com.pulumi.gcp.compute.kotlin.OrganizationSecurityPolicyAssociation.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.compute.kotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
/**
* Builder for [OrganizationSecurityPolicyAssociation].
*/
@PulumiTagMarker
public class OrganizationSecurityPolicyAssociationResourceBuilder internal constructor() {
public var name: String? = null
public var args: OrganizationSecurityPolicyAssociationArgs =
OrganizationSecurityPolicyAssociationArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend OrganizationSecurityPolicyAssociationArgsBuilder.() -> Unit) {
val builder = OrganizationSecurityPolicyAssociationArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): OrganizationSecurityPolicyAssociation {
val builtJavaResource =
com.pulumi.gcp.compute.OrganizationSecurityPolicyAssociation(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return OrganizationSecurityPolicyAssociation(builtJavaResource)
}
}
/**
* An association for the OrganizationSecurityPolicy.
* To get more information about OrganizationSecurityPolicyAssociation, see:
* * [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies/addAssociation)
* * How-to Guides
* * [Associating a policy with the organization or folder](https://cloud.google.com/vpc/docs/using-firewall-policies#associate)
* ## Example Usage
* ### Organization Security Policy Association Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const securityPolicyTarget = new gcp.organizations.Folder("security_policy_target", {
* displayName: "tf-test-secpol",
* parent: "organizations/123456789",
* });
* const policy = new gcp.compute.OrganizationSecurityPolicy("policy", {
* displayName: "tf-test",
* parent: securityPolicyTarget.name,
* });
* const policyOrganizationSecurityPolicyRule = new gcp.compute.OrganizationSecurityPolicyRule("policy", {
* policyId: policy.id,
* action: "allow",
* direction: "INGRESS",
* enableLogging: true,
* match: {
* config: {
* srcIpRanges: [
* "192.168.0.0/16",
* "10.0.0.0/8",
* ],
* layer4Configs: [
* {
* ipProtocol: "tcp",
* ports: ["22"],
* },
* {
* ipProtocol: "icmp",
* },
* ],
* },
* },
* priority: 100,
* });
* const policyOrganizationSecurityPolicyAssociation = new gcp.compute.OrganizationSecurityPolicyAssociation("policy", {
* name: "tf-test",
* attachmentId: policy.parent,
* policyId: policy.id,
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* security_policy_target = gcp.organizations.Folder("security_policy_target",
* display_name="tf-test-secpol",
* parent="organizations/123456789")
* policy = gcp.compute.OrganizationSecurityPolicy("policy",
* display_name="tf-test",
* parent=security_policy_target.name)
* policy_organization_security_policy_rule = gcp.compute.OrganizationSecurityPolicyRule("policy",
* policy_id=policy.id,
* action="allow",
* direction="INGRESS",
* enable_logging=True,
* match=gcp.compute.OrganizationSecurityPolicyRuleMatchArgs(
* config=gcp.compute.OrganizationSecurityPolicyRuleMatchConfigArgs(
* src_ip_ranges=[
* "192.168.0.0/16",
* "10.0.0.0/8",
* ],
* layer4_configs=[
* gcp.compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs(
* ip_protocol="tcp",
* ports=["22"],
* ),
* gcp.compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs(
* ip_protocol="icmp",
* ),
* ],
* ),
* ),
* priority=100)
* policy_organization_security_policy_association = gcp.compute.OrganizationSecurityPolicyAssociation("policy",
* name="tf-test",
* attachment_id=policy.parent,
* policy_id=policy.id)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var securityPolicyTarget = new Gcp.Organizations.Folder("security_policy_target", new()
* {
* DisplayName = "tf-test-secpol",
* Parent = "organizations/123456789",
* });
* var policy = new Gcp.Compute.OrganizationSecurityPolicy("policy", new()
* {
* DisplayName = "tf-test",
* Parent = securityPolicyTarget.Name,
* });
* var policyOrganizationSecurityPolicyRule = new Gcp.Compute.OrganizationSecurityPolicyRule("policy", new()
* {
* PolicyId = policy.Id,
* Action = "allow",
* Direction = "INGRESS",
* EnableLogging = true,
* Match = new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchArgs
* {
* Config = new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchConfigArgs
* {
* SrcIpRanges = new[]
* {
* "192.168.0.0/16",
* "10.0.0.0/8",
* },
* Layer4Configs = new[]
* {
* new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs
* {
* IpProtocol = "tcp",
* Ports = new[]
* {
* "22",
* },
* },
* new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs
* {
* IpProtocol = "icmp",
* },
* },
* },
* },
* Priority = 100,
* });
* var policyOrganizationSecurityPolicyAssociation = new Gcp.Compute.OrganizationSecurityPolicyAssociation("policy", new()
* {
* Name = "tf-test",
* AttachmentId = policy.Parent,
* PolicyId = policy.Id,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* securityPolicyTarget, err := organizations.NewFolder(ctx, "security_policy_target", &organizations.FolderArgs{
* DisplayName: pulumi.String("tf-test-secpol"),
* Parent: pulumi.String("organizations/123456789"),
* })
* if err != nil {
* return err
* }
* policy, err := compute.NewOrganizationSecurityPolicy(ctx, "policy", &compute.OrganizationSecurityPolicyArgs{
* DisplayName: pulumi.String("tf-test"),
* Parent: securityPolicyTarget.Name,
* })
* if err != nil {
* return err
* }
* _, err = compute.NewOrganizationSecurityPolicyRule(ctx, "policy", &compute.OrganizationSecurityPolicyRuleArgs{
* PolicyId: policy.ID(),
* Action: pulumi.String("allow"),
* Direction: pulumi.String("INGRESS"),
* EnableLogging: pulumi.Bool(true),
* Match: &compute.OrganizationSecurityPolicyRuleMatchArgs{
* Config: &compute.OrganizationSecurityPolicyRuleMatchConfigArgs{
* SrcIpRanges: pulumi.StringArray{
* pulumi.String("192.168.0.0/16"),
* pulumi.String("10.0.0.0/8"),
* },
* Layer4Configs: compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArray{
* &compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs{
* IpProtocol: pulumi.String("tcp"),
* Ports: pulumi.StringArray{
* pulumi.String("22"),
* },
* },
* &compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs{
* IpProtocol: pulumi.String("icmp"),
* },
* },
* },
* },
* Priority: pulumi.Int(100),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewOrganizationSecurityPolicyAssociation(ctx, "policy", &compute.OrganizationSecurityPolicyAssociationArgs{
* Name: pulumi.String("tf-test"),
* AttachmentId: policy.Parent,
* PolicyId: policy.ID(),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.organizations.Folder;
* import com.pulumi.gcp.organizations.FolderArgs;
* import com.pulumi.gcp.compute.OrganizationSecurityPolicy;
* import com.pulumi.gcp.compute.OrganizationSecurityPolicyArgs;
* import com.pulumi.gcp.compute.OrganizationSecurityPolicyRule;
* import com.pulumi.gcp.compute.OrganizationSecurityPolicyRuleArgs;
* import com.pulumi.gcp.compute.inputs.OrganizationSecurityPolicyRuleMatchArgs;
* import com.pulumi.gcp.compute.inputs.OrganizationSecurityPolicyRuleMatchConfigArgs;
* import com.pulumi.gcp.compute.OrganizationSecurityPolicyAssociation;
* import com.pulumi.gcp.compute.OrganizationSecurityPolicyAssociationArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var securityPolicyTarget = new Folder("securityPolicyTarget", FolderArgs.builder()
* .displayName("tf-test-secpol")
* .parent("organizations/123456789")
* .build());
* var policy = new OrganizationSecurityPolicy("policy", OrganizationSecurityPolicyArgs.builder()
* .displayName("tf-test")
* .parent(securityPolicyTarget.name())
* .build());
* var policyOrganizationSecurityPolicyRule = new OrganizationSecurityPolicyRule("policyOrganizationSecurityPolicyRule", OrganizationSecurityPolicyRuleArgs.builder()
* .policyId(policy.id())
* .action("allow")
* .direction("INGRESS")
* .enableLogging(true)
* .match(OrganizationSecurityPolicyRuleMatchArgs.builder()
* .config(OrganizationSecurityPolicyRuleMatchConfigArgs.builder()
* .srcIpRanges(
* "192.168.0.0/16",
* "10.0.0.0/8")
* .layer4Configs(
* OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs.builder()
* .ipProtocol("tcp")
* .ports("22")
* .build(),
* OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs.builder()
* .ipProtocol("icmp")
* .build())
* .build())
* .build())
* .priority(100)
* .build());
* var policyOrganizationSecurityPolicyAssociation = new OrganizationSecurityPolicyAssociation("policyOrganizationSecurityPolicyAssociation", OrganizationSecurityPolicyAssociationArgs.builder()
* .name("tf-test")
* .attachmentId(policy.parent())
* .policyId(policy.id())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* securityPolicyTarget:
* type: gcp:organizations:Folder
* name: security_policy_target
* properties:
* displayName: tf-test-secpol
* parent: organizations/123456789
* policy:
* type: gcp:compute:OrganizationSecurityPolicy
* properties:
* displayName: tf-test
* parent: ${securityPolicyTarget.name}
* policyOrganizationSecurityPolicyRule:
* type: gcp:compute:OrganizationSecurityPolicyRule
* name: policy
* properties:
* policyId: ${policy.id}
* action: allow
* direction: INGRESS
* enableLogging: true
* match:
* config:
* srcIpRanges:
* - 192.168.0.0/16
* - 10.0.0.0/8
* layer4Configs:
* - ipProtocol: tcp
* ports:
* - '22'
* - ipProtocol: icmp
* priority: 100
* policyOrganizationSecurityPolicyAssociation:
* type: gcp:compute:OrganizationSecurityPolicyAssociation
* name: policy
* properties:
* name: tf-test
* attachmentId: ${policy.parent}
* policyId: ${policy.id}
* ```
*
* ## Import
* OrganizationSecurityPolicyAssociation can be imported using any of these accepted formats:
* * `{{policy_id}}/association/{{name}}`
* When using the `pulumi import` command, OrganizationSecurityPolicyAssociation can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:compute/organizationSecurityPolicyAssociation:OrganizationSecurityPolicyAssociation default {{policy_id}}/association/{{name}}
* ```
*/
public class OrganizationSecurityPolicyAssociation internal constructor(
override val javaResource: com.pulumi.gcp.compute.OrganizationSecurityPolicyAssociation,
) : KotlinCustomResource(javaResource, OrganizationSecurityPolicyAssociationMapper) {
/**
* The resource that the security policy is attached to.
*/
public val attachmentId: Output
get() = javaResource.attachmentId().applyValue({ args0 -> args0 })
/**
* The display name of the security policy of the association.
*/
public val displayName: Output
get() = javaResource.displayName().applyValue({ args0 -> args0 })
/**
* The name for an association.
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
/**
* The security policy ID of the association.
* - - -
*/
public val policyId: Output
get() = javaResource.policyId().applyValue({ args0 -> args0 })
}
public object OrganizationSecurityPolicyAssociationMapper :
ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.gcp.compute.OrganizationSecurityPolicyAssociation::class == javaResource::class
override fun map(javaResource: Resource): OrganizationSecurityPolicyAssociation =
OrganizationSecurityPolicyAssociation(
javaResource as
com.pulumi.gcp.compute.OrganizationSecurityPolicyAssociation,
)
}
/**
* @see [OrganizationSecurityPolicyAssociation].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [OrganizationSecurityPolicyAssociation].
*/
public suspend fun organizationSecurityPolicyAssociation(
name: String,
block: suspend OrganizationSecurityPolicyAssociationResourceBuilder.() -> Unit,
): OrganizationSecurityPolicyAssociation {
val builder = OrganizationSecurityPolicyAssociationResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [OrganizationSecurityPolicyAssociation].
* @param name The _unique_ name of the resulting resource.
*/
public fun organizationSecurityPolicyAssociation(name: String): OrganizationSecurityPolicyAssociation {
val builder = OrganizationSecurityPolicyAssociationResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy