Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
com.pulumi.gcp.compute.kotlin.NetworkFirewallPolicyRule.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.compute.kotlin
import com.pulumi.core.Output
import com.pulumi.gcp.compute.kotlin.outputs.NetworkFirewallPolicyRuleMatch
import com.pulumi.gcp.compute.kotlin.outputs.NetworkFirewallPolicyRuleTargetSecureTag
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import com.pulumi.gcp.compute.kotlin.outputs.NetworkFirewallPolicyRuleMatch.Companion.toKotlin as networkFirewallPolicyRuleMatchToKotlin
import com.pulumi.gcp.compute.kotlin.outputs.NetworkFirewallPolicyRuleTargetSecureTag.Companion.toKotlin as networkFirewallPolicyRuleTargetSecureTagToKotlin
/**
* Builder for [NetworkFirewallPolicyRule].
*/
@PulumiTagMarker
public class NetworkFirewallPolicyRuleResourceBuilder internal constructor() {
public var name: String? = null
public var args: NetworkFirewallPolicyRuleArgs = NetworkFirewallPolicyRuleArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend NetworkFirewallPolicyRuleArgsBuilder.() -> Unit) {
val builder = NetworkFirewallPolicyRuleArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): NetworkFirewallPolicyRule {
val builtJavaResource =
com.pulumi.gcp.compute.NetworkFirewallPolicyRule(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return NetworkFirewallPolicyRule(builtJavaResource)
}
}
/**
* The Compute NetworkFirewallPolicyRule resource
* ## Example Usage
* ### Global
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const basicGlobalNetworksecurityAddressGroup = new gcp.networksecurity.AddressGroup("basic_global_networksecurity_address_group", {
* name: "policy",
* parent: "projects/my-project-name",
* description: "Sample global networksecurity_address_group",
* location: "global",
* items: ["208.80.154.224/32"],
* type: "IPV4",
* capacity: 100,
* });
* const basicNetworkFirewallPolicy = new gcp.compute.NetworkFirewallPolicy("basic_network_firewall_policy", {
* name: "policy",
* description: "Sample global network firewall policy",
* project: "my-project-name",
* });
* const basicNetwork = new gcp.compute.Network("basic_network", {name: "network"});
* const basicKey = new gcp.tags.TagKey("basic_key", {
* description: "For keyname resources.",
* parent: "organizations/123456789",
* purpose: "GCE_FIREWALL",
* shortName: "tagkey",
* purposeData: {
* network: pulumi.interpolate`my-project-name/${basicNetwork.name}`,
* },
* });
* const basicValue = new gcp.tags.TagValue("basic_value", {
* description: "For valuename resources.",
* parent: pulumi.interpolate`tagKeys/${basicKey.name}`,
* shortName: "tagvalue",
* });
* const primary = new gcp.compute.NetworkFirewallPolicyRule("primary", {
* action: "allow",
* description: "This is a simple rule description",
* direction: "INGRESS",
* disabled: false,
* enableLogging: true,
* firewallPolicy: basicNetworkFirewallPolicy.name,
* priority: 1000,
* ruleName: "test-rule",
* targetServiceAccounts: ["my@service-account.com"],
* match: {
* srcIpRanges: ["10.100.0.1/32"],
* srcFqdns: ["google.com"],
* srcRegionCodes: ["US"],
* srcThreatIntelligences: ["iplist-known-malicious-ips"],
* srcSecureTags: [{
* name: pulumi.interpolate`tagValues/${basicValue.name}`,
* }],
* layer4Configs: [{
* ipProtocol: "all",
* }],
* srcAddressGroups: [basicGlobalNetworksecurityAddressGroup.id],
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* basic_global_networksecurity_address_group = gcp.networksecurity.AddressGroup("basic_global_networksecurity_address_group",
* name="policy",
* parent="projects/my-project-name",
* description="Sample global networksecurity_address_group",
* location="global",
* items=["208.80.154.224/32"],
* type="IPV4",
* capacity=100)
* basic_network_firewall_policy = gcp.compute.NetworkFirewallPolicy("basic_network_firewall_policy",
* name="policy",
* description="Sample global network firewall policy",
* project="my-project-name")
* basic_network = gcp.compute.Network("basic_network", name="network")
* basic_key = gcp.tags.TagKey("basic_key",
* description="For keyname resources.",
* parent="organizations/123456789",
* purpose="GCE_FIREWALL",
* short_name="tagkey",
* purpose_data={
* "network": basic_network.name.apply(lambda name: f"my-project-name/{name}"),
* })
* basic_value = gcp.tags.TagValue("basic_value",
* description="For valuename resources.",
* parent=basic_key.name.apply(lambda name: f"tagKeys/{name}"),
* short_name="tagvalue")
* primary = gcp.compute.NetworkFirewallPolicyRule("primary",
* action="allow",
* description="This is a simple rule description",
* direction="INGRESS",
* disabled=False,
* enable_logging=True,
* firewall_policy=basic_network_firewall_policy.name,
* priority=1000,
* rule_name="test-rule",
* target_service_accounts=["my@service-account.com"],
* match={
* "src_ip_ranges": ["10.100.0.1/32"],
* "src_fqdns": ["google.com"],
* "src_region_codes": ["US"],
* "src_threat_intelligences": ["iplist-known-malicious-ips"],
* "src_secure_tags": [{
* "name": basic_value.name.apply(lambda name: f"tagValues/{name}"),
* }],
* "layer4_configs": [{
* "ip_protocol": "all",
* }],
* "src_address_groups": [basic_global_networksecurity_address_group.id],
* })
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var basicGlobalNetworksecurityAddressGroup = new Gcp.NetworkSecurity.AddressGroup("basic_global_networksecurity_address_group", new()
* {
* Name = "policy",
* Parent = "projects/my-project-name",
* Description = "Sample global networksecurity_address_group",
* Location = "global",
* Items = new[]
* {
* "208.80.154.224/32",
* },
* Type = "IPV4",
* Capacity = 100,
* });
* var basicNetworkFirewallPolicy = new Gcp.Compute.NetworkFirewallPolicy("basic_network_firewall_policy", new()
* {
* Name = "policy",
* Description = "Sample global network firewall policy",
* Project = "my-project-name",
* });
* var basicNetwork = new Gcp.Compute.Network("basic_network", new()
* {
* Name = "network",
* });
* var basicKey = new Gcp.Tags.TagKey("basic_key", new()
* {
* Description = "For keyname resources.",
* Parent = "organizations/123456789",
* Purpose = "GCE_FIREWALL",
* ShortName = "tagkey",
* PurposeData =
* {
* { "network", basicNetwork.Name.Apply(name => $"my-project-name/{name}") },
* },
* });
* var basicValue = new Gcp.Tags.TagValue("basic_value", new()
* {
* Description = "For valuename resources.",
* Parent = basicKey.Name.Apply(name => $"tagKeys/{name}"),
* ShortName = "tagvalue",
* });
* var primary = new Gcp.Compute.NetworkFirewallPolicyRule("primary", new()
* {
* Action = "allow",
* Description = "This is a simple rule description",
* Direction = "INGRESS",
* Disabled = false,
* EnableLogging = true,
* FirewallPolicy = basicNetworkFirewallPolicy.Name,
* Priority = 1000,
* RuleName = "test-rule",
* TargetServiceAccounts = new[]
* {
* "[email protected] ",
* },
* Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchArgs
* {
* SrcIpRanges = new[]
* {
* "10.100.0.1/32",
* },
* SrcFqdns = new[]
* {
* "google.com",
* },
* SrcRegionCodes = new[]
* {
* "US",
* },
* SrcThreatIntelligences = new[]
* {
* "iplist-known-malicious-ips",
* },
* SrcSecureTags = new[]
* {
* new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchSrcSecureTagArgs
* {
* Name = basicValue.Name.Apply(name => $"tagValues/{name}"),
* },
* },
* Layer4Configs = new[]
* {
* new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs
* {
* IpProtocol = "all",
* },
* },
* SrcAddressGroups = new[]
* {
* basicGlobalNetworksecurityAddressGroup.Id,
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/tags"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* basicGlobalNetworksecurityAddressGroup, err := networksecurity.NewAddressGroup(ctx, "basic_global_networksecurity_address_group", &networksecurity.AddressGroupArgs{
* Name: pulumi.String("policy"),
* Parent: pulumi.String("projects/my-project-name"),
* Description: pulumi.String("Sample global networksecurity_address_group"),
* Location: pulumi.String("global"),
* Items: pulumi.StringArray{
* pulumi.String("208.80.154.224/32"),
* },
* Type: pulumi.String("IPV4"),
* Capacity: pulumi.Int(100),
* })
* if err != nil {
* return err
* }
* basicNetworkFirewallPolicy, err := compute.NewNetworkFirewallPolicy(ctx, "basic_network_firewall_policy", &compute.NetworkFirewallPolicyArgs{
* Name: pulumi.String("policy"),
* Description: pulumi.String("Sample global network firewall policy"),
* Project: pulumi.String("my-project-name"),
* })
* if err != nil {
* return err
* }
* basicNetwork, err := compute.NewNetwork(ctx, "basic_network", &compute.NetworkArgs{
* Name: pulumi.String("network"),
* })
* if err != nil {
* return err
* }
* basicKey, err := tags.NewTagKey(ctx, "basic_key", &tags.TagKeyArgs{
* Description: pulumi.String("For keyname resources."),
* Parent: pulumi.String("organizations/123456789"),
* Purpose: pulumi.String("GCE_FIREWALL"),
* ShortName: pulumi.String("tagkey"),
* PurposeData: pulumi.StringMap{
* "network": basicNetwork.Name.ApplyT(func(name string) (string, error) {
* return fmt.Sprintf("my-project-name/%v", name), nil
* }).(pulumi.StringOutput),
* },
* })
* if err != nil {
* return err
* }
* basicValue, err := tags.NewTagValue(ctx, "basic_value", &tags.TagValueArgs{
* Description: pulumi.String("For valuename resources."),
* Parent: basicKey.Name.ApplyT(func(name string) (string, error) {
* return fmt.Sprintf("tagKeys/%v", name), nil
* }).(pulumi.StringOutput),
* ShortName: pulumi.String("tagvalue"),
* })
* if err != nil {
* return err
* }
* _, err = compute.NewNetworkFirewallPolicyRule(ctx, "primary", &compute.NetworkFirewallPolicyRuleArgs{
* Action: pulumi.String("allow"),
* Description: pulumi.String("This is a simple rule description"),
* Direction: pulumi.String("INGRESS"),
* Disabled: pulumi.Bool(false),
* EnableLogging: pulumi.Bool(true),
* FirewallPolicy: basicNetworkFirewallPolicy.Name,
* Priority: pulumi.Int(1000),
* RuleName: pulumi.String("test-rule"),
* TargetServiceAccounts: pulumi.StringArray{
* pulumi.String("[email protected] "),
* },
* Match: &compute.NetworkFirewallPolicyRuleMatchArgs{
* SrcIpRanges: pulumi.StringArray{
* pulumi.String("10.100.0.1/32"),
* },
* SrcFqdns: pulumi.StringArray{
* pulumi.String("google.com"),
* },
* SrcRegionCodes: pulumi.StringArray{
* pulumi.String("US"),
* },
* SrcThreatIntelligences: pulumi.StringArray{
* pulumi.String("iplist-known-malicious-ips"),
* },
* SrcSecureTags: compute.NetworkFirewallPolicyRuleMatchSrcSecureTagArray{
* &compute.NetworkFirewallPolicyRuleMatchSrcSecureTagArgs{
* Name: basicValue.Name.ApplyT(func(name string) (string, error) {
* return fmt.Sprintf("tagValues/%v", name), nil
* }).(pulumi.StringOutput),
* },
* },
* Layer4Configs: compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArray{
* &compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs{
* IpProtocol: pulumi.String("all"),
* },
* },
* SrcAddressGroups: pulumi.StringArray{
* basicGlobalNetworksecurityAddressGroup.ID(),
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.networksecurity.AddressGroup;
* import com.pulumi.gcp.networksecurity.AddressGroupArgs;
* import com.pulumi.gcp.compute.NetworkFirewallPolicy;
* import com.pulumi.gcp.compute.NetworkFirewallPolicyArgs;
* import com.pulumi.gcp.compute.Network;
* import com.pulumi.gcp.compute.NetworkArgs;
* import com.pulumi.gcp.tags.TagKey;
* import com.pulumi.gcp.tags.TagKeyArgs;
* import com.pulumi.gcp.tags.TagValue;
* import com.pulumi.gcp.tags.TagValueArgs;
* import com.pulumi.gcp.compute.NetworkFirewallPolicyRule;
* import com.pulumi.gcp.compute.NetworkFirewallPolicyRuleArgs;
* import com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyRuleMatchArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var basicGlobalNetworksecurityAddressGroup = new AddressGroup("basicGlobalNetworksecurityAddressGroup", AddressGroupArgs.builder()
* .name("policy")
* .parent("projects/my-project-name")
* .description("Sample global networksecurity_address_group")
* .location("global")
* .items("208.80.154.224/32")
* .type("IPV4")
* .capacity(100)
* .build());
* var basicNetworkFirewallPolicy = new NetworkFirewallPolicy("basicNetworkFirewallPolicy", NetworkFirewallPolicyArgs.builder()
* .name("policy")
* .description("Sample global network firewall policy")
* .project("my-project-name")
* .build());
* var basicNetwork = new Network("basicNetwork", NetworkArgs.builder()
* .name("network")
* .build());
* var basicKey = new TagKey("basicKey", TagKeyArgs.builder()
* .description("For keyname resources.")
* .parent("organizations/123456789")
* .purpose("GCE_FIREWALL")
* .shortName("tagkey")
* .purposeData(Map.of("network", basicNetwork.name().applyValue(name -> String.format("my-project-name/%s", name))))
* .build());
* var basicValue = new TagValue("basicValue", TagValueArgs.builder()
* .description("For valuename resources.")
* .parent(basicKey.name().applyValue(name -> String.format("tagKeys/%s", name)))
* .shortName("tagvalue")
* .build());
* var primary = new NetworkFirewallPolicyRule("primary", NetworkFirewallPolicyRuleArgs.builder()
* .action("allow")
* .description("This is a simple rule description")
* .direction("INGRESS")
* .disabled(false)
* .enableLogging(true)
* .firewallPolicy(basicNetworkFirewallPolicy.name())
* .priority(1000)
* .ruleName("test-rule")
* .targetServiceAccounts("[email protected] ")
* .match(NetworkFirewallPolicyRuleMatchArgs.builder()
* .srcIpRanges("10.100.0.1/32")
* .srcFqdns("google.com")
* .srcRegionCodes("US")
* .srcThreatIntelligences("iplist-known-malicious-ips")
* .srcSecureTags(NetworkFirewallPolicyRuleMatchSrcSecureTagArgs.builder()
* .name(basicValue.name().applyValue(name -> String.format("tagValues/%s", name)))
* .build())
* .layer4Configs(NetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()
* .ipProtocol("all")
* .build())
* .srcAddressGroups(basicGlobalNetworksecurityAddressGroup.id())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* basicGlobalNetworksecurityAddressGroup:
* type: gcp:networksecurity:AddressGroup
* name: basic_global_networksecurity_address_group
* properties:
* name: policy
* parent: projects/my-project-name
* description: Sample global networksecurity_address_group
* location: global
* items:
* - 208.80.154.224/32
* type: IPV4
* capacity: 100
* basicNetworkFirewallPolicy:
* type: gcp:compute:NetworkFirewallPolicy
* name: basic_network_firewall_policy
* properties:
* name: policy
* description: Sample global network firewall policy
* project: my-project-name
* primary:
* type: gcp:compute:NetworkFirewallPolicyRule
* properties:
* action: allow
* description: This is a simple rule description
* direction: INGRESS
* disabled: false
* enableLogging: true
* firewallPolicy: ${basicNetworkFirewallPolicy.name}
* priority: 1000
* ruleName: test-rule
* targetServiceAccounts:
* - [email protected]
* match:
* srcIpRanges:
* - 10.100.0.1/32
* srcFqdns:
* - google.com
* srcRegionCodes:
* - US
* srcThreatIntelligences:
* - iplist-known-malicious-ips
* srcSecureTags:
* - name: tagValues/${basicValue.name}
* layer4Configs:
* - ipProtocol: all
* srcAddressGroups:
* - ${basicGlobalNetworksecurityAddressGroup.id}
* basicNetwork:
* type: gcp:compute:Network
* name: basic_network
* properties:
* name: network
* basicKey:
* type: gcp:tags:TagKey
* name: basic_key
* properties:
* description: For keyname resources.
* parent: organizations/123456789
* purpose: GCE_FIREWALL
* shortName: tagkey
* purposeData:
* network: my-project-name/${basicNetwork.name}
* basicValue:
* type: gcp:tags:TagValue
* name: basic_value
* properties:
* description: For valuename resources.
* parent: tagKeys/${basicKey.name}
* shortName: tagvalue
* ```
*
* ## Import
* NetworkFirewallPolicyRule can be imported using any of these accepted formats:
* * `projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}`
* * `{{project}}/{{firewall_policy}}/{{priority}}`
* * `{{firewall_policy}}/{{priority}}`
* When using the `pulumi import` command, NetworkFirewallPolicyRule can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:compute/networkFirewallPolicyRule:NetworkFirewallPolicyRule default projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}
* ```
* ```sh
* $ pulumi import gcp:compute/networkFirewallPolicyRule:NetworkFirewallPolicyRule default {{project}}/{{firewall_policy}}/{{priority}}
* ```
* ```sh
* $ pulumi import gcp:compute/networkFirewallPolicyRule:NetworkFirewallPolicyRule default {{firewall_policy}}/{{priority}}
* ```
*/
public class NetworkFirewallPolicyRule internal constructor(
override val javaResource: com.pulumi.gcp.compute.NetworkFirewallPolicyRule,
) : KotlinCustomResource(javaResource, NetworkFirewallPolicyRuleMapper) {
/**
* The Action to perform when the client connection triggers the rule. Valid actions are "allow", "deny", "goto_next" and "apply_security_profile_group".
*/
public val action: Output
get() = javaResource.action().applyValue({ args0 -> args0 })
/**
* An optional description for this resource.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The direction in which this rule applies. Possible values: INGRESS, EGRESS
*/
public val direction: Output
get() = javaResource.direction().applyValue({ args0 -> args0 })
/**
* Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and
* traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled.
*/
public val disabled: Output?
get() = javaResource.disabled().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured
* export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on
* "goto_next" rules.
*/
public val enableLogging: Output?
get() = javaResource.enableLogging().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The firewall policy of the resource.
*/
public val firewallPolicy: Output
get() = javaResource.firewallPolicy().applyValue({ args0 -> args0 })
/**
* Type of the resource. Always `compute#firewallPolicyRule` for firewall policy rules
*/
public val kind: Output
get() = javaResource.kind().applyValue({ args0 -> args0 })
/**
* A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
*/
public val match: Output
get() = javaResource.match().applyValue({ args0 ->
args0.let({ args0 ->
networkFirewallPolicyRuleMatchToKotlin(args0)
})
})
/**
* An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest prority.
*/
public val priority: Output
get() = javaResource.priority().applyValue({ args0 -> args0 })
/**
* The project for the resource
*/
public val project: Output
get() = javaResource.project().applyValue({ args0 -> args0 })
/**
* An optional name for the rule. This field is not a unique identifier and can be updated.
*/
public val ruleName: Output?
get() = javaResource.ruleName().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Calculation of the complexity of a single firewall policy rule.
*/
public val ruleTupleCount: Output
get() = javaResource.ruleTupleCount().applyValue({ args0 -> args0 })
/**
* A fully-qualified URL of a SecurityProfileGroup resource. Example:
* https://networksecurity.googleapis.com/v1/organizations/{organizationId}/locations/global/securityProfileGroups/my-security-profile-group.
* It must be specified if action = 'apply_security_profile_group' and cannot be specified for other actions.
*/
public val securityProfileGroup: Output?
get() = javaResource.securityProfileGroup().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are
* specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure
* tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored.
* targetSecureTag may not be set at the same time as targetServiceAccounts. If neither
* targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all
* instances on the specified network. Maximum number of target label tags allowed is 256.
*/
public val targetSecureTags: Output>?
get() = javaResource.targetSecureTags().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
networkFirewallPolicyRuleTargetSecureTagToKotlin(args0)
})
})
}).orElse(null)
})
/**
* A list of service accounts indicating the sets of instances that are applied with this rule.
*/
public val targetServiceAccounts: Output>?
get() = javaResource.targetServiceAccounts().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* Boolean flag indicating if the traffic should be TLS decrypted. It can be set only if action =
* 'apply_security_profile_group' and cannot be set for other actions.
*/
public val tlsInspect: Output?
get() = javaResource.tlsInspect().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
}
public object NetworkFirewallPolicyRuleMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.gcp.compute.NetworkFirewallPolicyRule::class == javaResource::class
override fun map(javaResource: Resource): NetworkFirewallPolicyRule =
NetworkFirewallPolicyRule(javaResource as com.pulumi.gcp.compute.NetworkFirewallPolicyRule)
}
/**
* @see [NetworkFirewallPolicyRule].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [NetworkFirewallPolicyRule].
*/
public suspend fun networkFirewallPolicyRule(
name: String,
block: suspend NetworkFirewallPolicyRuleResourceBuilder.() -> Unit,
): NetworkFirewallPolicyRule {
val builder = NetworkFirewallPolicyRuleResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [NetworkFirewallPolicyRule].
* @param name The _unique_ name of the resulting resource.
*/
public fun networkFirewallPolicyRule(name: String): NetworkFirewallPolicyRule {
val builder = NetworkFirewallPolicyRuleResourceBuilder()
builder.name(name)
return builder.build()
}
