• Home
• org.virtuslab
• pulumi-gcp-kotlin
• 8.12.0.0
• source code
• ServicePerimeterEgressPolicyArgs.kt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.pulumi.gcp.accesscontextmanager.kotlin.ServicePerimeterEgressPolicyArgs.kt Maven / Gradle / Ivy

@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.accesscontextmanager.kotlin

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.accesscontextmanager.ServicePerimeterEgressPolicyArgs.builder
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.ServicePerimeterEgressPolicyEgressFromArgs
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.ServicePerimeterEgressPolicyEgressFromArgsBuilder
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.ServicePerimeterEgressPolicyEgressToArgs
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.ServicePerimeterEgressPolicyEgressToArgsBuilder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.jvm.JvmName

/**
 * Manage a single EgressPolicy in the status (enforced) configuration for a service perimeter.
 * EgressPolicies match requests based on egressFrom and egressTo stanzas.
 * For an EgressPolicy to match, both egressFrom and egressTo stanzas must be matched.
 * If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter
 * boundary. For example, an EgressPolicy can be used to allow VMs on networks
 * within the ServicePerimeter to access a defined set of projects outside the
 * perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket
 * or query against a BigQuery dataset).
 * > **Note:** By default, updates to this resource will remove the EgressPolicy from the
 * from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy
 * is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource.
 * > **Note:** If this resource is used alongside a `gcp.accesscontextmanager.ServicePerimeter` resource,
 * the service perimeter resource must have a `lifecycle` block with `ignore_changes = [status[0].egress_policies]` so
 * they don't fight over which egress rules should be in the policy.
 * To get more information about ServicePerimeterEgressPolicy, see:
 * * [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy)
 * * How-to Guides
 *     * [Guide to Ingress and Egress Rules](https://cloud.google.com/vpc-service-controls/docs/ingress-egress-rules)
 * ## Example Usage
 * @property egressFrom Defines conditions on the source of a request causing this `EgressPolicy` to apply.
 * Structure is documented below.
 * @property egressTo Defines the conditions on the `ApiOperation` and destination resources that
 * cause this `EgressPolicy` to apply.
 * Structure is documented below.
 * @property perimeter The name of the Service Perimeter to add this resource to.
 * - - -
 */
public data class ServicePerimeterEgressPolicyArgs(
    public val egressFrom: Output? = null,
    public val egressTo: Output? = null,
    public val perimeter: Output? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.gcp.accesscontextmanager.ServicePerimeterEgressPolicyArgs =
        com.pulumi.gcp.accesscontextmanager.ServicePerimeterEgressPolicyArgs.builder()
            .egressFrom(egressFrom?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .egressTo(egressTo?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .perimeter(perimeter?.applyValue({ args0 -> args0 })).build()
}

/**
 * Builder for [ServicePerimeterEgressPolicyArgs].
 */
@PulumiTagMarker
public class ServicePerimeterEgressPolicyArgsBuilder internal constructor() {
    private var egressFrom: Output? = null

    private var egressTo: Output? = null

    private var perimeter: Output? = null

    /**
     * @param value Defines conditions on the source of a request causing this `EgressPolicy` to apply.
     * Structure is documented below.
     */
    @JvmName("pwoqjdlxbsyvyhte")
    public suspend fun egressFrom(`value`: Output) {
        this.egressFrom = value
    }

    /**
     * @param value Defines the conditions on the `ApiOperation` and destination resources that
     * cause this `EgressPolicy` to apply.
     * Structure is documented below.
     */
    @JvmName("ehcfpfcdsugokrvr")
    public suspend fun egressTo(`value`: Output) {
        this.egressTo = value
    }

    /**
     * @param value The name of the Service Perimeter to add this resource to.
     * - - -
     */
    @JvmName("khkharfuxkwfpddx")
    public suspend fun perimeter(`value`: Output) {
        this.perimeter = value
    }

    /**
     * @param value Defines conditions on the source of a request causing this `EgressPolicy` to apply.
     * Structure is documented below.
     */
    @JvmName("wqkwfwkwmvoyhptt")
    public suspend fun egressFrom(`value`: ServicePerimeterEgressPolicyEgressFromArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.egressFrom = mapped
    }

    /**
     * @param argument Defines conditions on the source of a request causing this `EgressPolicy` to apply.
     * Structure is documented below.
     */
    @JvmName("ggguyvlmaqfpcmrr")
    public suspend fun egressFrom(argument: suspend ServicePerimeterEgressPolicyEgressFromArgsBuilder.() -> Unit) {
        val toBeMapped = ServicePerimeterEgressPolicyEgressFromArgsBuilder().applySuspend {
            argument()
        }.build()
        val mapped = of(toBeMapped)
        this.egressFrom = mapped
    }

    /**
     * @param value Defines the conditions on the `ApiOperation` and destination resources that
     * cause this `EgressPolicy` to apply.
     * Structure is documented below.
     */
    @JvmName("vnamwgtwvskeyxyl")
    public suspend fun egressTo(`value`: ServicePerimeterEgressPolicyEgressToArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.egressTo = mapped
    }

    /**
     * @param argument Defines the conditions on the `ApiOperation` and destination resources that
     * cause this `EgressPolicy` to apply.
     * Structure is documented below.
     */
    @JvmName("eqthbqotntwqfaal")
    public suspend fun egressTo(argument: suspend ServicePerimeterEgressPolicyEgressToArgsBuilder.() -> Unit) {
        val toBeMapped = ServicePerimeterEgressPolicyEgressToArgsBuilder().applySuspend {
            argument()
        }.build()
        val mapped = of(toBeMapped)
        this.egressTo = mapped
    }

    /**
     * @param value The name of the Service Perimeter to add this resource to.
     * - - -
     */
    @JvmName("cthrkgfmqsuctgdv")
    public suspend fun perimeter(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.perimeter = mapped
    }

    internal fun build(): ServicePerimeterEgressPolicyArgs = ServicePerimeterEgressPolicyArgs(
        egressFrom = egressFrom,
        egressTo = egressTo,
        perimeter = perimeter,
    )
}