All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.gcp.compute.kotlin.OrganizationSecurityPolicyRule.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 8.10.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.compute.kotlin

import com.pulumi.core.Output
import com.pulumi.gcp.compute.kotlin.outputs.OrganizationSecurityPolicyRuleMatch
import com.pulumi.gcp.compute.kotlin.outputs.OrganizationSecurityPolicyRuleMatch.Companion.toKotlin
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List

/**
 * Builder for [OrganizationSecurityPolicyRule].
 */
@PulumiTagMarker
public class OrganizationSecurityPolicyRuleResourceBuilder internal constructor() {
    public var name: String? = null

    public var args: OrganizationSecurityPolicyRuleArgs = OrganizationSecurityPolicyRuleArgs()

    public var opts: CustomResourceOptions = CustomResourceOptions()

    /**
     * @param name The _unique_ name of the resulting resource.
     */
    public fun name(`value`: String) {
        this.name = value
    }

    /**
     * @param block The arguments to use to populate this resource's properties.
     */
    public suspend fun args(block: suspend OrganizationSecurityPolicyRuleArgsBuilder.() -> Unit) {
        val builder = OrganizationSecurityPolicyRuleArgsBuilder()
        block(builder)
        this.args = builder.build()
    }

    /**
     * @param block A bag of options that control this resource's behavior.
     */
    public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
        this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
    }

    internal fun build(): OrganizationSecurityPolicyRule {
        val builtJavaResource =
            com.pulumi.gcp.compute.OrganizationSecurityPolicyRule(
                this.name,
                this.args.toJava(),
                this.opts.toJava(),
            )
        return OrganizationSecurityPolicyRule(builtJavaResource)
    }
}

/**
 * A rule for the OrganizationSecurityPolicy.
 * To get more information about OrganizationSecurityPolicyRule, see:
 * * [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/organizationSecurityPolicies/addRule)
 * * How-to Guides
 *     * [Creating firewall rules](https://cloud.google.com/vpc/docs/using-firewall-policies#create-rules)
 * ## Example Usage
 * ### Organization Security Policy Rule Basic
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const policy = new gcp.compute.OrganizationSecurityPolicy("policy", {
 *     displayName: "tf-test",
 *     parent: "organizations/123456789",
 * });
 * const policyOrganizationSecurityPolicyRule = new gcp.compute.OrganizationSecurityPolicyRule("policy", {
 *     policyId: policy.id,
 *     action: "allow",
 *     direction: "INGRESS",
 *     enableLogging: true,
 *     match: {
 *         config: {
 *             srcIpRanges: [
 *                 "192.168.0.0/16",
 *                 "10.0.0.0/8",
 *             ],
 *             layer4Configs: [
 *                 {
 *                     ipProtocol: "tcp",
 *                     ports: ["22"],
 *                 },
 *                 {
 *                     ipProtocol: "icmp",
 *                 },
 *             ],
 *         },
 *     },
 *     priority: 100,
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * policy = gcp.compute.OrganizationSecurityPolicy("policy",
 *     display_name="tf-test",
 *     parent="organizations/123456789")
 * policy_organization_security_policy_rule = gcp.compute.OrganizationSecurityPolicyRule("policy",
 *     policy_id=policy.id,
 *     action="allow",
 *     direction="INGRESS",
 *     enable_logging=True,
 *     match=gcp.compute.OrganizationSecurityPolicyRuleMatchArgs(
 *         config=gcp.compute.OrganizationSecurityPolicyRuleMatchConfigArgs(
 *             src_ip_ranges=[
 *                 "192.168.0.0/16",
 *                 "10.0.0.0/8",
 *             ],
 *             layer4_configs=[
 *                 gcp.compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs(
 *                     ip_protocol="tcp",
 *                     ports=["22"],
 *                 ),
 *                 gcp.compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs(
 *                     ip_protocol="icmp",
 *                 ),
 *             ],
 *         ),
 *     ),
 *     priority=100)
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var policy = new Gcp.Compute.OrganizationSecurityPolicy("policy", new()
 *     {
 *         DisplayName = "tf-test",
 *         Parent = "organizations/123456789",
 *     });
 *     var policyOrganizationSecurityPolicyRule = new Gcp.Compute.OrganizationSecurityPolicyRule("policy", new()
 *     {
 *         PolicyId = policy.Id,
 *         Action = "allow",
 *         Direction = "INGRESS",
 *         EnableLogging = true,
 *         Match = new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchArgs
 *         {
 *             Config = new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchConfigArgs
 *             {
 *                 SrcIpRanges = new[]
 *                 {
 *                     "192.168.0.0/16",
 *                     "10.0.0.0/8",
 *                 },
 *                 Layer4Configs = new[]
 *                 {
 *                     new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs
 *                     {
 *                         IpProtocol = "tcp",
 *                         Ports = new[]
 *                         {
 *                             "22",
 *                         },
 *                     },
 *                     new Gcp.Compute.Inputs.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs
 *                     {
 *                         IpProtocol = "icmp",
 *                     },
 *                 },
 *             },
 *         },
 *         Priority = 100,
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		policy, err := compute.NewOrganizationSecurityPolicy(ctx, "policy", &compute.OrganizationSecurityPolicyArgs{
 * 			DisplayName: pulumi.String("tf-test"),
 * 			Parent:      pulumi.String("organizations/123456789"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = compute.NewOrganizationSecurityPolicyRule(ctx, "policy", &compute.OrganizationSecurityPolicyRuleArgs{
 * 			PolicyId:      policy.ID(),
 * 			Action:        pulumi.String("allow"),
 * 			Direction:     pulumi.String("INGRESS"),
 * 			EnableLogging: pulumi.Bool(true),
 * 			Match: &compute.OrganizationSecurityPolicyRuleMatchArgs{
 * 				Config: &compute.OrganizationSecurityPolicyRuleMatchConfigArgs{
 * 					SrcIpRanges: pulumi.StringArray{
 * 						pulumi.String("192.168.0.0/16"),
 * 						pulumi.String("10.0.0.0/8"),
 * 					},
 * 					Layer4Configs: compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArray{
 * 						&compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs{
 * 							IpProtocol: pulumi.String("tcp"),
 * 							Ports: pulumi.StringArray{
 * 								pulumi.String("22"),
 * 							},
 * 						},
 * 						&compute.OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs{
 * 							IpProtocol: pulumi.String("icmp"),
 * 						},
 * 					},
 * 				},
 * 			},
 * 			Priority: pulumi.Int(100),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.compute.OrganizationSecurityPolicy;
 * import com.pulumi.gcp.compute.OrganizationSecurityPolicyArgs;
 * import com.pulumi.gcp.compute.OrganizationSecurityPolicyRule;
 * import com.pulumi.gcp.compute.OrganizationSecurityPolicyRuleArgs;
 * import com.pulumi.gcp.compute.inputs.OrganizationSecurityPolicyRuleMatchArgs;
 * import com.pulumi.gcp.compute.inputs.OrganizationSecurityPolicyRuleMatchConfigArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var policy = new OrganizationSecurityPolicy("policy", OrganizationSecurityPolicyArgs.builder()
 *             .displayName("tf-test")
 *             .parent("organizations/123456789")
 *             .build());
 *         var policyOrganizationSecurityPolicyRule = new OrganizationSecurityPolicyRule("policyOrganizationSecurityPolicyRule", OrganizationSecurityPolicyRuleArgs.builder()
 *             .policyId(policy.id())
 *             .action("allow")
 *             .direction("INGRESS")
 *             .enableLogging(true)
 *             .match(OrganizationSecurityPolicyRuleMatchArgs.builder()
 *                 .config(OrganizationSecurityPolicyRuleMatchConfigArgs.builder()
 *                     .srcIpRanges(
 *                         "192.168.0.0/16",
 *                         "10.0.0.0/8")
 *                     .layer4Configs(
 *                         OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs.builder()
 *                             .ipProtocol("tcp")
 *                             .ports("22")
 *                             .build(),
 *                         OrganizationSecurityPolicyRuleMatchConfigLayer4ConfigArgs.builder()
 *                             .ipProtocol("icmp")
 *                             .build())
 *                     .build())
 *                 .build())
 *             .priority(100)
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   policy:
 *     type: gcp:compute:OrganizationSecurityPolicy
 *     properties:
 *       displayName: tf-test
 *       parent: organizations/123456789
 *   policyOrganizationSecurityPolicyRule:
 *     type: gcp:compute:OrganizationSecurityPolicyRule
 *     name: policy
 *     properties:
 *       policyId: ${policy.id}
 *       action: allow
 *       direction: INGRESS
 *       enableLogging: true
 *       match:
 *         config:
 *           srcIpRanges:
 *             - 192.168.0.0/16
 *             - 10.0.0.0/8
 *           layer4Configs:
 *             - ipProtocol: tcp
 *               ports:
 *                 - '22'
 *             - ipProtocol: icmp
 *       priority: 100
 * ```
 * 
 * ## Import
 * OrganizationSecurityPolicyRule can be imported using any of these accepted formats:
 * * `{{policy_id}}/priority/{{priority}}`
 * When using the `pulumi import` command, OrganizationSecurityPolicyRule can be imported using one of the formats above. For example:
 * ```sh
 * $ pulumi import gcp:compute/organizationSecurityPolicyRule:OrganizationSecurityPolicyRule default {{policy_id}}/priority/{{priority}}
 * ```
 */
public class OrganizationSecurityPolicyRule internal constructor(
    override val javaResource: com.pulumi.gcp.compute.OrganizationSecurityPolicyRule,
) : KotlinCustomResource(javaResource, OrganizationSecurityPolicyRuleMapper) {
    /**
     * The Action to perform when the client connection triggers the rule. Can currently be either
     * "allow", "deny" or "goto_next".
     */
    public val action: Output
        get() = javaResource.action().applyValue({ args0 -> args0 })

    /**
     * A description of the rule.
     */
    public val description: Output?
        get() = javaResource.description().applyValue({ args0 ->
            args0.map({ args0 ->
                args0
            }).orElse(null)
        })

    /**
     * The direction in which this rule applies. If unspecified an INGRESS rule is created. Possible values: ["INGRESS",
     * "EGRESS"]
     */
    public val direction: Output?
        get() = javaResource.direction().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })

    /**
     * Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured
     * export destination in Stackdriver.
     */
    public val enableLogging: Output?
        get() = javaResource.enableLogging().applyValue({ args0 ->
            args0.map({ args0 ->
                args0
            }).orElse(null)
        })

    /**
     * A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     * Structure is documented below.
     */
    public val match: Output
        get() = javaResource.match().applyValue({ args0 -> args0.let({ args0 -> toKotlin(args0) }) })

    /**
     * The ID of the OrganizationSecurityPolicy this rule applies to.
     */
    public val policyId: Output
        get() = javaResource.policyId().applyValue({ args0 -> args0 })

    /**
     * If set to true, the specified action is not enforced.
     */
    public val preview: Output?
        get() = javaResource.preview().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })

    /**
     * An integer indicating the priority of a rule in the list. The priority must be a value
     * between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the
     * highest priority and 2147483647 is the lowest prority.
     */
    public val priority: Output
        get() = javaResource.priority().applyValue({ args0 -> args0 })

    /**
     * A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get
     * this rule. If this field is left blank, all VMs within the organization will receive the rule.
     */
    public val targetResources: Output>?
        get() = javaResource.targetResources().applyValue({ args0 ->
            args0.map({ args0 ->
                args0.map({ args0 -> args0 })
            }).orElse(null)
        })

    /**
     * A list of service accounts indicating the sets of instances that are applied with this rule.
     */
    public val targetServiceAccounts: Output>?
        get() = javaResource.targetServiceAccounts().applyValue({ args0 ->
            args0.map({ args0 ->
                args0.map({ args0 -> args0 })
            }).orElse(null)
        })
}

public object OrganizationSecurityPolicyRuleMapper : ResourceMapper {
    override fun supportsMappingOfType(javaResource: Resource): Boolean =
        com.pulumi.gcp.compute.OrganizationSecurityPolicyRule::class == javaResource::class

    override fun map(javaResource: Resource): OrganizationSecurityPolicyRule =
        OrganizationSecurityPolicyRule(
            javaResource as
                com.pulumi.gcp.compute.OrganizationSecurityPolicyRule,
        )
}

/**
 * @see [OrganizationSecurityPolicyRule].
 * @param name The _unique_ name of the resulting resource.
 * @param block Builder for [OrganizationSecurityPolicyRule].
 */
public suspend fun organizationSecurityPolicyRule(
    name: String,
    block: suspend OrganizationSecurityPolicyRuleResourceBuilder.() -> Unit,
): OrganizationSecurityPolicyRule {
    val builder = OrganizationSecurityPolicyRuleResourceBuilder()
    builder.name(name)
    block(builder)
    return builder.build()
}

/**
 * @see [OrganizationSecurityPolicyRule].
 * @param name The _unique_ name of the resulting resource.
 */
public fun organizationSecurityPolicyRule(name: String): OrganizationSecurityPolicyRule {
    val builder = OrganizationSecurityPolicyRuleResourceBuilder()
    builder.name(name)
    return builder.build()
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy