All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.gcp.iam.kotlin.inputs.DenyPolicyRuleDenyRuleArgs.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 8.10.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.iam.kotlin.inputs

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.iam.inputs.DenyPolicyRuleDenyRuleArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.jvm.JvmName

/**
 *
 * @property denialCondition User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
 * Structure is documented below.
 * @property deniedPermissions The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`,
 * where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
 * @property deniedPrincipals The identities that are prevented from using one or more permissions on Google Cloud resources.
 * @property exceptionPermissions Specifies the permissions that this rule excludes from the set of denied permissions given by deniedPermissions.
 * If a permission appears in deniedPermissions and in exceptionPermissions then it will not be denied.
 * The excluded permissions can be specified using the same syntax as deniedPermissions.
 * @property exceptionPrincipals The identities that are excluded from the deny rule, even if they are listed in the deniedPrincipals.
 * For example, you could add a Google group to the deniedPrincipals, then exclude specific users who belong to that group.
 */
public data class DenyPolicyRuleDenyRuleArgs(
    public val denialCondition: Output? = null,
    public val deniedPermissions: Output>? = null,
    public val deniedPrincipals: Output>? = null,
    public val exceptionPermissions: Output>? = null,
    public val exceptionPrincipals: Output>? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.gcp.iam.inputs.DenyPolicyRuleDenyRuleArgs =
        com.pulumi.gcp.iam.inputs.DenyPolicyRuleDenyRuleArgs.builder()
            .denialCondition(denialCondition?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .deniedPermissions(deniedPermissions?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .deniedPrincipals(deniedPrincipals?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .exceptionPermissions(exceptionPermissions?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .exceptionPrincipals(
                exceptionPrincipals?.applyValue({ args0 ->
                    args0.map({ args0 ->
                        args0
                    })
                }),
            ).build()
}

/**
 * Builder for [DenyPolicyRuleDenyRuleArgs].
 */
@PulumiTagMarker
public class DenyPolicyRuleDenyRuleArgsBuilder internal constructor() {
    private var denialCondition: Output? = null

    private var deniedPermissions: Output>? = null

    private var deniedPrincipals: Output>? = null

    private var exceptionPermissions: Output>? = null

    private var exceptionPrincipals: Output>? = null

    /**
     * @param value User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
     * Structure is documented below.
     */
    @JvmName("vwkijqwxatvlshlq")
    public suspend fun denialCondition(`value`: Output) {
        this.denialCondition = value
    }

    /**
     * @param value The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`,
     * where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
     */
    @JvmName("sncotyseqgwyhmdg")
    public suspend fun deniedPermissions(`value`: Output>) {
        this.deniedPermissions = value
    }

    @JvmName("evevsalwpqfqtxbe")
    public suspend fun deniedPermissions(vararg values: Output) {
        this.deniedPermissions = Output.all(values.asList())
    }

    /**
     * @param values The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`,
     * where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
     */
    @JvmName("ysyvrcioljppilan")
    public suspend fun deniedPermissions(values: List>) {
        this.deniedPermissions = Output.all(values)
    }

    /**
     * @param value The identities that are prevented from using one or more permissions on Google Cloud resources.
     */
    @JvmName("gagpseclvydimmaa")
    public suspend fun deniedPrincipals(`value`: Output>) {
        this.deniedPrincipals = value
    }

    @JvmName("ipfhkxycsomnvgcw")
    public suspend fun deniedPrincipals(vararg values: Output) {
        this.deniedPrincipals = Output.all(values.asList())
    }

    /**
     * @param values The identities that are prevented from using one or more permissions on Google Cloud resources.
     */
    @JvmName("fcyrfmvdmptkrunw")
    public suspend fun deniedPrincipals(values: List>) {
        this.deniedPrincipals = Output.all(values)
    }

    /**
     * @param value Specifies the permissions that this rule excludes from the set of denied permissions given by deniedPermissions.
     * If a permission appears in deniedPermissions and in exceptionPermissions then it will not be denied.
     * The excluded permissions can be specified using the same syntax as deniedPermissions.
     */
    @JvmName("hjpajtckpiwigtcw")
    public suspend fun exceptionPermissions(`value`: Output>) {
        this.exceptionPermissions = value
    }

    @JvmName("fxfqtuafuskapjwk")
    public suspend fun exceptionPermissions(vararg values: Output) {
        this.exceptionPermissions = Output.all(values.asList())
    }

    /**
     * @param values Specifies the permissions that this rule excludes from the set of denied permissions given by deniedPermissions.
     * If a permission appears in deniedPermissions and in exceptionPermissions then it will not be denied.
     * The excluded permissions can be specified using the same syntax as deniedPermissions.
     */
    @JvmName("jfywjlhlljlgmdsn")
    public suspend fun exceptionPermissions(values: List>) {
        this.exceptionPermissions = Output.all(values)
    }

    /**
     * @param value The identities that are excluded from the deny rule, even if they are listed in the deniedPrincipals.
     * For example, you could add a Google group to the deniedPrincipals, then exclude specific users who belong to that group.
     */
    @JvmName("fkkqguwdlwskgbga")
    public suspend fun exceptionPrincipals(`value`: Output>) {
        this.exceptionPrincipals = value
    }

    @JvmName("stgtlyccxvxadphl")
    public suspend fun exceptionPrincipals(vararg values: Output) {
        this.exceptionPrincipals = Output.all(values.asList())
    }

    /**
     * @param values The identities that are excluded from the deny rule, even if they are listed in the deniedPrincipals.
     * For example, you could add a Google group to the deniedPrincipals, then exclude specific users who belong to that group.
     */
    @JvmName("mwnfrkhetqlrgfaw")
    public suspend fun exceptionPrincipals(values: List>) {
        this.exceptionPrincipals = Output.all(values)
    }

    /**
     * @param value User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
     * Structure is documented below.
     */
    @JvmName("upwutvaasiqebmil")
    public suspend fun denialCondition(`value`: DenyPolicyRuleDenyRuleDenialConditionArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.denialCondition = mapped
    }

    /**
     * @param argument User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
     * Structure is documented below.
     */
    @JvmName("anftqyunwbapqpsv")
    public suspend fun denialCondition(argument: suspend DenyPolicyRuleDenyRuleDenialConditionArgsBuilder.() -> Unit) {
        val toBeMapped = DenyPolicyRuleDenyRuleDenialConditionArgsBuilder().applySuspend {
            argument()
        }.build()
        val mapped = of(toBeMapped)
        this.denialCondition = mapped
    }

    /**
     * @param value The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`,
     * where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
     */
    @JvmName("istpokiafqchejqj")
    public suspend fun deniedPermissions(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.deniedPermissions = mapped
    }

    /**
     * @param values The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`,
     * where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
     */
    @JvmName("bpblpnjmadcesyjc")
    public suspend fun deniedPermissions(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.deniedPermissions = mapped
    }

    /**
     * @param value The identities that are prevented from using one or more permissions on Google Cloud resources.
     */
    @JvmName("dotvyaehklrmcwdn")
    public suspend fun deniedPrincipals(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.deniedPrincipals = mapped
    }

    /**
     * @param values The identities that are prevented from using one or more permissions on Google Cloud resources.
     */
    @JvmName("pxyyccwtatkgbdfh")
    public suspend fun deniedPrincipals(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.deniedPrincipals = mapped
    }

    /**
     * @param value Specifies the permissions that this rule excludes from the set of denied permissions given by deniedPermissions.
     * If a permission appears in deniedPermissions and in exceptionPermissions then it will not be denied.
     * The excluded permissions can be specified using the same syntax as deniedPermissions.
     */
    @JvmName("tudrphykjkajcere")
    public suspend fun exceptionPermissions(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.exceptionPermissions = mapped
    }

    /**
     * @param values Specifies the permissions that this rule excludes from the set of denied permissions given by deniedPermissions.
     * If a permission appears in deniedPermissions and in exceptionPermissions then it will not be denied.
     * The excluded permissions can be specified using the same syntax as deniedPermissions.
     */
    @JvmName("kfkqtajauuwunlgu")
    public suspend fun exceptionPermissions(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.exceptionPermissions = mapped
    }

    /**
     * @param value The identities that are excluded from the deny rule, even if they are listed in the deniedPrincipals.
     * For example, you could add a Google group to the deniedPrincipals, then exclude specific users who belong to that group.
     */
    @JvmName("hqirfhgyauyvxdhx")
    public suspend fun exceptionPrincipals(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.exceptionPrincipals = mapped
    }

    /**
     * @param values The identities that are excluded from the deny rule, even if they are listed in the deniedPrincipals.
     * For example, you could add a Google group to the deniedPrincipals, then exclude specific users who belong to that group.
     */
    @JvmName("vmjxsxeqhkhlwkdv")
    public suspend fun exceptionPrincipals(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.exceptionPrincipals = mapped
    }

    internal fun build(): DenyPolicyRuleDenyRuleArgs = DenyPolicyRuleDenyRuleArgs(
        denialCondition = denialCondition,
        deniedPermissions = deniedPermissions,
        deniedPrincipals = deniedPrincipals,
        exceptionPermissions = exceptionPermissions,
        exceptionPrincipals = exceptionPrincipals,
    )
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy