All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.gcp.accesscontextmanager.kotlin.AccessLevelArgs.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 8.10.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.accesscontextmanager.kotlin

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.accesscontextmanager.AccessLevelArgs.builder
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.AccessLevelBasicArgs
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.AccessLevelBasicArgsBuilder
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.AccessLevelCustomArgs
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.AccessLevelCustomArgsBuilder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.jvm.JvmName

/**
 * An AccessLevel is a label that can be applied to requests to GCP services,
 * along with a list of requirements necessary for the label to be applied.
 * To get more information about AccessLevel, see:
 * * [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.accessLevels)
 * * How-to Guides
 *     * [Access Policy Quickstart](https://cloud.google.com/access-context-manager/docs/quickstart)
 * > **Warning:** If you are using User ADCs (Application Default Credentials) with this resource,
 * you must specify a `billing_project` and set `user_project_override` to true
 * in the provider configuration. Otherwise the ACM API will return a 403 error.
 * Your account must have the `serviceusage.services.use` permission on the
 * `billing_project` you defined.
 * ## Example Usage
 * ### Access Context Manager Access Level Basic
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const access_policy = new gcp.accesscontextmanager.AccessPolicy("access-policy", {
 *     parent: "organizations/123456789",
 *     title: "my policy",
 * });
 * const access_level = new gcp.accesscontextmanager.AccessLevel("access-level", {
 *     parent: pulumi.interpolate`accessPolicies/${access_policy.name}`,
 *     name: pulumi.interpolate`accessPolicies/${access_policy.name}/accessLevels/chromeos_no_lock`,
 *     title: "chromeos_no_lock",
 *     basic: {
 *         conditions: [{
 *             devicePolicy: {
 *                 requireScreenLock: true,
 *                 osConstraints: [{
 *                     osType: "DESKTOP_CHROME_OS",
 *                 }],
 *             },
 *             regions: [
 *                 "CH",
 *                 "IT",
 *                 "US",
 *             ],
 *         }],
 *     },
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * access_policy = gcp.accesscontextmanager.AccessPolicy("access-policy",
 *     parent="organizations/123456789",
 *     title="my policy")
 * access_level = gcp.accesscontextmanager.AccessLevel("access-level",
 *     parent=access_policy.name.apply(lambda name: f"accessPolicies/{name}"),
 *     name=access_policy.name.apply(lambda name: f"accessPolicies/{name}/accessLevels/chromeos_no_lock"),
 *     title="chromeos_no_lock",
 *     basic=gcp.accesscontextmanager.AccessLevelBasicArgs(
 *         conditions=[gcp.accesscontextmanager.AccessLevelBasicConditionArgs(
 *             device_policy=gcp.accesscontextmanager.AccessLevelBasicConditionDevicePolicyArgs(
 *                 require_screen_lock=True,
 *                 os_constraints=[gcp.accesscontextmanager.AccessLevelBasicConditionDevicePolicyOsConstraintArgs(
 *                     os_type="DESKTOP_CHROME_OS",
 *                 )],
 *             ),
 *             regions=[
 *                 "CH",
 *                 "IT",
 *                 "US",
 *             ],
 *         )],
 *     ))
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var access_policy = new Gcp.AccessContextManager.AccessPolicy("access-policy", new()
 *     {
 *         Parent = "organizations/123456789",
 *         Title = "my policy",
 *     });
 *     var access_level = new Gcp.AccessContextManager.AccessLevel("access-level", new()
 *     {
 *         Parent = access_policy.Name.Apply(name => $"accessPolicies/{name}"),
 *         Name = access_policy.Name.Apply(name => $"accessPolicies/{name}/accessLevels/chromeos_no_lock"),
 *         Title = "chromeos_no_lock",
 *         Basic = new Gcp.AccessContextManager.Inputs.AccessLevelBasicArgs
 *         {
 *             Conditions = new[]
 *             {
 *                 new Gcp.AccessContextManager.Inputs.AccessLevelBasicConditionArgs
 *                 {
 *                     DevicePolicy = new Gcp.AccessContextManager.Inputs.AccessLevelBasicConditionDevicePolicyArgs
 *                     {
 *                         RequireScreenLock = true,
 *                         OsConstraints = new[]
 *                         {
 *                             new Gcp.AccessContextManager.Inputs.AccessLevelBasicConditionDevicePolicyOsConstraintArgs
 *                             {
 *                                 OsType = "DESKTOP_CHROME_OS",
 *                             },
 *                         },
 *                     },
 *                     Regions = new[]
 *                     {
 *                         "CH",
 *                         "IT",
 *                         "US",
 *                     },
 *                 },
 *             },
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"fmt"
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/accesscontextmanager"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		_, err := accesscontextmanager.NewAccessPolicy(ctx, "access-policy", &accesscontextmanager.AccessPolicyArgs{
 * 			Parent: pulumi.String("organizations/123456789"),
 * 			Title:  pulumi.String("my policy"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = accesscontextmanager.NewAccessLevel(ctx, "access-level", &accesscontextmanager.AccessLevelArgs{
 * 			Parent: access_policy.Name.ApplyT(func(name string) (string, error) {
 * 				return fmt.Sprintf("accessPolicies/%v", name), nil
 * 			}).(pulumi.StringOutput),
 * 			Name: access_policy.Name.ApplyT(func(name string) (string, error) {
 * 				return fmt.Sprintf("accessPolicies/%v/accessLevels/chromeos_no_lock", name), nil
 * 			}).(pulumi.StringOutput),
 * 			Title: pulumi.String("chromeos_no_lock"),
 * 			Basic: &accesscontextmanager.AccessLevelBasicArgs{
 * 				Conditions: accesscontextmanager.AccessLevelBasicConditionArray{
 * 					&accesscontextmanager.AccessLevelBasicConditionArgs{
 * 						DevicePolicy: &accesscontextmanager.AccessLevelBasicConditionDevicePolicyArgs{
 * 							RequireScreenLock: pulumi.Bool(true),
 * 							OsConstraints: accesscontextmanager.AccessLevelBasicConditionDevicePolicyOsConstraintArray{
 * 								&accesscontextmanager.AccessLevelBasicConditionDevicePolicyOsConstraintArgs{
 * 									OsType: pulumi.String("DESKTOP_CHROME_OS"),
 * 								},
 * 							},
 * 						},
 * 						Regions: pulumi.StringArray{
 * 							pulumi.String("CH"),
 * 							pulumi.String("IT"),
 * 							pulumi.String("US"),
 * 						},
 * 					},
 * 				},
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.accesscontextmanager.AccessPolicy;
 * import com.pulumi.gcp.accesscontextmanager.AccessPolicyArgs;
 * import com.pulumi.gcp.accesscontextmanager.AccessLevel;
 * import com.pulumi.gcp.accesscontextmanager.AccessLevelArgs;
 * import com.pulumi.gcp.accesscontextmanager.inputs.AccessLevelBasicArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var access_policy = new AccessPolicy("access-policy", AccessPolicyArgs.builder()
 *             .parent("organizations/123456789")
 *             .title("my policy")
 *             .build());
 *         var access_level = new AccessLevel("access-level", AccessLevelArgs.builder()
 *             .parent(access_policy.name().applyValue(name -> String.format("accessPolicies/%s", name)))
 *             .name(access_policy.name().applyValue(name -> String.format("accessPolicies/%s/accessLevels/chromeos_no_lock", name)))
 *             .title("chromeos_no_lock")
 *             .basic(AccessLevelBasicArgs.builder()
 *                 .conditions(AccessLevelBasicConditionArgs.builder()
 *                     .devicePolicy(AccessLevelBasicConditionDevicePolicyArgs.builder()
 *                         .requireScreenLock(true)
 *                         .osConstraints(AccessLevelBasicConditionDevicePolicyOsConstraintArgs.builder()
 *                             .osType("DESKTOP_CHROME_OS")
 *                             .build())
 *                         .build())
 *                     .regions(
 *                         "CH",
 *                         "IT",
 *                         "US")
 *                     .build())
 *                 .build())
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   access-level:
 *     type: gcp:accesscontextmanager:AccessLevel
 *     properties:
 *       parent: accessPolicies/${["access-policy"].name}
 *       name: accessPolicies/${["access-policy"].name}/accessLevels/chromeos_no_lock
 *       title: chromeos_no_lock
 *       basic:
 *         conditions:
 *           - devicePolicy:
 *               requireScreenLock: true
 *               osConstraints:
 *                 - osType: DESKTOP_CHROME_OS
 *             regions:
 *               - CH
 *               - IT
 *               - US
 *   access-policy:
 *     type: gcp:accesscontextmanager:AccessPolicy
 *     properties:
 *       parent: organizations/123456789
 *       title: my policy
 * ```
 * 
 * ## Import
 * AccessLevel can be imported using any of these accepted formats:
 * * `{{name}}`
 * When using the `pulumi import` command, AccessLevel can be imported using one of the formats above. For example:
 * ```sh
 * $ pulumi import gcp:accesscontextmanager/accessLevel:AccessLevel default {{name}}
 * ```
 * @property basic A set of predefined conditions for the access level and a combining function.
 * Structure is documented below.
 * @property custom Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
 * See CEL spec at: https://github.com/google/cel-spec.
 * Structure is documented below.
 * @property description Description of the AccessLevel and its use. Does not affect behavior.
 * @property name Resource name for the Access Level. The short_name component must begin
 * with a letter and only include alphanumeric and '_'.
 * Format: accessPolicies/{policy_id}/accessLevels/{short_name}
 * - - -
 * @property parent The AccessPolicy this AccessLevel lives in.
 * Format: accessPolicies/{policy_id}
 * @property title Human readable title. Must be unique within the Policy.
 */
public data class AccessLevelArgs(
    public val basic: Output? = null,
    public val custom: Output? = null,
    public val description: Output? = null,
    public val name: Output? = null,
    public val parent: Output? = null,
    public val title: Output? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.gcp.accesscontextmanager.AccessLevelArgs =
        com.pulumi.gcp.accesscontextmanager.AccessLevelArgs.builder()
            .basic(basic?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .custom(custom?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .description(description?.applyValue({ args0 -> args0 }))
            .name(name?.applyValue({ args0 -> args0 }))
            .parent(parent?.applyValue({ args0 -> args0 }))
            .title(title?.applyValue({ args0 -> args0 })).build()
}

/**
 * Builder for [AccessLevelArgs].
 */
@PulumiTagMarker
public class AccessLevelArgsBuilder internal constructor() {
    private var basic: Output? = null

    private var custom: Output? = null

    private var description: Output? = null

    private var name: Output? = null

    private var parent: Output? = null

    private var title: Output? = null

    /**
     * @param value A set of predefined conditions for the access level and a combining function.
     * Structure is documented below.
     */
    @JvmName("vquprklrwtwxnpfm")
    public suspend fun basic(`value`: Output) {
        this.basic = value
    }

    /**
     * @param value Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
     * See CEL spec at: https://github.com/google/cel-spec.
     * Structure is documented below.
     */
    @JvmName("aqadvhybxjidmxok")
    public suspend fun custom(`value`: Output) {
        this.custom = value
    }

    /**
     * @param value Description of the AccessLevel and its use. Does not affect behavior.
     */
    @JvmName("eyutwoagucslekaj")
    public suspend fun description(`value`: Output) {
        this.description = value
    }

    /**
     * @param value Resource name for the Access Level. The short_name component must begin
     * with a letter and only include alphanumeric and '_'.
     * Format: accessPolicies/{policy_id}/accessLevels/{short_name}
     * - - -
     */
    @JvmName("wrfplsyliedmbkfw")
    public suspend fun name(`value`: Output) {
        this.name = value
    }

    /**
     * @param value The AccessPolicy this AccessLevel lives in.
     * Format: accessPolicies/{policy_id}
     */
    @JvmName("gqvauxhlntrnfubr")
    public suspend fun parent(`value`: Output) {
        this.parent = value
    }

    /**
     * @param value Human readable title. Must be unique within the Policy.
     */
    @JvmName("nqqknfqmotishxmw")
    public suspend fun title(`value`: Output) {
        this.title = value
    }

    /**
     * @param value A set of predefined conditions for the access level and a combining function.
     * Structure is documented below.
     */
    @JvmName("lrygnlqcckuuayyh")
    public suspend fun basic(`value`: AccessLevelBasicArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.basic = mapped
    }

    /**
     * @param argument A set of predefined conditions for the access level and a combining function.
     * Structure is documented below.
     */
    @JvmName("thhnscrwhkakfkfa")
    public suspend fun basic(argument: suspend AccessLevelBasicArgsBuilder.() -> Unit) {
        val toBeMapped = AccessLevelBasicArgsBuilder().applySuspend { argument() }.build()
        val mapped = of(toBeMapped)
        this.basic = mapped
    }

    /**
     * @param value Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
     * See CEL spec at: https://github.com/google/cel-spec.
     * Structure is documented below.
     */
    @JvmName("clrsfannbavrvmsm")
    public suspend fun custom(`value`: AccessLevelCustomArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.custom = mapped
    }

    /**
     * @param argument Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
     * See CEL spec at: https://github.com/google/cel-spec.
     * Structure is documented below.
     */
    @JvmName("bkfyfmulmkwvrqth")
    public suspend fun custom(argument: suspend AccessLevelCustomArgsBuilder.() -> Unit) {
        val toBeMapped = AccessLevelCustomArgsBuilder().applySuspend { argument() }.build()
        val mapped = of(toBeMapped)
        this.custom = mapped
    }

    /**
     * @param value Description of the AccessLevel and its use. Does not affect behavior.
     */
    @JvmName("wiotcudclnmvflye")
    public suspend fun description(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.description = mapped
    }

    /**
     * @param value Resource name for the Access Level. The short_name component must begin
     * with a letter and only include alphanumeric and '_'.
     * Format: accessPolicies/{policy_id}/accessLevels/{short_name}
     * - - -
     */
    @JvmName("baoxlfdigmhfdqwu")
    public suspend fun name(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.name = mapped
    }

    /**
     * @param value The AccessPolicy this AccessLevel lives in.
     * Format: accessPolicies/{policy_id}
     */
    @JvmName("icqntelopmhylhsl")
    public suspend fun parent(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.parent = mapped
    }

    /**
     * @param value Human readable title. Must be unique within the Policy.
     */
    @JvmName("ktstboehwrrloxyb")
    public suspend fun title(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.title = mapped
    }

    internal fun build(): AccessLevelArgs = AccessLevelArgs(
        basic = basic,
        custom = custom,
        description = description,
        name = name,
        parent = parent,
        title = title,
    )
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy