Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.iam.kotlin.inputs
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.iam.inputs.DenyPolicyRuleDenyRuleArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
*
* @property denialCondition User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
* Structure is documented below.
* @property deniedPermissions The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`,
* where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
* @property deniedPrincipals The identities that are prevented from using one or more permissions on Google Cloud resources.
* @property exceptionPermissions Specifies the permissions that this rule excludes from the set of denied permissions given by deniedPermissions.
* If a permission appears in deniedPermissions and in exceptionPermissions then it will not be denied.
* The excluded permissions can be specified using the same syntax as deniedPermissions.
* @property exceptionPrincipals The identities that are excluded from the deny rule, even if they are listed in the deniedPrincipals.
* For example, you could add a Google group to the deniedPrincipals, then exclude specific users who belong to that group.
*/
public data class DenyPolicyRuleDenyRuleArgs(
public val denialCondition: Output? = null,
public val deniedPermissions: Output>? = null,
public val deniedPrincipals: Output>? = null,
public val exceptionPermissions: Output>? = null,
public val exceptionPrincipals: Output>? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.iam.inputs.DenyPolicyRuleDenyRuleArgs =
com.pulumi.gcp.iam.inputs.DenyPolicyRuleDenyRuleArgs.builder()
.denialCondition(denialCondition?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
.deniedPermissions(deniedPermissions?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.deniedPrincipals(deniedPrincipals?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.exceptionPermissions(exceptionPermissions?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.exceptionPrincipals(
exceptionPrincipals?.applyValue({ args0 ->
args0.map({ args0 ->
args0
})
}),
).build()
}
/**
* Builder for [DenyPolicyRuleDenyRuleArgs].
*/
@PulumiTagMarker
public class DenyPolicyRuleDenyRuleArgsBuilder internal constructor() {
private var denialCondition: Output? = null
private var deniedPermissions: Output>? = null
private var deniedPrincipals: Output>? = null
private var exceptionPermissions: Output>? = null
private var exceptionPrincipals: Output>? = null
/**
* @param value User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
* Structure is documented below.
*/
@JvmName("vwkijqwxatvlshlq")
public suspend fun denialCondition(`value`: Output) {
this.denialCondition = value
}
/**
* @param value The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`,
* where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
*/
@JvmName("sncotyseqgwyhmdg")
public suspend fun deniedPermissions(`value`: Output>) {
this.deniedPermissions = value
}
@JvmName("evevsalwpqfqtxbe")
public suspend fun deniedPermissions(vararg values: Output) {
this.deniedPermissions = Output.all(values.asList())
}
/**
* @param values The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`,
* where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
*/
@JvmName("ysyvrcioljppilan")
public suspend fun deniedPermissions(values: List