All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.gcp.compute.kotlin.FirewallArgs.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 8.10.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.compute.kotlin

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.compute.FirewallArgs.builder
import com.pulumi.gcp.compute.kotlin.inputs.FirewallAllowArgs
import com.pulumi.gcp.compute.kotlin.inputs.FirewallAllowArgsBuilder
import com.pulumi.gcp.compute.kotlin.inputs.FirewallDenyArgs
import com.pulumi.gcp.compute.kotlin.inputs.FirewallDenyArgsBuilder
import com.pulumi.gcp.compute.kotlin.inputs.FirewallLogConfigArgs
import com.pulumi.gcp.compute.kotlin.inputs.FirewallLogConfigArgsBuilder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Boolean
import kotlin.Deprecated
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.jvm.JvmName

/**
 * Each network has its own firewall controlling access to and from the
 * instances.
 * All traffic to instances, even from other instances, is blocked by the
 * firewall unless firewall rules are created to allow it.
 * The default network has automatically created firewall rules that are
 * shown in default firewall rules. No manually created network has
 * automatically created firewall rules except for a default "allow" rule for
 * outgoing traffic and a default "deny" for incoming traffic. For all
 * networks except the default network, you must create any firewall rules
 * you need.
 * To get more information about Firewall, see:
 * * [API documentation](https://cloud.google.com/compute/docs/reference/v1/firewalls)
 * * How-to Guides
 *     * [Official Documentation](https://cloud.google.com/vpc/docs/firewalls)
 * ## Example Usage
 * ### Firewall Basic
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const defaultNetwork = new gcp.compute.Network("default", {name: "test-network"});
 * const _default = new gcp.compute.Firewall("default", {
 *     name: "test-firewall",
 *     network: defaultNetwork.name,
 *     allows: [
 *         {
 *             protocol: "icmp",
 *         },
 *         {
 *             protocol: "tcp",
 *             ports: [
 *                 "80",
 *                 "8080",
 *                 "1000-2000",
 *             ],
 *         },
 *     ],
 *     sourceTags: ["web"],
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * default_network = gcp.compute.Network("default", name="test-network")
 * default = gcp.compute.Firewall("default",
 *     name="test-firewall",
 *     network=default_network.name,
 *     allows=[
 *         gcp.compute.FirewallAllowArgs(
 *             protocol="icmp",
 *         ),
 *         gcp.compute.FirewallAllowArgs(
 *             protocol="tcp",
 *             ports=[
 *                 "80",
 *                 "8080",
 *                 "1000-2000",
 *             ],
 *         ),
 *     ],
 *     source_tags=["web"])
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var defaultNetwork = new Gcp.Compute.Network("default", new()
 *     {
 *         Name = "test-network",
 *     });
 *     var @default = new Gcp.Compute.Firewall("default", new()
 *     {
 *         Name = "test-firewall",
 *         Network = defaultNetwork.Name,
 *         Allows = new[]
 *         {
 *             new Gcp.Compute.Inputs.FirewallAllowArgs
 *             {
 *                 Protocol = "icmp",
 *             },
 *             new Gcp.Compute.Inputs.FirewallAllowArgs
 *             {
 *                 Protocol = "tcp",
 *                 Ports = new[]
 *                 {
 *                     "80",
 *                     "8080",
 *                     "1000-2000",
 *                 },
 *             },
 *         },
 *         SourceTags = new[]
 *         {
 *             "web",
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		defaultNetwork, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
 * 			Name: pulumi.String("test-network"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = compute.NewFirewall(ctx, "default", &compute.FirewallArgs{
 * 			Name:    pulumi.String("test-firewall"),
 * 			Network: defaultNetwork.Name,
 * 			Allows: compute.FirewallAllowArray{
 * 				&compute.FirewallAllowArgs{
 * 					Protocol: pulumi.String("icmp"),
 * 				},
 * 				&compute.FirewallAllowArgs{
 * 					Protocol: pulumi.String("tcp"),
 * 					Ports: pulumi.StringArray{
 * 						pulumi.String("80"),
 * 						pulumi.String("8080"),
 * 						pulumi.String("1000-2000"),
 * 					},
 * 				},
 * 			},
 * 			SourceTags: pulumi.StringArray{
 * 				pulumi.String("web"),
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.compute.Network;
 * import com.pulumi.gcp.compute.NetworkArgs;
 * import com.pulumi.gcp.compute.Firewall;
 * import com.pulumi.gcp.compute.FirewallArgs;
 * import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
 *             .name("test-network")
 *             .build());
 *         var default_ = new Firewall("default", FirewallArgs.builder()
 *             .name("test-firewall")
 *             .network(defaultNetwork.name())
 *             .allows(
 *                 FirewallAllowArgs.builder()
 *                     .protocol("icmp")
 *                     .build(),
 *                 FirewallAllowArgs.builder()
 *                     .protocol("tcp")
 *                     .ports(
 *                         "80",
 *                         "8080",
 *                         "1000-2000")
 *                     .build())
 *             .sourceTags("web")
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   default:
 *     type: gcp:compute:Firewall
 *     properties:
 *       name: test-firewall
 *       network: ${defaultNetwork.name}
 *       allows:
 *         - protocol: icmp
 *         - protocol: tcp
 *           ports:
 *             - '80'
 *             - '8080'
 *             - 1000-2000
 *       sourceTags:
 *         - web
 *   defaultNetwork:
 *     type: gcp:compute:Network
 *     name: default
 *     properties:
 *       name: test-network
 * ```
 * 
 * ### Firewall With Target Tags
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const rules = new gcp.compute.Firewall("rules", {
 *     project: "my-project-name",
 *     name: "my-firewall-rule",
 *     network: "default",
 *     description: "Creates firewall rule targeting tagged instances",
 *     allows: [{
 *         protocol: "tcp",
 *         ports: [
 *             "80",
 *             "8080",
 *             "1000-2000",
 *         ],
 *     }],
 *     sourceTags: ["foo"],
 *     targetTags: ["web"],
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * rules = gcp.compute.Firewall("rules",
 *     project="my-project-name",
 *     name="my-firewall-rule",
 *     network="default",
 *     description="Creates firewall rule targeting tagged instances",
 *     allows=[gcp.compute.FirewallAllowArgs(
 *         protocol="tcp",
 *         ports=[
 *             "80",
 *             "8080",
 *             "1000-2000",
 *         ],
 *     )],
 *     source_tags=["foo"],
 *     target_tags=["web"])
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var rules = new Gcp.Compute.Firewall("rules", new()
 *     {
 *         Project = "my-project-name",
 *         Name = "my-firewall-rule",
 *         Network = "default",
 *         Description = "Creates firewall rule targeting tagged instances",
 *         Allows = new[]
 *         {
 *             new Gcp.Compute.Inputs.FirewallAllowArgs
 *             {
 *                 Protocol = "tcp",
 *                 Ports = new[]
 *                 {
 *                     "80",
 *                     "8080",
 *                     "1000-2000",
 *                 },
 *             },
 *         },
 *         SourceTags = new[]
 *         {
 *             "foo",
 *         },
 *         TargetTags = new[]
 *         {
 *             "web",
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		_, err := compute.NewFirewall(ctx, "rules", &compute.FirewallArgs{
 * 			Project:     pulumi.String("my-project-name"),
 * 			Name:        pulumi.String("my-firewall-rule"),
 * 			Network:     pulumi.String("default"),
 * 			Description: pulumi.String("Creates firewall rule targeting tagged instances"),
 * 			Allows: compute.FirewallAllowArray{
 * 				&compute.FirewallAllowArgs{
 * 					Protocol: pulumi.String("tcp"),
 * 					Ports: pulumi.StringArray{
 * 						pulumi.String("80"),
 * 						pulumi.String("8080"),
 * 						pulumi.String("1000-2000"),
 * 					},
 * 				},
 * 			},
 * 			SourceTags: pulumi.StringArray{
 * 				pulumi.String("foo"),
 * 			},
 * 			TargetTags: pulumi.StringArray{
 * 				pulumi.String("web"),
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.compute.Firewall;
 * import com.pulumi.gcp.compute.FirewallArgs;
 * import com.pulumi.gcp.compute.inputs.FirewallAllowArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var rules = new Firewall("rules", FirewallArgs.builder()
 *             .project("my-project-name")
 *             .name("my-firewall-rule")
 *             .network("default")
 *             .description("Creates firewall rule targeting tagged instances")
 *             .allows(FirewallAllowArgs.builder()
 *                 .protocol("tcp")
 *                 .ports(
 *                     "80",
 *                     "8080",
 *                     "1000-2000")
 *                 .build())
 *             .sourceTags("foo")
 *             .targetTags("web")
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   rules:
 *     type: gcp:compute:Firewall
 *     properties:
 *       project: my-project-name
 *       name: my-firewall-rule
 *       network: default
 *       description: Creates firewall rule targeting tagged instances
 *       allows:
 *         - protocol: tcp
 *           ports:
 *             - '80'
 *             - '8080'
 *             - 1000-2000
 *       sourceTags:
 *         - foo
 *       targetTags:
 *         - web
 * ```
 * 
 * ## Import
 * Firewall can be imported using any of these accepted formats:
 * * `projects/{{project}}/global/firewalls/{{name}}`
 * * `{{project}}/{{name}}`
 * * `{{name}}`
 * When using the `pulumi import` command, Firewall can be imported using one of the formats above. For example:
 * ```sh
 * $ pulumi import gcp:compute/firewall:Firewall default projects/{{project}}/global/firewalls/{{name}}
 * ```
 * ```sh
 * $ pulumi import gcp:compute/firewall:Firewall default {{project}}/{{name}}
 * ```
 * ```sh
 * $ pulumi import gcp:compute/firewall:Firewall default {{name}}
 * ```
 * @property allows The list of ALLOW rules specified by this firewall. Each rule
 * specifies a protocol and port-range tuple that describes a permitted
 * connection.
 * Structure is documented below.
 * @property denies The list of DENY rules specified by this firewall. Each rule specifies
 * a protocol and port-range tuple that describes a denied connection.
 * Structure is documented below.
 * @property description An optional description of this resource. Provide this property when
 * you create the resource.
 * @property destinationRanges If destination ranges are specified, the firewall will apply only to
 * traffic that has destination IP address in these ranges. These ranges
 * must be expressed in CIDR format. IPv4 or IPv6 ranges are supported.
 * @property direction Direction of traffic to which this firewall applies; default is
 * INGRESS. Note: For INGRESS traffic, one of `source_ranges`,
 * `source_tags` or `source_service_accounts` is required.
 * Possible values are: `INGRESS`, `EGRESS`.
 * @property disabled Denotes whether the firewall rule is disabled, i.e not applied to the
 * network it is associated with. When set to true, the firewall rule is
 * not enforced and the network behaves as if it did not exist. If this
 * is unspecified, the firewall rule will be enabled.
 * @property enableLogging This field denotes whether to enable logging for a particular firewall rule.
 * If logging is enabled, logs will be exported to Stackdriver. Deprecated in favor of `log_config`
 * @property logConfig This field denotes the logging options for a particular firewall rule.
 * If defined, logging is enabled, and logs will be exported to Cloud Logging.
 * Structure is documented below.
 * @property name Name of the resource. Provided by the client when the resource is
 * created. The name must be 1-63 characters long, and comply with
 * RFC1035. Specifically, the name must be 1-63 characters long and match
 * the regular expression `a-z?` which means the
 * first character must be a lowercase letter, and all following
 * characters must be a dash, lowercase letter, or digit, except the last
 * character, which cannot be a dash.
 * @property network The name or self_link of the network to attach this firewall to.
 * - - -
 * @property priority Priority for this rule. This is an integer between 0 and 65535, both
 * inclusive. When not specified, the value assumed is 1000. Relative
 * priorities determine precedence of conflicting rules. Lower value of
 * priority implies higher precedence (eg, a rule with priority 0 has
 * higher precedence than a rule with priority 1). DENY rules take
 * precedence over ALLOW rules having equal priority.
 * @property project The ID of the project in which the resource belongs.
 * If it is not provided, the provider project is used.
 * @property sourceRanges If source ranges are specified, the firewall will apply only to
 * traffic that has source IP address in these ranges. These ranges must
 * be expressed in CIDR format. One or both of sourceRanges and
 * sourceTags may be set. If both properties are set, the firewall will
 * apply to traffic that has source IP address within sourceRanges OR the
 * source IP that belongs to a tag listed in the sourceTags property. The
 * connection does not need to match both properties for the firewall to
 * apply. IPv4 or IPv6 ranges are supported. For INGRESS traffic, one of
 * `source_ranges`, `source_tags` or `source_service_accounts` is required.
 * @property sourceServiceAccounts If source service accounts are specified, the firewall will apply only
 * to traffic originating from an instance with a service account in this
 * list. Source service accounts cannot be used to control traffic to an
 * instance's external IP address because service accounts are associated
 * with an instance, not an IP address. sourceRanges can be set at the
 * same time as sourceServiceAccounts. If both are set, the firewall will
 * apply to traffic that has source IP address within sourceRanges OR the
 * source IP belongs to an instance with service account listed in
 * sourceServiceAccount. The connection does not need to match both
 * properties for the firewall to apply. sourceServiceAccounts cannot be
 * used at the same time as sourceTags or targetTags. For INGRESS traffic,
 * one of `source_ranges`, `source_tags` or `source_service_accounts` is required.
 * @property sourceTags If source tags are specified, the firewall will apply only to traffic
 * with source IP that belongs to a tag listed in source tags. Source
 * tags cannot be used to control traffic to an instance's external IP
 * address. Because tags are associated with an instance, not an IP
 * address. One or both of sourceRanges and sourceTags may be set. If
 * both properties are set, the firewall will apply to traffic that has
 * source IP address within sourceRanges OR the source IP that belongs to
 * a tag listed in the sourceTags property. The connection does not need
 * to match both properties for the firewall to apply. For INGRESS traffic,
 * one of `source_ranges`, `source_tags` or `source_service_accounts` is required.
 * @property targetServiceAccounts A list of service accounts indicating sets of instances located in the
 * network that may make network connections as specified in allowed[].
 * targetServiceAccounts cannot be used at the same time as targetTags or
 * sourceTags. If neither targetServiceAccounts nor targetTags are
 * specified, the firewall rule applies to all instances on the specified
 * network.
 * @property targetTags A list of instance tags indicating sets of instances located in the
 * network that may make network connections as specified in allowed[].
 * If no targetTags are specified, the firewall rule applies to all
 * instances on the specified network.
 */
public data class FirewallArgs(
    public val allows: Output>? = null,
    public val denies: Output>? = null,
    public val description: Output? = null,
    public val destinationRanges: Output>? = null,
    public val direction: Output? = null,
    public val disabled: Output? = null,
    @Deprecated(
        message = """
  Deprecated in favor of log_config
  """,
    )
    public val enableLogging: Output? = null,
    public val logConfig: Output? = null,
    public val name: Output? = null,
    public val network: Output? = null,
    public val priority: Output? = null,
    public val project: Output? = null,
    public val sourceRanges: Output>? = null,
    public val sourceServiceAccounts: Output>? = null,
    public val sourceTags: Output>? = null,
    public val targetServiceAccounts: Output>? = null,
    public val targetTags: Output>? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.gcp.compute.FirewallArgs =
        com.pulumi.gcp.compute.FirewallArgs.builder()
            .allows(allows?.applyValue({ args0 -> args0.map({ args0 -> args0.let({ args0 -> args0.toJava() }) }) }))
            .denies(denies?.applyValue({ args0 -> args0.map({ args0 -> args0.let({ args0 -> args0.toJava() }) }) }))
            .description(description?.applyValue({ args0 -> args0 }))
            .destinationRanges(destinationRanges?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .direction(direction?.applyValue({ args0 -> args0 }))
            .disabled(disabled?.applyValue({ args0 -> args0 }))
            .enableLogging(enableLogging?.applyValue({ args0 -> args0 }))
            .logConfig(logConfig?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .name(name?.applyValue({ args0 -> args0 }))
            .network(network?.applyValue({ args0 -> args0 }))
            .priority(priority?.applyValue({ args0 -> args0 }))
            .project(project?.applyValue({ args0 -> args0 }))
            .sourceRanges(sourceRanges?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .sourceServiceAccounts(sourceServiceAccounts?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .sourceTags(sourceTags?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .targetServiceAccounts(targetServiceAccounts?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .targetTags(targetTags?.applyValue({ args0 -> args0.map({ args0 -> args0 }) })).build()
}

/**
 * Builder for [FirewallArgs].
 */
@PulumiTagMarker
public class FirewallArgsBuilder internal constructor() {
    private var allows: Output>? = null

    private var denies: Output>? = null

    private var description: Output? = null

    private var destinationRanges: Output>? = null

    private var direction: Output? = null

    private var disabled: Output? = null

    private var enableLogging: Output? = null

    private var logConfig: Output? = null

    private var name: Output? = null

    private var network: Output? = null

    private var priority: Output? = null

    private var project: Output? = null

    private var sourceRanges: Output>? = null

    private var sourceServiceAccounts: Output>? = null

    private var sourceTags: Output>? = null

    private var targetServiceAccounts: Output>? = null

    private var targetTags: Output>? = null

    /**
     * @param value The list of ALLOW rules specified by this firewall. Each rule
     * specifies a protocol and port-range tuple that describes a permitted
     * connection.
     * Structure is documented below.
     */
    @JvmName("bmbnbuidkdujajkq")
    public suspend fun allows(`value`: Output>) {
        this.allows = value
    }

    @JvmName("jfckgbsevocajylj")
    public suspend fun allows(vararg values: Output) {
        this.allows = Output.all(values.asList())
    }

    /**
     * @param values The list of ALLOW rules specified by this firewall. Each rule
     * specifies a protocol and port-range tuple that describes a permitted
     * connection.
     * Structure is documented below.
     */
    @JvmName("xediucneqtfxqmhv")
    public suspend fun allows(values: List>) {
        this.allows = Output.all(values)
    }

    /**
     * @param value The list of DENY rules specified by this firewall. Each rule specifies
     * a protocol and port-range tuple that describes a denied connection.
     * Structure is documented below.
     */
    @JvmName("kamptyrpeeapehct")
    public suspend fun denies(`value`: Output>) {
        this.denies = value
    }

    @JvmName("jnnwyyfivhldeety")
    public suspend fun denies(vararg values: Output) {
        this.denies = Output.all(values.asList())
    }

    /**
     * @param values The list of DENY rules specified by this firewall. Each rule specifies
     * a protocol and port-range tuple that describes a denied connection.
     * Structure is documented below.
     */
    @JvmName("pnhoxsfwijvwteaq")
    public suspend fun denies(values: List>) {
        this.denies = Output.all(values)
    }

    /**
     * @param value An optional description of this resource. Provide this property when
     * you create the resource.
     */
    @JvmName("monstqlexbjmhjnd")
    public suspend fun description(`value`: Output) {
        this.description = value
    }

    /**
     * @param value If destination ranges are specified, the firewall will apply only to
     * traffic that has destination IP address in these ranges. These ranges
     * must be expressed in CIDR format. IPv4 or IPv6 ranges are supported.
     */
    @JvmName("hvwwqjqrmdrmefvc")
    public suspend fun destinationRanges(`value`: Output>) {
        this.destinationRanges = value
    }

    @JvmName("wpcvmbdnfismlloo")
    public suspend fun destinationRanges(vararg values: Output) {
        this.destinationRanges = Output.all(values.asList())
    }

    /**
     * @param values If destination ranges are specified, the firewall will apply only to
     * traffic that has destination IP address in these ranges. These ranges
     * must be expressed in CIDR format. IPv4 or IPv6 ranges are supported.
     */
    @JvmName("sefulcipmsdlqtny")
    public suspend fun destinationRanges(values: List>) {
        this.destinationRanges = Output.all(values)
    }

    /**
     * @param value Direction of traffic to which this firewall applies; default is
     * INGRESS. Note: For INGRESS traffic, one of `source_ranges`,
     * `source_tags` or `source_service_accounts` is required.
     * Possible values are: `INGRESS`, `EGRESS`.
     */
    @JvmName("srpbgllytderelgx")
    public suspend fun direction(`value`: Output) {
        this.direction = value
    }

    /**
     * @param value Denotes whether the firewall rule is disabled, i.e not applied to the
     * network it is associated with. When set to true, the firewall rule is
     * not enforced and the network behaves as if it did not exist. If this
     * is unspecified, the firewall rule will be enabled.
     */
    @JvmName("wtirtsisppptwjjr")
    public suspend fun disabled(`value`: Output) {
        this.disabled = value
    }

    /**
     * @param value This field denotes whether to enable logging for a particular firewall rule.
     * If logging is enabled, logs will be exported to Stackdriver. Deprecated in favor of `log_config`
     */
    @Deprecated(
        message = """
  Deprecated in favor of log_config
  """,
    )
    @JvmName("sepmkvcptwvauwkk")
    public suspend fun enableLogging(`value`: Output) {
        this.enableLogging = value
    }

    /**
     * @param value This field denotes the logging options for a particular firewall rule.
     * If defined, logging is enabled, and logs will be exported to Cloud Logging.
     * Structure is documented below.
     */
    @JvmName("fqcouqkagvqeagba")
    public suspend fun logConfig(`value`: Output) {
        this.logConfig = value
    }

    /**
     * @param value Name of the resource. Provided by the client when the resource is
     * created. The name must be 1-63 characters long, and comply with
     * RFC1035. Specifically, the name must be 1-63 characters long and match
     * the regular expression `a-z?` which means the
     * first character must be a lowercase letter, and all following
     * characters must be a dash, lowercase letter, or digit, except the last
     * character, which cannot be a dash.
     */
    @JvmName("xcokntesxowrmkad")
    public suspend fun name(`value`: Output) {
        this.name = value
    }

    /**
     * @param value The name or self_link of the network to attach this firewall to.
     * - - -
     */
    @JvmName("qbtftbalickhxubk")
    public suspend fun network(`value`: Output) {
        this.network = value
    }

    /**
     * @param value Priority for this rule. This is an integer between 0 and 65535, both
     * inclusive. When not specified, the value assumed is 1000. Relative
     * priorities determine precedence of conflicting rules. Lower value of
     * priority implies higher precedence (eg, a rule with priority 0 has
     * higher precedence than a rule with priority 1). DENY rules take
     * precedence over ALLOW rules having equal priority.
     */
    @JvmName("crghvqvbjyahphjk")
    public suspend fun priority(`value`: Output) {
        this.priority = value
    }

    /**
     * @param value The ID of the project in which the resource belongs.
     * If it is not provided, the provider project is used.
     */
    @JvmName("ugttqltlhgdbtuhh")
    public suspend fun project(`value`: Output) {
        this.project = value
    }

    /**
     * @param value If source ranges are specified, the firewall will apply only to
     * traffic that has source IP address in these ranges. These ranges must
     * be expressed in CIDR format. One or both of sourceRanges and
     * sourceTags may be set. If both properties are set, the firewall will
     * apply to traffic that has source IP address within sourceRanges OR the
     * source IP that belongs to a tag listed in the sourceTags property. The
     * connection does not need to match both properties for the firewall to
     * apply. IPv4 or IPv6 ranges are supported. For INGRESS traffic, one of
     * `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("ftcqqpksemrhpdaw")
    public suspend fun sourceRanges(`value`: Output>) {
        this.sourceRanges = value
    }

    @JvmName("dlreupsmkgfkolvb")
    public suspend fun sourceRanges(vararg values: Output) {
        this.sourceRanges = Output.all(values.asList())
    }

    /**
     * @param values If source ranges are specified, the firewall will apply only to
     * traffic that has source IP address in these ranges. These ranges must
     * be expressed in CIDR format. One or both of sourceRanges and
     * sourceTags may be set. If both properties are set, the firewall will
     * apply to traffic that has source IP address within sourceRanges OR the
     * source IP that belongs to a tag listed in the sourceTags property. The
     * connection does not need to match both properties for the firewall to
     * apply. IPv4 or IPv6 ranges are supported. For INGRESS traffic, one of
     * `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("xgxlintfpdrbahhn")
    public suspend fun sourceRanges(values: List>) {
        this.sourceRanges = Output.all(values)
    }

    /**
     * @param value If source service accounts are specified, the firewall will apply only
     * to traffic originating from an instance with a service account in this
     * list. Source service accounts cannot be used to control traffic to an
     * instance's external IP address because service accounts are associated
     * with an instance, not an IP address. sourceRanges can be set at the
     * same time as sourceServiceAccounts. If both are set, the firewall will
     * apply to traffic that has source IP address within sourceRanges OR the
     * source IP belongs to an instance with service account listed in
     * sourceServiceAccount. The connection does not need to match both
     * properties for the firewall to apply. sourceServiceAccounts cannot be
     * used at the same time as sourceTags or targetTags. For INGRESS traffic,
     * one of `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("nhxrbegaepnafspx")
    public suspend fun sourceServiceAccounts(`value`: Output>) {
        this.sourceServiceAccounts = value
    }

    @JvmName("fjbqbjdftraahjsm")
    public suspend fun sourceServiceAccounts(vararg values: Output) {
        this.sourceServiceAccounts = Output.all(values.asList())
    }

    /**
     * @param values If source service accounts are specified, the firewall will apply only
     * to traffic originating from an instance with a service account in this
     * list. Source service accounts cannot be used to control traffic to an
     * instance's external IP address because service accounts are associated
     * with an instance, not an IP address. sourceRanges can be set at the
     * same time as sourceServiceAccounts. If both are set, the firewall will
     * apply to traffic that has source IP address within sourceRanges OR the
     * source IP belongs to an instance with service account listed in
     * sourceServiceAccount. The connection does not need to match both
     * properties for the firewall to apply. sourceServiceAccounts cannot be
     * used at the same time as sourceTags or targetTags. For INGRESS traffic,
     * one of `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("hptjjxhkvwdivrwe")
    public suspend fun sourceServiceAccounts(values: List>) {
        this.sourceServiceAccounts = Output.all(values)
    }

    /**
     * @param value If source tags are specified, the firewall will apply only to traffic
     * with source IP that belongs to a tag listed in source tags. Source
     * tags cannot be used to control traffic to an instance's external IP
     * address. Because tags are associated with an instance, not an IP
     * address. One or both of sourceRanges and sourceTags may be set. If
     * both properties are set, the firewall will apply to traffic that has
     * source IP address within sourceRanges OR the source IP that belongs to
     * a tag listed in the sourceTags property. The connection does not need
     * to match both properties for the firewall to apply. For INGRESS traffic,
     * one of `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("ohfbfnamqbehqhjn")
    public suspend fun sourceTags(`value`: Output>) {
        this.sourceTags = value
    }

    @JvmName("rumxdnffckjunjnp")
    public suspend fun sourceTags(vararg values: Output) {
        this.sourceTags = Output.all(values.asList())
    }

    /**
     * @param values If source tags are specified, the firewall will apply only to traffic
     * with source IP that belongs to a tag listed in source tags. Source
     * tags cannot be used to control traffic to an instance's external IP
     * address. Because tags are associated with an instance, not an IP
     * address. One or both of sourceRanges and sourceTags may be set. If
     * both properties are set, the firewall will apply to traffic that has
     * source IP address within sourceRanges OR the source IP that belongs to
     * a tag listed in the sourceTags property. The connection does not need
     * to match both properties for the firewall to apply. For INGRESS traffic,
     * one of `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("drnmbsbluvrnuuia")
    public suspend fun sourceTags(values: List>) {
        this.sourceTags = Output.all(values)
    }

    /**
     * @param value A list of service accounts indicating sets of instances located in the
     * network that may make network connections as specified in allowed[].
     * targetServiceAccounts cannot be used at the same time as targetTags or
     * sourceTags. If neither targetServiceAccounts nor targetTags are
     * specified, the firewall rule applies to all instances on the specified
     * network.
     */
    @JvmName("bryvwxgbpvfixrvw")
    public suspend fun targetServiceAccounts(`value`: Output>) {
        this.targetServiceAccounts = value
    }

    @JvmName("cvbffwcwouuloblo")
    public suspend fun targetServiceAccounts(vararg values: Output) {
        this.targetServiceAccounts = Output.all(values.asList())
    }

    /**
     * @param values A list of service accounts indicating sets of instances located in the
     * network that may make network connections as specified in allowed[].
     * targetServiceAccounts cannot be used at the same time as targetTags or
     * sourceTags. If neither targetServiceAccounts nor targetTags are
     * specified, the firewall rule applies to all instances on the specified
     * network.
     */
    @JvmName("vilnqfrvamtqumkg")
    public suspend fun targetServiceAccounts(values: List>) {
        this.targetServiceAccounts = Output.all(values)
    }

    /**
     * @param value A list of instance tags indicating sets of instances located in the
     * network that may make network connections as specified in allowed[].
     * If no targetTags are specified, the firewall rule applies to all
     * instances on the specified network.
     */
    @JvmName("ywxwjokcnxuiqofu")
    public suspend fun targetTags(`value`: Output>) {
        this.targetTags = value
    }

    @JvmName("qhgjtscpuybuedct")
    public suspend fun targetTags(vararg values: Output) {
        this.targetTags = Output.all(values.asList())
    }

    /**
     * @param values A list of instance tags indicating sets of instances located in the
     * network that may make network connections as specified in allowed[].
     * If no targetTags are specified, the firewall rule applies to all
     * instances on the specified network.
     */
    @JvmName("iitpmsfcrujhumso")
    public suspend fun targetTags(values: List>) {
        this.targetTags = Output.all(values)
    }

    /**
     * @param value The list of ALLOW rules specified by this firewall. Each rule
     * specifies a protocol and port-range tuple that describes a permitted
     * connection.
     * Structure is documented below.
     */
    @JvmName("xcppvrhgworfafoq")
    public suspend fun allows(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.allows = mapped
    }

    /**
     * @param argument The list of ALLOW rules specified by this firewall. Each rule
     * specifies a protocol and port-range tuple that describes a permitted
     * connection.
     * Structure is documented below.
     */
    @JvmName("tlfagtijemrgmljt")
    public suspend fun allows(argument: List Unit>) {
        val toBeMapped = argument.toList().map {
            FirewallAllowArgsBuilder().applySuspend { it() }.build()
        }
        val mapped = of(toBeMapped)
        this.allows = mapped
    }

    /**
     * @param argument The list of ALLOW rules specified by this firewall. Each rule
     * specifies a protocol and port-range tuple that describes a permitted
     * connection.
     * Structure is documented below.
     */
    @JvmName("beqprpiamwftodvr")
    public suspend fun allows(vararg argument: suspend FirewallAllowArgsBuilder.() -> Unit) {
        val toBeMapped = argument.toList().map {
            FirewallAllowArgsBuilder().applySuspend { it() }.build()
        }
        val mapped = of(toBeMapped)
        this.allows = mapped
    }

    /**
     * @param argument The list of ALLOW rules specified by this firewall. Each rule
     * specifies a protocol and port-range tuple that describes a permitted
     * connection.
     * Structure is documented below.
     */
    @JvmName("uxubdjeeshjiaqox")
    public suspend fun allows(argument: suspend FirewallAllowArgsBuilder.() -> Unit) {
        val toBeMapped = listOf(FirewallAllowArgsBuilder().applySuspend { argument() }.build())
        val mapped = of(toBeMapped)
        this.allows = mapped
    }

    /**
     * @param values The list of ALLOW rules specified by this firewall. Each rule
     * specifies a protocol and port-range tuple that describes a permitted
     * connection.
     * Structure is documented below.
     */
    @JvmName("kbmkvovxspwkiwut")
    public suspend fun allows(vararg values: FirewallAllowArgs) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.allows = mapped
    }

    /**
     * @param value The list of DENY rules specified by this firewall. Each rule specifies
     * a protocol and port-range tuple that describes a denied connection.
     * Structure is documented below.
     */
    @JvmName("ljyjtiowdwfetndh")
    public suspend fun denies(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.denies = mapped
    }

    /**
     * @param argument The list of DENY rules specified by this firewall. Each rule specifies
     * a protocol and port-range tuple that describes a denied connection.
     * Structure is documented below.
     */
    @JvmName("mvbcyaqrsswylguw")
    public suspend fun denies(argument: List Unit>) {
        val toBeMapped = argument.toList().map {
            FirewallDenyArgsBuilder().applySuspend { it() }.build()
        }
        val mapped = of(toBeMapped)
        this.denies = mapped
    }

    /**
     * @param argument The list of DENY rules specified by this firewall. Each rule specifies
     * a protocol and port-range tuple that describes a denied connection.
     * Structure is documented below.
     */
    @JvmName("dpvwwnifcslsncdh")
    public suspend fun denies(vararg argument: suspend FirewallDenyArgsBuilder.() -> Unit) {
        val toBeMapped = argument.toList().map {
            FirewallDenyArgsBuilder().applySuspend { it() }.build()
        }
        val mapped = of(toBeMapped)
        this.denies = mapped
    }

    /**
     * @param argument The list of DENY rules specified by this firewall. Each rule specifies
     * a protocol and port-range tuple that describes a denied connection.
     * Structure is documented below.
     */
    @JvmName("jvdfsgrwrojwnwlf")
    public suspend fun denies(argument: suspend FirewallDenyArgsBuilder.() -> Unit) {
        val toBeMapped = listOf(FirewallDenyArgsBuilder().applySuspend { argument() }.build())
        val mapped = of(toBeMapped)
        this.denies = mapped
    }

    /**
     * @param values The list of DENY rules specified by this firewall. Each rule specifies
     * a protocol and port-range tuple that describes a denied connection.
     * Structure is documented below.
     */
    @JvmName("ohtpyfjjguahgawk")
    public suspend fun denies(vararg values: FirewallDenyArgs) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.denies = mapped
    }

    /**
     * @param value An optional description of this resource. Provide this property when
     * you create the resource.
     */
    @JvmName("pjiaacnqqdanjren")
    public suspend fun description(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.description = mapped
    }

    /**
     * @param value If destination ranges are specified, the firewall will apply only to
     * traffic that has destination IP address in these ranges. These ranges
     * must be expressed in CIDR format. IPv4 or IPv6 ranges are supported.
     */
    @JvmName("dnwwttbbvmcvcamp")
    public suspend fun destinationRanges(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.destinationRanges = mapped
    }

    /**
     * @param values If destination ranges are specified, the firewall will apply only to
     * traffic that has destination IP address in these ranges. These ranges
     * must be expressed in CIDR format. IPv4 or IPv6 ranges are supported.
     */
    @JvmName("wmynmhurenqbdxha")
    public suspend fun destinationRanges(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.destinationRanges = mapped
    }

    /**
     * @param value Direction of traffic to which this firewall applies; default is
     * INGRESS. Note: For INGRESS traffic, one of `source_ranges`,
     * `source_tags` or `source_service_accounts` is required.
     * Possible values are: `INGRESS`, `EGRESS`.
     */
    @JvmName("gadkkrpktrlijxly")
    public suspend fun direction(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.direction = mapped
    }

    /**
     * @param value Denotes whether the firewall rule is disabled, i.e not applied to the
     * network it is associated with. When set to true, the firewall rule is
     * not enforced and the network behaves as if it did not exist. If this
     * is unspecified, the firewall rule will be enabled.
     */
    @JvmName("diuxalptwejjavjr")
    public suspend fun disabled(`value`: Boolean?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.disabled = mapped
    }

    /**
     * @param value This field denotes whether to enable logging for a particular firewall rule.
     * If logging is enabled, logs will be exported to Stackdriver. Deprecated in favor of `log_config`
     */
    @Deprecated(
        message = """
  Deprecated in favor of log_config
  """,
    )
    @JvmName("pkeapekoelqnwwjo")
    public suspend fun enableLogging(`value`: Boolean?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.enableLogging = mapped
    }

    /**
     * @param value This field denotes the logging options for a particular firewall rule.
     * If defined, logging is enabled, and logs will be exported to Cloud Logging.
     * Structure is documented below.
     */
    @JvmName("tmlyrywnqswxmayn")
    public suspend fun logConfig(`value`: FirewallLogConfigArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.logConfig = mapped
    }

    /**
     * @param argument This field denotes the logging options for a particular firewall rule.
     * If defined, logging is enabled, and logs will be exported to Cloud Logging.
     * Structure is documented below.
     */
    @JvmName("kmbqrxhafynlwssm")
    public suspend fun logConfig(argument: suspend FirewallLogConfigArgsBuilder.() -> Unit) {
        val toBeMapped = FirewallLogConfigArgsBuilder().applySuspend { argument() }.build()
        val mapped = of(toBeMapped)
        this.logConfig = mapped
    }

    /**
     * @param value Name of the resource. Provided by the client when the resource is
     * created. The name must be 1-63 characters long, and comply with
     * RFC1035. Specifically, the name must be 1-63 characters long and match
     * the regular expression `a-z?` which means the
     * first character must be a lowercase letter, and all following
     * characters must be a dash, lowercase letter, or digit, except the last
     * character, which cannot be a dash.
     */
    @JvmName("rcfdlobhhnkybwor")
    public suspend fun name(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.name = mapped
    }

    /**
     * @param value The name or self_link of the network to attach this firewall to.
     * - - -
     */
    @JvmName("hhujbvbjyxbqlhjb")
    public suspend fun network(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.network = mapped
    }

    /**
     * @param value Priority for this rule. This is an integer between 0 and 65535, both
     * inclusive. When not specified, the value assumed is 1000. Relative
     * priorities determine precedence of conflicting rules. Lower value of
     * priority implies higher precedence (eg, a rule with priority 0 has
     * higher precedence than a rule with priority 1). DENY rules take
     * precedence over ALLOW rules having equal priority.
     */
    @JvmName("iffsxkguvenyduuu")
    public suspend fun priority(`value`: Int?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.priority = mapped
    }

    /**
     * @param value The ID of the project in which the resource belongs.
     * If it is not provided, the provider project is used.
     */
    @JvmName("cfwffhmpamnhqtgh")
    public suspend fun project(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.project = mapped
    }

    /**
     * @param value If source ranges are specified, the firewall will apply only to
     * traffic that has source IP address in these ranges. These ranges must
     * be expressed in CIDR format. One or both of sourceRanges and
     * sourceTags may be set. If both properties are set, the firewall will
     * apply to traffic that has source IP address within sourceRanges OR the
     * source IP that belongs to a tag listed in the sourceTags property. The
     * connection does not need to match both properties for the firewall to
     * apply. IPv4 or IPv6 ranges are supported. For INGRESS traffic, one of
     * `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("uivnenfajsgxsbps")
    public suspend fun sourceRanges(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.sourceRanges = mapped
    }

    /**
     * @param values If source ranges are specified, the firewall will apply only to
     * traffic that has source IP address in these ranges. These ranges must
     * be expressed in CIDR format. One or both of sourceRanges and
     * sourceTags may be set. If both properties are set, the firewall will
     * apply to traffic that has source IP address within sourceRanges OR the
     * source IP that belongs to a tag listed in the sourceTags property. The
     * connection does not need to match both properties for the firewall to
     * apply. IPv4 or IPv6 ranges are supported. For INGRESS traffic, one of
     * `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("gtdoyiqbupwmjash")
    public suspend fun sourceRanges(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.sourceRanges = mapped
    }

    /**
     * @param value If source service accounts are specified, the firewall will apply only
     * to traffic originating from an instance with a service account in this
     * list. Source service accounts cannot be used to control traffic to an
     * instance's external IP address because service accounts are associated
     * with an instance, not an IP address. sourceRanges can be set at the
     * same time as sourceServiceAccounts. If both are set, the firewall will
     * apply to traffic that has source IP address within sourceRanges OR the
     * source IP belongs to an instance with service account listed in
     * sourceServiceAccount. The connection does not need to match both
     * properties for the firewall to apply. sourceServiceAccounts cannot be
     * used at the same time as sourceTags or targetTags. For INGRESS traffic,
     * one of `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("xkvimhcicawqktfh")
    public suspend fun sourceServiceAccounts(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.sourceServiceAccounts = mapped
    }

    /**
     * @param values If source service accounts are specified, the firewall will apply only
     * to traffic originating from an instance with a service account in this
     * list. Source service accounts cannot be used to control traffic to an
     * instance's external IP address because service accounts are associated
     * with an instance, not an IP address. sourceRanges can be set at the
     * same time as sourceServiceAccounts. If both are set, the firewall will
     * apply to traffic that has source IP address within sourceRanges OR the
     * source IP belongs to an instance with service account listed in
     * sourceServiceAccount. The connection does not need to match both
     * properties for the firewall to apply. sourceServiceAccounts cannot be
     * used at the same time as sourceTags or targetTags. For INGRESS traffic,
     * one of `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("qjthsideouidmkmf")
    public suspend fun sourceServiceAccounts(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.sourceServiceAccounts = mapped
    }

    /**
     * @param value If source tags are specified, the firewall will apply only to traffic
     * with source IP that belongs to a tag listed in source tags. Source
     * tags cannot be used to control traffic to an instance's external IP
     * address. Because tags are associated with an instance, not an IP
     * address. One or both of sourceRanges and sourceTags may be set. If
     * both properties are set, the firewall will apply to traffic that has
     * source IP address within sourceRanges OR the source IP that belongs to
     * a tag listed in the sourceTags property. The connection does not need
     * to match both properties for the firewall to apply. For INGRESS traffic,
     * one of `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("nwetfdshjugqqtbi")
    public suspend fun sourceTags(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.sourceTags = mapped
    }

    /**
     * @param values If source tags are specified, the firewall will apply only to traffic
     * with source IP that belongs to a tag listed in source tags. Source
     * tags cannot be used to control traffic to an instance's external IP
     * address. Because tags are associated with an instance, not an IP
     * address. One or both of sourceRanges and sourceTags may be set. If
     * both properties are set, the firewall will apply to traffic that has
     * source IP address within sourceRanges OR the source IP that belongs to
     * a tag listed in the sourceTags property. The connection does not need
     * to match both properties for the firewall to apply. For INGRESS traffic,
     * one of `source_ranges`, `source_tags` or `source_service_accounts` is required.
     */
    @JvmName("poppsffyiwlrddyu")
    public suspend fun sourceTags(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.sourceTags = mapped
    }

    /**
     * @param value A list of service accounts indicating sets of instances located in the
     * network that may make network connections as specified in allowed[].
     * targetServiceAccounts cannot be used at the same time as targetTags or
     * sourceTags. If neither targetServiceAccounts nor targetTags are
     * specified, the firewall rule applies to all instances on the specified
     * network.
     */
    @JvmName("jbfgmvcqrpevwjuf")
    public suspend fun targetServiceAccounts(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.targetServiceAccounts = mapped
    }

    /**
     * @param values A list of service accounts indicating sets of instances located in the
     * network that may make network connections as specified in allowed[].
     * targetServiceAccounts cannot be used at the same time as targetTags or
     * sourceTags. If neither targetServiceAccounts nor targetTags are
     * specified, the firewall rule applies to all instances on the specified
     * network.
     */
    @JvmName("lxrymxkvwshrxoaw")
    public suspend fun targetServiceAccounts(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.targetServiceAccounts = mapped
    }

    /**
     * @param value A list of instance tags indicating sets of instances located in the
     * network that may make network connections as specified in allowed[].
     * If no targetTags are specified, the firewall rule applies to all
     * instances on the specified network.
     */
    @JvmName("ecbrwwnoikeflpga")
    public suspend fun targetTags(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.targetTags = mapped
    }

    /**
     * @param values A list of instance tags indicating sets of instances located in the
     * network that may make network connections as specified in allowed[].
     * If no targetTags are specified, the firewall rule applies to all
     * instances on the specified network.
     */
    @JvmName("yscvwdfpoyltsbbp")
    public suspend fun targetTags(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.targetTags = mapped
    }

    internal fun build(): FirewallArgs = FirewallArgs(
        allows = allows,
        denies = denies,
        description = description,
        destinationRanges = destinationRanges,
        direction = direction,
        disabled = disabled,
        enableLogging = enableLogging,
        logConfig = logConfig,
        name = name,
        network = network,
        priority = priority,
        project = project,
        sourceRanges = sourceRanges,
        sourceServiceAccounts = sourceServiceAccounts,
        sourceTags = sourceTags,
        targetServiceAccounts = targetServiceAccounts,
        targetTags = targetTags,
    )
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy