com.pulumi.azure.storage.kotlin.AccountNetworkRules.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.storage.kotlin
import com.pulumi.azure.storage.kotlin.outputs.AccountNetworkRulesPrivateLinkAccessRule
import com.pulumi.azure.storage.kotlin.outputs.AccountNetworkRulesPrivateLinkAccessRule.Companion.toKotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
/**
* Builder for [AccountNetworkRules].
*/
@PulumiTagMarker
public class AccountNetworkRulesResourceBuilder internal constructor() {
public var name: String? = null
public var args: AccountNetworkRulesArgs = AccountNetworkRulesArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend AccountNetworkRulesArgsBuilder.() -> Unit) {
val builder = AccountNetworkRulesArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): AccountNetworkRules {
val builtJavaResource = com.pulumi.azure.storage.AccountNetworkRules(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return AccountNetworkRules(builtJavaResource)
}
}
/**
* Manages network rules inside of a Azure Storage Account.
* > **NOTE:** Network Rules can be defined either directly on the `azure.storage.Account` resource, or using the `azure.storage.AccountNetworkRules` resource - but the two cannot be used together. Spurious changes will occur if both are used against the same Storage Account.
* > **NOTE:** Only one `azure.storage.AccountNetworkRules` can be tied to an `azure.storage.Account`. Spurious changes will occur if more than `azure.storage.AccountNetworkRules` is tied to the same `azure.storage.Account`.
* > **NOTE:** Deleting this resource updates the storage account back to the default values it had when the storage account was created.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
* name: "example-vnet",
* addressSpaces: ["10.0.0.0/16"],
* location: example.location,
* resourceGroupName: example.name,
* });
* const exampleSubnet = new azure.network.Subnet("example", {
* name: "example-subnet",
* resourceGroupName: example.name,
* virtualNetworkName: exampleVirtualNetwork.name,
* addressPrefixes: ["10.0.2.0/24"],
* serviceEndpoints: ["Microsoft.Storage"],
* });
* const exampleAccount = new azure.storage.Account("example", {
* name: "storageaccountname",
* resourceGroupName: example.name,
* location: example.location,
* accountTier: "Standard",
* accountReplicationType: "GRS",
* tags: {
* environment: "staging",
* },
* });
* const exampleAccountNetworkRules = new azure.storage.AccountNetworkRules("example", {
* storageAccountId: exampleAccount.id,
* defaultAction: "Allow",
* ipRules: ["127.0.0.1"],
* virtualNetworkSubnetIds: [exampleSubnet.id],
* bypasses: ["Metrics"],
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_virtual_network = azure.network.VirtualNetwork("example",
* name="example-vnet",
* address_spaces=["10.0.0.0/16"],
* location=example.location,
* resource_group_name=example.name)
* example_subnet = azure.network.Subnet("example",
* name="example-subnet",
* resource_group_name=example.name,
* virtual_network_name=example_virtual_network.name,
* address_prefixes=["10.0.2.0/24"],
* service_endpoints=["Microsoft.Storage"])
* example_account = azure.storage.Account("example",
* name="storageaccountname",
* resource_group_name=example.name,
* location=example.location,
* account_tier="Standard",
* account_replication_type="GRS",
* tags={
* "environment": "staging",
* })
* example_account_network_rules = azure.storage.AccountNetworkRules("example",
* storage_account_id=example_account.id,
* default_action="Allow",
* ip_rules=["127.0.0.1"],
* virtual_network_subnet_ids=[example_subnet.id],
* bypasses=["Metrics"])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("example", new()
* {
* Name = "example-vnet",
* AddressSpaces = new[]
* {
* "10.0.0.0/16",
* },
* Location = example.Location,
* ResourceGroupName = example.Name,
* });
* var exampleSubnet = new Azure.Network.Subnet("example", new()
* {
* Name = "example-subnet",
* ResourceGroupName = example.Name,
* VirtualNetworkName = exampleVirtualNetwork.Name,
* AddressPrefixes = new[]
* {
* "10.0.2.0/24",
* },
* ServiceEndpoints = new[]
* {
