com.pulumi.gcp.compute.kotlin.inputs.FirewallPolicyWithRulesRuleArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.compute.kotlin.inputs
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.compute.inputs.FirewallPolicyWithRulesRuleArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiNullFieldException
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
*
* @property action The Action to perform when the client connection triggers the rule. Can currently be either
* "allow", "deny", "apply_security_profile_group" or "goto_next".
* @property description A description of the rule.
* @property direction The direction in which this rule applies. If unspecified an INGRESS rule is created.
* Possible values are: `INGRESS`, `EGRESS`.
* @property disabled Denotes whether the firewall policy rule is disabled. When set to true,
* the firewall policy rule is not enforced and traffic behaves as if it did
* not exist. If this is unspecified, the firewall policy rule will be
* enabled.
* @property enableLogging Denotes whether to enable logging for a particular rule.
* If logging is enabled, logs will be exported to the
* configured export destination in Stackdriver.
* @property match A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
* Structure is documented below.
* @property priority An integer indicating the priority of a rule in the list. The priority must be a value
* between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the
* highest priority and 2147483647 is the lowest priority.
* @property ruleName An optional name for the rule. This field is not a unique identifier
* and can be updated.
* @property securityProfileGroup A fully-qualified URL of a SecurityProfile resource instance.
* Example:
* https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group
* Must be specified if action is 'apply_security_profile_group'.
* @property targetResources A list of network resource URLs to which this rule applies.
* This field allows you to control which network's VMs get
* this rule. If this field is left blank, all VMs
* within the organization will receive the rule.
* @property targetServiceAccounts A list of service accounts indicating the sets of
* instances that are applied with this rule.
* @property tlsInspect Boolean flag indicating if the traffic should be TLS decrypted.
* It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions.
*/
public data class FirewallPolicyWithRulesRuleArgs(
public val action: Output,
public val description: Output? = null,
public val direction: Output? = null,
public val disabled: Output? = null,
public val enableLogging: Output? = null,
public val match: Output,
public val priority: Output,
public val ruleName: Output? = null,
public val securityProfileGroup: Output? = null,
public val targetResources: Output>? = null,
public val targetServiceAccounts: Output>? = null,
public val tlsInspect: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.compute.inputs.FirewallPolicyWithRulesRuleArgs =
com.pulumi.gcp.compute.inputs.FirewallPolicyWithRulesRuleArgs.builder()
.action(action.applyValue({ args0 -> args0 }))
.description(description?.applyValue({ args0 -> args0 }))
.direction(direction?.applyValue({ args0 -> args0 }))
.disabled(disabled?.applyValue({ args0 -> args0 }))
.enableLogging(enableLogging?.applyValue({ args0 -> args0 }))
.match(match.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
.priority(priority.applyValue({ args0 -> args0 }))
.ruleName(ruleName?.applyValue({ args0 -> args0 }))
.securityProfileGroup(securityProfileGroup?.applyValue({ args0 -> args0 }))
.targetResources(targetResources?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.targetServiceAccounts(targetServiceAccounts?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.tlsInspect(tlsInspect?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [FirewallPolicyWithRulesRuleArgs].
*/
@PulumiTagMarker
public class FirewallPolicyWithRulesRuleArgsBuilder internal constructor() {
private var action: Output? = null
private var description: Output? = null
private var direction: Output? = null
private var disabled: Output? = null
private var enableLogging: Output? = null
private var match: Output? = null
private var priority: Output? = null
private var ruleName: Output? = null
private var securityProfileGroup: Output? = null
private var targetResources: Output>? = null
private var targetServiceAccounts: Output>? = null
private var tlsInspect: Output? = null
/**
* @param value The Action to perform when the client connection triggers the rule. Can currently be either
* "allow", "deny", "apply_security_profile_group" or "goto_next".
*/
@JvmName("sxjmjpwfeqodncpn")
public suspend fun action(`value`: Output) {
this.action = value
}
/**
* @param value A description of the rule.
*/
@JvmName("fotbulcvacharqbx")
public suspend fun description(`value`: Output) {
this.description = value
}
/**
* @param value The direction in which this rule applies. If unspecified an INGRESS rule is created.
* Possible values are: `INGRESS`, `EGRESS`.
*/
@JvmName("emggsdbdvaayqdbx")
public suspend fun direction(`value`: Output) {
this.direction = value
}
/**
* @param value Denotes whether the firewall policy rule is disabled. When set to true,
* the firewall policy rule is not enforced and traffic behaves as if it did
* not exist. If this is unspecified, the firewall policy rule will be
* enabled.
*/
@JvmName("svmgnymgshculame")
public suspend fun disabled(`value`: Output) {
this.disabled = value
}
/**
* @param value Denotes whether to enable logging for a particular rule.
* If logging is enabled, logs will be exported to the
* configured export destination in Stackdriver.
*/
@JvmName("yfmbqovnwsvamwfn")
public suspend fun enableLogging(`value`: Output) {
this.enableLogging = value
}
/**
* @param value A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
* Structure is documented below.
*/
@JvmName("quuixyaebmwgkura")
public suspend fun match(`value`: Output) {
this.match = value
}
/**
* @param value An integer indicating the priority of a rule in the list. The priority must be a value
* between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the
* highest priority and 2147483647 is the lowest priority.
*/
@JvmName("upuqgtsybqieofof")
public suspend fun priority(`value`: Output) {
this.priority = value
}
/**
* @param value An optional name for the rule. This field is not a unique identifier
* and can be updated.
*/
@JvmName("fhfoditcowcgdngc")
public suspend fun ruleName(`value`: Output) {
this.ruleName = value
}
/**
* @param value A fully-qualified URL of a SecurityProfile resource instance.
* Example:
* https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group
* Must be specified if action is 'apply_security_profile_group'.
*/
@JvmName("mbtnoktxnidhbiax")
public suspend fun securityProfileGroup(`value`: Output) {
this.securityProfileGroup = value
}
/**
* @param value A list of network resource URLs to which this rule applies.
* This field allows you to control which network's VMs get
* this rule. If this field is left blank, all VMs
* within the organization will receive the rule.
*/
@JvmName("pjboqawuvthaemqv")
public suspend fun targetResources(`value`: Output>) {
this.targetResources = value
}
@JvmName("nbikowlxhaofhguk")
public suspend fun targetResources(vararg values: Output) {
this.targetResources = Output.all(values.asList())
}
/**
* @param values A list of network resource URLs to which this rule applies.
* This field allows you to control which network's VMs get
* this rule. If this field is left blank, all VMs
* within the organization will receive the rule.
*/
@JvmName("xbmvlrpjfqdesxvc")
public suspend fun targetResources(values: List>) {
this.targetResources = Output.all(values)
}
/**
* @param value A list of service accounts indicating the sets of
* instances that are applied with this rule.
*/
@JvmName("dxiqxhfqescywric")
public suspend fun targetServiceAccounts(`value`: Output>) {
this.targetServiceAccounts = value
}
@JvmName("mvhdtcivmbsalkjj")
public suspend fun targetServiceAccounts(vararg values: Output) {
this.targetServiceAccounts = Output.all(values.asList())
}
/**
* @param values A list of service accounts indicating the sets of
* instances that are applied with this rule.
*/
@JvmName("ginedgadbmdeyqod")
public suspend fun targetServiceAccounts(values: List>) {
this.targetServiceAccounts = Output.all(values)
}
/**
* @param value Boolean flag indicating if the traffic should be TLS decrypted.
* It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions.
*/
@JvmName("tenjxqeqfmiuxtva")
public suspend fun tlsInspect(`value`: Output) {
this.tlsInspect = value
}
/**
* @param value The Action to perform when the client connection triggers the rule. Can currently be either
* "allow", "deny", "apply_security_profile_group" or "goto_next".
*/
@JvmName("gcoufpttgejppxal")
public suspend fun action(`value`: String) {
val toBeMapped = value
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.action = mapped
}
/**
* @param value A description of the rule.
*/
@JvmName("nqyymfrdeqocktqy")
public suspend fun description(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.description = mapped
}
/**
* @param value The direction in which this rule applies. If unspecified an INGRESS rule is created.
* Possible values are: `INGRESS`, `EGRESS`.
*/
@JvmName("dvukqajqhhrhhooa")
public suspend fun direction(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.direction = mapped
}
/**
* @param value Denotes whether the firewall policy rule is disabled. When set to true,
* the firewall policy rule is not enforced and traffic behaves as if it did
* not exist. If this is unspecified, the firewall policy rule will be
* enabled.
*/
@JvmName("vdbheqhhshvcqegr")
public suspend fun disabled(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.disabled = mapped
}
/**
* @param value Denotes whether to enable logging for a particular rule.
* If logging is enabled, logs will be exported to the
* configured export destination in Stackdriver.
*/
@JvmName("mnwarrhasbflqoha")
public suspend fun enableLogging(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.enableLogging = mapped
}
/**
* @param value A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
* Structure is documented below.
*/
@JvmName("dyfucckuycookfgd")
public suspend fun match(`value`: FirewallPolicyWithRulesRuleMatchArgs) {
val toBeMapped = value
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.match = mapped
}
/**
* @param argument A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
* Structure is documented below.
*/
@JvmName("vkbbjexbxanqkvye")
public suspend fun match(argument: suspend FirewallPolicyWithRulesRuleMatchArgsBuilder.() -> Unit) {
val toBeMapped = FirewallPolicyWithRulesRuleMatchArgsBuilder().applySuspend {
argument()
}.build()
val mapped = of(toBeMapped)
this.match = mapped
}
/**
* @param value An integer indicating the priority of a rule in the list. The priority must be a value
* between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the
* highest priority and 2147483647 is the lowest priority.
*/
@JvmName("jqhtdksyjlyhbave")
public suspend fun priority(`value`: Int) {
val toBeMapped = value
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.priority = mapped
}
/**
* @param value An optional name for the rule. This field is not a unique identifier
* and can be updated.
*/
@JvmName("qqvgofgqscyxrsic")
public suspend fun ruleName(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.ruleName = mapped
}
/**
* @param value A fully-qualified URL of a SecurityProfile resource instance.
* Example:
* https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group
* Must be specified if action is 'apply_security_profile_group'.
*/
@JvmName("njhqetmtikkipmbk")
public suspend fun securityProfileGroup(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.securityProfileGroup = mapped
}
/**
* @param value A list of network resource URLs to which this rule applies.
* This field allows you to control which network's VMs get
* this rule. If this field is left blank, all VMs
* within the organization will receive the rule.
*/
@JvmName("sxffkevhetiueedj")
public suspend fun targetResources(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.targetResources = mapped
}
/**
* @param values A list of network resource URLs to which this rule applies.
* This field allows you to control which network's VMs get
* this rule. If this field is left blank, all VMs
* within the organization will receive the rule.
*/
@JvmName("ivedmmarhaxbaxxf")
public suspend fun targetResources(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.targetResources = mapped
}
/**
* @param value A list of service accounts indicating the sets of
* instances that are applied with this rule.
*/
@JvmName("somckvxiwkmllfxh")
public suspend fun targetServiceAccounts(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.targetServiceAccounts = mapped
}
/**
* @param values A list of service accounts indicating the sets of
* instances that are applied with this rule.
*/
@JvmName("ppsddvhrcyqpvjam")
public suspend fun targetServiceAccounts(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.targetServiceAccounts = mapped
}
/**
* @param value Boolean flag indicating if the traffic should be TLS decrypted.
* It can be set only if action = 'apply_security_profile_group' and cannot be set for other actions.
*/
@JvmName("athkckamqjlgleio")
public suspend fun tlsInspect(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tlsInspect = mapped
}
internal fun build(): FirewallPolicyWithRulesRuleArgs = FirewallPolicyWithRulesRuleArgs(
action = action ?: throw PulumiNullFieldException("action"),
description = description,
direction = direction,
disabled = disabled,
enableLogging = enableLogging,
match = match ?: throw PulumiNullFieldException("match"),
priority = priority ?: throw PulumiNullFieldException("priority"),
ruleName = ruleName,
securityProfileGroup = securityProfileGroup,
targetResources = targetResources,
targetServiceAccounts = targetServiceAccounts,
tlsInspect = tlsInspect,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy