• Home
• org.virtuslab
• pulumi-gcp-kotlin
• 8.12.0.0
• source code
• ServicePerimeterIngressPolicyArgs.kt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.pulumi.gcp.accesscontextmanager.kotlin.ServicePerimeterIngressPolicyArgs.kt Maven / Gradle / Ivy

@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.accesscontextmanager.kotlin

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.accesscontextmanager.ServicePerimeterIngressPolicyArgs.builder
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.ServicePerimeterIngressPolicyIngressFromArgs
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.ServicePerimeterIngressPolicyIngressFromArgsBuilder
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.ServicePerimeterIngressPolicyIngressToArgs
import com.pulumi.gcp.accesscontextmanager.kotlin.inputs.ServicePerimeterIngressPolicyIngressToArgsBuilder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.jvm.JvmName

/**
 * Manage a single IngressPolicy in the status (enforced) configuration for a service perimeter.
 * IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match,
 * both the ingressFrom and ingressTo stanzas must be matched. If an IngressPolicy matches a request,
 * the request is allowed through the perimeter boundary from outside the perimeter.
 * For example, access from the internet can be allowed either based on an AccessLevel or,
 * for traffic hosted on Google Cloud, the project of the source network.
 * For access from private networks, using the project of the hosting network is required.
 * Individual ingress policies can be limited by restricting which services and/
 * or actions they match using the ingressTo field.
 * > **Note:** By default, updates to this resource will remove the IngressPolicy from the
 * from the perimeter and add it back in a non-atomic manner. To ensure that the new IngressPolicy
 * is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource.
 * > **Note:** If this resource is used alongside a `gcp.accesscontextmanager.ServicePerimeter` resource,
 * the service perimeter resource must have a `lifecycle` block with `ignore_changes = [status[0].ingress_policies]` so
 * they don't fight over which ingress rules should be in the policy.
 * To get more information about ServicePerimeterIngressPolicy, see:
 * * [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy)
 * * How-to Guides
 *     * [Guide to Ingress and Egress Rules](https://cloud.google.com/vpc-service-controls/docs/ingress-egress-rules)
 * ## Example Usage
 * @property ingressFrom Defines the conditions on the source of a request causing this `IngressPolicy`
 * to apply.
 * Structure is documented below.
 * @property ingressTo Defines the conditions on the `ApiOperation` and request destination that cause
 * this `IngressPolicy` to apply.
 * Structure is documented below.
 * @property perimeter The name of the Service Perimeter to add this resource to.
 * - - -
 */
public data class ServicePerimeterIngressPolicyArgs(
    public val ingressFrom: Output? = null,
    public val ingressTo: Output? = null,
    public val perimeter: Output? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.gcp.accesscontextmanager.ServicePerimeterIngressPolicyArgs =
        com.pulumi.gcp.accesscontextmanager.ServicePerimeterIngressPolicyArgs.builder()
            .ingressFrom(ingressFrom?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .ingressTo(ingressTo?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .perimeter(perimeter?.applyValue({ args0 -> args0 })).build()
}

/**
 * Builder for [ServicePerimeterIngressPolicyArgs].
 */
@PulumiTagMarker
public class ServicePerimeterIngressPolicyArgsBuilder internal constructor() {
    private var ingressFrom: Output? = null

    private var ingressTo: Output? = null

    private var perimeter: Output? = null

    /**
     * @param value Defines the conditions on the source of a request causing this `IngressPolicy`
     * to apply.
     * Structure is documented below.
     */
    @JvmName("ktibwvfojltyrjsi")
    public suspend fun ingressFrom(`value`: Output) {
        this.ingressFrom = value
    }

    /**
     * @param value Defines the conditions on the `ApiOperation` and request destination that cause
     * this `IngressPolicy` to apply.
     * Structure is documented below.
     */
    @JvmName("pamxclogakrsirpi")
    public suspend fun ingressTo(`value`: Output) {
        this.ingressTo = value
    }

    /**
     * @param value The name of the Service Perimeter to add this resource to.
     * - - -
     */
    @JvmName("krpljfttmvcelgix")
    public suspend fun perimeter(`value`: Output) {
        this.perimeter = value
    }

    /**
     * @param value Defines the conditions on the source of a request causing this `IngressPolicy`
     * to apply.
     * Structure is documented below.
     */
    @JvmName("hdjuwvlcrnemdnae")
    public suspend fun ingressFrom(`value`: ServicePerimeterIngressPolicyIngressFromArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.ingressFrom = mapped
    }

    /**
     * @param argument Defines the conditions on the source of a request causing this `IngressPolicy`
     * to apply.
     * Structure is documented below.
     */
    @JvmName("lsoafcmyibgcjeua")
    public suspend fun ingressFrom(argument: suspend ServicePerimeterIngressPolicyIngressFromArgsBuilder.() -> Unit) {
        val toBeMapped = ServicePerimeterIngressPolicyIngressFromArgsBuilder().applySuspend {
            argument()
        }.build()
        val mapped = of(toBeMapped)
        this.ingressFrom = mapped
    }

    /**
     * @param value Defines the conditions on the `ApiOperation` and request destination that cause
     * this `IngressPolicy` to apply.
     * Structure is documented below.
     */
    @JvmName("jrfwtiiefbijuhhr")
    public suspend fun ingressTo(`value`: ServicePerimeterIngressPolicyIngressToArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.ingressTo = mapped
    }

    /**
     * @param argument Defines the conditions on the `ApiOperation` and request destination that cause
     * this `IngressPolicy` to apply.
     * Structure is documented below.
     */
    @JvmName("iabujodfwfomiawm")
    public suspend fun ingressTo(argument: suspend ServicePerimeterIngressPolicyIngressToArgsBuilder.() -> Unit) {
        val toBeMapped = ServicePerimeterIngressPolicyIngressToArgsBuilder().applySuspend {
            argument()
        }.build()
        val mapped = of(toBeMapped)
        this.ingressTo = mapped
    }

    /**
     * @param value The name of the Service Perimeter to add this resource to.
     * - - -
     */
    @JvmName("vppcrbojtklifdqf")
    public suspend fun perimeter(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.perimeter = mapped
    }

    internal fun build(): ServicePerimeterIngressPolicyArgs = ServicePerimeterIngressPolicyArgs(
        ingressFrom = ingressFrom,
        ingressTo = ingressTo,
        perimeter = perimeter,
    )
}