com.pulumi.gcp.securityposture.kotlin.PostureDeployment.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.securityposture.kotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
/**
* Builder for [PostureDeployment].
*/
@PulumiTagMarker
public class PostureDeploymentResourceBuilder internal constructor() {
public var name: String? = null
public var args: PostureDeploymentArgs = PostureDeploymentArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend PostureDeploymentArgsBuilder.() -> Unit) {
val builder = PostureDeploymentArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): PostureDeployment {
val builtJavaResource =
com.pulumi.gcp.securityposture.PostureDeployment(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return PostureDeployment(builtJavaResource)
}
}
/**
* Represents a deployment of a security posture on a resource. A posture contains user curated policy sets. A posture can
* be deployed on a project or on a folder or on an organization. To deploy a posture we need to populate the posture's name
* and its revision_id in the posture deployment configuration. Every update to a deployed posture generates a new revision_id.
* Thus, the updated revision_id should be used in the respective posture deployment's configuration to deploy that posture
* on a resource.
* To get more information about PostureDeployment, see:
* * How-to Guides
* * [Create and deploy a posture](https://cloud.google.com/security-command-center/docs/how-to-use-security-posture)
* ## Example Usage
* ### Securityposture Posture Deployment Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const posture1 = new gcp.securityposture.Posture("posture_1", {
* postureId: "posture_1",
* parent: "organizations/123456789",
* location: "global",
* state: "ACTIVE",
* description: "a new posture",
* policySets: [{
* policySetId: "org_policy_set",
* description: "set of org policies",
* policies: [{
* policyId: "policy_1",
* constraint: {
* orgPolicyConstraint: {
* cannedConstraintId: "storage.uniformBucketLevelAccess",
* policyRules: [{
* enforce: true,
* }],
* },
* },
* }],
* }],
* });
* const postureDeployment = new gcp.securityposture.PostureDeployment("postureDeployment", {
* postureDeploymentId: "posture_deployment_1",
* parent: "organizations/123456789",
* location: "global",
* description: "a new posture deployment",
* targetResource: "projects/1111111111111",
* postureId: posture1.name,
* postureRevisionId: posture1.revisionId,
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* posture1 = gcp.securityposture.Posture("posture_1",
* posture_id="posture_1",
* parent="organizations/123456789",
* location="global",
* state="ACTIVE",
* description="a new posture",
* policy_sets=[gcp.securityposture.PosturePolicySetArgs(
* policy_set_id="org_policy_set",
* description="set of org policies",
* policies=[gcp.securityposture.PosturePolicySetPolicyArgs(
* policy_id="policy_1",
* constraint=gcp.securityposture.PosturePolicySetPolicyConstraintArgs(
* org_policy_constraint=gcp.securityposture.PosturePolicySetPolicyConstraintOrgPolicyConstraintArgs(
* canned_constraint_id="storage.uniformBucketLevelAccess",
* policy_rules=[gcp.securityposture.PosturePolicySetPolicyConstraintOrgPolicyConstraintPolicyRuleArgs(
* enforce=True,
* )],
* ),
* ),
* )],
* )])
* posture_deployment = gcp.securityposture.PostureDeployment("postureDeployment",
* posture_deployment_id="posture_deployment_1",
* parent="organizations/123456789",
* location="global",
* description="a new posture deployment",
* target_resource="projects/1111111111111",
* posture_id=posture1.name,
* posture_revision_id=posture1.revision_id)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var posture1 = new Gcp.SecurityPosture.Posture("posture_1", new()
* {
* PostureId = "posture_1",
* Parent = "organizations/123456789",
* Location = "global",
* State = "ACTIVE",
* Description = "a new posture",
* PolicySets = new[]
* {
* new Gcp.SecurityPosture.Inputs.PosturePolicySetArgs
* {
* PolicySetId = "org_policy_set",
* Description = "set of org policies",
* Policies = new[]
* {
* new Gcp.SecurityPosture.Inputs.PosturePolicySetPolicyArgs
* {
* PolicyId = "policy_1",
* Constraint = new Gcp.SecurityPosture.Inputs.PosturePolicySetPolicyConstraintArgs
* {
* OrgPolicyConstraint = new Gcp.SecurityPosture.Inputs.PosturePolicySetPolicyConstraintOrgPolicyConstraintArgs
* {
* CannedConstraintId = "storage.uniformBucketLevelAccess",
* PolicyRules = new[]
* {
* new Gcp.SecurityPosture.Inputs.PosturePolicySetPolicyConstraintOrgPolicyConstraintPolicyRuleArgs
* {
* Enforce = true,
* },
* },
* },
* },
* },
* },
* },
* },
* });
* var postureDeployment = new Gcp.SecurityPosture.PostureDeployment("postureDeployment", new()
* {
* PostureDeploymentId = "posture_deployment_1",
* Parent = "organizations/123456789",
* Location = "global",
* Description = "a new posture deployment",
* TargetResource = "projects/1111111111111",
* PostureId = posture1.Name,
* PostureRevisionId = posture1.RevisionId,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/securityposture"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* posture1, err := securityposture.NewPosture(ctx, "posture_1", &securityposture.PostureArgs{
* PostureId: pulumi.String("posture_1"),
* Parent: pulumi.String("organizations/123456789"),
* Location: pulumi.String("global"),
* State: pulumi.String("ACTIVE"),
* Description: pulumi.String("a new posture"),
* PolicySets: securityposture.PosturePolicySetArray{
* &securityposture.PosturePolicySetArgs{
* PolicySetId: pulumi.String("org_policy_set"),
* Description: pulumi.String("set of org policies"),
* Policies: securityposture.PosturePolicySetPolicyArray{
* &securityposture.PosturePolicySetPolicyArgs{
* PolicyId: pulumi.String("policy_1"),
* Constraint: &securityposture.PosturePolicySetPolicyConstraintArgs{
* OrgPolicyConstraint: &securityposture.PosturePolicySetPolicyConstraintOrgPolicyConstraintArgs{
* CannedConstraintId: pulumi.String("storage.uniformBucketLevelAccess"),
* PolicyRules: securityposture.PosturePolicySetPolicyConstraintOrgPolicyConstraintPolicyRuleArray{
* &securityposture.PosturePolicySetPolicyConstraintOrgPolicyConstraintPolicyRuleArgs{
* Enforce: pulumi.Bool(true),
* },
* },
* },
* },
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = securityposture.NewPostureDeployment(ctx, "postureDeployment", &securityposture.PostureDeploymentArgs{
* PostureDeploymentId: pulumi.String("posture_deployment_1"),
* Parent: pulumi.String("organizations/123456789"),
* Location: pulumi.String("global"),
* Description: pulumi.String("a new posture deployment"),
* TargetResource: pulumi.String("projects/1111111111111"),
* PostureId: posture1.Name,
* PostureRevisionId: posture1.RevisionId,
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.securityposture.Posture;
* import com.pulumi.gcp.securityposture.PostureArgs;
* import com.pulumi.gcp.securityposture.inputs.PosturePolicySetArgs;
* import com.pulumi.gcp.securityposture.PostureDeployment;
* import com.pulumi.gcp.securityposture.PostureDeploymentArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var posture1 = new Posture("posture1", PostureArgs.builder()
* .postureId("posture_1")
* .parent("organizations/123456789")
* .location("global")
* .state("ACTIVE")
* .description("a new posture")
* .policySets(PosturePolicySetArgs.builder()
* .policySetId("org_policy_set")
* .description("set of org policies")
* .policies(PosturePolicySetPolicyArgs.builder()
* .policyId("policy_1")
* .constraint(PosturePolicySetPolicyConstraintArgs.builder()
* .orgPolicyConstraint(PosturePolicySetPolicyConstraintOrgPolicyConstraintArgs.builder()
* .cannedConstraintId("storage.uniformBucketLevelAccess")
* .policyRules(PosturePolicySetPolicyConstraintOrgPolicyConstraintPolicyRuleArgs.builder()
* .enforce(true)
* .build())
* .build())
* .build())
* .build())
* .build())
* .build());
* var postureDeployment = new PostureDeployment("postureDeployment", PostureDeploymentArgs.builder()
* .postureDeploymentId("posture_deployment_1")
* .parent("organizations/123456789")
* .location("global")
* .description("a new posture deployment")
* .targetResource("projects/1111111111111")
* .postureId(posture1.name())
* .postureRevisionId(posture1.revisionId())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* posture1:
* type: gcp:securityposture:Posture
* name: posture_1
* properties:
* postureId: posture_1
* parent: organizations/123456789
* location: global
* state: ACTIVE
* description: a new posture
* policySets:
* - policySetId: org_policy_set
* description: set of org policies
* policies:
* - policyId: policy_1
* constraint:
* orgPolicyConstraint:
* cannedConstraintId: storage.uniformBucketLevelAccess
* policyRules:
* - enforce: true
* postureDeployment:
* type: gcp:securityposture:PostureDeployment
* properties:
* postureDeploymentId: posture_deployment_1
* parent: organizations/123456789
* location: global
* description: a new posture deployment
* targetResource: projects/1111111111111
* postureId: ${posture1.name}
* postureRevisionId: ${posture1.revisionId}
* ```
*
* ## Import
* PostureDeployment can be imported using any of these accepted formats:
* * `{{parent}}/locations/{{location}}/postureDeployments/{{posture_deployment_id}}`
* When using the `pulumi import` command, PostureDeployment can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:securityposture/postureDeployment:PostureDeployment default {{parent}}/locations/{{location}}/postureDeployments/{{posture_deployment_id}}
* ```
*/
public class PostureDeployment internal constructor(
override val javaResource: com.pulumi.gcp.securityposture.PostureDeployment,
) : KotlinCustomResource(javaResource, PostureDeploymentMapper) {
/**
* Time the posture deployment was created in UTC.
*/
public val createTime: Output
get() = javaResource.createTime().applyValue({ args0 -> args0 })
/**
* Description of the posture deployment.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* This is an output only optional field which will be filled in case when
* PostureDeployment state is UPDATE_FAILED or CREATE_FAILED or DELETE_FAILED.
* It denotes the desired posture to be deployed.
*/
public val desiredPostureId: Output
get() = javaResource.desiredPostureId().applyValue({ args0 -> args0 })
/**
* This is an output only optional field which will be filled in case when
* PostureDeployment state is UPDATE_FAILED or CREATE_FAILED or DELETE_FAILED.
* It denotes the desired posture revision_id to be deployed.
*/
public val desiredPostureRevisionId: Output
get() = javaResource.desiredPostureRevisionId().applyValue({ args0 -> args0 })
/**
* For Resource freshness validation (https://google.aip.dev/154)
*/
public val etag: Output
get() = javaResource.etag().applyValue({ args0 -> args0 })
/**
* This is a output only optional field which will be filled in case where
* PostureDeployment enters a failure state like UPDATE_FAILED or
* CREATE_FAILED or DELETE_FAILED. It will have the failure message for posture deployment's
* CREATE/UPDATE/DELETE methods.
*/
public val failureMessage: Output
get() = javaResource.failureMessage().applyValue({ args0 -> args0 })
/**
* The location of the resource, eg. global`.
*/
public val location: Output
get() = javaResource.location().applyValue({ args0 -> args0 })
/**
* Name of the posture deployment instance.
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
/**
* The parent of the resource, an organization. Format should be `organizations/{organization_id}`.
*/
public val parent: Output
get() = javaResource.parent().applyValue({ args0 -> args0 })
/**
* ID of the posture deployment.
* - - -
*/
public val postureDeploymentId: Output
get() = javaResource.postureDeploymentId().applyValue({ args0 -> args0 })
/**
* Relative name of the posture which needs to be deployed. It should be in the format:
* organizations/{organization_id}/locations/{location}/postures/{posture_id}
*/
public val postureId: Output
get() = javaResource.postureId().applyValue({ args0 -> args0 })
/**
* Revision_id the posture which needs to be deployed.
*/
public val postureRevisionId: Output
get() = javaResource.postureRevisionId().applyValue({ args0 -> args0 })
/**
* If set, there are currently changes in flight to the posture deployment.
*/
public val reconciling: Output
get() = javaResource.reconciling().applyValue({ args0 -> args0 })
/**
* State of the posture deployment. A posture deployment can be in the following terminal states:
* ACTIVE, CREATE_FAILED, UPDATE_FAILED, DELETE_FAILED.
*/
public val state: Output
get() = javaResource.state().applyValue({ args0 -> args0 })
/**
* The resource on which the posture should be deployed. This can be in one of the following formats:
* projects/{project_number},
* folders/{folder_number},
* organizations/{organization_id}
*/
public val targetResource: Output
get() = javaResource.targetResource().applyValue({ args0 -> args0 })
/**
* Time the posture deployment was updated in UTC.
*/
public val updateTime: Output
get() = javaResource.updateTime().applyValue({ args0 -> args0 })
}
public object PostureDeploymentMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.gcp.securityposture.PostureDeployment::class == javaResource::class
override fun map(javaResource: Resource): PostureDeployment = PostureDeployment(
javaResource as
com.pulumi.gcp.securityposture.PostureDeployment,
)
}
/**
* @see [PostureDeployment].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [PostureDeployment].
*/
public suspend fun postureDeployment(
name: String,
block: suspend PostureDeploymentResourceBuilder.() -> Unit,
): PostureDeployment {
val builder = PostureDeploymentResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [PostureDeployment].
* @param name The _unique_ name of the resulting resource.
*/
public fun postureDeployment(name: String): PostureDeployment {
val builder = PostureDeploymentResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy