v1

package
v0.18.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 20, 2022 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Default case. Should never be this.
	AuditLogConfigLogTypeLogTypeUnspecified = AuditLogConfigLogType("LOG_TYPE_UNSPECIFIED")
	// Admin reads. Example: CloudIAM getIamPolicy
	AuditLogConfigLogTypeAdminRead = AuditLogConfigLogType("ADMIN_READ")
	// Data writes. Example: CloudSQL Users create
	AuditLogConfigLogTypeDataWrite = AuditLogConfigLogType("DATA_WRITE")
	// Data reads. Example: CloudSQL Users list
	AuditLogConfigLogTypeDataRead = AuditLogConfigLogType("DATA_READ")
)
View Source 
const (
	// Default value. Should not be used.
	EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaMetadataLabelMatchCriteriaUnspecified = EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria("METADATA_LABEL_MATCH_CRITERIA_UNSPECIFIED")
	// At least one of the Labels specified in the matcher should match the metadata presented by xDS client.
	EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaMatchAny = EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria("MATCH_ANY")
	// The metadata presented by the xDS client should contain all of the labels specified here.
	EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaMatchAll = EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria("MATCH_ALL")
)
View Source 
const (
	// Default value. Must not be used.
	EndpointPolicyTypeEndpointPolicyTypeUnspecified = EndpointPolicyType("ENDPOINT_POLICY_TYPE_UNSPECIFIED")
	// Represents a proxy deployed as a sidecar.
	EndpointPolicyTypeSidecarProxy = EndpointPolicyType("SIDECAR_PROXY")
	// Represents a proxyless gRPC backend.
	EndpointPolicyTypeGrpcServer = EndpointPolicyType("GRPC_SERVER")
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AuditConfig 

type AuditConfig struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs []AuditLogConfig `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service *string `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

type AuditConfigArgs 

type AuditConfigArgs struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs AuditLogConfigArrayInput `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service pulumi.StringPtrInput `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

func (AuditConfigArgs) ElementType 

func (AuditConfigArgs) ElementType() reflect.Type

func (AuditConfigArgs) ToAuditConfigOutput 

func (i AuditConfigArgs) ToAuditConfigOutput() AuditConfigOutput

func (AuditConfigArgs) ToAuditConfigOutputWithContext 

func (i AuditConfigArgs) ToAuditConfigOutputWithContext(ctx context.Context) AuditConfigOutput

type AuditConfigArray 

type AuditConfigArray []AuditConfigInput

func (AuditConfigArray) ElementType 

func (AuditConfigArray) ElementType() reflect.Type

func (AuditConfigArray) ToAuditConfigArrayOutput 

func (i AuditConfigArray) ToAuditConfigArrayOutput() AuditConfigArrayOutput

func (AuditConfigArray) ToAuditConfigArrayOutputWithContext 

func (i AuditConfigArray) ToAuditConfigArrayOutputWithContext(ctx context.Context) AuditConfigArrayOutput

type AuditConfigArrayInput 

type AuditConfigArrayInput interface {
	pulumi.Input

	ToAuditConfigArrayOutput() AuditConfigArrayOutput
	ToAuditConfigArrayOutputWithContext(context.Context) AuditConfigArrayOutput
}

AuditConfigArrayInput is an input type that accepts AuditConfigArray and AuditConfigArrayOutput values. You can construct a concrete instance of `AuditConfigArrayInput` via: 

AuditConfigArray{ AuditConfigArgs{...} }

type AuditConfigArrayOutput 

type AuditConfigArrayOutput struct{ *pulumi.OutputState }

func (AuditConfigArrayOutput) ElementType 

func (AuditConfigArrayOutput) ElementType() reflect.Type

func (AuditConfigArrayOutput) Index 

func (o AuditConfigArrayOutput) Index(i pulumi.IntInput) AuditConfigOutput

func (AuditConfigArrayOutput) ToAuditConfigArrayOutput 

func (o AuditConfigArrayOutput) ToAuditConfigArrayOutput() AuditConfigArrayOutput

func (AuditConfigArrayOutput) ToAuditConfigArrayOutputWithContext 

func (o AuditConfigArrayOutput) ToAuditConfigArrayOutputWithContext(ctx context.Context) AuditConfigArrayOutput

type AuditConfigInput 

type AuditConfigInput interface {
	pulumi.Input

	ToAuditConfigOutput() AuditConfigOutput
	ToAuditConfigOutputWithContext(context.Context) AuditConfigOutput
}

AuditConfigInput is an input type that accepts AuditConfigArgs and AuditConfigOutput values. You can construct a concrete instance of `AuditConfigInput` via: 

AuditConfigArgs{...}

type AuditConfigOutput 

type AuditConfigOutput struct{ *pulumi.OutputState }

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

func (AuditConfigOutput) AuditLogConfigs 

func (o AuditConfigOutput) AuditLogConfigs() AuditLogConfigArrayOutput

The configuration for logging of each type of permission.

func (AuditConfigOutput) ElementType 

func (AuditConfigOutput) ElementType() reflect.Type

func (AuditConfigOutput) Service 

func (o AuditConfigOutput) Service() pulumi.StringPtrOutput

Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.

func (AuditConfigOutput) ToAuditConfigOutput 

func (o AuditConfigOutput) ToAuditConfigOutput() AuditConfigOutput

func (AuditConfigOutput) ToAuditConfigOutputWithContext 

func (o AuditConfigOutput) ToAuditConfigOutputWithContext(ctx context.Context) AuditConfigOutput

type AuditConfigResponse 

type AuditConfigResponse struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs []AuditLogConfigResponse `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service string `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

type AuditConfigResponseArrayOutput 

type AuditConfigResponseArrayOutput struct{ *pulumi.OutputState }

func (AuditConfigResponseArrayOutput) ElementType 

func (AuditConfigResponseArrayOutput) ElementType() reflect.Type

func (AuditConfigResponseArrayOutput) Index 

func (o AuditConfigResponseArrayOutput) Index(i pulumi.IntInput) AuditConfigResponseOutput

func (AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutput 

func (o AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutput() AuditConfigResponseArrayOutput

func (AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutputWithContext 

func (o AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutputWithContext(ctx context.Context) AuditConfigResponseArrayOutput

type AuditConfigResponseOutput 

type AuditConfigResponseOutput struct{ *pulumi.OutputState }

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

func (AuditConfigResponseOutput) AuditLogConfigs 

func (o AuditConfigResponseOutput) AuditLogConfigs() AuditLogConfigResponseArrayOutput

The configuration for logging of each type of permission.

func (AuditConfigResponseOutput) ElementType 

func (AuditConfigResponseOutput) ElementType() reflect.Type

func (AuditConfigResponseOutput) Service 

func (o AuditConfigResponseOutput) Service() pulumi.StringOutput

Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.

func (AuditConfigResponseOutput) ToAuditConfigResponseOutput 

func (o AuditConfigResponseOutput) ToAuditConfigResponseOutput() AuditConfigResponseOutput

func (AuditConfigResponseOutput) ToAuditConfigResponseOutputWithContext 

func (o AuditConfigResponseOutput) ToAuditConfigResponseOutputWithContext(ctx context.Context) AuditConfigResponseOutput

type AuditLogConfig 

type AuditLogConfig struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType *AuditLogConfigLogType `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

type AuditLogConfigArgs 

type AuditLogConfigArgs struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers pulumi.StringArrayInput `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType AuditLogConfigLogTypePtrInput `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (AuditLogConfigArgs) ElementType 

func (AuditLogConfigArgs) ElementType() reflect.Type

func (AuditLogConfigArgs) ToAuditLogConfigOutput 

func (i AuditLogConfigArgs) ToAuditLogConfigOutput() AuditLogConfigOutput

func (AuditLogConfigArgs) ToAuditLogConfigOutputWithContext 

func (i AuditLogConfigArgs) ToAuditLogConfigOutputWithContext(ctx context.Context) AuditLogConfigOutput

type AuditLogConfigArray 

type AuditLogConfigArray []AuditLogConfigInput

func (AuditLogConfigArray) ElementType 

func (AuditLogConfigArray) ElementType() reflect.Type

func (AuditLogConfigArray) ToAuditLogConfigArrayOutput 

func (i AuditLogConfigArray) ToAuditLogConfigArrayOutput() AuditLogConfigArrayOutput

func (AuditLogConfigArray) ToAuditLogConfigArrayOutputWithContext 

func (i AuditLogConfigArray) ToAuditLogConfigArrayOutputWithContext(ctx context.Context) AuditLogConfigArrayOutput

type AuditLogConfigArrayInput 

type AuditLogConfigArrayInput interface {
	pulumi.Input

	ToAuditLogConfigArrayOutput() AuditLogConfigArrayOutput
	ToAuditLogConfigArrayOutputWithContext(context.Context) AuditLogConfigArrayOutput
}

AuditLogConfigArrayInput is an input type that accepts AuditLogConfigArray and AuditLogConfigArrayOutput values. You can construct a concrete instance of `AuditLogConfigArrayInput` via: 

AuditLogConfigArray{ AuditLogConfigArgs{...} }

type AuditLogConfigArrayOutput 

type AuditLogConfigArrayOutput struct{ *pulumi.OutputState }

func (AuditLogConfigArrayOutput) ElementType 

func (AuditLogConfigArrayOutput) ElementType() reflect.Type

func (AuditLogConfigArrayOutput) Index 

func (o AuditLogConfigArrayOutput) Index(i pulumi.IntInput) AuditLogConfigOutput

func (AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutput 

func (o AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutput() AuditLogConfigArrayOutput

func (AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutputWithContext 

func (o AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutputWithContext(ctx context.Context) AuditLogConfigArrayOutput

type AuditLogConfigInput 

type AuditLogConfigInput interface {
	pulumi.Input

	ToAuditLogConfigOutput() AuditLogConfigOutput
	ToAuditLogConfigOutputWithContext(context.Context) AuditLogConfigOutput
}

AuditLogConfigInput is an input type that accepts AuditLogConfigArgs and AuditLogConfigOutput values. You can construct a concrete instance of `AuditLogConfigInput` via: 

AuditLogConfigArgs{...}

type AuditLogConfigLogType 

type AuditLogConfigLogType string

The log type that this config enables.

func (AuditLogConfigLogType) ElementType 

func (AuditLogConfigLogType) ElementType() reflect.Type

func (AuditLogConfigLogType) ToAuditLogConfigLogTypeOutput 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypeOutput() AuditLogConfigLogTypeOutput

func (AuditLogConfigLogType) ToAuditLogConfigLogTypeOutputWithContext 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypeOutputWithContext(ctx context.Context) AuditLogConfigLogTypeOutput

func (AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutput 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutputWithContext 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogType) ToStringOutput 

func (e AuditLogConfigLogType) ToStringOutput() pulumi.StringOutput

func (AuditLogConfigLogType) ToStringOutputWithContext 

func (e AuditLogConfigLogType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuditLogConfigLogType) ToStringPtrOutput 

func (e AuditLogConfigLogType) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuditLogConfigLogType) ToStringPtrOutputWithContext 

func (e AuditLogConfigLogType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuditLogConfigLogTypeInput 

type AuditLogConfigLogTypeInput interface {
	pulumi.Input

	ToAuditLogConfigLogTypeOutput() AuditLogConfigLogTypeOutput
	ToAuditLogConfigLogTypeOutputWithContext(context.Context) AuditLogConfigLogTypeOutput
}

AuditLogConfigLogTypeInput is an input type that accepts AuditLogConfigLogTypeArgs and AuditLogConfigLogTypeOutput values. You can construct a concrete instance of `AuditLogConfigLogTypeInput` via: 

AuditLogConfigLogTypeArgs{...}

type AuditLogConfigLogTypeOutput 

type AuditLogConfigLogTypeOutput struct{ *pulumi.OutputState }

func (AuditLogConfigLogTypeOutput) ElementType 

func (AuditLogConfigLogTypeOutput) ElementType() reflect.Type

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutput 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutput() AuditLogConfigLogTypeOutput

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutputWithContext 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutputWithContext(ctx context.Context) AuditLogConfigLogTypeOutput

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutput 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutputWithContext 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypeOutput) ToStringOutput 

func (o AuditLogConfigLogTypeOutput) ToStringOutput() pulumi.StringOutput

func (AuditLogConfigLogTypeOutput) ToStringOutputWithContext 

func (o AuditLogConfigLogTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuditLogConfigLogTypeOutput) ToStringPtrOutput 

func (o AuditLogConfigLogTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuditLogConfigLogTypeOutput) ToStringPtrOutputWithContext 

func (o AuditLogConfigLogTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuditLogConfigLogTypePtrInput 

type AuditLogConfigLogTypePtrInput interface {
	pulumi.Input

	ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput
	ToAuditLogConfigLogTypePtrOutputWithContext(context.Context) AuditLogConfigLogTypePtrOutput
}

func AuditLogConfigLogTypePtr 

func AuditLogConfigLogTypePtr(v string) AuditLogConfigLogTypePtrInput

type AuditLogConfigLogTypePtrOutput 

type AuditLogConfigLogTypePtrOutput struct{ *pulumi.OutputState }

func (AuditLogConfigLogTypePtrOutput) Elem 

func (o AuditLogConfigLogTypePtrOutput) Elem() AuditLogConfigLogTypeOutput

func (AuditLogConfigLogTypePtrOutput) ElementType 

func (AuditLogConfigLogTypePtrOutput) ElementType() reflect.Type

func (AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutput 

func (o AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutputWithContext 

func (o AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypePtrOutput) ToStringPtrOutput 

func (o AuditLogConfigLogTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuditLogConfigLogTypePtrOutput) ToStringPtrOutputWithContext 

func (o AuditLogConfigLogTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuditLogConfigOutput 

type AuditLogConfigOutput struct{ *pulumi.OutputState }

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (AuditLogConfigOutput) ElementType 

func (AuditLogConfigOutput) ElementType() reflect.Type

func (AuditLogConfigOutput) ExemptedMembers 

func (o AuditLogConfigOutput) ExemptedMembers() pulumi.StringArrayOutput

Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.

func (AuditLogConfigOutput) LogType 

func (o AuditLogConfigOutput) LogType() AuditLogConfigLogTypePtrOutput

The log type that this config enables.

func (AuditLogConfigOutput) ToAuditLogConfigOutput 

func (o AuditLogConfigOutput) ToAuditLogConfigOutput() AuditLogConfigOutput

func (AuditLogConfigOutput) ToAuditLogConfigOutputWithContext 

func (o AuditLogConfigOutput) ToAuditLogConfigOutputWithContext(ctx context.Context) AuditLogConfigOutput

type AuditLogConfigResponse 

type AuditLogConfigResponse struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType string `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

type AuditLogConfigResponseArrayOutput 

type AuditLogConfigResponseArrayOutput struct{ *pulumi.OutputState }

func (AuditLogConfigResponseArrayOutput) ElementType 

func (AuditLogConfigResponseArrayOutput) ElementType() reflect.Type

func (AuditLogConfigResponseArrayOutput) Index 

func (o AuditLogConfigResponseArrayOutput) Index(i pulumi.IntInput) AuditLogConfigResponseOutput

func (AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutput 

func (o AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutput() AuditLogConfigResponseArrayOutput

func (AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutputWithContext 

func (o AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutputWithContext(ctx context.Context) AuditLogConfigResponseArrayOutput

type AuditLogConfigResponseOutput 

type AuditLogConfigResponseOutput struct{ *pulumi.OutputState }

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (AuditLogConfigResponseOutput) ElementType 

func (AuditLogConfigResponseOutput) ElementType() reflect.Type

func (AuditLogConfigResponseOutput) ExemptedMembers 

func (o AuditLogConfigResponseOutput) ExemptedMembers() pulumi.StringArrayOutput

Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.

func (AuditLogConfigResponseOutput) LogType 

func (o AuditLogConfigResponseOutput) LogType() pulumi.StringOutput

The log type that this config enables.

func (AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutput 

func (o AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutput() AuditLogConfigResponseOutput

func (AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutputWithContext 

func (o AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutputWithContext(ctx context.Context) AuditLogConfigResponseOutput

type Binding 

type Binding struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition *Expr `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
	Members []string `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role *string `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

type BindingArgs 

type BindingArgs struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition ExprPtrInput `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
	Members pulumi.StringArrayInput `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringPtrInput `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

func (BindingArgs) ElementType 

func (BindingArgs) ElementType() reflect.Type

func (BindingArgs) ToBindingOutput 

func (i BindingArgs) ToBindingOutput() BindingOutput

func (BindingArgs) ToBindingOutputWithContext 

func (i BindingArgs) ToBindingOutputWithContext(ctx context.Context) BindingOutput

type BindingArray 

type BindingArray []BindingInput

func (BindingArray) ElementType 

func (BindingArray) ElementType() reflect.Type

func (BindingArray) ToBindingArrayOutput 

func (i BindingArray) ToBindingArrayOutput() BindingArrayOutput

func (BindingArray) ToBindingArrayOutputWithContext 

func (i BindingArray) ToBindingArrayOutputWithContext(ctx context.Context) BindingArrayOutput

type BindingArrayInput 

type BindingArrayInput interface {
	pulumi.Input

	ToBindingArrayOutput() BindingArrayOutput
	ToBindingArrayOutputWithContext(context.Context) BindingArrayOutput
}

BindingArrayInput is an input type that accepts BindingArray and BindingArrayOutput values. You can construct a concrete instance of `BindingArrayInput` via: 

BindingArray{ BindingArgs{...} }

type BindingArrayOutput 

type BindingArrayOutput struct{ *pulumi.OutputState }

func (BindingArrayOutput) ElementType 

func (BindingArrayOutput) ElementType() reflect.Type

func (BindingArrayOutput) Index 

func (o BindingArrayOutput) Index(i pulumi.IntInput) BindingOutput

func (BindingArrayOutput) ToBindingArrayOutput 

func (o BindingArrayOutput) ToBindingArrayOutput() BindingArrayOutput

func (BindingArrayOutput) ToBindingArrayOutputWithContext 

func (o BindingArrayOutput) ToBindingArrayOutputWithContext(ctx context.Context) BindingArrayOutput

type BindingInput 

type BindingInput interface {
	pulumi.Input

	ToBindingOutput() BindingOutput
	ToBindingOutputWithContext(context.Context) BindingOutput
}

BindingInput is an input type that accepts BindingArgs and BindingOutput values. You can construct a concrete instance of `BindingInput` via: 

BindingArgs{...}

type BindingOutput 

type BindingOutput struct{ *pulumi.OutputState }

Associates `members`, or principals, with a `role`.

func (BindingOutput) Condition 

func (o BindingOutput) Condition() ExprPtrOutput

The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

func (BindingOutput) ElementType 

func (BindingOutput) ElementType() reflect.Type

func (BindingOutput) Members 

func (o BindingOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.

func (BindingOutput) Role 

func (o BindingOutput) Role() pulumi.StringPtrOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (BindingOutput) ToBindingOutput 

func (o BindingOutput) ToBindingOutput() BindingOutput

func (BindingOutput) ToBindingOutputWithContext 

func (o BindingOutput) ToBindingOutputWithContext(ctx context.Context) BindingOutput

type BindingResponse 

type BindingResponse struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition ExprResponse `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
	Members []string `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role string `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

type BindingResponseArrayOutput 

type BindingResponseArrayOutput struct{ *pulumi.OutputState }

func (BindingResponseArrayOutput) ElementType 

func (BindingResponseArrayOutput) ElementType() reflect.Type

func (BindingResponseArrayOutput) Index 

func (o BindingResponseArrayOutput) Index(i pulumi.IntInput) BindingResponseOutput

func (BindingResponseArrayOutput) ToBindingResponseArrayOutput 

func (o BindingResponseArrayOutput) ToBindingResponseArrayOutput() BindingResponseArrayOutput

func (BindingResponseArrayOutput) ToBindingResponseArrayOutputWithContext 

func (o BindingResponseArrayOutput) ToBindingResponseArrayOutputWithContext(ctx context.Context) BindingResponseArrayOutput

type BindingResponseOutput 

type BindingResponseOutput struct{ *pulumi.OutputState }

Associates `members`, or principals, with a `role`.

func (BindingResponseOutput) Condition 

func (o BindingResponseOutput) Condition() ExprResponseOutput

The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

func (BindingResponseOutput) ElementType 

func (BindingResponseOutput) ElementType() reflect.Type

func (BindingResponseOutput) Members 

func (o BindingResponseOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.

func (BindingResponseOutput) Role 

func (o BindingResponseOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (BindingResponseOutput) ToBindingResponseOutput 

func (o BindingResponseOutput) ToBindingResponseOutput() BindingResponseOutput

func (BindingResponseOutput) ToBindingResponseOutputWithContext 

func (o BindingResponseOutput) ToBindingResponseOutputWithContext(ctx context.Context) BindingResponseOutput

type EdgeCacheKeysetIamPolicy 

type EdgeCacheKeysetIamPolicy struct {
	pulumi.CustomResourceState

	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings BindingResponseArrayOutput `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetEdgeCacheKeysetIamPolicy 

func GetEdgeCacheKeysetIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *EdgeCacheKeysetIamPolicyState, opts ...pulumi.ResourceOption) (*EdgeCacheKeysetIamPolicy, error)

GetEdgeCacheKeysetIamPolicy gets an existing EdgeCacheKeysetIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewEdgeCacheKeysetIamPolicy 

func NewEdgeCacheKeysetIamPolicy(ctx *pulumi.Context,
	name string, args *EdgeCacheKeysetIamPolicyArgs, opts ...pulumi.ResourceOption) (*EdgeCacheKeysetIamPolicy, error)

NewEdgeCacheKeysetIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*EdgeCacheKeysetIamPolicy) ElementType 

func (*EdgeCacheKeysetIamPolicy) ElementType() reflect.Type

func (*EdgeCacheKeysetIamPolicy) ToEdgeCacheKeysetIamPolicyOutput 

func (i *EdgeCacheKeysetIamPolicy) ToEdgeCacheKeysetIamPolicyOutput() EdgeCacheKeysetIamPolicyOutput

func (*EdgeCacheKeysetIamPolicy) ToEdgeCacheKeysetIamPolicyOutputWithContext 

func (i *EdgeCacheKeysetIamPolicy) ToEdgeCacheKeysetIamPolicyOutputWithContext(ctx context.Context) EdgeCacheKeysetIamPolicyOutput

type EdgeCacheKeysetIamPolicyArgs 

type EdgeCacheKeysetIamPolicyArgs struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigArrayInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings          BindingArrayInput
	EdgeCacheKeysetId pulumi.StringInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringPtrInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a EdgeCacheKeysetIamPolicy resource.

func (EdgeCacheKeysetIamPolicyArgs) ElementType 

func (EdgeCacheKeysetIamPolicyArgs) ElementType() reflect.Type

type EdgeCacheKeysetIamPolicyInput 

type EdgeCacheKeysetIamPolicyInput interface {
	pulumi.Input

	ToEdgeCacheKeysetIamPolicyOutput() EdgeCacheKeysetIamPolicyOutput
	ToEdgeCacheKeysetIamPolicyOutputWithContext(ctx context.Context) EdgeCacheKeysetIamPolicyOutput
}

type EdgeCacheKeysetIamPolicyOutput 

type EdgeCacheKeysetIamPolicyOutput struct{ *pulumi.OutputState }

func (EdgeCacheKeysetIamPolicyOutput) ElementType 

func (EdgeCacheKeysetIamPolicyOutput) ElementType() reflect.Type

func (EdgeCacheKeysetIamPolicyOutput) ToEdgeCacheKeysetIamPolicyOutput 

func (o EdgeCacheKeysetIamPolicyOutput) ToEdgeCacheKeysetIamPolicyOutput() EdgeCacheKeysetIamPolicyOutput

func (EdgeCacheKeysetIamPolicyOutput) ToEdgeCacheKeysetIamPolicyOutputWithContext 

func (o EdgeCacheKeysetIamPolicyOutput) ToEdgeCacheKeysetIamPolicyOutputWithContext(ctx context.Context) EdgeCacheKeysetIamPolicyOutput

type EdgeCacheKeysetIamPolicyState 

type EdgeCacheKeysetIamPolicyState struct {
}

func (EdgeCacheKeysetIamPolicyState) ElementType 

func (EdgeCacheKeysetIamPolicyState) ElementType() reflect.Type

type EdgeCacheOriginIamPolicy 

type EdgeCacheOriginIamPolicy struct {
	pulumi.CustomResourceState

	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings BindingResponseArrayOutput `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetEdgeCacheOriginIamPolicy 

func GetEdgeCacheOriginIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *EdgeCacheOriginIamPolicyState, opts ...pulumi.ResourceOption) (*EdgeCacheOriginIamPolicy, error)

GetEdgeCacheOriginIamPolicy gets an existing EdgeCacheOriginIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewEdgeCacheOriginIamPolicy 

func NewEdgeCacheOriginIamPolicy(ctx *pulumi.Context,
	name string, args *EdgeCacheOriginIamPolicyArgs, opts ...pulumi.ResourceOption) (*EdgeCacheOriginIamPolicy, error)

NewEdgeCacheOriginIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*EdgeCacheOriginIamPolicy) ElementType 

func (*EdgeCacheOriginIamPolicy) ElementType() reflect.Type

func (*EdgeCacheOriginIamPolicy) ToEdgeCacheOriginIamPolicyOutput 

func (i *EdgeCacheOriginIamPolicy) ToEdgeCacheOriginIamPolicyOutput() EdgeCacheOriginIamPolicyOutput

func (*EdgeCacheOriginIamPolicy) ToEdgeCacheOriginIamPolicyOutputWithContext 

func (i *EdgeCacheOriginIamPolicy) ToEdgeCacheOriginIamPolicyOutputWithContext(ctx context.Context) EdgeCacheOriginIamPolicyOutput

type EdgeCacheOriginIamPolicyArgs 

type EdgeCacheOriginIamPolicyArgs struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigArrayInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings          BindingArrayInput
	EdgeCacheOriginId pulumi.StringInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringPtrInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a EdgeCacheOriginIamPolicy resource.

func (EdgeCacheOriginIamPolicyArgs) ElementType 

func (EdgeCacheOriginIamPolicyArgs) ElementType() reflect.Type

type EdgeCacheOriginIamPolicyInput 

type EdgeCacheOriginIamPolicyInput interface {
	pulumi.Input

	ToEdgeCacheOriginIamPolicyOutput() EdgeCacheOriginIamPolicyOutput
	ToEdgeCacheOriginIamPolicyOutputWithContext(ctx context.Context) EdgeCacheOriginIamPolicyOutput
}

type EdgeCacheOriginIamPolicyOutput 

type EdgeCacheOriginIamPolicyOutput struct{ *pulumi.OutputState }

func (EdgeCacheOriginIamPolicyOutput) ElementType 

func (EdgeCacheOriginIamPolicyOutput) ElementType() reflect.Type

func (EdgeCacheOriginIamPolicyOutput) ToEdgeCacheOriginIamPolicyOutput 

func (o EdgeCacheOriginIamPolicyOutput) ToEdgeCacheOriginIamPolicyOutput() EdgeCacheOriginIamPolicyOutput

func (EdgeCacheOriginIamPolicyOutput) ToEdgeCacheOriginIamPolicyOutputWithContext 

func (o EdgeCacheOriginIamPolicyOutput) ToEdgeCacheOriginIamPolicyOutputWithContext(ctx context.Context) EdgeCacheOriginIamPolicyOutput

type EdgeCacheOriginIamPolicyState 

type EdgeCacheOriginIamPolicyState struct {
}

func (EdgeCacheOriginIamPolicyState) ElementType 

func (EdgeCacheOriginIamPolicyState) ElementType() reflect.Type

type EdgeCacheServiceIamPolicy 

type EdgeCacheServiceIamPolicy struct {
	pulumi.CustomResourceState

	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings BindingResponseArrayOutput `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetEdgeCacheServiceIamPolicy 

func GetEdgeCacheServiceIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *EdgeCacheServiceIamPolicyState, opts ...pulumi.ResourceOption) (*EdgeCacheServiceIamPolicy, error)

GetEdgeCacheServiceIamPolicy gets an existing EdgeCacheServiceIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewEdgeCacheServiceIamPolicy 

func NewEdgeCacheServiceIamPolicy(ctx *pulumi.Context,
	name string, args *EdgeCacheServiceIamPolicyArgs, opts ...pulumi.ResourceOption) (*EdgeCacheServiceIamPolicy, error)

NewEdgeCacheServiceIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*EdgeCacheServiceIamPolicy) ElementType 

func (*EdgeCacheServiceIamPolicy) ElementType() reflect.Type

func (*EdgeCacheServiceIamPolicy) ToEdgeCacheServiceIamPolicyOutput 

func (i *EdgeCacheServiceIamPolicy) ToEdgeCacheServiceIamPolicyOutput() EdgeCacheServiceIamPolicyOutput

func (*EdgeCacheServiceIamPolicy) ToEdgeCacheServiceIamPolicyOutputWithContext 

func (i *EdgeCacheServiceIamPolicy) ToEdgeCacheServiceIamPolicyOutputWithContext(ctx context.Context) EdgeCacheServiceIamPolicyOutput

type EdgeCacheServiceIamPolicyArgs 

type EdgeCacheServiceIamPolicyArgs struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigArrayInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings           BindingArrayInput
	EdgeCacheServiceId pulumi.StringInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringPtrInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a EdgeCacheServiceIamPolicy resource.

func (EdgeCacheServiceIamPolicyArgs) ElementType 

func (EdgeCacheServiceIamPolicyArgs) ElementType() reflect.Type

type EdgeCacheServiceIamPolicyInput 

type EdgeCacheServiceIamPolicyInput interface {
	pulumi.Input

	ToEdgeCacheServiceIamPolicyOutput() EdgeCacheServiceIamPolicyOutput
	ToEdgeCacheServiceIamPolicyOutputWithContext(ctx context.Context) EdgeCacheServiceIamPolicyOutput
}

type EdgeCacheServiceIamPolicyOutput 

type EdgeCacheServiceIamPolicyOutput struct{ *pulumi.OutputState }

func (EdgeCacheServiceIamPolicyOutput) ElementType 

func (EdgeCacheServiceIamPolicyOutput) ElementType() reflect.Type

func (EdgeCacheServiceIamPolicyOutput) ToEdgeCacheServiceIamPolicyOutput 

func (o EdgeCacheServiceIamPolicyOutput) ToEdgeCacheServiceIamPolicyOutput() EdgeCacheServiceIamPolicyOutput

func (EdgeCacheServiceIamPolicyOutput) ToEdgeCacheServiceIamPolicyOutputWithContext 

func (o EdgeCacheServiceIamPolicyOutput) ToEdgeCacheServiceIamPolicyOutputWithContext(ctx context.Context) EdgeCacheServiceIamPolicyOutput

type EdgeCacheServiceIamPolicyState 

type EdgeCacheServiceIamPolicyState struct {
}

func (EdgeCacheServiceIamPolicyState) ElementType 

func (EdgeCacheServiceIamPolicyState) ElementType() reflect.Type

type EndpointMatcher 

type EndpointMatcher struct {
	// The matcher is based on node metadata presented by xDS clients.
	MetadataLabelMatcher *EndpointMatcherMetadataLabelMatcher `pulumi:"metadataLabelMatcher"`
}

A definition of a matcher that selects endpoints to which the policies should be applied.

type EndpointMatcherArgs 

type EndpointMatcherArgs struct {
	// The matcher is based on node metadata presented by xDS clients.
	MetadataLabelMatcher EndpointMatcherMetadataLabelMatcherPtrInput `pulumi:"metadataLabelMatcher"`
}

A definition of a matcher that selects endpoints to which the policies should be applied.

func (EndpointMatcherArgs) ElementType 

func (EndpointMatcherArgs) ElementType() reflect.Type

func (EndpointMatcherArgs) ToEndpointMatcherOutput 

func (i EndpointMatcherArgs) ToEndpointMatcherOutput() EndpointMatcherOutput

func (EndpointMatcherArgs) ToEndpointMatcherOutputWithContext 

func (i EndpointMatcherArgs) ToEndpointMatcherOutputWithContext(ctx context.Context) EndpointMatcherOutput

type EndpointMatcherInput 

type EndpointMatcherInput interface {
	pulumi.Input

	ToEndpointMatcherOutput() EndpointMatcherOutput
	ToEndpointMatcherOutputWithContext(context.Context) EndpointMatcherOutput
}

EndpointMatcherInput is an input type that accepts EndpointMatcherArgs and EndpointMatcherOutput values. You can construct a concrete instance of `EndpointMatcherInput` via: 

EndpointMatcherArgs{...}

type EndpointMatcherMetadataLabelMatcher 

type EndpointMatcherMetadataLabelMatcher struct {
	// Specifies how matching should be done. Supported values are: MATCH_ANY: At least one of the Labels specified in the matcher should match the metadata presented by xDS client. MATCH_ALL: The metadata presented by the xDS client should contain all of the labels specified here. The selection is determined based on the best match. For example, suppose there are three EndpointPolicy resources P1, P2 and P3 and if P1 has a the matcher as MATCH_ANY , P2 has MATCH_ALL , and P3 has MATCH_ALL . If a client with label connects, the config from P1 will be selected. If a client with label connects, the config from P2 will be selected. If a client with label connects, the config from P3 will be selected. If there is more than one best match, (for example, if a config P4 with selector exists and if a client with label connects), an error will be thrown.
	MetadataLabelMatchCriteria *EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria `pulumi:"metadataLabelMatchCriteria"`
	// The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list can have at most 64 entries. The list can be empty if the match criteria is MATCH_ANY, to specify a wildcard match (i.e this matches any client).
	MetadataLabels []EndpointMatcherMetadataLabelMatcherMetadataLabels `pulumi:"metadataLabels"`
}

The matcher that is based on node metadata presented by xDS clients.

type EndpointMatcherMetadataLabelMatcherArgs 

type EndpointMatcherMetadataLabelMatcherArgs struct {
	// Specifies how matching should be done. Supported values are: MATCH_ANY: At least one of the Labels specified in the matcher should match the metadata presented by xDS client. MATCH_ALL: The metadata presented by the xDS client should contain all of the labels specified here. The selection is determined based on the best match. For example, suppose there are three EndpointPolicy resources P1, P2 and P3 and if P1 has a the matcher as MATCH_ANY , P2 has MATCH_ALL , and P3 has MATCH_ALL . If a client with label connects, the config from P1 will be selected. If a client with label connects, the config from P2 will be selected. If a client with label connects, the config from P3 will be selected. If there is more than one best match, (for example, if a config P4 with selector exists and if a client with label connects), an error will be thrown.
	MetadataLabelMatchCriteria EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrInput `pulumi:"metadataLabelMatchCriteria"`
	// The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list can have at most 64 entries. The list can be empty if the match criteria is MATCH_ANY, to specify a wildcard match (i.e this matches any client).
	MetadataLabels EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayInput `pulumi:"metadataLabels"`
}

The matcher that is based on node metadata presented by xDS clients.

func (EndpointMatcherMetadataLabelMatcherArgs) ElementType 

func (EndpointMatcherMetadataLabelMatcherArgs) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherArgs) ToEndpointMatcherMetadataLabelMatcherOutput 

func (i EndpointMatcherMetadataLabelMatcherArgs) ToEndpointMatcherMetadataLabelMatcherOutput() EndpointMatcherMetadataLabelMatcherOutput

func (EndpointMatcherMetadataLabelMatcherArgs) ToEndpointMatcherMetadataLabelMatcherOutputWithContext 

func (i EndpointMatcherMetadataLabelMatcherArgs) ToEndpointMatcherMetadataLabelMatcherOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherOutput

func (EndpointMatcherMetadataLabelMatcherArgs) ToEndpointMatcherMetadataLabelMatcherPtrOutput 

func (i EndpointMatcherMetadataLabelMatcherArgs) ToEndpointMatcherMetadataLabelMatcherPtrOutput() EndpointMatcherMetadataLabelMatcherPtrOutput

func (EndpointMatcherMetadataLabelMatcherArgs) ToEndpointMatcherMetadataLabelMatcherPtrOutputWithContext 

func (i EndpointMatcherMetadataLabelMatcherArgs) ToEndpointMatcherMetadataLabelMatcherPtrOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherPtrOutput

type EndpointMatcherMetadataLabelMatcherInput 

type EndpointMatcherMetadataLabelMatcherInput interface {
	pulumi.Input

	ToEndpointMatcherMetadataLabelMatcherOutput() EndpointMatcherMetadataLabelMatcherOutput
	ToEndpointMatcherMetadataLabelMatcherOutputWithContext(context.Context) EndpointMatcherMetadataLabelMatcherOutput
}

EndpointMatcherMetadataLabelMatcherInput is an input type that accepts EndpointMatcherMetadataLabelMatcherArgs and EndpointMatcherMetadataLabelMatcherOutput values. You can construct a concrete instance of `EndpointMatcherMetadataLabelMatcherInput` via: 

EndpointMatcherMetadataLabelMatcherArgs{...}

type EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria 

type EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria string

Specifies how matching should be done. Supported values are: MATCH_ANY: At least one of the Labels specified in the matcher should match the metadata presented by xDS client. MATCH_ALL: The metadata presented by the xDS client should contain all of the labels specified here. The selection is determined based on the best match. For example, suppose there are three EndpointPolicy resources P1, P2 and P3 and if P1 has a the matcher as MATCH_ANY , P2 has MATCH_ALL , and P3 has MATCH_ALL . If a client with label connects, the config from P1 will be selected. If a client with label connects, the config from P2 will be selected. If a client with label connects, the config from P3 will be selected. If there is more than one best match, (for example, if a config P4 with selector exists and if a client with label connects), an error will be thrown.

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ElementType 

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput 

func (e EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutputWithContext 

func (e EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput 

func (e EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutputWithContext 

func (e EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToStringOutput 

func (e EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToStringOutput() pulumi.StringOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToStringOutputWithContext 

func (e EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToStringPtrOutput 

func (e EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToStringPtrOutput() pulumi.StringPtrOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToStringPtrOutputWithContext 

func (e EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteria) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaInput 

type EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaInput interface {
	pulumi.Input

	ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput
	ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutputWithContext(context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput
}

EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaInput is an input type that accepts EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaArgs and EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput values. You can construct a concrete instance of `EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaInput` via: 

EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaArgs{...}

type EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput 

type EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput struct{ *pulumi.OutputState }

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ElementType 

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToStringOutput 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToStringOutput() pulumi.StringOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToStringOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToStringPtrOutput 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToStringPtrOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrInput 

type EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrInput interface {
	pulumi.Input

	ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput
	ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutputWithContext(context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput
}

func EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtr 

func EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtr(v string) EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrInput

type EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput 

type EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput struct{ *pulumi.OutputState }

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) Elem 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) Elem() EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) ElementType 

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) ToStringPtrOutput 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) ToStringPtrOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EndpointMatcherMetadataLabelMatcherMetadataLabels 

type EndpointMatcherMetadataLabelMatcherMetadataLabels struct {
	// Label name presented as key in xDS Node Metadata.
	LabelName string `pulumi:"labelName"`
	// Label value presented as value corresponding to the above key, in xDS Node Metadata.
	LabelValue string `pulumi:"labelValue"`
}

Defines a name-pair value for a single label.

type EndpointMatcherMetadataLabelMatcherMetadataLabelsArgs 

type EndpointMatcherMetadataLabelMatcherMetadataLabelsArgs struct {
	// Label name presented as key in xDS Node Metadata.
	LabelName pulumi.StringInput `pulumi:"labelName"`
	// Label value presented as value corresponding to the above key, in xDS Node Metadata.
	LabelValue pulumi.StringInput `pulumi:"labelValue"`
}

Defines a name-pair value for a single label.

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArgs) ElementType 

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArgs) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArgs) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsOutput 

func (i EndpointMatcherMetadataLabelMatcherMetadataLabelsArgs) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArgs) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsOutputWithContext 

func (i EndpointMatcherMetadataLabelMatcherMetadataLabelsArgs) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput

type EndpointMatcherMetadataLabelMatcherMetadataLabelsArray 

type EndpointMatcherMetadataLabelMatcherMetadataLabelsArray []EndpointMatcherMetadataLabelMatcherMetadataLabelsInput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArray) ElementType 

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArray) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArray) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput 

func (i EndpointMatcherMetadataLabelMatcherMetadataLabelsArray) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArray) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutputWithContext 

func (i EndpointMatcherMetadataLabelMatcherMetadataLabelsArray) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput

type EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayInput 

type EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayInput interface {
	pulumi.Input

	ToEndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput
	ToEndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutputWithContext(context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput
}

EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayInput is an input type that accepts EndpointMatcherMetadataLabelMatcherMetadataLabelsArray and EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput values. You can construct a concrete instance of `EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayInput` via: 

EndpointMatcherMetadataLabelMatcherMetadataLabelsArray{ EndpointMatcherMetadataLabelMatcherMetadataLabelsArgs{...} }

type EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput 

type EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput struct{ *pulumi.OutputState }

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput) ElementType 

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput) Index 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput) Index(i pulumi.IntInput) EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput

type EndpointMatcherMetadataLabelMatcherMetadataLabelsInput 

type EndpointMatcherMetadataLabelMatcherMetadataLabelsInput interface {
	pulumi.Input

	ToEndpointMatcherMetadataLabelMatcherMetadataLabelsOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput
	ToEndpointMatcherMetadataLabelMatcherMetadataLabelsOutputWithContext(context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput
}

EndpointMatcherMetadataLabelMatcherMetadataLabelsInput is an input type that accepts EndpointMatcherMetadataLabelMatcherMetadataLabelsArgs and EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput values. You can construct a concrete instance of `EndpointMatcherMetadataLabelMatcherMetadataLabelsInput` via: 

EndpointMatcherMetadataLabelMatcherMetadataLabelsArgs{...}

type EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput 

type EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput struct{ *pulumi.OutputState }

Defines a name-pair value for a single label.

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput) ElementType 

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput) LabelName 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput) LabelName() pulumi.StringOutput

Label name presented as key in xDS Node Metadata.

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput) LabelValue 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput) LabelValue() pulumi.StringOutput

Label value presented as value corresponding to the above key, in xDS Node Metadata.

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsOutput 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelsOutput

type EndpointMatcherMetadataLabelMatcherMetadataLabelsResponse 

type EndpointMatcherMetadataLabelMatcherMetadataLabelsResponse struct {
	// Label name presented as key in xDS Node Metadata.
	LabelName string `pulumi:"labelName"`
	// Label value presented as value corresponding to the above key, in xDS Node Metadata.
	LabelValue string `pulumi:"labelValue"`
}

Defines a name-pair value for a single label.

type EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput 

type EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput struct{ *pulumi.OutputState }

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput) ElementType 

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput) Index 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput) Index(i pulumi.IntInput) EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput

type EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput 

type EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput struct{ *pulumi.OutputState }

Defines a name-pair value for a single label.

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput) ElementType 

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput) LabelName 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput) LabelName() pulumi.StringOutput

Label name presented as key in xDS Node Metadata.

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput) LabelValue 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput) LabelValue() pulumi.StringOutput

Label value presented as value corresponding to the above key, in xDS Node Metadata.

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput() EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput

func (EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput) ToEndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseOutput

type EndpointMatcherMetadataLabelMatcherOutput 

type EndpointMatcherMetadataLabelMatcherOutput struct{ *pulumi.OutputState }

The matcher that is based on node metadata presented by xDS clients.

func (EndpointMatcherMetadataLabelMatcherOutput) ElementType 

func (EndpointMatcherMetadataLabelMatcherOutput) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherOutput) MetadataLabelMatchCriteria 

func (o EndpointMatcherMetadataLabelMatcherOutput) MetadataLabelMatchCriteria() EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput

Specifies how matching should be done. Supported values are: MATCH_ANY: At least one of the Labels specified in the matcher should match the metadata presented by xDS client. MATCH_ALL: The metadata presented by the xDS client should contain all of the labels specified here. The selection is determined based on the best match. For example, suppose there are three EndpointPolicy resources P1, P2 and P3 and if P1 has a the matcher as MATCH_ANY , P2 has MATCH_ALL , and P3 has MATCH_ALL . If a client with label connects, the config from P1 will be selected. If a client with label connects, the config from P2 will be selected. If a client with label connects, the config from P3 will be selected. If there is more than one best match, (for example, if a config P4 with selector exists and if a client with label connects), an error will be thrown.

func (EndpointMatcherMetadataLabelMatcherOutput) MetadataLabels 

func (o EndpointMatcherMetadataLabelMatcherOutput) MetadataLabels() EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput

The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list can have at most 64 entries. The list can be empty if the match criteria is MATCH_ANY, to specify a wildcard match (i.e this matches any client).

func (EndpointMatcherMetadataLabelMatcherOutput) ToEndpointMatcherMetadataLabelMatcherOutput 

func (o EndpointMatcherMetadataLabelMatcherOutput) ToEndpointMatcherMetadataLabelMatcherOutput() EndpointMatcherMetadataLabelMatcherOutput

func (EndpointMatcherMetadataLabelMatcherOutput) ToEndpointMatcherMetadataLabelMatcherOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherOutput) ToEndpointMatcherMetadataLabelMatcherOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherOutput

func (EndpointMatcherMetadataLabelMatcherOutput) ToEndpointMatcherMetadataLabelMatcherPtrOutput 

func (o EndpointMatcherMetadataLabelMatcherOutput) ToEndpointMatcherMetadataLabelMatcherPtrOutput() EndpointMatcherMetadataLabelMatcherPtrOutput

func (EndpointMatcherMetadataLabelMatcherOutput) ToEndpointMatcherMetadataLabelMatcherPtrOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherOutput) ToEndpointMatcherMetadataLabelMatcherPtrOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherPtrOutput

type EndpointMatcherMetadataLabelMatcherPtrInput 

type EndpointMatcherMetadataLabelMatcherPtrInput interface {
	pulumi.Input

	ToEndpointMatcherMetadataLabelMatcherPtrOutput() EndpointMatcherMetadataLabelMatcherPtrOutput
	ToEndpointMatcherMetadataLabelMatcherPtrOutputWithContext(context.Context) EndpointMatcherMetadataLabelMatcherPtrOutput
}

EndpointMatcherMetadataLabelMatcherPtrInput is an input type that accepts EndpointMatcherMetadataLabelMatcherArgs, EndpointMatcherMetadataLabelMatcherPtr and EndpointMatcherMetadataLabelMatcherPtrOutput values. You can construct a concrete instance of `EndpointMatcherMetadataLabelMatcherPtrInput` via: 

        EndpointMatcherMetadataLabelMatcherArgs{...}

or:

        nil

func EndpointMatcherMetadataLabelMatcherPtr 

func EndpointMatcherMetadataLabelMatcherPtr(v *EndpointMatcherMetadataLabelMatcherArgs) EndpointMatcherMetadataLabelMatcherPtrInput

type EndpointMatcherMetadataLabelMatcherPtrOutput 

type EndpointMatcherMetadataLabelMatcherPtrOutput struct{ *pulumi.OutputState }

func (EndpointMatcherMetadataLabelMatcherPtrOutput) Elem 

func (o EndpointMatcherMetadataLabelMatcherPtrOutput) Elem() EndpointMatcherMetadataLabelMatcherOutput

func (EndpointMatcherMetadataLabelMatcherPtrOutput) ElementType 

func (EndpointMatcherMetadataLabelMatcherPtrOutput) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherPtrOutput) MetadataLabelMatchCriteria 

func (o EndpointMatcherMetadataLabelMatcherPtrOutput) MetadataLabelMatchCriteria() EndpointMatcherMetadataLabelMatcherMetadataLabelMatchCriteriaPtrOutput

Specifies how matching should be done. Supported values are: MATCH_ANY: At least one of the Labels specified in the matcher should match the metadata presented by xDS client. MATCH_ALL: The metadata presented by the xDS client should contain all of the labels specified here. The selection is determined based on the best match. For example, suppose there are three EndpointPolicy resources P1, P2 and P3 and if P1 has a the matcher as MATCH_ANY , P2 has MATCH_ALL , and P3 has MATCH_ALL . If a client with label connects, the config from P1 will be selected. If a client with label connects, the config from P2 will be selected. If a client with label connects, the config from P3 will be selected. If there is more than one best match, (for example, if a config P4 with selector exists and if a client with label connects), an error will be thrown.

func (EndpointMatcherMetadataLabelMatcherPtrOutput) MetadataLabels 

func (o EndpointMatcherMetadataLabelMatcherPtrOutput) MetadataLabels() EndpointMatcherMetadataLabelMatcherMetadataLabelsArrayOutput

The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list can have at most 64 entries. The list can be empty if the match criteria is MATCH_ANY, to specify a wildcard match (i.e this matches any client).

func (EndpointMatcherMetadataLabelMatcherPtrOutput) ToEndpointMatcherMetadataLabelMatcherPtrOutput 

func (o EndpointMatcherMetadataLabelMatcherPtrOutput) ToEndpointMatcherMetadataLabelMatcherPtrOutput() EndpointMatcherMetadataLabelMatcherPtrOutput

func (EndpointMatcherMetadataLabelMatcherPtrOutput) ToEndpointMatcherMetadataLabelMatcherPtrOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherPtrOutput) ToEndpointMatcherMetadataLabelMatcherPtrOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherPtrOutput

type EndpointMatcherMetadataLabelMatcherResponse 

type EndpointMatcherMetadataLabelMatcherResponse struct {
	// Specifies how matching should be done. Supported values are: MATCH_ANY: At least one of the Labels specified in the matcher should match the metadata presented by xDS client. MATCH_ALL: The metadata presented by the xDS client should contain all of the labels specified here. The selection is determined based on the best match. For example, suppose there are three EndpointPolicy resources P1, P2 and P3 and if P1 has a the matcher as MATCH_ANY , P2 has MATCH_ALL , and P3 has MATCH_ALL . If a client with label connects, the config from P1 will be selected. If a client with label connects, the config from P2 will be selected. If a client with label connects, the config from P3 will be selected. If there is more than one best match, (for example, if a config P4 with selector exists and if a client with label connects), an error will be thrown.
	MetadataLabelMatchCriteria string `pulumi:"metadataLabelMatchCriteria"`
	// The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list can have at most 64 entries. The list can be empty if the match criteria is MATCH_ANY, to specify a wildcard match (i.e this matches any client).
	MetadataLabels []EndpointMatcherMetadataLabelMatcherMetadataLabelsResponse `pulumi:"metadataLabels"`
}

The matcher that is based on node metadata presented by xDS clients.

type EndpointMatcherMetadataLabelMatcherResponseOutput 

type EndpointMatcherMetadataLabelMatcherResponseOutput struct{ *pulumi.OutputState }

The matcher that is based on node metadata presented by xDS clients.

func (EndpointMatcherMetadataLabelMatcherResponseOutput) ElementType 

func (EndpointMatcherMetadataLabelMatcherResponseOutput) ElementType() reflect.Type

func (EndpointMatcherMetadataLabelMatcherResponseOutput) MetadataLabelMatchCriteria 

func (o EndpointMatcherMetadataLabelMatcherResponseOutput) MetadataLabelMatchCriteria() pulumi.StringOutput

Specifies how matching should be done. Supported values are: MATCH_ANY: At least one of the Labels specified in the matcher should match the metadata presented by xDS client. MATCH_ALL: The metadata presented by the xDS client should contain all of the labels specified here. The selection is determined based on the best match. For example, suppose there are three EndpointPolicy resources P1, P2 and P3 and if P1 has a the matcher as MATCH_ANY , P2 has MATCH_ALL , and P3 has MATCH_ALL . If a client with label connects, the config from P1 will be selected. If a client with label connects, the config from P2 will be selected. If a client with label connects, the config from P3 will be selected. If there is more than one best match, (for example, if a config P4 with selector exists and if a client with label connects), an error will be thrown.

func (EndpointMatcherMetadataLabelMatcherResponseOutput) MetadataLabels 

func (o EndpointMatcherMetadataLabelMatcherResponseOutput) MetadataLabels() EndpointMatcherMetadataLabelMatcherMetadataLabelsResponseArrayOutput

The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list can have at most 64 entries. The list can be empty if the match criteria is MATCH_ANY, to specify a wildcard match (i.e this matches any client).

func (EndpointMatcherMetadataLabelMatcherResponseOutput) ToEndpointMatcherMetadataLabelMatcherResponseOutput 

func (o EndpointMatcherMetadataLabelMatcherResponseOutput) ToEndpointMatcherMetadataLabelMatcherResponseOutput() EndpointMatcherMetadataLabelMatcherResponseOutput

func (EndpointMatcherMetadataLabelMatcherResponseOutput) ToEndpointMatcherMetadataLabelMatcherResponseOutputWithContext 

func (o EndpointMatcherMetadataLabelMatcherResponseOutput) ToEndpointMatcherMetadataLabelMatcherResponseOutputWithContext(ctx context.Context) EndpointMatcherMetadataLabelMatcherResponseOutput

type EndpointMatcherOutput 

type EndpointMatcherOutput struct{ *pulumi.OutputState }

A definition of a matcher that selects endpoints to which the policies should be applied.

func (EndpointMatcherOutput) ElementType 

func (EndpointMatcherOutput) ElementType() reflect.Type

func (EndpointMatcherOutput) MetadataLabelMatcher 

func (o EndpointMatcherOutput) MetadataLabelMatcher() EndpointMatcherMetadataLabelMatcherPtrOutput

The matcher is based on node metadata presented by xDS clients.

func (EndpointMatcherOutput) ToEndpointMatcherOutput 

func (o EndpointMatcherOutput) ToEndpointMatcherOutput() EndpointMatcherOutput

func (EndpointMatcherOutput) ToEndpointMatcherOutputWithContext 

func (o EndpointMatcherOutput) ToEndpointMatcherOutputWithContext(ctx context.Context) EndpointMatcherOutput

type EndpointMatcherResponse 

type EndpointMatcherResponse struct {
	// The matcher is based on node metadata presented by xDS clients.
	MetadataLabelMatcher EndpointMatcherMetadataLabelMatcherResponse `pulumi:"metadataLabelMatcher"`
}

A definition of a matcher that selects endpoints to which the policies should be applied.

type EndpointMatcherResponseOutput 

type EndpointMatcherResponseOutput struct{ *pulumi.OutputState }

A definition of a matcher that selects endpoints to which the policies should be applied.

func (EndpointMatcherResponseOutput) ElementType 

func (EndpointMatcherResponseOutput) ElementType() reflect.Type

func (EndpointMatcherResponseOutput) MetadataLabelMatcher 

func (o EndpointMatcherResponseOutput) MetadataLabelMatcher() EndpointMatcherMetadataLabelMatcherResponseOutput

The matcher is based on node metadata presented by xDS clients.

func (EndpointMatcherResponseOutput) ToEndpointMatcherResponseOutput 

func (o EndpointMatcherResponseOutput) ToEndpointMatcherResponseOutput() EndpointMatcherResponseOutput

func (EndpointMatcherResponseOutput) ToEndpointMatcherResponseOutputWithContext 

func (o EndpointMatcherResponseOutput) ToEndpointMatcherResponseOutputWithContext(ctx context.Context) EndpointMatcherResponseOutput

type EndpointPolicy 

type EndpointPolicy struct {
	pulumi.CustomResourceState

	// Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
	AuthorizationPolicy pulumi.StringOutput `pulumi:"authorizationPolicy"`
	// Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
	ClientTlsPolicy pulumi.StringOutput `pulumi:"clientTlsPolicy"`
	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Optional. A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringOutput `pulumi:"description"`
	// A matcher that selects endpoints to which the policies should be applied.
	EndpointMatcher EndpointMatcherResponseOutput `pulumi:"endpointMatcher"`
	// Optional. Set of label tags associated with the EndpointPolicy resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// Name of the EndpointPolicy resource. It matches pattern `projects/{project}/locations/global/endpointPolicies/{endpoint_policy}`.
	Name pulumi.StringOutput `pulumi:"name"`
	// Optional. A URL referring to ServerTlsPolicy resource. ServerTlsPolicy is used to determine the authentication policy to be applied to terminate the inbound traffic at the identified backends. If this field is not set, authentication is disabled(open) for this endpoint.
	ServerTlsPolicy pulumi.StringOutput `pulumi:"serverTlsPolicy"`
	// Optional. Port selector for the (matched) endpoints. If no port selector is provided, the matched config is applied to all ports.
	TrafficPortSelector TrafficPortSelectorResponseOutput `pulumi:"trafficPortSelector"`
	// The type of endpoint policy. This is primarily used to validate the configuration.
	Type pulumi.StringOutput `pulumi:"type"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Creates a new EndpointPolicy in a given project and location.

func GetEndpointPolicy 

func GetEndpointPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *EndpointPolicyState, opts ...pulumi.ResourceOption) (*EndpointPolicy, error)

GetEndpointPolicy gets an existing EndpointPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewEndpointPolicy 

func NewEndpointPolicy(ctx *pulumi.Context,
	name string, args *EndpointPolicyArgs, opts ...pulumi.ResourceOption) (*EndpointPolicy, error)

NewEndpointPolicy registers a new resource with the given unique name, arguments, and options.

func (*EndpointPolicy) ElementType 

func (*EndpointPolicy) ElementType() reflect.Type

func (*EndpointPolicy) ToEndpointPolicyOutput 

func (i *EndpointPolicy) ToEndpointPolicyOutput() EndpointPolicyOutput

func (*EndpointPolicy) ToEndpointPolicyOutputWithContext 

func (i *EndpointPolicy) ToEndpointPolicyOutputWithContext(ctx context.Context) EndpointPolicyOutput

type EndpointPolicyArgs 

type EndpointPolicyArgs struct {
	// Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
	AuthorizationPolicy pulumi.StringPtrInput
	// Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
	ClientTlsPolicy pulumi.StringPtrInput
	// Optional. A free-text description of the resource. Max length 1024 characters.
	Description pulumi.StringPtrInput
	// A matcher that selects endpoints to which the policies should be applied.
	EndpointMatcher EndpointMatcherInput
	// Required. Short name of the EndpointPolicy resource to be created. E.g. "CustomECS".
	EndpointPolicyId pulumi.StringInput
	// Optional. Set of label tags associated with the EndpointPolicy resource.
	Labels   pulumi.StringMapInput
	Location pulumi.StringPtrInput
	// Name of the EndpointPolicy resource. It matches pattern `projects/{project}/locations/global/endpointPolicies/{endpoint_policy}`.
	Name    pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// Optional. A URL referring to ServerTlsPolicy resource. ServerTlsPolicy is used to determine the authentication policy to be applied to terminate the inbound traffic at the identified backends. If this field is not set, authentication is disabled(open) for this endpoint.
	ServerTlsPolicy pulumi.StringPtrInput
	// Optional. Port selector for the (matched) endpoints. If no port selector is provided, the matched config is applied to all ports.
	TrafficPortSelector TrafficPortSelectorPtrInput
	// The type of endpoint policy. This is primarily used to validate the configuration.
	Type EndpointPolicyTypeInput
}

The set of arguments for constructing a EndpointPolicy resource.

func (EndpointPolicyArgs) ElementType 

func (EndpointPolicyArgs) ElementType() reflect.Type

type EndpointPolicyIamPolicy 

type EndpointPolicyIamPolicy struct {
	pulumi.CustomResourceState

	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings BindingResponseArrayOutput `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetEndpointPolicyIamPolicy 

func GetEndpointPolicyIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *EndpointPolicyIamPolicyState, opts ...pulumi.ResourceOption) (*EndpointPolicyIamPolicy, error)

GetEndpointPolicyIamPolicy gets an existing EndpointPolicyIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewEndpointPolicyIamPolicy 

func NewEndpointPolicyIamPolicy(ctx *pulumi.Context,
	name string, args *EndpointPolicyIamPolicyArgs, opts ...pulumi.ResourceOption) (*EndpointPolicyIamPolicy, error)

NewEndpointPolicyIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*EndpointPolicyIamPolicy) ElementType 

func (*EndpointPolicyIamPolicy) ElementType() reflect.Type

func (*EndpointPolicyIamPolicy) ToEndpointPolicyIamPolicyOutput 

func (i *EndpointPolicyIamPolicy) ToEndpointPolicyIamPolicyOutput() EndpointPolicyIamPolicyOutput

func (*EndpointPolicyIamPolicy) ToEndpointPolicyIamPolicyOutputWithContext 

func (i *EndpointPolicyIamPolicy) ToEndpointPolicyIamPolicyOutputWithContext(ctx context.Context) EndpointPolicyIamPolicyOutput

type EndpointPolicyIamPolicyArgs 

type EndpointPolicyIamPolicyArgs struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigArrayInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings         BindingArrayInput
	EndpointPolicyId pulumi.StringInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringPtrInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a EndpointPolicyIamPolicy resource.

func (EndpointPolicyIamPolicyArgs) ElementType 

func (EndpointPolicyIamPolicyArgs) ElementType() reflect.Type

type EndpointPolicyIamPolicyInput 

type EndpointPolicyIamPolicyInput interface {
	pulumi.Input

	ToEndpointPolicyIamPolicyOutput() EndpointPolicyIamPolicyOutput
	ToEndpointPolicyIamPolicyOutputWithContext(ctx context.Context) EndpointPolicyIamPolicyOutput
}

type EndpointPolicyIamPolicyOutput 

type EndpointPolicyIamPolicyOutput struct{ *pulumi.OutputState }

func (EndpointPolicyIamPolicyOutput) ElementType 

func (EndpointPolicyIamPolicyOutput) ElementType() reflect.Type

func (EndpointPolicyIamPolicyOutput) ToEndpointPolicyIamPolicyOutput 

func (o EndpointPolicyIamPolicyOutput) ToEndpointPolicyIamPolicyOutput() EndpointPolicyIamPolicyOutput

func (EndpointPolicyIamPolicyOutput) ToEndpointPolicyIamPolicyOutputWithContext 

func (o EndpointPolicyIamPolicyOutput) ToEndpointPolicyIamPolicyOutputWithContext(ctx context.Context) EndpointPolicyIamPolicyOutput

type EndpointPolicyIamPolicyState 

type EndpointPolicyIamPolicyState struct {
}

func (EndpointPolicyIamPolicyState) ElementType 

func (EndpointPolicyIamPolicyState) ElementType() reflect.Type

type EndpointPolicyInput 

type EndpointPolicyInput interface {
	pulumi.Input

	ToEndpointPolicyOutput() EndpointPolicyOutput
	ToEndpointPolicyOutputWithContext(ctx context.Context) EndpointPolicyOutput
}

type EndpointPolicyOutput 

type EndpointPolicyOutput struct{ *pulumi.OutputState }

func (EndpointPolicyOutput) ElementType 

func (EndpointPolicyOutput) ElementType() reflect.Type

func (EndpointPolicyOutput) ToEndpointPolicyOutput 

func (o EndpointPolicyOutput) ToEndpointPolicyOutput() EndpointPolicyOutput

func (EndpointPolicyOutput) ToEndpointPolicyOutputWithContext 

func (o EndpointPolicyOutput) ToEndpointPolicyOutputWithContext(ctx context.Context) EndpointPolicyOutput

type EndpointPolicyState 

type EndpointPolicyState struct {
}

func (EndpointPolicyState) ElementType 

func (EndpointPolicyState) ElementType() reflect.Type

type EndpointPolicyType 

type EndpointPolicyType string

Required. The type of endpoint policy. This is primarily used to validate the configuration.

func (EndpointPolicyType) ElementType 

func (EndpointPolicyType) ElementType() reflect.Type

func (EndpointPolicyType) ToEndpointPolicyTypeOutput 

func (e EndpointPolicyType) ToEndpointPolicyTypeOutput() EndpointPolicyTypeOutput

func (EndpointPolicyType) ToEndpointPolicyTypeOutputWithContext 

func (e EndpointPolicyType) ToEndpointPolicyTypeOutputWithContext(ctx context.Context) EndpointPolicyTypeOutput

func (EndpointPolicyType) ToEndpointPolicyTypePtrOutput 

func (e EndpointPolicyType) ToEndpointPolicyTypePtrOutput() EndpointPolicyTypePtrOutput

func (EndpointPolicyType) ToEndpointPolicyTypePtrOutputWithContext 

func (e EndpointPolicyType) ToEndpointPolicyTypePtrOutputWithContext(ctx context.Context) EndpointPolicyTypePtrOutput

func (EndpointPolicyType) ToStringOutput 

func (e EndpointPolicyType) ToStringOutput() pulumi.StringOutput

func (EndpointPolicyType) ToStringOutputWithContext 

func (e EndpointPolicyType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (EndpointPolicyType) ToStringPtrOutput 

func (e EndpointPolicyType) ToStringPtrOutput() pulumi.StringPtrOutput

func (EndpointPolicyType) ToStringPtrOutputWithContext 

func (e EndpointPolicyType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EndpointPolicyTypeInput 

type EndpointPolicyTypeInput interface {
	pulumi.Input

	ToEndpointPolicyTypeOutput() EndpointPolicyTypeOutput
	ToEndpointPolicyTypeOutputWithContext(context.Context) EndpointPolicyTypeOutput
}

EndpointPolicyTypeInput is an input type that accepts EndpointPolicyTypeArgs and EndpointPolicyTypeOutput values. You can construct a concrete instance of `EndpointPolicyTypeInput` via: 

EndpointPolicyTypeArgs{...}

type EndpointPolicyTypeOutput 

type EndpointPolicyTypeOutput struct{ *pulumi.OutputState }

func (EndpointPolicyTypeOutput) ElementType 

func (EndpointPolicyTypeOutput) ElementType() reflect.Type

func (EndpointPolicyTypeOutput) ToEndpointPolicyTypeOutput 

func (o EndpointPolicyTypeOutput) ToEndpointPolicyTypeOutput() EndpointPolicyTypeOutput

func (EndpointPolicyTypeOutput) ToEndpointPolicyTypeOutputWithContext 

func (o EndpointPolicyTypeOutput) ToEndpointPolicyTypeOutputWithContext(ctx context.Context) EndpointPolicyTypeOutput

func (EndpointPolicyTypeOutput) ToEndpointPolicyTypePtrOutput 

func (o EndpointPolicyTypeOutput) ToEndpointPolicyTypePtrOutput() EndpointPolicyTypePtrOutput

func (EndpointPolicyTypeOutput) ToEndpointPolicyTypePtrOutputWithContext 

func (o EndpointPolicyTypeOutput) ToEndpointPolicyTypePtrOutputWithContext(ctx context.Context) EndpointPolicyTypePtrOutput

func (EndpointPolicyTypeOutput) ToStringOutput 

func (o EndpointPolicyTypeOutput) ToStringOutput() pulumi.StringOutput

func (EndpointPolicyTypeOutput) ToStringOutputWithContext 

func (o EndpointPolicyTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (EndpointPolicyTypeOutput) ToStringPtrOutput 

func (o EndpointPolicyTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (EndpointPolicyTypeOutput) ToStringPtrOutputWithContext 

func (o EndpointPolicyTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EndpointPolicyTypePtrInput 

type EndpointPolicyTypePtrInput interface {
	pulumi.Input

	ToEndpointPolicyTypePtrOutput() EndpointPolicyTypePtrOutput
	ToEndpointPolicyTypePtrOutputWithContext(context.Context) EndpointPolicyTypePtrOutput
}

func EndpointPolicyTypePtr 

func EndpointPolicyTypePtr(v string) EndpointPolicyTypePtrInput

type EndpointPolicyTypePtrOutput 

type EndpointPolicyTypePtrOutput struct{ *pulumi.OutputState }

func (EndpointPolicyTypePtrOutput) Elem 

func (o EndpointPolicyTypePtrOutput) Elem() EndpointPolicyTypeOutput

func (EndpointPolicyTypePtrOutput) ElementType 

func (EndpointPolicyTypePtrOutput) ElementType() reflect.Type

func (EndpointPolicyTypePtrOutput) ToEndpointPolicyTypePtrOutput 

func (o EndpointPolicyTypePtrOutput) ToEndpointPolicyTypePtrOutput() EndpointPolicyTypePtrOutput

func (EndpointPolicyTypePtrOutput) ToEndpointPolicyTypePtrOutputWithContext 

func (o EndpointPolicyTypePtrOutput) ToEndpointPolicyTypePtrOutputWithContext(ctx context.Context) EndpointPolicyTypePtrOutput

func (EndpointPolicyTypePtrOutput) ToStringPtrOutput 

func (o EndpointPolicyTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (EndpointPolicyTypePtrOutput) ToStringPtrOutputWithContext 

func (o EndpointPolicyTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type Expr 

type Expr struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression *string `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location *string `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title *string `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

type ExprArgs 

type ExprArgs struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringPtrInput `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location pulumi.StringPtrInput `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title pulumi.StringPtrInput `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprArgs) ElementType 

func (ExprArgs) ElementType() reflect.Type

func (ExprArgs) ToExprOutput 

func (i ExprArgs) ToExprOutput() ExprOutput

func (ExprArgs) ToExprOutputWithContext 

func (i ExprArgs) ToExprOutputWithContext(ctx context.Context) ExprOutput

func (ExprArgs) ToExprPtrOutput 

func (i ExprArgs) ToExprPtrOutput() ExprPtrOutput

func (ExprArgs) ToExprPtrOutputWithContext 

func (i ExprArgs) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprInput 

type ExprInput interface {
	pulumi.Input

	ToExprOutput() ExprOutput
	ToExprOutputWithContext(context.Context) ExprOutput
}

ExprInput is an input type that accepts ExprArgs and ExprOutput values. You can construct a concrete instance of `ExprInput` via: 

ExprArgs{...}

type ExprOutput 

type ExprOutput struct{ *pulumi.OutputState }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprOutput) Description 

func (o ExprOutput) Description() pulumi.StringPtrOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprOutput) ElementType 

func (ExprOutput) ElementType() reflect.Type

func (ExprOutput) Expression 

func (o ExprOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprOutput) Location 

func (o ExprOutput) Location() pulumi.StringPtrOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprOutput) Title 

func (o ExprOutput) Title() pulumi.StringPtrOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprOutput) ToExprOutput 

func (o ExprOutput) ToExprOutput() ExprOutput

func (ExprOutput) ToExprOutputWithContext 

func (o ExprOutput) ToExprOutputWithContext(ctx context.Context) ExprOutput

func (ExprOutput) ToExprPtrOutput 

func (o ExprOutput) ToExprPtrOutput() ExprPtrOutput

func (ExprOutput) ToExprPtrOutputWithContext 

func (o ExprOutput) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprPtrInput 

type ExprPtrInput interface {
	pulumi.Input

	ToExprPtrOutput() ExprPtrOutput
	ToExprPtrOutputWithContext(context.Context) ExprPtrOutput
}

ExprPtrInput is an input type that accepts ExprArgs, ExprPtr and ExprPtrOutput values. You can construct a concrete instance of `ExprPtrInput` via: 

        ExprArgs{...}

or:

        nil

func ExprPtr 

func ExprPtr(v *ExprArgs) ExprPtrInput

type ExprPtrOutput 

type ExprPtrOutput struct{ *pulumi.OutputState }

func (ExprPtrOutput) Description 

func (o ExprPtrOutput) Description() pulumi.StringPtrOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprPtrOutput) Elem 

func (o ExprPtrOutput) Elem() ExprOutput

func (ExprPtrOutput) ElementType 

func (ExprPtrOutput) ElementType() reflect.Type

func (ExprPtrOutput) Expression 

func (o ExprPtrOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprPtrOutput) Location 

func (o ExprPtrOutput) Location() pulumi.StringPtrOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprPtrOutput) Title 

func (o ExprPtrOutput) Title() pulumi.StringPtrOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprPtrOutput) ToExprPtrOutput 

func (o ExprPtrOutput) ToExprPtrOutput() ExprPtrOutput

func (ExprPtrOutput) ToExprPtrOutputWithContext 

func (o ExprPtrOutput) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprResponse 

type ExprResponse struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location string `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title string `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

type ExprResponseOutput 

type ExprResponseOutput struct{ *pulumi.OutputState }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprResponseOutput) Description 

func (o ExprResponseOutput) Description() pulumi.StringOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprResponseOutput) ElementType 

func (ExprResponseOutput) ElementType() reflect.Type

func (ExprResponseOutput) Expression 

func (o ExprResponseOutput) Expression() pulumi.StringOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprResponseOutput) Location 

func (o ExprResponseOutput) Location() pulumi.StringOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprResponseOutput) Title 

func (o ExprResponseOutput) Title() pulumi.StringOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprResponseOutput) ToExprResponseOutput 

func (o ExprResponseOutput) ToExprResponseOutput() ExprResponseOutput

func (ExprResponseOutput) ToExprResponseOutputWithContext 

func (o ExprResponseOutput) ToExprResponseOutputWithContext(ctx context.Context) ExprResponseOutput

type LookupEdgeCacheKeysetIamPolicyArgs 

type LookupEdgeCacheKeysetIamPolicyArgs struct {
	EdgeCacheKeysetId             string  `pulumi:"edgeCacheKeysetId"`
	Location                      string  `pulumi:"location"`
	OptionsRequestedPolicyVersion *string `pulumi:"optionsRequestedPolicyVersion"`
	Project                       *string `pulumi:"project"`
}

type LookupEdgeCacheKeysetIamPolicyOutputArgs 

type LookupEdgeCacheKeysetIamPolicyOutputArgs struct {
	EdgeCacheKeysetId             pulumi.StringInput    `pulumi:"edgeCacheKeysetId"`
	Location                      pulumi.StringInput    `pulumi:"location"`
	OptionsRequestedPolicyVersion pulumi.StringPtrInput `pulumi:"optionsRequestedPolicyVersion"`
	Project                       pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupEdgeCacheKeysetIamPolicyOutputArgs) ElementType 

func (LookupEdgeCacheKeysetIamPolicyOutputArgs) ElementType() reflect.Type

type LookupEdgeCacheKeysetIamPolicyResult 

type LookupEdgeCacheKeysetIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupEdgeCacheKeysetIamPolicy 

func LookupEdgeCacheKeysetIamPolicy(ctx *pulumi.Context, args *LookupEdgeCacheKeysetIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupEdgeCacheKeysetIamPolicyResult, error)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

type LookupEdgeCacheKeysetIamPolicyResultOutput 

type LookupEdgeCacheKeysetIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupEdgeCacheKeysetIamPolicyOutput 

func LookupEdgeCacheKeysetIamPolicyOutput(ctx *pulumi.Context, args LookupEdgeCacheKeysetIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupEdgeCacheKeysetIamPolicyResultOutput

func (LookupEdgeCacheKeysetIamPolicyResultOutput) AuditConfigs 

func (o LookupEdgeCacheKeysetIamPolicyResultOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupEdgeCacheKeysetIamPolicyResultOutput) Bindings 

func (o LookupEdgeCacheKeysetIamPolicyResultOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupEdgeCacheKeysetIamPolicyResultOutput) ElementType 

func (LookupEdgeCacheKeysetIamPolicyResultOutput) ElementType() reflect.Type

func (LookupEdgeCacheKeysetIamPolicyResultOutput) Etag 

func (o LookupEdgeCacheKeysetIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupEdgeCacheKeysetIamPolicyResultOutput) ToLookupEdgeCacheKeysetIamPolicyResultOutput 

func (o LookupEdgeCacheKeysetIamPolicyResultOutput) ToLookupEdgeCacheKeysetIamPolicyResultOutput() LookupEdgeCacheKeysetIamPolicyResultOutput

func (LookupEdgeCacheKeysetIamPolicyResultOutput) ToLookupEdgeCacheKeysetIamPolicyResultOutputWithContext 

func (o LookupEdgeCacheKeysetIamPolicyResultOutput) ToLookupEdgeCacheKeysetIamPolicyResultOutputWithContext(ctx context.Context) LookupEdgeCacheKeysetIamPolicyResultOutput

func (LookupEdgeCacheKeysetIamPolicyResultOutput) Version 

func (o LookupEdgeCacheKeysetIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupEdgeCacheOriginIamPolicyArgs 

type LookupEdgeCacheOriginIamPolicyArgs struct {
	EdgeCacheOriginId             string  `pulumi:"edgeCacheOriginId"`
	Location                      string  `pulumi:"location"`
	OptionsRequestedPolicyVersion *string `pulumi:"optionsRequestedPolicyVersion"`
	Project                       *string `pulumi:"project"`
}

type LookupEdgeCacheOriginIamPolicyOutputArgs 

type LookupEdgeCacheOriginIamPolicyOutputArgs struct {
	EdgeCacheOriginId             pulumi.StringInput    `pulumi:"edgeCacheOriginId"`
	Location                      pulumi.StringInput    `pulumi:"location"`
	OptionsRequestedPolicyVersion pulumi.StringPtrInput `pulumi:"optionsRequestedPolicyVersion"`
	Project                       pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupEdgeCacheOriginIamPolicyOutputArgs) ElementType 

func (LookupEdgeCacheOriginIamPolicyOutputArgs) ElementType() reflect.Type

type LookupEdgeCacheOriginIamPolicyResult 

type LookupEdgeCacheOriginIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupEdgeCacheOriginIamPolicy 

func LookupEdgeCacheOriginIamPolicy(ctx *pulumi.Context, args *LookupEdgeCacheOriginIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupEdgeCacheOriginIamPolicyResult, error)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

type LookupEdgeCacheOriginIamPolicyResultOutput 

type LookupEdgeCacheOriginIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupEdgeCacheOriginIamPolicyOutput 

func LookupEdgeCacheOriginIamPolicyOutput(ctx *pulumi.Context, args LookupEdgeCacheOriginIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupEdgeCacheOriginIamPolicyResultOutput

func (LookupEdgeCacheOriginIamPolicyResultOutput) AuditConfigs 

func (o LookupEdgeCacheOriginIamPolicyResultOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupEdgeCacheOriginIamPolicyResultOutput) Bindings 

func (o LookupEdgeCacheOriginIamPolicyResultOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupEdgeCacheOriginIamPolicyResultOutput) ElementType 

func (LookupEdgeCacheOriginIamPolicyResultOutput) ElementType() reflect.Type

func (LookupEdgeCacheOriginIamPolicyResultOutput) Etag 

func (o LookupEdgeCacheOriginIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupEdgeCacheOriginIamPolicyResultOutput) ToLookupEdgeCacheOriginIamPolicyResultOutput 

func (o LookupEdgeCacheOriginIamPolicyResultOutput) ToLookupEdgeCacheOriginIamPolicyResultOutput() LookupEdgeCacheOriginIamPolicyResultOutput

func (LookupEdgeCacheOriginIamPolicyResultOutput) ToLookupEdgeCacheOriginIamPolicyResultOutputWithContext 

func (o LookupEdgeCacheOriginIamPolicyResultOutput) ToLookupEdgeCacheOriginIamPolicyResultOutputWithContext(ctx context.Context) LookupEdgeCacheOriginIamPolicyResultOutput

func (LookupEdgeCacheOriginIamPolicyResultOutput) Version 

func (o LookupEdgeCacheOriginIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupEdgeCacheServiceIamPolicyArgs 

type LookupEdgeCacheServiceIamPolicyArgs struct {
	EdgeCacheServiceId            string  `pulumi:"edgeCacheServiceId"`
	Location                      string  `pulumi:"location"`
	OptionsRequestedPolicyVersion *string `pulumi:"optionsRequestedPolicyVersion"`
	Project                       *string `pulumi:"project"`
}

type LookupEdgeCacheServiceIamPolicyOutputArgs 

type LookupEdgeCacheServiceIamPolicyOutputArgs struct {
	EdgeCacheServiceId            pulumi.StringInput    `pulumi:"edgeCacheServiceId"`
	Location                      pulumi.StringInput    `pulumi:"location"`
	OptionsRequestedPolicyVersion pulumi.StringPtrInput `pulumi:"optionsRequestedPolicyVersion"`
	Project                       pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupEdgeCacheServiceIamPolicyOutputArgs) ElementType 

func (LookupEdgeCacheServiceIamPolicyOutputArgs) ElementType() reflect.Type

type LookupEdgeCacheServiceIamPolicyResult 

type LookupEdgeCacheServiceIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupEdgeCacheServiceIamPolicy 

func LookupEdgeCacheServiceIamPolicy(ctx *pulumi.Context, args *LookupEdgeCacheServiceIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupEdgeCacheServiceIamPolicyResult, error)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

type LookupEdgeCacheServiceIamPolicyResultOutput 

type LookupEdgeCacheServiceIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupEdgeCacheServiceIamPolicyOutput 

func LookupEdgeCacheServiceIamPolicyOutput(ctx *pulumi.Context, args LookupEdgeCacheServiceIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupEdgeCacheServiceIamPolicyResultOutput

func (LookupEdgeCacheServiceIamPolicyResultOutput) AuditConfigs 

func (o LookupEdgeCacheServiceIamPolicyResultOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupEdgeCacheServiceIamPolicyResultOutput) Bindings 

func (o LookupEdgeCacheServiceIamPolicyResultOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupEdgeCacheServiceIamPolicyResultOutput) ElementType 

func (LookupEdgeCacheServiceIamPolicyResultOutput) ElementType() reflect.Type

func (LookupEdgeCacheServiceIamPolicyResultOutput) Etag 

func (o LookupEdgeCacheServiceIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupEdgeCacheServiceIamPolicyResultOutput) ToLookupEdgeCacheServiceIamPolicyResultOutput 

func (o LookupEdgeCacheServiceIamPolicyResultOutput) ToLookupEdgeCacheServiceIamPolicyResultOutput() LookupEdgeCacheServiceIamPolicyResultOutput

func (LookupEdgeCacheServiceIamPolicyResultOutput) ToLookupEdgeCacheServiceIamPolicyResultOutputWithContext 

func (o LookupEdgeCacheServiceIamPolicyResultOutput) ToLookupEdgeCacheServiceIamPolicyResultOutputWithContext(ctx context.Context) LookupEdgeCacheServiceIamPolicyResultOutput

func (LookupEdgeCacheServiceIamPolicyResultOutput) Version 

func (o LookupEdgeCacheServiceIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupEndpointPolicyArgs 

type LookupEndpointPolicyArgs struct {
	EndpointPolicyId string  `pulumi:"endpointPolicyId"`
	Location         string  `pulumi:"location"`
	Project          *string `pulumi:"project"`
}

type LookupEndpointPolicyIamPolicyArgs 

type LookupEndpointPolicyIamPolicyArgs struct {
	EndpointPolicyId              string  `pulumi:"endpointPolicyId"`
	Location                      string  `pulumi:"location"`
	OptionsRequestedPolicyVersion *string `pulumi:"optionsRequestedPolicyVersion"`
	Project                       *string `pulumi:"project"`
}

type LookupEndpointPolicyIamPolicyOutputArgs 

type LookupEndpointPolicyIamPolicyOutputArgs struct {
	EndpointPolicyId              pulumi.StringInput    `pulumi:"endpointPolicyId"`
	Location                      pulumi.StringInput    `pulumi:"location"`
	OptionsRequestedPolicyVersion pulumi.StringPtrInput `pulumi:"optionsRequestedPolicyVersion"`
	Project                       pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupEndpointPolicyIamPolicyOutputArgs) ElementType 

func (LookupEndpointPolicyIamPolicyOutputArgs) ElementType() reflect.Type

type LookupEndpointPolicyIamPolicyResult 

type LookupEndpointPolicyIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupEndpointPolicyIamPolicy 

func LookupEndpointPolicyIamPolicy(ctx *pulumi.Context, args *LookupEndpointPolicyIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupEndpointPolicyIamPolicyResult, error)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

type LookupEndpointPolicyIamPolicyResultOutput 

type LookupEndpointPolicyIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupEndpointPolicyIamPolicyOutput 

func LookupEndpointPolicyIamPolicyOutput(ctx *pulumi.Context, args LookupEndpointPolicyIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupEndpointPolicyIamPolicyResultOutput

func (LookupEndpointPolicyIamPolicyResultOutput) AuditConfigs 

func (o LookupEndpointPolicyIamPolicyResultOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupEndpointPolicyIamPolicyResultOutput) Bindings 

func (o LookupEndpointPolicyIamPolicyResultOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupEndpointPolicyIamPolicyResultOutput) ElementType 

func (LookupEndpointPolicyIamPolicyResultOutput) ElementType() reflect.Type

func (LookupEndpointPolicyIamPolicyResultOutput) Etag 

func (o LookupEndpointPolicyIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupEndpointPolicyIamPolicyResultOutput) ToLookupEndpointPolicyIamPolicyResultOutput 

func (o LookupEndpointPolicyIamPolicyResultOutput) ToLookupEndpointPolicyIamPolicyResultOutput() LookupEndpointPolicyIamPolicyResultOutput

func (LookupEndpointPolicyIamPolicyResultOutput) ToLookupEndpointPolicyIamPolicyResultOutputWithContext 

func (o LookupEndpointPolicyIamPolicyResultOutput) ToLookupEndpointPolicyIamPolicyResultOutputWithContext(ctx context.Context) LookupEndpointPolicyIamPolicyResultOutput

func (LookupEndpointPolicyIamPolicyResultOutput) Version 

func (o LookupEndpointPolicyIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupEndpointPolicyOutputArgs 

type LookupEndpointPolicyOutputArgs struct {
	EndpointPolicyId pulumi.StringInput    `pulumi:"endpointPolicyId"`
	Location         pulumi.StringInput    `pulumi:"location"`
	Project          pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupEndpointPolicyOutputArgs) ElementType 

func (LookupEndpointPolicyOutputArgs) ElementType() reflect.Type

type LookupEndpointPolicyResult 

type LookupEndpointPolicyResult struct {
	// Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
	AuthorizationPolicy string `pulumi:"authorizationPolicy"`
	// Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
	ClientTlsPolicy string `pulumi:"clientTlsPolicy"`
	// The timestamp when the resource was created.
	CreateTime string `pulumi:"createTime"`
	// Optional. A free-text description of the resource. Max length 1024 characters.
	Description string `pulumi:"description"`
	// A matcher that selects endpoints to which the policies should be applied.
	EndpointMatcher EndpointMatcherResponse `pulumi:"endpointMatcher"`
	// Optional. Set of label tags associated with the EndpointPolicy resource.
	Labels map[string]string `pulumi:"labels"`
	// Name of the EndpointPolicy resource. It matches pattern `projects/{project}/locations/global/endpointPolicies/{endpoint_policy}`.
	Name string `pulumi:"name"`
	// Optional. A URL referring to ServerTlsPolicy resource. ServerTlsPolicy is used to determine the authentication policy to be applied to terminate the inbound traffic at the identified backends. If this field is not set, authentication is disabled(open) for this endpoint.
	ServerTlsPolicy string `pulumi:"serverTlsPolicy"`
	// Optional. Port selector for the (matched) endpoints. If no port selector is provided, the matched config is applied to all ports.
	TrafficPortSelector TrafficPortSelectorResponse `pulumi:"trafficPortSelector"`
	// The type of endpoint policy. This is primarily used to validate the configuration.
	Type string `pulumi:"type"`
	// The timestamp when the resource was updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupEndpointPolicy 

func LookupEndpointPolicy(ctx *pulumi.Context, args *LookupEndpointPolicyArgs, opts ...pulumi.InvokeOption) (*LookupEndpointPolicyResult, error)

Gets details of a single EndpointPolicy.

type LookupEndpointPolicyResultOutput 

type LookupEndpointPolicyResultOutput struct{ *pulumi.OutputState }

func LookupEndpointPolicyOutput 

func LookupEndpointPolicyOutput(ctx *pulumi.Context, args LookupEndpointPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupEndpointPolicyResultOutput

func (LookupEndpointPolicyResultOutput) AuthorizationPolicy 

func (o LookupEndpointPolicyResultOutput) AuthorizationPolicy() pulumi.StringOutput

Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.

func (LookupEndpointPolicyResultOutput) ClientTlsPolicy 

func (o LookupEndpointPolicyResultOutput) ClientTlsPolicy() pulumi.StringOutput

Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.

func (LookupEndpointPolicyResultOutput) CreateTime 

func (o LookupEndpointPolicyResultOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (LookupEndpointPolicyResultOutput) Description 

func (o LookupEndpointPolicyResultOutput) Description() pulumi.StringOutput

Optional. A free-text description of the resource. Max length 1024 characters.

func (LookupEndpointPolicyResultOutput) ElementType 

func (LookupEndpointPolicyResultOutput) ElementType() reflect.Type

func (LookupEndpointPolicyResultOutput) EndpointMatcher 

func (o LookupEndpointPolicyResultOutput) EndpointMatcher() EndpointMatcherResponseOutput

A matcher that selects endpoints to which the policies should be applied.

func (LookupEndpointPolicyResultOutput) Labels 

func (o LookupEndpointPolicyResultOutput) Labels() pulumi.StringMapOutput

Optional. Set of label tags associated with the EndpointPolicy resource.

func (LookupEndpointPolicyResultOutput) Name 

func (o LookupEndpointPolicyResultOutput) Name() pulumi.StringOutput

Name of the EndpointPolicy resource. It matches pattern `projects/{project}/locations/global/endpointPolicies/{endpoint_policy}`.

func (LookupEndpointPolicyResultOutput) ServerTlsPolicy 

func (o LookupEndpointPolicyResultOutput) ServerTlsPolicy() pulumi.StringOutput

Optional. A URL referring to ServerTlsPolicy resource. ServerTlsPolicy is used to determine the authentication policy to be applied to terminate the inbound traffic at the identified backends. If this field is not set, authentication is disabled(open) for this endpoint.

func (LookupEndpointPolicyResultOutput) ToLookupEndpointPolicyResultOutput 

func (o LookupEndpointPolicyResultOutput) ToLookupEndpointPolicyResultOutput() LookupEndpointPolicyResultOutput

func (LookupEndpointPolicyResultOutput) ToLookupEndpointPolicyResultOutputWithContext 

func (o LookupEndpointPolicyResultOutput) ToLookupEndpointPolicyResultOutputWithContext(ctx context.Context) LookupEndpointPolicyResultOutput

func (LookupEndpointPolicyResultOutput) TrafficPortSelector 

func (o LookupEndpointPolicyResultOutput) TrafficPortSelector() TrafficPortSelectorResponseOutput

Optional. Port selector for the (matched) endpoints. If no port selector is provided, the matched config is applied to all ports.

func (LookupEndpointPolicyResultOutput) Type 

func (o LookupEndpointPolicyResultOutput) Type() pulumi.StringOutput

The type of endpoint policy. This is primarily used to validate the configuration.

func (LookupEndpointPolicyResultOutput) UpdateTime 

func (o LookupEndpointPolicyResultOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type TrafficPortSelector 

type TrafficPortSelector struct {
	// Optional. A list of ports. Can be port numbers or port range (example, [80-90] specifies all ports from 80 to 90, including 80 and 90) or named ports or * to specify all ports. If the list is empty, all ports are selected.
	Ports []string `pulumi:"ports"`
}

Specification of a port-based selector.

type TrafficPortSelectorArgs 

type TrafficPortSelectorArgs struct {
	// Optional. A list of ports. Can be port numbers or port range (example, [80-90] specifies all ports from 80 to 90, including 80 and 90) or named ports or * to specify all ports. If the list is empty, all ports are selected.
	Ports pulumi.StringArrayInput `pulumi:"ports"`
}

Specification of a port-based selector.

func (TrafficPortSelectorArgs) ElementType 

func (TrafficPortSelectorArgs) ElementType() reflect.Type

func (TrafficPortSelectorArgs) ToTrafficPortSelectorOutput 

func (i TrafficPortSelectorArgs) ToTrafficPortSelectorOutput() TrafficPortSelectorOutput

func (TrafficPortSelectorArgs) ToTrafficPortSelectorOutputWithContext 

func (i TrafficPortSelectorArgs) ToTrafficPortSelectorOutputWithContext(ctx context.Context) TrafficPortSelectorOutput

func (TrafficPortSelectorArgs) ToTrafficPortSelectorPtrOutput 

func (i TrafficPortSelectorArgs) ToTrafficPortSelectorPtrOutput() TrafficPortSelectorPtrOutput

func (TrafficPortSelectorArgs) ToTrafficPortSelectorPtrOutputWithContext 

func (i TrafficPortSelectorArgs) ToTrafficPortSelectorPtrOutputWithContext(ctx context.Context) TrafficPortSelectorPtrOutput

type TrafficPortSelectorInput 

type TrafficPortSelectorInput interface {
	pulumi.Input

	ToTrafficPortSelectorOutput() TrafficPortSelectorOutput
	ToTrafficPortSelectorOutputWithContext(context.Context) TrafficPortSelectorOutput
}

TrafficPortSelectorInput is an input type that accepts TrafficPortSelectorArgs and TrafficPortSelectorOutput values. You can construct a concrete instance of `TrafficPortSelectorInput` via: 

TrafficPortSelectorArgs{...}

type TrafficPortSelectorOutput 

type TrafficPortSelectorOutput struct{ *pulumi.OutputState }

Specification of a port-based selector.

func (TrafficPortSelectorOutput) ElementType 

func (TrafficPortSelectorOutput) ElementType() reflect.Type

func (TrafficPortSelectorOutput) Ports 

func (o TrafficPortSelectorOutput) Ports() pulumi.StringArrayOutput

Optional. A list of ports. Can be port numbers or port range (example, [80-90] specifies all ports from 80 to 90, including 80 and 90) or named ports or * to specify all ports. If the list is empty, all ports are selected.

func (TrafficPortSelectorOutput) ToTrafficPortSelectorOutput 

func (o TrafficPortSelectorOutput) ToTrafficPortSelectorOutput() TrafficPortSelectorOutput

func (TrafficPortSelectorOutput) ToTrafficPortSelectorOutputWithContext 

func (o TrafficPortSelectorOutput) ToTrafficPortSelectorOutputWithContext(ctx context.Context) TrafficPortSelectorOutput

func (TrafficPortSelectorOutput) ToTrafficPortSelectorPtrOutput 

func (o TrafficPortSelectorOutput) ToTrafficPortSelectorPtrOutput() TrafficPortSelectorPtrOutput

func (TrafficPortSelectorOutput) ToTrafficPortSelectorPtrOutputWithContext 

func (o TrafficPortSelectorOutput) ToTrafficPortSelectorPtrOutputWithContext(ctx context.Context) TrafficPortSelectorPtrOutput

type TrafficPortSelectorPtrInput 

type TrafficPortSelectorPtrInput interface {
	pulumi.Input

	ToTrafficPortSelectorPtrOutput() TrafficPortSelectorPtrOutput
	ToTrafficPortSelectorPtrOutputWithContext(context.Context) TrafficPortSelectorPtrOutput
}

TrafficPortSelectorPtrInput is an input type that accepts TrafficPortSelectorArgs, TrafficPortSelectorPtr and TrafficPortSelectorPtrOutput values. You can construct a concrete instance of `TrafficPortSelectorPtrInput` via: 

        TrafficPortSelectorArgs{...}

or:

        nil

func TrafficPortSelectorPtr 

func TrafficPortSelectorPtr(v *TrafficPortSelectorArgs) TrafficPortSelectorPtrInput

type TrafficPortSelectorPtrOutput 

type TrafficPortSelectorPtrOutput struct{ *pulumi.OutputState }

func (TrafficPortSelectorPtrOutput) Elem 

func (o TrafficPortSelectorPtrOutput) Elem() TrafficPortSelectorOutput

func (TrafficPortSelectorPtrOutput) ElementType 

func (TrafficPortSelectorPtrOutput) ElementType() reflect.Type

func (TrafficPortSelectorPtrOutput) Ports 

func (o TrafficPortSelectorPtrOutput) Ports() pulumi.StringArrayOutput

Optional. A list of ports. Can be port numbers or port range (example, [80-90] specifies all ports from 80 to 90, including 80 and 90) or named ports or * to specify all ports. If the list is empty, all ports are selected.

func (TrafficPortSelectorPtrOutput) ToTrafficPortSelectorPtrOutput 

func (o TrafficPortSelectorPtrOutput) ToTrafficPortSelectorPtrOutput() TrafficPortSelectorPtrOutput

func (TrafficPortSelectorPtrOutput) ToTrafficPortSelectorPtrOutputWithContext 

func (o TrafficPortSelectorPtrOutput) ToTrafficPortSelectorPtrOutputWithContext(ctx context.Context) TrafficPortSelectorPtrOutput

type TrafficPortSelectorResponse 

type TrafficPortSelectorResponse struct {
	// Optional. A list of ports. Can be port numbers or port range (example, [80-90] specifies all ports from 80 to 90, including 80 and 90) or named ports or * to specify all ports. If the list is empty, all ports are selected.
	Ports []string `pulumi:"ports"`
}

Specification of a port-based selector.

type TrafficPortSelectorResponseOutput 

type TrafficPortSelectorResponseOutput struct{ *pulumi.OutputState }

Specification of a port-based selector.

func (TrafficPortSelectorResponseOutput) ElementType 

func (TrafficPortSelectorResponseOutput) ElementType() reflect.Type

func (TrafficPortSelectorResponseOutput) Ports 

func (o TrafficPortSelectorResponseOutput) Ports() pulumi.StringArrayOutput

Optional. A list of ports. Can be port numbers or port range (example, [80-90] specifies all ports from 80 to 90, including 80 and 90) or named ports or * to specify all ports. If the list is empty, all ports are selected.

func (TrafficPortSelectorResponseOutput) ToTrafficPortSelectorResponseOutput 

func (o TrafficPortSelectorResponseOutput) ToTrafficPortSelectorResponseOutput() TrafficPortSelectorResponseOutput

func (TrafficPortSelectorResponseOutput) ToTrafficPortSelectorResponseOutputWithContext 

func (o TrafficPortSelectorResponseOutput) ToTrafficPortSelectorResponseOutputWithContext(ctx context.Context) TrafficPortSelectorResponseOutput

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.