Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
com.pulumi.gcp.networkservices.kotlin.GatewayArgs.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.networkservices.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.networkservices.GatewayArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.Boolean
import kotlin.Int
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.collections.Map
import kotlin.jvm.JvmName
/**
* Gateway represents the configuration for a proxy, typically a load balancer.
* It captures the ip:port over which the services are exposed by the proxy,
* along with any policy configurations. Routes have reference to to Gateways
* to dictate how requests should be routed by this Gateway.
* To get more information about Gateway, see:
* * [API documentation](https://cloud.google.com/traffic-director/docs/reference/network-services/rest/v1/projects.locations.gateways)
* ## Example Usage
* ### Network Services Gateway Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const _default = new gcp.networkservices.Gateway("default", {
* name: "my-gateway",
* scope: "default-scope-basic",
* type: "OPEN_MESH",
* ports: [443],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* default = gcp.networkservices.Gateway("default",
* name="my-gateway",
* scope="default-scope-basic",
* type="OPEN_MESH",
* ports=[443])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var @default = new Gcp.NetworkServices.Gateway("default", new()
* {
* Name = "my-gateway",
* Scope = "default-scope-basic",
* Type = "OPEN_MESH",
* Ports = new[]
* {
* 443,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networkservices"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := networkservices.NewGateway(ctx, "default", &networkservices.GatewayArgs{
* Name: pulumi.String("my-gateway"),
* Scope: pulumi.String("default-scope-basic"),
* Type: pulumi.String("OPEN_MESH"),
* Ports: pulumi.IntArray{
* pulumi.Int(443),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.networkservices.Gateway;
* import com.pulumi.gcp.networkservices.GatewayArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var default_ = new Gateway("default", GatewayArgs.builder()
* .name("my-gateway")
* .scope("default-scope-basic")
* .type("OPEN_MESH")
* .ports(443)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:networkservices:Gateway
* properties:
* name: my-gateway
* scope: default-scope-basic
* type: OPEN_MESH
* ports:
* - 443
* ```
*
* ### Network Services Gateway Advanced
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const _default = new gcp.networkservices.Gateway("default", {
* name: "my-gateway",
* labels: {
* foo: "bar",
* },
* description: "my description",
* type: "OPEN_MESH",
* ports: [443],
* scope: "default-scope-advance",
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* default = gcp.networkservices.Gateway("default",
* name="my-gateway",
* labels={
* "foo": "bar",
* },
* description="my description",
* type="OPEN_MESH",
* ports=[443],
* scope="default-scope-advance")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var @default = new Gcp.NetworkServices.Gateway("default", new()
* {
* Name = "my-gateway",
* Labels =
* {
* { "foo", "bar" },
* },
* Description = "my description",
* Type = "OPEN_MESH",
* Ports = new[]
* {
* 443,
* },
* Scope = "default-scope-advance",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networkservices"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := networkservices.NewGateway(ctx, "default", &networkservices.GatewayArgs{
* Name: pulumi.String("my-gateway"),
* Labels: pulumi.StringMap{
* "foo": pulumi.String("bar"),
* },
* Description: pulumi.String("my description"),
* Type: pulumi.String("OPEN_MESH"),
* Ports: pulumi.IntArray{
* pulumi.Int(443),
* },
* Scope: pulumi.String("default-scope-advance"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.networkservices.Gateway;
* import com.pulumi.gcp.networkservices.GatewayArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var default_ = new Gateway("default", GatewayArgs.builder()
* .name("my-gateway")
* .labels(Map.of("foo", "bar"))
* .description("my description")
* .type("OPEN_MESH")
* .ports(443)
* .scope("default-scope-advance")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:networkservices:Gateway
* properties:
* name: my-gateway
* labels:
* foo: bar
* description: my description
* type: OPEN_MESH
* ports:
* - 443
* scope: default-scope-advance
* ```
*
* ### Network Services Gateway Secure Web Proxy
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
* const _default = new gcp.certificatemanager.Certificate("default", {
* name: "my-certificate",
* location: "us-central1",
* selfManaged: {
* pemCertificate: std.file({
* input: "test-fixtures/cert.pem",
* }).then(invoke => invoke.result),
* pemPrivateKey: std.file({
* input: "test-fixtures/private-key.pem",
* }).then(invoke => invoke.result),
* },
* });
* const defaultNetwork = new gcp.compute.Network("default", {
* name: "my-network",
* routingMode: "REGIONAL",
* autoCreateSubnetworks: false,
* });
* const defaultSubnetwork = new gcp.compute.Subnetwork("default", {
* name: "my-subnetwork-name",
* purpose: "PRIVATE",
* ipCidrRange: "10.128.0.0/20",
* region: "us-central1",
* network: defaultNetwork.id,
* role: "ACTIVE",
* });
* const proxyonlysubnet = new gcp.compute.Subnetwork("proxyonlysubnet", {
* name: "my-proxy-only-subnetwork",
* purpose: "REGIONAL_MANAGED_PROXY",
* ipCidrRange: "192.168.0.0/23",
* region: "us-central1",
* network: defaultNetwork.id,
* role: "ACTIVE",
* });
* const defaultGatewaySecurityPolicy = new gcp.networksecurity.GatewaySecurityPolicy("default", {
* name: "my-policy-name",
* location: "us-central1",
* });
* const defaultGatewaySecurityPolicyRule = new gcp.networksecurity.GatewaySecurityPolicyRule("default", {
* name: "my-policyrule-name",
* location: "us-central1",
* gatewaySecurityPolicy: defaultGatewaySecurityPolicy.name,
* enabled: true,
* priority: 1,
* sessionMatcher: "host() == 'example.com'",
* basicProfile: "ALLOW",
* });
* const defaultGateway = new gcp.networkservices.Gateway("default", {
* name: "my-gateway1",
* location: "us-central1",
* addresses: ["10.128.0.99"],
* type: "SECURE_WEB_GATEWAY",
* ports: [443],
* scope: "my-default-scope1",
* certificateUrls: [_default.id],
* gatewaySecurityPolicy: defaultGatewaySecurityPolicy.id,
* network: defaultNetwork.id,
* subnetwork: defaultSubnetwork.id,
* deleteSwgAutogenRouterOnDestroy: true,
* }, {
* dependsOn: [proxyonlysubnet],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* import pulumi_std as std
* default = gcp.certificatemanager.Certificate("default",
* name="my-certificate",
* location="us-central1",
* self_managed={
