• Home
• org.virtuslab
• pulumi-gcp-kotlin
• 8.12.0.0
• source code
• ServicePerimeterEgressPolicy.kt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.pulumi.gcp.accesscontextmanager.kotlin.ServicePerimeterEgressPolicy.kt Maven / Gradle / Ivy

@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.accesscontextmanager.kotlin

import com.pulumi.core.Output
import com.pulumi.gcp.accesscontextmanager.kotlin.outputs.ServicePerimeterEgressPolicyEgressFrom
import com.pulumi.gcp.accesscontextmanager.kotlin.outputs.ServicePerimeterEgressPolicyEgressTo
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import com.pulumi.gcp.accesscontextmanager.kotlin.outputs.ServicePerimeterEgressPolicyEgressFrom.Companion.toKotlin as servicePerimeterEgressPolicyEgressFromToKotlin
import com.pulumi.gcp.accesscontextmanager.kotlin.outputs.ServicePerimeterEgressPolicyEgressTo.Companion.toKotlin as servicePerimeterEgressPolicyEgressToToKotlin

/**
 * Builder for [ServicePerimeterEgressPolicy].
 */
@PulumiTagMarker
public class ServicePerimeterEgressPolicyResourceBuilder internal constructor() {
    public var name: String? = null

    public var args: ServicePerimeterEgressPolicyArgs = ServicePerimeterEgressPolicyArgs()

    public var opts: CustomResourceOptions = CustomResourceOptions()

    /**
     * @param name The _unique_ name of the resulting resource.
     */
    public fun name(`value`: String) {
        this.name = value
    }

    /**
     * @param block The arguments to use to populate this resource's properties.
     */
    public suspend fun args(block: suspend ServicePerimeterEgressPolicyArgsBuilder.() -> Unit) {
        val builder = ServicePerimeterEgressPolicyArgsBuilder()
        block(builder)
        this.args = builder.build()
    }

    /**
     * @param block A bag of options that control this resource's behavior.
     */
    public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
        this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
    }

    internal fun build(): ServicePerimeterEgressPolicy {
        val builtJavaResource =
            com.pulumi.gcp.accesscontextmanager.ServicePerimeterEgressPolicy(
                this.name,
                this.args.toJava(),
                this.opts.toJava(),
            )
        return ServicePerimeterEgressPolicy(builtJavaResource)
    }
}

/**
 * Manage a single EgressPolicy in the status (enforced) configuration for a service perimeter.
 * EgressPolicies match requests based on egressFrom and egressTo stanzas.
 * For an EgressPolicy to match, both egressFrom and egressTo stanzas must be matched.
 * If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter
 * boundary. For example, an EgressPolicy can be used to allow VMs on networks
 * within the ServicePerimeter to access a defined set of projects outside the
 * perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket
 * or query against a BigQuery dataset).
 * > **Note:** By default, updates to this resource will remove the EgressPolicy from the
 * from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy
 * is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource.
 * > **Note:** If this resource is used alongside a `gcp.accesscontextmanager.ServicePerimeter` resource,
 * the service perimeter resource must have a `lifecycle` block with `ignore_changes = [status[0].egress_policies]` so
 * they don't fight over which egress rules should be in the policy.
 * To get more information about ServicePerimeterEgressPolicy, see:
 * * [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy)
 * * How-to Guides
 *     * [Guide to Ingress and Egress Rules](https://cloud.google.com/vpc-service-controls/docs/ingress-egress-rules)
 * ## Example Usage
 */
public class ServicePerimeterEgressPolicy internal constructor(
    override val javaResource: com.pulumi.gcp.accesscontextmanager.ServicePerimeterEgressPolicy,
) : KotlinCustomResource(javaResource, ServicePerimeterEgressPolicyMapper) {
    /**
     * Defines conditions on the source of a request causing this `EgressPolicy` to apply.
     * Structure is documented below.
     */
    public val egressFrom: Output?
        get() = javaResource.egressFrom().applyValue({ args0 ->
            args0.map({ args0 ->
                args0.let({ args0 ->
                    servicePerimeterEgressPolicyEgressFromToKotlin(args0)
                })
            }).orElse(null)
        })

    /**
     * Defines the conditions on the `ApiOperation` and destination resources that
     * cause this `EgressPolicy` to apply.
     * Structure is documented below.
     */
    public val egressTo: Output?
        get() = javaResource.egressTo().applyValue({ args0 ->
            args0.map({ args0 ->
                args0.let({ args0 ->
                    servicePerimeterEgressPolicyEgressToToKotlin(args0)
                })
            }).orElse(null)
        })

    /**
     * The name of the Service Perimeter to add this resource to.
     * - - -
     */
    public val perimeter: Output
        get() = javaResource.perimeter().applyValue({ args0 -> args0 })
}

public object ServicePerimeterEgressPolicyMapper : ResourceMapper {
    override fun supportsMappingOfType(javaResource: Resource): Boolean =
        com.pulumi.gcp.accesscontextmanager.ServicePerimeterEgressPolicy::class == javaResource::class

    override fun map(javaResource: Resource): ServicePerimeterEgressPolicy =
        ServicePerimeterEgressPolicy(
            javaResource as
                com.pulumi.gcp.accesscontextmanager.ServicePerimeterEgressPolicy,
        )
}

/**
 * @see [ServicePerimeterEgressPolicy].
 * @param name The _unique_ name of the resulting resource.
 * @param block Builder for [ServicePerimeterEgressPolicy].
 */
public suspend fun servicePerimeterEgressPolicy(
    name: String,
    block: suspend ServicePerimeterEgressPolicyResourceBuilder.() -> Unit,
): ServicePerimeterEgressPolicy {
    val builder = ServicePerimeterEgressPolicyResourceBuilder()
    builder.name(name)
    block(builder)
    return builder.build()
}

/**
 * @see [ServicePerimeterEgressPolicy].
 * @param name The _unique_ name of the resulting resource.
 */
public fun servicePerimeterEgressPolicy(name: String): ServicePerimeterEgressPolicy {
    val builder = ServicePerimeterEgressPolicyResourceBuilder()
    builder.name(name)
    return builder.build()
}