* "Microsoft.Storage",
* },
* });
* var exampleAccount = new Azure.Storage.Account("example", new()
* {
* Name = "storageaccountname",
* ResourceGroupName = example.Name,
* Location = example.Location,
* AccountTier = "Standard",
* AccountReplicationType = "GRS",
* Tags =
* {
* { "environment", "staging" },
* },
* });
* var exampleAccountNetworkRules = new Azure.Storage.AccountNetworkRules("example", new()
* {
* StorageAccountId = exampleAccount.Id,
* DefaultAction = "Allow",
* IpRules = new[]
* {
* "127.0.0.1",
* },
* VirtualNetworkSubnetIds = new[]
* {
* exampleSubnet.Id,
* },
* Bypasses = new[]
* {
* "Metrics",
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "example", &network.VirtualNetworkArgs{
* Name: pulumi.String("example-vnet"),
* AddressSpaces: pulumi.StringArray{
* pulumi.String("10.0.0.0/16"),
* },
* Location: example.Location,
* ResourceGroupName: example.Name,
* })
* if err != nil {
* return err
* }
* exampleSubnet, err := network.NewSubnet(ctx, "example", &network.SubnetArgs{
* Name: pulumi.String("example-subnet"),
* ResourceGroupName: example.Name,
* VirtualNetworkName: exampleVirtualNetwork.Name,
* AddressPrefixes: pulumi.StringArray{
* pulumi.String("10.0.2.0/24"),
* },
* ServiceEndpoints: pulumi.StringArray{
* pulumi.String("Microsoft.Storage"),
* },
* })
* if err != nil {
* return err
* }
* exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
* Name: pulumi.String("storageaccountname"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* AccountTier: pulumi.String("Standard"),
* AccountReplicationType: pulumi.String("GRS"),
* Tags: pulumi.StringMap{
* "environment": pulumi.String("staging"),
* },
* })
* if err != nil {
* return err
* }
* _, err = storage.NewAccountNetworkRules(ctx, "example", &storage.AccountNetworkRulesArgs{
* StorageAccountId: exampleAccount.ID(),
* DefaultAction: pulumi.String("Allow"),
* IpRules: pulumi.StringArray{
* pulumi.String("127.0.0.1"),
* },
* VirtualNetworkSubnetIds: pulumi.StringArray{
* exampleSubnet.ID(),
* },
* Bypasses: pulumi.StringArray{
* pulumi.String("Metrics"),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.network.VirtualNetwork;
* import com.pulumi.azure.network.VirtualNetworkArgs;
* import com.pulumi.azure.network.Subnet;
* import com.pulumi.azure.network.SubnetArgs;
* import com.pulumi.azure.storage.Account;
* import com.pulumi.azure.storage.AccountArgs;
* import com.pulumi.azure.storage.AccountNetworkRules;
* import com.pulumi.azure.storage.AccountNetworkRulesArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
* .name("example-vnet")
* .addressSpaces("10.0.0.0/16")
* .location(example.location())
* .resourceGroupName(example.name())
* .build());
* var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
* .name("example-subnet")
* .resourceGroupName(example.name())
* .virtualNetworkName(exampleVirtualNetwork.name())
* .addressPrefixes("10.0.2.0/24")
* .serviceEndpoints("Microsoft.Storage")
* .build());
* var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
* .name("storageaccountname")
* .resourceGroupName(example.name())
* .location(example.location())
* .accountTier("Standard")
* .accountReplicationType("GRS")
* .tags(Map.of("environment", "staging"))
* .build());
* var exampleAccountNetworkRules = new AccountNetworkRules("exampleAccountNetworkRules", AccountNetworkRulesArgs.builder()
* .storageAccountId(exampleAccount.id())
* .defaultAction("Allow")
* .ipRules("127.0.0.1")
* .virtualNetworkSubnetIds(exampleSubnet.id())
* .bypasses("Metrics")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleVirtualNetwork:
* type: azure:network:VirtualNetwork
* name: example
* properties:
* name: example-vnet
* addressSpaces:
* - 10.0.0.0/16
* location: ${example.location}
* resourceGroupName: ${example.name}
* exampleSubnet:
* type: azure:network:Subnet
* name: example
* properties:
* name: example-subnet
* resourceGroupName: ${example.name}
* virtualNetworkName: ${exampleVirtualNetwork.name}
* addressPrefixes:
* - 10.0.2.0/24
* serviceEndpoints:
* - Microsoft.Storage
* exampleAccount:
* type: azure:storage:Account
* name: example
* properties:
* name: storageaccountname
* resourceGroupName: ${example.name}
* location: ${example.location}
* accountTier: Standard
* accountReplicationType: GRS
* tags:
* environment: staging
* exampleAccountNetworkRules:
* type: azure:storage:AccountNetworkRules
* name: example
* properties:
* storageAccountId: ${exampleAccount.id}
* defaultAction: Allow
* ipRules:
* - 127.0.0.1
* virtualNetworkSubnetIds:
* - ${exampleSubnet.id}
* bypasses:
* - Metrics
* ```
*
* ## Import
* Storage Account Network Rules can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:storage/accountNetworkRules:AccountNetworkRules storageAcc1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Storage/storageAccounts/myaccount
* ```
*/
public class AccountNetworkRules internal constructor(
override val javaResource: com.pulumi.azure.storage.AccountNetworkRules,
) : KotlinCustomResource(javaResource, AccountNetworkRulesMapper) {
/**
* Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of `Logging`, `Metrics`, `AzureServices`, or `None`.
* > **NOTE** User has to explicitly set `bypass` to empty slice (`[]`) to remove it.
*/
public val bypasses: Output>
get() = javaResource.bypasses().applyValue({ args0 -> args0.map({ args0 -> args0 }) })
/**
* Specifies the default action of allow or deny when no other rules match. Valid options are `Deny` or `Allow`.
*/
public val defaultAction: Output
get() = javaResource.defaultAction().applyValue({ args0 -> args0 })
/**
* List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. Private IP address ranges (as defined in [RFC 1918](https://tools.ietf.org/html/rfc1918#section-3)) are not allowed.
* > **NOTE** Small address ranges using "/31" or "/32" prefix sizes are not supported. These ranges should be configured using individual IP address rules without prefix specified.
* > **NOTE** IP network rules have no effect on requests originating from the same Azure region as the storage account. Use Virtual network rules to allow same-region requests. Services deployed in the same region as the storage account use private Azure IP addresses for communication. Thus, you cannot restrict access to specific Azure services based on their public outbound IP address range.
* > **NOTE** User has to explicitly set `ip_rules` to empty slice (`[]`) to remove it.
*/
public val ipRules: Output>
get() = javaResource.ipRules().applyValue({ args0 -> args0.map({ args0 -> args0 }) })
/**
* One or more `private_link_access` block as defined below.
*/
public val privateLinkAccessRules: Output>?
get() = javaResource.privateLinkAccessRules().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0.let({ args0 -> toKotlin(args0) }) })
}).orElse(null)
})
/**
* Specifies the ID of the storage account. Changing this forces a new resource to be created.
*/
public val storageAccountId: Output
get() = javaResource.storageAccountId().applyValue({ args0 -> args0 })
/**
* A list of virtual network subnet ids to secure the storage account.
* > **NOTE** User has to explicitly set `virtual_network_subnet_ids` to empty slice (`[]`) to remove it.
*/
public val virtualNetworkSubnetIds: Output>
get() = javaResource.virtualNetworkSubnetIds().applyValue({ args0 ->
args0.map({ args0 ->
args0
})
})
}
public object AccountNetworkRulesMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.azure.storage.AccountNetworkRules::class == javaResource::class
override fun map(javaResource: Resource): AccountNetworkRules = AccountNetworkRules(
javaResource
as com.pulumi.azure.storage.AccountNetworkRules,
)
}
/**
* @see [AccountNetworkRules].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [AccountNetworkRules].
*/
public suspend fun accountNetworkRules(
name: String,
block: suspend AccountNetworkRulesResourceBuilder.() -> Unit,
): AccountNetworkRules {
val builder = AccountNetworkRulesResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [AccountNetworkRules].
* @param name The _unique_ name of the resulting resource.
*/
public fun accountNetworkRules(name: String): AccountNetworkRules {
val builder = AccountNetworkRulesResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy