentGroup added in v8.13.0

func (o InterceptEndpointGroupOutput) InterceptDeploymentGroup() pulumi.StringOutput

Immutable. The Intercept Deployment Group that this resource is connected to. Format is: `projects/{project}/locations/global/interceptDeploymentGroups/{interceptDeploymentGroup}`

func (InterceptEndpointGroupOutput) InterceptEndpointGroupId added in v8.13.0

func (o InterceptEndpointGroupOutput) InterceptEndpointGroupId() pulumi.StringOutput

ID of the Intercept Endpoint Group.

***

func (InterceptEndpointGroupOutput) Labels added in v8.13.0

Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (InterceptEndpointGroupOutput) Location added in v8.13.0

The location of the Intercept Endpoint Group, currently restricted to `global`.

func (InterceptEndpointGroupOutput) Name added in v8.13.0

Identifier. The name of the Intercept Endpoint Group.

func (InterceptEndpointGroupOutput) Project added in v8.13.0

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (InterceptEndpointGroupOutput) PulumiLabels added in v8.13.0

The combination of labels configured directly on the resource and default labels configured on the provider.

func (InterceptEndpointGroupOutput) Reconciling added in v8.13.0

Whether reconciling is in progress, recommended per https://google.aip.dev/128.

func (InterceptEndpointGroupOutput) State added in v8.13.0

Current state of the endpoint group. Possible values: STATE_UNSPECIFIED ACTIVE CLOSED CREATING DELETING OUT_OF_SYNC

func (InterceptEndpointGroupOutput) ToInterceptEndpointGroupOutput added in v8.13.0

func (o InterceptEndpointGroupOutput) ToInterceptEndpointGroupOutput() InterceptEndpointGroupOutput

func (InterceptEndpointGroupOutput) ToInterceptEndpointGroupOutputWithContext added in v8.13.0

func (o InterceptEndpointGroupOutput) ToInterceptEndpointGroupOutputWithContext(ctx context.Context) InterceptEndpointGroupOutput

func (InterceptEndpointGroupOutput) UpdateTime added in v8.13.0

Update time stamp.

type InterceptEndpointGroupState added in v8.13.0

type InterceptEndpointGroupState struct {
	// Create time stamp.
	CreateTime pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Immutable. The Intercept Deployment Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/interceptDeploymentGroups/{interceptDeploymentGroup}`
	InterceptDeploymentGroup pulumi.StringPtrInput
	// ID of the Intercept Endpoint Group.
	//
	// ***
	InterceptEndpointGroupId pulumi.StringPtrInput
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the Intercept Endpoint Group, currently restricted to `global`.
	Location pulumi.StringPtrInput
	// Identifier. The name of the Intercept Endpoint Group.
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolPtrInput
	// Current state of the endpoint group.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CLOSED
	// CREATING
	// DELETING
	// OUT_OF_SYNC
	State pulumi.StringPtrInput
	// Update time stamp.
	UpdateTime pulumi.StringPtrInput
}

func (InterceptEndpointGroupState) ElementType added in v8.13.0

type LookupAddressGroupIamPolicyArgs

type LookupAddressGroupIamPolicyArgs struct {
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location *string `pulumi:"location"`
	// Used to find the parent resource to bind the IAM policy to
	Name string `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project *string `pulumi:"project"`
}

A collection of arguments for invoking getAddressGroupIamPolicy.

type LookupAddressGroupIamPolicyOutputArgs

type LookupAddressGroupIamPolicyOutputArgs struct {
	// The location of the gateway security policy.
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput `pulumi:"location"`
	// Used to find the parent resource to bind the IAM policy to
	Name pulumi.StringInput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput `pulumi:"project"`
}

A collection of arguments for invoking getAddressGroupIamPolicy.

func (LookupAddressGroupIamPolicyOutputArgs) ElementType

type LookupAddressGroupIamPolicyResult

type LookupAddressGroupIamPolicyResult struct {
	// (Computed) The etag of the IAM policy.
	Etag string `pulumi:"etag"`
	// The provider-assigned unique ID for this managed resource.
	Id       string `pulumi:"id"`
	Location string `pulumi:"location"`
	Name     string `pulumi:"name"`
	// (Required only by `networksecurity.AddressGroupIamPolicy`) The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData string `pulumi:"policyData"`
	Project    string `pulumi:"project"`
}

A collection of values returned by getAddressGroupIamPolicy.

func LookupAddressGroupIamPolicy

func LookupAddressGroupIamPolicy(ctx *pulumi.Context, args *LookupAddressGroupIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupAddressGroupIamPolicyResult, error)

Retrieves the current IAM policy data for projectaddressgroup

type LookupAddressGroupIamPolicyResultOutput

type LookupAddressGroupIamPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getAddressGroupIamPolicy.

func (LookupAddressGroupIamPolicyResultOutput) ElementType

func (LookupAddressGroupIamPolicyResultOutput) Etag

(Computed) The etag of the IAM policy.

func (LookupAddressGroupIamPolicyResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupAddressGroupIamPolicyResultOutput) Location

func (LookupAddressGroupIamPolicyResultOutput) Name

func (LookupAddressGroupIamPolicyResultOutput) PolicyData

(Required only by `networksecurity.AddressGroupIamPolicy`) The policy data generated by a `organizations.getIAMPolicy` data source.

func (LookupAddressGroupIamPolicyResultOutput) Project

func (LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutput

func (o LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutput() LookupAddressGroupIamPolicyResultOutput

func (LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutputWithContext

func (o LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutputWithContext(ctx context.Context) LookupAddressGroupIamPolicyResultOutput

type MirroringDeployment added in v8.11.0

type MirroringDeployment struct {
	pulumi.CustomResourceState

	// Output only. [Output only] Create time stamp
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Required. Immutable. The regional load balancer which the mirrored traffic should be forwarded
	// to. Format is:
	// projects/{project}/regions/{region}/forwardingRules/{forwardingRule}
	ForwardingRule pulumi.StringOutput `pulumi:"forwardingRule"`
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringDeployment`.
	Location pulumi.StringOutput `pulumi:"location"`
	// Required. Immutable. The Mirroring Deployment Group that this resource is part of. Format is:
	// `projects/{project}/locations/global/mirroringDeploymentGroups/{mirroringDeploymentGroup}`
	MirroringDeploymentGroup pulumi.StringOutput `pulumi:"mirroringDeploymentGroup"`
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringDeploymentId from the methodSignature of Create RPC
	//
	// ***
	MirroringDeploymentId pulumi.StringOutput `pulumi:"mirroringDeploymentId"`
	// Immutable. Identifier. The name of the MirroringDeployment.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Output only. Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// Output only. Current state of the deployment.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CREATING
	// DELETING
	// OUT_OF_SYNC
	// DELETE_FAILED
	State pulumi.StringOutput `pulumi:"state"`
	// Output only. [Output only] Update time stamp
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Mirroring Deployment Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{
			Name:                  pulumi.String("example-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		subnetwork, err := compute.NewSubnetwork(ctx, "subnetwork", &compute.SubnetworkArgs{
			Name:        pulumi.String("example-subnet"),
			Region:      pulumi.String("us-central1"),
			IpCidrRange: pulumi.String("10.1.0.0/16"),
			Network:     network.Name,
		})
		if err != nil {
			return err
		}
		healthCheck, err := compute.NewRegionHealthCheck(ctx, "health_check", &compute.RegionHealthCheckArgs{
			Name:   pulumi.String("example-hc"),
			Region: pulumi.String("us-central1"),
			HttpHealthCheck: &compute.RegionHealthCheckHttpHealthCheckArgs{
				Port: pulumi.Int(80),
			},
		})
		if err != nil {
			return err
		}
		backendService, err := compute.NewRegionBackendService(ctx, "backend_service", &compute.RegionBackendServiceArgs{
			Name:                pulumi.String("example-bs"),
			Region:              pulumi.String("us-central1"),
			HealthChecks:        healthCheck.ID(),
			Protocol:            pulumi.String("UDP"),
			LoadBalancingScheme: pulumi.String("INTERNAL"),
		})
		if err != nil {
			return err
		}
		forwardingRule, err := compute.NewForwardingRule(ctx, "forwarding_rule", &compute.ForwardingRuleArgs{
			Name:                pulumi.String("example-fwr"),
			Region:              pulumi.String("us-central1"),
			Network:             network.Name,
			Subnetwork:          subnetwork.Name,
			BackendService:      backendService.ID(),
			LoadBalancingScheme: pulumi.String("INTERNAL"),
			Ports: pulumi.StringArray{
				pulumi.String("6081"),
			},
			IpProtocol:           pulumi.String("UDP"),
			IsMirroringCollector: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		deploymentGroup, err := networksecurity.NewMirroringDeploymentGroup(ctx, "deployment_group", &networksecurity.MirroringDeploymentGroupArgs{
			MirroringDeploymentGroupId: pulumi.String("example-dg"),
			Location:                   pulumi.String("global"),
			Network:                    network.ID(),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewMirroringDeployment(ctx, "default", &networksecurity.MirroringDeploymentArgs{
			MirroringDeploymentId:    pulumi.String("example-deployment"),
			Location:                 pulumi.String("us-central1-a"),
			ForwardingRule:           forwardingRule.ID(),
			MirroringDeploymentGroup: deploymentGroup.ID(),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

MirroringDeployment can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/mirroringDeployments/{{mirroring_deployment_id}}`

* `{{project}}/{{location}}/{{mirroring_deployment_id}}`

* `{{location}}/{{mirroring_deployment_id}}`

When using the `pulumi import` command, MirroringDeployment can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/mirroringDeployment:MirroringDeployment default projects/{{project}}/locations/{{location}}/mirroringDeployments/{{mirroring_deployment_id}} ```

```sh $ pulumi import gcp:networksecurity/mirroringDeployment:MirroringDeployment default {{project}}/{{location}}/{{mirroring_deployment_id}} ```

```sh $ pulumi import gcp:networksecurity/mirroringDeployment:MirroringDeployment default {{location}}/{{mirroring_deployment_id}} ```

func GetMirroringDeployment added in v8.11.0

func GetMirroringDeployment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MirroringDeploymentState, opts ...pulumi.ResourceOption) (*MirroringDeployment, error)

GetMirroringDeployment gets an existing MirroringDeployment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMirroringDeployment added in v8.11.0

func NewMirroringDeployment(ctx *pulumi.Context,
	name string, args *MirroringDeploymentArgs, opts ...pulumi.ResourceOption) (*MirroringDeployment, error)

NewMirroringDeployment registers a new resource with the given unique name, arguments, and options.

func (*MirroringDeployment) ElementType added in v8.11.0

func (*MirroringDeployment) ElementType() reflect.Type

func (*MirroringDeployment) ToMirroringDeploymentOutput added in v8.11.0

func (i *MirroringDeployment) ToMirroringDeploymentOutput() MirroringDeploymentOutput

func (*MirroringDeployment) ToMirroringDeploymentOutputWithContext added in v8.11.0

func (i *MirroringDeployment) ToMirroringDeploymentOutputWithContext(ctx context.Context) MirroringDeploymentOutput

type MirroringDeploymentArgs added in v8.11.0

type MirroringDeploymentArgs struct {
	// Required. Immutable. The regional load balancer which the mirrored traffic should be forwarded
	// to. Format is:
	// projects/{project}/regions/{region}/forwardingRules/{forwardingRule}
	ForwardingRule pulumi.StringInput
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringDeployment`.
	Location pulumi.StringInput
	// Required. Immutable. The Mirroring Deployment Group that this resource is part of. Format is:
	// `projects/{project}/locations/global/mirroringDeploymentGroups/{mirroringDeploymentGroup}`
	MirroringDeploymentGroup pulumi.StringInput
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringDeploymentId from the methodSignature of Create RPC
	//
	// ***
	MirroringDeploymentId pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a MirroringDeployment resource.

func (MirroringDeploymentArgs) ElementType added in v8.11.0

func (MirroringDeploymentArgs) ElementType() reflect.Type

type MirroringDeploymentArray added in v8.11.0

type MirroringDeploymentArray []MirroringDeploymentInput

func (MirroringDeploymentArray) ElementType added in v8.11.0

func (MirroringDeploymentArray) ElementType() reflect.Type

func (MirroringDeploymentArray) ToMirroringDeploymentArrayOutput added in v8.11.0

func (i MirroringDeploymentArray) ToMirroringDeploymentArrayOutput() MirroringDeploymentArrayOutput

func (MirroringDeploymentArray) ToMirroringDeploymentArrayOutputWithContext added in v8.11.0

func (i MirroringDeploymentArray) ToMirroringDeploymentArrayOutputWithContext(ctx context.Context) MirroringDeploymentArrayOutput

type MirroringDeploymentArrayInput added in v8.11.0

type MirroringDeploymentArrayInput interface {
	pulumi.Input

	ToMirroringDeploymentArrayOutput() MirroringDeploymentArrayOutput
	ToMirroringDeploymentArrayOutputWithContext(context.Context) MirroringDeploymentArrayOutput
}

MirroringDeploymentArrayInput is an input type that accepts MirroringDeploymentArray and MirroringDeploymentArrayOutput values. You can construct a concrete instance of `MirroringDeploymentArrayInput` via:

MirroringDeploymentArray{ MirroringDeploymentArgs{...} }

type MirroringDeploymentArrayOutput added in v8.11.0

type MirroringDeploymentArrayOutput struct{ *pulumi.OutputState }

func (MirroringDeploymentArrayOutput) ElementType added in v8.11.0

func (MirroringDeploymentArrayOutput) Index added in v8.11.0

func (MirroringDeploymentArrayOutput) ToMirroringDeploymentArrayOutput added in v8.11.0

func (o MirroringDeploymentArrayOutput) ToMirroringDeploymentArrayOutput() MirroringDeploymentArrayOutput

func (MirroringDeploymentArrayOutput) ToMirroringDeploymentArrayOutputWithContext added in v8.11.0

func (o MirroringDeploymentArrayOutput) ToMirroringDeploymentArrayOutputWithContext(ctx context.Context) MirroringDeploymentArrayOutput

type MirroringDeploymentGroup added in v8.11.0

type MirroringDeploymentGroup struct {
	pulumi.CustomResourceState

	// Output only. The list of Mirroring Endpoint Groups that are connected to this resource.
	// Structure is documented below.
	ConnectedEndpointGroups MirroringDeploymentGroupConnectedEndpointGroupArrayOutput `pulumi:"connectedEndpointGroups"`
	// Output only. [Output only] Create time stamp
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringDeploymentGroup`.
	Location pulumi.StringOutput `pulumi:"location"`
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringDeploymentGroupId from the methodSignature of Create RPC
	//
	// ***
	MirroringDeploymentGroupId pulumi.StringOutput `pulumi:"mirroringDeploymentGroupId"`
	// (Output)
	// Output only. A connected mirroring endpoint group.
	Name pulumi.StringOutput `pulumi:"name"`
	// Required. Immutable. The network that is being used for the deployment. Format is:
	// projects/{project}/global/networks/{network}.
	Network pulumi.StringOutput `pulumi:"network"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Output only. Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// Output only. Current state of the deployment group.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CREATING
	// DELETING
	State pulumi.StringOutput `pulumi:"state"`
	// Output only. [Output only] Update time stamp
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Mirroring Deployment Group Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{
			Name:                  pulumi.String("example-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewMirroringDeploymentGroup(ctx, "default", &networksecurity.MirroringDeploymentGroupArgs{
			MirroringDeploymentGroupId: pulumi.String("example-dg"),
			Location:                   pulumi.String("global"),
			Network:                    network.ID(),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

MirroringDeploymentGroup can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/mirroringDeploymentGroups/{{mirroring_deployment_group_id}}`

* `{{project}}/{{location}}/{{mirroring_deployment_group_id}}`

* `{{location}}/{{mirroring_deployment_group_id}}`

When using the `pulumi import` command, MirroringDeploymentGroup can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/mirroringDeploymentGroup:MirroringDeploymentGroup default projects/{{project}}/locations/{{location}}/mirroringDeploymentGroups/{{mirroring_deployment_group_id}} ```

```sh $ pulumi import gcp:networksecurity/mirroringDeploymentGroup:MirroringDeploymentGroup default {{project}}/{{location}}/{{mirroring_deployment_group_id}} ```

```sh $ pulumi import gcp:networksecurity/mirroringDeploymentGroup:MirroringDeploymentGroup default {{location}}/{{mirroring_deployment_group_id}} ```

func GetMirroringDeploymentGroup added in v8.11.0

func GetMirroringDeploymentGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MirroringDeploymentGroupState, opts ...pulumi.ResourceOption) (*MirroringDeploymentGroup, error)

GetMirroringDeploymentGroup gets an existing MirroringDeploymentGroup resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMirroringDeploymentGroup added in v8.11.0

func NewMirroringDeploymentGroup(ctx *pulumi.Context,
	name string, args *MirroringDeploymentGroupArgs, opts ...pulumi.ResourceOption) (*MirroringDeploymentGroup, error)

NewMirroringDeploymentGroup registers a new resource with the given unique name, arguments, and options.

func (*MirroringDeploymentGroup) ElementType added in v8.11.0

func (*MirroringDeploymentGroup) ElementType() reflect.Type

func (*MirroringDeploymentGroup) ToMirroringDeploymentGroupOutput added in v8.11.0

func (i *MirroringDeploymentGroup) ToMirroringDeploymentGroupOutput() MirroringDeploymentGroupOutput

func (*MirroringDeploymentGroup) ToMirroringDeploymentGroupOutputWithContext added in v8.11.0

func (i *MirroringDeploymentGroup) ToMirroringDeploymentGroupOutputWithContext(ctx context.Context) MirroringDeploymentGroupOutput

type MirroringDeploymentGroupArgs added in v8.11.0

type MirroringDeploymentGroupArgs struct {
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringDeploymentGroup`.
	Location pulumi.StringInput
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringDeploymentGroupId from the methodSignature of Create RPC
	//
	// ***
	MirroringDeploymentGroupId pulumi.StringInput
	// Required. Immutable. The network that is being used for the deployment. Format is:
	// projects/{project}/global/networks/{network}.
	Network pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a MirroringDeploymentGroup resource.

func (MirroringDeploymentGroupArgs) ElementType added in v8.11.0

type MirroringDeploymentGroupArray added in v8.11.0

type MirroringDeploymentGroupArray []MirroringDeploymentGroupInput

func (MirroringDeploymentGroupArray) ElementType added in v8.11.0

func (MirroringDeploymentGroupArray) ToMirroringDeploymentGroupArrayOutput added in v8.11.0

func (i MirroringDeploymentGroupArray) ToMirroringDeploymentGroupArrayOutput() MirroringDeploymentGroupArrayOutput

func (MirroringDeploymentGroupArray) ToMirroringDeploymentGroupArrayOutputWithContext added in v8.11.0

func (i MirroringDeploymentGroupArray) ToMirroringDeploymentGroupArrayOutputWithContext(ctx context.Context) MirroringDeploymentGroupArrayOutput

type MirroringDeploymentGroupArrayInput added in v8.11.0

type MirroringDeploymentGroupArrayInput interface {
	pulumi.Input

	ToMirroringDeploymentGroupArrayOutput() MirroringDeploymentGroupArrayOutput
	ToMirroringDeploymentGroupArrayOutputWithContext(context.Context) MirroringDeploymentGroupArrayOutput
}

MirroringDeploymentGroupArrayInput is an input type that accepts MirroringDeploymentGroupArray and MirroringDeploymentGroupArrayOutput values. You can construct a concrete instance of `MirroringDeploymentGroupArrayInput` via:

MirroringDeploymentGroupArray{ MirroringDeploymentGroupArgs{...} }

type MirroringDeploymentGroupArrayOutput added in v8.11.0

type MirroringDeploymentGroupArrayOutput struct{ *pulumi.OutputState }

func (MirroringDeploymentGroupArrayOutput) ElementType added in v8.11.0

func (MirroringDeploymentGroupArrayOutput) Index added in v8.11.0

func (MirroringDeploymentGroupArrayOutput) ToMirroringDeploymentGroupArrayOutput added in v8.11.0

func (o MirroringDeploymentGroupArrayOutput) ToMirroringDeploymentGroupArrayOutput() MirroringDeploymentGroupArrayOutput

func (MirroringDeploymentGroupArrayOutput) ToMirroringDeploymentGroupArrayOutputWithContext added in v8.11.0

func (o MirroringDeploymentGroupArrayOutput) ToMirroringDeploymentGroupArrayOutputWithContext(ctx context.Context) MirroringDeploymentGroupArrayOutput

type MirroringDeploymentGroupConnectedEndpointGroup added in v8.11.0

type MirroringDeploymentGroupConnectedEndpointGroup struct {
	// (Output)
	// Output only. A connected mirroring endpoint group.
	Name *string `pulumi:"name"`
}

type MirroringDeploymentGroupConnectedEndpointGroupArgs added in v8.11.0

type MirroringDeploymentGroupConnectedEndpointGroupArgs struct {
	// (Output)
	// Output only. A connected mirroring endpoint group.
	Name pulumi.StringPtrInput `pulumi:"name"`
}

func (MirroringDeploymentGroupConnectedEndpointGroupArgs) ElementType added in v8.11.0

func (MirroringDeploymentGroupConnectedEndpointGroupArgs) ToMirroringDeploymentGroupConnectedEndpointGroupOutput added in v8.11.0

func (i MirroringDeploymentGroupConnectedEndpointGroupArgs) ToMirroringDeploymentGroupConnectedEndpointGroupOutput() MirroringDeploymentGroupConnectedEndpointGroupOutput

func (MirroringDeploymentGroupConnectedEndpointGroupArgs) ToMirroringDeploymentGroupConnectedEndpointGroupOutputWithContext added in v8.11.0

func (i MirroringDeploymentGroupConnectedEndpointGroupArgs) ToMirroringDeploymentGroupConnectedEndpointGroupOutputWithContext(ctx context.Context) MirroringDeploymentGroupConnectedEndpointGroupOutput

type MirroringDeploymentGroupConnectedEndpointGroupArray added in v8.11.0

type MirroringDeploymentGroupConnectedEndpointGroupArray []MirroringDeploymentGroupConnectedEndpointGroupInput

func (MirroringDeploymentGroupConnectedEndpointGroupArray) ElementType added in v8.11.0

func (MirroringDeploymentGroupConnectedEndpointGroupArray) ToMirroringDeploymentGroupConnectedEndpointGroupArrayOutput added in v8.11.0

func (i MirroringDeploymentGroupConnectedEndpointGroupArray) ToMirroringDeploymentGroupConnectedEndpointGroupArrayOutput() MirroringDeploymentGroupConnectedEndpointGroupArrayOutput

func (MirroringDeploymentGroupConnectedEndpointGroupArray) ToMirroringDeploymentGroupConnectedEndpointGroupArrayOutputWithContext added in v8.11.0

func (i MirroringDeploymentGroupConnectedEndpointGroupArray) ToMirroringDeploymentGroupConnectedEndpointGroupArrayOutputWithContext(ctx context.Context) MirroringDeploymentGroupConnectedEndpointGroupArrayOutput

type MirroringDeploymentGroupConnectedEndpointGroupArrayInput added in v8.11.0

type MirroringDeploymentGroupConnectedEndpointGroupArrayInput interface {
	pulumi.Input

	ToMirroringDeploymentGroupConnectedEndpointGroupArrayOutput() MirroringDeploymentGroupConnectedEndpointGroupArrayOutput
	ToMirroringDeploymentGroupConnectedEndpointGroupArrayOutputWithContext(context.Context) MirroringDeploymentGroupConnectedEndpointGroupArrayOutput
}

MirroringDeploymentGroupConnectedEndpointGroupArrayInput is an input type that accepts MirroringDeploymentGroupConnectedEndpointGroupArray and MirroringDeploymentGroupConnectedEndpointGroupArrayOutput values. You can construct a concrete instance of `MirroringDeploymentGroupConnectedEndpointGroupArrayInput` via:

MirroringDeploymentGroupConnectedEndpointGroupArray{ MirroringDeploymentGroupConnectedEndpointGroupArgs{...} }

type MirroringDeploymentGroupConnectedEndpointGroupArrayOutput added in v8.11.0

type MirroringDeploymentGroupConnectedEndpointGroupArrayOutput struct{ *pulumi.OutputState }

func (MirroringDeploymentGroupConnectedEndpointGroupArrayOutput) ElementType added in v8.11.0

func (MirroringDeploymentGroupConnectedEndpointGroupArrayOutput) Index added in v8.11.0

func (MirroringDeploymentGroupConnectedEndpointGroupArrayOutput) ToMirroringDeploymentGroupConnectedEndpointGroupArrayOutput added in v8.11.0

func (MirroringDeploymentGroupConnectedEndpointGroupArrayOutput) ToMirroringDeploymentGroupConnectedEndpointGroupArrayOutputWithContext added in v8.11.0

func (o MirroringDeploymentGroupConnectedEndpointGroupArrayOutput) ToMirroringDeploymentGroupConnectedEndpointGroupArrayOutputWithContext(ctx context.Context) MirroringDeploymentGroupConnectedEndpointGroupArrayOutput

type MirroringDeploymentGroupConnectedEndpointGroupInput added in v8.11.0

type MirroringDeploymentGroupConnectedEndpointGroupInput interface {
	pulumi.Input

	ToMirroringDeploymentGroupConnectedEndpointGroupOutput() MirroringDeploymentGroupConnectedEndpointGroupOutput
	ToMirroringDeploymentGroupConnectedEndpointGroupOutputWithContext(context.Context) MirroringDeploymentGroupConnectedEndpointGroupOutput
}

MirroringDeploymentGroupConnectedEndpointGroupInput is an input type that accepts MirroringDeploymentGroupConnectedEndpointGroupArgs and MirroringDeploymentGroupConnectedEndpointGroupOutput values. You can construct a concrete instance of `MirroringDeploymentGroupConnectedEndpointGroupInput` via:

MirroringDeploymentGroupConnectedEndpointGroupArgs{...}

type MirroringDeploymentGroupConnectedEndpointGroupOutput added in v8.11.0

type MirroringDeploymentGroupConnectedEndpointGroupOutput struct{ *pulumi.OutputState }

func (MirroringDeploymentGroupConnectedEndpointGroupOutput) ElementType added in v8.11.0

func (MirroringDeploymentGroupConnectedEndpointGroupOutput) Name added in v8.11.0

(Output) Output only. A connected mirroring endpoint group.

func (MirroringDeploymentGroupConnectedEndpointGroupOutput) ToMirroringDeploymentGroupConnectedEndpointGroupOutput added in v8.11.0

func (MirroringDeploymentGroupConnectedEndpointGroupOutput) ToMirroringDeploymentGroupConnectedEndpointGroupOutputWithContext added in v8.11.0

func (o MirroringDeploymentGroupConnectedEndpointGroupOutput) ToMirroringDeploymentGroupConnectedEndpointGroupOutputWithContext(ctx context.Context) MirroringDeploymentGroupConnectedEndpointGroupOutput

type MirroringDeploymentGroupInput added in v8.11.0

type MirroringDeploymentGroupInput interface {
	pulumi.Input

	ToMirroringDeploymentGroupOutput() MirroringDeploymentGroupOutput
	ToMirroringDeploymentGroupOutputWithContext(ctx context.Context) MirroringDeploymentGroupOutput
}

type MirroringDeploymentGroupMap added in v8.11.0

type MirroringDeploymentGroupMap map[string]MirroringDeploymentGroupInput

func (MirroringDeploymentGroupMap) ElementType added in v8.11.0

func (MirroringDeploymentGroupMap) ToMirroringDeploymentGroupMapOutput added in v8.11.0

func (i MirroringDeploymentGroupMap) ToMirroringDeploymentGroupMapOutput() MirroringDeploymentGroupMapOutput

func (MirroringDeploymentGroupMap) ToMirroringDeploymentGroupMapOutputWithContext added in v8.11.0

func (i MirroringDeploymentGroupMap) ToMirroringDeploymentGroupMapOutputWithContext(ctx context.Context) MirroringDeploymentGroupMapOutput

type MirroringDeploymentGroupMapInput added in v8.11.0

type MirroringDeploymentGroupMapInput interface {
	pulumi.Input

	ToMirroringDeploymentGroupMapOutput() MirroringDeploymentGroupMapOutput
	ToMirroringDeploymentGroupMapOutputWithContext(context.Context) MirroringDeploymentGroupMapOutput
}

MirroringDeploymentGroupMapInput is an input type that accepts MirroringDeploymentGroupMap and MirroringDeploymentGroupMapOutput values. You can construct a concrete instance of `MirroringDeploymentGroupMapInput` via:

MirroringDeploymentGroupMap{ "key": MirroringDeploymentGroupArgs{...} }

type MirroringDeploymentGroupMapOutput added in v8.11.0

type MirroringDeploymentGroupMapOutput struct{ *pulumi.OutputState }

func (MirroringDeploymentGroupMapOutput) ElementType added in v8.11.0

func (MirroringDeploymentGroupMapOutput) MapIndex added in v8.11.0

func (MirroringDeploymentGroupMapOutput) ToMirroringDeploymentGroupMapOutput added in v8.11.0

func (o MirroringDeploymentGroupMapOutput) ToMirroringDeploymentGroupMapOutput() MirroringDeploymentGroupMapOutput

func (MirroringDeploymentGroupMapOutput) ToMirroringDeploymentGroupMapOutputWithContext added in v8.11.0

func (o MirroringDeploymentGroupMapOutput) ToMirroringDeploymentGroupMapOutputWithContext(ctx context.Context) MirroringDeploymentGroupMapOutput

type MirroringDeploymentGroupOutput added in v8.11.0

type MirroringDeploymentGroupOutput struct{ *pulumi.OutputState }

func (MirroringDeploymentGroupOutput) ConnectedEndpointGroups added in v8.11.0

Output only. The list of Mirroring Endpoint Groups that are connected to this resource. Structure is documented below.

func (MirroringDeploymentGroupOutput) CreateTime added in v8.11.0

Output only. [Output only] Create time stamp

func (MirroringDeploymentGroupOutput) EffectiveLabels added in v8.11.0

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (MirroringDeploymentGroupOutput) ElementType added in v8.11.0

func (MirroringDeploymentGroupOutput) Labels added in v8.11.0

Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (MirroringDeploymentGroupOutput) Location added in v8.11.0

Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringDeploymentGroup`.

func (MirroringDeploymentGroupOutput) MirroringDeploymentGroupId added in v8.11.0

func (o MirroringDeploymentGroupOutput) MirroringDeploymentGroupId() pulumi.StringOutput

Required. Id of the requesting object If auto-generating Id server-side, remove this field and mirroringDeploymentGroupId from the methodSignature of Create RPC

***

func (MirroringDeploymentGroupOutput) Name added in v8.11.0

(Output) Output only. A connected mirroring endpoint group.

func (MirroringDeploymentGroupOutput) Network added in v8.11.0

Required. Immutable. The network that is being used for the deployment. Format is: projects/{project}/global/networks/{network}.

func (MirroringDeploymentGroupOutput) Project added in v8.11.0

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (MirroringDeploymentGroupOutput) PulumiLabels added in v8.11.0

The combination of labels configured directly on the resource and default labels configured on the provider.

func (MirroringDeploymentGroupOutput) Reconciling added in v8.11.0

Output only. Whether reconciling is in progress, recommended per https://google.aip.dev/128.

func (MirroringDeploymentGroupOutput) State added in v8.11.0

Output only. Current state of the deployment group. Possible values: STATE_UNSPECIFIED ACTIVE CREATING DELETING

func (MirroringDeploymentGroupOutput) ToMirroringDeploymentGroupOutput added in v8.11.0

func (o MirroringDeploymentGroupOutput) ToMirroringDeploymentGroupOutput() MirroringDeploymentGroupOutput

func (MirroringDeploymentGroupOutput) ToMirroringDeploymentGroupOutputWithContext added in v8.11.0

func (o MirroringDeploymentGroupOutput) ToMirroringDeploymentGroupOutputWithContext(ctx context.Context) MirroringDeploymentGroupOutput

func (MirroringDeploymentGroupOutput) UpdateTime added in v8.11.0

Output only. [Output only] Update time stamp

type MirroringDeploymentGroupState added in v8.11.0

type MirroringDeploymentGroupState struct {
	// Output only. The list of Mirroring Endpoint Groups that are connected to this resource.
	// Structure is documented below.
	ConnectedEndpointGroups MirroringDeploymentGroupConnectedEndpointGroupArrayInput
	// Output only. [Output only] Create time stamp
	CreateTime pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringDeploymentGroup`.
	Location pulumi.StringPtrInput
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringDeploymentGroupId from the methodSignature of Create RPC
	//
	// ***
	MirroringDeploymentGroupId pulumi.StringPtrInput
	// (Output)
	// Output only. A connected mirroring endpoint group.
	Name pulumi.StringPtrInput
	// Required. Immutable. The network that is being used for the deployment. Format is:
	// projects/{project}/global/networks/{network}.
	Network pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Output only. Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolPtrInput
	// Output only. Current state of the deployment group.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CREATING
	// DELETING
	State pulumi.StringPtrInput
	// Output only. [Output only] Update time stamp
	UpdateTime pulumi.StringPtrInput
}

func (MirroringDeploymentGroupState) ElementType added in v8.11.0

type MirroringDeploymentInput added in v8.11.0

type MirroringDeploymentInput interface {
	pulumi.Input

	ToMirroringDeploymentOutput() MirroringDeploymentOutput
	ToMirroringDeploymentOutputWithContext(ctx context.Context) MirroringDeploymentOutput
}

type MirroringDeploymentMap added in v8.11.0

type MirroringDeploymentMap map[string]MirroringDeploymentInput

func (MirroringDeploymentMap) ElementType added in v8.11.0

func (MirroringDeploymentMap) ElementType() reflect.Type

func (MirroringDeploymentMap) ToMirroringDeploymentMapOutput added in v8.11.0

func (i MirroringDeploymentMap) ToMirroringDeploymentMapOutput() MirroringDeploymentMapOutput

func (MirroringDeploymentMap) ToMirroringDeploymentMapOutputWithContext added in v8.11.0

func (i MirroringDeploymentMap) ToMirroringDeploymentMapOutputWithContext(ctx context.Context) MirroringDeploymentMapOutput

type MirroringDeploymentMapInput added in v8.11.0

type MirroringDeploymentMapInput interface {
	pulumi.Input

	ToMirroringDeploymentMapOutput() MirroringDeploymentMapOutput
	ToMirroringDeploymentMapOutputWithContext(context.Context) MirroringDeploymentMapOutput
}

MirroringDeploymentMapInput is an input type that accepts MirroringDeploymentMap and MirroringDeploymentMapOutput values. You can construct a concrete instance of `MirroringDeploymentMapInput` via:

MirroringDeploymentMap{ "key": MirroringDeploymentArgs{...} }

type MirroringDeploymentMapOutput added in v8.11.0

type MirroringDeploymentMapOutput struct{ *pulumi.OutputState }

func (MirroringDeploymentMapOutput) ElementType added in v8.11.0

func (MirroringDeploymentMapOutput) MapIndex added in v8.11.0

func (MirroringDeploymentMapOutput) ToMirroringDeploymentMapOutput added in v8.11.0

func (o MirroringDeploymentMapOutput) ToMirroringDeploymentMapOutput() MirroringDeploymentMapOutput

func (MirroringDeploymentMapOutput) ToMirroringDeploymentMapOutputWithContext added in v8.11.0

func (o MirroringDeploymentMapOutput) ToMirroringDeploymentMapOutputWithContext(ctx context.Context) MirroringDeploymentMapOutput

type MirroringDeploymentOutput added in v8.11.0

type MirroringDeploymentOutput struct{ *pulumi.OutputState }

func (MirroringDeploymentOutput) CreateTime added in v8.11.0

Output only. [Output only] Create time stamp

func (MirroringDeploymentOutput) EffectiveLabels added in v8.11.0

func (o MirroringDeploymentOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (MirroringDeploymentOutput) ElementType added in v8.11.0

func (MirroringDeploymentOutput) ElementType() reflect.Type

func (MirroringDeploymentOutput) ForwardingRule added in v8.11.0

func (o MirroringDeploymentOutput) ForwardingRule() pulumi.StringOutput

Required. Immutable. The regional load balancer which the mirrored traffic should be forwarded to. Format is: projects/{project}/regions/{region}/forwardingRules/{forwardingRule}

func (MirroringDeploymentOutput) Labels added in v8.11.0

Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (MirroringDeploymentOutput) Location added in v8.11.0

Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringDeployment`.

func (MirroringDeploymentOutput) MirroringDeploymentGroup added in v8.11.0

func (o MirroringDeploymentOutput) MirroringDeploymentGroup() pulumi.StringOutput

Required. Immutable. The Mirroring Deployment Group that this resource is part of. Format is: `projects/{project}/locations/global/mirroringDeploymentGroups/{mirroringDeploymentGroup}`

func (MirroringDeploymentOutput) MirroringDeploymentId added in v8.11.0

func (o MirroringDeploymentOutput) MirroringDeploymentId() pulumi.StringOutput

Required. Id of the requesting object If auto-generating Id server-side, remove this field and mirroringDeploymentId from the methodSignature of Create RPC

***

func (MirroringDeploymentOutput) Name added in v8.11.0

Immutable. Identifier. The name of the MirroringDeployment.

func (MirroringDeploymentOutput) Project added in v8.11.0

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (MirroringDeploymentOutput) PulumiLabels added in v8.11.0

The combination of labels configured directly on the resource and default labels configured on the provider.

func (MirroringDeploymentOutput) Reconciling added in v8.11.0

Output only. Whether reconciling is in progress, recommended per https://google.aip.dev/128.

func (MirroringDeploymentOutput) State added in v8.11.0

Output only. Current state of the deployment. Possible values: STATE_UNSPECIFIED ACTIVE CREATING DELETING OUT_OF_SYNC DELETE_FAILED

func (MirroringDeploymentOutput) ToMirroringDeploymentOutput added in v8.11.0

func (o MirroringDeploymentOutput) ToMirroringDeploymentOutput() MirroringDeploymentOutput

func (MirroringDeploymentOutput) ToMirroringDeploymentOutputWithContext added in v8.11.0

func (o MirroringDeploymentOutput) ToMirroringDeploymentOutputWithContext(ctx context.Context) MirroringDeploymentOutput

func (MirroringDeploymentOutput) UpdateTime added in v8.11.0

Output only. [Output only] Update time stamp

type MirroringDeploymentState added in v8.11.0

type MirroringDeploymentState struct {
	// Output only. [Output only] Create time stamp
	CreateTime pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Required. Immutable. The regional load balancer which the mirrored traffic should be forwarded
	// to. Format is:
	// projects/{project}/regions/{region}/forwardingRules/{forwardingRule}
	ForwardingRule pulumi.StringPtrInput
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringDeployment`.
	Location pulumi.StringPtrInput
	// Required. Immutable. The Mirroring Deployment Group that this resource is part of. Format is:
	// `projects/{project}/locations/global/mirroringDeploymentGroups/{mirroringDeploymentGroup}`
	MirroringDeploymentGroup pulumi.StringPtrInput
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringDeploymentId from the methodSignature of Create RPC
	//
	// ***
	MirroringDeploymentId pulumi.StringPtrInput
	// Immutable. Identifier. The name of the MirroringDeployment.
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Output only. Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolPtrInput
	// Output only. Current state of the deployment.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CREATING
	// DELETING
	// OUT_OF_SYNC
	// DELETE_FAILED
	State pulumi.StringPtrInput
	// Output only. [Output only] Update time stamp
	UpdateTime pulumi.StringPtrInput
}

func (MirroringDeploymentState) ElementType added in v8.11.0

func (MirroringDeploymentState) ElementType() reflect.Type

type MirroringEndpointGroup added in v8.11.0

type MirroringEndpointGroup struct {
	pulumi.CustomResourceState

	// Output only. [Output only] Create time stamp
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringEndpointGroup`.
	Location pulumi.StringOutput `pulumi:"location"`
	// Required. Immutable. The Mirroring Deployment Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/mirroringDeploymentGroups/{mirroringDeploymentGroup}`
	MirroringDeploymentGroup pulumi.StringOutput `pulumi:"mirroringDeploymentGroup"`
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringEndpointGroupId from the methodSignature of Create RPC
	//
	// ***
	MirroringEndpointGroupId pulumi.StringOutput `pulumi:"mirroringEndpointGroupId"`
	// Immutable. Identifier. The name of the MirroringEndpointGroup.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Output only. Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// Output only. Current state of the endpoint group.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CLOSED
	// CREATING
	// DELETING
	// OUT_OF_SYNC
	State pulumi.StringOutput `pulumi:"state"`
	// Output only. [Output only] Update time stamp
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Mirroring Endpoint Group Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{
			Name:                  pulumi.String("example-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		deploymentGroup, err := networksecurity.NewMirroringDeploymentGroup(ctx, "deployment_group", &networksecurity.MirroringDeploymentGroupArgs{
			MirroringDeploymentGroupId: pulumi.String("example-dg"),
			Location:                   pulumi.String("global"),
			Network:                    network.ID(),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewMirroringEndpointGroup(ctx, "default", &networksecurity.MirroringEndpointGroupArgs{
			MirroringEndpointGroupId: pulumi.String("example-eg"),
			Location:                 pulumi.String("global"),
			MirroringDeploymentGroup: deploymentGroup.ID(),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

MirroringEndpointGroup can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/mirroringEndpointGroups/{{mirroring_endpoint_group_id}}`

* `{{project}}/{{location}}/{{mirroring_endpoint_group_id}}`

* `{{location}}/{{mirroring_endpoint_group_id}}`

When using the `pulumi import` command, MirroringEndpointGroup can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/mirroringEndpointGroup:MirroringEndpointGroup default projects/{{project}}/locations/{{location}}/mirroringEndpointGroups/{{mirroring_endpoint_group_id}} ```

```sh $ pulumi import gcp:networksecurity/mirroringEndpointGroup:MirroringEndpointGroup default {{project}}/{{location}}/{{mirroring_endpoint_group_id}} ```

```sh $ pulumi import gcp:networksecurity/mirroringEndpointGroup:MirroringEndpointGroup default {{location}}/{{mirroring_endpoint_group_id}} ```

func GetMirroringEndpointGroup added in v8.11.0

func GetMirroringEndpointGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MirroringEndpointGroupState, opts ...pulumi.ResourceOption) (*MirroringEndpointGroup, error)

GetMirroringEndpointGroup gets an existing MirroringEndpointGroup resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMirroringEndpointGroup added in v8.11.0

func NewMirroringEndpointGroup(ctx *pulumi.Context,
	name string, args *MirroringEndpointGroupArgs, opts ...pulumi.ResourceOption) (*MirroringEndpointGroup, error)

NewMirroringEndpointGroup registers a new resource with the given unique name, arguments, and options.

func (*MirroringEndpointGroup) ElementType added in v8.11.0

func (*MirroringEndpointGroup) ElementType() reflect.Type

func (*MirroringEndpointGroup) ToMirroringEndpointGroupOutput added in v8.11.0

func (i *MirroringEndpointGroup) ToMirroringEndpointGroupOutput() MirroringEndpointGroupOutput

func (*MirroringEndpointGroup) ToMirroringEndpointGroupOutputWithContext added in v8.11.0

func (i *MirroringEndpointGroup) ToMirroringEndpointGroupOutputWithContext(ctx context.Context) MirroringEndpointGroupOutput

type MirroringEndpointGroupArgs added in v8.11.0

type MirroringEndpointGroupArgs struct {
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringEndpointGroup`.
	Location pulumi.StringInput
	// Required. Immutable. The Mirroring Deployment Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/mirroringDeploymentGroups/{mirroringDeploymentGroup}`
	MirroringDeploymentGroup pulumi.StringInput
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringEndpointGroupId from the methodSignature of Create RPC
	//
	// ***
	MirroringEndpointGroupId pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a MirroringEndpointGroup resource.

func (MirroringEndpointGroupArgs) ElementType added in v8.11.0

func (MirroringEndpointGroupArgs) ElementType() reflect.Type

type MirroringEndpointGroupArray added in v8.11.0

type MirroringEndpointGroupArray []MirroringEndpointGroupInput

func (MirroringEndpointGroupArray) ElementType added in v8.11.0

func (MirroringEndpointGroupArray) ToMirroringEndpointGroupArrayOutput added in v8.11.0

func (i MirroringEndpointGroupArray) ToMirroringEndpointGroupArrayOutput() MirroringEndpointGroupArrayOutput

func (MirroringEndpointGroupArray) ToMirroringEndpointGroupArrayOutputWithContext added in v8.11.0

func (i MirroringEndpointGroupArray) ToMirroringEndpointGroupArrayOutputWithContext(ctx context.Context) MirroringEndpointGroupArrayOutput

type MirroringEndpointGroupArrayInput added in v8.11.0

type MirroringEndpointGroupArrayInput interface {
	pulumi.Input

	ToMirroringEndpointGroupArrayOutput() MirroringEndpointGroupArrayOutput
	ToMirroringEndpointGroupArrayOutputWithContext(context.Context) MirroringEndpointGroupArrayOutput
}

MirroringEndpointGroupArrayInput is an input type that accepts MirroringEndpointGroupArray and MirroringEndpointGroupArrayOutput values. You can construct a concrete instance of `MirroringEndpointGroupArrayInput` via:

MirroringEndpointGroupArray{ MirroringEndpointGroupArgs{...} }

type MirroringEndpointGroupArrayOutput added in v8.11.0

type MirroringEndpointGroupArrayOutput struct{ *pulumi.OutputState }

func (MirroringEndpointGroupArrayOutput) ElementType added in v8.11.0

func (MirroringEndpointGroupArrayOutput) Index added in v8.11.0

func (MirroringEndpointGroupArrayOutput) ToMirroringEndpointGroupArrayOutput added in v8.11.0

func (o MirroringEndpointGroupArrayOutput) ToMirroringEndpointGroupArrayOutput() MirroringEndpointGroupArrayOutput

func (MirroringEndpointGroupArrayOutput) ToMirroringEndpointGroupArrayOutputWithContext added in v8.11.0

func (o MirroringEndpointGroupArrayOutput) ToMirroringEndpointGroupArrayOutputWithContext(ctx context.Context) MirroringEndpointGroupArrayOutput

type MirroringEndpointGroupAssociation added in v8.11.0

type MirroringEndpointGroupAssociation struct {
	pulumi.CustomResourceState

	// Output only. [Output only] Create time stamp
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringEndpointGroupAssociation`.
	//
	// ***
	Location pulumi.StringOutput `pulumi:"location"`
	// Output only. The list of locations that this association is in and its details.
	// Structure is documented below.
	LocationsDetails MirroringEndpointGroupAssociationLocationsDetailArrayOutput `pulumi:"locationsDetails"`
	// Required. Immutable. The Mirroring Endpoint Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/mirroringEndpointGroups/{mirroringEndpointGroup}`
	MirroringEndpointGroup pulumi.StringOutput `pulumi:"mirroringEndpointGroup"`
	// Optional. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringEndpointGroupAssociationId from the methodSignature of Create
	// RPC
	MirroringEndpointGroupAssociationId pulumi.StringPtrOutput `pulumi:"mirroringEndpointGroupAssociationId"`
	// Immutable. Identifier. The name of the MirroringEndpointGroupAssociation.
	Name pulumi.StringOutput `pulumi:"name"`
	// Required. Immutable. The VPC network associated. Format:
	// projects/{project}/global/networks/{network}.
	Network pulumi.StringOutput `pulumi:"network"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Output only. Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolOutput `pulumi:"reconciling"`
	// (Output)
	// Output only. The association state in this location.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// OUT_OF_SYNC
	State pulumi.StringOutput `pulumi:"state"`
	// Output only. [Output only] Update time stamp
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

## Example Usage

### Network Security Mirroring Endpoint Group Association Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		producerNetwork, err := compute.NewNetwork(ctx, "producer_network", &compute.NetworkArgs{
			Name:                  pulumi.String("example-prod-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		consumerNetwork, err := compute.NewNetwork(ctx, "consumer_network", &compute.NetworkArgs{
			Name:                  pulumi.String("example-cons-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		deploymentGroup, err := networksecurity.NewMirroringDeploymentGroup(ctx, "deployment_group", &networksecurity.MirroringDeploymentGroupArgs{
			MirroringDeploymentGroupId: pulumi.String("example-dg"),
			Location:                   pulumi.String("global"),
			Network:                    producerNetwork.ID(),
		})
		if err != nil {
			return err
		}
		endpointGroup, err := networksecurity.NewMirroringEndpointGroup(ctx, "endpoint_group", &networksecurity.MirroringEndpointGroupArgs{
			MirroringEndpointGroupId: pulumi.String("example-eg"),
			Location:                 pulumi.String("global"),
			MirroringDeploymentGroup: deploymentGroup.ID(),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewMirroringEndpointGroupAssociation(ctx, "default", &networksecurity.MirroringEndpointGroupAssociationArgs{
			MirroringEndpointGroupAssociationId: pulumi.String("example-ega"),
			Location:                            pulumi.String("global"),
			Network:                             consumerNetwork.ID(),
			MirroringEndpointGroup:              endpointGroup.ID(),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

MirroringEndpointGroupAssociation can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/mirroringEndpointGroupAssociations/{{mirroring_endpoint_group_association_id}}`

* `{{project}}/{{location}}/{{mirroring_endpoint_group_association_id}}`

* `{{location}}/{{mirroring_endpoint_group_association_id}}`

When using the `pulumi import` command, MirroringEndpointGroupAssociation can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/mirroringEndpointGroupAssociation:MirroringEndpointGroupAssociation default projects/{{project}}/locations/{{location}}/mirroringEndpointGroupAssociations/{{mirroring_endpoint_group_association_id}} ```

```sh $ pulumi import gcp:networksecurity/mirroringEndpointGroupAssociation:MirroringEndpointGroupAssociation default {{project}}/{{location}}/{{mirroring_endpoint_group_association_id}} ```

```sh $ pulumi import gcp:networksecurity/mirroringEndpointGroupAssociation:MirroringEndpointGroupAssociation default {{location}}/{{mirroring_endpoint_group_association_id}} ```

func GetMirroringEndpointGroupAssociation added in v8.11.0

func GetMirroringEndpointGroupAssociation(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MirroringEndpointGroupAssociationState, opts ...pulumi.ResourceOption) (*MirroringEndpointGroupAssociation, error)

GetMirroringEndpointGroupAssociation gets an existing MirroringEndpointGroupAssociation resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMirroringEndpointGroupAssociation added in v8.11.0

func NewMirroringEndpointGroupAssociation(ctx *pulumi.Context,
	name string, args *MirroringEndpointGroupAssociationArgs, opts ...pulumi.ResourceOption) (*MirroringEndpointGroupAssociation, error)

NewMirroringEndpointGroupAssociation registers a new resource with the given unique name, arguments, and options.

func (*MirroringEndpointGroupAssociation) ElementType added in v8.11.0

func (*MirroringEndpointGroupAssociation) ToMirroringEndpointGroupAssociationOutput added in v8.11.0

func (i *MirroringEndpointGroupAssociation) ToMirroringEndpointGroupAssociationOutput() MirroringEndpointGroupAssociationOutput

func (*MirroringEndpointGroupAssociation) ToMirroringEndpointGroupAssociationOutputWithContext added in v8.11.0

func (i *MirroringEndpointGroupAssociation) ToMirroringEndpointGroupAssociationOutputWithContext(ctx context.Context) MirroringEndpointGroupAssociationOutput

type MirroringEndpointGroupAssociationArgs added in v8.11.0

type MirroringEndpointGroupAssociationArgs struct {
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringEndpointGroupAssociation`.
	//
	// ***
	Location pulumi.StringInput
	// Required. Immutable. The Mirroring Endpoint Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/mirroringEndpointGroups/{mirroringEndpointGroup}`
	MirroringEndpointGroup pulumi.StringInput
	// Optional. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringEndpointGroupAssociationId from the methodSignature of Create
	// RPC
	MirroringEndpointGroupAssociationId pulumi.StringPtrInput
	// Required. Immutable. The VPC network associated. Format:
	// projects/{project}/global/networks/{network}.
	Network pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a MirroringEndpointGroupAssociation resource.

func (MirroringEndpointGroupAssociationArgs) ElementType added in v8.11.0

type MirroringEndpointGroupAssociationArray added in v8.11.0

type MirroringEndpointGroupAssociationArray []MirroringEndpointGroupAssociationInput

func (MirroringEndpointGroupAssociationArray) ElementType added in v8.11.0

func (MirroringEndpointGroupAssociationArray) ToMirroringEndpointGroupAssociationArrayOutput added in v8.11.0

func (i MirroringEndpointGroupAssociationArray) ToMirroringEndpointGroupAssociationArrayOutput() MirroringEndpointGroupAssociationArrayOutput

func (MirroringEndpointGroupAssociationArray) ToMirroringEndpointGroupAssociationArrayOutputWithContext added in v8.11.0

func (i MirroringEndpointGroupAssociationArray) ToMirroringEndpointGroupAssociationArrayOutputWithContext(ctx context.Context) MirroringEndpointGroupAssociationArrayOutput

type MirroringEndpointGroupAssociationArrayInput added in v8.11.0

type MirroringEndpointGroupAssociationArrayInput interface {
	pulumi.Input

	ToMirroringEndpointGroupAssociationArrayOutput() MirroringEndpointGroupAssociationArrayOutput
	ToMirroringEndpointGroupAssociationArrayOutputWithContext(context.Context) MirroringEndpointGroupAssociationArrayOutput
}

MirroringEndpointGroupAssociationArrayInput is an input type that accepts MirroringEndpointGroupAssociationArray and MirroringEndpointGroupAssociationArrayOutput values. You can construct a concrete instance of `MirroringEndpointGroupAssociationArrayInput` via:

MirroringEndpointGroupAssociationArray{ MirroringEndpointGroupAssociationArgs{...} }

type MirroringEndpointGroupAssociationArrayOutput added in v8.11.0

type MirroringEndpointGroupAssociationArrayOutput struct{ *pulumi.OutputState }

func (MirroringEndpointGroupAssociationArrayOutput) ElementType added in v8.11.0

func (MirroringEndpointGroupAssociationArrayOutput) Index added in v8.11.0

func (MirroringEndpointGroupAssociationArrayOutput) ToMirroringEndpointGroupAssociationArrayOutput added in v8.11.0

func (o MirroringEndpointGroupAssociationArrayOutput) ToMirroringEndpointGroupAssociationArrayOutput() MirroringEndpointGroupAssociationArrayOutput

func (MirroringEndpointGroupAssociationArrayOutput) ToMirroringEndpointGroupAssociationArrayOutputWithContext added in v8.11.0

func (o MirroringEndpointGroupAssociationArrayOutput) ToMirroringEndpointGroupAssociationArrayOutputWithContext(ctx context.Context) MirroringEndpointGroupAssociationArrayOutput

type MirroringEndpointGroupAssociationInput added in v8.11.0

type MirroringEndpointGroupAssociationInput interface {
	pulumi.Input

	ToMirroringEndpointGroupAssociationOutput() MirroringEndpointGroupAssociationOutput
	ToMirroringEndpointGroupAssociationOutputWithContext(ctx context.Context) MirroringEndpointGroupAssociationOutput
}

type MirroringEndpointGroupAssociationLocationsDetail added in v8.11.0

type MirroringEndpointGroupAssociationLocationsDetail struct {
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringEndpointGroupAssociation`.
	//
	// ***
	Location *string `pulumi:"location"`
	// (Output)
	// Output only. The association state in this location.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// OUT_OF_SYNC
	State *string `pulumi:"state"`
}

type MirroringEndpointGroupAssociationLocationsDetailArgs added in v8.11.0

type MirroringEndpointGroupAssociationLocationsDetailArgs struct {
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringEndpointGroupAssociation`.
	//
	// ***
	Location pulumi.StringPtrInput `pulumi:"location"`
	// (Output)
	// Output only. The association state in this location.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// OUT_OF_SYNC
	State pulumi.StringPtrInput `pulumi:"state"`
}

func (MirroringEndpointGroupAssociationLocationsDetailArgs) ElementType added in v8.11.0

func (MirroringEndpointGroupAssociationLocationsDetailArgs) ToMirroringEndpointGroupAssociationLocationsDetailOutput added in v8.11.0

func (i MirroringEndpointGroupAssociationLocationsDetailArgs) ToMirroringEndpointGroupAssociationLocationsDetailOutput() MirroringEndpointGroupAssociationLocationsDetailOutput

func (MirroringEndpointGroupAssociationLocationsDetailArgs) ToMirroringEndpointGroupAssociationLocationsDetailOutputWithContext added in v8.11.0

func (i MirroringEndpointGroupAssociationLocationsDetailArgs) ToMirroringEndpointGroupAssociationLocationsDetailOutputWithContext(ctx context.Context) MirroringEndpointGroupAssociationLocationsDetailOutput

type MirroringEndpointGroupAssociationLocationsDetailArray added in v8.11.0

type MirroringEndpointGroupAssociationLocationsDetailArray []MirroringEndpointGroupAssociationLocationsDetailInput

func (MirroringEndpointGroupAssociationLocationsDetailArray) ElementType added in v8.11.0

func (MirroringEndpointGroupAssociationLocationsDetailArray) ToMirroringEndpointGroupAssociationLocationsDetailArrayOutput added in v8.11.0

func (i MirroringEndpointGroupAssociationLocationsDetailArray) ToMirroringEndpointGroupAssociationLocationsDetailArrayOutput() MirroringEndpointGroupAssociationLocationsDetailArrayOutput

func (MirroringEndpointGroupAssociationLocationsDetailArray) ToMirroringEndpointGroupAssociationLocationsDetailArrayOutputWithContext added in v8.11.0

func (i MirroringEndpointGroupAssociationLocationsDetailArray) ToMirroringEndpointGroupAssociationLocationsDetailArrayOutputWithContext(ctx context.Context) MirroringEndpointGroupAssociationLocationsDetailArrayOutput

type MirroringEndpointGroupAssociationLocationsDetailArrayInput added in v8.11.0

type MirroringEndpointGroupAssociationLocationsDetailArrayInput interface {
	pulumi.Input

	ToMirroringEndpointGroupAssociationLocationsDetailArrayOutput() MirroringEndpointGroupAssociationLocationsDetailArrayOutput
	ToMirroringEndpointGroupAssociationLocationsDetailArrayOutputWithContext(context.Context) MirroringEndpointGroupAssociationLocationsDetailArrayOutput
}

MirroringEndpointGroupAssociationLocationsDetailArrayInput is an input type that accepts MirroringEndpointGroupAssociationLocationsDetailArray and MirroringEndpointGroupAssociationLocationsDetailArrayOutput values. You can construct a concrete instance of `MirroringEndpointGroupAssociationLocationsDetailArrayInput` via:

MirroringEndpointGroupAssociationLocationsDetailArray{ MirroringEndpointGroupAssociationLocationsDetailArgs{...} }

type MirroringEndpointGroupAssociationLocationsDetailArrayOutput added in v8.11.0

type MirroringEndpointGroupAssociationLocationsDetailArrayOutput struct{ *pulumi.OutputState }

func (MirroringEndpointGroupAssociationLocationsDetailArrayOutput) ElementType added in v8.11.0

func (MirroringEndpointGroupAssociationLocationsDetailArrayOutput) Index added in v8.11.0

func (MirroringEndpointGroupAssociationLocationsDetailArrayOutput) ToMirroringEndpointGroupAssociationLocationsDetailArrayOutput added in v8.11.0

func (MirroringEndpointGroupAssociationLocationsDetailArrayOutput) ToMirroringEndpointGroupAssociationLocationsDetailArrayOutputWithContext added in v8.11.0

func (o MirroringEndpointGroupAssociationLocationsDetailArrayOutput) ToMirroringEndpointGroupAssociationLocationsDetailArrayOutputWithContext(ctx context.Context) MirroringEndpointGroupAssociationLocationsDetailArrayOutput

type MirroringEndpointGroupAssociationLocationsDetailInput added in v8.11.0

type MirroringEndpointGroupAssociationLocationsDetailInput interface {
	pulumi.Input

	ToMirroringEndpointGroupAssociationLocationsDetailOutput() MirroringEndpointGroupAssociationLocationsDetailOutput
	ToMirroringEndpointGroupAssociationLocationsDetailOutputWithContext(context.Context) MirroringEndpointGroupAssociationLocationsDetailOutput
}

MirroringEndpointGroupAssociationLocationsDetailInput is an input type that accepts MirroringEndpointGroupAssociationLocationsDetailArgs and MirroringEndpointGroupAssociationLocationsDetailOutput values. You can construct a concrete instance of `MirroringEndpointGroupAssociationLocationsDetailInput` via:

MirroringEndpointGroupAssociationLocationsDetailArgs{...}

type MirroringEndpointGroupAssociationLocationsDetailOutput added in v8.11.0

type MirroringEndpointGroupAssociationLocationsDetailOutput struct{ *pulumi.OutputState }

func (MirroringEndpointGroupAssociationLocationsDetailOutput) ElementType added in v8.11.0

func (MirroringEndpointGroupAssociationLocationsDetailOutput) Location added in v8.11.0

Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringEndpointGroupAssociation`.

***

func (MirroringEndpointGroupAssociationLocationsDetailOutput) State added in v8.11.0

(Output) Output only. The association state in this location. Possible values: STATE_UNSPECIFIED ACTIVE OUT_OF_SYNC

func (MirroringEndpointGroupAssociationLocationsDetailOutput) ToMirroringEndpointGroupAssociationLocationsDetailOutput added in v8.11.0

func (MirroringEndpointGroupAssociationLocationsDetailOutput) ToMirroringEndpointGroupAssociationLocationsDetailOutputWithContext added in v8.11.0

func (o MirroringEndpointGroupAssociationLocationsDetailOutput) ToMirroringEndpointGroupAssociationLocationsDetailOutputWithContext(ctx context.Context) MirroringEndpointGroupAssociationLocationsDetailOutput

type MirroringEndpointGroupAssociationMap added in v8.11.0

type MirroringEndpointGroupAssociationMap map[string]MirroringEndpointGroupAssociationInput

func (MirroringEndpointGroupAssociationMap) ElementType added in v8.11.0

func (MirroringEndpointGroupAssociationMap) ToMirroringEndpointGroupAssociationMapOutput added in v8.11.0

func (i MirroringEndpointGroupAssociationMap) ToMirroringEndpointGroupAssociationMapOutput() MirroringEndpointGroupAssociationMapOutput

func (MirroringEndpointGroupAssociationMap) ToMirroringEndpointGroupAssociationMapOutputWithContext added in v8.11.0

func (i MirroringEndpointGroupAssociationMap) ToMirroringEndpointGroupAssociationMapOutputWithContext(ctx context.Context) MirroringEndpointGroupAssociationMapOutput

type MirroringEndpointGroupAssociationMapInput added in v8.11.0

type MirroringEndpointGroupAssociationMapInput interface {
	pulumi.Input

	ToMirroringEndpointGroupAssociationMapOutput() MirroringEndpointGroupAssociationMapOutput
	ToMirroringEndpointGroupAssociationMapOutputWithContext(context.Context) MirroringEndpointGroupAssociationMapOutput
}

MirroringEndpointGroupAssociationMapInput is an input type that accepts MirroringEndpointGroupAssociationMap and MirroringEndpointGroupAssociationMapOutput values. You can construct a concrete instance of `MirroringEndpointGroupAssociationMapInput` via:

MirroringEndpointGroupAssociationMap{ "key": MirroringEndpointGroupAssociationArgs{...} }

type MirroringEndpointGroupAssociationMapOutput added in v8.11.0

type MirroringEndpointGroupAssociationMapOutput struct{ *pulumi.OutputState }

func (MirroringEndpointGroupAssociationMapOutput) ElementType added in v8.11.0

func (MirroringEndpointGroupAssociationMapOutput) MapIndex added in v8.11.0

func (MirroringEndpointGroupAssociationMapOutput) ToMirroringEndpointGroupAssociationMapOutput added in v8.11.0

func (o MirroringEndpointGroupAssociationMapOutput) ToMirroringEndpointGroupAssociationMapOutput() MirroringEndpointGroupAssociationMapOutput

func (MirroringEndpointGroupAssociationMapOutput) ToMirroringEndpointGroupAssociationMapOutputWithContext added in v8.11.0

func (o MirroringEndpointGroupAssociationMapOutput) ToMirroringEndpointGroupAssociationMapOutputWithContext(ctx context.Context) MirroringEndpointGroupAssociationMapOutput

type MirroringEndpointGroupAssociationOutput added in v8.11.0

type MirroringEndpointGroupAssociationOutput struct{ *pulumi.OutputState }

func (MirroringEndpointGroupAssociationOutput) CreateTime added in v8.11.0

Output only. [Output only] Create time stamp

func (MirroringEndpointGroupAssociationOutput) EffectiveLabels added in v8.11.0

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (MirroringEndpointGroupAssociationOutput) ElementType added in v8.11.0

func (MirroringEndpointGroupAssociationOutput) Labels added in v8.11.0

Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (MirroringEndpointGroupAssociationOutput) Location added in v8.11.0

Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringEndpointGroupAssociation`.

***

func (MirroringEndpointGroupAssociationOutput) LocationsDetails added in v8.11.0

Output only. The list of locations that this association is in and its details. Structure is documented below.

func (MirroringEndpointGroupAssociationOutput) MirroringEndpointGroup added in v8.11.0

func (o MirroringEndpointGroupAssociationOutput) MirroringEndpointGroup() pulumi.StringOutput

Required. Immutable. The Mirroring Endpoint Group that this resource is connected to. Format is: `projects/{project}/locations/global/mirroringEndpointGroups/{mirroringEndpointGroup}`

func (MirroringEndpointGroupAssociationOutput) MirroringEndpointGroupAssociationId added in v8.11.0

func (o MirroringEndpointGroupAssociationOutput) MirroringEndpointGroupAssociationId() pulumi.StringPtrOutput

Optional. Id of the requesting object If auto-generating Id server-side, remove this field and mirroringEndpointGroupAssociationId from the methodSignature of Create RPC

func (MirroringEndpointGroupAssociationOutput) Name added in v8.11.0

Immutable. Identifier. The name of the MirroringEndpointGroupAssociation.

func (MirroringEndpointGroupAssociationOutput) Network added in v8.11.0

Required. Immutable. The VPC network associated. Format: projects/{project}/global/networks/{network}.

func (MirroringEndpointGroupAssociationOutput) Project added in v8.11.0

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (MirroringEndpointGroupAssociationOutput) PulumiLabels added in v8.11.0

The combination of labels configured directly on the resource and default labels configured on the provider.

func (MirroringEndpointGroupAssociationOutput) Reconciling added in v8.11.0

Output only. Whether reconciling is in progress, recommended per https://google.aip.dev/128.

func (MirroringEndpointGroupAssociationOutput) State added in v8.11.0

(Output) Output only. The association state in this location. Possible values: STATE_UNSPECIFIED ACTIVE OUT_OF_SYNC

func (MirroringEndpointGroupAssociationOutput) ToMirroringEndpointGroupAssociationOutput added in v8.11.0

func (o MirroringEndpointGroupAssociationOutput) ToMirroringEndpointGroupAssociationOutput() MirroringEndpointGroupAssociationOutput

func (MirroringEndpointGroupAssociationOutput) ToMirroringEndpointGroupAssociationOutputWithContext added in v8.11.0

func (o MirroringEndpointGroupAssociationOutput) ToMirroringEndpointGroupAssociationOutputWithContext(ctx context.Context) MirroringEndpointGroupAssociationOutput

func (MirroringEndpointGroupAssociationOutput) UpdateTime added in v8.11.0

Output only. [Output only] Update time stamp

type MirroringEndpointGroupAssociationState added in v8.11.0

type MirroringEndpointGroupAssociationState struct {
	// Output only. [Output only] Create time stamp
	CreateTime pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringEndpointGroupAssociation`.
	//
	// ***
	Location pulumi.StringPtrInput
	// Output only. The list of locations that this association is in and its details.
	// Structure is documented below.
	LocationsDetails MirroringEndpointGroupAssociationLocationsDetailArrayInput
	// Required. Immutable. The Mirroring Endpoint Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/mirroringEndpointGroups/{mirroringEndpointGroup}`
	MirroringEndpointGroup pulumi.StringPtrInput
	// Optional. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringEndpointGroupAssociationId from the methodSignature of Create
	// RPC
	MirroringEndpointGroupAssociationId pulumi.StringPtrInput
	// Immutable. Identifier. The name of the MirroringEndpointGroupAssociation.
	Name pulumi.StringPtrInput
	// Required. Immutable. The VPC network associated. Format:
	// projects/{project}/global/networks/{network}.
	Network pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Output only. Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolPtrInput
	// (Output)
	// Output only. The association state in this location.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// OUT_OF_SYNC
	State pulumi.StringPtrInput
	// Output only. [Output only] Update time stamp
	UpdateTime pulumi.StringPtrInput
}

func (MirroringEndpointGroupAssociationState) ElementType added in v8.11.0

type MirroringEndpointGroupInput added in v8.11.0

type MirroringEndpointGroupInput interface {
	pulumi.Input

	ToMirroringEndpointGroupOutput() MirroringEndpointGroupOutput
	ToMirroringEndpointGroupOutputWithContext(ctx context.Context) MirroringEndpointGroupOutput
}

type MirroringEndpointGroupMap added in v8.11.0

type MirroringEndpointGroupMap map[string]MirroringEndpointGroupInput

func (MirroringEndpointGroupMap) ElementType added in v8.11.0

func (MirroringEndpointGroupMap) ElementType() reflect.Type

func (MirroringEndpointGroupMap) ToMirroringEndpointGroupMapOutput added in v8.11.0

func (i MirroringEndpointGroupMap) ToMirroringEndpointGroupMapOutput() MirroringEndpointGroupMapOutput

func (MirroringEndpointGroupMap) ToMirroringEndpointGroupMapOutputWithContext added in v8.11.0

func (i MirroringEndpointGroupMap) ToMirroringEndpointGroupMapOutputWithContext(ctx context.Context) MirroringEndpointGroupMapOutput

type MirroringEndpointGroupMapInput added in v8.11.0

type MirroringEndpointGroupMapInput interface {
	pulumi.Input

	ToMirroringEndpointGroupMapOutput() MirroringEndpointGroupMapOutput
	ToMirroringEndpointGroupMapOutputWithContext(context.Context) MirroringEndpointGroupMapOutput
}

MirroringEndpointGroupMapInput is an input type that accepts MirroringEndpointGroupMap and MirroringEndpointGroupMapOutput values. You can construct a concrete instance of `MirroringEndpointGroupMapInput` via:

MirroringEndpointGroupMap{ "key": MirroringEndpointGroupArgs{...} }

type MirroringEndpointGroupMapOutput added in v8.11.0

type MirroringEndpointGroupMapOutput struct{ *pulumi.OutputState }

func (MirroringEndpointGroupMapOutput) ElementType added in v8.11.0

func (MirroringEndpointGroupMapOutput) MapIndex added in v8.11.0

func (MirroringEndpointGroupMapOutput) ToMirroringEndpointGroupMapOutput added in v8.11.0

func (o MirroringEndpointGroupMapOutput) ToMirroringEndpointGroupMapOutput() MirroringEndpointGroupMapOutput

func (MirroringEndpointGroupMapOutput) ToMirroringEndpointGroupMapOutputWithContext added in v8.11.0

func (o MirroringEndpointGroupMapOutput) ToMirroringEndpointGroupMapOutputWithContext(ctx context.Context) MirroringEndpointGroupMapOutput

type MirroringEndpointGroupOutput added in v8.11.0

type MirroringEndpointGroupOutput struct{ *pulumi.OutputState }

func (MirroringEndpointGroupOutput) CreateTime added in v8.11.0

Output only. [Output only] Create time stamp

func (MirroringEndpointGroupOutput) EffectiveLabels added in v8.11.0

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (MirroringEndpointGroupOutput) ElementType added in v8.11.0

func (MirroringEndpointGroupOutput) Labels added in v8.11.0

Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (MirroringEndpointGroupOutput) Location added in v8.11.0

Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringEndpointGroup`.

func (MirroringEndpointGroupOutput) MirroringDeploymentGroup added in v8.11.0

func (o MirroringEndpointGroupOutput) MirroringDeploymentGroup() pulumi.StringOutput

Required. Immutable. The Mirroring Deployment Group that this resource is connected to. Format is: `projects/{project}/locations/global/mirroringDeploymentGroups/{mirroringDeploymentGroup}`

func (MirroringEndpointGroupOutput) MirroringEndpointGroupId added in v8.11.0

func (o MirroringEndpointGroupOutput) MirroringEndpointGroupId() pulumi.StringOutput

Required. Id of the requesting object If auto-generating Id server-side, remove this field and mirroringEndpointGroupId from the methodSignature of Create RPC

***

func (MirroringEndpointGroupOutput) Name added in v8.11.0

Immutable. Identifier. The name of the MirroringEndpointGroup.

func (MirroringEndpointGroupOutput) Project added in v8.11.0

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (MirroringEndpointGroupOutput) PulumiLabels added in v8.11.0

The combination of labels configured directly on the resource and default labels configured on the provider.

func (MirroringEndpointGroupOutput) Reconciling added in v8.11.0

Output only. Whether reconciling is in progress, recommended per https://google.aip.dev/128.

func (MirroringEndpointGroupOutput) State added in v8.11.0

Output only. Current state of the endpoint group. Possible values: STATE_UNSPECIFIED ACTIVE CLOSED CREATING DELETING OUT_OF_SYNC

func (MirroringEndpointGroupOutput) ToMirroringEndpointGroupOutput added in v8.11.0

func (o MirroringEndpointGroupOutput) ToMirroringEndpointGroupOutput() MirroringEndpointGroupOutput

func (MirroringEndpointGroupOutput) ToMirroringEndpointGroupOutputWithContext added in v8.11.0

func (o MirroringEndpointGroupOutput) ToMirroringEndpointGroupOutputWithContext(ctx context.Context) MirroringEndpointGroupOutput

func (MirroringEndpointGroupOutput) UpdateTime added in v8.11.0

Output only. [Output only] Update time stamp

type MirroringEndpointGroupState added in v8.11.0

type MirroringEndpointGroupState struct {
	// Output only. [Output only] Create time stamp
	CreateTime pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Optional. Labels as key value pairs
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. See documentation for resource type `networksecurity.googleapis.com/MirroringEndpointGroup`.
	Location pulumi.StringPtrInput
	// Required. Immutable. The Mirroring Deployment Group that this resource is connected to. Format
	// is:
	// `projects/{project}/locations/global/mirroringDeploymentGroups/{mirroringDeploymentGroup}`
	MirroringDeploymentGroup pulumi.StringPtrInput
	// Required. Id of the requesting object
	// If auto-generating Id server-side, remove this field and
	// mirroringEndpointGroupId from the methodSignature of Create RPC
	//
	// ***
	MirroringEndpointGroupId pulumi.StringPtrInput
	// Immutable. Identifier. The name of the MirroringEndpointGroup.
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Output only. Whether reconciling is in progress, recommended per
	// https://google.aip.dev/128.
	Reconciling pulumi.BoolPtrInput
	// Output only. Current state of the endpoint group.
	// Possible values:
	// STATE_UNSPECIFIED
	// ACTIVE
	// CLOSED
	// CREATING
	// DELETING
	// OUT_OF_SYNC
	State pulumi.StringPtrInput
	// Output only. [Output only] Update time stamp
	UpdateTime pulumi.StringPtrInput
}

func (MirroringEndpointGroupState) ElementType added in v8.11.0

type SecurityProfile

type SecurityProfile struct {
	pulumi.CustomResourceState

	// Time the security profile was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// An optional description of the security profile. The Max length is 512 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// This checksum is computed by the server based on the value of other fields,
	// and may be sent on update and delete requests to ensure the client has an up-to-date
	// value before proceeding.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the security profile.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// The name of the security profile resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The name of the parent this security profile belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrOutput `pulumi:"parent"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Server-defined URL of this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// The threat prevention configuration for the security profile.
	// Structure is documented below.
	ThreatPreventionProfile SecurityProfileThreatPreventionProfilePtrOutput `pulumi:"threatPreventionProfile"`
	// The type of security profile.
	// Possible values are: `THREAT_PREVENTION`.
	Type pulumi.StringOutput `pulumi:"type"`
	// Time the security profile was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

A security profile defines the behavior associated to a profile type.

To get more information about SecurityProfile, see:

* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/organizations.locations.securityProfiles) * How-to Guides

## Example Usage

### Network Security Security Profile Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
			Name:        pulumi.String("my-security-profile"),
			Parent:      pulumi.String("organizations/123456789"),
			Description: pulumi.String("my description"),
			Type:        pulumi.String("THREAT_PREVENTION"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Security Profile Overrides

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
			Name:        pulumi.String("my-security-profile"),
			Parent:      pulumi.String("organizations/123456789"),
			Description: pulumi.String("my description"),
			Type:        pulumi.String("THREAT_PREVENTION"),
			ThreatPreventionProfile: &networksecurity.SecurityProfileThreatPreventionProfileArgs{
				SeverityOverrides: networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArray{
					&networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{
						Action:   pulumi.String("ALLOW"),
						Severity: pulumi.String("INFORMATIONAL"),
					},
					&networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{
						Action:   pulumi.String("DENY"),
						Severity: pulumi.String("HIGH"),
					},
				},
				ThreatOverrides: networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArray{
					&networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArgs{
						Action:   pulumi.String("ALLOW"),
						ThreatId: pulumi.String("280647"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

SecurityProfile can be imported using any of these accepted formats:

* `{{parent}}/locations/{{location}}/securityProfiles/{{name}}`

When using the `pulumi import` command, SecurityProfile can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/securityProfile:SecurityProfile default {{parent}}/locations/{{location}}/securityProfiles/{{name}} ```

func GetSecurityProfile

func GetSecurityProfile(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecurityProfileState, opts ...pulumi.ResourceOption) (*SecurityProfile, error)

GetSecurityProfile gets an existing SecurityProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecurityProfile

func NewSecurityProfile(ctx *pulumi.Context,
	name string, args *SecurityProfileArgs, opts ...pulumi.ResourceOption) (*SecurityProfile, error)

NewSecurityProfile registers a new resource with the given unique name, arguments, and options.

func (*SecurityProfile) ElementType

func (*SecurityProfile) ElementType() reflect.Type

func (*SecurityProfile) ToSecurityProfileOutput

func (i *SecurityProfile) ToSecurityProfileOutput() SecurityProfileOutput

func (*SecurityProfile) ToSecurityProfileOutputWithContext

func (i *SecurityProfile) ToSecurityProfileOutputWithContext(ctx context.Context) SecurityProfileOutput

type SecurityProfileArgs

type SecurityProfileArgs struct {
	// An optional description of the security profile. The Max length is 512 characters.
	Description pulumi.StringPtrInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the security profile.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// The name of the security profile resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The name of the parent this security profile belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrInput
	// The threat prevention configuration for the security profile.
	// Structure is documented below.
	ThreatPreventionProfile SecurityProfileThreatPreventionProfilePtrInput
	// The type of security profile.
	// Possible values are: `THREAT_PREVENTION`.
	Type pulumi.StringInput
}

The set of arguments for constructing a SecurityProfile resource.

func (SecurityProfileArgs) ElementType

func (SecurityProfileArgs) ElementType() reflect.Type

type SecurityProfileArray

type SecurityProfileArray []SecurityProfileInput

func (SecurityProfileArray) ElementType

func (SecurityProfileArray) ElementType() reflect.Type

func (SecurityProfileArray) ToSecurityProfileArrayOutput

func (i SecurityProfileArray) ToSecurityProfileArrayOutput() SecurityProfileArrayOutput

func (SecurityProfileArray) ToSecurityProfileArrayOutputWithContext

func (i SecurityProfileArray) ToSecurityProfileArrayOutputWithContext(ctx context.Context) SecurityProfileArrayOutput

type SecurityProfileArrayInput

type SecurityProfileArrayInput interface {
	pulumi.Input

	ToSecurityProfileArrayOutput() SecurityProfileArrayOutput
	ToSecurityProfileArrayOutputWithContext(context.Context) SecurityProfileArrayOutput
}

SecurityProfileArrayInput is an input type that accepts SecurityProfileArray and SecurityProfileArrayOutput values. You can construct a concrete instance of `SecurityProfileArrayInput` via:

SecurityProfileArray{ SecurityProfileArgs{...} }

type SecurityProfileArrayOutput

type SecurityProfileArrayOutput struct{ *pulumi.OutputState }

func (SecurityProfileArrayOutput) ElementType

func (SecurityProfileArrayOutput) ElementType() reflect.Type

func (SecurityProfileArrayOutput) Index

func (SecurityProfileArrayOutput) ToSecurityProfileArrayOutput

func (o SecurityProfileArrayOutput) ToSecurityProfileArrayOutput() SecurityProfileArrayOutput

func (SecurityProfileArrayOutput) ToSecurityProfileArrayOutputWithContext

func (o SecurityProfileArrayOutput) ToSecurityProfileArrayOutputWithContext(ctx context.Context) SecurityProfileArrayOutput

type SecurityProfileGroup

type SecurityProfileGroup struct {
	pulumi.CustomResourceState

	// Time the security profile group was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// An optional description of the profile. The Max length is 512 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// This checksum is computed by the server based on the value of other fields,
	// and may be sent on update and delete requests to ensure the client has an up-to-date
	// value before proceeding.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the security profile group.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// The name of the security profile group resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The name of the parent this security profile group belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrOutput `pulumi:"parent"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Reference to a SecurityProfile with the threat prevention configuration for the SecurityProfileGroup.
	ThreatPreventionProfile pulumi.StringPtrOutput `pulumi:"threatPreventionProfile"`
	// Time the security profile group was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

A security profile group defines a container for security profiles.

To get more information about SecurityProfileGroup, see:

* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/organizations.locations.securityProfileGroups) * How-to Guides

## Example Usage

### Network Security Security Profile Group Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		securityProfile, err := networksecurity.NewSecurityProfile(ctx, "security_profile", &networksecurity.SecurityProfileArgs{
			Name:     pulumi.String("sec-profile"),
			Type:     pulumi.String("THREAT_PREVENTION"),
			Parent:   pulumi.String("organizations/123456789"),
			Location: pulumi.String("global"),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewSecurityProfileGroup(ctx, "default", &networksecurity.SecurityProfileGroupArgs{
			Name:                    pulumi.String("sec-profile-group"),
			Parent:                  pulumi.String("organizations/123456789"),
			Description:             pulumi.String("my description"),
			ThreatPreventionProfile: securityProfile.ID(),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

SecurityProfileGroup can be imported using any of these accepted formats:

* `{{parent}}/locations/{{location}}/securityProfileGroups/{{name}}`

When using the `pulumi import` command, SecurityProfileGroup can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/securityProfileGroup:SecurityProfileGroup default {{parent}}/locations/{{location}}/securityProfileGroups/{{name}} ```

func GetSecurityProfileGroup

func GetSecurityProfileGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecurityProfileGroupState, opts ...pulumi.ResourceOption) (*SecurityProfileGroup, error)

GetSecurityProfileGroup gets an existing SecurityProfileGroup resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecurityProfileGroup

func NewSecurityProfileGroup(ctx *pulumi.Context,
	name string, args *SecurityProfileGroupArgs, opts ...pulumi.ResourceOption) (*SecurityProfileGroup, error)

NewSecurityProfileGroup registers a new resource with the given unique name, arguments, and options.

func (*SecurityProfileGroup) ElementType

func (*SecurityProfileGroup) ElementType() reflect.Type

func (*SecurityProfileGroup) ToSecurityProfileGroupOutput

func (i *SecurityProfileGroup) ToSecurityProfileGroupOutput() SecurityProfileGroupOutput

func (*SecurityProfileGroup) ToSecurityProfileGroupOutputWithContext

func (i *SecurityProfileGroup) ToSecurityProfileGroupOutputWithContext(ctx context.Context) SecurityProfileGroupOutput

type SecurityProfileGroupArgs

type SecurityProfileGroupArgs struct {
	// An optional description of the profile. The Max length is 512 characters.
	Description pulumi.StringPtrInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the security profile group.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// The name of the security profile group resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The name of the parent this security profile group belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrInput
	// Reference to a SecurityProfile with the threat prevention configuration for the SecurityProfileGroup.
	ThreatPreventionProfile pulumi.StringPtrInput
}

The set of arguments for constructing a SecurityProfileGroup resource.

func (SecurityProfileGroupArgs) ElementType

func (SecurityProfileGroupArgs) ElementType() reflect.Type

type SecurityProfileGroupArray

type SecurityProfileGroupArray []SecurityProfileGroupInput

func (SecurityProfileGroupArray) ElementType

func (SecurityProfileGroupArray) ElementType() reflect.Type

func (SecurityProfileGroupArray) ToSecurityProfileGroupArrayOutput

func (i SecurityProfileGroupArray) ToSecurityProfileGroupArrayOutput() SecurityProfileGroupArrayOutput

func (SecurityProfileGroupArray) ToSecurityProfileGroupArrayOutputWithContext

func (i SecurityProfileGroupArray) ToSecurityProfileGroupArrayOutputWithContext(ctx context.Context) SecurityProfileGroupArrayOutput

type SecurityProfileGroupArrayInput

type SecurityProfileGroupArrayInput interface {
	pulumi.Input

	ToSecurityProfileGroupArrayOutput() SecurityProfileGroupArrayOutput
	ToSecurityProfileGroupArrayOutputWithContext(context.Context) SecurityProfileGroupArrayOutput
}

SecurityProfileGroupArrayInput is an input type that accepts SecurityProfileGroupArray and SecurityProfileGroupArrayOutput values. You can construct a concrete instance of `SecurityProfileGroupArrayInput` via:

SecurityProfileGroupArray{ SecurityProfileGroupArgs{...} }

type SecurityProfileGroupArrayOutput

type SecurityProfileGroupArrayOutput struct{ *pulumi.OutputState }

func (SecurityProfileGroupArrayOutput) ElementType

func (SecurityProfileGroupArrayOutput) Index

func (SecurityProfileGroupArrayOutput) ToSecurityProfileGroupArrayOutput

func (o SecurityProfileGroupArrayOutput) ToSecurityProfileGroupArrayOutput() SecurityProfileGroupArrayOutput

func (SecurityProfileGroupArrayOutput) ToSecurityProfileGroupArrayOutputWithContext

func (o SecurityProfileGroupArrayOutput) ToSecurityProfileGroupArrayOutputWithContext(ctx context.Context) SecurityProfileGroupArrayOutput

type SecurityProfileGroupInput

type SecurityProfileGroupInput interface {
	pulumi.Input

	ToSecurityProfileGroupOutput() SecurityProfileGroupOutput
	ToSecurityProfileGroupOutputWithContext(ctx context.Context) SecurityProfileGroupOutput
}

type SecurityProfileGroupMap

type SecurityProfileGroupMap map[string]SecurityProfileGroupInput

func (SecurityProfileGroupMap) ElementType

func (SecurityProfileGroupMap) ElementType() reflect.Type

func (SecurityProfileGroupMap) ToSecurityProfileGroupMapOutput

func (i SecurityProfileGroupMap) ToSecurityProfileGroupMapOutput() SecurityProfileGroupMapOutput

func (SecurityProfileGroupMap) ToSecurityProfileGroupMapOutputWithContext

func (i SecurityProfileGroupMap) ToSecurityProfileGroupMapOutputWithContext(ctx context.Context) SecurityProfileGroupMapOutput

type SecurityProfileGroupMapInput

type SecurityProfileGroupMapInput interface {
	pulumi.Input

	ToSecurityProfileGroupMapOutput() SecurityProfileGroupMapOutput
	ToSecurityProfileGroupMapOutputWithContext(context.Context) SecurityProfileGroupMapOutput
}

SecurityProfileGroupMapInput is an input type that accepts SecurityProfileGroupMap and SecurityProfileGroupMapOutput values. You can construct a concrete instance of `SecurityProfileGroupMapInput` via:

SecurityProfileGroupMap{ "key": SecurityProfileGroupArgs{...} }

type SecurityProfileGroupMapOutput

type SecurityProfileGroupMapOutput struct{ *pulumi.OutputState }

func (SecurityProfileGroupMapOutput) ElementType

func (SecurityProfileGroupMapOutput) MapIndex

func (SecurityProfileGroupMapOutput) ToSecurityProfileGroupMapOutput

func (o SecurityProfileGroupMapOutput) ToSecurityProfileGroupMapOutput() SecurityProfileGroupMapOutput

func (SecurityProfileGroupMapOutput) ToSecurityProfileGroupMapOutputWithContext

func (o SecurityProfileGroupMapOutput) ToSecurityProfileGroupMapOutputWithContext(ctx context.Context) SecurityProfileGroupMapOutput

type SecurityProfileGroupOutput

type SecurityProfileGroupOutput struct{ *pulumi.OutputState }

func (SecurityProfileGroupOutput) CreateTime

Time the security profile group was created in UTC.

func (SecurityProfileGroupOutput) Description

An optional description of the profile. The Max length is 512 characters.

func (SecurityProfileGroupOutput) EffectiveLabels

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (SecurityProfileGroupOutput) ElementType

func (SecurityProfileGroupOutput) ElementType() reflect.Type

func (SecurityProfileGroupOutput) Etag

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

func (SecurityProfileGroupOutput) Labels

A map of key/value label pairs to assign to the resource.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (SecurityProfileGroupOutput) Location

The location of the security profile group. The default value is `global`.

func (SecurityProfileGroupOutput) Name

The name of the security profile group resource.

***

func (SecurityProfileGroupOutput) Parent

The name of the parent this security profile group belongs to. Format: organizations/{organization_id}.

func (SecurityProfileGroupOutput) PulumiLabels

The combination of labels configured directly on the resource and default labels configured on the provider.

func (SecurityProfileGroupOutput) ThreatPreventionProfile

func (o SecurityProfileGroupOutput) ThreatPreventionProfile() pulumi.StringPtrOutput

Reference to a SecurityProfile with the threat prevention configuration for the SecurityProfileGroup.

func (SecurityProfileGroupOutput) ToSecurityProfileGroupOutput

func (o SecurityProfileGroupOutput) ToSecurityProfileGroupOutput() SecurityProfileGroupOutput

func (SecurityProfileGroupOutput) ToSecurityProfileGroupOutputWithContext

func (o SecurityProfileGroupOutput) ToSecurityProfileGroupOutputWithContext(ctx context.Context) SecurityProfileGroupOutput

func (SecurityProfileGroupOutput) UpdateTime

Time the security profile group was updated in UTC.

type SecurityProfileGroupState

type SecurityProfileGroupState struct {
	// Time the security profile group was created in UTC.
	CreateTime pulumi.StringPtrInput
	// An optional description of the profile. The Max length is 512 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// This checksum is computed by the server based on the value of other fields,
	// and may be sent on update and delete requests to ensure the client has an up-to-date
	// value before proceeding.
	Etag pulumi.StringPtrInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the security profile group.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// The name of the security profile group resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The name of the parent this security profile group belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Reference to a SecurityProfile with the threat prevention configuration for the SecurityProfileGroup.
	ThreatPreventionProfile pulumi.StringPtrInput
	// Time the security profile group was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (SecurityProfileGroupState) ElementType

func (SecurityProfileGroupState) ElementType() reflect.Type

type SecurityProfileInput

type SecurityProfileInput interface {
	pulumi.Input

	ToSecurityProfileOutput() SecurityProfileOutput
	ToSecurityProfileOutputWithContext(ctx context.Context) SecurityProfileOutput
}

type SecurityProfileMap

type SecurityProfileMap map[string]SecurityProfileInput

func (SecurityProfileMap) ElementType

func (SecurityProfileMap) ElementType() reflect.Type

func (SecurityProfileMap) ToSecurityProfileMapOutput

func (i SecurityProfileMap) ToSecurityProfileMapOutput() SecurityProfileMapOutput

func (SecurityProfileMap) ToSecurityProfileMapOutputWithContext

func (i SecurityProfileMap) ToSecurityProfileMapOutputWithContext(ctx context.Context) SecurityProfileMapOutput

type SecurityProfileMapInput

type SecurityProfileMapInput interface {
	pulumi.Input

	ToSecurityProfileMapOutput() SecurityProfileMapOutput
	ToSecurityProfileMapOutputWithContext(context.Context) SecurityProfileMapOutput
}

SecurityProfileMapInput is an input type that accepts SecurityProfileMap and SecurityProfileMapOutput values. You can construct a concrete instance of `SecurityProfileMapInput` via:

SecurityProfileMap{ "key": SecurityProfileArgs{...} }

type SecurityProfileMapOutput

type SecurityProfileMapOutput struct{ *pulumi.OutputState }

func (SecurityProfileMapOutput) ElementType

func (SecurityProfileMapOutput) ElementType() reflect.Type

func (SecurityProfileMapOutput) MapIndex

func (SecurityProfileMapOutput) ToSecurityProfileMapOutput

func (o SecurityProfileMapOutput) ToSecurityProfileMapOutput() SecurityProfileMapOutput

func (SecurityProfileMapOutput) ToSecurityProfileMapOutputWithContext

func (o SecurityProfileMapOutput) ToSecurityProfileMapOutputWithContext(ctx context.Context) SecurityProfileMapOutput

type SecurityProfileOutput

type SecurityProfileOutput struct{ *pulumi.OutputState }

func (SecurityProfileOutput) CreateTime

func (o SecurityProfileOutput) CreateTime() pulumi.StringOutput

Time the security profile was created in UTC.

func (SecurityProfileOutput) Description

An optional description of the security profile. The Max length is 512 characters.

func (SecurityProfileOutput) EffectiveLabels

func (o SecurityProfileOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (SecurityProfileOutput) ElementType

func (SecurityProfileOutput) ElementType() reflect.Type

func (SecurityProfileOutput) Etag

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

func (SecurityProfileOutput) Labels

A map of key/value label pairs to assign to the resource.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (SecurityProfileOutput) Location

The location of the security profile. The default value is `global`.

func (SecurityProfileOutput) Name

The name of the security profile resource.

***

func (SecurityProfileOutput) Parent

The name of the parent this security profile belongs to. Format: organizations/{organization_id}.

func (SecurityProfileOutput) PulumiLabels

func (o SecurityProfileOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

Server-defined URL of this resource.

func (SecurityProfileOutput) ThreatPreventionProfile

The threat prevention configuration for the security profile. Structure is documented below.

func (SecurityProfileOutput) ToSecurityProfileOutput

func (o SecurityProfileOutput) ToSecurityProfileOutput() SecurityProfileOutput

func (SecurityProfileOutput) ToSecurityProfileOutputWithContext

func (o SecurityProfileOutput) ToSecurityProfileOutputWithContext(ctx context.Context) SecurityProfileOutput

func (SecurityProfileOutput) Type

The type of security profile. Possible values are: `THREAT_PREVENTION`.

func (SecurityProfileOutput) UpdateTime

func (o SecurityProfileOutput) UpdateTime() pulumi.StringOutput

Time the security profile was updated in UTC.

type SecurityProfileState

type SecurityProfileState struct {
	// Time the security profile was created in UTC.
	CreateTime pulumi.StringPtrInput
	// An optional description of the security profile. The Max length is 512 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// This checksum is computed by the server based on the value of other fields,
	// and may be sent on update and delete requests to ensure the client has an up-to-date
	// value before proceeding.
	Etag pulumi.StringPtrInput
	// A map of key/value label pairs to assign to the resource.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the security profile.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// The name of the security profile resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The name of the parent this security profile belongs to.
	// Format: organizations/{organization_id}.
	Parent pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Server-defined URL of this resource.
	SelfLink pulumi.StringPtrInput
	// The threat prevention configuration for the security profile.
	// Structure is documented below.
	ThreatPreventionProfile SecurityProfileThreatPreventionProfilePtrInput
	// The type of security profile.
	// Possible values are: `THREAT_PREVENTION`.
	Type pulumi.StringPtrInput
	// Time the security profile was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (SecurityProfileState) ElementType

func (SecurityProfileState) ElementType() reflect.Type

type SecurityProfileThreatPreventionProfile

type SecurityProfileThreatPreventionProfile struct {
	// The configuration for overriding threats actions by severity match.
	// Structure is documented below.
	SeverityOverrides []SecurityProfileThreatPreventionProfileSeverityOverride `pulumi:"severityOverrides"`
	// The configuration for overriding threats actions by threat id match.
	// If a threat is matched both by configuration provided in severity overrides
	// and threat overrides, the threat overrides action is applied.
	// Structure is documented below.
	ThreatOverrides []SecurityProfileThreatPreventionProfileThreatOverride `pulumi:"threatOverrides"`
}

type SecurityProfileThreatPreventionProfileArgs

type SecurityProfileThreatPreventionProfileArgs struct {
	// The configuration for overriding threats actions by severity match.
	// Structure is documented below.
	SeverityOverrides SecurityProfileThreatPreventionProfileSeverityOverrideArrayInput `pulumi:"severityOverrides"`
	// The configuration for overriding threats actions by threat id match.
	// If a threat is matched both by configuration provided in severity overrides
	// and threat overrides, the threat overrides action is applied.
	// Structure is documented below.
	ThreatOverrides SecurityProfileThreatPreventionProfileThreatOverrideArrayInput `pulumi:"threatOverrides"`
}

func (SecurityProfileThreatPreventionProfileArgs) ElementType

func (SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfileOutput

func (i SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfileOutput() SecurityProfileThreatPreventionProfileOutput

func (SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfileOutputWithContext

func (i SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfileOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileOutput

func (SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfilePtrOutput

func (i SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfilePtrOutput() SecurityProfileThreatPreventionProfilePtrOutput

func (SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext

func (i SecurityProfileThreatPreventionProfileArgs) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfilePtrOutput

type SecurityProfileThreatPreventionProfileInput

type SecurityProfileThreatPreventionProfileInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfileOutput() SecurityProfileThreatPreventionProfileOutput
	ToSecurityProfileThreatPreventionProfileOutputWithContext(context.Context) SecurityProfileThreatPreventionProfileOutput
}

SecurityProfileThreatPreventionProfileInput is an input type that accepts SecurityProfileThreatPreventionProfileArgs and SecurityProfileThreatPreventionProfileOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfileInput` via:

SecurityProfileThreatPreventionProfileArgs{...}

type SecurityProfileThreatPreventionProfileOutput

type SecurityProfileThreatPreventionProfileOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfileOutput) ElementType

func (SecurityProfileThreatPreventionProfileOutput) SeverityOverrides

The configuration for overriding threats actions by severity match. Structure is documented below.

func (SecurityProfileThreatPreventionProfileOutput) ThreatOverrides

The configuration for overriding threats actions by threat id match. If a threat is matched both by configuration provided in severity overrides and threat overrides, the threat overrides action is applied. Structure is documented below.

func (SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfileOutput

func (o SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfileOutput() SecurityProfileThreatPreventionProfileOutput

func (SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfileOutputWithContext

func (o SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfileOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileOutput

func (SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfilePtrOutput

func (o SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfilePtrOutput() SecurityProfileThreatPreventionProfilePtrOutput

func (SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext

func (o SecurityProfileThreatPreventionProfileOutput) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfilePtrOutput

type SecurityProfileThreatPreventionProfilePtrInput

type SecurityProfileThreatPreventionProfilePtrInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfilePtrOutput() SecurityProfileThreatPreventionProfilePtrOutput
	ToSecurityProfileThreatPreventionProfilePtrOutputWithContext(context.Context) SecurityProfileThreatPreventionProfilePtrOutput
}

SecurityProfileThreatPreventionProfilePtrInput is an input type that accepts SecurityProfileThreatPreventionProfileArgs, SecurityProfileThreatPreventionProfilePtr and SecurityProfileThreatPreventionProfilePtrOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfilePtrInput` via:

        SecurityProfileThreatPreventionProfileArgs{...}

or:

        nil

type SecurityProfileThreatPreventionProfilePtrOutput

type SecurityProfileThreatPreventionProfilePtrOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfilePtrOutput) Elem

func (SecurityProfileThreatPreventionProfilePtrOutput) ElementType

func (SecurityProfileThreatPreventionProfilePtrOutput) SeverityOverrides

The configuration for overriding threats actions by severity match. Structure is documented below.

func (SecurityProfileThreatPreventionProfilePtrOutput) ThreatOverrides

The configuration for overriding threats actions by threat id match. If a threat is matched both by configuration provided in severity overrides and threat overrides, the threat overrides action is applied. Structure is documented below.

func (SecurityProfileThreatPreventionProfilePtrOutput) ToSecurityProfileThreatPreventionProfilePtrOutput

func (o SecurityProfileThreatPreventionProfilePtrOutput) ToSecurityProfileThreatPreventionProfilePtrOutput() SecurityProfileThreatPreventionProfilePtrOutput

func (SecurityProfileThreatPreventionProfilePtrOutput) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext

func (o SecurityProfileThreatPreventionProfilePtrOutput) ToSecurityProfileThreatPreventionProfilePtrOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfilePtrOutput

type SecurityProfileThreatPreventionProfileSeverityOverride

type SecurityProfileThreatPreventionProfileSeverityOverride struct {
	// Threat action override.
	// Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.
	Action string `pulumi:"action"`
	// Severity level to match.
	// Possible values are: `CRITICAL`, `HIGH`, `INFORMATIONAL`, `LOW`, `MEDIUM`.
	Severity string `pulumi:"severity"`
}

type SecurityProfileThreatPreventionProfileSeverityOverrideArgs

type SecurityProfileThreatPreventionProfileSeverityOverrideArgs struct {
	// Threat action override.
	// Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.
	Action pulumi.StringInput `pulumi:"action"`
	// Severity level to match.
	// Possible values are: `CRITICAL`, `HIGH`, `INFORMATIONAL`, `LOW`, `MEDIUM`.
	Severity pulumi.StringInput `pulumi:"severity"`
}

func (SecurityProfileThreatPreventionProfileSeverityOverrideArgs) ElementType

func (SecurityProfileThreatPreventionProfileSeverityOverrideArgs) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutput

func (SecurityProfileThreatPreventionProfileSeverityOverrideArgs) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutputWithContext

func (i SecurityProfileThreatPreventionProfileSeverityOverrideArgs) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideOutput

type SecurityProfileThreatPreventionProfileSeverityOverrideArray

type SecurityProfileThreatPreventionProfileSeverityOverrideArray []SecurityProfileThreatPreventionProfileSeverityOverrideInput

func (SecurityProfileThreatPreventionProfileSeverityOverrideArray) ElementType

func (SecurityProfileThreatPreventionProfileSeverityOverrideArray) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput

func (SecurityProfileThreatPreventionProfileSeverityOverrideArray) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutputWithContext

func (i SecurityProfileThreatPreventionProfileSeverityOverrideArray) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput

type SecurityProfileThreatPreventionProfileSeverityOverrideArrayInput

type SecurityProfileThreatPreventionProfileSeverityOverrideArrayInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput() SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput
	ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutputWithContext(context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput
}

SecurityProfileThreatPreventionProfileSeverityOverrideArrayInput is an input type that accepts SecurityProfileThreatPreventionProfileSeverityOverrideArray and SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfileSeverityOverrideArrayInput` via:

SecurityProfileThreatPreventionProfileSeverityOverrideArray{ SecurityProfileThreatPreventionProfileSeverityOverrideArgs{...} }

type SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput

type SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) ElementType

func (SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) Index

func (SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput

func (SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutputWithContext

func (o SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideArrayOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideArrayOutput

type SecurityProfileThreatPreventionProfileSeverityOverrideInput

type SecurityProfileThreatPreventionProfileSeverityOverrideInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfileSeverityOverrideOutput() SecurityProfileThreatPreventionProfileSeverityOverrideOutput
	ToSecurityProfileThreatPreventionProfileSeverityOverrideOutputWithContext(context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideOutput
}

SecurityProfileThreatPreventionProfileSeverityOverrideInput is an input type that accepts SecurityProfileThreatPreventionProfileSeverityOverrideArgs and SecurityProfileThreatPreventionProfileSeverityOverrideOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfileSeverityOverrideInput` via:

SecurityProfileThreatPreventionProfileSeverityOverrideArgs{...}

type SecurityProfileThreatPreventionProfileSeverityOverrideOutput

type SecurityProfileThreatPreventionProfileSeverityOverrideOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfileSeverityOverrideOutput) Action

Threat action override. Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.

func (SecurityProfileThreatPreventionProfileSeverityOverrideOutput) ElementType

func (SecurityProfileThreatPreventionProfileSeverityOverrideOutput) Severity

Severity level to match. Possible values are: `CRITICAL`, `HIGH`, `INFORMATIONAL`, `LOW`, `MEDIUM`.

func (SecurityProfileThreatPreventionProfileSeverityOverrideOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutput

func (SecurityProfileThreatPreventionProfileSeverityOverrideOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutputWithContext

func (o SecurityProfileThreatPreventionProfileSeverityOverrideOutput) ToSecurityProfileThreatPreventionProfileSeverityOverrideOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileSeverityOverrideOutput

type SecurityProfileThreatPreventionProfileThreatOverride

type SecurityProfileThreatPreventionProfileThreatOverride struct {
	// Threat action.
	// Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.
	Action string `pulumi:"action"`
	// Vendor-specific ID of a threat to override.
	ThreatId string `pulumi:"threatId"`
	// (Output)
	// Type of threat.
	Type *string `pulumi:"type"`
}

type SecurityProfileThreatPreventionProfileThreatOverrideArgs

type SecurityProfileThreatPreventionProfileThreatOverrideArgs struct {
	// Threat action.
	// Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.
	Action pulumi.StringInput `pulumi:"action"`
	// Vendor-specific ID of a threat to override.
	ThreatId pulumi.StringInput `pulumi:"threatId"`
	// (Output)
	// Type of threat.
	Type pulumi.StringPtrInput `pulumi:"type"`
}

func (SecurityProfileThreatPreventionProfileThreatOverrideArgs) ElementType

func (SecurityProfileThreatPreventionProfileThreatOverrideArgs) ToSecurityProfileThreatPreventionProfileThreatOverrideOutput

func (SecurityProfileThreatPreventionProfileThreatOverrideArgs) ToSecurityProfileThreatPreventionProfileThreatOverrideOutputWithContext

func (i SecurityProfileThreatPreventionProfileThreatOverrideArgs) ToSecurityProfileThreatPreventionProfileThreatOverrideOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileThreatOverrideOutput

type SecurityProfileThreatPreventionProfileThreatOverrideArray

type SecurityProfileThreatPreventionProfileThreatOverrideArray []SecurityProfileThreatPreventionProfileThreatOverrideInput

func (SecurityProfileThreatPreventionProfileThreatOverrideArray) ElementType

func (SecurityProfileThreatPreventionProfileThreatOverrideArray) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

func (i SecurityProfileThreatPreventionProfileThreatOverrideArray) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutput() SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

func (SecurityProfileThreatPreventionProfileThreatOverrideArray) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutputWithContext

func (i SecurityProfileThreatPreventionProfileThreatOverrideArray) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

type SecurityProfileThreatPreventionProfileThreatOverrideArrayInput

type SecurityProfileThreatPreventionProfileThreatOverrideArrayInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutput() SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput
	ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutputWithContext(context.Context) SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput
}

SecurityProfileThreatPreventionProfileThreatOverrideArrayInput is an input type that accepts SecurityProfileThreatPreventionProfileThreatOverrideArray and SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfileThreatOverrideArrayInput` via:

SecurityProfileThreatPreventionProfileThreatOverrideArray{ SecurityProfileThreatPreventionProfileThreatOverrideArgs{...} }

type SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

type SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) ElementType

func (SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) Index

func (SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

func (SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutputWithContext

func (o SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideArrayOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileThreatOverrideArrayOutput

type SecurityProfileThreatPreventionProfileThreatOverrideInput

type SecurityProfileThreatPreventionProfileThreatOverrideInput interface {
	pulumi.Input

	ToSecurityProfileThreatPreventionProfileThreatOverrideOutput() SecurityProfileThreatPreventionProfileThreatOverrideOutput
	ToSecurityProfileThreatPreventionProfileThreatOverrideOutputWithContext(context.Context) SecurityProfileThreatPreventionProfileThreatOverrideOutput
}

SecurityProfileThreatPreventionProfileThreatOverrideInput is an input type that accepts SecurityProfileThreatPreventionProfileThreatOverrideArgs and SecurityProfileThreatPreventionProfileThreatOverrideOutput values. You can construct a concrete instance of `SecurityProfileThreatPreventionProfileThreatOverrideInput` via:

SecurityProfileThreatPreventionProfileThreatOverrideArgs{...}

type SecurityProfileThreatPreventionProfileThreatOverrideOutput

type SecurityProfileThreatPreventionProfileThreatOverrideOutput struct{ *pulumi.OutputState }

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) Action

Threat action. Possible values are: `ALERT`, `ALLOW`, `DEFAULT_ACTION`, `DENY`.

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) ElementType

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) ThreatId

Vendor-specific ID of a threat to override.

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideOutput

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideOutputWithContext

func (o SecurityProfileThreatPreventionProfileThreatOverrideOutput) ToSecurityProfileThreatPreventionProfileThreatOverrideOutputWithContext(ctx context.Context) SecurityProfileThreatPreventionProfileThreatOverrideOutput

func (SecurityProfileThreatPreventionProfileThreatOverrideOutput) Type

(Output) Type of threat.

type ServerTlsPolicy

type ServerTlsPolicy struct {
	pulumi.CustomResourceState

	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies.
	// Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.
	// Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen pulumi.BoolPtrOutput `pulumi:"allowOpen"`
	// Time the ServerTlsPolicy was created in UTC.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Set of label tags associated with the ServerTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the server tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director.
	// Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections.
	// Structure is documented below.
	MtlsPolicy ServerTlsPolicyMtlsPolicyPtrOutput `pulumi:"mtlsPolicy"`
	// Name of the ServerTlsPolicy resource.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ServerCertificate ServerTlsPolicyServerCertificatePtrOutput `pulumi:"serverCertificate"`
	// Time the ServerTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

ServerTlsPolicy is a resource that specifies how a server should authenticate incoming requests. This resource itself does not affect configuration unless it is attached to a target HTTPS proxy or endpoint config selector resource.

To get more information about ServerTlsPolicy, see:

* [API documentation](https://cloud.google.com/traffic-director/docs/reference/network-security/rest/v1beta1/projects.locations.serverTlsPolicies)

## Example Usage

### Network Security Server Tls Policy Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
			Name: pulumi.String("my-server-tls-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			AllowOpen:   pulumi.Bool(false),
			ServerCertificate: &networksecurity.ServerTlsPolicyServerCertificateArgs{
				CertificateProviderInstance: &networksecurity.ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs{
					PluginInstance: pulumi.String("google_cloud_private_spiffe"),
				},
			},
			MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
				ClientValidationCas: networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaArray{
					&networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaArgs{
						GrpcEndpoint: &networksecurity.ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs{
							TargetUri: pulumi.String("unix:mypath"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Server Tls Policy Advanced

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
			Name: pulumi.String("my-server-tls-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Location:    pulumi.String("global"),
			AllowOpen:   pulumi.Bool(false),
			MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
				ClientValidationMode: pulumi.String("ALLOW_INVALID_OR_MISSING_CLIENT_CERT"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Server Tls Policy Server Cert

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
			Name: pulumi.String("my-server-tls-policy"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			Description: pulumi.String("my description"),
			Location:    pulumi.String("global"),
			AllowOpen:   pulumi.Bool(false),
			ServerCertificate: &networksecurity.ServerTlsPolicyServerCertificateArgs{
				GrpcEndpoint: &networksecurity.ServerTlsPolicyServerCertificateGrpcEndpointArgs{
					TargetUri: pulumi.String("unix:mypath"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Server Tls Policy Mtls

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificatemanager"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		project, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil)
		if err != nil {
			return err
		}
		invokeFile, err := std.File(ctx, &std.FileArgs{
			Input: "test-fixtures/ca_cert.pem",
		}, nil)
		if err != nil {
			return err
		}
		invokeFile1, err := std.File(ctx, &std.FileArgs{
			Input: "test-fixtures/ca_cert.pem",
		}, nil)
		if err != nil {
			return err
		}
		defaultTrustConfig, err := certificatemanager.NewTrustConfig(ctx, "default", &certificatemanager.TrustConfigArgs{
			Name:        pulumi.String("my-trust-config"),
			Description: pulumi.String("sample trust config description"),
			Location:    pulumi.String("global"),
			TrustStores: certificatemanager.TrustConfigTrustStoreArray{
				&certificatemanager.TrustConfigTrustStoreArgs{
					TrustAnchors: certificatemanager.TrustConfigTrustStoreTrustAnchorArray{
						&certificatemanager.TrustConfigTrustStoreTrustAnchorArgs{
							PemCertificate: pulumi.String(invokeFile.Result),
						},
					},
					IntermediateCas: certificatemanager.TrustConfigTrustStoreIntermediateCaArray{
						&certificatemanager.TrustConfigTrustStoreIntermediateCaArgs{
							PemCertificate: pulumi.String(invokeFile1.Result),
						},
					},
				},
			},
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
			Name:        pulumi.String("my-server-tls-policy"),
			Description: pulumi.String("my description"),
			Location:    pulumi.String("global"),
			AllowOpen:   pulumi.Bool(false),
			MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
				ClientValidationMode: pulumi.String("REJECT_INVALID"),
				ClientValidationTrustConfig: defaultTrustConfig.Name.ApplyT(func(name string) (string, error) {
					return fmt.Sprintf("projects/%v/locations/global/trustConfigs/%v", project.Number, name), nil
				}).(pulumi.StringOutput),
			},
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

ServerTlsPolicy can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/serverTlsPolicies/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, ServerTlsPolicy can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default projects/{{project}}/locations/{{location}}/serverTlsPolicies/{{name}} ```

```sh $ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default {{location}}/{{name}} ```

func GetServerTlsPolicy

func GetServerTlsPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServerTlsPolicyState, opts ...pulumi.ResourceOption) (*ServerTlsPolicy, error)

GetServerTlsPolicy gets an existing ServerTlsPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServerTlsPolicy

func NewServerTlsPolicy(ctx *pulumi.Context,
	name string, args *ServerTlsPolicyArgs, opts ...pulumi.ResourceOption) (*ServerTlsPolicy, error)

NewServerTlsPolicy registers a new resource with the given unique name, arguments, and options.

func (*ServerTlsPolicy) ElementType

func (*ServerTlsPolicy) ElementType() reflect.Type

func (*ServerTlsPolicy) ToServerTlsPolicyOutput

func (i *ServerTlsPolicy) ToServerTlsPolicyOutput() ServerTlsPolicyOutput

func (*ServerTlsPolicy) ToServerTlsPolicyOutputWithContext

func (i *ServerTlsPolicy) ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput

type ServerTlsPolicyArgs

type ServerTlsPolicyArgs struct {
	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies.
	// Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.
	// Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen pulumi.BoolPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// Set of label tags associated with the ServerTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the server tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director.
	// Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections.
	// Structure is documented below.
	MtlsPolicy ServerTlsPolicyMtlsPolicyPtrInput
	// Name of the ServerTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ServerCertificate ServerTlsPolicyServerCertificatePtrInput
}

The set of arguments for constructing a ServerTlsPolicy resource.

func (ServerTlsPolicyArgs) ElementType

func (ServerTlsPolicyArgs) ElementType() reflect.Type

type ServerTlsPolicyArray

type ServerTlsPolicyArray []ServerTlsPolicyInput

func (ServerTlsPolicyArray) ElementType

func (ServerTlsPolicyArray) ElementType() reflect.Type

func (ServerTlsPolicyArray) ToServerTlsPolicyArrayOutput

func (i ServerTlsPolicyArray) ToServerTlsPolicyArrayOutput() ServerTlsPolicyArrayOutput

func (ServerTlsPolicyArray) ToServerTlsPolicyArrayOutputWithContext

func (i ServerTlsPolicyArray) ToServerTlsPolicyArrayOutputWithContext(ctx context.Context) ServerTlsPolicyArrayOutput

type ServerTlsPolicyArrayInput

type ServerTlsPolicyArrayInput interface {
	pulumi.Input

	ToServerTlsPolicyArrayOutput() ServerTlsPolicyArrayOutput
	ToServerTlsPolicyArrayOutputWithContext(context.Context) ServerTlsPolicyArrayOutput
}

ServerTlsPolicyArrayInput is an input type that accepts ServerTlsPolicyArray and ServerTlsPolicyArrayOutput values. You can construct a concrete instance of `ServerTlsPolicyArrayInput` via:

ServerTlsPolicyArray{ ServerTlsPolicyArgs{...} }

type ServerTlsPolicyArrayOutput

type ServerTlsPolicyArrayOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyArrayOutput) ElementType

func (ServerTlsPolicyArrayOutput) ElementType() reflect.Type

func (ServerTlsPolicyArrayOutput) Index

func (ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutput

func (o ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutput() ServerTlsPolicyArrayOutput

func (ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutputWithContext

func (o ServerTlsPolicyArrayOutput) ToServerTlsPolicyArrayOutputWithContext(ctx context.Context) ServerTlsPolicyArrayOutput

type ServerTlsPolicyInput

type ServerTlsPolicyInput interface {
	pulumi.Input

	ToServerTlsPolicyOutput() ServerTlsPolicyOutput
	ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput
}

type ServerTlsPolicyMap

type ServerTlsPolicyMap map[string]ServerTlsPolicyInput

func (ServerTlsPolicyMap) ElementType

func (ServerTlsPolicyMap) ElementType() reflect.Type

func (ServerTlsPolicyMap) ToServerTlsPolicyMapOutput

func (i ServerTlsPolicyMap) ToServerTlsPolicyMapOutput() ServerTlsPolicyMapOutput

func (ServerTlsPolicyMap) ToServerTlsPolicyMapOutputWithContext

func (i ServerTlsPolicyMap) ToServerTlsPolicyMapOutputWithContext(ctx context.Context) ServerTlsPolicyMapOutput

type ServerTlsPolicyMapInput

type ServerTlsPolicyMapInput interface {
	pulumi.Input

	ToServerTlsPolicyMapOutput() ServerTlsPolicyMapOutput
	ToServerTlsPolicyMapOutputWithContext(context.Context) ServerTlsPolicyMapOutput
}

ServerTlsPolicyMapInput is an input type that accepts ServerTlsPolicyMap and ServerTlsPolicyMapOutput values. You can construct a concrete instance of `ServerTlsPolicyMapInput` via:

ServerTlsPolicyMap{ "key": ServerTlsPolicyArgs{...} }

type ServerTlsPolicyMapOutput

type ServerTlsPolicyMapOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMapOutput) ElementType

func (ServerTlsPolicyMapOutput) ElementType() reflect.Type

func (ServerTlsPolicyMapOutput) MapIndex

func (ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutput

func (o ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutput() ServerTlsPolicyMapOutput

func (ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutputWithContext

func (o ServerTlsPolicyMapOutput) ToServerTlsPolicyMapOutputWithContext(ctx context.Context) ServerTlsPolicyMapOutput

type ServerTlsPolicyMtlsPolicy

type ServerTlsPolicyMtlsPolicy struct {
	// Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty.
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.
	// Structure is documented below.
	ClientValidationCas []ServerTlsPolicyMtlsPolicyClientValidationCa `pulumi:"clientValidationCas"`
	// When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled.
	// Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.
	// Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.
	ClientValidationMode *string `pulumi:"clientValidationMode"`
	// Reference to the TrustConfig from certificatemanager.googleapis.com namespace.
	// If specified, the chain validation will be performed against certificates configured in the given TrustConfig.
	// Allowed only if the policy is to be used with external HTTPS load balancers.
	ClientValidationTrustConfig *string `pulumi:"clientValidationTrustConfig"`
}

type ServerTlsPolicyMtlsPolicyArgs

type ServerTlsPolicyMtlsPolicyArgs struct {
	// Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty.
	// Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.
	// Structure is documented below.
	ClientValidationCas ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput `pulumi:"clientValidationCas"`
	// When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled.
	// Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.
	// Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.
	ClientValidationMode pulumi.StringPtrInput `pulumi:"clientValidationMode"`
	// Reference to the TrustConfig from certificatemanager.googleapis.com namespace.
	// If specified, the chain validation will be performed against certificates configured in the given TrustConfig.
	// Allowed only if the policy is to be used with external HTTPS load balancers.
	ClientValidationTrustConfig pulumi.StringPtrInput `pulumi:"clientValidationTrustConfig"`
}

func (ServerTlsPolicyMtlsPolicyArgs) ElementType

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutput

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutput() ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutputWithContext

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutput

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput

func (ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext

func (i ServerTlsPolicyMtlsPolicyArgs) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCa

type ServerTlsPolicyMtlsPolicyClientValidationCa struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance *ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ServerTlsPolicyMtlsPolicyClientValidationCaArgs

type ServerTlsPolicyMtlsPolicyClientValidationCaArgs struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ElementType

func (ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput() ServerTlsPolicyMtlsPolicyClientValidationCaOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaArray

type ServerTlsPolicyMtlsPolicyClientValidationCaArray []ServerTlsPolicyMtlsPolicyClientValidationCaInput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArray) ElementType

func (ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext

func (i ServerTlsPolicyMtlsPolicyClientValidationCaArray) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput() ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaArray and ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaArrayInput` via:

ServerTlsPolicyMtlsPolicyClientValidationCaArray{ ServerTlsPolicyMtlsPolicyClientValidationCaArgs{...} }

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ElementType

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) Index

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext

func (o ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaArrayOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaArrayOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstance

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ElementType

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext

func (i ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs and ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceInput` via:

ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs{...}

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ElementType

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) PluginInstance

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutputWithContext

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs, ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtr and ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrInput` via:

        ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstanceArgs{...}

or:

        nil

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) Elem

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ElementType

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) PluginInstance

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaCertificateProviderInstancePtrOutputWithContext

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpoint

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ElementType

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext

func (i ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext

func (i ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs and ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointInput` via:

ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs{...}

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ElementType

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) TargetUri

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput() ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs, ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtr and ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrInput` via:

        ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointArgs{...}

or:

        nil

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) Elem

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ElementType

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) TargetUri

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext

func (o ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaGrpcEndpointPtrOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaInput

type ServerTlsPolicyMtlsPolicyClientValidationCaInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyClientValidationCaOutput() ServerTlsPolicyMtlsPolicyClientValidationCaOutput
	ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaOutput
}

ServerTlsPolicyMtlsPolicyClientValidationCaInput is an input type that accepts ServerTlsPolicyMtlsPolicyClientValidationCaArgs and ServerTlsPolicyMtlsPolicyClientValidationCaOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyClientValidationCaInput` via:

ServerTlsPolicyMtlsPolicyClientValidationCaArgs{...}

type ServerTlsPolicyMtlsPolicyClientValidationCaOutput

type ServerTlsPolicyMtlsPolicyClientValidationCaOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) CertificateProviderInstance

Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ElementType

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput

func (o ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutput() ServerTlsPolicyMtlsPolicyClientValidationCaOutput

func (ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext

func (o ServerTlsPolicyMtlsPolicyClientValidationCaOutput) ToServerTlsPolicyMtlsPolicyClientValidationCaOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyClientValidationCaOutput

type ServerTlsPolicyMtlsPolicyInput

type ServerTlsPolicyMtlsPolicyInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyOutput() ServerTlsPolicyMtlsPolicyOutput
	ToServerTlsPolicyMtlsPolicyOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyOutput
}

ServerTlsPolicyMtlsPolicyInput is an input type that accepts ServerTlsPolicyMtlsPolicyArgs and ServerTlsPolicyMtlsPolicyOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyInput` via:

ServerTlsPolicyMtlsPolicyArgs{...}

type ServerTlsPolicyMtlsPolicyOutput

type ServerTlsPolicyMtlsPolicyOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyOutput) ClientValidationCas

Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyOutput) ClientValidationMode

func (o ServerTlsPolicyMtlsPolicyOutput) ClientValidationMode() pulumi.StringPtrOutput

When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty. Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.

func (ServerTlsPolicyMtlsPolicyOutput) ClientValidationTrustConfig

func (o ServerTlsPolicyMtlsPolicyOutput) ClientValidationTrustConfig() pulumi.StringPtrOutput

Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.

func (ServerTlsPolicyMtlsPolicyOutput) ElementType

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutput

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutput() ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutputWithContext

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyOutput

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutput

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput

func (ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext

func (o ServerTlsPolicyMtlsPolicyOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyPtrOutput

type ServerTlsPolicyMtlsPolicyPtrInput

type ServerTlsPolicyMtlsPolicyPtrInput interface {
	pulumi.Input

	ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput
	ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(context.Context) ServerTlsPolicyMtlsPolicyPtrOutput
}

ServerTlsPolicyMtlsPolicyPtrInput is an input type that accepts ServerTlsPolicyMtlsPolicyArgs, ServerTlsPolicyMtlsPolicyPtr and ServerTlsPolicyMtlsPolicyPtrOutput values. You can construct a concrete instance of `ServerTlsPolicyMtlsPolicyPtrInput` via:

        ServerTlsPolicyMtlsPolicyArgs{...}

or:

        nil

type ServerTlsPolicyMtlsPolicyPtrOutput

type ServerTlsPolicyMtlsPolicyPtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationCas

Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate. Structure is documented below.

func (ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationMode

When the client presents an invalid certificate or no certificate to the load balancer, the clientValidationMode specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty. Possible values are: `CLIENT_VALIDATION_MODE_UNSPECIFIED`, `ALLOW_INVALID_OR_MISSING_CLIENT_CERT`, `REJECT_INVALID`.

func (ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationTrustConfig

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ClientValidationTrustConfig() pulumi.StringPtrOutput

Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.

func (ServerTlsPolicyMtlsPolicyPtrOutput) Elem

func (ServerTlsPolicyMtlsPolicyPtrOutput) ElementType

func (ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutput

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutput() ServerTlsPolicyMtlsPolicyPtrOutput

func (ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext

func (o ServerTlsPolicyMtlsPolicyPtrOutput) ToServerTlsPolicyMtlsPolicyPtrOutputWithContext(ctx context.Context) ServerTlsPolicyMtlsPolicyPtrOutput

type ServerTlsPolicyOutput

type ServerTlsPolicyOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyOutput) AllowOpen

This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies. Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility. Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.

func (ServerTlsPolicyOutput) CreateTime

func (o ServerTlsPolicyOutput) CreateTime() pulumi.StringOutput

Time the ServerTlsPolicy was created in UTC.

func (ServerTlsPolicyOutput) Description

A free-text description of the resource. Max length 1024 characters.

func (ServerTlsPolicyOutput) EffectiveLabels

func (o ServerTlsPolicyOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (ServerTlsPolicyOutput) ElementType

func (ServerTlsPolicyOutput) ElementType() reflect.Type

func (ServerTlsPolicyOutput) Labels

Set of label tags associated with the ServerTlsPolicy resource. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (ServerTlsPolicyOutput) Location

The location of the server tls policy. The default value is `global`.

func (ServerTlsPolicyOutput) MtlsPolicy

This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director. Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. Structure is documented below.

func (ServerTlsPolicyOutput) Name

Name of the ServerTlsPolicy resource.

***

func (ServerTlsPolicyOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (ServerTlsPolicyOutput) PulumiLabels

func (o ServerTlsPolicyOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (ServerTlsPolicyOutput) ServerCertificate

Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS. Structure is documented below.

func (ServerTlsPolicyOutput) ToServerTlsPolicyOutput

func (o ServerTlsPolicyOutput) ToServerTlsPolicyOutput() ServerTlsPolicyOutput

func (ServerTlsPolicyOutput) ToServerTlsPolicyOutputWithContext

func (o ServerTlsPolicyOutput) ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput

func (ServerTlsPolicyOutput) UpdateTime

func (o ServerTlsPolicyOutput) UpdateTime() pulumi.StringOutput

Time the ServerTlsPolicy was updated in UTC.

type ServerTlsPolicyServerCertificate

type ServerTlsPolicyServerCertificate struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance *ServerTlsPolicyServerCertificateCertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint *ServerTlsPolicyServerCertificateGrpcEndpoint `pulumi:"grpcEndpoint"`
}

type ServerTlsPolicyServerCertificateArgs

type ServerTlsPolicyServerCertificateArgs struct {
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty.
	// Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.
	// Structure is documented below.
	CertificateProviderInstance ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	// Structure is documented below.
	GrpcEndpoint ServerTlsPolicyServerCertificateGrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

func (ServerTlsPolicyServerCertificateArgs) ElementType

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutput

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutput() ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutputWithContext

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificateOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutput

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput

func (ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutputWithContext

func (i ServerTlsPolicyServerCertificateArgs) ToServerTlsPolicyServerCertificatePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificatePtrOutput

type ServerTlsPolicyServerCertificateCertificateProviderInstance

type ServerTlsPolicyServerCertificateCertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

type ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs

type ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ElementType

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext

func (i ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext

func (i ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

type ServerTlsPolicyServerCertificateCertificateProviderInstanceInput

type ServerTlsPolicyServerCertificateCertificateProviderInstanceInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput() ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput
	ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext(context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput
}

ServerTlsPolicyServerCertificateCertificateProviderInstanceInput is an input type that accepts ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs and ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateCertificateProviderInstanceInput` via:

ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs{...}

type ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

type ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ElementType

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) PluginInstance

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstanceOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext

func (o ServerTlsPolicyServerCertificateCertificateProviderInstanceOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput() ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput
	ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput
}

ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput is an input type that accepts ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs, ServerTlsPolicyServerCertificateCertificateProviderInstancePtr and ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateCertificateProviderInstancePtrInput` via:

        ServerTlsPolicyServerCertificateCertificateProviderInstanceArgs{...}

or:

        nil

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

type ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) Elem

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ElementType

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) PluginInstance

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "googleCloudPrivateSpiffe" to use Certificate Authority Service certificate provider instance.

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

func (ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext

func (o ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput) ToServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateCertificateProviderInstancePtrOutput

type ServerTlsPolicyServerCertificateGrpcEndpoint

type ServerTlsPolicyServerCertificateGrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

type ServerTlsPolicyServerCertificateGrpcEndpointArgs

type ServerTlsPolicyServerCertificateGrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ElementType

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutput

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutput() ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext

func (i ServerTlsPolicyServerCertificateGrpcEndpointArgs) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

type ServerTlsPolicyServerCertificateGrpcEndpointInput

type ServerTlsPolicyServerCertificateGrpcEndpointInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateGrpcEndpointOutput() ServerTlsPolicyServerCertificateGrpcEndpointOutput
	ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext(context.Context) ServerTlsPolicyServerCertificateGrpcEndpointOutput
}

ServerTlsPolicyServerCertificateGrpcEndpointInput is an input type that accepts ServerTlsPolicyServerCertificateGrpcEndpointArgs and ServerTlsPolicyServerCertificateGrpcEndpointOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateGrpcEndpointInput` via:

ServerTlsPolicyServerCertificateGrpcEndpointArgs{...}

type ServerTlsPolicyServerCertificateGrpcEndpointOutput

type ServerTlsPolicyServerCertificateGrpcEndpointOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ElementType

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) TargetUri

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutput

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutput() ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext

func (o ServerTlsPolicyServerCertificateGrpcEndpointOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

type ServerTlsPolicyServerCertificateGrpcEndpointPtrInput

type ServerTlsPolicyServerCertificateGrpcEndpointPtrInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput() ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput
	ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput
}

ServerTlsPolicyServerCertificateGrpcEndpointPtrInput is an input type that accepts ServerTlsPolicyServerCertificateGrpcEndpointArgs, ServerTlsPolicyServerCertificateGrpcEndpointPtr and ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateGrpcEndpointPtrInput` via:

        ServerTlsPolicyServerCertificateGrpcEndpointArgs{...}

or:

        nil

type ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

type ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) Elem

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ElementType

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) TargetUri

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

func (ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext

func (o ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput) ToServerTlsPolicyServerCertificateGrpcEndpointPtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateGrpcEndpointPtrOutput

type ServerTlsPolicyServerCertificateInput

type ServerTlsPolicyServerCertificateInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificateOutput() ServerTlsPolicyServerCertificateOutput
	ToServerTlsPolicyServerCertificateOutputWithContext(context.Context) ServerTlsPolicyServerCertificateOutput
}

ServerTlsPolicyServerCertificateInput is an input type that accepts ServerTlsPolicyServerCertificateArgs and ServerTlsPolicyServerCertificateOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificateInput` via:

ServerTlsPolicyServerCertificateArgs{...}

type ServerTlsPolicyServerCertificateOutput

type ServerTlsPolicyServerCertificateOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificateOutput) CertificateProviderInstance

Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported. Structure is documented below.

func (ServerTlsPolicyServerCertificateOutput) ElementType

func (ServerTlsPolicyServerCertificateOutput) GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutput

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutput() ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutputWithContext

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificateOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificateOutput

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutput

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput

func (ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext

func (o ServerTlsPolicyServerCertificateOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificatePtrOutput

type ServerTlsPolicyServerCertificatePtrInput

type ServerTlsPolicyServerCertificatePtrInput interface {
	pulumi.Input

	ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput
	ToServerTlsPolicyServerCertificatePtrOutputWithContext(context.Context) ServerTlsPolicyServerCertificatePtrOutput
}

ServerTlsPolicyServerCertificatePtrInput is an input type that accepts ServerTlsPolicyServerCertificateArgs, ServerTlsPolicyServerCertificatePtr and ServerTlsPolicyServerCertificatePtrOutput values. You can construct a concrete instance of `ServerTlsPolicyServerCertificatePtrInput` via:

        ServerTlsPolicyServerCertificateArgs{...}

or:

        nil

type ServerTlsPolicyServerCertificatePtrOutput

type ServerTlsPolicyServerCertificatePtrOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyServerCertificatePtrOutput) CertificateProviderInstance

Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported. Structure is documented below.

func (ServerTlsPolicyServerCertificatePtrOutput) Elem

func (ServerTlsPolicyServerCertificatePtrOutput) ElementType

func (ServerTlsPolicyServerCertificatePtrOutput) GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the cert and private key. Structure is documented below.

func (ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutput

func (o ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutput() ServerTlsPolicyServerCertificatePtrOutput

func (ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext

func (o ServerTlsPolicyServerCertificatePtrOutput) ToServerTlsPolicyServerCertificatePtrOutputWithContext(ctx context.Context) ServerTlsPolicyServerCertificatePtrOutput

type ServerTlsPolicyState

type ServerTlsPolicyState struct {
	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies.
	// Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.
	// Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen pulumi.BoolPtrInput
	// Time the ServerTlsPolicy was created in UTC.
	CreateTime pulumi.StringPtrInput
	// A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Set of label tags associated with the ServerTlsPolicy resource.
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the server tls policy.
	// The default value is `global`.
	Location pulumi.StringPtrInput
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director.
	// Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections.
	// Structure is documented below.
	MtlsPolicy ServerTlsPolicyMtlsPolicyPtrInput
	// Name of the ServerTlsPolicy resource.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	// Structure is documented below.
	ServerCertificate ServerTlsPolicyServerCertificatePtrInput
	// Time the ServerTlsPolicy was updated in UTC.
	UpdateTime pulumi.StringPtrInput
}

func (ServerTlsPolicyState) ElementType

func (ServerTlsPolicyState) ElementType() reflect.Type

type TlsInspectionPolicy

type TlsInspectionPolicy struct {
	pulumi.CustomResourceState

	// A CA pool resource used to issue interception certificates.
	CaPool pulumi.StringOutput `pulumi:"caPool"`
	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// List of custom TLS cipher suites selected. This field is valid only if the selected tlsFeatureProfile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
	CustomTlsFeatures pulumi.StringArrayOutput `pulumi:"customTlsFeatures"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.
	ExcludePublicCaSet pulumi.BoolPtrOutput `pulumi:"excludePublicCaSet"`
	// The location of the tls inspection policy.
	Location pulumi.StringPtrOutput `pulumi:"location"`
	// Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `TLS_VERSION_UNSPECIFIED`, `TLS_1_0`, `TLS_1_1`, `TLS_1_2`, `TLS_1_3`.
	MinTlsVersion pulumi.StringPtrOutput `pulumi:"minTlsVersion"`
	// Short name of the TlsInspectionPolicy resource to be created.
	//
	// ***
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers (\"PROFILE_COMPATIBLE\"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `PROFILE_UNSPECIFIED`, `PROFILE_COMPATIBLE`, `PROFILE_MODERN`, `PROFILE_RESTRICTED`, `PROFILE_CUSTOM`.
	TlsFeatureProfile pulumi.StringPtrOutput `pulumi:"tlsFeatureProfile"`
	// A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form \"projects/{project}/locations/{location}/trustConfigs/{trust_config}\". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Trust config and the TLS inspection policy must be in the same region. Note that Secure Web Proxy does not yet honor this field.
	TrustConfig pulumi.StringPtrOutput `pulumi:"trustConfig"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

The TlsInspectionPolicy resource contains references to CA pools in Certificate Authority Service and associated metadata.

To get more information about TlsInspectionPolicy, see:

* [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.tlsInspectionPolicies) * How-to Guides

## Example Usage

### Network Security Tls Inspection Policy Basic

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificateauthority"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := certificateauthority.NewCaPool(ctx, "default", &certificateauthority.CaPoolArgs{
			Name:     pulumi.String("my-basic-ca-pool"),
			Location: pulumi.String("us-central1"),
			Tier:     pulumi.String("DEVOPS"),
			PublishingOptions: &certificateauthority.CaPoolPublishingOptionsArgs{
				PublishCaCert: pulumi.Bool(false),
				PublishCrl:    pulumi.Bool(false),
			},
			IssuancePolicy: &certificateauthority.CaPoolIssuancePolicyArgs{
				MaximumLifetime: pulumi.String("1209600s"),
				BaselineValues: &certificateauthority.CaPoolIssuancePolicyBaselineValuesArgs{
					CaOptions: &certificateauthority.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs{
						IsCa: pulumi.Bool(false),
					},
					KeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageBaseKeyUsageArgs{},
						ExtendedKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(true),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		defaultAuthority, err := certificateauthority.NewAuthority(ctx, "default", &certificateauthority.AuthorityArgs{
			Pool:                               _default.Name,
			CertificateAuthorityId:             pulumi.String("my-basic-certificate-authority"),
			Location:                           pulumi.String("us-central1"),
			Lifetime:                           pulumi.String("86400s"),
			Type:                               pulumi.String("SELF_SIGNED"),
			DeletionProtection:                 pulumi.Bool(false),
			SkipGracePeriod:                    pulumi.Bool(true),
			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
			Config: &certificateauthority.AuthorityConfigArgs{
				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
						Organization: pulumi.String("Test LLC"),
						CommonName:   pulumi.String("my-ca"),
					},
				},
				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
						IsCa: pulumi.Bool(true),
					},
					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
							CertSign: pulumi.Bool(true),
							CrlSign:  pulumi.Bool(true),
						},
						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(false),
						},
					},
				},
			},
			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
			},
		})
		if err != nil {
			return err
		}
		project, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil)
		if err != nil {
			return err
		}
		tlsInspectionPermission, err := certificateauthority.NewCaPoolIamMember(ctx, "tls_inspection_permission", &certificateauthority.CaPoolIamMemberArgs{
			CaPool: _default.ID(),
			Role:   pulumi.String("roles/privateca.certificateManager"),
			Member: pulumi.Sprintf("serviceAccount:service-%v@gcp-sa-networksecurity.iam.gserviceaccount.com", project.Number),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewTlsInspectionPolicy(ctx, "default", &networksecurity.TlsInspectionPolicyArgs{
			Name:               pulumi.String("my-tls-inspection-policy"),
			Location:           pulumi.String("us-central1"),
			CaPool:             _default.ID(),
			ExcludePublicCaSet: pulumi.Bool(false),
		}, pulumi.DependsOn([]pulumi.Resource{
			_default,
			defaultAuthority,
			tlsInspectionPermission,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Tls Inspection Policy Custom

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificateauthority"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificatemanager"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/projects"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := certificateauthority.NewCaPool(ctx, "default", &certificateauthority.CaPoolArgs{
			Name:     pulumi.String("my-basic-ca-pool"),
			Location: pulumi.String("us-central1"),
			Tier:     pulumi.String("DEVOPS"),
			PublishingOptions: &certificateauthority.CaPoolPublishingOptionsArgs{
				PublishCaCert: pulumi.Bool(false),
				PublishCrl:    pulumi.Bool(false),
			},
			IssuancePolicy: &certificateauthority.CaPoolIssuancePolicyArgs{
				MaximumLifetime: pulumi.String("1209600s"),
				BaselineValues: &certificateauthority.CaPoolIssuancePolicyBaselineValuesArgs{
					CaOptions: &certificateauthority.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs{
						IsCa: pulumi.Bool(false),
					},
					KeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageBaseKeyUsageArgs{},
						ExtendedKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(true),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		defaultAuthority, err := certificateauthority.NewAuthority(ctx, "default", &certificateauthority.AuthorityArgs{
			Pool:                               _default.Name,
			CertificateAuthorityId:             pulumi.String("my-basic-certificate-authority"),
			Location:                           pulumi.String("us-central1"),
			Lifetime:                           pulumi.String("86400s"),
			Type:                               pulumi.String("SELF_SIGNED"),
			DeletionProtection:                 pulumi.Bool(false),
			SkipGracePeriod:                    pulumi.Bool(true),
			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
			Config: &certificateauthority.AuthorityConfigArgs{
				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
						Organization: pulumi.String("Test LLC"),
						CommonName:   pulumi.String("my-ca"),
					},
				},
				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
						IsCa: pulumi.Bool(true),
					},
					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
							CertSign: pulumi.Bool(true),
							CrlSign:  pulumi.Bool(true),
						},
						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(false),
						},
					},
				},
			},
			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
			},
		})
		if err != nil {
			return err
		}
		nsSa, err := projects.NewServiceIdentity(ctx, "ns_sa", &projects.ServiceIdentityArgs{
			Service: pulumi.String("networksecurity.googleapis.com"),
		})
		if err != nil {
			return err
		}
		defaultCaPoolIamMember, err := certificateauthority.NewCaPoolIamMember(ctx, "default", &certificateauthority.CaPoolIamMemberArgs{
			CaPool: _default.ID(),
			Role:   pulumi.String("roles/privateca.certificateManager"),
			Member: nsSa.Member,
		})
		if err != nil {
			return err
		}
		invokeFile, err := std.File(ctx, &std.FileArgs{
			Input: "test-fixtures/ca_cert.pem",
		}, nil)
		if err != nil {
			return err
		}
		invokeFile1, err := std.File(ctx, &std.FileArgs{
			Input: "test-fixtures/ca_cert.pem",
		}, nil)
		if err != nil {
			return err
		}
		defaultTrustConfig, err := certificatemanager.NewTrustConfig(ctx, "default", &certificatemanager.TrustConfigArgs{
			Name:        pulumi.String("my-trust-config"),
			Description: pulumi.String("sample trust config description"),
			Location:    pulumi.String("us-central1"),
			TrustStores: certificatemanager.TrustConfigTrustStoreArray{
				&certificatemanager.TrustConfigTrustStoreArgs{
					TrustAnchors: certificatemanager.TrustConfigTrustStoreTrustAnchorArray{
						&certificatemanager.TrustConfigTrustStoreTrustAnchorArgs{
							PemCertificate: pulumi.String(invokeFile.Result),
						},
					},
					IntermediateCas: certificatemanager.TrustConfigTrustStoreIntermediateCaArray{
						&certificatemanager.TrustConfigTrustStoreIntermediateCaArgs{
							PemCertificate: pulumi.String(invokeFile1.Result),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewTlsInspectionPolicy(ctx, "default", &networksecurity.TlsInspectionPolicyArgs{
			Name:               pulumi.String("my-tls-inspection-policy"),
			Location:           pulumi.String("us-central1"),
			CaPool:             _default.ID(),
			ExcludePublicCaSet: pulumi.Bool(false),
			MinTlsVersion:      pulumi.String("TLS_1_0"),
			TrustConfig:        defaultTrustConfig.ID(),
			TlsFeatureProfile:  pulumi.String("PROFILE_CUSTOM"),
			CustomTlsFeatures: pulumi.StringArray{
				pulumi.String("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"),
				pulumi.String("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"),
				pulumi.String("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"),
				pulumi.String("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"),
				pulumi.String("TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"),
				pulumi.String("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"),
				pulumi.String("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"),
				pulumi.String("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"),
				pulumi.String("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"),
				pulumi.String("TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"),
				pulumi.String("TLS_RSA_WITH_3DES_EDE_CBC_SHA"),
				pulumi.String("TLS_RSA_WITH_AES_128_CBC_SHA"),
				pulumi.String("TLS_RSA_WITH_AES_128_GCM_SHA256"),
				pulumi.String("TLS_RSA_WITH_AES_256_CBC_SHA"),
				pulumi.String("TLS_RSA_WITH_AES_256_GCM_SHA384"),
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			defaultAuthority,
			defaultCaPoolIamMember,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

TlsInspectionPolicy can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/tlsInspectionPolicies/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, TlsInspectionPolicy can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/tlsInspectionPolicy:TlsInspectionPolicy default projects/{{project}}/locations/{{location}}/tlsInspectionPolicies/{{name}} ```

```sh $ pulumi import gcp:networksecurity/tlsInspectionPolicy:TlsInspectionPolicy default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/tlsInspectionPolicy:TlsInspectionPolicy default {{location}}/{{name}} ```

func GetTlsInspectionPolicy

func GetTlsInspectionPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *TlsInspectionPolicyState, opts ...pulumi.ResourceOption) (*TlsInspectionPolicy, error)

GetTlsInspectionPolicy gets an existing TlsInspectionPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewTlsInspectionPolicy

func NewTlsInspectionPolicy(ctx *pulumi.Context,
	name string, args *TlsInspectionPolicyArgs, opts ...pulumi.ResourceOption) (*TlsInspectionPolicy, error)

NewTlsInspectionPolicy registers a new resource with the given unique name, arguments, and options.

func (*TlsInspectionPolicy) ElementType

func (*TlsInspectionPolicy) ElementType() reflect.Type

func (*TlsInspectionPolicy) ToTlsInspectionPolicyOutput

func (i *TlsInspectionPolicy) ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput

func (*TlsInspectionPolicy) ToTlsInspectionPolicyOutputWithContext

func (i *TlsInspectionPolicy) ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput

type TlsInspectionPolicyArgs

type TlsInspectionPolicyArgs struct {
	// A CA pool resource used to issue interception certificates.
	CaPool pulumi.StringInput
	// List of custom TLS cipher suites selected. This field is valid only if the selected tlsFeatureProfile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
	CustomTlsFeatures pulumi.StringArrayInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.
	ExcludePublicCaSet pulumi.BoolPtrInput
	// The location of the tls inspection policy.
	Location pulumi.StringPtrInput
	// Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `TLS_VERSION_UNSPECIFIED`, `TLS_1_0`, `TLS_1_1`, `TLS_1_2`, `TLS_1_3`.
	MinTlsVersion pulumi.StringPtrInput
	// Short name of the TlsInspectionPolicy resource to be created.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers (\"PROFILE_COMPATIBLE\"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `PROFILE_UNSPECIFIED`, `PROFILE_COMPATIBLE`, `PROFILE_MODERN`, `PROFILE_RESTRICTED`, `PROFILE_CUSTOM`.
	TlsFeatureProfile pulumi.StringPtrInput
	// A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form \"projects/{project}/locations/{location}/trustConfigs/{trust_config}\". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Trust config and the TLS inspection policy must be in the same region. Note that Secure Web Proxy does not yet honor this field.
	TrustConfig pulumi.StringPtrInput
}

The set of arguments for constructing a TlsInspectionPolicy resource.

func (TlsInspectionPolicyArgs) ElementType

func (TlsInspectionPolicyArgs) ElementType() reflect.Type

type TlsInspectionPolicyArray

type TlsInspectionPolicyArray []TlsInspectionPolicyInput

func (TlsInspectionPolicyArray) ElementType

func (TlsInspectionPolicyArray) ElementType() reflect.Type

func (TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutput

func (i TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutput() TlsInspectionPolicyArrayOutput

func (TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutputWithContext

func (i TlsInspectionPolicyArray) ToTlsInspectionPolicyArrayOutputWithContext(ctx context.Context) TlsInspectionPolicyArrayOutput

type TlsInspectionPolicyArrayInput

type TlsInspectionPolicyArrayInput interface {
	pulumi.Input

	ToTlsInspectionPolicyArrayOutput() TlsInspectionPolicyArrayOutput
	ToTlsInspectionPolicyArrayOutputWithContext(context.Context) TlsInspectionPolicyArrayOutput
}

TlsInspectionPolicyArrayInput is an input type that accepts TlsInspectionPolicyArray and TlsInspectionPolicyArrayOutput values. You can construct a concrete instance of `TlsInspectionPolicyArrayInput` via:

TlsInspectionPolicyArray{ TlsInspectionPolicyArgs{...} }

type TlsInspectionPolicyArrayOutput

type TlsInspectionPolicyArrayOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyArrayOutput) ElementType

func (TlsInspectionPolicyArrayOutput) Index

func (TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutput

func (o TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutput() TlsInspectionPolicyArrayOutput

func (TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutputWithContext

func (o TlsInspectionPolicyArrayOutput) ToTlsInspectionPolicyArrayOutputWithContext(ctx context.Context) TlsInspectionPolicyArrayOutput

type TlsInspectionPolicyInput

type TlsInspectionPolicyInput interface {
	pulumi.Input

	ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput
	ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput
}

type TlsInspectionPolicyMap

type TlsInspectionPolicyMap map[string]TlsInspectionPolicyInput

func (TlsInspectionPolicyMap) ElementType

func (TlsInspectionPolicyMap) ElementType() reflect.Type

func (TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutput

func (i TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutput() TlsInspectionPolicyMapOutput

func (TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutputWithContext

func (i TlsInspectionPolicyMap) ToTlsInspectionPolicyMapOutputWithContext(ctx context.Context) TlsInspectionPolicyMapOutput

type TlsInspectionPolicyMapInput

type TlsInspectionPolicyMapInput interface {
	pulumi.Input

	ToTlsInspectionPolicyMapOutput() TlsInspectionPolicyMapOutput
	ToTlsInspectionPolicyMapOutputWithContext(context.Context) TlsInspectionPolicyMapOutput
}

TlsInspectionPolicyMapInput is an input type that accepts TlsInspectionPolicyMap and TlsInspectionPolicyMapOutput values. You can construct a concrete instance of `TlsInspectionPolicyMapInput` via:

TlsInspectionPolicyMap{ "key": TlsInspectionPolicyArgs{...} }

type TlsInspectionPolicyMapOutput

type TlsInspectionPolicyMapOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyMapOutput) ElementType

func (TlsInspectionPolicyMapOutput) MapIndex

func (TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutput

func (o TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutput() TlsInspectionPolicyMapOutput

func (TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutputWithContext

func (o TlsInspectionPolicyMapOutput) ToTlsInspectionPolicyMapOutputWithContext(ctx context.Context) TlsInspectionPolicyMapOutput

type TlsInspectionPolicyOutput

type TlsInspectionPolicyOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyOutput) CaPool

A CA pool resource used to issue interception certificates.

func (TlsInspectionPolicyOutput) CreateTime

The timestamp when the resource was created.

func (TlsInspectionPolicyOutput) CustomTlsFeatures

func (o TlsInspectionPolicyOutput) CustomTlsFeatures() pulumi.StringArrayOutput

List of custom TLS cipher suites selected. This field is valid only if the selected tlsFeatureProfile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.

func (TlsInspectionPolicyOutput) Description

Free-text description of the resource.

func (TlsInspectionPolicyOutput) ElementType

func (TlsInspectionPolicyOutput) ElementType() reflect.Type

func (TlsInspectionPolicyOutput) ExcludePublicCaSet

func (o TlsInspectionPolicyOutput) ExcludePublicCaSet() pulumi.BoolPtrOutput

If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.

func (TlsInspectionPolicyOutput) Location

The location of the tls inspection policy.

func (TlsInspectionPolicyOutput) MinTlsVersion

Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field. Possible values are: `TLS_VERSION_UNSPECIFIED`, `TLS_1_0`, `TLS_1_1`, `TLS_1_2`, `TLS_1_3`.

func (TlsInspectionPolicyOutput) Name

Short name of the TlsInspectionPolicy resource to be created.

***

func (TlsInspectionPolicyOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (TlsInspectionPolicyOutput) TlsFeatureProfile

func (o TlsInspectionPolicyOutput) TlsFeatureProfile() pulumi.StringPtrOutput

The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers (\"PROFILE_COMPATIBLE\"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field. Possible values are: `PROFILE_UNSPECIFIED`, `PROFILE_COMPATIBLE`, `PROFILE_MODERN`, `PROFILE_RESTRICTED`, `PROFILE_CUSTOM`.

func (TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutput

func (o TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput

func (TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutputWithContext

func (o TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput

func (TlsInspectionPolicyOutput) TrustConfig

A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form \"projects/{project}/locations/{location}/trustConfigs/{trust_config}\". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Trust config and the TLS inspection policy must be in the same region. Note that Secure Web Proxy does not yet honor this field.

func (TlsInspectionPolicyOutput) UpdateTime

The timestamp when the resource was updated.

type TlsInspectionPolicyState

type TlsInspectionPolicyState struct {
	// A CA pool resource used to issue interception certificates.
	CaPool pulumi.StringPtrInput
	// The timestamp when the resource was created.
	CreateTime pulumi.StringPtrInput
	// List of custom TLS cipher suites selected. This field is valid only if the selected tlsFeatureProfile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
	CustomTlsFeatures pulumi.StringArrayInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trustConfig. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trustConfig will be accepted.
	ExcludePublicCaSet pulumi.BoolPtrInput
	// The location of the tls inspection policy.
	Location pulumi.StringPtrInput
	// Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `TLS_VERSION_UNSPECIFIED`, `TLS_1_0`, `TLS_1_1`, `TLS_1_2`, `TLS_1_3`.
	MinTlsVersion pulumi.StringPtrInput
	// Short name of the TlsInspectionPolicy resource to be created.
	//
	// ***
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers (\"PROFILE_COMPATIBLE\"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	// Possible values are: `PROFILE_UNSPECIFIED`, `PROFILE_COMPATIBLE`, `PROFILE_MODERN`, `PROFILE_RESTRICTED`, `PROFILE_CUSTOM`.
	TlsFeatureProfile pulumi.StringPtrInput
	// A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form \"projects/{project}/locations/{location}/trustConfigs/{trust_config}\". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Trust config and the TLS inspection policy must be in the same region. Note that Secure Web Proxy does not yet honor this field.
	TrustConfig pulumi.StringPtrInput
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringPtrInput
}

func (TlsInspectionPolicyState) ElementType

func (TlsInspectionPolicyState) ElementType() reflect.Type

type UrlList

type UrlList struct {
	pulumi.CustomResourceState

	// Output only. Time when the security policy was created.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Free-text description of the resource.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The location of the url lists.
	//
	// ***
	Location pulumi.StringOutput `pulumi:"location"`
	// Short name of the UrlList resource to be created.
	// This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// Output only. Time when the security policy was updated.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
	// FQDNs and URLs.
	Values pulumi.StringArrayOutput `pulumi:"values"`
}

UrlList proto helps users to set reusable, independently manageable lists of hosts, host patterns, URLs, URL patterns.

To get more information about UrlLists, see:

* [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.urlLists) * How-to Guides

  • Use UrlLists

## Example Usage

### Network Security Url Lists Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewUrlList(ctx, "default", &networksecurity.UrlListArgs{
			Name:     pulumi.String("my-url-lists"),
			Location: pulumi.String("us-central1"),
			Values: pulumi.StringArray{
				pulumi.String("www.example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Network Security Url Lists Advanced

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewUrlList(ctx, "default", &networksecurity.UrlListArgs{
			Name:        pulumi.String("my-url-lists"),
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("my description"),
			Values: pulumi.StringArray{
				pulumi.String("www.example.com"),
				pulumi.String("about.example.com"),
				pulumi.String("github.com/example-org/*"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

UrlLists can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/urlLists/{{name}}`

* `{{project}}/{{location}}/{{name}}`

* `{{location}}/{{name}}`

When using the `pulumi import` command, UrlLists can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:networksecurity/urlList:UrlList default projects/{{project}}/locations/{{location}}/urlLists/{{name}} ```

```sh $ pulumi import gcp:networksecurity/urlList:UrlList default {{project}}/{{location}}/{{name}} ```

```sh $ pulumi import gcp:networksecurity/urlList:UrlList default {{location}}/{{name}} ```

func GetUrlList

func GetUrlList(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UrlListState, opts ...pulumi.ResourceOption) (*UrlList, error)

GetUrlList gets an existing UrlList resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUrlList

func NewUrlList(ctx *pulumi.Context,
	name string, args *UrlListArgs, opts ...pulumi.ResourceOption) (*UrlList, error)

NewUrlList registers a new resource with the given unique name, arguments, and options.

func (*UrlList) ElementType

func (*UrlList) ElementType() reflect.Type

func (*UrlList) ToUrlListOutput

func (i *UrlList) ToUrlListOutput() UrlListOutput

func (*UrlList) ToUrlListOutputWithContext

func (i *UrlList) ToUrlListOutputWithContext(ctx context.Context) UrlListOutput

type UrlListArgs

type UrlListArgs struct {
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// The location of the url lists.
	//
	// ***
	Location pulumi.StringInput
	// Short name of the UrlList resource to be created.
	// This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// FQDNs and URLs.
	Values pulumi.StringArrayInput
}

The set of arguments for constructing a UrlList resource.

func (UrlListArgs) ElementType

func (UrlListArgs) ElementType() reflect.Type

type UrlListArray

type UrlListArray []UrlListInput

func (UrlListArray) ElementType

func (UrlListArray) ElementType() reflect.Type

func (UrlListArray) ToUrlListArrayOutput

func (i UrlListArray) ToUrlListArrayOutput() UrlListArrayOutput

func (UrlListArray) ToUrlListArrayOutputWithContext

func (i UrlListArray) ToUrlListArrayOutputWithContext(ctx context.Context) UrlListArrayOutput

type UrlListArrayInput

type UrlListArrayInput interface {
	pulumi.Input

	ToUrlListArrayOutput() UrlListArrayOutput
	ToUrlListArrayOutputWithContext(context.Context) UrlListArrayOutput
}

UrlListArrayInput is an input type that accepts UrlListArray and UrlListArrayOutput values. You can construct a concrete instance of `UrlListArrayInput` via:

UrlListArray{ UrlListArgs{...} }

type UrlListArrayOutput

type UrlListArrayOutput struct{ *pulumi.OutputState }

func (UrlListArrayOutput) ElementType

func (UrlListArrayOutput) ElementType() reflect.Type

func (UrlListArrayOutput) Index

func (UrlListArrayOutput) ToUrlListArrayOutput

func (o UrlListArrayOutput) ToUrlListArrayOutput() UrlListArrayOutput

func (UrlListArrayOutput) ToUrlListArrayOutputWithContext

func (o UrlListArrayOutput) ToUrlListArrayOutputWithContext(ctx context.Context) UrlListArrayOutput

type UrlListInput

type UrlListInput interface {
	pulumi.Input

	ToUrlListOutput() UrlListOutput
	ToUrlListOutputWithContext(ctx context.Context) UrlListOutput
}

type UrlListMap

type UrlListMap map[string]UrlListInput

func (UrlListMap) ElementType

func (UrlListMap) ElementType() reflect.Type

func (UrlListMap) ToUrlListMapOutput

func (i UrlListMap) ToUrlListMapOutput() UrlListMapOutput

func (UrlListMap) ToUrlListMapOutputWithContext

func (i UrlListMap) ToUrlListMapOutputWithContext(ctx context.Context) UrlListMapOutput

type UrlListMapInput

type UrlListMapInput interface {
	pulumi.Input

	ToUrlListMapOutput() UrlListMapOutput
	ToUrlListMapOutputWithContext(context.Context) UrlListMapOutput
}

UrlListMapInput is an input type that accepts UrlListMap and UrlListMapOutput values. You can construct a concrete instance of `UrlListMapInput` via:

UrlListMap{ "key": UrlListArgs{...} }

type UrlListMapOutput

type UrlListMapOutput struct{ *pulumi.OutputState }

func (UrlListMapOutput) ElementType

func (UrlListMapOutput) ElementType() reflect.Type

func (UrlListMapOutput) MapIndex

func (UrlListMapOutput) ToUrlListMapOutput

func (o UrlListMapOutput) ToUrlListMapOutput() UrlListMapOutput

func (UrlListMapOutput) ToUrlListMapOutputWithContext

func (o UrlListMapOutput) ToUrlListMapOutputWithContext(ctx context.Context) UrlListMapOutput

type UrlListOutput

type UrlListOutput struct{ *pulumi.OutputState }

func (UrlListOutput) CreateTime

func (o UrlListOutput) CreateTime() pulumi.StringOutput

Output only. Time when the security policy was created. A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits. Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'

func (UrlListOutput) Description

func (o UrlListOutput) Description() pulumi.StringPtrOutput

Free-text description of the resource.

func (UrlListOutput) ElementType

func (UrlListOutput) ElementType() reflect.Type

func (UrlListOutput) Location

func (o UrlListOutput) Location() pulumi.StringOutput

The location of the url lists.

***

func (UrlListOutput) Name

Short name of the UrlList resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.

func (UrlListOutput) Project

func (o UrlListOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (UrlListOutput) ToUrlListOutput

func (o UrlListOutput) ToUrlListOutput() UrlListOutput

func (UrlListOutput) ToUrlListOutputWithContext

func (o UrlListOutput) ToUrlListOutputWithContext(ctx context.Context) UrlListOutput

func (UrlListOutput) UpdateTime

func (o UrlListOutput) UpdateTime() pulumi.StringOutput

Output only. Time when the security policy was updated. A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits. Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'.

func (UrlListOutput) Values

FQDNs and URLs.

type UrlListState

type UrlListState struct {
	// Output only. Time when the security policy was created.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'
	CreateTime pulumi.StringPtrInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// The location of the url lists.
	//
	// ***
	Location pulumi.StringPtrInput
	// Short name of the UrlList resource to be created.
	// This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. 'urlList'.
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Output only. Time when the security policy was updated.
	// A timestamp in RFC3339 UTC 'Zulu' format, with nanosecond resolution and up to nine fractional digits.
	// Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'.
	UpdateTime pulumi.StringPtrInput
	// FQDNs and URLs.
	Values pulumi.StringArrayInput
}

func (UrlListState) ElementType

func (UrlListState) ElementType() reflect.Type

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL