com.pulumi.gcp.compute.kotlin.OrganizationSecurityPolicyRule.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.compute.kotlin
import com.pulumi.core.Output
import com.pulumi.gcp.compute.kotlin.outputs.OrganizationSecurityPolicyRuleMatch
import com.pulumi.gcp.compute.kotlin.outputs.OrganizationSecurityPolicyRuleMatch.Companion.toKotlin
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
/**
* Builder for [OrganizationSecurityPolicyRule].
*/
@PulumiTagMarker
public class OrganizationSecurityPolicyRuleResourceBuilder internal constructor() {
public var name: String? = null
public var args: OrganizationSecurityPolicyRuleArgs = OrganizationSecurityPolicyRuleArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend OrganizationSecurityPolicyRuleArgsBuilder.() -> Unit) {
val builder = OrganizationSecurityPolicyRuleArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): OrganizationSecurityPolicyRule {
val builtJavaResource =
com.pulumi.gcp.compute.OrganizationSecurityPolicyRule(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return OrganizationSecurityPolicyRule(builtJavaResource)
}
}
/**
* A rule for the OrganizationSecurityPolicy.
* To get more information about OrganizationSecurityPolicyRule, see:
* * [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies/addRule)
* * How-to Guides
* * [Creating firewall rules](https://cloud.google.com/vpc/docs/using-firewall-policies#create-rules)
* ## Example Usage
* ### Organization Security Policy Rule Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const policy = new gcp.compute.OrganizationSecurityPolicy("policy", {
* displayName: "tf-test",
* parent: "organizations/123456789",
* });
* const policyOrganizationSecurityPolicyRule = new gcp.compute.OrganizationSecurityPolicyRule("policy", {
* policyId: policy.id,
* action: "allow",
* direction: "INGRESS",
* enableLogging: true,
* match: {
* config: {
* srcIpRanges: [
* "192.168.0.0/16",
* "10.0.0.0/8",
* ],
* layer4Configs: [
* {
* ipProtocol: "tcp",
* ports: ["22"],
* },
* {
* ipProtocol: "icmp",
* },
* ],
* },
* },
* priority: 100,
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* policy = gcp.compute.OrganizationSecurityPolicy("policy",
* display_name="tf-test",
* parent="organizations/123456789")
* policy_organization_security_policy_rule = gcp.compute.OrganizationSecurityPolicyRule("policy",
* policy_id=policy.id,
* action="allow",
* direction="INGRESS",
* enable_logging=True,
* match=gcp.compute.OrganizationSecurityPolicyRuleMatchArgs(
* config=gcp.compute.OrganizationSecurityPolicyRuleMatchConfigArgs(
* src_ip_ranges=[
* "192.168.0.0/16",
* "10.0.0.0/8",
* ],
* layer4_configs=[
* gcp.compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs(
* ip_protocol="tcp",
* ports=["22"],
* ),
* gcp.compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs(
* ip_protocol="icmp",
* ),
* ],
* ),
* ),
* priority=100)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var policy = new Gcp.Compute.OrganizationSecurityPolicy("policy", new()
* {
* DisplayName = "tf-test",
* Parent = "organizations/123456789",
* });
* var policyOrganizationSecurityPolicyRule = new Gcp.Compute.OrganizationSecurityPolicyRule("policy", new()
* {
* PolicyId = policy.Id,
* Action = "allow",
* Direction = "INGRESS",
* EnableLogging = true,
* Match = new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchArgs
* {
* Config = new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchConfigArgs
* {
* SrcIpRanges = new[]
* {
* "192.168.0.0/16",
* "10.0.0.0/8",
* },
* Layer4Configs = new[]
* {
* new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs
* {
* IpProtocol = "tcp",
* Ports = new[]
* {
* "22",
* },
* },
* new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs
* {
* IpProtocol = "icmp",
* },
* },
* },
* },
* Priority = 100,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* policy, err := compute.NewOrganizationSecurityPolicy(ctx, "policy", &compute.OrganizationSecurityPolicyArgs{
* DisplayName: pulumi.String("tf-test"),
* Parent: pulumi.String("organizations/123456789"),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewOrganizationSecurityPolicyRule(ctx, "policy", &compute.OrganizationSecurityPolicyRuleArgs{
* PolicyId: policy.ID(),
* Action: pulumi.String("allow"),
* Direction: pulumi.String("INGRESS"),
* EnableLogging: pulumi.Bool(true),
* Match: &compute.OrganizationSecurityPolicyRuleMatchArgs{
* Config: &compute.OrganizationSecurityPolicyRuleMatchConfigArgs{
* SrcIpRanges: pulumi.StringArray{
* pulumi.String("192.168.0.0/16"),
* pulumi.String("10.0.0.0/8"),
* },
* Layer4Configs: compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArray{
* &compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs{
* IpProtocol: pulumi.String("tcp"),
* Ports: pulumi.StringArray{
* pulumi.String("22"),
* },
* },
* &compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs{
* IpProtocol: pulumi.String("icmp"),
* },
* },
* },
* },
* Priority: pulumi.Int(100),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.OrganizationSecurityPolicy;
* import com.pulumi.gcp.compute.OrganizationSecurityPolicyArgs;
* import com.pulumi.gcp.compute.OrganizationSecurityPolicyRule;
* import com.pulumi.gcp.compute.OrganizationSecurityPolicyRuleArgs;
* import com.pulumi.gcp.compute.inputs.OrganizationSecurityPolicyRuleMatchArgs;
* import com.pulumi.gcp.compute.inputs.OrganizationSecurityPolicyRuleMatchConfigArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var policy = new OrganizationSecurityPolicy("policy", OrganizationSecurityPolicyArgs.builder()
* .displayName("tf-test")
* .parent("organizations/123456789")
* .build());
* var policyOrganizationSecurityPolicyRule = new OrganizationSecurityPolicyRule("policyOrganizationSecurityPolicyRule", OrganizationSecurityPolicyRuleArgs.builder()
* .policyId(policy.id())
* .action("allow")
* .direction("INGRESS")
* .enableLogging(true)
* .match(OrganizationSecurityPolicyRuleMatchArgs.builder()
* .config(OrganizationSecurityPolicyRuleMatchConfigArgs.builder()
* .srcIpRanges(
* "192.168.0.0/16",
* "10.0.0.0/8")
* .layer4Configs(
* OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs.builder()
* .ipProtocol("tcp")
* .ports("22")
* .build(),
* OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs.builder()
* .ipProtocol("icmp")
* .build())
* .build())
* .build())
* .priority(100)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* policy:
* type: gcp:compute:OrganizationSecurityPolicy
* properties:
* displayName: tf-test
* parent: organizations/123456789
* policyOrganizationSecurityPolicyRule:
* type: gcp:compute:OrganizationSecurityPolicyRule
* name: policy
* properties:
* policyId: ${policy.id}
* action: allow
* direction: INGRESS
* enableLogging: true
* match:
* config:
* srcIpRanges:
* - 192.168.0.0/16
* - 10.0.0.0/8
* layer4Configs:
* - ipProtocol: tcp
* ports:
* - '22'
* - ipProtocol: icmp
* priority: 100
* ```
*
* ## Import
* OrganizationSecurityPolicyRule can be imported using any of these accepted formats:
* * `{{policy_id}}/priority/{{priority}}`
* When using the `pulumi import` command, OrganizationSecurityPolicyRule can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:compute/organizationSecurityPolicyRule:OrganizationSecurityPolicyRule default {{policy_id}}/priority/{{priority}}
* ```
*/
public class OrganizationSecurityPolicyRule internal constructor(
override val javaResource: com.pulumi.gcp.compute.OrganizationSecurityPolicyRule,
) : KotlinCustomResource(javaResource, OrganizationSecurityPolicyRuleMapper) {
/**
* The Action to perform when the client connection triggers the rule. Can currently be either
* "allow", "deny" or "goto_next".
*/
public val action: Output
get() = javaResource.action().applyValue({ args0 -> args0 })
/**
* A description of the rule.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The direction in which this rule applies. If unspecified an INGRESS rule is created. Possible values: ["INGRESS",
* "EGRESS"]
*/
public val direction: Output?
get() = javaResource.direction().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured
* export destination in Stackdriver.
*/
public val enableLogging: Output?
get() = javaResource.enableLogging().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
* Structure is documented below.
*/
public val match: Output
get() = javaResource.match().applyValue({ args0 -> args0.let({ args0 -> toKotlin(args0) }) })
/**
* The ID of the OrganizationSecurityPolicy this rule applies to.
*/
public val policyId: Output
get() = javaResource.policyId().applyValue({ args0 -> args0 })
/**
* If set to true, the specified action is not enforced.
*/
public val preview: Output?
get() = javaResource.preview().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* An integer indicating the priority of a rule in the list. The priority must be a value
* between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the
* highest priority and 2147483647 is the lowest prority.
*/
public val priority: Output
get() = javaResource.priority().applyValue({ args0 -> args0 })
/**
* A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get
* this rule. If this field is left blank, all VMs within the organization will receive the rule.
*/
public val targetResources: Output>?
get() = javaResource.targetResources().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* A list of service accounts indicating the sets of instances that are applied with this rule.
*/
public val targetServiceAccounts: Output>?
get() = javaResource.targetServiceAccounts().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
}
public object OrganizationSecurityPolicyRuleMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.gcp.compute.OrganizationSecurityPolicyRule::class == javaResource::class
override fun map(javaResource: Resource): OrganizationSecurityPolicyRule =
OrganizationSecurityPolicyRule(
javaResource as
com.pulumi.gcp.compute.OrganizationSecurityPolicyRule,
)
}
/**
* @see [OrganizationSecurityPolicyRule].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [OrganizationSecurityPolicyRule].
*/
public suspend fun organizationSecurityPolicyRule(
name: String,
block: suspend OrganizationSecurityPolicyRuleResourceBuilder.() -> Unit,
): OrganizationSecurityPolicyRule {
val builder = OrganizationSecurityPolicyRuleResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [OrganizationSecurityPolicyRule].
* @param name The _unique_ name of the resulting resource.
*/
public fun organizationSecurityPolicyRule(name: String): OrganizationSecurityPolicyRule {
val builder = OrganizationSecurityPolicyRuleResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy