com.pulumi.gcp.compute.kotlin.RegionNetworkFirewallPolicyRule.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.compute.kotlin
import com.pulumi.core.Output
import com.pulumi.gcp.compute.kotlin.outputs.RegionNetworkFirewallPolicyRuleMatch
import com.pulumi.gcp.compute.kotlin.outputs.RegionNetworkFirewallPolicyRuleTargetSecureTag
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import com.pulumi.gcp.compute.kotlin.outputs.RegionNetworkFirewallPolicyRuleMatch.Companion.toKotlin as regionNetworkFirewallPolicyRuleMatchToKotlin
import com.pulumi.gcp.compute.kotlin.outputs.RegionNetworkFirewallPolicyRuleTargetSecureTag.Companion.toKotlin as regionNetworkFirewallPolicyRuleTargetSecureTagToKotlin
/**
* Builder for [RegionNetworkFirewallPolicyRule].
*/
@PulumiTagMarker
public class RegionNetworkFirewallPolicyRuleResourceBuilder internal constructor() {
public var name: String? = null
public var args: RegionNetworkFirewallPolicyRuleArgs = RegionNetworkFirewallPolicyRuleArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend RegionNetworkFirewallPolicyRuleArgsBuilder.() -> Unit) {
val builder = RegionNetworkFirewallPolicyRuleArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): RegionNetworkFirewallPolicyRule {
val builtJavaResource =
com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return RegionNetworkFirewallPolicyRule(builtJavaResource)
}
}
/**
* The Compute NetworkFirewallPolicyRule resource
* ## Example Usage
* ### Regional
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const basicRegionalNetworksecurityAddressGroup = new gcp.networksecurity.AddressGroup("basic_regional_networksecurity_address_group", {
* name: "policy",
* parent: "projects/my-project-name",
* description: "Sample regional networksecurity_address_group",
* location: "us-west1",
* items: ["208.80.154.224/32"],
* type: "IPV4",
* capacity: 100,
* });
* const basicRegionalNetworkFirewallPolicy = new gcp.compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", {
* name: "policy",
* description: "Sample regional network firewall policy",
* project: "my-project-name",
* region: "us-west1",
* });
* const basicNetwork = new gcp.compute.Network("basic_network", {name: "network"});
* const basicKey = new gcp.tags.TagKey("basic_key", {
* description: "For keyname resources.",
* parent: "organizations/123456789",
* purpose: "GCE_FIREWALL",
* shortName: "tagkey",
* purposeData: {
* network: pulumi.interpolate`my-project-name/${basicNetwork.name}`,
* },
* });
* const basicValue = new gcp.tags.TagValue("basic_value", {
* description: "For valuename resources.",
* parent: pulumi.interpolate`tagKeys/${basicKey.name}`,
* shortName: "tagvalue",
* });
* const primary = new gcp.compute.RegionNetworkFirewallPolicyRule("primary", {
* action: "allow",
* description: "This is a simple rule description",
* direction: "INGRESS",
* disabled: false,
* enableLogging: true,
* firewallPolicy: basicRegionalNetworkFirewallPolicy.name,
* priority: 1000,
* region: "us-west1",
* ruleName: "test-rule",
* targetServiceAccounts: ["my@service-account.com"],
* match: {
* srcIpRanges: ["10.100.0.1/32"],
* srcFqdns: ["example.com"],
* srcRegionCodes: ["US"],
* srcThreatIntelligences: ["iplist-known-malicious-ips"],
* layer4Configs: [{
* ipProtocol: "all",
* }],
* srcSecureTags: [{
* name: pulumi.interpolate`tagValues/${basicValue.name}`,
* }],
* srcAddressGroups: [basicRegionalNetworksecurityAddressGroup.id],
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* basic_regional_networksecurity_address_group = gcp.networksecurity.AddressGroup("basic_regional_networksecurity_address_group",
* name="policy",
* parent="projects/my-project-name",
* description="Sample regional networksecurity_address_group",
* location="us-west1",
* items=["208.80.154.224/32"],
* type="IPV4",
* capacity=100)
* basic_regional_network_firewall_policy = gcp.compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy",
* name="policy",
* description="Sample regional network firewall policy",
* project="my-project-name",
* region="us-west1")
* basic_network = gcp.compute.Network("basic_network", name="network")
* basic_key = gcp.tags.TagKey("basic_key",
* description="For keyname resources.",
* parent="organizations/123456789",
* purpose="GCE_FIREWALL",
* short_name="tagkey",
* purpose_data={
* "network": basic_network.name.apply(lambda name: f"my-project-name/{name}"),
* })
* basic_value = gcp.tags.TagValue("basic_value",
* description="For valuename resources.",
* parent=basic_key.name.apply(lambda name: f"tagKeys/{name}"),
* short_name="tagvalue")
* primary = gcp.compute.RegionNetworkFirewallPolicyRule("primary",
* action="allow",
* description="This is a simple rule description",
* direction="INGRESS",
* disabled=False,
* enable_logging=True,
* firewall_policy=basic_regional_network_firewall_policy.name,
* priority=1000,
* region="us-west1",
* rule_name="test-rule",
* target_service_accounts=["my@service-account.com"],
* match=gcp.compute.RegionNetworkFirewallPolicyRuleMatchArgs(
* src_ip_ranges=["10.100.0.1/32"],
* src_fqdns=["example.com"],
* src_region_codes=["US"],
* src_threat_intelligences=["iplist-known-malicious-ips"],
* layer4_configs=[gcp.compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs(
* ip_protocol="all",
* )],
* src_secure_tags=[gcp.compute.RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs(
* name=basic_value.name.apply(lambda name: f"tagValues/{name}"),
* )],
* src_address_groups=[basic_regional_networksecurity_address_group.id],
* ))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var basicRegionalNetworksecurityAddressGroup = new Gcp.NetworkSecurity.AddressGroup("basic_regional_networksecurity_address_group", new()
* {
* Name = "policy",
* Parent = "projects/my-project-name",
* Description = "Sample regional networksecurity_address_group",
* Location = "us-west1",
* Items = new[]
* {
* "208.80.154.224/32",
* },
* Type = "IPV4",
* Capacity = 100,
* });
* var basicRegionalNetworkFirewallPolicy = new Gcp.Compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", new()
* {
* Name = "policy",
* Description = "Sample regional network firewall policy",
* Project = "my-project-name",
* Region = "us-west1",
* });
* var basicNetwork = new Gcp.Compute.Network("basic_network", new()
* {
* Name = "network",
* });
* var basicKey = new Gcp.Tags.TagKey("basic_key", new()
* {
* Description = "For keyname resources.",
* Parent = "organizations/123456789",
* Purpose = "GCE_FIREWALL",
* ShortName = "tagkey",
* PurposeData =
* {
* { "network", basicNetwork.Name.Apply(name => $"my-project-name/{name}") },
* },
* });
* var basicValue = new Gcp.Tags.TagValue("basic_value", new()
* {
* Description = "For valuename resources.",
* Parent = basicKey.Name.Apply(name => $"tagKeys/{name}"),
* ShortName = "tagvalue",
* });
* var primary = new Gcp.Compute.RegionNetworkFirewallPolicyRule("primary", new()
* {
* Action = "allow",
* Description = "This is a simple rule description",
* Direction = "INGRESS",
* Disabled = false,
* EnableLogging = true,
* FirewallPolicy = basicRegionalNetworkFirewallPolicy.Name,
* Priority = 1000,
* Region = "us-west1",
* RuleName = "test-rule",
* TargetServiceAccounts = new[]
* {
* "[email protected]",
* },
* Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchArgs
* {
* SrcIpRanges = new[]
* {
* "10.100.0.1/32",
* },
* SrcFqdns = new[]
* {
* "example.com",
* },
* SrcRegionCodes = new[]
* {
* "US",
* },
* SrcThreatIntelligences = new[]
* {
* "iplist-known-malicious-ips",
* },
* Layer4Configs = new[]
* {
* new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs
* {
* IpProtocol = "all",
* },
* },
* SrcSecureTags = new[]
* {
* new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs
* {
* Name = basicValue.Name.Apply(name => $"tagValues/{name}"),
* },
* },
* SrcAddressGroups = new[]
* {
* basicRegionalNetworksecurityAddressGroup.Id,
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/tags"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* basicRegionalNetworksecurityAddressGroup, err := networksecurity.NewAddressGroup(ctx, "basic_regional_networksecurity_address_group", &networksecurity.AddressGroupArgs{
* Name: pulumi.String("policy"),
* Parent: pulumi.String("projects/my-project-name"),
* Description: pulumi.String("Sample regional networksecurity_address_group"),
* Location: pulumi.String("us-west1"),
* Items: pulumi.StringArray{
* pulumi.String("208.80.154.224/32"),
* },
* Type: pulumi.String("IPV4"),
* Capacity: pulumi.Int(100),
* })
* if err != nil {
* return err
* }
* basicRegionalNetworkFirewallPolicy, err := compute.NewRegionNetworkFirewallPolicy(ctx, "basic_regional_network_firewall_policy", &compute.RegionNetworkFirewallPolicyArgs{
* Name: pulumi.String("policy"),
* Description: pulumi.String("Sample regional network firewall policy"),
* Project: pulumi.String("my-project-name"),
* Region: pulumi.String("us-west1"),
* })
* if err != nil {
* return err
* }
* basicNetwork, err := compute.NewNetwork(ctx, "basic_network", &compute.NetworkArgs{
* Name: pulumi.String("network"),
* })
* if err != nil {
* return err
* }
* basicKey, err := tags.NewTagKey(ctx, "basic_key", &tags.TagKeyArgs{
* Description: pulumi.String("For keyname resources."),
* Parent: pulumi.String("organizations/123456789"),
* Purpose: pulumi.String("GCE_FIREWALL"),
* ShortName: pulumi.String("tagkey"),
* PurposeData: pulumi.StringMap{
* "network": basicNetwork.Name.ApplyT(func(name string) (string, error) {
* return fmt.Sprintf("my-project-name/%v", name), nil
* }).(pulumi.StringOutput),
* },
* })
* if err != nil {
* return err
* }
* basicValue, err := tags.NewTagValue(ctx, "basic_value", &tags.TagValueArgs{
* Description: pulumi.String("For valuename resources."),
* Parent: basicKey.Name.ApplyT(func(name string) (string, error) {
* return fmt.Sprintf("tagKeys/%v", name), nil
* }).(pulumi.StringOutput),
* ShortName: pulumi.String("tagvalue"),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewRegionNetworkFirewallPolicyRule(ctx, "primary", &compute.RegionNetworkFirewallPolicyRuleArgs{
* Action: pulumi.String("allow"),
* Description: pulumi.String("This is a simple rule description"),
* Direction: pulumi.String("INGRESS"),
* Disabled: pulumi.Bool(false),
* EnableLogging: pulumi.Bool(true),
* FirewallPolicy: basicRegionalNetworkFirewallPolicy.Name,
* Priority: pulumi.Int(1000),
* Region: pulumi.String("us-west1"),
* RuleName: pulumi.String("test-rule"),
* TargetServiceAccounts: pulumi.StringArray{
* pulumi.String("[email protected]"),
* },
* Match: &compute.RegionNetworkFirewallPolicyRuleMatchArgs{
* SrcIpRanges: pulumi.StringArray{
* pulumi.String("10.100.0.1/32"),
* },
* SrcFqdns: pulumi.StringArray{
* pulumi.String("example.com"),
* },
* SrcRegionCodes: pulumi.StringArray{
* pulumi.String("US"),
* },
* SrcThreatIntelligences: pulumi.StringArray{
* pulumi.String("iplist-known-malicious-ips"),
* },
* Layer4Configs: compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArray{
* &compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs{
* IpProtocol: pulumi.String("all"),
* },
* },
* SrcSecureTags: compute.RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArray{
* &compute.RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs{
* Name: basicValue.Name.ApplyT(func(name string) (string, error) {
* return fmt.Sprintf("tagValues/%v", name), nil
* }).(pulumi.StringOutput),
* },
* },
* SrcAddressGroups: pulumi.StringArray{
* basicRegionalNetworksecurityAddressGroup.ID(),
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.networksecurity.AddressGroup;
* import com.pulumi.gcp.networksecurity.AddressGroupArgs;
* import com.pulumi.gcp.compute.RegionNetworkFirewallPolicy;
* import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyArgs;
* import com.pulumi.gcp.compute.Network;
* import com.pulumi.gcp.compute.NetworkArgs;
* import com.pulumi.gcp.tags.TagKey;
* import com.pulumi.gcp.tags.TagKeyArgs;
* import com.pulumi.gcp.tags.TagValue;
* import com.pulumi.gcp.tags.TagValueArgs;
* import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule;
* import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRuleArgs;
* import com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyRuleMatchArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var basicRegionalNetworksecurityAddressGroup = new AddressGroup("basicRegionalNetworksecurityAddressGroup", AddressGroupArgs.builder()
* .name("policy")
* .parent("projects/my-project-name")
* .description("Sample regional networksecurity_address_group")
* .location("us-west1")
* .items("208.80.154.224/32")
* .type("IPV4")
* .capacity(100)
* .build());
* var basicRegionalNetworkFirewallPolicy = new RegionNetworkFirewallPolicy("basicRegionalNetworkFirewallPolicy", RegionNetworkFirewallPolicyArgs.builder()
* .name("policy")
* .description("Sample regional network firewall policy")
* .project("my-project-name")
* .region("us-west1")
* .build());
* var basicNetwork = new Network("basicNetwork", NetworkArgs.builder()
* .name("network")
* .build());
* var basicKey = new TagKey("basicKey", TagKeyArgs.builder()
* .description("For keyname resources.")
* .parent("organizations/123456789")
* .purpose("GCE_FIREWALL")
* .shortName("tagkey")
* .purposeData(Map.of("network", basicNetwork.name().applyValue(name -> String.format("my-project-name/%s", name))))
* .build());
* var basicValue = new TagValue("basicValue", TagValueArgs.builder()
* .description("For valuename resources.")
* .parent(basicKey.name().applyValue(name -> String.format("tagKeys/%s", name)))
* .shortName("tagvalue")
* .build());
* var primary = new RegionNetworkFirewallPolicyRule("primary", RegionNetworkFirewallPolicyRuleArgs.builder()
* .action("allow")
* .description("This is a simple rule description")
* .direction("INGRESS")
* .disabled(false)
* .enableLogging(true)
* .firewallPolicy(basicRegionalNetworkFirewallPolicy.name())
* .priority(1000)
* .region("us-west1")
* .ruleName("test-rule")
* .targetServiceAccounts("[email protected]")
* .match(RegionNetworkFirewallPolicyRuleMatchArgs.builder()
* .srcIpRanges("10.100.0.1/32")
* .srcFqdns("example.com")
* .srcRegionCodes("US")
* .srcThreatIntelligences("iplist-known-malicious-ips")
* .layer4Configs(RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()
* .ipProtocol("all")
* .build())
* .srcSecureTags(RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs.builder()
* .name(basicValue.name().applyValue(name -> String.format("tagValues/%s", name)))
* .build())
* .srcAddressGroups(basicRegionalNetworksecurityAddressGroup.id())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* basicRegionalNetworksecurityAddressGroup:
* type: gcp:networksecurity:AddressGroup
* name: basic_regional_networksecurity_address_group
* properties:
* name: policy
* parent: projects/my-project-name
* description: Sample regional networksecurity_address_group
* location: us-west1
* items:
* - 208.80.154.224/32
* type: IPV4
* capacity: 100
* basicRegionalNetworkFirewallPolicy:
* type: gcp:compute:RegionNetworkFirewallPolicy
* name: basic_regional_network_firewall_policy
* properties:
* name: policy
* description: Sample regional network firewall policy
* project: my-project-name
* region: us-west1
* primary:
* type: gcp:compute:RegionNetworkFirewallPolicyRule
* properties:
* action: allow
* description: This is a simple rule description
* direction: INGRESS
* disabled: false
* enableLogging: true
* firewallPolicy: ${basicRegionalNetworkFirewallPolicy.name}
* priority: 1000
* region: us-west1
* ruleName: test-rule
* targetServiceAccounts:
* - [email protected]
* match:
* srcIpRanges:
* - 10.100.0.1/32
* srcFqdns:
* - example.com
* srcRegionCodes:
* - US
* srcThreatIntelligences:
* - iplist-known-malicious-ips
* layer4Configs:
* - ipProtocol: all
* srcSecureTags:
* - name: tagValues/${basicValue.name}
* srcAddressGroups:
* - ${basicRegionalNetworksecurityAddressGroup.id}
* basicNetwork:
* type: gcp:compute:Network
* name: basic_network
* properties:
* name: network
* basicKey:
* type: gcp:tags:TagKey
* name: basic_key
* properties:
* description: For keyname resources.
* parent: organizations/123456789
* purpose: GCE_FIREWALL
* shortName: tagkey
* purposeData:
* network: my-project-name/${basicNetwork.name}
* basicValue:
* type: gcp:tags:TagValue
* name: basic_value
* properties:
* description: For valuename resources.
* parent: tagKeys/${basicKey.name}
* shortName: tagvalue
* ```
*
* ## Import
* NetworkFirewallPolicyRule can be imported using any of these accepted formats:
* * `projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/{{priority}}`
* * `{{project}}/{{region}}/{{firewall_policy}}/{{priority}}`
* * `{{region}}/{{firewall_policy}}/{{priority}}`
* * `{{firewall_policy}}/{{priority}}`
* When using the `pulumi import` command, NetworkFirewallPolicyRule can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/{{priority}}
* ```
* ```sh
* $ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default {{project}}/{{region}}/{{firewall_policy}}/{{priority}}
* ```
* ```sh
* $ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default {{region}}/{{firewall_policy}}/{{priority}}
* ```
* ```sh
* $ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default {{firewall_policy}}/{{priority}}
* ```
*/
public class RegionNetworkFirewallPolicyRule internal constructor(
override val javaResource: com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule,
) : KotlinCustomResource(javaResource, RegionNetworkFirewallPolicyRuleMapper) {
/**
* The Action to perform when the client connection triggers the rule. Valid actions are "allow", "deny", "goto_next" and "apply_security_profile_group".
*/
public val action: Output
get() = javaResource.action().applyValue({ args0 -> args0 })
/**
* An optional description for this resource.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The direction in which this rule applies. Possible values: INGRESS, EGRESS
*/
public val direction: Output
get() = javaResource.direction().applyValue({ args0 -> args0 })
/**
* Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and
* traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled.
*/
public val disabled: Output?
get() = javaResource.disabled().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured
* export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on
* "goto_next" rules.
*/
public val enableLogging: Output?
get() = javaResource.enableLogging().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The firewall policy of the resource.
*/
public val firewallPolicy: Output
get() = javaResource.firewallPolicy().applyValue({ args0 -> args0 })
/**
* Type of the resource. Always `compute#firewallPolicyRule` for firewall policy rules
*/
public val kind: Output
get() = javaResource.kind().applyValue({ args0 -> args0 })
/**
* A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
*/
public val match: Output
get() = javaResource.match().applyValue({ args0 ->
args0.let({ args0 ->
regionNetworkFirewallPolicyRuleMatchToKotlin(args0)
})
})
/**
* An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest prority.
*/
public val priority: Output
get() = javaResource.priority().applyValue({ args0 -> args0 })
/**
* The project for the resource
*/
public val project: Output
get() = javaResource.project().applyValue({ args0 -> args0 })
/**
* The location of this resource.
*/
public val region: Output
get() = javaResource.region().applyValue({ args0 -> args0 })
/**
* An optional name for the rule. This field is not a unique identifier and can be updated.
*/
public val ruleName: Output?
get() = javaResource.ruleName().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Calculation of the complexity of a single firewall policy rule.
*/
public val ruleTupleCount: Output
get() = javaResource.ruleTupleCount().applyValue({ args0 -> args0 })
/**
* A fully-qualified URL of a SecurityProfileGroup resource. Example:
* https://networksecurity.googleapis.com/v1/organizations/{organizationId}/locations/global/securityProfileGroups/my-security-profile-group.
* It must be specified if action = 'apply_security_profile_group' and cannot be specified for other actions.
*/
public val securityProfileGroup: Output?
get() = javaResource.securityProfileGroup().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag
are
* specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure
* tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored.
* targetSecureTag
may not be set at the same time as targetServiceAccounts
. If neither
* targetServiceAccounts
nor targetSecureTag
are specified, the firewall rule applies to all
* instances on the specified network. Maximum number of target label tags allowed is 256.
*/
public val targetSecureTags: Output>?
get() = javaResource.targetSecureTags().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
regionNetworkFirewallPolicyRuleTargetSecureTagToKotlin(args0)
})
})
}).orElse(null)
})
/**
* A list of service accounts indicating the sets of instances that are applied with this rule.
*/
public val targetServiceAccounts: Output>?
get() = javaResource.targetServiceAccounts().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* Boolean flag indicating if the traffic should be TLS decrypted. It can be set only if action =
* 'apply_security_profile_group' and cannot be set for other actions.
*/
public val tlsInspect: Output?
get() = javaResource.tlsInspect().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
}
public object RegionNetworkFirewallPolicyRuleMapper :
ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule::class == javaResource::class
override fun map(javaResource: Resource): RegionNetworkFirewallPolicyRule =
RegionNetworkFirewallPolicyRule(
javaResource as
com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule,
)
}
/**
* @see [RegionNetworkFirewallPolicyRule].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [RegionNetworkFirewallPolicyRule].
*/
public suspend fun regionNetworkFirewallPolicyRule(
name: String,
block: suspend RegionNetworkFirewallPolicyRuleResourceBuilder.() -> Unit,
): RegionNetworkFirewallPolicyRule {
val builder = RegionNetworkFirewallPolicyRuleResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [RegionNetworkFirewallPolicyRule].
* @param name The _unique_ name of the resulting resource.
*/
public fun regionNetworkFirewallPolicyRule(name: String): RegionNetworkFirewallPolicyRule {
val builder = RegionNetworkFirewallPolicyRuleResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy