Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.networksecurity.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.networksecurity.AuthorizationPolicyArgs.builder
import com.pulumi.gcp.networksecurity.kotlin.inputs.AuthorizationPolicyRuleArgs
import com.pulumi.gcp.networksecurity.kotlin.inputs.AuthorizationPolicyRuleArgsBuilder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.collections.Map
import kotlin.jvm.JvmName
/**
* ## Example Usage
* ### Network Security Authorization Policy Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const _default = new gcp.networksecurity.AuthorizationPolicy("default", {
* name: "my-authorization-policy",
* labels: {
* foo: "bar",
* },
* description: "my description",
* action: "ALLOW",
* rules: [{
* sources: [{
* principals: ["namespace/*"],
* ipBlocks: ["1.2.3.0/24"],
* }],
* }],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* default = gcp.networksecurity.AuthorizationPolicy("default",
* name="my-authorization-policy",
* labels={
* "foo": "bar",
* },
* description="my description",
* action="ALLOW",
* rules=[{
* "sources": [{
* "principals": ["namespace/*"],
* "ip_blocks": ["1.2.3.0/24"],
* }],
* }])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var @default = new Gcp.NetworkSecurity.AuthorizationPolicy("default", new()
* {
* Name = "my-authorization-policy",
* Labels =
* {
* { "foo", "bar" },
* },
* Description = "my description",
* Action = "ALLOW",
* Rules = new[]
* {
* new Gcp.NetworkSecurity.Inputs.AuthorizationPolicyRuleArgs
* {
* Sources = new[]
* {
* new Gcp.NetworkSecurity.Inputs.AuthorizationPolicyRuleSourceArgs
* {
* Principals = new[]
* {
* "namespace/*",
* },
* IpBlocks = new[]
* {
* "1.2.3.0/24",
* },
* },
* },
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := networksecurity.NewAuthorizationPolicy(ctx, "default", &networksecurity.AuthorizationPolicyArgs{
* Name: pulumi.String("my-authorization-policy"),
* Labels: pulumi.StringMap{
* "foo": pulumi.String("bar"),
* },
* Description: pulumi.String("my description"),
* Action: pulumi.String("ALLOW"),
* Rules: networksecurity.AuthorizationPolicyRuleArray{
* &networksecurity.AuthorizationPolicyRuleArgs{
* Sources: networksecurity.AuthorizationPolicyRuleSourceArray{
* &networksecurity.AuthorizationPolicyRuleSourceArgs{
* Principals: pulumi.StringArray{
* pulumi.String("namespace/*"),
* },
* IpBlocks: pulumi.StringArray{
* pulumi.String("1.2.3.0/24"),
* },
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.networksecurity.AuthorizationPolicy;
* import com.pulumi.gcp.networksecurity.AuthorizationPolicyArgs;
* import com.pulumi.gcp.networksecurity.inputs.AuthorizationPolicyRuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var default_ = new AuthorizationPolicy("default", AuthorizationPolicyArgs.builder()
* .name("my-authorization-policy")
* .labels(Map.of("foo", "bar"))
* .description("my description")
* .action("ALLOW")
* .rules(AuthorizationPolicyRuleArgs.builder()
* .sources(AuthorizationPolicyRuleSourceArgs.builder()
* .principals("namespace/*")
* .ipBlocks("1.2.3.0/24")
* .build())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:networksecurity:AuthorizationPolicy
* properties:
* name: my-authorization-policy
* labels:
* foo: bar
* description: my description
* action: ALLOW
* rules:
* - sources:
* - principals:
* - namespace/*
* ipBlocks:
* - 1.2.3.0/24
* ```
*
* ### Network Security Authorization Policy Destinations
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const _default = new gcp.networksecurity.AuthorizationPolicy("default", {
* name: "my-authorization-policy",
* labels: {
* foo: "bar",
* },
* description: "my description",
* action: "ALLOW",
* rules: [{
* sources: [{
* principals: ["namespace/*"],
* ipBlocks: ["1.2.3.0/24"],
* }],
* destinations: [{
* hosts: ["mydomain.*"],
* ports: [8080],
* methods: ["GET"],
* httpHeaderMatch: {
* headerName: ":method",
* regexMatch: "GET",
* },
* }],
* }],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* default = gcp.networksecurity.AuthorizationPolicy("default",
* name="my-authorization-policy",
* labels={
* "foo": "bar",
* },
* description="my description",
* action="ALLOW",
* rules=[{
* "sources": [{
* "principals": ["namespace/*"],
* "ip_blocks": ["1.2.3.0/24"],
* }],
* "destinations": [{
* "hosts": ["mydomain.*"],
* "ports": [8080],
* "methods": ["GET"],
* "http_header_match": {
* "header_name": ":method",
* "regex_match": "GET",
* },
* }],
* }])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var @default = new Gcp.NetworkSecurity.AuthorizationPolicy("default", new()
* {
* Name = "my-authorization-policy",
* Labels =
* {
* { "foo", "bar" },
* },
* Description = "my description",
* Action = "ALLOW",
* Rules = new[]
* {
* new Gcp.NetworkSecurity.Inputs.AuthorizationPolicyRuleArgs
* {
* Sources = new[]
* {
* new Gcp.NetworkSecurity.Inputs.AuthorizationPolicyRuleSourceArgs
* {
* Principals = new[]
* {
* "namespace/*",
* },
* IpBlocks = new[]
* {
* "1.2.3.0/24",
* },
* },
* },
* Destinations = new[]
* {
* new Gcp.NetworkSecurity.Inputs.AuthorizationPolicyRuleDestinationArgs
* {
* Hosts = new[]
* {
* "mydomain.*",
* },
* Ports = new[]
* {
* 8080,
* },
* Methods = new[]
* {
* "GET",
* },
* HttpHeaderMatch = new Gcp.NetworkSecurity.Inputs.AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs
* {
* HeaderName = ":method",
* RegexMatch = "GET",
* },
* },
* },
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := networksecurity.NewAuthorizationPolicy(ctx, "default", &networksecurity.AuthorizationPolicyArgs{
* Name: pulumi.String("my-authorization-policy"),
* Labels: pulumi.StringMap{
* "foo": pulumi.String("bar"),
* },
* Description: pulumi.String("my description"),
* Action: pulumi.String("ALLOW"),
* Rules: networksecurity.AuthorizationPolicyRuleArray{
* &networksecurity.AuthorizationPolicyRuleArgs{
* Sources: networksecurity.AuthorizationPolicyRuleSourceArray{
* &networksecurity.AuthorizationPolicyRuleSourceArgs{
* Principals: pulumi.StringArray{
* pulumi.String("namespace/*"),
* },
* IpBlocks: pulumi.StringArray{
* pulumi.String("1.2.3.0/24"),
* },
* },
* },
* Destinations: networksecurity.AuthorizationPolicyRuleDestinationArray{
* &networksecurity.AuthorizationPolicyRuleDestinationArgs{
* Hosts: pulumi.StringArray{
* pulumi.String("mydomain.*"),
* },
* Ports: pulumi.IntArray{
* pulumi.Int(8080),
* },
* Methods: pulumi.StringArray{
* pulumi.String("GET"),
* },
* HttpHeaderMatch: &networksecurity.AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs{
* HeaderName: pulumi.String(":method"),
* RegexMatch: pulumi.String("GET"),
* },
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.networksecurity.AuthorizationPolicy;
* import com.pulumi.gcp.networksecurity.AuthorizationPolicyArgs;
* import com.pulumi.gcp.networksecurity.inputs.AuthorizationPolicyRuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var default_ = new AuthorizationPolicy("default", AuthorizationPolicyArgs.builder()
* .name("my-authorization-policy")
* .labels(Map.of("foo", "bar"))
* .description("my description")
* .action("ALLOW")
* .rules(AuthorizationPolicyRuleArgs.builder()
* .sources(AuthorizationPolicyRuleSourceArgs.builder()
* .principals("namespace/*")
* .ipBlocks("1.2.3.0/24")
* .build())
* .destinations(AuthorizationPolicyRuleDestinationArgs.builder()
* .hosts("mydomain.*")
* .ports(8080)
* .methods("GET")
* .httpHeaderMatch(AuthorizationPolicyRuleDestinationHttpHeaderMatchArgs.builder()
* .headerName(":method")
* .regexMatch("GET")
* .build())
* .build())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:networksecurity:AuthorizationPolicy
* properties:
* name: my-authorization-policy
* labels:
* foo: bar
* description: my description
* action: ALLOW
* rules:
* - sources:
* - principals:
* - namespace/*
* ipBlocks:
* - 1.2.3.0/24
* destinations:
* - hosts:
* - mydomain.*
* ports:
* - 8080
* methods:
* - GET
* httpHeaderMatch:
* headerName: :method
* regexMatch: GET
* ```
*
* ## Import
* AuthorizationPolicy can be imported using any of these accepted formats:
* * `projects/{{project}}/locations/{{location}}/authorizationPolicies/{{name}}`
* * `{{project}}/{{location}}/{{name}}`
* * `{{location}}/{{name}}`
* When using the `pulumi import` command, AuthorizationPolicy can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default projects/{{project}}/locations/{{location}}/authorizationPolicies/{{name}}
* ```
* ```sh
* $ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default {{project}}/{{location}}/{{name}}
* ```
* ```sh
* $ pulumi import gcp:networksecurity/authorizationPolicy:AuthorizationPolicy default {{location}}/{{name}}
* ```
* @property action The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
* Possible values are: `ALLOW`, `DENY`.
* @property description A free-text description of the resource. Max length 1024 characters.
* @property labels Set of label tags associated with the AuthorizationPolicy resource.
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effective_labels` for all of the labels present on the resource.
* @property location The location of the authorization policy.
* The default value is `global`.
* @property name Name of the AuthorizationPolicy resource.
* - - -
* @property project The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
* @property rules List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
* A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
* Structure is documented below.
* */*/*/*/*/*/*/*/*/*/*/*/
*/
public data class AuthorizationPolicyArgs(
public val action: Output? = null,
public val description: Output? = null,
public val labels: Output>? = null,
public val location: Output? = null,
public val name: Output? = null,
public val project: Output? = null,
public val rules: Output>? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.networksecurity.AuthorizationPolicyArgs =
com.pulumi.gcp.networksecurity.AuthorizationPolicyArgs.builder()
.action(action?.applyValue({ args0 -> args0 }))
.description(description?.applyValue({ args0 -> args0 }))
.labels(labels?.applyValue({ args0 -> args0.map({ args0 -> args0.key.to(args0.value) }).toMap() }))
.location(location?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.project(project?.applyValue({ args0 -> args0 }))
.rules(
rules?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
).build()
}
/**
* Builder for [AuthorizationPolicyArgs].
*/
@PulumiTagMarker
public class AuthorizationPolicyArgsBuilder internal constructor() {
private var action: Output? = null
private var description: Output? = null
private var labels: Output>? = null
private var location: Output? = null
private var name: Output? = null
private var project: Output? = null
private var rules: Output>? = null
/**
* @param value The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
* Possible values are: `ALLOW`, `DENY`.
*/
@JvmName("qufhmaocunnrnhwp")
public suspend fun action(`value`: Output) {
this.action = value
}
/**
* @param value A free-text description of the resource. Max length 1024 characters.
*/
@JvmName("agivbhvnrwspllel")
public suspend fun description(`value`: Output) {
this.description = value
}
/**
* @param value Set of label tags associated with the AuthorizationPolicy resource.
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effective_labels` for all of the labels present on the resource.
*/
@JvmName("vxpplmldpxyxafng")
public suspend fun labels(`value`: Output>) {
this.labels = value
}
/**
* @param value The location of the authorization policy.
* The default value is `global`.
*/
@JvmName("bmxhycojiqjhesmq")
public suspend fun location(`value`: Output) {
this.location = value
}
/**
* @param value Name of the AuthorizationPolicy resource.
* - - -
*/
@JvmName("llailygisxaufahu")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
@JvmName("cgffmjmqcmlvgmfc")
public suspend fun project(`value`: Output) {
this.project = value
}
/**
* @param value List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
* A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
* Structure is documented below.
*/
@JvmName("wuhkgirgihlxwvbm")
public suspend fun rules(`value`: Output>) {
this.rules = value
}
@JvmName("fvcbbypbajohidxv")
public suspend fun rules(vararg values: Output) {
this.rules = Output.all(values.asList())
}
/**
* @param values List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
* A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
* Structure is documented below.
*/
@JvmName("kgqcmjcblndlxulx")
public suspend fun rules(values: List>) {
this.rules = Output.all(values)
}
/**
* @param value The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
* Possible values are: `ALLOW`, `DENY`.
*/
@JvmName("gesvsdsosmbqvhnq")
public suspend fun action(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.action = mapped
}
/**
* @param value A free-text description of the resource. Max length 1024 characters.
*/
@JvmName("nyyhpofywrgdjfka")
public suspend fun description(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.description = mapped
}
/**
* @param value Set of label tags associated with the AuthorizationPolicy resource.
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effective_labels` for all of the labels present on the resource.
*/
@JvmName("qkiidngvjmsqkfrs")
public suspend fun labels(`value`: Map?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.labels = mapped
}
/**
* @param values Set of label tags associated with the AuthorizationPolicy resource.
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effective_labels` for all of the labels present on the resource.
*/
@JvmName("ejugbbjsrvasdhwn")
public fun labels(vararg values: Pair) {
val toBeMapped = values.toMap()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.labels = mapped
}
/**
* @param value The location of the authorization policy.
* The default value is `global`.
*/
@JvmName("sapyifhtxhwmmsvk")
public suspend fun location(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.location = mapped
}
/**
* @param value Name of the AuthorizationPolicy resource.
* - - -
*/
@JvmName("sjbaoskjryncvpsg")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
@JvmName("ydbunjdpoijsemut")
public suspend fun project(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.project = mapped
}
/**
* @param value List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
* A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
* Structure is documented below.
*/
@JvmName("seryoieyegeqjtvm")
public suspend fun rules(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.rules = mapped
}
/**
* @param argument List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
* A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
* Structure is documented below.
*/
@JvmName("wimypcprlqlkncyv")
public suspend fun rules(argument: List Unit>) {
val toBeMapped = argument.toList().map {
AuthorizationPolicyRuleArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.rules = mapped
}
/**
* @param argument List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
* A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
* Structure is documented below.
*/
@JvmName("wrhhflqgbkgmpfxk")
public suspend fun rules(vararg argument: suspend AuthorizationPolicyRuleArgsBuilder.() -> Unit) {
val toBeMapped = argument.toList().map {
AuthorizationPolicyRuleArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.rules = mapped
}
/**
* @param argument List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
* A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
* Structure is documented below.
*/
@JvmName("ikqdqyflfwijjfuj")
public suspend fun rules(argument: suspend AuthorizationPolicyRuleArgsBuilder.() -> Unit) {
val toBeMapped = listOf(
AuthorizationPolicyRuleArgsBuilder().applySuspend {
argument()
}.build(),
)
val mapped = of(toBeMapped)
this.rules = mapped
}
/**
* @param values List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken.
* A rule is a match if there is a matching source and destination. If left blank, the action specified in the action field will be applied on every request.
* Structure is documented below.
*/
@JvmName("ppsaynptelmbxrft")
public suspend fun rules(vararg values: AuthorizationPolicyRuleArgs) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.rules = mapped
}
internal fun build(): AuthorizationPolicyArgs = AuthorizationPolicyArgs(
action = action,
description = description,
labels = labels,
location = location,
name = name,
project = project,
rules = rules,
)
}