* "pem_certificate": std.file(input="test-fixtures/cert.pem").result,
* "pem_private_key": std.file(input="test-fixtures/private-key.pem").result,
* })
* default_network = gcp.compute.Network("default",
* name="my-network",
* routing_mode="REGIONAL",
* auto_create_subnetworks=False)
* default_subnetwork = gcp.compute.Subnetwork("default",
* name="my-subnetwork-name",
* purpose="PRIVATE",
* ip_cidr_range="10.128.0.0/20",
* region="us-central1",
* network=default_network.id,
* role="ACTIVE")
* proxyonlysubnet = gcp.compute.Subnetwork("proxyonlysubnet",
* name="my-proxy-only-subnetwork",
* purpose="REGIONAL_MANAGED_PROXY",
* ip_cidr_range="192.168.0.0/23",
* region="us-central1",
* network=default_network.id,
* role="ACTIVE")
* default_gateway_security_policy = gcp.networksecurity.GatewaySecurityPolicy("default",
* name="my-policy-name",
* location="us-central1")
* default_gateway_security_policy_rule = gcp.networksecurity.GatewaySecurityPolicyRule("default",
* name="my-policyrule-name",
* location="us-central1",
* gateway_security_policy=default_gateway_security_policy.name,
* enabled=True,
* priority=1,
* session_matcher="host() == 'example.com'",
* basic_profile="ALLOW")
* default_gateway = gcp.networkservices.Gateway("default",
* name="my-gateway1",
* location="us-central1",
* addresses=["10.128.0.99"],
* type="SECURE_WEB_GATEWAY",
* ports=[443],
* scope="my-default-scope1",
* certificate_urls=[default.id],
* gateway_security_policy=default_gateway_security_policy.id,
* network=default_network.id,
* subnetwork=default_subnetwork.id,
* delete_swg_autogen_router_on_destroy=True,
* opts = pulumi.ResourceOptions(depends_on=[proxyonlysubnet]))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* using Std = Pulumi.Std;
* return await Deployment.RunAsync(() =>
* {
* var @default = new Gcp.CertificateManager.Certificate("default", new()
* {
* Name = "my-certificate",
* Location = "us-central1",
* SelfManaged = new Gcp.CertificateManager.Inputs.CertificateSelfManagedArgs
* {
* PemCertificate = Std.File.Invoke(new()
* {
* Input = "test-fixtures/cert.pem",
* }).Apply(invoke => invoke.Result),
* PemPrivateKey = Std.File.Invoke(new()
* {
* Input = "test-fixtures/private-key.pem",
* }).Apply(invoke => invoke.Result),
* },
* });
* var defaultNetwork = new Gcp.Compute.Network("default", new()
* {
* Name = "my-network",
* RoutingMode = "REGIONAL",
* AutoCreateSubnetworks = false,
* });
* var defaultSubnetwork = new Gcp.Compute.Subnetwork("default", new()
* {
* Name = "my-subnetwork-name",
* Purpose = "PRIVATE",
* IpCidrRange = "10.128.0.0/20",
* Region = "us-central1",
* Network = defaultNetwork.Id,
* Role = "ACTIVE",
* });
* var proxyonlysubnet = new Gcp.Compute.Subnetwork("proxyonlysubnet", new()
* {
* Name = "my-proxy-only-subnetwork",
* Purpose = "REGIONAL_MANAGED_PROXY",
* IpCidrRange = "192.168.0.0/23",
* Region = "us-central1",
* Network = defaultNetwork.Id,
* Role = "ACTIVE",
* });
* var defaultGatewaySecurityPolicy = new Gcp.NetworkSecurity.GatewaySecurityPolicy("default", new()
* {
* Name = "my-policy-name",
* Location = "us-central1",
* });
* var defaultGatewaySecurityPolicyRule = new Gcp.NetworkSecurity.GatewaySecurityPolicyRule("default", new()
* {
* Name = "my-policyrule-name",
* Location = "us-central1",
* GatewaySecurityPolicy = defaultGatewaySecurityPolicy.Name,
* Enabled = true,
* Priority = 1,
* SessionMatcher = "host() == 'example.com'",
* BasicProfile = "ALLOW",
* });
* var defaultGateway = new Gcp.NetworkServices.Gateway("default", new()
* {
* Name = "my-gateway1",
* Location = "us-central1",
* Addresses = new[]
* {
* "10.128.0.99",
* },
* Type = "SECURE_WEB_GATEWAY",
* Ports = new[]
* {
* 443,
* },
* Scope = "my-default-scope1",
* CertificateUrls = new[]
* {
* @default.Id,
* },
* GatewaySecurityPolicy = defaultGatewaySecurityPolicy.Id,
* Network = defaultNetwork.Id,
* Subnetwork = defaultSubnetwork.Id,
* DeleteSwgAutogenRouterOnDestroy = true,
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* proxyonlysubnet,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networkservices"
* "github.com/pulumi/pulumi-std/sdk/go/std"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* invokeFile, err := std.File(ctx, &std.FileArgs{
* Input: "test-fixtures/cert.pem",
* }, nil)
* if err != nil {
* return err
* }
* invokeFile1, err := std.File(ctx, &std.FileArgs{
* Input: "test-fixtures/private-key.pem",
* }, nil)
* if err != nil {
* return err
* }
* _, err = certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
* Name: pulumi.String("my-certificate"),
* Location: pulumi.String("us-central1"),
* SelfManaged: &certificatemanager.CertificateSelfManagedArgs{
* PemCertificate: pulumi.String(invokeFile.Result),
* PemPrivateKey: pulumi.String(invokeFile1.Result),
* },
* })
* if err != nil {
* return err
* }
* defaultNetwork, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
* Name: pulumi.String("my-network"),
* RoutingMode: pulumi.String("REGIONAL"),
* AutoCreateSubnetworks: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{
* Name: pulumi.String("my-subnetwork-name"),
* Purpose: pulumi.String("PRIVATE"),
* IpCidrRange: pulumi.String("10.128.0.0/20"),
* Region: pulumi.String("us-central1"),
* Network: defaultNetwork.ID(),
* Role: pulumi.String("ACTIVE"),
* })
* if err != nil {
* return err
* }
* proxyonlysubnet, err := compute.NewSubnetwork(ctx, "proxyonlysubnet", &compute.SubnetworkArgs{
* Name: pulumi.String("my-proxy-only-subnetwork"),
* Purpose: pulumi.String("REGIONAL_MANAGED_PROXY"),
* IpCidrRange: pulumi.String("192.168.0.0/23"),
* Region: pulumi.String("us-central1"),
* Network: defaultNetwork.ID(),
* Role: pulumi.String("ACTIVE"),
* })
* if err != nil {
* return err
* }
* defaultGatewaySecurityPolicy, err := networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
* Name: pulumi.String("my-policy-name"),
* Location: pulumi.String("us-central1"),
* })
* if err != nil {
* return err
* }
* _, err = networksecurity.NewGatewaySecurityPolicyRule(ctx, "default", &networksecurity.GatewaySecurityPolicyRuleArgs{
* Name: pulumi.String("my-policyrule-name"),
* Location: pulumi.String("us-central1"),
* GatewaySecurityPolicy: defaultGatewaySecurityPolicy.Name,
* Enabled: pulumi.Bool(true),
* Priority: pulumi.Int(1),
* SessionMatcher: pulumi.String("host() == 'example.com'"),
* BasicProfile: pulumi.String("ALLOW"),
* })
* if err != nil {
* return err
* }
* _, err = networkservices.NewGateway(ctx, "default", &networkservices.GatewayArgs{
* Name: pulumi.String("my-gateway1"),
* Location: pulumi.String("us-central1"),
* Addresses: pulumi.StringArray{
* pulumi.String("10.128.0.99"),
* },
* Type: pulumi.String("SECURE_WEB_GATEWAY"),
* Ports: pulumi.IntArray{
* pulumi.Int(443),
* },
* Scope: pulumi.String("my-default-scope1"),
* CertificateUrls: pulumi.StringArray{
* _default.ID(),
* },
* GatewaySecurityPolicy: defaultGatewaySecurityPolicy.ID(),
* Network: defaultNetwork.ID(),
* Subnetwork: defaultSubnetwork.ID(),
* DeleteSwgAutogenRouterOnDestroy: pulumi.Bool(true),
* }, pulumi.DependsOn([]pulumi.Resource{
* proxyonlysubnet,
* }))
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.certificatemanager.Certificate;
* import com.pulumi.gcp.certificatemanager.CertificateArgs;
* import com.pulumi.gcp.certificatemanager.inputs.CertificateSelfManagedArgs;
* import com.pulumi.gcp.compute.Network;
* import com.pulumi.gcp.compute.NetworkArgs;
* import com.pulumi.gcp.compute.Subnetwork;
* import com.pulumi.gcp.compute.SubnetworkArgs;
* import com.pulumi.gcp.networksecurity.GatewaySecurityPolicy;
* import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyArgs;
* import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRule;
* import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRuleArgs;
* import com.pulumi.gcp.networkservices.Gateway;
* import com.pulumi.gcp.networkservices.GatewayArgs;
* import com.pulumi.resources.CustomResourceOptions;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var default_ = new Certificate("default", CertificateArgs.builder()
* .name("my-certificate")
* .location("us-central1")
* .selfManaged(CertificateSelfManagedArgs.builder()
* .pemCertificate(StdFunctions.file(FileArgs.builder()
* .input("test-fixtures/cert.pem")
* .build()).result())
* .pemPrivateKey(StdFunctions.file(FileArgs.builder()
* .input("test-fixtures/private-key.pem")
* .build()).result())
* .build())
* .build());
* var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
* .name("my-network")
* .routingMode("REGIONAL")
* .autoCreateSubnetworks(false)
* .build());
* var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
* .name("my-subnetwork-name")
* .purpose("PRIVATE")
* .ipCidrRange("10.128.0.0/20")
* .region("us-central1")
* .network(defaultNetwork.id())
* .role("ACTIVE")
* .build());
* var proxyonlysubnet = new Subnetwork("proxyonlysubnet", SubnetworkArgs.builder()
* .name("my-proxy-only-subnetwork")
* .purpose("REGIONAL_MANAGED_PROXY")
* .ipCidrRange("192.168.0.0/23")
* .region("us-central1")
* .network(defaultNetwork.id())
* .role("ACTIVE")
* .build());
* var defaultGatewaySecurityPolicy = new GatewaySecurityPolicy("defaultGatewaySecurityPolicy", GatewaySecurityPolicyArgs.builder()
* .name("my-policy-name")
* .location("us-central1")
* .build());
* var defaultGatewaySecurityPolicyRule = new GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule", GatewaySecurityPolicyRuleArgs.builder()
* .name("my-policyrule-name")
* .location("us-central1")
* .gatewaySecurityPolicy(defaultGatewaySecurityPolicy.name())
* .enabled(true)
* .priority(1)
* .sessionMatcher("host() == 'example.com'")
* .basicProfile("ALLOW")
* .build());
* var defaultGateway = new Gateway("defaultGateway", GatewayArgs.builder()
* .name("my-gateway1")
* .location("us-central1")
* .addresses("10.128.0.99")
* .type("SECURE_WEB_GATEWAY")
* .ports(443)
* .scope("my-default-scope1")
* .certificateUrls(default_.id())
* .gatewaySecurityPolicy(defaultGatewaySecurityPolicy.id())
* .network(defaultNetwork.id())
* .subnetwork(defaultSubnetwork.id())
* .deleteSwgAutogenRouterOnDestroy(true)
* .build(), CustomResourceOptions.builder()
* .dependsOn(proxyonlysubnet)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:certificatemanager:Certificate
* properties:
* name: my-certificate
* location: us-central1
* selfManaged:
* pemCertificate:
* fn::invoke:
* Function: std:file
* Arguments:
* input: test-fixtures/cert.pem
* Return: result
* pemPrivateKey:
* fn::invoke:
* Function: std:file
* Arguments:
* input: test-fixtures/private-key.pem
* Return: result
* defaultNetwork:
* type: gcp:compute:Network
* name: default
* properties:
* name: my-network
* routingMode: REGIONAL
* autoCreateSubnetworks: false
* defaultSubnetwork:
* type: gcp:compute:Subnetwork
* name: default
* properties:
* name: my-subnetwork-name
* purpose: PRIVATE
* ipCidrRange: 10.128.0.0/20
* region: us-central1
* network: ${defaultNetwork.id}
* role: ACTIVE
* proxyonlysubnet:
* type: gcp:compute:Subnetwork
* properties:
* name: my-proxy-only-subnetwork
* purpose: REGIONAL_MANAGED_PROXY
* ipCidrRange: 192.168.0.0/23
* region: us-central1
* network: ${defaultNetwork.id}
* role: ACTIVE
* defaultGatewaySecurityPolicy:
* type: gcp:networksecurity:GatewaySecurityPolicy
* name: default
* properties:
* name: my-policy-name
* location: us-central1
* defaultGatewaySecurityPolicyRule:
* type: gcp:networksecurity:GatewaySecurityPolicyRule
* name: default
* properties:
* name: my-policyrule-name
* location: us-central1
* gatewaySecurityPolicy: ${defaultGatewaySecurityPolicy.name}
* enabled: true
* priority: 1
* sessionMatcher: host() == 'example.com'
* basicProfile: ALLOW
* defaultGateway:
* type: gcp:networkservices:Gateway
* name: default
* properties:
* name: my-gateway1
* location: us-central1
* addresses:
* - 10.128.0.99
* type: SECURE_WEB_GATEWAY
* ports:
* - 443
* scope: my-default-scope1
* certificateUrls:
* - ${default.id}
* gatewaySecurityPolicy: ${defaultGatewaySecurityPolicy.id}
* network: ${defaultNetwork.id}
* subnetwork: ${defaultSubnetwork.id}
* deleteSwgAutogenRouterOnDestroy: true
* options:
* dependson:
* - ${proxyonlysubnet}
* ```
*
* ### Network Services Gateway Multiple Swp Same Network
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
* const _default = new gcp.certificatemanager.Certificate("default", {
* name: "my-certificate",
* location: "us-south1",
* selfManaged: {
* pemCertificate: std.file({
* input: "test-fixtures/cert.pem",
* }).then(invoke => invoke.result),
* pemPrivateKey: std.file({
* input: "test-fixtures/private-key.pem",
* }).then(invoke => invoke.result),
* },
* });
* const defaultNetwork = new gcp.compute.Network("default", {
* name: "my-network",
* routingMode: "REGIONAL",
* autoCreateSubnetworks: false,
* });
* const defaultSubnetwork = new gcp.compute.Subnetwork("default", {
* name: "my-subnetwork-name",
* purpose: "PRIVATE",
* ipCidrRange: "10.128.0.0/20",
* region: "us-south1",
* network: defaultNetwork.id,
* role: "ACTIVE",
* });
* const proxyonlysubnet = new gcp.compute.Subnetwork("proxyonlysubnet", {
* name: "my-proxy-only-subnetwork",
* purpose: "REGIONAL_MANAGED_PROXY",
* ipCidrRange: "192.168.0.0/23",
* region: "us-south1",
* network: defaultNetwork.id,
* role: "ACTIVE",
* });
* const defaultGatewaySecurityPolicy = new gcp.networksecurity.GatewaySecurityPolicy("default", {
* name: "my-policy-name",
* location: "us-south1",
* });
* const defaultGatewaySecurityPolicyRule = new gcp.networksecurity.GatewaySecurityPolicyRule("default", {
* name: "my-policyrule-name",
* location: "us-south1",
* gatewaySecurityPolicy: defaultGatewaySecurityPolicy.name,
* enabled: true,
* priority: 1,
* sessionMatcher: "host() == 'example.com'",
* basicProfile: "ALLOW",
* });
* const defaultGateway = new gcp.networkservices.Gateway("default", {
* name: "my-gateway1",
* location: "us-south1",
* addresses: ["10.128.0.99"],
* type: "SECURE_WEB_GATEWAY",
* ports: [443],
* scope: "my-default-scope1",
* certificateUrls: [_default.id],
* gatewaySecurityPolicy: defaultGatewaySecurityPolicy.id,
* network: defaultNetwork.id,
* subnetwork: defaultSubnetwork.id,
* deleteSwgAutogenRouterOnDestroy: true,
* }, {
* dependsOn: [proxyonlysubnet],
* });
* const gateway2 = new gcp.networkservices.Gateway("gateway2", {
* name: "my-gateway2",
* location: "us-south1",
* addresses: ["10.128.0.98"],
* type: "SECURE_WEB_GATEWAY",
* ports: [443],
* scope: "my-default-scope2",
* certificateUrls: [_default.id],
* gatewaySecurityPolicy: defaultGatewaySecurityPolicy.id,
* network: defaultNetwork.id,
* subnetwork: defaultSubnetwork.id,
* deleteSwgAutogenRouterOnDestroy: true,
* }, {
* dependsOn: [proxyonlysubnet],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* import pulumi_std as std
* default = gcp.certificatemanager.Certificate("default",
* name="my-certificate",
* location="us-south1",
* self_managed={
* "pem_certificate": std.file(input="test-fixtures/cert.pem").result,
* "pem_private_key": std.file(input="test-fixtures/private-key.pem").result,
* })
* default_network = gcp.compute.Network("default",
* name="my-network",
* routing_mode="REGIONAL",
* auto_create_subnetworks=False)
* default_subnetwork = gcp.compute.Subnetwork("default",
* name="my-subnetwork-name",
* purpose="PRIVATE",
* ip_cidr_range="10.128.0.0/20",
* region="us-south1",
* network=default_network.id,
* role="ACTIVE")
* proxyonlysubnet = gcp.compute.Subnetwork("proxyonlysubnet",
* name="my-proxy-only-subnetwork",
* purpose="REGIONAL_MANAGED_PROXY",
* ip_cidr_range="192.168.0.0/23",
* region="us-south1",
* network=default_network.id,
* role="ACTIVE")
* default_gateway_security_policy = gcp.networksecurity.GatewaySecurityPolicy("default",
* name="my-policy-name",
* location="us-south1")
* default_gateway_security_policy_rule = gcp.networksecurity.GatewaySecurityPolicyRule("default",
* name="my-policyrule-name",
* location="us-south1",
* gateway_security_policy=default_gateway_security_policy.name,
* enabled=True,
* priority=1,
* session_matcher="host() == 'example.com'",
* basic_profile="ALLOW")
* default_gateway = gcp.networkservices.Gateway("default",
* name="my-gateway1",
* location="us-south1",
* addresses=["10.128.0.99"],
* type="SECURE_WEB_GATEWAY",
* ports=[443],
* scope="my-default-scope1",
* certificate_urls=[default.id],
* gateway_security_policy=default_gateway_security_policy.id,
* network=default_network.id,
* subnetwork=default_subnetwork.id,
* delete_swg_autogen_router_on_destroy=True,
* opts = pulumi.ResourceOptions(depends_on=[proxyonlysubnet]))
* gateway2 = gcp.networkservices.Gateway("gateway2",
* name="my-gateway2",
* location="us-south1",
* addresses=["10.128.0.98"],
* type="SECURE_WEB_GATEWAY",
* ports=[443],
* scope="my-default-scope2",
* certificate_urls=[default.id],
* gateway_security_policy=default_gateway_security_policy.id,
* network=default_network.id,
* subnetwork=default_subnetwork.id,
* delete_swg_autogen_router_on_destroy=True,
* opts = pulumi.ResourceOptions(depends_on=[proxyonlysubnet]))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* using Std = Pulumi.Std;
* return await Deployment.RunAsync(() =>
* {
* var @default = new Gcp.CertificateManager.Certificate("default", new()
* {
* Name = "my-certificate",
* Location = "us-south1",
* SelfManaged = new Gcp.CertificateManager.Inputs.CertificateSelfManagedArgs
* {
* PemCertificate = Std.File.Invoke(new()
* {
* Input = "test-fixtures/cert.pem",
* }).Apply(invoke => invoke.Result),
* PemPrivateKey = Std.File.Invoke(new()
* {
* Input = "test-fixtures/private-key.pem",
* }).Apply(invoke => invoke.Result),
* },
* });
* var defaultNetwork = new Gcp.Compute.Network("default", new()
* {
* Name = "my-network",
* RoutingMode = "REGIONAL",
* AutoCreateSubnetworks = false,
* });
* var defaultSubnetwork = new Gcp.Compute.Subnetwork("default", new()
* {
* Name = "my-subnetwork-name",
* Purpose = "PRIVATE",
* IpCidrRange = "10.128.0.0/20",
* Region = "us-south1",
* Network = defaultNetwork.Id,
* Role = "ACTIVE",
* });
* var proxyonlysubnet = new Gcp.Compute.Subnetwork("proxyonlysubnet", new()
* {
* Name = "my-proxy-only-subnetwork",
* Purpose = "REGIONAL_MANAGED_PROXY",
* IpCidrRange = "192.168.0.0/23",
* Region = "us-south1",
* Network = defaultNetwork.Id,
* Role = "ACTIVE",
* });
* var defaultGatewaySecurityPolicy = new Gcp.NetworkSecurity.GatewaySecurityPolicy("default", new()
* {
* Name = "my-policy-name",
* Location = "us-south1",
* });
* var defaultGatewaySecurityPolicyRule = new Gcp.NetworkSecurity.GatewaySecurityPolicyRule("default", new()
* {
* Name = "my-policyrule-name",
* Location = "us-south1",
* GatewaySecurityPolicy = defaultGatewaySecurityPolicy.Name,
* Enabled = true,
* Priority = 1,
* SessionMatcher = "host() == 'example.com'",
* BasicProfile = "ALLOW",
* });
* var defaultGateway = new Gcp.NetworkServices.Gateway("default", new()
* {
* Name = "my-gateway1",
* Location = "us-south1",
* Addresses = new[]
* {
* "10.128.0.99",
* },
* Type = "SECURE_WEB_GATEWAY",
* Ports = new[]
* {
* 443,
* },
* Scope = "my-default-scope1",
* CertificateUrls = new[]
* {
* @default.Id,
* },
* GatewaySecurityPolicy = defaultGatewaySecurityPolicy.Id,
* Network = defaultNetwork.Id,
* Subnetwork = defaultSubnetwork.Id,
* DeleteSwgAutogenRouterOnDestroy = true,
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* proxyonlysubnet,
* },
* });
* var gateway2 = new Gcp.NetworkServices.Gateway("gateway2", new()
* {
* Name = "my-gateway2",
* Location = "us-south1",
* Addresses = new[]
* {
* "10.128.0.98",
* },
* Type = "SECURE_WEB_GATEWAY",
* Ports = new[]
* {
* 443,
* },
* Scope = "my-default-scope2",
* CertificateUrls = new[]
* {
* @default.Id,
* },
* GatewaySecurityPolicy = defaultGatewaySecurityPolicy.Id,
* Network = defaultNetwork.Id,
* Subnetwork = defaultSubnetwork.Id,
* DeleteSwgAutogenRouterOnDestroy = true,
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* proxyonlysubnet,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/certificatemanager"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networkservices"
* "github.com/pulumi/pulumi-std/sdk/go/std"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* invokeFile, err := std.File(ctx, &std.FileArgs{
* Input: "test-fixtures/cert.pem",
* }, nil)
* if err != nil {
* return err
* }
* invokeFile1, err := std.File(ctx, &std.FileArgs{
* Input: "test-fixtures/private-key.pem",
* }, nil)
* if err != nil {
* return err
* }
* _, err = certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
* Name: pulumi.String("my-certificate"),
* Location: pulumi.String("us-south1"),
* SelfManaged: &certificatemanager.CertificateSelfManagedArgs{
* PemCertificate: pulumi.String(invokeFile.Result),
* PemPrivateKey: pulumi.String(invokeFile1.Result),
* },
* })
* if err != nil {
* return err
* }
* defaultNetwork, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
* Name: pulumi.String("my-network"),
* RoutingMode: pulumi.String("REGIONAL"),
* AutoCreateSubnetworks: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* defaultSubnetwork, err := compute.NewSubnetwork(ctx, "default", &compute.SubnetworkArgs{
* Name: pulumi.String("my-subnetwork-name"),
* Purpose: pulumi.String("PRIVATE"),
* IpCidrRange: pulumi.String("10.128.0.0/20"),
* Region: pulumi.String("us-south1"),
* Network: defaultNetwork.ID(),
* Role: pulumi.String("ACTIVE"),
* })
* if err != nil {
* return err
* }
* proxyonlysubnet, err := compute.NewSubnetwork(ctx, "proxyonlysubnet", &compute.SubnetworkArgs{
* Name: pulumi.String("my-proxy-only-subnetwork"),
* Purpose: pulumi.String("REGIONAL_MANAGED_PROXY"),
* IpCidrRange: pulumi.String("192.168.0.0/23"),
* Region: pulumi.String("us-south1"),
* Network: defaultNetwork.ID(),
* Role: pulumi.String("ACTIVE"),
* })
* if err != nil {
* return err
* }
* defaultGatewaySecurityPolicy, err := networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
* Name: pulumi.String("my-policy-name"),
* Location: pulumi.String("us-south1"),
* })
* if err != nil {
* return err
* }
* _, err = networksecurity.NewGatewaySecurityPolicyRule(ctx, "default", &networksecurity.GatewaySecurityPolicyRuleArgs{
* Name: pulumi.String("my-policyrule-name"),
* Location: pulumi.String("us-south1"),
* GatewaySecurityPolicy: defaultGatewaySecurityPolicy.Name,
* Enabled: pulumi.Bool(true),
* Priority: pulumi.Int(1),
* SessionMatcher: pulumi.String("host() == 'example.com'"),
* BasicProfile: pulumi.String("ALLOW"),
* })
* if err != nil {
* return err
* }
* _, err = networkservices.NewGateway(ctx, "default", &networkservices.GatewayArgs{
* Name: pulumi.String("my-gateway1"),
* Location: pulumi.String("us-south1"),
* Addresses: pulumi.StringArray{
* pulumi.String("10.128.0.99"),
* },
* Type: pulumi.String("SECURE_WEB_GATEWAY"),
* Ports: pulumi.IntArray{
* pulumi.Int(443),
* },
* Scope: pulumi.String("my-default-scope1"),
* CertificateUrls: pulumi.StringArray{
* _default.ID(),
* },
* GatewaySecurityPolicy: defaultGatewaySecurityPolicy.ID(),
* Network: defaultNetwork.ID(),
* Subnetwork: defaultSubnetwork.ID(),
* DeleteSwgAutogenRouterOnDestroy: pulumi.Bool(true),
* }, pulumi.DependsOn([]pulumi.Resource{
* proxyonlysubnet,
* }))
* if err != nil {
* return err
* }
* _, err = networkservices.NewGateway(ctx, "gateway2", &networkservices.GatewayArgs{
* Name: pulumi.String("my-gateway2"),
* Location: pulumi.String("us-south1"),
* Addresses: pulumi.StringArray{
* pulumi.String("10.128.0.98"),
* },
* Type: pulumi.String("SECURE_WEB_GATEWAY"),
* Ports: pulumi.IntArray{
* pulumi.Int(443),
* },
* Scope: pulumi.String("my-default-scope2"),
* CertificateUrls: pulumi.StringArray{
* _default.ID(),
* },
* GatewaySecurityPolicy: defaultGatewaySecurityPolicy.ID(),
* Network: defaultNetwork.ID(),
* Subnetwork: defaultSubnetwork.ID(),
* DeleteSwgAutogenRouterOnDestroy: pulumi.Bool(true),
* }, pulumi.DependsOn([]pulumi.Resource{
* proxyonlysubnet,
* }))
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.certificatemanager.Certificate;
* import com.pulumi.gcp.certificatemanager.CertificateArgs;
* import com.pulumi.gcp.certificatemanager.inputs.CertificateSelfManagedArgs;
* import com.pulumi.gcp.compute.Network;
* import com.pulumi.gcp.compute.NetworkArgs;
* import com.pulumi.gcp.compute.Subnetwork;
* import com.pulumi.gcp.compute.SubnetworkArgs;
* import com.pulumi.gcp.networksecurity.GatewaySecurityPolicy;
* import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyArgs;
* import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRule;
* import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRuleArgs;
* import com.pulumi.gcp.networkservices.Gateway;
* import com.pulumi.gcp.networkservices.GatewayArgs;
* import com.pulumi.resources.CustomResourceOptions;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var default_ = new Certificate("default", CertificateArgs.builder()
* .name("my-certificate")
* .location("us-south1")
* .selfManaged(CertificateSelfManagedArgs.builder()
* .pemCertificate(StdFunctions.file(FileArgs.builder()
* .input("test-fixtures/cert.pem")
* .build()).result())
* .pemPrivateKey(StdFunctions.file(FileArgs.builder()
* .input("test-fixtures/private-key.pem")
* .build()).result())
* .build())
* .build());
* var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
* .name("my-network")
* .routingMode("REGIONAL")
* .autoCreateSubnetworks(false)
* .build());
* var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
* .name("my-subnetwork-name")
* .purpose("PRIVATE")
* .ipCidrRange("10.128.0.0/20")
* .region("us-south1")
* .network(defaultNetwork.id())
* .role("ACTIVE")
* .build());
* var proxyonlysubnet = new Subnetwork("proxyonlysubnet", SubnetworkArgs.builder()
* .name("my-proxy-only-subnetwork")
* .purpose("REGIONAL_MANAGED_PROXY")
* .ipCidrRange("192.168.0.0/23")
* .region("us-south1")
* .network(defaultNetwork.id())
* .role("ACTIVE")
* .build());
* var defaultGatewaySecurityPolicy = new GatewaySecurityPolicy("defaultGatewaySecurityPolicy", GatewaySecurityPolicyArgs.builder()
* .name("my-policy-name")
* .location("us-south1")
* .build());
* var defaultGatewaySecurityPolicyRule = new GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule", GatewaySecurityPolicyRuleArgs.builder()
* .name("my-policyrule-name")
* .location("us-south1")
* .gatewaySecurityPolicy(defaultGatewaySecurityPolicy.name())
* .enabled(true)
* .priority(1)
* .sessionMatcher("host() == 'example.com'")
* .basicProfile("ALLOW")
* .build());
* var defaultGateway = new Gateway("defaultGateway", GatewayArgs.builder()
* .name("my-gateway1")
* .location("us-south1")
* .addresses("10.128.0.99")
* .type("SECURE_WEB_GATEWAY")
* .ports(443)
* .scope("my-default-scope1")
* .certificateUrls(default_.id())
* .gatewaySecurityPolicy(defaultGatewaySecurityPolicy.id())
* .network(defaultNetwork.id())
* .subnetwork(defaultSubnetwork.id())
* .deleteSwgAutogenRouterOnDestroy(true)
* .build(), CustomResourceOptions.builder()
* .dependsOn(proxyonlysubnet)
* .build());
* var gateway2 = new Gateway("gateway2", GatewayArgs.builder()
* .name("my-gateway2")
* .location("us-south1")
* .addresses("10.128.0.98")
* .type("SECURE_WEB_GATEWAY")
* .ports(443)
* .scope("my-default-scope2")
* .certificateUrls(default_.id())
* .gatewaySecurityPolicy(defaultGatewaySecurityPolicy.id())
* .network(defaultNetwork.id())
* .subnetwork(defaultSubnetwork.id())
* .deleteSwgAutogenRouterOnDestroy(true)
* .build(), CustomResourceOptions.builder()
* .dependsOn(proxyonlysubnet)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:certificatemanager:Certificate
* properties:
* name: my-certificate
* location: us-south1
* selfManaged:
* pemCertificate:
* fn::invoke:
* Function: std:file
* Arguments:
* input: test-fixtures/cert.pem
* Return: result
* pemPrivateKey:
* fn::invoke:
* Function: std:file
* Arguments:
* input: test-fixtures/private-key.pem
* Return: result
* defaultNetwork:
* type: gcp:compute:Network
* name: default
* properties:
* name: my-network
* routingMode: REGIONAL
* autoCreateSubnetworks: false
* defaultSubnetwork:
* type: gcp:compute:Subnetwork
* name: default
* properties:
* name: my-subnetwork-name
* purpose: PRIVATE
* ipCidrRange: 10.128.0.0/20
* region: us-south1
* network: ${defaultNetwork.id}
* role: ACTIVE
* proxyonlysubnet:
* type: gcp:compute:Subnetwork
* properties:
* name: my-proxy-only-subnetwork
* purpose: REGIONAL_MANAGED_PROXY
* ipCidrRange: 192.168.0.0/23
* region: us-south1
* network: ${defaultNetwork.id}
* role: ACTIVE
* defaultGatewaySecurityPolicy:
* type: gcp:networksecurity:GatewaySecurityPolicy
* name: default
* properties:
* name: my-policy-name
* location: us-south1
* defaultGatewaySecurityPolicyRule:
* type: gcp:networksecurity:GatewaySecurityPolicyRule
* name: default
* properties:
* name: my-policyrule-name
* location: us-south1
* gatewaySecurityPolicy: ${defaultGatewaySecurityPolicy.name}
* enabled: true
* priority: 1
* sessionMatcher: host() == 'example.com'
* basicProfile: ALLOW
* defaultGateway:
* type: gcp:networkservices:Gateway
* name: default
* properties:
* name: my-gateway1
* location: us-south1
* addresses:
* - 10.128.0.99
* type: SECURE_WEB_GATEWAY
* ports:
* - 443
* scope: my-default-scope1
* certificateUrls:
* - ${default.id}
* gatewaySecurityPolicy: ${defaultGatewaySecurityPolicy.id}
* network: ${defaultNetwork.id}
* subnetwork: ${defaultSubnetwork.id}
* deleteSwgAutogenRouterOnDestroy: true
* options:
* dependson:
* - ${proxyonlysubnet}
* gateway2:
* type: gcp:networkservices:Gateway
* properties:
* name: my-gateway2
* location: us-south1
* addresses:
* - 10.128.0.98
* type: SECURE_WEB_GATEWAY
* ports:
* - 443
* scope: my-default-scope2
* certificateUrls:
* - ${default.id}
* gatewaySecurityPolicy: ${defaultGatewaySecurityPolicy.id}
* network: ${defaultNetwork.id}
* subnetwork: ${defaultSubnetwork.id}
* deleteSwgAutogenRouterOnDestroy: true
* options:
* dependson:
* - ${proxyonlysubnet}
* ```
*
* ## Import
* Gateway can be imported using any of these accepted formats:
* * `projects/{{project}}/locations/{{location}}/gateways/{{name}}`
* * `{{project}}/{{location}}/{{name}}`
* * `{{location}}/{{name}}`
* When using the `pulumi import` command, Gateway can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:networkservices/gateway:Gateway default projects/{{project}}/locations/{{location}}/gateways/{{name}}
* ```
* ```sh
* $ pulumi import gcp:networkservices/gateway:Gateway default {{project}}/{{location}}/{{name}}
* ```
* ```sh
* $ pulumi import gcp:networkservices/gateway:Gateway default {{location}}/{{name}}
* ```
* @property addresses Zero or one IPv4-address on which the Gateway will receive the traffic. When no address is provided,
* an IP from the subnetwork is allocated This field only applies to gateways of type 'SECURE_WEB_GATEWAY'.
* Gateways of type 'OPEN_MESH' listen on 0.0.0.0.
* @property certificateUrls A fully-qualified Certificates URL reference. The proxy presents a Certificate (selected based on SNI) when establishing a TLS connection.
* This feature only applies to gateways of type 'SECURE_WEB_GATEWAY'.
* @property deleteSwgAutogenRouterOnDestroy When deleting a gateway of type 'SECURE_WEB_GATEWAY', this boolean option will also delete auto generated router by the gateway creation.
* If there is no other gateway of type 'SECURE_WEB_GATEWAY' remaining for that region and network it will be deleted.
* @property description A free-text description of the resource. Max length 1024 characters.
* @property gatewaySecurityPolicy A fully-qualified GatewaySecurityPolicy URL reference. Defines how a server should apply security policy to inbound (VM to Proxy) initiated connections.
* For example: `projects/*/locations/*/gatewaySecurityPolicies/swg-policy`.
* This policy is specific to gateways of type 'SECURE_WEB_GATEWAY'.
* @property labels Set of label tags associated with the Gateway resource.
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effective_labels` for all of the labels present on the resource.
* @property location The location of the gateway.
* The default value is `global`.
* @property name Short name of the Gateway resource to be created.
* - - -
* @property network The relative resource name identifying the VPC network that is using this configuration.
* For example: `projects/*/global/networks/network-1`.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY'.
* @property ports One or more port numbers (1-65535), on which the Gateway will receive traffic.
* The proxy binds to the specified ports. Gateways of type 'SECURE_WEB_GATEWAY' are
* limited to 1 port. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 and support multiple ports.
* @property project The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
* @property scope Immutable. Scope determines how configuration across multiple Gateway instances are merged.
* The configuration for multiple Gateway instances with the same scope will be merged as presented as
* a single coniguration to the proxy/load balancer.
* Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens.
* @property serverTlsPolicy A fully-qualified ServerTLSPolicy URL reference. Specifies how TLS traffic is terminated.
* If empty, TLS termination is disabled.
* @property subnetwork The relative resource name identifying the subnetwork in which this SWG is allocated.
* For example: `projects/*/regions/us-central1/subnetworks/network-1`.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY.
* @property type Immutable. The type of the customer-managed gateway. Possible values are: * OPEN_MESH * SECURE_WEB_GATEWAY.
* Possible values are: `TYPE_UNSPECIFIED`, `OPEN_MESH`, `SECURE_WEB_GATEWAY`.
* */*/*/*/
*/
public data class GatewayArgs(
public val addresses: Output>? = null,
public val certificateUrls: Output>? = null,
public val deleteSwgAutogenRouterOnDestroy: Output? = null,
public val description: Output? = null,
public val gatewaySecurityPolicy: Output? = null,
public val labels: Output>? = null,
public val location: Output? = null,
public val name: Output? = null,
public val network: Output? = null,
public val ports: Output>? = null,
public val project: Output? = null,
public val scope: Output? = null,
public val serverTlsPolicy: Output? = null,
public val subnetwork: Output? = null,
public val type: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.networkservices.GatewayArgs =
com.pulumi.gcp.networkservices.GatewayArgs.builder()
.addresses(addresses?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.certificateUrls(certificateUrls?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.deleteSwgAutogenRouterOnDestroy(deleteSwgAutogenRouterOnDestroy?.applyValue({ args0 -> args0 }))
.description(description?.applyValue({ args0 -> args0 }))
.gatewaySecurityPolicy(gatewaySecurityPolicy?.applyValue({ args0 -> args0 }))
.labels(labels?.applyValue({ args0 -> args0.map({ args0 -> args0.key.to(args0.value) }).toMap() }))
.location(location?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.network(network?.applyValue({ args0 -> args0 }))
.ports(ports?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.project(project?.applyValue({ args0 -> args0 }))
.scope(scope?.applyValue({ args0 -> args0 }))
.serverTlsPolicy(serverTlsPolicy?.applyValue({ args0 -> args0 }))
.subnetwork(subnetwork?.applyValue({ args0 -> args0 }))
.type(type?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [GatewayArgs].
*/
@PulumiTagMarker
public class GatewayArgsBuilder internal constructor() {
private var addresses: Output>? = null
private var certificateUrls: Output>? = null
private var deleteSwgAutogenRouterOnDestroy: Output? = null
private var description: Output? = null
private var gatewaySecurityPolicy: Output? = null
private var labels: Output>? = null
private var location: Output? = null
private var name: Output? = null
private var network: Output? = null
private var ports: Output>? = null
private var project: Output? = null
private var scope: Output? = null
private var serverTlsPolicy: Output? = null
private var subnetwork: Output? = null
private var type: Output? = null
/**
* @param value Zero or one IPv4-address on which the Gateway will receive the traffic. When no address is provided,
* an IP from the subnetwork is allocated This field only applies to gateways of type 'SECURE_WEB_GATEWAY'.
* Gateways of type 'OPEN_MESH' listen on 0.0.0.0.
*/
@JvmName("cdpbbosaaiptkqpr")
public suspend fun addresses(`value`: Output>) {
this.addresses = value
}
@JvmName("vpqbnkbyykgfrjkp")
public suspend fun addresses(vararg values: Output) {
this.addresses = Output.all(values.asList())
}
/**
* @param values Zero or one IPv4-address on which the Gateway will receive the traffic. When no address is provided,
* an IP from the subnetwork is allocated This field only applies to gateways of type 'SECURE_WEB_GATEWAY'.
* Gateways of type 'OPEN_MESH' listen on 0.0.0.0.
*/
@JvmName("mylafeanmgalwtav")
public suspend fun addresses(values: List>) {
this.addresses = Output.all(values)
}
/**
* @param value A fully-qualified Certificates URL reference. The proxy presents a Certificate (selected based on SNI) when establishing a TLS connection.
* This feature only applies to gateways of type 'SECURE_WEB_GATEWAY'.
*/
@JvmName("segewrtaboruiwbu")
public suspend fun certificateUrls(`value`: Output>) {
this.certificateUrls = value
}
@JvmName("fvuuuwtlwfcbjujv")
public suspend fun certificateUrls(vararg values: Output) {
this.certificateUrls = Output.all(values.asList())
}
/**
* @param values A fully-qualified Certificates URL reference. The proxy presents a Certificate (selected based on SNI) when establishing a TLS connection.
* This feature only applies to gateways of type 'SECURE_WEB_GATEWAY'.
*/
@JvmName("ulhnfibkjdsowsvn")
public suspend fun certificateUrls(values: List>) {
this.certificateUrls = Output.all(values)
}
/**
* @param value When deleting a gateway of type 'SECURE_WEB_GATEWAY', this boolean option will also delete auto generated router by the gateway creation.
* If there is no other gateway of type 'SECURE_WEB_GATEWAY' remaining for that region and network it will be deleted.
*/
@JvmName("wpcutxgtybptdvhk")
public suspend fun deleteSwgAutogenRouterOnDestroy(`value`: Output) {
this.deleteSwgAutogenRouterOnDestroy = value
}
/**
* @param value A free-text description of the resource. Max length 1024 characters.
*/
@JvmName("tkisfwjnorblajfq")
public suspend fun description(`value`: Output) {
this.description = value
}
/**
* @param value A fully-qualified GatewaySecurityPolicy URL reference. Defines how a server should apply security policy to inbound (VM to Proxy) initiated connections.
* For example: `projects/*/locations/*/gatewaySecurityPolicies/swg-policy`.
* This policy is specific to gateways of type 'SECURE_WEB_GATEWAY'.
* */*/
*/
@JvmName("pnhbjpvtklkpjnyx")
public suspend fun gatewaySecurityPolicy(`value`: Output) {
this.gatewaySecurityPolicy = value
}
/**
* @param value Set of label tags associated with the Gateway resource.
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effective_labels` for all of the labels present on the resource.
*/
@JvmName("womnioluktjvlurk")
public suspend fun labels(`value`: Output>) {
this.labels = value
}
/**
* @param value The location of the gateway.
* The default value is `global`.
*/
@JvmName("tuwmohiwloipxuyu")
public suspend fun location(`value`: Output) {
this.location = value
}
/**
* @param value Short name of the Gateway resource to be created.
* - - -
*/
@JvmName("cwvtgwgejnbnsgjk")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value The relative resource name identifying the VPC network that is using this configuration.
* For example: `projects/*/global/networks/network-1`.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY'.
* */
*/
@JvmName("kdcjakmgmcedjfac")
public suspend fun network(`value`: Output) {
this.network = value
}
/**
* @param value One or more port numbers (1-65535), on which the Gateway will receive traffic.
* The proxy binds to the specified ports. Gateways of type 'SECURE_WEB_GATEWAY' are
* limited to 1 port. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 and support multiple ports.
*/
@JvmName("dfguukwoxnlaevxj")
public suspend fun ports(`value`: Output>) {
this.ports = value
}
@JvmName("jcnkmpxdpkfsftll")
public suspend fun ports(vararg values: Output) {
this.ports = Output.all(values.asList())
}
/**
* @param values One or more port numbers (1-65535), on which the Gateway will receive traffic.
* The proxy binds to the specified ports. Gateways of type 'SECURE_WEB_GATEWAY' are
* limited to 1 port. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 and support multiple ports.
*/
@JvmName("lkqqygatmhhqqbyy")
public suspend fun ports(values: List>) {
this.ports = Output.all(values)
}
/**
* @param value The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
@JvmName("iqpnrwucomqaiwdv")
public suspend fun project(`value`: Output) {
this.project = value
}
/**
* @param value Immutable. Scope determines how configuration across multiple Gateway instances are merged.
* The configuration for multiple Gateway instances with the same scope will be merged as presented as
* a single coniguration to the proxy/load balancer.
* Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens.
*/
@JvmName("wdvfgfntnvwchenf")
public suspend fun scope(`value`: Output) {
this.scope = value
}
/**
* @param value A fully-qualified ServerTLSPolicy URL reference. Specifies how TLS traffic is terminated.
* If empty, TLS termination is disabled.
*/
@JvmName("dynupuonmgauxgvi")
public suspend fun serverTlsPolicy(`value`: Output) {
this.serverTlsPolicy = value
}
/**
* @param value The relative resource name identifying the subnetwork in which this SWG is allocated.
* For example: `projects/*/regions/us-central1/subnetworks/network-1`.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY.
* */
*/
@JvmName("gcdsitqmniqowlag")
public suspend fun subnetwork(`value`: Output) {
this.subnetwork = value
}
/**
* @param value Immutable. The type of the customer-managed gateway. Possible values are: * OPEN_MESH * SECURE_WEB_GATEWAY.
* Possible values are: `TYPE_UNSPECIFIED`, `OPEN_MESH`, `SECURE_WEB_GATEWAY`.
*/
@JvmName("vqpqhyglykorbmqe")
public suspend fun type(`value`: Output) {
this.type = value
}
/**
* @param value Zero or one IPv4-address on which the Gateway will receive the traffic. When no address is provided,
* an IP from the subnetwork is allocated This field only applies to gateways of type 'SECURE_WEB_GATEWAY'.
* Gateways of type 'OPEN_MESH' listen on 0.0.0.0.
*/
@JvmName("kpegyssyixwhuifk")
public suspend fun addresses(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.addresses = mapped
}
/**
* @param values Zero or one IPv4-address on which the Gateway will receive the traffic. When no address is provided,
* an IP from the subnetwork is allocated This field only applies to gateways of type 'SECURE_WEB_GATEWAY'.
* Gateways of type 'OPEN_MESH' listen on 0.0.0.0.
*/
@JvmName("uwiahenrytakehyw")
public suspend fun addresses(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.addresses = mapped
}
/**
* @param value A fully-qualified Certificates URL reference. The proxy presents a Certificate (selected based on SNI) when establishing a TLS connection.
* This feature only applies to gateways of type 'SECURE_WEB_GATEWAY'.
*/
@JvmName("usgewjpxyhvtthfl")
public suspend fun certificateUrls(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.certificateUrls = mapped
}
/**
* @param values A fully-qualified Certificates URL reference. The proxy presents a Certificate (selected based on SNI) when establishing a TLS connection.
* This feature only applies to gateways of type 'SECURE_WEB_GATEWAY'.
*/
@JvmName("geehkqqpgmpkuimh")
public suspend fun certificateUrls(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.certificateUrls = mapped
}
/**
* @param value When deleting a gateway of type 'SECURE_WEB_GATEWAY', this boolean option will also delete auto generated router by the gateway creation.
* If there is no other gateway of type 'SECURE_WEB_GATEWAY' remaining for that region and network it will be deleted.
*/
@JvmName("mdfdlsmlnyobsboy")
public suspend fun deleteSwgAutogenRouterOnDestroy(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.deleteSwgAutogenRouterOnDestroy = mapped
}
/**
* @param value A free-text description of the resource. Max length 1024 characters.
*/
@JvmName("ccvsmtyrbwvpxroq")
public suspend fun description(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.description = mapped
}
/**
* @param value A fully-qualified GatewaySecurityPolicy URL reference. Defines how a server should apply security policy to inbound (VM to Proxy) initiated connections.
* For example: `projects/*/locations/*/gatewaySecurityPolicies/swg-policy`.
* This policy is specific to gateways of type 'SECURE_WEB_GATEWAY'.
* */*/
*/
@JvmName("jqwiixkpvdlndafe")
public suspend fun gatewaySecurityPolicy(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.gatewaySecurityPolicy = mapped
}
/**
* @param value Set of label tags associated with the Gateway resource.
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effective_labels` for all of the labels present on the resource.
*/
@JvmName("wpavvwdbxebcexoy")
public suspend fun labels(`value`: Map?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.labels = mapped
}
/**
* @param values Set of label tags associated with the Gateway resource.
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effective_labels` for all of the labels present on the resource.
*/
@JvmName("dbppmocwvwyqpbfr")
public fun labels(vararg values: Pair) {
val toBeMapped = values.toMap()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.labels = mapped
}
/**
* @param value The location of the gateway.
* The default value is `global`.
*/
@JvmName("btxqepsehpnrtlul")
public suspend fun location(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.location = mapped
}
/**
* @param value Short name of the Gateway resource to be created.
* - - -
*/
@JvmName("cxqcahyfqnmrbsnk")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value The relative resource name identifying the VPC network that is using this configuration.
* For example: `projects/*/global/networks/network-1`.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY'.
* */
*/
@JvmName("japiamhredoaoagj")
public suspend fun network(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.network = mapped
}
/**
* @param value One or more port numbers (1-65535), on which the Gateway will receive traffic.
* The proxy binds to the specified ports. Gateways of type 'SECURE_WEB_GATEWAY' are
* limited to 1 port. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 and support multiple ports.
*/
@JvmName("qmmfbdplridkpixd")
public suspend fun ports(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.ports = mapped
}
/**
* @param values One or more port numbers (1-65535), on which the Gateway will receive traffic.
* The proxy binds to the specified ports. Gateways of type 'SECURE_WEB_GATEWAY' are
* limited to 1 port. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 and support multiple ports.
*/
@JvmName("vxqdskcajvqudivf")
public suspend fun ports(vararg values: Int) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.ports = mapped
}
/**
* @param value The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
@JvmName("qevgkhxoorcajynp")
public suspend fun project(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.project = mapped
}
/**
* @param value Immutable. Scope determines how configuration across multiple Gateway instances are merged.
* The configuration for multiple Gateway instances with the same scope will be merged as presented as
* a single coniguration to the proxy/load balancer.
* Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens.
*/
@JvmName("eutbmcfjahprsknh")
public suspend fun scope(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.scope = mapped
}
/**
* @param value A fully-qualified ServerTLSPolicy URL reference. Specifies how TLS traffic is terminated.
* If empty, TLS termination is disabled.
*/
@JvmName("bfgtlxecsrcrcwhd")
public suspend fun serverTlsPolicy(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.serverTlsPolicy = mapped
}
/**
* @param value The relative resource name identifying the subnetwork in which this SWG is allocated.
* For example: `projects/*/regions/us-central1/subnetworks/network-1`.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY.
* */
*/
@JvmName("nttadoswsdpmmkfr")
public suspend fun subnetwork(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.subnetwork = mapped
}
/**
* @param value Immutable. The type of the customer-managed gateway. Possible values are: * OPEN_MESH * SECURE_WEB_GATEWAY.
* Possible values are: `TYPE_UNSPECIFIED`, `OPEN_MESH`, `SECURE_WEB_GATEWAY`.
*/
@JvmName("xwjqardseqvwsdxc")
public suspend fun type(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.type = mapped
}
internal fun build(): GatewayArgs = GatewayArgs(
addresses = addresses,
certificateUrls = certificateUrls,
deleteSwgAutogenRouterOnDestroy = deleteSwgAutogenRouterOnDestroy,
description = description,
gatewaySecurityPolicy = gatewaySecurityPolicy,
labels = labels,
location = location,
name = name,
network = network,
ports = ports,
project = project,
scope = scope,
serverTlsPolicy = serverTlsPolicy,
subnetwork = subnetwork,
type = type,
)
}
