All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.gcp.accesscontextmanager.kotlin.AuthorizedOrgsDescArgs.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 8.10.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.accesscontextmanager.kotlin

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.accesscontextmanager.AuthorizedOrgsDescArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.jvm.JvmName

/**
 * An authorized organizations description describes a list of organizations
 * (1) that have been authorized to use certain asset (for example, device) data
 * owned by different organizations at the enforcement points, or (2) with certain
 * asset (for example, device) have been authorized to access the resources in
 * another organization at the enforcement points.
 * To get more information about AuthorizedOrgsDesc, see:
 * * [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.authorizedOrgsDescs)
 * * How-to Guides
 *     * [gcloud docs](https://cloud.google.com/beyondcorp-enterprise/docs/cross-org-authorization)
 * > **Warning:** If you are using User ADCs (Application Default Credentials) with this resource,
 * you must specify a `billing_project` and set `user_project_override` to true
 * in the provider configuration. Otherwise the ACM API will return a 403 error.
 * Your account must have the `serviceusage.services.use` permission on the
 * `billing_project` you defined.
 * ## Example Usage
 * ### Access Context Manager Authorized Orgs Desc Basic
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const test_access = new gcp.accesscontextmanager.AccessPolicy("test-access", {
 *     parent: "organizations/",
 *     title: "my policy",
 * });
 * const authorized_orgs_desc = new gcp.accesscontextmanager.AuthorizedOrgsDesc("authorized-orgs-desc", {
 *     parent: pulumi.interpolate`accessPolicies/${test_access.name}`,
 *     name: pulumi.interpolate`accessPolicies/${test_access.name}/authorizedOrgsDescs/fakeDescName`,
 *     authorizationType: "AUTHORIZATION_TYPE_TRUST",
 *     assetType: "ASSET_TYPE_CREDENTIAL_STRENGTH",
 *     authorizationDirection: "AUTHORIZATION_DIRECTION_TO",
 *     orgs: [
 *         "organizations/12345",
 *         "organizations/98765",
 *     ],
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * test_access = gcp.accesscontextmanager.AccessPolicy("test-access",
 *     parent="organizations/",
 *     title="my policy")
 * authorized_orgs_desc = gcp.accesscontextmanager.AuthorizedOrgsDesc("authorized-orgs-desc",
 *     parent=test_access.name.apply(lambda name: f"accessPolicies/{name}"),
 *     name=test_access.name.apply(lambda name: f"accessPolicies/{name}/authorizedOrgsDescs/fakeDescName"),
 *     authorization_type="AUTHORIZATION_TYPE_TRUST",
 *     asset_type="ASSET_TYPE_CREDENTIAL_STRENGTH",
 *     authorization_direction="AUTHORIZATION_DIRECTION_TO",
 *     orgs=[
 *         "organizations/12345",
 *         "organizations/98765",
 *     ])
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var test_access = new Gcp.AccessContextManager.AccessPolicy("test-access", new()
 *     {
 *         Parent = "organizations/",
 *         Title = "my policy",
 *     });
 *     var authorized_orgs_desc = new Gcp.AccessContextManager.AuthorizedOrgsDesc("authorized-orgs-desc", new()
 *     {
 *         Parent = test_access.Name.Apply(name => $"accessPolicies/{name}"),
 *         Name = test_access.Name.Apply(name => $"accessPolicies/{name}/authorizedOrgsDescs/fakeDescName"),
 *         AuthorizationType = "AUTHORIZATION_TYPE_TRUST",
 *         AssetType = "ASSET_TYPE_CREDENTIAL_STRENGTH",
 *         AuthorizationDirection = "AUTHORIZATION_DIRECTION_TO",
 *         Orgs = new[]
 *         {
 *             "organizations/12345",
 *             "organizations/98765",
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"fmt"
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/accesscontextmanager"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		_, err := accesscontextmanager.NewAccessPolicy(ctx, "test-access", &accesscontextmanager.AccessPolicyArgs{
 * 			Parent: pulumi.String("organizations/"),
 * 			Title:  pulumi.String("my policy"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = accesscontextmanager.NewAuthorizedOrgsDesc(ctx, "authorized-orgs-desc", &accesscontextmanager.AuthorizedOrgsDescArgs{
 * 			Parent: test_access.Name.ApplyT(func(name string) (string, error) {
 * 				return fmt.Sprintf("accessPolicies/%v", name), nil
 * 			}).(pulumi.StringOutput),
 * 			Name: test_access.Name.ApplyT(func(name string) (string, error) {
 * 				return fmt.Sprintf("accessPolicies/%v/authorizedOrgsDescs/fakeDescName", name), nil
 * 			}).(pulumi.StringOutput),
 * 			AuthorizationType:      pulumi.String("AUTHORIZATION_TYPE_TRUST"),
 * 			AssetType:              pulumi.String("ASSET_TYPE_CREDENTIAL_STRENGTH"),
 * 			AuthorizationDirection: pulumi.String("AUTHORIZATION_DIRECTION_TO"),
 * 			Orgs: pulumi.StringArray{
 * 				pulumi.String("organizations/12345"),
 * 				pulumi.String("organizations/98765"),
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.accesscontextmanager.AccessPolicy;
 * import com.pulumi.gcp.accesscontextmanager.AccessPolicyArgs;
 * import com.pulumi.gcp.accesscontextmanager.AuthorizedOrgsDesc;
 * import com.pulumi.gcp.accesscontextmanager.AuthorizedOrgsDescArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var test_access = new AccessPolicy("test-access", AccessPolicyArgs.builder()
 *             .parent("organizations/")
 *             .title("my policy")
 *             .build());
 *         var authorized_orgs_desc = new AuthorizedOrgsDesc("authorized-orgs-desc", AuthorizedOrgsDescArgs.builder()
 *             .parent(test_access.name().applyValue(name -> String.format("accessPolicies/%s", name)))
 *             .name(test_access.name().applyValue(name -> String.format("accessPolicies/%s/authorizedOrgsDescs/fakeDescName", name)))
 *             .authorizationType("AUTHORIZATION_TYPE_TRUST")
 *             .assetType("ASSET_TYPE_CREDENTIAL_STRENGTH")
 *             .authorizationDirection("AUTHORIZATION_DIRECTION_TO")
 *             .orgs(
 *                 "organizations/12345",
 *                 "organizations/98765")
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   authorized-orgs-desc:
 *     type: gcp:accesscontextmanager:AuthorizedOrgsDesc
 *     properties:
 *       parent: accessPolicies/${["test-access"].name}
 *       name: accessPolicies/${["test-access"].name}/authorizedOrgsDescs/fakeDescName
 *       authorizationType: AUTHORIZATION_TYPE_TRUST
 *       assetType: ASSET_TYPE_CREDENTIAL_STRENGTH
 *       authorizationDirection: AUTHORIZATION_DIRECTION_TO
 *       orgs:
 *         - organizations/12345
 *         - organizations/98765
 *   test-access:
 *     type: gcp:accesscontextmanager:AccessPolicy
 *     properties:
 *       parent: organizations/
 *       title: my policy
 * ```
 * 
 * ## Import
 * AuthorizedOrgsDesc can be imported using any of these accepted formats:
 * * `{{name}}`
 * When using the `pulumi import` command, AuthorizedOrgsDesc can be imported using one of the formats above. For example:
 * ```sh
 * $ pulumi import gcp:accesscontextmanager/authorizedOrgsDesc:AuthorizedOrgsDesc default {{name}}
 * ```
 * @property assetType The type of entities that need to use the authorization relationship during
 * evaluation, such as a device. Valid values are "ASSET_TYPE_DEVICE" and
 * "ASSET_TYPE_CREDENTIAL_STRENGTH".
 * Possible values are: `ASSET_TYPE_DEVICE`, `ASSET_TYPE_CREDENTIAL_STRENGTH`.
 * @property authorizationDirection The direction of the authorization relationship between this organization
 * and the organizations listed in the "orgs" field. The valid values for this
 * field include the following:
 * AUTHORIZATION_DIRECTION_FROM: Allows this organization to evaluate traffic
 * in the organizations listed in the `orgs` field.
 * AUTHORIZATION_DIRECTION_TO: Allows the organizations listed in the `orgs`
 * field to evaluate the traffic in this organization.
 * For the authorization relationship to take effect, all of the organizations
 * must authorize and specify the appropriate relationship direction. For
 * example, if organization A authorized organization B and C to evaluate its
 * traffic, by specifying "AUTHORIZATION_DIRECTION_TO" as the authorization
 * direction, organizations B and C must specify
 * "AUTHORIZATION_DIRECTION_FROM" as the authorization direction in their
 * "AuthorizedOrgsDesc" resource.
 * Possible values are: `AUTHORIZATION_DIRECTION_TO`, `AUTHORIZATION_DIRECTION_FROM`.
 * @property authorizationType A granular control type for authorization levels. Valid value is "AUTHORIZATION_TYPE_TRUST".
 * Possible values are: `AUTHORIZATION_TYPE_TRUST`.
 * @property name Resource name for the `AuthorizedOrgsDesc`. Format:
 * `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`.
 * The `authorized_orgs_desc` component must begin with a letter, followed by
 * alphanumeric characters or `_`.
 * After you create an `AuthorizedOrgsDesc`, you cannot change its `name`.
 * - - -
 * @property orgs The list of organization ids in this AuthorizedOrgsDesc.
 * Format: `organizations/`
 * Example: `organizations/123456`
 * @property parent Required. Resource name for the access policy which owns this `AuthorizedOrgsDesc`.
 */
public data class AuthorizedOrgsDescArgs(
    public val assetType: Output? = null,
    public val authorizationDirection: Output? = null,
    public val authorizationType: Output? = null,
    public val name: Output? = null,
    public val orgs: Output>? = null,
    public val parent: Output? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.gcp.accesscontextmanager.AuthorizedOrgsDescArgs =
        com.pulumi.gcp.accesscontextmanager.AuthorizedOrgsDescArgs.builder()
            .assetType(assetType?.applyValue({ args0 -> args0 }))
            .authorizationDirection(authorizationDirection?.applyValue({ args0 -> args0 }))
            .authorizationType(authorizationType?.applyValue({ args0 -> args0 }))
            .name(name?.applyValue({ args0 -> args0 }))
            .orgs(orgs?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .parent(parent?.applyValue({ args0 -> args0 })).build()
}

/**
 * Builder for [AuthorizedOrgsDescArgs].
 */
@PulumiTagMarker
public class AuthorizedOrgsDescArgsBuilder internal constructor() {
    private var assetType: Output? = null

    private var authorizationDirection: Output? = null

    private var authorizationType: Output? = null

    private var name: Output? = null

    private var orgs: Output>? = null

    private var parent: Output? = null

    /**
     * @param value The type of entities that need to use the authorization relationship during
     * evaluation, such as a device. Valid values are "ASSET_TYPE_DEVICE" and
     * "ASSET_TYPE_CREDENTIAL_STRENGTH".
     * Possible values are: `ASSET_TYPE_DEVICE`, `ASSET_TYPE_CREDENTIAL_STRENGTH`.
     */
    @JvmName("srkcudruhkdwhswj")
    public suspend fun assetType(`value`: Output) {
        this.assetType = value
    }

    /**
     * @param value The direction of the authorization relationship between this organization
     * and the organizations listed in the "orgs" field. The valid values for this
     * field include the following:
     * AUTHORIZATION_DIRECTION_FROM: Allows this organization to evaluate traffic
     * in the organizations listed in the `orgs` field.
     * AUTHORIZATION_DIRECTION_TO: Allows the organizations listed in the `orgs`
     * field to evaluate the traffic in this organization.
     * For the authorization relationship to take effect, all of the organizations
     * must authorize and specify the appropriate relationship direction. For
     * example, if organization A authorized organization B and C to evaluate its
     * traffic, by specifying "AUTHORIZATION_DIRECTION_TO" as the authorization
     * direction, organizations B and C must specify
     * "AUTHORIZATION_DIRECTION_FROM" as the authorization direction in their
     * "AuthorizedOrgsDesc" resource.
     * Possible values are: `AUTHORIZATION_DIRECTION_TO`, `AUTHORIZATION_DIRECTION_FROM`.
     */
    @JvmName("voyqmjeuicprgofe")
    public suspend fun authorizationDirection(`value`: Output) {
        this.authorizationDirection = value
    }

    /**
     * @param value A granular control type for authorization levels. Valid value is "AUTHORIZATION_TYPE_TRUST".
     * Possible values are: `AUTHORIZATION_TYPE_TRUST`.
     */
    @JvmName("ieoqklyoqvjovovv")
    public suspend fun authorizationType(`value`: Output) {
        this.authorizationType = value
    }

    /**
     * @param value Resource name for the `AuthorizedOrgsDesc`. Format:
     * `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`.
     * The `authorized_orgs_desc` component must begin with a letter, followed by
     * alphanumeric characters or `_`.
     * After you create an `AuthorizedOrgsDesc`, you cannot change its `name`.
     * - - -
     */
    @JvmName("iiwqadyfukyioptg")
    public suspend fun name(`value`: Output) {
        this.name = value
    }

    /**
     * @param value The list of organization ids in this AuthorizedOrgsDesc.
     * Format: `organizations/`
     * Example: `organizations/123456`
     */
    @JvmName("jxgnintjxocnlhka")
    public suspend fun orgs(`value`: Output>) {
        this.orgs = value
    }

    @JvmName("kwtbltmdpeulkmtl")
    public suspend fun orgs(vararg values: Output) {
        this.orgs = Output.all(values.asList())
    }

    /**
     * @param values The list of organization ids in this AuthorizedOrgsDesc.
     * Format: `organizations/`
     * Example: `organizations/123456`
     */
    @JvmName("nbnxkyajvltmhkoq")
    public suspend fun orgs(values: List>) {
        this.orgs = Output.all(values)
    }

    /**
     * @param value Required. Resource name for the access policy which owns this `AuthorizedOrgsDesc`.
     */
    @JvmName("owlndbbvjxkrqusx")
    public suspend fun parent(`value`: Output) {
        this.parent = value
    }

    /**
     * @param value The type of entities that need to use the authorization relationship during
     * evaluation, such as a device. Valid values are "ASSET_TYPE_DEVICE" and
     * "ASSET_TYPE_CREDENTIAL_STRENGTH".
     * Possible values are: `ASSET_TYPE_DEVICE`, `ASSET_TYPE_CREDENTIAL_STRENGTH`.
     */
    @JvmName("fwihbjvxndyvrexe")
    public suspend fun assetType(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.assetType = mapped
    }

    /**
     * @param value The direction of the authorization relationship between this organization
     * and the organizations listed in the "orgs" field. The valid values for this
     * field include the following:
     * AUTHORIZATION_DIRECTION_FROM: Allows this organization to evaluate traffic
     * in the organizations listed in the `orgs` field.
     * AUTHORIZATION_DIRECTION_TO: Allows the organizations listed in the `orgs`
     * field to evaluate the traffic in this organization.
     * For the authorization relationship to take effect, all of the organizations
     * must authorize and specify the appropriate relationship direction. For
     * example, if organization A authorized organization B and C to evaluate its
     * traffic, by specifying "AUTHORIZATION_DIRECTION_TO" as the authorization
     * direction, organizations B and C must specify
     * "AUTHORIZATION_DIRECTION_FROM" as the authorization direction in their
     * "AuthorizedOrgsDesc" resource.
     * Possible values are: `AUTHORIZATION_DIRECTION_TO`, `AUTHORIZATION_DIRECTION_FROM`.
     */
    @JvmName("qfqontscawsgbdcd")
    public suspend fun authorizationDirection(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.authorizationDirection = mapped
    }

    /**
     * @param value A granular control type for authorization levels. Valid value is "AUTHORIZATION_TYPE_TRUST".
     * Possible values are: `AUTHORIZATION_TYPE_TRUST`.
     */
    @JvmName("uweniasonjxxooht")
    public suspend fun authorizationType(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.authorizationType = mapped
    }

    /**
     * @param value Resource name for the `AuthorizedOrgsDesc`. Format:
     * `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`.
     * The `authorized_orgs_desc` component must begin with a letter, followed by
     * alphanumeric characters or `_`.
     * After you create an `AuthorizedOrgsDesc`, you cannot change its `name`.
     * - - -
     */
    @JvmName("tnnyorwmujcbemll")
    public suspend fun name(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.name = mapped
    }

    /**
     * @param value The list of organization ids in this AuthorizedOrgsDesc.
     * Format: `organizations/`
     * Example: `organizations/123456`
     */
    @JvmName("lgqxdbcftfhklffc")
    public suspend fun orgs(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.orgs = mapped
    }

    /**
     * @param values The list of organization ids in this AuthorizedOrgsDesc.
     * Format: `organizations/`
     * Example: `organizations/123456`
     */
    @JvmName("wyrxgrbbhywxxxhf")
    public suspend fun orgs(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.orgs = mapped
    }

    /**
     * @param value Required. Resource name for the access policy which owns this `AuthorizedOrgsDesc`.
     */
    @JvmName("xedwlssbgknrcoho")
    public suspend fun parent(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.parent = mapped
    }

    internal fun build(): AuthorizedOrgsDescArgs = AuthorizedOrgsDescArgs(
        assetType = assetType,
        authorizationDirection = authorizationDirection,
        authorizationType = authorizationType,
        name = name,
        orgs = orgs,
        parent = parent,
    )
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy