v1

package
v0.32.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 29, 2023 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Default case. Should never be this.
	AuditLogConfigLogTypeLogTypeUnspecified = AuditLogConfigLogType("LOG_TYPE_UNSPECIFIED")
	// Admin reads. Example: CloudIAM getIamPolicy
	AuditLogConfigLogTypeAdminRead = AuditLogConfigLogType("ADMIN_READ")
	// Data writes. Example: CloudSQL Users create
	AuditLogConfigLogTypeDataWrite = AuditLogConfigLogType("DATA_WRITE")
	// Data reads. Example: CloudSQL Users list
	AuditLogConfigLogTypeDataRead = AuditLogConfigLogType("DATA_READ")
)
View Source 
const (
	// No asset type specified.
	AuthorizedOrgsDescAssetTypeAssetTypeUnspecified = AuthorizedOrgsDescAssetType("ASSET_TYPE_UNSPECIFIED")
	// Device asset type.
	AuthorizedOrgsDescAssetTypeAssetTypeDevice = AuthorizedOrgsDescAssetType("ASSET_TYPE_DEVICE")
	// Credential strength asset type.
	AuthorizedOrgsDescAssetTypeAssetTypeCredentialStrength = AuthorizedOrgsDescAssetType("ASSET_TYPE_CREDENTIAL_STRENGTH")
)
View Source 
const (
	// No direction specified.
	AuthorizedOrgsDescAuthorizationDirectionAuthorizationDirectionUnspecified = AuthorizedOrgsDescAuthorizationDirection("AUTHORIZATION_DIRECTION_UNSPECIFIED")
	// The specified organizations are authorized to evaluate traffic in this organization.
	AuthorizedOrgsDescAuthorizationDirectionAuthorizationDirectionTo = AuthorizedOrgsDescAuthorizationDirection("AUTHORIZATION_DIRECTION_TO")
	// The traffic of the specified organizations can be evaluated by this organization.
	AuthorizedOrgsDescAuthorizationDirectionAuthorizationDirectionFrom = AuthorizedOrgsDescAuthorizationDirection("AUTHORIZATION_DIRECTION_FROM")
)
View Source 
const (
	// No authorization type specified.
	AuthorizedOrgsDescAuthorizationTypeAuthorizationTypeUnspecified = AuthorizedOrgsDescAuthorizationType("AUTHORIZATION_TYPE_UNSPECIFIED")
	// This authorization relationship is "trust".
	AuthorizedOrgsDescAuthorizationTypeAuthorizationTypeTrust = AuthorizedOrgsDescAuthorizationType("AUTHORIZATION_TYPE_TRUST")
)
View Source 
const (
	// All `Conditions` must be true for the `BasicLevel` to be true.
	BasicLevelCombiningFunctionAnd = BasicLevelCombiningFunction("AND")
	// If at least one `Condition` is true, then the `BasicLevel` is true.
	BasicLevelCombiningFunctionOr = BasicLevelCombiningFunction("OR")
)
View Source 
const (
	// The device's management level is not specified or not known.
	DevicePolicyAllowedDeviceManagementLevelsItemManagementUnspecified = DevicePolicyAllowedDeviceManagementLevelsItem("MANAGEMENT_UNSPECIFIED")
	// The device is not managed.
	DevicePolicyAllowedDeviceManagementLevelsItemNone = DevicePolicyAllowedDeviceManagementLevelsItem("NONE")
	// Basic management is enabled, which is generally limited to monitoring and wiping the corporate account.
	DevicePolicyAllowedDeviceManagementLevelsItemBasic = DevicePolicyAllowedDeviceManagementLevelsItem("BASIC")
	// Complete device management. This includes more thorough monitoring and the ability to directly manage the device (such as remote wiping). This can be enabled through the Android Enterprise Platform.
	DevicePolicyAllowedDeviceManagementLevelsItemComplete = DevicePolicyAllowedDeviceManagementLevelsItem("COMPLETE")
)
View Source 
const (
	// The encryption status of the device is not specified or not known.
	DevicePolicyAllowedEncryptionStatusesItemEncryptionUnspecified = DevicePolicyAllowedEncryptionStatusesItem("ENCRYPTION_UNSPECIFIED")
	// The device does not support encryption.
	DevicePolicyAllowedEncryptionStatusesItemEncryptionUnsupported = DevicePolicyAllowedEncryptionStatusesItem("ENCRYPTION_UNSUPPORTED")
	// The device supports encryption, but is currently unencrypted.
	DevicePolicyAllowedEncryptionStatusesItemUnencrypted = DevicePolicyAllowedEncryptionStatusesItem("UNENCRYPTED")
	// The device is encrypted.
	DevicePolicyAllowedEncryptionStatusesItemEncrypted = DevicePolicyAllowedEncryptionStatusesItem("ENCRYPTED")
)
View Source 
const (
	// No blanket identity group specified.
	EgressFromIdentityTypeIdentityTypeUnspecified = EgressFromIdentityType("IDENTITY_TYPE_UNSPECIFIED")
	// Authorize access from all identities outside the perimeter.
	EgressFromIdentityTypeAnyIdentity = EgressFromIdentityType("ANY_IDENTITY")
	// Authorize access from all human users outside the perimeter.
	EgressFromIdentityTypeAnyUserAccount = EgressFromIdentityType("ANY_USER_ACCOUNT")
	// Authorize access from all service accounts outside the perimeter.
	EgressFromIdentityTypeAnyServiceAccount = EgressFromIdentityType("ANY_SERVICE_ACCOUNT")
)
View Source 
const (
	// Enforcement preference unspecified, will not enforce traffic restrictions based on `sources` in EgressFrom.
	EgressFromSourceRestrictionSourceRestrictionUnspecified = EgressFromSourceRestriction("SOURCE_RESTRICTION_UNSPECIFIED")
	// Enforcement preference enabled, traffic restrictions will be enforced based on `sources` in EgressFrom.
	EgressFromSourceRestrictionSourceRestrictionEnabled = EgressFromSourceRestriction("SOURCE_RESTRICTION_ENABLED")
	// Enforcement preference disabled, will not enforce traffic restrictions based on `sources` in EgressFrom.
	EgressFromSourceRestrictionSourceRestrictionDisabled = EgressFromSourceRestriction("SOURCE_RESTRICTION_DISABLED")
)
View Source 
const (
	// No blanket identity group specified.
	IngressFromIdentityTypeIdentityTypeUnspecified = IngressFromIdentityType("IDENTITY_TYPE_UNSPECIFIED")
	// Authorize access from all identities outside the perimeter.
	IngressFromIdentityTypeAnyIdentity = IngressFromIdentityType("ANY_IDENTITY")
	// Authorize access from all human users outside the perimeter.
	IngressFromIdentityTypeAnyUserAccount = IngressFromIdentityType("ANY_USER_ACCOUNT")
	// Authorize access from all service accounts outside the perimeter.
	IngressFromIdentityTypeAnyServiceAccount = IngressFromIdentityType("ANY_SERVICE_ACCOUNT")
)
View Source 
const (
	// The operating system of the device is not specified or not known.
	OsConstraintOsTypeOsUnspecified = OsConstraintOsType("OS_UNSPECIFIED")
	// A desktop Mac operating system.
	OsConstraintOsTypeDesktopMac = OsConstraintOsType("DESKTOP_MAC")
	// A desktop Windows operating system.
	OsConstraintOsTypeDesktopWindows = OsConstraintOsType("DESKTOP_WINDOWS")
	// A desktop Linux operating system.
	OsConstraintOsTypeDesktopLinux = OsConstraintOsType("DESKTOP_LINUX")
	// A desktop ChromeOS operating system.
	OsConstraintOsTypeDesktopChromeOs = OsConstraintOsType("DESKTOP_CHROME_OS")
	// An Android operating system.
	OsConstraintOsTypeAndroid = OsConstraintOsType("ANDROID")
	// An iOS operating system.
	OsConstraintOsTypeIos = OsConstraintOsType("IOS")
)
View Source 
const (
	// Regular Perimeter. When no value is specified, the perimeter uses this type.
	ServicePerimeterPerimeterTypePerimeterTypeRegular = ServicePerimeterPerimeterType("PERIMETER_TYPE_REGULAR")
	// Perimeter Bridge.
	ServicePerimeterPerimeterTypePerimeterTypeBridge = ServicePerimeterPerimeterType("PERIMETER_TYPE_BRIDGE")
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessLevel added in v0.3.0 

type AccessLevel struct {
	pulumi.CustomResourceState

	AccessPolicyId pulumi.StringOutput `pulumi:"accessPolicyId"`
	// A `BasicLevel` composed of `Conditions`.
	Basic BasicLevelResponseOutput `pulumi:"basic"`
	// A `CustomLevel` written in the Common Expression Language.
	Custom CustomLevelResponseOutput `pulumi:"custom"`
	// Description of the `AccessLevel` and its use. Does not affect behavior.
	Description pulumi.StringOutput `pulumi:"description"`
	// Resource name for the `AccessLevel`. Format: `accessPolicies/{access_policy}/accessLevels/{access_level}`. The `access_level` component must begin with a letter, followed by alphanumeric characters or `_`. Its maximum length is 50 characters. After you create an `AccessLevel`, you cannot change its `name`.
	Name pulumi.StringOutput `pulumi:"name"`
	// Human readable title. Must be unique within the Policy.
	Title pulumi.StringOutput `pulumi:"title"`
}

Creates an access level. The long-running operation from this RPC has a successful status after the access level propagates to long-lasting storage. If access levels contain errors, an error response is returned for the first error encountered.

func GetAccessLevel added in v0.3.0 

func GetAccessLevel(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccessLevelState, opts ...pulumi.ResourceOption) (*AccessLevel, error)

GetAccessLevel gets an existing AccessLevel resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessLevel added in v0.3.0 

func NewAccessLevel(ctx *pulumi.Context,
	name string, args *AccessLevelArgs, opts ...pulumi.ResourceOption) (*AccessLevel, error)

NewAccessLevel registers a new resource with the given unique name, arguments, and options.

func (*AccessLevel) ElementType added in v0.3.0 

func (*AccessLevel) ElementType() reflect.Type

func (*AccessLevel) ToAccessLevelOutput added in v0.3.0 

func (i *AccessLevel) ToAccessLevelOutput() AccessLevelOutput

func (*AccessLevel) ToAccessLevelOutputWithContext added in v0.3.0 

func (i *AccessLevel) ToAccessLevelOutputWithContext(ctx context.Context) AccessLevelOutput

type AccessLevelArgs added in v0.3.0 

type AccessLevelArgs struct {
	AccessPolicyId pulumi.StringInput
	// A `BasicLevel` composed of `Conditions`.
	Basic BasicLevelPtrInput
	// A `CustomLevel` written in the Common Expression Language.
	Custom CustomLevelPtrInput
	// Description of the `AccessLevel` and its use. Does not affect behavior.
	Description pulumi.StringPtrInput
	// Resource name for the `AccessLevel`. Format: `accessPolicies/{access_policy}/accessLevels/{access_level}`. The `access_level` component must begin with a letter, followed by alphanumeric characters or `_`. Its maximum length is 50 characters. After you create an `AccessLevel`, you cannot change its `name`.
	Name pulumi.StringPtrInput
	// Human readable title. Must be unique within the Policy.
	Title pulumi.StringPtrInput
}

The set of arguments for constructing a AccessLevel resource.

func (AccessLevelArgs) ElementType added in v0.3.0 

func (AccessLevelArgs) ElementType() reflect.Type

type AccessLevelInput added in v0.3.0 

type AccessLevelInput interface {
	pulumi.Input

	ToAccessLevelOutput() AccessLevelOutput
	ToAccessLevelOutputWithContext(ctx context.Context) AccessLevelOutput
}

type AccessLevelOutput added in v0.3.0 

type AccessLevelOutput struct{ *pulumi.OutputState }

func (AccessLevelOutput) AccessPolicyId added in v0.21.0 

func (o AccessLevelOutput) AccessPolicyId() pulumi.StringOutput

func (AccessLevelOutput) Basic added in v0.19.0 

func (o AccessLevelOutput) Basic() BasicLevelResponseOutput

A `BasicLevel` composed of `Conditions`.

func (AccessLevelOutput) Custom added in v0.19.0 

func (o AccessLevelOutput) Custom() CustomLevelResponseOutput

A `CustomLevel` written in the Common Expression Language.

func (AccessLevelOutput) Description added in v0.19.0 

func (o AccessLevelOutput) Description() pulumi.StringOutput

Description of the `AccessLevel` and its use. Does not affect behavior.

func (AccessLevelOutput) ElementType added in v0.3.0 

func (AccessLevelOutput) ElementType() reflect.Type

func (AccessLevelOutput) Name added in v0.19.0 

func (o AccessLevelOutput) Name() pulumi.StringOutput

Resource name for the `AccessLevel`. Format: `accessPolicies/{access_policy}/accessLevels/{access_level}`. The `access_level` component must begin with a letter, followed by alphanumeric characters or `_`. Its maximum length is 50 characters. After you create an `AccessLevel`, you cannot change its `name`.

func (AccessLevelOutput) Title added in v0.19.0 

func (o AccessLevelOutput) Title() pulumi.StringOutput

Human readable title. Must be unique within the Policy.

func (AccessLevelOutput) ToAccessLevelOutput added in v0.3.0 

func (o AccessLevelOutput) ToAccessLevelOutput() AccessLevelOutput

func (AccessLevelOutput) ToAccessLevelOutputWithContext added in v0.3.0 

func (o AccessLevelOutput) ToAccessLevelOutputWithContext(ctx context.Context) AccessLevelOutput

type AccessLevelState added in v0.3.0 

type AccessLevelState struct {
}

func (AccessLevelState) ElementType added in v0.3.0 

func (AccessLevelState) ElementType() reflect.Type

type AccessPolicy 

type AccessPolicy struct {
	pulumi.CustomResourceState

	// An opaque identifier for the current version of the `AccessPolicy`. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Resource name of the `AccessPolicy`. Format: `accessPolicies/{access_policy}`
	Name pulumi.StringOutput `pulumi:"name"`
	// The parent of this `AccessPolicy` in the Cloud Resource Hierarchy. Currently immutable once created. Format: `organizations/{organization_id}`
	Parent pulumi.StringOutput `pulumi:"parent"`
	// The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with `scopes=["folders/123"]` has the following behavior: - ServicePerimeter can only restrict projects within `folders/123`. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes `folders/123` will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of `folders/{folder_number}` or `projects/{project_number}`
	Scopes pulumi.StringArrayOutput `pulumi:"scopes"`
	// Human readable title. Does not affect behavior.
	Title pulumi.StringOutput `pulumi:"title"`
}

Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage. Syntactic and basic semantic errors are returned in `metadata` as a BadRequest proto. Auto-naming is currently not supported for this resource.

func GetAccessPolicy 

func GetAccessPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccessPolicyState, opts ...pulumi.ResourceOption) (*AccessPolicy, error)

GetAccessPolicy gets an existing AccessPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessPolicy 

func NewAccessPolicy(ctx *pulumi.Context,
	name string, args *AccessPolicyArgs, opts ...pulumi.ResourceOption) (*AccessPolicy, error)

NewAccessPolicy registers a new resource with the given unique name, arguments, and options.

func (*AccessPolicy) ElementType 

func (*AccessPolicy) ElementType() reflect.Type

func (*AccessPolicy) ToAccessPolicyOutput 

func (i *AccessPolicy) ToAccessPolicyOutput() AccessPolicyOutput

func (*AccessPolicy) ToAccessPolicyOutputWithContext 

func (i *AccessPolicy) ToAccessPolicyOutputWithContext(ctx context.Context) AccessPolicyOutput

type AccessPolicyArgs 

type AccessPolicyArgs struct {
	// The parent of this `AccessPolicy` in the Cloud Resource Hierarchy. Currently immutable once created. Format: `organizations/{organization_id}`
	Parent pulumi.StringInput
	// The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with `scopes=["folders/123"]` has the following behavior: - ServicePerimeter can only restrict projects within `folders/123`. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes `folders/123` will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of `folders/{folder_number}` or `projects/{project_number}`
	Scopes pulumi.StringArrayInput
	// Human readable title. Does not affect behavior.
	Title pulumi.StringInput
}

The set of arguments for constructing a AccessPolicy resource.

func (AccessPolicyArgs) ElementType 

func (AccessPolicyArgs) ElementType() reflect.Type

type AccessPolicyIamBinding added in v0.26.0 

type AccessPolicyIamBinding struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the IAM policy for the specified Access Context Manager access policy. This method replaces the existing IAM policy on the access policy. The IAM policy controls the set of users who can perform specific operations on the Access Context Manager access policy.

func GetAccessPolicyIamBinding added in v0.26.0 

func GetAccessPolicyIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccessPolicyIamBindingState, opts ...pulumi.ResourceOption) (*AccessPolicyIamBinding, error)

GetAccessPolicyIamBinding gets an existing AccessPolicyIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessPolicyIamBinding added in v0.26.0 

func NewAccessPolicyIamBinding(ctx *pulumi.Context,
	name string, args *AccessPolicyIamBindingArgs, opts ...pulumi.ResourceOption) (*AccessPolicyIamBinding, error)

NewAccessPolicyIamBinding registers a new resource with the given unique name, arguments, and options.

func (*AccessPolicyIamBinding) ElementType added in v0.26.0 

func (*AccessPolicyIamBinding) ElementType() reflect.Type

func (*AccessPolicyIamBinding) ToAccessPolicyIamBindingOutput added in v0.26.0 

func (i *AccessPolicyIamBinding) ToAccessPolicyIamBindingOutput() AccessPolicyIamBindingOutput

func (*AccessPolicyIamBinding) ToAccessPolicyIamBindingOutputWithContext added in v0.26.0 

func (i *AccessPolicyIamBinding) ToAccessPolicyIamBindingOutputWithContext(ctx context.Context) AccessPolicyIamBindingOutput

type AccessPolicyIamBindingArgs added in v0.26.0 

type AccessPolicyIamBindingArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringInput
}

The set of arguments for constructing a AccessPolicyIamBinding resource.

func (AccessPolicyIamBindingArgs) ElementType added in v0.26.0 

func (AccessPolicyIamBindingArgs) ElementType() reflect.Type

type AccessPolicyIamBindingInput added in v0.26.0 

type AccessPolicyIamBindingInput interface {
	pulumi.Input

	ToAccessPolicyIamBindingOutput() AccessPolicyIamBindingOutput
	ToAccessPolicyIamBindingOutputWithContext(ctx context.Context) AccessPolicyIamBindingOutput
}

type AccessPolicyIamBindingOutput added in v0.26.0 

type AccessPolicyIamBindingOutput struct{ *pulumi.OutputState }

func (AccessPolicyIamBindingOutput) Condition added in v0.26.0 

func (o AccessPolicyIamBindingOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (AccessPolicyIamBindingOutput) ElementType added in v0.26.0 

func (AccessPolicyIamBindingOutput) ElementType() reflect.Type

func (AccessPolicyIamBindingOutput) Etag added in v0.26.0 

func (o AccessPolicyIamBindingOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (AccessPolicyIamBindingOutput) Members added in v0.26.0 

func (o AccessPolicyIamBindingOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (AccessPolicyIamBindingOutput) Name added in v0.26.0 

func (o AccessPolicyIamBindingOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (AccessPolicyIamBindingOutput) Project added in v0.26.0 

func (o AccessPolicyIamBindingOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (AccessPolicyIamBindingOutput) Role added in v0.26.0 

func (o AccessPolicyIamBindingOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (AccessPolicyIamBindingOutput) ToAccessPolicyIamBindingOutput added in v0.26.0 

func (o AccessPolicyIamBindingOutput) ToAccessPolicyIamBindingOutput() AccessPolicyIamBindingOutput

func (AccessPolicyIamBindingOutput) ToAccessPolicyIamBindingOutputWithContext added in v0.26.0 

func (o AccessPolicyIamBindingOutput) ToAccessPolicyIamBindingOutputWithContext(ctx context.Context) AccessPolicyIamBindingOutput

type AccessPolicyIamBindingState added in v0.26.0 

type AccessPolicyIamBindingState struct {
}

func (AccessPolicyIamBindingState) ElementType added in v0.26.0 

func (AccessPolicyIamBindingState) ElementType() reflect.Type

type AccessPolicyIamMember added in v0.26.0 

type AccessPolicyIamMember struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Member pulumi.StringOutput `pulumi:"member"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the IAM policy for the specified Access Context Manager access policy. This method replaces the existing IAM policy on the access policy. The IAM policy controls the set of users who can perform specific operations on the Access Context Manager access policy.

func GetAccessPolicyIamMember added in v0.26.0 

func GetAccessPolicyIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccessPolicyIamMemberState, opts ...pulumi.ResourceOption) (*AccessPolicyIamMember, error)

GetAccessPolicyIamMember gets an existing AccessPolicyIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessPolicyIamMember added in v0.26.0 

func NewAccessPolicyIamMember(ctx *pulumi.Context,
	name string, args *AccessPolicyIamMemberArgs, opts ...pulumi.ResourceOption) (*AccessPolicyIamMember, error)

NewAccessPolicyIamMember registers a new resource with the given unique name, arguments, and options.

func (*AccessPolicyIamMember) ElementType added in v0.26.0 

func (*AccessPolicyIamMember) ElementType() reflect.Type

func (*AccessPolicyIamMember) ToAccessPolicyIamMemberOutput added in v0.26.0 

func (i *AccessPolicyIamMember) ToAccessPolicyIamMemberOutput() AccessPolicyIamMemberOutput

func (*AccessPolicyIamMember) ToAccessPolicyIamMemberOutputWithContext added in v0.26.0 

func (i *AccessPolicyIamMember) ToAccessPolicyIamMemberOutputWithContext(ctx context.Context) AccessPolicyIamMemberOutput

type AccessPolicyIamMemberArgs added in v0.26.0 

type AccessPolicyIamMemberArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied.
	Role pulumi.StringInput
}

The set of arguments for constructing a AccessPolicyIamMember resource.

func (AccessPolicyIamMemberArgs) ElementType added in v0.26.0 

func (AccessPolicyIamMemberArgs) ElementType() reflect.Type

type AccessPolicyIamMemberInput added in v0.26.0 

type AccessPolicyIamMemberInput interface {
	pulumi.Input

	ToAccessPolicyIamMemberOutput() AccessPolicyIamMemberOutput
	ToAccessPolicyIamMemberOutputWithContext(ctx context.Context) AccessPolicyIamMemberOutput
}

type AccessPolicyIamMemberOutput added in v0.26.0 

type AccessPolicyIamMemberOutput struct{ *pulumi.OutputState }

func (AccessPolicyIamMemberOutput) Condition added in v0.26.0 

func (o AccessPolicyIamMemberOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (AccessPolicyIamMemberOutput) ElementType added in v0.26.0 

func (AccessPolicyIamMemberOutput) ElementType() reflect.Type

func (AccessPolicyIamMemberOutput) Etag added in v0.26.0 

func (o AccessPolicyIamMemberOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (AccessPolicyIamMemberOutput) Member added in v0.26.0 

func (o AccessPolicyIamMemberOutput) Member() pulumi.StringOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (AccessPolicyIamMemberOutput) Name added in v0.26.0 

func (o AccessPolicyIamMemberOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (AccessPolicyIamMemberOutput) Project added in v0.26.0 

func (o AccessPolicyIamMemberOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (AccessPolicyIamMemberOutput) Role added in v0.26.0 

func (o AccessPolicyIamMemberOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (AccessPolicyIamMemberOutput) ToAccessPolicyIamMemberOutput added in v0.26.0 

func (o AccessPolicyIamMemberOutput) ToAccessPolicyIamMemberOutput() AccessPolicyIamMemberOutput

func (AccessPolicyIamMemberOutput) ToAccessPolicyIamMemberOutputWithContext added in v0.26.0 

func (o AccessPolicyIamMemberOutput) ToAccessPolicyIamMemberOutputWithContext(ctx context.Context) AccessPolicyIamMemberOutput

type AccessPolicyIamMemberState added in v0.26.0 

type AccessPolicyIamMemberState struct {
}

func (AccessPolicyIamMemberState) ElementType added in v0.26.0 

func (AccessPolicyIamMemberState) ElementType() reflect.Type

type AccessPolicyIamPolicy added in v0.11.0 

type AccessPolicyIamPolicy struct {
	pulumi.CustomResourceState

	AccessPolicyId pulumi.StringOutput `pulumi:"accessPolicyId"`
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings BindingResponseArrayOutput `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the IAM policy for the specified Access Context Manager access policy. This method replaces the existing IAM policy on the access policy. The IAM policy controls the set of users who can perform specific operations on the Access Context Manager access policy. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetAccessPolicyIamPolicy added in v0.11.0 

func GetAccessPolicyIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccessPolicyIamPolicyState, opts ...pulumi.ResourceOption) (*AccessPolicyIamPolicy, error)

GetAccessPolicyIamPolicy gets an existing AccessPolicyIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessPolicyIamPolicy added in v0.11.0 

func NewAccessPolicyIamPolicy(ctx *pulumi.Context,
	name string, args *AccessPolicyIamPolicyArgs, opts ...pulumi.ResourceOption) (*AccessPolicyIamPolicy, error)

NewAccessPolicyIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*AccessPolicyIamPolicy) ElementType added in v0.11.0 

func (*AccessPolicyIamPolicy) ElementType() reflect.Type

func (*AccessPolicyIamPolicy) ToAccessPolicyIamPolicyOutput added in v0.11.0 

func (i *AccessPolicyIamPolicy) ToAccessPolicyIamPolicyOutput() AccessPolicyIamPolicyOutput

func (*AccessPolicyIamPolicy) ToAccessPolicyIamPolicyOutputWithContext added in v0.11.0 

func (i *AccessPolicyIamPolicy) ToAccessPolicyIamPolicyOutputWithContext(ctx context.Context) AccessPolicyIamPolicyOutput

type AccessPolicyIamPolicyArgs added in v0.11.0 

type AccessPolicyIamPolicyArgs struct {
	AccessPolicyId pulumi.StringInput
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigArrayInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings BindingArrayInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag pulumi.StringPtrInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a AccessPolicyIamPolicy resource.

func (AccessPolicyIamPolicyArgs) ElementType added in v0.11.0 

func (AccessPolicyIamPolicyArgs) ElementType() reflect.Type

type AccessPolicyIamPolicyInput added in v0.11.0 

type AccessPolicyIamPolicyInput interface {
	pulumi.Input

	ToAccessPolicyIamPolicyOutput() AccessPolicyIamPolicyOutput
	ToAccessPolicyIamPolicyOutputWithContext(ctx context.Context) AccessPolicyIamPolicyOutput
}

type AccessPolicyIamPolicyOutput added in v0.11.0 

type AccessPolicyIamPolicyOutput struct{ *pulumi.OutputState }

func (AccessPolicyIamPolicyOutput) AccessPolicyId added in v0.21.0 

func (o AccessPolicyIamPolicyOutput) AccessPolicyId() pulumi.StringOutput

func (AccessPolicyIamPolicyOutput) AuditConfigs added in v0.19.0 

func (o AccessPolicyIamPolicyOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (AccessPolicyIamPolicyOutput) Bindings added in v0.19.0 

func (o AccessPolicyIamPolicyOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (AccessPolicyIamPolicyOutput) ElementType added in v0.11.0 

func (AccessPolicyIamPolicyOutput) ElementType() reflect.Type

func (AccessPolicyIamPolicyOutput) Etag added in v0.19.0 

func (o AccessPolicyIamPolicyOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (AccessPolicyIamPolicyOutput) ToAccessPolicyIamPolicyOutput added in v0.11.0 

func (o AccessPolicyIamPolicyOutput) ToAccessPolicyIamPolicyOutput() AccessPolicyIamPolicyOutput

func (AccessPolicyIamPolicyOutput) ToAccessPolicyIamPolicyOutputWithContext added in v0.11.0 

func (o AccessPolicyIamPolicyOutput) ToAccessPolicyIamPolicyOutputWithContext(ctx context.Context) AccessPolicyIamPolicyOutput

func (AccessPolicyIamPolicyOutput) Version added in v0.19.0 

func (o AccessPolicyIamPolicyOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type AccessPolicyIamPolicyState added in v0.11.0 

type AccessPolicyIamPolicyState struct {
}

func (AccessPolicyIamPolicyState) ElementType added in v0.11.0 

func (AccessPolicyIamPolicyState) ElementType() reflect.Type

type AccessPolicyInput 

type AccessPolicyInput interface {
	pulumi.Input

	ToAccessPolicyOutput() AccessPolicyOutput
	ToAccessPolicyOutputWithContext(ctx context.Context) AccessPolicyOutput
}

type AccessPolicyOutput 

type AccessPolicyOutput struct{ *pulumi.OutputState }

func (AccessPolicyOutput) ElementType 

func (AccessPolicyOutput) ElementType() reflect.Type

func (AccessPolicyOutput) Etag added in v0.19.0 

func (o AccessPolicyOutput) Etag() pulumi.StringOutput

An opaque identifier for the current version of the `AccessPolicy`. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.

func (AccessPolicyOutput) Name added in v0.19.0 

func (o AccessPolicyOutput) Name() pulumi.StringOutput

Resource name of the `AccessPolicy`. Format: `accessPolicies/{access_policy}`

func (AccessPolicyOutput) Parent added in v0.19.0 

func (o AccessPolicyOutput) Parent() pulumi.StringOutput

The parent of this `AccessPolicy` in the Cloud Resource Hierarchy. Currently immutable once created. Format: `organizations/{organization_id}`

func (AccessPolicyOutput) Scopes added in v0.19.0 

func (o AccessPolicyOutput) Scopes() pulumi.StringArrayOutput

The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with `scopes=["folders/123"]` has the following behavior: - ServicePerimeter can only restrict projects within `folders/123`. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes `folders/123` will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of `folders/{folder_number}` or `projects/{project_number}`

func (AccessPolicyOutput) Title added in v0.19.0 

func (o AccessPolicyOutput) Title() pulumi.StringOutput

Human readable title. Does not affect behavior.

func (AccessPolicyOutput) ToAccessPolicyOutput 

func (o AccessPolicyOutput) ToAccessPolicyOutput() AccessPolicyOutput

func (AccessPolicyOutput) ToAccessPolicyOutputWithContext 

func (o AccessPolicyOutput) ToAccessPolicyOutputWithContext(ctx context.Context) AccessPolicyOutput

type AccessPolicyState 

type AccessPolicyState struct {
}

func (AccessPolicyState) ElementType 

func (AccessPolicyState) ElementType() reflect.Type

type ApiOperation 

type ApiOperation struct {
	// API methods or permissions to allow. Method or permission must belong to the service specified by `service_name` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `service_name`.
	MethodSelectors []MethodSelector `pulumi:"methodSelectors"`
	// The name of the API whose methods or permissions the IngressPolicy or EgressPolicy want to allow. A single ApiOperation with `service_name` field set to `*` will allow all methods AND permissions for all services.
	ServiceName *string `pulumi:"serviceName"`
}

Identification for an API Operation.

type ApiOperationArgs 

type ApiOperationArgs struct {
	// API methods or permissions to allow. Method or permission must belong to the service specified by `service_name` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `service_name`.
	MethodSelectors MethodSelectorArrayInput `pulumi:"methodSelectors"`
	// The name of the API whose methods or permissions the IngressPolicy or EgressPolicy want to allow. A single ApiOperation with `service_name` field set to `*` will allow all methods AND permissions for all services.
	ServiceName pulumi.StringPtrInput `pulumi:"serviceName"`
}

Identification for an API Operation.

func (ApiOperationArgs) ElementType 

func (ApiOperationArgs) ElementType() reflect.Type

func (ApiOperationArgs) ToApiOperationOutput 

func (i ApiOperationArgs) ToApiOperationOutput() ApiOperationOutput

func (ApiOperationArgs) ToApiOperationOutputWithContext 

func (i ApiOperationArgs) ToApiOperationOutputWithContext(ctx context.Context) ApiOperationOutput

type ApiOperationArray 

type ApiOperationArray []ApiOperationInput

func (ApiOperationArray) ElementType 

func (ApiOperationArray) ElementType() reflect.Type

func (ApiOperationArray) ToApiOperationArrayOutput 

func (i ApiOperationArray) ToApiOperationArrayOutput() ApiOperationArrayOutput

func (ApiOperationArray) ToApiOperationArrayOutputWithContext 

func (i ApiOperationArray) ToApiOperationArrayOutputWithContext(ctx context.Context) ApiOperationArrayOutput

type ApiOperationArrayInput 

type ApiOperationArrayInput interface {
	pulumi.Input

	ToApiOperationArrayOutput() ApiOperationArrayOutput
	ToApiOperationArrayOutputWithContext(context.Context) ApiOperationArrayOutput
}

ApiOperationArrayInput is an input type that accepts ApiOperationArray and ApiOperationArrayOutput values. You can construct a concrete instance of `ApiOperationArrayInput` via: 

ApiOperationArray{ ApiOperationArgs{...} }

type ApiOperationArrayOutput 

type ApiOperationArrayOutput struct{ *pulumi.OutputState }

func (ApiOperationArrayOutput) ElementType 

func (ApiOperationArrayOutput) ElementType() reflect.Type

func (ApiOperationArrayOutput) Index 

func (o ApiOperationArrayOutput) Index(i pulumi.IntInput) ApiOperationOutput

func (ApiOperationArrayOutput) ToApiOperationArrayOutput 

func (o ApiOperationArrayOutput) ToApiOperationArrayOutput() ApiOperationArrayOutput

func (ApiOperationArrayOutput) ToApiOperationArrayOutputWithContext 

func (o ApiOperationArrayOutput) ToApiOperationArrayOutputWithContext(ctx context.Context) ApiOperationArrayOutput

type ApiOperationInput 

type ApiOperationInput interface {
	pulumi.Input

	ToApiOperationOutput() ApiOperationOutput
	ToApiOperationOutputWithContext(context.Context) ApiOperationOutput
}

ApiOperationInput is an input type that accepts ApiOperationArgs and ApiOperationOutput values. You can construct a concrete instance of `ApiOperationInput` via: 

ApiOperationArgs{...}

type ApiOperationOutput 

type ApiOperationOutput struct{ *pulumi.OutputState }

Identification for an API Operation.

func (ApiOperationOutput) ElementType 

func (ApiOperationOutput) ElementType() reflect.Type

func (ApiOperationOutput) MethodSelectors 

func (o ApiOperationOutput) MethodSelectors() MethodSelectorArrayOutput

API methods or permissions to allow. Method or permission must belong to the service specified by `service_name` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `service_name`.

func (ApiOperationOutput) ServiceName 

func (o ApiOperationOutput) ServiceName() pulumi.StringPtrOutput

The name of the API whose methods or permissions the IngressPolicy or EgressPolicy want to allow. A single ApiOperation with `service_name` field set to `*` will allow all methods AND permissions for all services.

func (ApiOperationOutput) ToApiOperationOutput 

func (o ApiOperationOutput) ToApiOperationOutput() ApiOperationOutput

func (ApiOperationOutput) ToApiOperationOutputWithContext 

func (o ApiOperationOutput) ToApiOperationOutputWithContext(ctx context.Context) ApiOperationOutput

type ApiOperationResponse 

type ApiOperationResponse struct {
	// API methods or permissions to allow. Method or permission must belong to the service specified by `service_name` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `service_name`.
	MethodSelectors []MethodSelectorResponse `pulumi:"methodSelectors"`
	// The name of the API whose methods or permissions the IngressPolicy or EgressPolicy want to allow. A single ApiOperation with `service_name` field set to `*` will allow all methods AND permissions for all services.
	ServiceName string `pulumi:"serviceName"`
}

Identification for an API Operation.

type ApiOperationResponseArrayOutput 

type ApiOperationResponseArrayOutput struct{ *pulumi.OutputState }

func (ApiOperationResponseArrayOutput) ElementType 

func (ApiOperationResponseArrayOutput) ElementType() reflect.Type

func (ApiOperationResponseArrayOutput) Index 

func (o ApiOperationResponseArrayOutput) Index(i pulumi.IntInput) ApiOperationResponseOutput

func (ApiOperationResponseArrayOutput) ToApiOperationResponseArrayOutput 

func (o ApiOperationResponseArrayOutput) ToApiOperationResponseArrayOutput() ApiOperationResponseArrayOutput

func (ApiOperationResponseArrayOutput) ToApiOperationResponseArrayOutputWithContext 

func (o ApiOperationResponseArrayOutput) ToApiOperationResponseArrayOutputWithContext(ctx context.Context) ApiOperationResponseArrayOutput

type ApiOperationResponseOutput 

type ApiOperationResponseOutput struct{ *pulumi.OutputState }

Identification for an API Operation.

func (ApiOperationResponseOutput) ElementType 

func (ApiOperationResponseOutput) ElementType() reflect.Type

func (ApiOperationResponseOutput) MethodSelectors 

func (o ApiOperationResponseOutput) MethodSelectors() MethodSelectorResponseArrayOutput

API methods or permissions to allow. Method or permission must belong to the service specified by `service_name` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `service_name`.

func (ApiOperationResponseOutput) ServiceName 

func (o ApiOperationResponseOutput) ServiceName() pulumi.StringOutput

The name of the API whose methods or permissions the IngressPolicy or EgressPolicy want to allow. A single ApiOperation with `service_name` field set to `*` will allow all methods AND permissions for all services.

func (ApiOperationResponseOutput) ToApiOperationResponseOutput 

func (o ApiOperationResponseOutput) ToApiOperationResponseOutput() ApiOperationResponseOutput

func (ApiOperationResponseOutput) ToApiOperationResponseOutputWithContext 

func (o ApiOperationResponseOutput) ToApiOperationResponseOutputWithContext(ctx context.Context) ApiOperationResponseOutput

type AuditConfig added in v0.11.0 

type AuditConfig struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs []AuditLogConfig `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service *string `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

type AuditConfigArgs added in v0.11.0 

type AuditConfigArgs struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs AuditLogConfigArrayInput `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service pulumi.StringPtrInput `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

func (AuditConfigArgs) ElementType added in v0.11.0 

func (AuditConfigArgs) ElementType() reflect.Type

func (AuditConfigArgs) ToAuditConfigOutput added in v0.11.0 

func (i AuditConfigArgs) ToAuditConfigOutput() AuditConfigOutput

func (AuditConfigArgs) ToAuditConfigOutputWithContext added in v0.11.0 

func (i AuditConfigArgs) ToAuditConfigOutputWithContext(ctx context.Context) AuditConfigOutput

type AuditConfigArray added in v0.11.0 

type AuditConfigArray []AuditConfigInput

func (AuditConfigArray) ElementType added in v0.11.0 

func (AuditConfigArray) ElementType() reflect.Type

func (AuditConfigArray) ToAuditConfigArrayOutput added in v0.11.0 

func (i AuditConfigArray) ToAuditConfigArrayOutput() AuditConfigArrayOutput

func (AuditConfigArray) ToAuditConfigArrayOutputWithContext added in v0.11.0 

func (i AuditConfigArray) ToAuditConfigArrayOutputWithContext(ctx context.Context) AuditConfigArrayOutput

type AuditConfigArrayInput added in v0.11.0 

type AuditConfigArrayInput interface {
	pulumi.Input

	ToAuditConfigArrayOutput() AuditConfigArrayOutput
	ToAuditConfigArrayOutputWithContext(context.Context) AuditConfigArrayOutput
}

AuditConfigArrayInput is an input type that accepts AuditConfigArray and AuditConfigArrayOutput values. You can construct a concrete instance of `AuditConfigArrayInput` via: 

AuditConfigArray{ AuditConfigArgs{...} }

type AuditConfigArrayOutput added in v0.11.0 

type AuditConfigArrayOutput struct{ *pulumi.OutputState }

func (AuditConfigArrayOutput) ElementType added in v0.11.0 

func (AuditConfigArrayOutput) ElementType() reflect.Type

func (AuditConfigArrayOutput) Index added in v0.11.0 

func (o AuditConfigArrayOutput) Index(i pulumi.IntInput) AuditConfigOutput

func (AuditConfigArrayOutput) ToAuditConfigArrayOutput added in v0.11.0 

func (o AuditConfigArrayOutput) ToAuditConfigArrayOutput() AuditConfigArrayOutput

func (AuditConfigArrayOutput) ToAuditConfigArrayOutputWithContext added in v0.11.0 

func (o AuditConfigArrayOutput) ToAuditConfigArrayOutputWithContext(ctx context.Context) AuditConfigArrayOutput

type AuditConfigInput added in v0.11.0 

type AuditConfigInput interface {
	pulumi.Input

	ToAuditConfigOutput() AuditConfigOutput
	ToAuditConfigOutputWithContext(context.Context) AuditConfigOutput
}

AuditConfigInput is an input type that accepts AuditConfigArgs and AuditConfigOutput values. You can construct a concrete instance of `AuditConfigInput` via: 

AuditConfigArgs{...}

type AuditConfigOutput added in v0.11.0 

type AuditConfigOutput struct{ *pulumi.OutputState }

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

func (AuditConfigOutput) AuditLogConfigs added in v0.11.0 

func (o AuditConfigOutput) AuditLogConfigs() AuditLogConfigArrayOutput

The configuration for logging of each type of permission.

func (AuditConfigOutput) ElementType added in v0.11.0 

func (AuditConfigOutput) ElementType() reflect.Type

func (AuditConfigOutput) Service added in v0.11.0 

func (o AuditConfigOutput) Service() pulumi.StringPtrOutput

Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.

func (AuditConfigOutput) ToAuditConfigOutput added in v0.11.0 

func (o AuditConfigOutput) ToAuditConfigOutput() AuditConfigOutput

func (AuditConfigOutput) ToAuditConfigOutputWithContext added in v0.11.0 

func (o AuditConfigOutput) ToAuditConfigOutputWithContext(ctx context.Context) AuditConfigOutput

type AuditConfigResponse added in v0.11.0 

type AuditConfigResponse struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs []AuditLogConfigResponse `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service string `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

type AuditConfigResponseArrayOutput added in v0.11.0 

type AuditConfigResponseArrayOutput struct{ *pulumi.OutputState }

func (AuditConfigResponseArrayOutput) ElementType added in v0.11.0 

func (AuditConfigResponseArrayOutput) ElementType() reflect.Type

func (AuditConfigResponseArrayOutput) Index added in v0.11.0 

func (o AuditConfigResponseArrayOutput) Index(i pulumi.IntInput) AuditConfigResponseOutput

func (AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutput added in v0.11.0 

func (o AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutput() AuditConfigResponseArrayOutput

func (AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutputWithContext added in v0.11.0 

func (o AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutputWithContext(ctx context.Context) AuditConfigResponseArrayOutput

type AuditConfigResponseOutput added in v0.11.0 

type AuditConfigResponseOutput struct{ *pulumi.OutputState }

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

func (AuditConfigResponseOutput) AuditLogConfigs added in v0.11.0 

func (o AuditConfigResponseOutput) AuditLogConfigs() AuditLogConfigResponseArrayOutput

The configuration for logging of each type of permission.

func (AuditConfigResponseOutput) ElementType added in v0.11.0 

func (AuditConfigResponseOutput) ElementType() reflect.Type

func (AuditConfigResponseOutput) Service added in v0.11.0 

func (o AuditConfigResponseOutput) Service() pulumi.StringOutput

Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.

func (AuditConfigResponseOutput) ToAuditConfigResponseOutput added in v0.11.0 

func (o AuditConfigResponseOutput) ToAuditConfigResponseOutput() AuditConfigResponseOutput

func (AuditConfigResponseOutput) ToAuditConfigResponseOutputWithContext added in v0.11.0 

func (o AuditConfigResponseOutput) ToAuditConfigResponseOutputWithContext(ctx context.Context) AuditConfigResponseOutput

type AuditLogConfig added in v0.11.0 

type AuditLogConfig struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType *AuditLogConfigLogType `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

type AuditLogConfigArgs added in v0.11.0 

type AuditLogConfigArgs struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers pulumi.StringArrayInput `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType AuditLogConfigLogTypePtrInput `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (AuditLogConfigArgs) ElementType added in v0.11.0 

func (AuditLogConfigArgs) ElementType() reflect.Type

func (AuditLogConfigArgs) ToAuditLogConfigOutput added in v0.11.0 

func (i AuditLogConfigArgs) ToAuditLogConfigOutput() AuditLogConfigOutput

func (AuditLogConfigArgs) ToAuditLogConfigOutputWithContext added in v0.11.0 

func (i AuditLogConfigArgs) ToAuditLogConfigOutputWithContext(ctx context.Context) AuditLogConfigOutput

type AuditLogConfigArray added in v0.11.0 

type AuditLogConfigArray []AuditLogConfigInput

func (AuditLogConfigArray) ElementType added in v0.11.0 

func (AuditLogConfigArray) ElementType() reflect.Type

func (AuditLogConfigArray) ToAuditLogConfigArrayOutput added in v0.11.0 

func (i AuditLogConfigArray) ToAuditLogConfigArrayOutput() AuditLogConfigArrayOutput

func (AuditLogConfigArray) ToAuditLogConfigArrayOutputWithContext added in v0.11.0 

func (i AuditLogConfigArray) ToAuditLogConfigArrayOutputWithContext(ctx context.Context) AuditLogConfigArrayOutput

type AuditLogConfigArrayInput added in v0.11.0 

type AuditLogConfigArrayInput interface {
	pulumi.Input

	ToAuditLogConfigArrayOutput() AuditLogConfigArrayOutput
	ToAuditLogConfigArrayOutputWithContext(context.Context) AuditLogConfigArrayOutput
}

AuditLogConfigArrayInput is an input type that accepts AuditLogConfigArray and AuditLogConfigArrayOutput values. You can construct a concrete instance of `AuditLogConfigArrayInput` via: 

AuditLogConfigArray{ AuditLogConfigArgs{...} }

type AuditLogConfigArrayOutput added in v0.11.0 

type AuditLogConfigArrayOutput struct{ *pulumi.OutputState }

func (AuditLogConfigArrayOutput) ElementType added in v0.11.0 

func (AuditLogConfigArrayOutput) ElementType() reflect.Type

func (AuditLogConfigArrayOutput) Index added in v0.11.0 

func (o AuditLogConfigArrayOutput) Index(i pulumi.IntInput) AuditLogConfigOutput

func (AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutput added in v0.11.0 

func (o AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutput() AuditLogConfigArrayOutput

func (AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutputWithContext added in v0.11.0 

func (o AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutputWithContext(ctx context.Context) AuditLogConfigArrayOutput

type AuditLogConfigInput added in v0.11.0 

type AuditLogConfigInput interface {
	pulumi.Input

	ToAuditLogConfigOutput() AuditLogConfigOutput
	ToAuditLogConfigOutputWithContext(context.Context) AuditLogConfigOutput
}

AuditLogConfigInput is an input type that accepts AuditLogConfigArgs and AuditLogConfigOutput values. You can construct a concrete instance of `AuditLogConfigInput` via: 

AuditLogConfigArgs{...}

type AuditLogConfigLogType added in v0.11.0 

type AuditLogConfigLogType string

The log type that this config enables.

func (AuditLogConfigLogType) ElementType added in v0.11.0 

func (AuditLogConfigLogType) ElementType() reflect.Type

func (AuditLogConfigLogType) ToAuditLogConfigLogTypeOutput added in v0.11.0 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypeOutput() AuditLogConfigLogTypeOutput

func (AuditLogConfigLogType) ToAuditLogConfigLogTypeOutputWithContext added in v0.11.0 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypeOutputWithContext(ctx context.Context) AuditLogConfigLogTypeOutput

func (AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutput added in v0.11.0 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutputWithContext added in v0.11.0 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogType) ToStringOutput added in v0.11.0 

func (e AuditLogConfigLogType) ToStringOutput() pulumi.StringOutput

func (AuditLogConfigLogType) ToStringOutputWithContext added in v0.11.0 

func (e AuditLogConfigLogType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuditLogConfigLogType) ToStringPtrOutput added in v0.11.0 

func (e AuditLogConfigLogType) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuditLogConfigLogType) ToStringPtrOutputWithContext added in v0.11.0 

func (e AuditLogConfigLogType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuditLogConfigLogTypeInput added in v0.11.0 

type AuditLogConfigLogTypeInput interface {
	pulumi.Input

	ToAuditLogConfigLogTypeOutput() AuditLogConfigLogTypeOutput
	ToAuditLogConfigLogTypeOutputWithContext(context.Context) AuditLogConfigLogTypeOutput
}

AuditLogConfigLogTypeInput is an input type that accepts AuditLogConfigLogTypeArgs and AuditLogConfigLogTypeOutput values. You can construct a concrete instance of `AuditLogConfigLogTypeInput` via: 

AuditLogConfigLogTypeArgs{...}

type AuditLogConfigLogTypeOutput added in v0.11.0 

type AuditLogConfigLogTypeOutput struct{ *pulumi.OutputState }

func (AuditLogConfigLogTypeOutput) ElementType added in v0.11.0 

func (AuditLogConfigLogTypeOutput) ElementType() reflect.Type

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutput added in v0.11.0 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutput() AuditLogConfigLogTypeOutput

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutputWithContext added in v0.11.0 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutputWithContext(ctx context.Context) AuditLogConfigLogTypeOutput

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutput added in v0.11.0 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutputWithContext added in v0.11.0 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypeOutput) ToStringOutput added in v0.11.0 

func (o AuditLogConfigLogTypeOutput) ToStringOutput() pulumi.StringOutput

func (AuditLogConfigLogTypeOutput) ToStringOutputWithContext added in v0.11.0 

func (o AuditLogConfigLogTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuditLogConfigLogTypeOutput) ToStringPtrOutput added in v0.11.0 

func (o AuditLogConfigLogTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuditLogConfigLogTypeOutput) ToStringPtrOutputWithContext added in v0.11.0 

func (o AuditLogConfigLogTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuditLogConfigLogTypePtrInput added in v0.11.0 

type AuditLogConfigLogTypePtrInput interface {
	pulumi.Input

	ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput
	ToAuditLogConfigLogTypePtrOutputWithContext(context.Context) AuditLogConfigLogTypePtrOutput
}

func AuditLogConfigLogTypePtr added in v0.11.0 

func AuditLogConfigLogTypePtr(v string) AuditLogConfigLogTypePtrInput

type AuditLogConfigLogTypePtrOutput added in v0.11.0 

type AuditLogConfigLogTypePtrOutput struct{ *pulumi.OutputState }

func (AuditLogConfigLogTypePtrOutput) Elem added in v0.11.0 

func (o AuditLogConfigLogTypePtrOutput) Elem() AuditLogConfigLogTypeOutput

func (AuditLogConfigLogTypePtrOutput) ElementType added in v0.11.0 

func (AuditLogConfigLogTypePtrOutput) ElementType() reflect.Type

func (AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutput added in v0.11.0 

func (o AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutputWithContext added in v0.11.0 

func (o AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypePtrOutput) ToStringPtrOutput added in v0.11.0 

func (o AuditLogConfigLogTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuditLogConfigLogTypePtrOutput) ToStringPtrOutputWithContext added in v0.11.0 

func (o AuditLogConfigLogTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuditLogConfigOutput added in v0.11.0 

type AuditLogConfigOutput struct{ *pulumi.OutputState }

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (AuditLogConfigOutput) ElementType added in v0.11.0 

func (AuditLogConfigOutput) ElementType() reflect.Type

func (AuditLogConfigOutput) ExemptedMembers added in v0.11.0 

func (o AuditLogConfigOutput) ExemptedMembers() pulumi.StringArrayOutput

Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.

func (AuditLogConfigOutput) LogType added in v0.11.0 

func (o AuditLogConfigOutput) LogType() AuditLogConfigLogTypePtrOutput

The log type that this config enables.

func (AuditLogConfigOutput) ToAuditLogConfigOutput added in v0.11.0 

func (o AuditLogConfigOutput) ToAuditLogConfigOutput() AuditLogConfigOutput

func (AuditLogConfigOutput) ToAuditLogConfigOutputWithContext added in v0.11.0 

func (o AuditLogConfigOutput) ToAuditLogConfigOutputWithContext(ctx context.Context) AuditLogConfigOutput

type AuditLogConfigResponse added in v0.11.0 

type AuditLogConfigResponse struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType string `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

type AuditLogConfigResponseArrayOutput added in v0.11.0 

type AuditLogConfigResponseArrayOutput struct{ *pulumi.OutputState }

func (AuditLogConfigResponseArrayOutput) ElementType added in v0.11.0 

func (AuditLogConfigResponseArrayOutput) ElementType() reflect.Type

func (AuditLogConfigResponseArrayOutput) Index added in v0.11.0 

func (o AuditLogConfigResponseArrayOutput) Index(i pulumi.IntInput) AuditLogConfigResponseOutput

func (AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutput added in v0.11.0 

func (o AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutput() AuditLogConfigResponseArrayOutput

func (AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutputWithContext added in v0.11.0 

func (o AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutputWithContext(ctx context.Context) AuditLogConfigResponseArrayOutput

type AuditLogConfigResponseOutput added in v0.11.0 

type AuditLogConfigResponseOutput struct{ *pulumi.OutputState }

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (AuditLogConfigResponseOutput) ElementType added in v0.11.0 

func (AuditLogConfigResponseOutput) ElementType() reflect.Type

func (AuditLogConfigResponseOutput) ExemptedMembers added in v0.11.0 

func (o AuditLogConfigResponseOutput) ExemptedMembers() pulumi.StringArrayOutput

Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.

func (AuditLogConfigResponseOutput) LogType added in v0.11.0 

func (o AuditLogConfigResponseOutput) LogType() pulumi.StringOutput

The log type that this config enables.

func (AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutput added in v0.11.0 

func (o AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutput() AuditLogConfigResponseOutput

func (AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutputWithContext added in v0.11.0 

func (o AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutputWithContext(ctx context.Context) AuditLogConfigResponseOutput

type AuthorizedOrgsDesc added in v0.28.0 

type AuthorizedOrgsDesc struct {
	pulumi.CustomResourceState

	AccessPolicyId pulumi.StringOutput `pulumi:"accessPolicyId"`
	// The asset type of this authorized orgs desc. Valid values are `ASSET_TYPE_DEVICE`, and `ASSET_TYPE_CREDENTIAL_STRENGTH`.
	AssetType pulumi.StringOutput `pulumi:"assetType"`
	// The direction of the authorization relationship between this organization and the organizations listed in the `orgs` field. The valid values for this field include the following: `AUTHORIZATION_DIRECTION_FROM`: Allows this organization to evaluate traffic in the organizations listed in the `orgs` field. `AUTHORIZATION_DIRECTION_TO`: Allows the organizations listed in the `orgs` field to evaluate the traffic in this organization. For the authorization relationship to take effect, all of the organizations must authorize and specify the appropriate relationship direction. For example, if organization A authorized organization B and C to evaluate its traffic, by specifying `AUTHORIZATION_DIRECTION_TO` as the authorization direction, organizations B and C must specify `AUTHORIZATION_DIRECTION_FROM` as the authorization direction in their `AuthorizedOrgsDesc` resource.
	AuthorizationDirection pulumi.StringOutput `pulumi:"authorizationDirection"`
	// A granular control type for authorization levels. Valid value is `AUTHORIZATION_TYPE_TRUST`.
	AuthorizationType pulumi.StringOutput `pulumi:"authorizationType"`
	// Resource name for the `AuthorizedOrgsDesc`. Format: `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`. The `authorized_orgs_desc` component must begin with a letter, followed by alphanumeric characters or `_`. After you create an `AuthorizedOrgsDesc`, you cannot change its `name`.
	Name pulumi.StringOutput `pulumi:"name"`
	// The list of organization ids in this AuthorizedOrgsDesc. Format: `organizations/` Example: `organizations/123456`
	Orgs pulumi.StringArrayOutput `pulumi:"orgs"`
}

Creates an authorized orgs desc. The long-running operation from this RPC has a successful status after the authorized orgs desc propagates to long-lasting storage. If a authorized orgs desc contains errors, an error response is returned for the first error encountered. The name of this `AuthorizedOrgsDesc` will be assigned during creation.

func GetAuthorizedOrgsDesc added in v0.28.0 

func GetAuthorizedOrgsDesc(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthorizedOrgsDescState, opts ...pulumi.ResourceOption) (*AuthorizedOrgsDesc, error)

GetAuthorizedOrgsDesc gets an existing AuthorizedOrgsDesc resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthorizedOrgsDesc added in v0.28.0 

func NewAuthorizedOrgsDesc(ctx *pulumi.Context,
	name string, args *AuthorizedOrgsDescArgs, opts ...pulumi.ResourceOption) (*AuthorizedOrgsDesc, error)

NewAuthorizedOrgsDesc registers a new resource with the given unique name, arguments, and options.

func (*AuthorizedOrgsDesc) ElementType added in v0.28.0 

func (*AuthorizedOrgsDesc) ElementType() reflect.Type

func (*AuthorizedOrgsDesc) ToAuthorizedOrgsDescOutput added in v0.28.0 

func (i *AuthorizedOrgsDesc) ToAuthorizedOrgsDescOutput() AuthorizedOrgsDescOutput

func (*AuthorizedOrgsDesc) ToAuthorizedOrgsDescOutputWithContext added in v0.28.0 

func (i *AuthorizedOrgsDesc) ToAuthorizedOrgsDescOutputWithContext(ctx context.Context) AuthorizedOrgsDescOutput

type AuthorizedOrgsDescArgs added in v0.28.0 

type AuthorizedOrgsDescArgs struct {
	AccessPolicyId pulumi.StringInput
	// The asset type of this authorized orgs desc. Valid values are `ASSET_TYPE_DEVICE`, and `ASSET_TYPE_CREDENTIAL_STRENGTH`.
	AssetType AuthorizedOrgsDescAssetTypePtrInput
	// The direction of the authorization relationship between this organization and the organizations listed in the `orgs` field. The valid values for this field include the following: `AUTHORIZATION_DIRECTION_FROM`: Allows this organization to evaluate traffic in the organizations listed in the `orgs` field. `AUTHORIZATION_DIRECTION_TO`: Allows the organizations listed in the `orgs` field to evaluate the traffic in this organization. For the authorization relationship to take effect, all of the organizations must authorize and specify the appropriate relationship direction. For example, if organization A authorized organization B and C to evaluate its traffic, by specifying `AUTHORIZATION_DIRECTION_TO` as the authorization direction, organizations B and C must specify `AUTHORIZATION_DIRECTION_FROM` as the authorization direction in their `AuthorizedOrgsDesc` resource.
	AuthorizationDirection AuthorizedOrgsDescAuthorizationDirectionPtrInput
	// A granular control type for authorization levels. Valid value is `AUTHORIZATION_TYPE_TRUST`.
	AuthorizationType AuthorizedOrgsDescAuthorizationTypePtrInput
	// Resource name for the `AuthorizedOrgsDesc`. Format: `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`. The `authorized_orgs_desc` component must begin with a letter, followed by alphanumeric characters or `_`. After you create an `AuthorizedOrgsDesc`, you cannot change its `name`.
	Name pulumi.StringPtrInput
	// The list of organization ids in this AuthorizedOrgsDesc. Format: `organizations/` Example: `organizations/123456`
	Orgs pulumi.StringArrayInput
}

The set of arguments for constructing a AuthorizedOrgsDesc resource.

func (AuthorizedOrgsDescArgs) ElementType added in v0.28.0 

func (AuthorizedOrgsDescArgs) ElementType() reflect.Type

type AuthorizedOrgsDescAssetType added in v0.28.0 

type AuthorizedOrgsDescAssetType string

The asset type of this authorized orgs desc. Valid values are `ASSET_TYPE_DEVICE`, and `ASSET_TYPE_CREDENTIAL_STRENGTH`.

func (AuthorizedOrgsDescAssetType) ElementType added in v0.28.0 

func (AuthorizedOrgsDescAssetType) ElementType() reflect.Type

func (AuthorizedOrgsDescAssetType) ToAuthorizedOrgsDescAssetTypeOutput added in v0.28.0 

func (e AuthorizedOrgsDescAssetType) ToAuthorizedOrgsDescAssetTypeOutput() AuthorizedOrgsDescAssetTypeOutput

func (AuthorizedOrgsDescAssetType) ToAuthorizedOrgsDescAssetTypeOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAssetType) ToAuthorizedOrgsDescAssetTypeOutputWithContext(ctx context.Context) AuthorizedOrgsDescAssetTypeOutput

func (AuthorizedOrgsDescAssetType) ToAuthorizedOrgsDescAssetTypePtrOutput added in v0.28.0 

func (e AuthorizedOrgsDescAssetType) ToAuthorizedOrgsDescAssetTypePtrOutput() AuthorizedOrgsDescAssetTypePtrOutput

func (AuthorizedOrgsDescAssetType) ToAuthorizedOrgsDescAssetTypePtrOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAssetType) ToAuthorizedOrgsDescAssetTypePtrOutputWithContext(ctx context.Context) AuthorizedOrgsDescAssetTypePtrOutput

func (AuthorizedOrgsDescAssetType) ToStringOutput added in v0.28.0 

func (e AuthorizedOrgsDescAssetType) ToStringOutput() pulumi.StringOutput

func (AuthorizedOrgsDescAssetType) ToStringOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAssetType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuthorizedOrgsDescAssetType) ToStringPtrOutput added in v0.28.0 

func (e AuthorizedOrgsDescAssetType) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizedOrgsDescAssetType) ToStringPtrOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAssetType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizedOrgsDescAssetTypeInput added in v0.28.0 

type AuthorizedOrgsDescAssetTypeInput interface {
	pulumi.Input

	ToAuthorizedOrgsDescAssetTypeOutput() AuthorizedOrgsDescAssetTypeOutput
	ToAuthorizedOrgsDescAssetTypeOutputWithContext(context.Context) AuthorizedOrgsDescAssetTypeOutput
}

AuthorizedOrgsDescAssetTypeInput is an input type that accepts AuthorizedOrgsDescAssetTypeArgs and AuthorizedOrgsDescAssetTypeOutput values. You can construct a concrete instance of `AuthorizedOrgsDescAssetTypeInput` via: 

AuthorizedOrgsDescAssetTypeArgs{...}

type AuthorizedOrgsDescAssetTypeOutput added in v0.28.0 

type AuthorizedOrgsDescAssetTypeOutput struct{ *pulumi.OutputState }

func (AuthorizedOrgsDescAssetTypeOutput) ElementType added in v0.28.0 

func (AuthorizedOrgsDescAssetTypeOutput) ElementType() reflect.Type

func (AuthorizedOrgsDescAssetTypeOutput) ToAuthorizedOrgsDescAssetTypeOutput added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypeOutput) ToAuthorizedOrgsDescAssetTypeOutput() AuthorizedOrgsDescAssetTypeOutput

func (AuthorizedOrgsDescAssetTypeOutput) ToAuthorizedOrgsDescAssetTypeOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypeOutput) ToAuthorizedOrgsDescAssetTypeOutputWithContext(ctx context.Context) AuthorizedOrgsDescAssetTypeOutput

func (AuthorizedOrgsDescAssetTypeOutput) ToAuthorizedOrgsDescAssetTypePtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypeOutput) ToAuthorizedOrgsDescAssetTypePtrOutput() AuthorizedOrgsDescAssetTypePtrOutput

func (AuthorizedOrgsDescAssetTypeOutput) ToAuthorizedOrgsDescAssetTypePtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypeOutput) ToAuthorizedOrgsDescAssetTypePtrOutputWithContext(ctx context.Context) AuthorizedOrgsDescAssetTypePtrOutput

func (AuthorizedOrgsDescAssetTypeOutput) ToStringOutput added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypeOutput) ToStringOutput() pulumi.StringOutput

func (AuthorizedOrgsDescAssetTypeOutput) ToStringOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuthorizedOrgsDescAssetTypeOutput) ToStringPtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizedOrgsDescAssetTypeOutput) ToStringPtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizedOrgsDescAssetTypePtrInput added in v0.28.0 

type AuthorizedOrgsDescAssetTypePtrInput interface {
	pulumi.Input

	ToAuthorizedOrgsDescAssetTypePtrOutput() AuthorizedOrgsDescAssetTypePtrOutput
	ToAuthorizedOrgsDescAssetTypePtrOutputWithContext(context.Context) AuthorizedOrgsDescAssetTypePtrOutput
}

func AuthorizedOrgsDescAssetTypePtr added in v0.28.0 

func AuthorizedOrgsDescAssetTypePtr(v string) AuthorizedOrgsDescAssetTypePtrInput

type AuthorizedOrgsDescAssetTypePtrOutput added in v0.28.0 

type AuthorizedOrgsDescAssetTypePtrOutput struct{ *pulumi.OutputState }

func (AuthorizedOrgsDescAssetTypePtrOutput) Elem added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypePtrOutput) Elem() AuthorizedOrgsDescAssetTypeOutput

func (AuthorizedOrgsDescAssetTypePtrOutput) ElementType added in v0.28.0 

func (AuthorizedOrgsDescAssetTypePtrOutput) ElementType() reflect.Type

func (AuthorizedOrgsDescAssetTypePtrOutput) ToAuthorizedOrgsDescAssetTypePtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypePtrOutput) ToAuthorizedOrgsDescAssetTypePtrOutput() AuthorizedOrgsDescAssetTypePtrOutput

func (AuthorizedOrgsDescAssetTypePtrOutput) ToAuthorizedOrgsDescAssetTypePtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypePtrOutput) ToAuthorizedOrgsDescAssetTypePtrOutputWithContext(ctx context.Context) AuthorizedOrgsDescAssetTypePtrOutput

func (AuthorizedOrgsDescAssetTypePtrOutput) ToStringPtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizedOrgsDescAssetTypePtrOutput) ToStringPtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAssetTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizedOrgsDescAuthorizationDirection added in v0.28.0 

type AuthorizedOrgsDescAuthorizationDirection string

The direction of the authorization relationship between this organization and the organizations listed in the `orgs` field. The valid values for this field include the following: `AUTHORIZATION_DIRECTION_FROM`: Allows this organization to evaluate traffic in the organizations listed in the `orgs` field. `AUTHORIZATION_DIRECTION_TO`: Allows the organizations listed in the `orgs` field to evaluate the traffic in this organization. For the authorization relationship to take effect, all of the organizations must authorize and specify the appropriate relationship direction. For example, if organization A authorized organization B and C to evaluate its traffic, by specifying `AUTHORIZATION_DIRECTION_TO` as the authorization direction, organizations B and C must specify `AUTHORIZATION_DIRECTION_FROM` as the authorization direction in their `AuthorizedOrgsDesc` resource.

func (AuthorizedOrgsDescAuthorizationDirection) ElementType added in v0.28.0 

func (AuthorizedOrgsDescAuthorizationDirection) ElementType() reflect.Type

func (AuthorizedOrgsDescAuthorizationDirection) ToAuthorizedOrgsDescAuthorizationDirectionOutput added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationDirection) ToAuthorizedOrgsDescAuthorizationDirectionOutput() AuthorizedOrgsDescAuthorizationDirectionOutput

func (AuthorizedOrgsDescAuthorizationDirection) ToAuthorizedOrgsDescAuthorizationDirectionOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationDirection) ToAuthorizedOrgsDescAuthorizationDirectionOutputWithContext(ctx context.Context) AuthorizedOrgsDescAuthorizationDirectionOutput

func (AuthorizedOrgsDescAuthorizationDirection) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutput added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationDirection) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutput() AuthorizedOrgsDescAuthorizationDirectionPtrOutput

func (AuthorizedOrgsDescAuthorizationDirection) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationDirection) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutputWithContext(ctx context.Context) AuthorizedOrgsDescAuthorizationDirectionPtrOutput

func (AuthorizedOrgsDescAuthorizationDirection) ToStringOutput added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationDirection) ToStringOutput() pulumi.StringOutput

func (AuthorizedOrgsDescAuthorizationDirection) ToStringOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationDirection) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuthorizedOrgsDescAuthorizationDirection) ToStringPtrOutput added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationDirection) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizedOrgsDescAuthorizationDirection) ToStringPtrOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationDirection) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizedOrgsDescAuthorizationDirectionInput added in v0.28.0 

type AuthorizedOrgsDescAuthorizationDirectionInput interface {
	pulumi.Input

	ToAuthorizedOrgsDescAuthorizationDirectionOutput() AuthorizedOrgsDescAuthorizationDirectionOutput
	ToAuthorizedOrgsDescAuthorizationDirectionOutputWithContext(context.Context) AuthorizedOrgsDescAuthorizationDirectionOutput
}

AuthorizedOrgsDescAuthorizationDirectionInput is an input type that accepts AuthorizedOrgsDescAuthorizationDirectionArgs and AuthorizedOrgsDescAuthorizationDirectionOutput values. You can construct a concrete instance of `AuthorizedOrgsDescAuthorizationDirectionInput` via: 

AuthorizedOrgsDescAuthorizationDirectionArgs{...}

type AuthorizedOrgsDescAuthorizationDirectionOutput added in v0.28.0 

type AuthorizedOrgsDescAuthorizationDirectionOutput struct{ *pulumi.OutputState }

func (AuthorizedOrgsDescAuthorizationDirectionOutput) ElementType added in v0.28.0 

func (AuthorizedOrgsDescAuthorizationDirectionOutput) ElementType() reflect.Type

func (AuthorizedOrgsDescAuthorizationDirectionOutput) ToAuthorizedOrgsDescAuthorizationDirectionOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionOutput) ToAuthorizedOrgsDescAuthorizationDirectionOutput() AuthorizedOrgsDescAuthorizationDirectionOutput

func (AuthorizedOrgsDescAuthorizationDirectionOutput) ToAuthorizedOrgsDescAuthorizationDirectionOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionOutput) ToAuthorizedOrgsDescAuthorizationDirectionOutputWithContext(ctx context.Context) AuthorizedOrgsDescAuthorizationDirectionOutput

func (AuthorizedOrgsDescAuthorizationDirectionOutput) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionOutput) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutput() AuthorizedOrgsDescAuthorizationDirectionPtrOutput

func (AuthorizedOrgsDescAuthorizationDirectionOutput) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionOutput) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutputWithContext(ctx context.Context) AuthorizedOrgsDescAuthorizationDirectionPtrOutput

func (AuthorizedOrgsDescAuthorizationDirectionOutput) ToStringOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionOutput) ToStringOutput() pulumi.StringOutput

func (AuthorizedOrgsDescAuthorizationDirectionOutput) ToStringOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuthorizedOrgsDescAuthorizationDirectionOutput) ToStringPtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizedOrgsDescAuthorizationDirectionOutput) ToStringPtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizedOrgsDescAuthorizationDirectionPtrInput added in v0.28.0 

type AuthorizedOrgsDescAuthorizationDirectionPtrInput interface {
	pulumi.Input

	ToAuthorizedOrgsDescAuthorizationDirectionPtrOutput() AuthorizedOrgsDescAuthorizationDirectionPtrOutput
	ToAuthorizedOrgsDescAuthorizationDirectionPtrOutputWithContext(context.Context) AuthorizedOrgsDescAuthorizationDirectionPtrOutput
}

func AuthorizedOrgsDescAuthorizationDirectionPtr added in v0.28.0 

func AuthorizedOrgsDescAuthorizationDirectionPtr(v string) AuthorizedOrgsDescAuthorizationDirectionPtrInput

type AuthorizedOrgsDescAuthorizationDirectionPtrOutput added in v0.28.0 

type AuthorizedOrgsDescAuthorizationDirectionPtrOutput struct{ *pulumi.OutputState }

func (AuthorizedOrgsDescAuthorizationDirectionPtrOutput) Elem added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionPtrOutput) Elem() AuthorizedOrgsDescAuthorizationDirectionOutput

func (AuthorizedOrgsDescAuthorizationDirectionPtrOutput) ElementType added in v0.28.0 

func (AuthorizedOrgsDescAuthorizationDirectionPtrOutput) ElementType() reflect.Type

func (AuthorizedOrgsDescAuthorizationDirectionPtrOutput) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionPtrOutput) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutput() AuthorizedOrgsDescAuthorizationDirectionPtrOutput

func (AuthorizedOrgsDescAuthorizationDirectionPtrOutput) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionPtrOutput) ToAuthorizedOrgsDescAuthorizationDirectionPtrOutputWithContext(ctx context.Context) AuthorizedOrgsDescAuthorizationDirectionPtrOutput

func (AuthorizedOrgsDescAuthorizationDirectionPtrOutput) ToStringPtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizedOrgsDescAuthorizationDirectionPtrOutput) ToStringPtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationDirectionPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizedOrgsDescAuthorizationType added in v0.28.0 

type AuthorizedOrgsDescAuthorizationType string

A granular control type for authorization levels. Valid value is `AUTHORIZATION_TYPE_TRUST`.

func (AuthorizedOrgsDescAuthorizationType) ElementType added in v0.28.0 

func (AuthorizedOrgsDescAuthorizationType) ElementType() reflect.Type

func (AuthorizedOrgsDescAuthorizationType) ToAuthorizedOrgsDescAuthorizationTypeOutput added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationType) ToAuthorizedOrgsDescAuthorizationTypeOutput() AuthorizedOrgsDescAuthorizationTypeOutput

func (AuthorizedOrgsDescAuthorizationType) ToAuthorizedOrgsDescAuthorizationTypeOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationType) ToAuthorizedOrgsDescAuthorizationTypeOutputWithContext(ctx context.Context) AuthorizedOrgsDescAuthorizationTypeOutput

func (AuthorizedOrgsDescAuthorizationType) ToAuthorizedOrgsDescAuthorizationTypePtrOutput added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationType) ToAuthorizedOrgsDescAuthorizationTypePtrOutput() AuthorizedOrgsDescAuthorizationTypePtrOutput

func (AuthorizedOrgsDescAuthorizationType) ToAuthorizedOrgsDescAuthorizationTypePtrOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationType) ToAuthorizedOrgsDescAuthorizationTypePtrOutputWithContext(ctx context.Context) AuthorizedOrgsDescAuthorizationTypePtrOutput

func (AuthorizedOrgsDescAuthorizationType) ToStringOutput added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationType) ToStringOutput() pulumi.StringOutput

func (AuthorizedOrgsDescAuthorizationType) ToStringOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuthorizedOrgsDescAuthorizationType) ToStringPtrOutput added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationType) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizedOrgsDescAuthorizationType) ToStringPtrOutputWithContext added in v0.28.0 

func (e AuthorizedOrgsDescAuthorizationType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizedOrgsDescAuthorizationTypeInput added in v0.28.0 

type AuthorizedOrgsDescAuthorizationTypeInput interface {
	pulumi.Input

	ToAuthorizedOrgsDescAuthorizationTypeOutput() AuthorizedOrgsDescAuthorizationTypeOutput
	ToAuthorizedOrgsDescAuthorizationTypeOutputWithContext(context.Context) AuthorizedOrgsDescAuthorizationTypeOutput
}

AuthorizedOrgsDescAuthorizationTypeInput is an input type that accepts AuthorizedOrgsDescAuthorizationTypeArgs and AuthorizedOrgsDescAuthorizationTypeOutput values. You can construct a concrete instance of `AuthorizedOrgsDescAuthorizationTypeInput` via: 

AuthorizedOrgsDescAuthorizationTypeArgs{...}

type AuthorizedOrgsDescAuthorizationTypeOutput added in v0.28.0 

type AuthorizedOrgsDescAuthorizationTypeOutput struct{ *pulumi.OutputState }

func (AuthorizedOrgsDescAuthorizationTypeOutput) ElementType added in v0.28.0 

func (AuthorizedOrgsDescAuthorizationTypeOutput) ElementType() reflect.Type

func (AuthorizedOrgsDescAuthorizationTypeOutput) ToAuthorizedOrgsDescAuthorizationTypeOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypeOutput) ToAuthorizedOrgsDescAuthorizationTypeOutput() AuthorizedOrgsDescAuthorizationTypeOutput

func (AuthorizedOrgsDescAuthorizationTypeOutput) ToAuthorizedOrgsDescAuthorizationTypeOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypeOutput) ToAuthorizedOrgsDescAuthorizationTypeOutputWithContext(ctx context.Context) AuthorizedOrgsDescAuthorizationTypeOutput

func (AuthorizedOrgsDescAuthorizationTypeOutput) ToAuthorizedOrgsDescAuthorizationTypePtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypeOutput) ToAuthorizedOrgsDescAuthorizationTypePtrOutput() AuthorizedOrgsDescAuthorizationTypePtrOutput

func (AuthorizedOrgsDescAuthorizationTypeOutput) ToAuthorizedOrgsDescAuthorizationTypePtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypeOutput) ToAuthorizedOrgsDescAuthorizationTypePtrOutputWithContext(ctx context.Context) AuthorizedOrgsDescAuthorizationTypePtrOutput

func (AuthorizedOrgsDescAuthorizationTypeOutput) ToStringOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypeOutput) ToStringOutput() pulumi.StringOutput

func (AuthorizedOrgsDescAuthorizationTypeOutput) ToStringOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuthorizedOrgsDescAuthorizationTypeOutput) ToStringPtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizedOrgsDescAuthorizationTypeOutput) ToStringPtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizedOrgsDescAuthorizationTypePtrInput added in v0.28.0 

type AuthorizedOrgsDescAuthorizationTypePtrInput interface {
	pulumi.Input

	ToAuthorizedOrgsDescAuthorizationTypePtrOutput() AuthorizedOrgsDescAuthorizationTypePtrOutput
	ToAuthorizedOrgsDescAuthorizationTypePtrOutputWithContext(context.Context) AuthorizedOrgsDescAuthorizationTypePtrOutput
}

func AuthorizedOrgsDescAuthorizationTypePtr added in v0.28.0 

func AuthorizedOrgsDescAuthorizationTypePtr(v string) AuthorizedOrgsDescAuthorizationTypePtrInput

type AuthorizedOrgsDescAuthorizationTypePtrOutput added in v0.28.0 

type AuthorizedOrgsDescAuthorizationTypePtrOutput struct{ *pulumi.OutputState }

func (AuthorizedOrgsDescAuthorizationTypePtrOutput) Elem added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypePtrOutput) Elem() AuthorizedOrgsDescAuthorizationTypeOutput

func (AuthorizedOrgsDescAuthorizationTypePtrOutput) ElementType added in v0.28.0 

func (AuthorizedOrgsDescAuthorizationTypePtrOutput) ElementType() reflect.Type

func (AuthorizedOrgsDescAuthorizationTypePtrOutput) ToAuthorizedOrgsDescAuthorizationTypePtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypePtrOutput) ToAuthorizedOrgsDescAuthorizationTypePtrOutput() AuthorizedOrgsDescAuthorizationTypePtrOutput

func (AuthorizedOrgsDescAuthorizationTypePtrOutput) ToAuthorizedOrgsDescAuthorizationTypePtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypePtrOutput) ToAuthorizedOrgsDescAuthorizationTypePtrOutputWithContext(ctx context.Context) AuthorizedOrgsDescAuthorizationTypePtrOutput

func (AuthorizedOrgsDescAuthorizationTypePtrOutput) ToStringPtrOutput added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizedOrgsDescAuthorizationTypePtrOutput) ToStringPtrOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescAuthorizationTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizedOrgsDescInput added in v0.28.0 

type AuthorizedOrgsDescInput interface {
	pulumi.Input

	ToAuthorizedOrgsDescOutput() AuthorizedOrgsDescOutput
	ToAuthorizedOrgsDescOutputWithContext(ctx context.Context) AuthorizedOrgsDescOutput
}

type AuthorizedOrgsDescOutput added in v0.28.0 

type AuthorizedOrgsDescOutput struct{ *pulumi.OutputState }

func (AuthorizedOrgsDescOutput) AccessPolicyId added in v0.28.0 

func (o AuthorizedOrgsDescOutput) AccessPolicyId() pulumi.StringOutput

func (AuthorizedOrgsDescOutput) AssetType added in v0.28.0 

func (o AuthorizedOrgsDescOutput) AssetType() pulumi.StringOutput

The asset type of this authorized orgs desc. Valid values are `ASSET_TYPE_DEVICE`, and `ASSET_TYPE_CREDENTIAL_STRENGTH`.

func (AuthorizedOrgsDescOutput) AuthorizationDirection added in v0.28.0 

func (o AuthorizedOrgsDescOutput) AuthorizationDirection() pulumi.StringOutput

The direction of the authorization relationship between this organization and the organizations listed in the `orgs` field. The valid values for this field include the following: `AUTHORIZATION_DIRECTION_FROM`: Allows this organization to evaluate traffic in the organizations listed in the `orgs` field. `AUTHORIZATION_DIRECTION_TO`: Allows the organizations listed in the `orgs` field to evaluate the traffic in this organization. For the authorization relationship to take effect, all of the organizations must authorize and specify the appropriate relationship direction. For example, if organization A authorized organization B and C to evaluate its traffic, by specifying `AUTHORIZATION_DIRECTION_TO` as the authorization direction, organizations B and C must specify `AUTHORIZATION_DIRECTION_FROM` as the authorization direction in their `AuthorizedOrgsDesc` resource.

func (AuthorizedOrgsDescOutput) AuthorizationType added in v0.28.0 

func (o AuthorizedOrgsDescOutput) AuthorizationType() pulumi.StringOutput

A granular control type for authorization levels. Valid value is `AUTHORIZATION_TYPE_TRUST`.

func (AuthorizedOrgsDescOutput) ElementType added in v0.28.0 

func (AuthorizedOrgsDescOutput) ElementType() reflect.Type

func (AuthorizedOrgsDescOutput) Name added in v0.28.0 

func (o AuthorizedOrgsDescOutput) Name() pulumi.StringOutput

Resource name for the `AuthorizedOrgsDesc`. Format: `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`. The `authorized_orgs_desc` component must begin with a letter, followed by alphanumeric characters or `_`. After you create an `AuthorizedOrgsDesc`, you cannot change its `name`.

func (AuthorizedOrgsDescOutput) Orgs added in v0.28.0 

func (o AuthorizedOrgsDescOutput) Orgs() pulumi.StringArrayOutput

The list of organization ids in this AuthorizedOrgsDesc. Format: `organizations/` Example: `organizations/123456`

func (AuthorizedOrgsDescOutput) ToAuthorizedOrgsDescOutput added in v0.28.0 

func (o AuthorizedOrgsDescOutput) ToAuthorizedOrgsDescOutput() AuthorizedOrgsDescOutput

func (AuthorizedOrgsDescOutput) ToAuthorizedOrgsDescOutputWithContext added in v0.28.0 

func (o AuthorizedOrgsDescOutput) ToAuthorizedOrgsDescOutputWithContext(ctx context.Context) AuthorizedOrgsDescOutput

type AuthorizedOrgsDescState added in v0.28.0 

type AuthorizedOrgsDescState struct {
}

func (AuthorizedOrgsDescState) ElementType added in v0.28.0 

func (AuthorizedOrgsDescState) ElementType() reflect.Type

type BasicLevel 

type BasicLevel struct {
	// How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND.
	CombiningFunction *BasicLevelCombiningFunction `pulumi:"combiningFunction"`
	// A list of requirements for the `AccessLevel` to be granted.
	Conditions []Condition `pulumi:"conditions"`
}

`BasicLevel` is an `AccessLevel` using a set of recommended features.

type BasicLevelArgs 

type BasicLevelArgs struct {
	// How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND.
	CombiningFunction BasicLevelCombiningFunctionPtrInput `pulumi:"combiningFunction"`
	// A list of requirements for the `AccessLevel` to be granted.
	Conditions ConditionArrayInput `pulumi:"conditions"`
}

`BasicLevel` is an `AccessLevel` using a set of recommended features.

func (BasicLevelArgs) ElementType 

func (BasicLevelArgs) ElementType() reflect.Type

func (BasicLevelArgs) ToBasicLevelOutput 

func (i BasicLevelArgs) ToBasicLevelOutput() BasicLevelOutput

func (BasicLevelArgs) ToBasicLevelOutputWithContext 

func (i BasicLevelArgs) ToBasicLevelOutputWithContext(ctx context.Context) BasicLevelOutput

func (BasicLevelArgs) ToBasicLevelPtrOutput 

func (i BasicLevelArgs) ToBasicLevelPtrOutput() BasicLevelPtrOutput

func (BasicLevelArgs) ToBasicLevelPtrOutputWithContext 

func (i BasicLevelArgs) ToBasicLevelPtrOutputWithContext(ctx context.Context) BasicLevelPtrOutput

type BasicLevelCombiningFunction added in v0.4.0 

type BasicLevelCombiningFunction string

How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND.

func (BasicLevelCombiningFunction) ElementType added in v0.4.0 

func (BasicLevelCombiningFunction) ElementType() reflect.Type

func (BasicLevelCombiningFunction) ToBasicLevelCombiningFunctionOutput added in v0.6.0 

func (e BasicLevelCombiningFunction) ToBasicLevelCombiningFunctionOutput() BasicLevelCombiningFunctionOutput

func (BasicLevelCombiningFunction) ToBasicLevelCombiningFunctionOutputWithContext added in v0.6.0 

func (e BasicLevelCombiningFunction) ToBasicLevelCombiningFunctionOutputWithContext(ctx context.Context) BasicLevelCombiningFunctionOutput

func (BasicLevelCombiningFunction) ToBasicLevelCombiningFunctionPtrOutput added in v0.6.0 

func (e BasicLevelCombiningFunction) ToBasicLevelCombiningFunctionPtrOutput() BasicLevelCombiningFunctionPtrOutput

func (BasicLevelCombiningFunction) ToBasicLevelCombiningFunctionPtrOutputWithContext added in v0.6.0 

func (e BasicLevelCombiningFunction) ToBasicLevelCombiningFunctionPtrOutputWithContext(ctx context.Context) BasicLevelCombiningFunctionPtrOutput

func (BasicLevelCombiningFunction) ToStringOutput added in v0.4.0 

func (e BasicLevelCombiningFunction) ToStringOutput() pulumi.StringOutput

func (BasicLevelCombiningFunction) ToStringOutputWithContext added in v0.4.0 

func (e BasicLevelCombiningFunction) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (BasicLevelCombiningFunction) ToStringPtrOutput added in v0.4.0 

func (e BasicLevelCombiningFunction) ToStringPtrOutput() pulumi.StringPtrOutput

func (BasicLevelCombiningFunction) ToStringPtrOutputWithContext added in v0.4.0 

func (e BasicLevelCombiningFunction) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type BasicLevelCombiningFunctionInput added in v0.6.0 

type BasicLevelCombiningFunctionInput interface {
	pulumi.Input

	ToBasicLevelCombiningFunctionOutput() BasicLevelCombiningFunctionOutput
	ToBasicLevelCombiningFunctionOutputWithContext(context.Context) BasicLevelCombiningFunctionOutput
}

BasicLevelCombiningFunctionInput is an input type that accepts BasicLevelCombiningFunctionArgs and BasicLevelCombiningFunctionOutput values. You can construct a concrete instance of `BasicLevelCombiningFunctionInput` via: 

BasicLevelCombiningFunctionArgs{...}

type BasicLevelCombiningFunctionOutput added in v0.6.0 

type BasicLevelCombiningFunctionOutput struct{ *pulumi.OutputState }

func (BasicLevelCombiningFunctionOutput) ElementType added in v0.6.0 

func (BasicLevelCombiningFunctionOutput) ElementType() reflect.Type

func (BasicLevelCombiningFunctionOutput) ToBasicLevelCombiningFunctionOutput added in v0.6.0 

func (o BasicLevelCombiningFunctionOutput) ToBasicLevelCombiningFunctionOutput() BasicLevelCombiningFunctionOutput

func (BasicLevelCombiningFunctionOutput) ToBasicLevelCombiningFunctionOutputWithContext added in v0.6.0 

func (o BasicLevelCombiningFunctionOutput) ToBasicLevelCombiningFunctionOutputWithContext(ctx context.Context) BasicLevelCombiningFunctionOutput

func (BasicLevelCombiningFunctionOutput) ToBasicLevelCombiningFunctionPtrOutput added in v0.6.0 

func (o BasicLevelCombiningFunctionOutput) ToBasicLevelCombiningFunctionPtrOutput() BasicLevelCombiningFunctionPtrOutput

func (BasicLevelCombiningFunctionOutput) ToBasicLevelCombiningFunctionPtrOutputWithContext added in v0.6.0 

func (o BasicLevelCombiningFunctionOutput) ToBasicLevelCombiningFunctionPtrOutputWithContext(ctx context.Context) BasicLevelCombiningFunctionPtrOutput

func (BasicLevelCombiningFunctionOutput) ToStringOutput added in v0.6.0 

func (o BasicLevelCombiningFunctionOutput) ToStringOutput() pulumi.StringOutput

func (BasicLevelCombiningFunctionOutput) ToStringOutputWithContext added in v0.6.0 

func (o BasicLevelCombiningFunctionOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (BasicLevelCombiningFunctionOutput) ToStringPtrOutput added in v0.6.0 

func (o BasicLevelCombiningFunctionOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (BasicLevelCombiningFunctionOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o BasicLevelCombiningFunctionOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type BasicLevelCombiningFunctionPtrInput added in v0.6.0 

type BasicLevelCombiningFunctionPtrInput interface {
	pulumi.Input

	ToBasicLevelCombiningFunctionPtrOutput() BasicLevelCombiningFunctionPtrOutput
	ToBasicLevelCombiningFunctionPtrOutputWithContext(context.Context) BasicLevelCombiningFunctionPtrOutput
}

func BasicLevelCombiningFunctionPtr added in v0.6.0 

func BasicLevelCombiningFunctionPtr(v string) BasicLevelCombiningFunctionPtrInput

type BasicLevelCombiningFunctionPtrOutput added in v0.6.0 

type BasicLevelCombiningFunctionPtrOutput struct{ *pulumi.OutputState }

func (BasicLevelCombiningFunctionPtrOutput) Elem added in v0.6.0 

func (o BasicLevelCombiningFunctionPtrOutput) Elem() BasicLevelCombiningFunctionOutput

func (BasicLevelCombiningFunctionPtrOutput) ElementType added in v0.6.0 

func (BasicLevelCombiningFunctionPtrOutput) ElementType() reflect.Type

func (BasicLevelCombiningFunctionPtrOutput) ToBasicLevelCombiningFunctionPtrOutput added in v0.6.0 

func (o BasicLevelCombiningFunctionPtrOutput) ToBasicLevelCombiningFunctionPtrOutput() BasicLevelCombiningFunctionPtrOutput

func (BasicLevelCombiningFunctionPtrOutput) ToBasicLevelCombiningFunctionPtrOutputWithContext added in v0.6.0 

func (o BasicLevelCombiningFunctionPtrOutput) ToBasicLevelCombiningFunctionPtrOutputWithContext(ctx context.Context) BasicLevelCombiningFunctionPtrOutput

func (BasicLevelCombiningFunctionPtrOutput) ToStringPtrOutput added in v0.6.0 

func (o BasicLevelCombiningFunctionPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (BasicLevelCombiningFunctionPtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o BasicLevelCombiningFunctionPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type BasicLevelInput 

type BasicLevelInput interface {
	pulumi.Input

	ToBasicLevelOutput() BasicLevelOutput
	ToBasicLevelOutputWithContext(context.Context) BasicLevelOutput
}

BasicLevelInput is an input type that accepts BasicLevelArgs and BasicLevelOutput values. You can construct a concrete instance of `BasicLevelInput` via: 

BasicLevelArgs{...}

type BasicLevelOutput 

type BasicLevelOutput struct{ *pulumi.OutputState }

`BasicLevel` is an `AccessLevel` using a set of recommended features.

func (BasicLevelOutput) CombiningFunction 

func (o BasicLevelOutput) CombiningFunction() BasicLevelCombiningFunctionPtrOutput

How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND.

func (BasicLevelOutput) Conditions 

func (o BasicLevelOutput) Conditions() ConditionArrayOutput

A list of requirements for the `AccessLevel` to be granted.

func (BasicLevelOutput) ElementType 

func (BasicLevelOutput) ElementType() reflect.Type

func (BasicLevelOutput) ToBasicLevelOutput 

func (o BasicLevelOutput) ToBasicLevelOutput() BasicLevelOutput

func (BasicLevelOutput) ToBasicLevelOutputWithContext 

func (o BasicLevelOutput) ToBasicLevelOutputWithContext(ctx context.Context) BasicLevelOutput

func (BasicLevelOutput) ToBasicLevelPtrOutput 

func (o BasicLevelOutput) ToBasicLevelPtrOutput() BasicLevelPtrOutput

func (BasicLevelOutput) ToBasicLevelPtrOutputWithContext 

func (o BasicLevelOutput) ToBasicLevelPtrOutputWithContext(ctx context.Context) BasicLevelPtrOutput

type BasicLevelPtrInput 

type BasicLevelPtrInput interface {
	pulumi.Input

	ToBasicLevelPtrOutput() BasicLevelPtrOutput
	ToBasicLevelPtrOutputWithContext(context.Context) BasicLevelPtrOutput
}

BasicLevelPtrInput is an input type that accepts BasicLevelArgs, BasicLevelPtr and BasicLevelPtrOutput values. You can construct a concrete instance of `BasicLevelPtrInput` via: 

        BasicLevelArgs{...}

or:

        nil

func BasicLevelPtr 

func BasicLevelPtr(v *BasicLevelArgs) BasicLevelPtrInput

type BasicLevelPtrOutput 

type BasicLevelPtrOutput struct{ *pulumi.OutputState }

func (BasicLevelPtrOutput) CombiningFunction 

func (o BasicLevelPtrOutput) CombiningFunction() BasicLevelCombiningFunctionPtrOutput

How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND.

func (BasicLevelPtrOutput) Conditions 

func (o BasicLevelPtrOutput) Conditions() ConditionArrayOutput

A list of requirements for the `AccessLevel` to be granted.

func (BasicLevelPtrOutput) Elem 

func (o BasicLevelPtrOutput) Elem() BasicLevelOutput

func (BasicLevelPtrOutput) ElementType 

func (BasicLevelPtrOutput) ElementType() reflect.Type

func (BasicLevelPtrOutput) ToBasicLevelPtrOutput 

func (o BasicLevelPtrOutput) ToBasicLevelPtrOutput() BasicLevelPtrOutput

func (BasicLevelPtrOutput) ToBasicLevelPtrOutputWithContext 

func (o BasicLevelPtrOutput) ToBasicLevelPtrOutputWithContext(ctx context.Context) BasicLevelPtrOutput

type BasicLevelResponse 

type BasicLevelResponse struct {
	// How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND.
	CombiningFunction string `pulumi:"combiningFunction"`
	// A list of requirements for the `AccessLevel` to be granted.
	Conditions []ConditionResponse `pulumi:"conditions"`
}

`BasicLevel` is an `AccessLevel` using a set of recommended features.

type BasicLevelResponseOutput 

type BasicLevelResponseOutput struct{ *pulumi.OutputState }

`BasicLevel` is an `AccessLevel` using a set of recommended features.

func (BasicLevelResponseOutput) CombiningFunction 

func (o BasicLevelResponseOutput) CombiningFunction() pulumi.StringOutput

How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND.

func (BasicLevelResponseOutput) Conditions 

func (o BasicLevelResponseOutput) Conditions() ConditionResponseArrayOutput

A list of requirements for the `AccessLevel` to be granted.

func (BasicLevelResponseOutput) ElementType 

func (BasicLevelResponseOutput) ElementType() reflect.Type

func (BasicLevelResponseOutput) ToBasicLevelResponseOutput 

func (o BasicLevelResponseOutput) ToBasicLevelResponseOutput() BasicLevelResponseOutput

func (BasicLevelResponseOutput) ToBasicLevelResponseOutputWithContext 

func (o BasicLevelResponseOutput) ToBasicLevelResponseOutputWithContext(ctx context.Context) BasicLevelResponseOutput

type Binding added in v0.11.0 

type Binding struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition *Expr `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members []string `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role *string `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

type BindingArgs added in v0.11.0 

type BindingArgs struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition ExprPtrInput `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members pulumi.StringArrayInput `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringPtrInput `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

func (BindingArgs) ElementType added in v0.11.0 

func (BindingArgs) ElementType() reflect.Type

func (BindingArgs) ToBindingOutput added in v0.11.0 

func (i BindingArgs) ToBindingOutput() BindingOutput

func (BindingArgs) ToBindingOutputWithContext added in v0.11.0 

func (i BindingArgs) ToBindingOutputWithContext(ctx context.Context) BindingOutput

type BindingArray added in v0.11.0 

type BindingArray []BindingInput

func (BindingArray) ElementType added in v0.11.0 

func (BindingArray) ElementType() reflect.Type

func (BindingArray) ToBindingArrayOutput added in v0.11.0 

func (i BindingArray) ToBindingArrayOutput() BindingArrayOutput

func (BindingArray) ToBindingArrayOutputWithContext added in v0.11.0 

func (i BindingArray) ToBindingArrayOutputWithContext(ctx context.Context) BindingArrayOutput

type BindingArrayInput added in v0.11.0 

type BindingArrayInput interface {
	pulumi.Input

	ToBindingArrayOutput() BindingArrayOutput
	ToBindingArrayOutputWithContext(context.Context) BindingArrayOutput
}

BindingArrayInput is an input type that accepts BindingArray and BindingArrayOutput values. You can construct a concrete instance of `BindingArrayInput` via: 

BindingArray{ BindingArgs{...} }

type BindingArrayOutput added in v0.11.0 

type BindingArrayOutput struct{ *pulumi.OutputState }

func (BindingArrayOutput) ElementType added in v0.11.0 

func (BindingArrayOutput) ElementType() reflect.Type

func (BindingArrayOutput) Index added in v0.11.0 

func (o BindingArrayOutput) Index(i pulumi.IntInput) BindingOutput

func (BindingArrayOutput) ToBindingArrayOutput added in v0.11.0 

func (o BindingArrayOutput) ToBindingArrayOutput() BindingArrayOutput

func (BindingArrayOutput) ToBindingArrayOutputWithContext added in v0.11.0 

func (o BindingArrayOutput) ToBindingArrayOutputWithContext(ctx context.Context) BindingArrayOutput

type BindingInput added in v0.11.0 

type BindingInput interface {
	pulumi.Input

	ToBindingOutput() BindingOutput
	ToBindingOutputWithContext(context.Context) BindingOutput
}

BindingInput is an input type that accepts BindingArgs and BindingOutput values. You can construct a concrete instance of `BindingInput` via: 

BindingArgs{...}

type BindingOutput added in v0.11.0 

type BindingOutput struct{ *pulumi.OutputState }

Associates `members`, or principals, with a `role`.

func (BindingOutput) Condition added in v0.11.0 

func (o BindingOutput) Condition() ExprPtrOutput

The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

func (BindingOutput) ElementType added in v0.11.0 

func (BindingOutput) ElementType() reflect.Type

func (BindingOutput) Members added in v0.11.0 

func (o BindingOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (BindingOutput) Role added in v0.11.0 

func (o BindingOutput) Role() pulumi.StringPtrOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (BindingOutput) ToBindingOutput added in v0.11.0 

func (o BindingOutput) ToBindingOutput() BindingOutput

func (BindingOutput) ToBindingOutputWithContext added in v0.11.0 

func (o BindingOutput) ToBindingOutputWithContext(ctx context.Context) BindingOutput

type BindingResponse added in v0.11.0 

type BindingResponse struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition ExprResponse `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members []string `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role string `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

type BindingResponseArrayOutput added in v0.11.0 

type BindingResponseArrayOutput struct{ *pulumi.OutputState }

func (BindingResponseArrayOutput) ElementType added in v0.11.0 

func (BindingResponseArrayOutput) ElementType() reflect.Type

func (BindingResponseArrayOutput) Index added in v0.11.0 

func (o BindingResponseArrayOutput) Index(i pulumi.IntInput) BindingResponseOutput

func (BindingResponseArrayOutput) ToBindingResponseArrayOutput added in v0.11.0 

func (o BindingResponseArrayOutput) ToBindingResponseArrayOutput() BindingResponseArrayOutput

func (BindingResponseArrayOutput) ToBindingResponseArrayOutputWithContext added in v0.11.0 

func (o BindingResponseArrayOutput) ToBindingResponseArrayOutputWithContext(ctx context.Context) BindingResponseArrayOutput

type BindingResponseOutput added in v0.11.0 

type BindingResponseOutput struct{ *pulumi.OutputState }

Associates `members`, or principals, with a `role`.

func (BindingResponseOutput) Condition added in v0.11.0 

func (o BindingResponseOutput) Condition() ExprResponseOutput

The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

func (BindingResponseOutput) ElementType added in v0.11.0 

func (BindingResponseOutput) ElementType() reflect.Type

func (BindingResponseOutput) Members added in v0.11.0 

func (o BindingResponseOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (BindingResponseOutput) Role added in v0.11.0 

func (o BindingResponseOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (BindingResponseOutput) ToBindingResponseOutput added in v0.11.0 

func (o BindingResponseOutput) ToBindingResponseOutput() BindingResponseOutput

func (BindingResponseOutput) ToBindingResponseOutputWithContext added in v0.11.0 

func (o BindingResponseOutput) ToBindingResponseOutputWithContext(ctx context.Context) BindingResponseOutput

type Condition 

type Condition struct {
	// Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.
	DevicePolicy *DevicePolicy `pulumi:"devicePolicy"`
	// CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.
	IpSubnetworks []string `pulumi:"ipSubnetworks"`
	// The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: `user:{emailid}` `serviceAccount:{emailid}` If not specified, a request may come from any user.
	Members []string `pulumi:"members"`
	// Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false.
	Negate *bool `pulumi:"negate"`
	// The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.
	Regions []string `pulumi:"regions"`
	// A list of other access levels defined in the same `Policy`, referenced by resource name. Referencing an `AccessLevel` which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"`
	RequiredAccessLevels []string `pulumi:"requiredAccessLevels"`
	// The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.
	VpcNetworkSources []VpcNetworkSource `pulumi:"vpcNetworkSources"`
}

A condition necessary for an `AccessLevel` to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.

type ConditionArgs 

type ConditionArgs struct {
	// Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.
	DevicePolicy DevicePolicyPtrInput `pulumi:"devicePolicy"`
	// CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.
	IpSubnetworks pulumi.StringArrayInput `pulumi:"ipSubnetworks"`
	// The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: `user:{emailid}` `serviceAccount:{emailid}` If not specified, a request may come from any user.
	Members pulumi.StringArrayInput `pulumi:"members"`
	// Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false.
	Negate pulumi.BoolPtrInput `pulumi:"negate"`
	// The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.
	Regions pulumi.StringArrayInput `pulumi:"regions"`
	// A list of other access levels defined in the same `Policy`, referenced by resource name. Referencing an `AccessLevel` which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"`
	RequiredAccessLevels pulumi.StringArrayInput `pulumi:"requiredAccessLevels"`
	// The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.
	VpcNetworkSources VpcNetworkSourceArrayInput `pulumi:"vpcNetworkSources"`
}

A condition necessary for an `AccessLevel` to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.

func (ConditionArgs) ElementType 

func (ConditionArgs) ElementType() reflect.Type

func (ConditionArgs) ToConditionOutput 

func (i ConditionArgs) ToConditionOutput() ConditionOutput

func (ConditionArgs) ToConditionOutputWithContext 

func (i ConditionArgs) ToConditionOutputWithContext(ctx context.Context) ConditionOutput

type ConditionArray 

type ConditionArray []ConditionInput

func (ConditionArray) ElementType 

func (ConditionArray) ElementType() reflect.Type

func (ConditionArray) ToConditionArrayOutput 

func (i ConditionArray) ToConditionArrayOutput() ConditionArrayOutput

func (ConditionArray) ToConditionArrayOutputWithContext 

func (i ConditionArray) ToConditionArrayOutputWithContext(ctx context.Context) ConditionArrayOutput

type ConditionArrayInput 

type ConditionArrayInput interface {
	pulumi.Input

	ToConditionArrayOutput() ConditionArrayOutput
	ToConditionArrayOutputWithContext(context.Context) ConditionArrayOutput
}

ConditionArrayInput is an input type that accepts ConditionArray and ConditionArrayOutput values. You can construct a concrete instance of `ConditionArrayInput` via: 

ConditionArray{ ConditionArgs{...} }

type ConditionArrayOutput 

type ConditionArrayOutput struct{ *pulumi.OutputState }

func (ConditionArrayOutput) ElementType 

func (ConditionArrayOutput) ElementType() reflect.Type

func (ConditionArrayOutput) Index 

func (o ConditionArrayOutput) Index(i pulumi.IntInput) ConditionOutput

func (ConditionArrayOutput) ToConditionArrayOutput 

func (o ConditionArrayOutput) ToConditionArrayOutput() ConditionArrayOutput

func (ConditionArrayOutput) ToConditionArrayOutputWithContext 

func (o ConditionArrayOutput) ToConditionArrayOutputWithContext(ctx context.Context) ConditionArrayOutput

type ConditionInput 

type ConditionInput interface {
	pulumi.Input

	ToConditionOutput() ConditionOutput
	ToConditionOutputWithContext(context.Context) ConditionOutput
}

ConditionInput is an input type that accepts ConditionArgs and ConditionOutput values. You can construct a concrete instance of `ConditionInput` via: 

ConditionArgs{...}

type ConditionOutput 

type ConditionOutput struct{ *pulumi.OutputState }

A condition necessary for an `AccessLevel` to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.

func (ConditionOutput) DevicePolicy 

func (o ConditionOutput) DevicePolicy() DevicePolicyPtrOutput

Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

func (ConditionOutput) ElementType 

func (ConditionOutput) ElementType() reflect.Type

func (ConditionOutput) IpSubnetworks 

func (o ConditionOutput) IpSubnetworks() pulumi.StringArrayOutput

CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

func (ConditionOutput) Members 

func (o ConditionOutput) Members() pulumi.StringArrayOutput

The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: `user:{emailid}` `serviceAccount:{emailid}` If not specified, a request may come from any user.

func (ConditionOutput) Negate 

func (o ConditionOutput) Negate() pulumi.BoolPtrOutput

Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false.

func (ConditionOutput) Regions 

func (o ConditionOutput) Regions() pulumi.StringArrayOutput

The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

func (ConditionOutput) RequiredAccessLevels 

func (o ConditionOutput) RequiredAccessLevels() pulumi.StringArrayOutput

A list of other access levels defined in the same `Policy`, referenced by resource name. Referencing an `AccessLevel` which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"`

func (ConditionOutput) ToConditionOutput 

func (o ConditionOutput) ToConditionOutput() ConditionOutput

func (ConditionOutput) ToConditionOutputWithContext 

func (o ConditionOutput) ToConditionOutputWithContext(ctx context.Context) ConditionOutput

func (ConditionOutput) VpcNetworkSources added in v0.32.0 

func (o ConditionOutput) VpcNetworkSources() VpcNetworkSourceArrayOutput

The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.

type ConditionResponse 

type ConditionResponse struct {
	// Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.
	DevicePolicy DevicePolicyResponse `pulumi:"devicePolicy"`
	// CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.
	IpSubnetworks []string `pulumi:"ipSubnetworks"`
	// The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: `user:{emailid}` `serviceAccount:{emailid}` If not specified, a request may come from any user.
	Members []string `pulumi:"members"`
	// Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false.
	Negate bool `pulumi:"negate"`
	// The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.
	Regions []string `pulumi:"regions"`
	// A list of other access levels defined in the same `Policy`, referenced by resource name. Referencing an `AccessLevel` which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"`
	RequiredAccessLevels []string `pulumi:"requiredAccessLevels"`
	// The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.
	VpcNetworkSources []VpcNetworkSourceResponse `pulumi:"vpcNetworkSources"`
}

A condition necessary for an `AccessLevel` to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.

type ConditionResponseArrayOutput 

type ConditionResponseArrayOutput struct{ *pulumi.OutputState }

func (ConditionResponseArrayOutput) ElementType 

func (ConditionResponseArrayOutput) ElementType() reflect.Type

func (ConditionResponseArrayOutput) Index 

func (o ConditionResponseArrayOutput) Index(i pulumi.IntInput) ConditionResponseOutput

func (ConditionResponseArrayOutput) ToConditionResponseArrayOutput 

func (o ConditionResponseArrayOutput) ToConditionResponseArrayOutput() ConditionResponseArrayOutput

func (ConditionResponseArrayOutput) ToConditionResponseArrayOutputWithContext 

func (o ConditionResponseArrayOutput) ToConditionResponseArrayOutputWithContext(ctx context.Context) ConditionResponseArrayOutput

type ConditionResponseOutput 

type ConditionResponseOutput struct{ *pulumi.OutputState }

A condition necessary for an `AccessLevel` to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.

func (ConditionResponseOutput) DevicePolicy 

func (o ConditionResponseOutput) DevicePolicy() DevicePolicyResponseOutput

Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

func (ConditionResponseOutput) ElementType 

func (ConditionResponseOutput) ElementType() reflect.Type

func (ConditionResponseOutput) IpSubnetworks 

func (o ConditionResponseOutput) IpSubnetworks() pulumi.StringArrayOutput

CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

func (ConditionResponseOutput) Members 

func (o ConditionResponseOutput) Members() pulumi.StringArrayOutput

The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: `user:{emailid}` `serviceAccount:{emailid}` If not specified, a request may come from any user.

func (ConditionResponseOutput) Negate 

func (o ConditionResponseOutput) Negate() pulumi.BoolOutput

Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false.

func (ConditionResponseOutput) Regions 

func (o ConditionResponseOutput) Regions() pulumi.StringArrayOutput

The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

func (ConditionResponseOutput) RequiredAccessLevels 

func (o ConditionResponseOutput) RequiredAccessLevels() pulumi.StringArrayOutput

A list of other access levels defined in the same `Policy`, referenced by resource name. Referencing an `AccessLevel` which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"`

func (ConditionResponseOutput) ToConditionResponseOutput 

func (o ConditionResponseOutput) ToConditionResponseOutput() ConditionResponseOutput

func (ConditionResponseOutput) ToConditionResponseOutputWithContext 

func (o ConditionResponseOutput) ToConditionResponseOutputWithContext(ctx context.Context) ConditionResponseOutput

func (ConditionResponseOutput) VpcNetworkSources added in v0.32.0 

func (o ConditionResponseOutput) VpcNetworkSources() VpcNetworkSourceResponseArrayOutput

The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`.

type CustomLevel 

type CustomLevel struct {
	// A Cloud CEL expression evaluating to a boolean.
	Expr Expr `pulumi:"expr"`
}

`CustomLevel` is an `AccessLevel` using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec

type CustomLevelArgs 

type CustomLevelArgs struct {
	// A Cloud CEL expression evaluating to a boolean.
	Expr ExprInput `pulumi:"expr"`
}

`CustomLevel` is an `AccessLevel` using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec

func (CustomLevelArgs) ElementType 

func (CustomLevelArgs) ElementType() reflect.Type

func (CustomLevelArgs) ToCustomLevelOutput 

func (i CustomLevelArgs) ToCustomLevelOutput() CustomLevelOutput

func (CustomLevelArgs) ToCustomLevelOutputWithContext 

func (i CustomLevelArgs) ToCustomLevelOutputWithContext(ctx context.Context) CustomLevelOutput

func (CustomLevelArgs) ToCustomLevelPtrOutput 

func (i CustomLevelArgs) ToCustomLevelPtrOutput() CustomLevelPtrOutput

func (CustomLevelArgs) ToCustomLevelPtrOutputWithContext 

func (i CustomLevelArgs) ToCustomLevelPtrOutputWithContext(ctx context.Context) CustomLevelPtrOutput

type CustomLevelInput 

type CustomLevelInput interface {
	pulumi.Input

	ToCustomLevelOutput() CustomLevelOutput
	ToCustomLevelOutputWithContext(context.Context) CustomLevelOutput
}

CustomLevelInput is an input type that accepts CustomLevelArgs and CustomLevelOutput values. You can construct a concrete instance of `CustomLevelInput` via: 

CustomLevelArgs{...}

type CustomLevelOutput 

type CustomLevelOutput struct{ *pulumi.OutputState }

`CustomLevel` is an `AccessLevel` using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec

func (CustomLevelOutput) ElementType 

func (CustomLevelOutput) ElementType() reflect.Type

func (CustomLevelOutput) Expr 

func (o CustomLevelOutput) Expr() ExprOutput

A Cloud CEL expression evaluating to a boolean.

func (CustomLevelOutput) ToCustomLevelOutput 

func (o CustomLevelOutput) ToCustomLevelOutput() CustomLevelOutput

func (CustomLevelOutput) ToCustomLevelOutputWithContext 

func (o CustomLevelOutput) ToCustomLevelOutputWithContext(ctx context.Context) CustomLevelOutput

func (CustomLevelOutput) ToCustomLevelPtrOutput 

func (o CustomLevelOutput) ToCustomLevelPtrOutput() CustomLevelPtrOutput

func (CustomLevelOutput) ToCustomLevelPtrOutputWithContext 

func (o CustomLevelOutput) ToCustomLevelPtrOutputWithContext(ctx context.Context) CustomLevelPtrOutput

type CustomLevelPtrInput 

type CustomLevelPtrInput interface {
	pulumi.Input

	ToCustomLevelPtrOutput() CustomLevelPtrOutput
	ToCustomLevelPtrOutputWithContext(context.Context) CustomLevelPtrOutput
}

CustomLevelPtrInput is an input type that accepts CustomLevelArgs, CustomLevelPtr and CustomLevelPtrOutput values. You can construct a concrete instance of `CustomLevelPtrInput` via: 

        CustomLevelArgs{...}

or:

        nil

func CustomLevelPtr 

func CustomLevelPtr(v *CustomLevelArgs) CustomLevelPtrInput

type CustomLevelPtrOutput 

type CustomLevelPtrOutput struct{ *pulumi.OutputState }

func (CustomLevelPtrOutput) Elem 

func (o CustomLevelPtrOutput) Elem() CustomLevelOutput

func (CustomLevelPtrOutput) ElementType 

func (CustomLevelPtrOutput) ElementType() reflect.Type

func (CustomLevelPtrOutput) Expr 

func (o CustomLevelPtrOutput) Expr() ExprPtrOutput

A Cloud CEL expression evaluating to a boolean.

func (CustomLevelPtrOutput) ToCustomLevelPtrOutput 

func (o CustomLevelPtrOutput) ToCustomLevelPtrOutput() CustomLevelPtrOutput

func (CustomLevelPtrOutput) ToCustomLevelPtrOutputWithContext 

func (o CustomLevelPtrOutput) ToCustomLevelPtrOutputWithContext(ctx context.Context) CustomLevelPtrOutput

type CustomLevelResponse 

type CustomLevelResponse struct {
	// A Cloud CEL expression evaluating to a boolean.
	Expr ExprResponse `pulumi:"expr"`
}

`CustomLevel` is an `AccessLevel` using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec

type CustomLevelResponseOutput 

type CustomLevelResponseOutput struct{ *pulumi.OutputState }

`CustomLevel` is an `AccessLevel` using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec

func (CustomLevelResponseOutput) ElementType 

func (CustomLevelResponseOutput) ElementType() reflect.Type

func (CustomLevelResponseOutput) Expr 

func (o CustomLevelResponseOutput) Expr() ExprResponseOutput

A Cloud CEL expression evaluating to a boolean.

func (CustomLevelResponseOutput) ToCustomLevelResponseOutput 

func (o CustomLevelResponseOutput) ToCustomLevelResponseOutput() CustomLevelResponseOutput

func (CustomLevelResponseOutput) ToCustomLevelResponseOutputWithContext 

func (o CustomLevelResponseOutput) ToCustomLevelResponseOutputWithContext(ctx context.Context) CustomLevelResponseOutput

type DevicePolicy 

type DevicePolicy struct {
	// Allowed device management levels, an empty list allows all management levels.
	AllowedDeviceManagementLevels []DevicePolicyAllowedDeviceManagementLevelsItem `pulumi:"allowedDeviceManagementLevels"`
	// Allowed encryptions statuses, an empty list allows all statuses.
	AllowedEncryptionStatuses []DevicePolicyAllowedEncryptionStatusesItem `pulumi:"allowedEncryptionStatuses"`
	// Allowed OS versions, an empty list allows all types and all versions.
	OsConstraints []OsConstraint `pulumi:"osConstraints"`
	// Whether the device needs to be approved by the customer admin.
	RequireAdminApproval *bool `pulumi:"requireAdminApproval"`
	// Whether the device needs to be corp owned.
	RequireCorpOwned *bool `pulumi:"requireCorpOwned"`
	// Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`.
	RequireScreenlock *bool `pulumi:"requireScreenlock"`
}

`DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.

type DevicePolicyAllowedDeviceManagementLevelsItem added in v0.4.0 

type DevicePolicyAllowedDeviceManagementLevelsItem string

func (DevicePolicyAllowedDeviceManagementLevelsItem) ElementType added in v0.4.0 

func (DevicePolicyAllowedDeviceManagementLevelsItem) ElementType() reflect.Type

func (DevicePolicyAllowedDeviceManagementLevelsItem) ToDevicePolicyAllowedDeviceManagementLevelsItemOutput added in v0.6.0 

func (e DevicePolicyAllowedDeviceManagementLevelsItem) ToDevicePolicyAllowedDeviceManagementLevelsItemOutput() DevicePolicyAllowedDeviceManagementLevelsItemOutput

func (DevicePolicyAllowedDeviceManagementLevelsItem) ToDevicePolicyAllowedDeviceManagementLevelsItemOutputWithContext added in v0.6.0 

func (e DevicePolicyAllowedDeviceManagementLevelsItem) ToDevicePolicyAllowedDeviceManagementLevelsItemOutputWithContext(ctx context.Context) DevicePolicyAllowedDeviceManagementLevelsItemOutput

func (DevicePolicyAllowedDeviceManagementLevelsItem) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutput added in v0.6.0 

func (e DevicePolicyAllowedDeviceManagementLevelsItem) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutput() DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput

func (DevicePolicyAllowedDeviceManagementLevelsItem) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutputWithContext added in v0.6.0 

func (e DevicePolicyAllowedDeviceManagementLevelsItem) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutputWithContext(ctx context.Context) DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput

func (DevicePolicyAllowedDeviceManagementLevelsItem) ToStringOutput added in v0.4.0 

func (e DevicePolicyAllowedDeviceManagementLevelsItem) ToStringOutput() pulumi.StringOutput

func (DevicePolicyAllowedDeviceManagementLevelsItem) ToStringOutputWithContext added in v0.4.0 

func (e DevicePolicyAllowedDeviceManagementLevelsItem) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (DevicePolicyAllowedDeviceManagementLevelsItem) ToStringPtrOutput added in v0.4.0 

func (e DevicePolicyAllowedDeviceManagementLevelsItem) ToStringPtrOutput() pulumi.StringPtrOutput

func (DevicePolicyAllowedDeviceManagementLevelsItem) ToStringPtrOutputWithContext added in v0.4.0 

func (e DevicePolicyAllowedDeviceManagementLevelsItem) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type DevicePolicyAllowedDeviceManagementLevelsItemArray added in v0.4.0 

type DevicePolicyAllowedDeviceManagementLevelsItemArray []DevicePolicyAllowedDeviceManagementLevelsItem

func (DevicePolicyAllowedDeviceManagementLevelsItemArray) ElementType added in v0.4.0 

func (DevicePolicyAllowedDeviceManagementLevelsItemArray) ElementType() reflect.Type

func (DevicePolicyAllowedDeviceManagementLevelsItemArray) ToDevicePolicyAllowedDeviceManagementLevelsItemArrayOutput added in v0.4.0 

func (i DevicePolicyAllowedDeviceManagementLevelsItemArray) ToDevicePolicyAllowedDeviceManagementLevelsItemArrayOutput() DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemArray) ToDevicePolicyAllowedDeviceManagementLevelsItemArrayOutputWithContext added in v0.4.0 

func (i DevicePolicyAllowedDeviceManagementLevelsItemArray) ToDevicePolicyAllowedDeviceManagementLevelsItemArrayOutputWithContext(ctx context.Context) DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput

type DevicePolicyAllowedDeviceManagementLevelsItemArrayInput added in v0.4.0 

type DevicePolicyAllowedDeviceManagementLevelsItemArrayInput interface {
	pulumi.Input

	ToDevicePolicyAllowedDeviceManagementLevelsItemArrayOutput() DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput
	ToDevicePolicyAllowedDeviceManagementLevelsItemArrayOutputWithContext(context.Context) DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput
}

DevicePolicyAllowedDeviceManagementLevelsItemArrayInput is an input type that accepts DevicePolicyAllowedDeviceManagementLevelsItemArray and DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput values. You can construct a concrete instance of `DevicePolicyAllowedDeviceManagementLevelsItemArrayInput` via: 

DevicePolicyAllowedDeviceManagementLevelsItemArray{ DevicePolicyAllowedDeviceManagementLevelsItemArgs{...} }

type DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput added in v0.4.0 

type DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput struct{ *pulumi.OutputState }

func (DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput) ElementType added in v0.4.0 

func (DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput) ElementType() reflect.Type

func (DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput) Index added in v0.4.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput) Index(i pulumi.IntInput) DevicePolicyAllowedDeviceManagementLevelsItemOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemArrayOutput added in v0.4.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemArrayOutput() DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemArrayOutputWithContext added in v0.4.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemArrayOutputWithContext(ctx context.Context) DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput

type DevicePolicyAllowedDeviceManagementLevelsItemInput added in v0.6.0 

type DevicePolicyAllowedDeviceManagementLevelsItemInput interface {
	pulumi.Input

	ToDevicePolicyAllowedDeviceManagementLevelsItemOutput() DevicePolicyAllowedDeviceManagementLevelsItemOutput
	ToDevicePolicyAllowedDeviceManagementLevelsItemOutputWithContext(context.Context) DevicePolicyAllowedDeviceManagementLevelsItemOutput
}

DevicePolicyAllowedDeviceManagementLevelsItemInput is an input type that accepts DevicePolicyAllowedDeviceManagementLevelsItemArgs and DevicePolicyAllowedDeviceManagementLevelsItemOutput values. You can construct a concrete instance of `DevicePolicyAllowedDeviceManagementLevelsItemInput` via: 

DevicePolicyAllowedDeviceManagementLevelsItemArgs{...}

type DevicePolicyAllowedDeviceManagementLevelsItemOutput added in v0.6.0 

type DevicePolicyAllowedDeviceManagementLevelsItemOutput struct{ *pulumi.OutputState }

func (DevicePolicyAllowedDeviceManagementLevelsItemOutput) ElementType added in v0.6.0 

func (DevicePolicyAllowedDeviceManagementLevelsItemOutput) ElementType() reflect.Type

func (DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemOutput added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemOutput() DevicePolicyAllowedDeviceManagementLevelsItemOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemOutputWithContext(ctx context.Context) DevicePolicyAllowedDeviceManagementLevelsItemOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutput added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutput() DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutputWithContext(ctx context.Context) DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToStringOutput added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToStringOutput() pulumi.StringOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToStringOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToStringPtrOutput added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type DevicePolicyAllowedDeviceManagementLevelsItemPtrInput added in v0.6.0 

type DevicePolicyAllowedDeviceManagementLevelsItemPtrInput interface {
	pulumi.Input

	ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutput() DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput
	ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutputWithContext(context.Context) DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput
}

func DevicePolicyAllowedDeviceManagementLevelsItemPtr added in v0.6.0 

func DevicePolicyAllowedDeviceManagementLevelsItemPtr(v string) DevicePolicyAllowedDeviceManagementLevelsItemPtrInput

type DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput added in v0.6.0 

type DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput struct{ *pulumi.OutputState }

func (DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) Elem added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) Elem() DevicePolicyAllowedDeviceManagementLevelsItemOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) ElementType added in v0.6.0 

func (DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) ElementType() reflect.Type

func (DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutput added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutput() DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) ToDevicePolicyAllowedDeviceManagementLevelsItemPtrOutputWithContext(ctx context.Context) DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) ToStringPtrOutput added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedDeviceManagementLevelsItemPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type DevicePolicyAllowedEncryptionStatusesItem added in v0.4.0 

type DevicePolicyAllowedEncryptionStatusesItem string

func (DevicePolicyAllowedEncryptionStatusesItem) ElementType added in v0.4.0 

func (DevicePolicyAllowedEncryptionStatusesItem) ElementType() reflect.Type

func (DevicePolicyAllowedEncryptionStatusesItem) ToDevicePolicyAllowedEncryptionStatusesItemOutput added in v0.6.0 

func (e DevicePolicyAllowedEncryptionStatusesItem) ToDevicePolicyAllowedEncryptionStatusesItemOutput() DevicePolicyAllowedEncryptionStatusesItemOutput

func (DevicePolicyAllowedEncryptionStatusesItem) ToDevicePolicyAllowedEncryptionStatusesItemOutputWithContext added in v0.6.0 

func (e DevicePolicyAllowedEncryptionStatusesItem) ToDevicePolicyAllowedEncryptionStatusesItemOutputWithContext(ctx context.Context) DevicePolicyAllowedEncryptionStatusesItemOutput

func (DevicePolicyAllowedEncryptionStatusesItem) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutput added in v0.6.0 

func (e DevicePolicyAllowedEncryptionStatusesItem) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutput() DevicePolicyAllowedEncryptionStatusesItemPtrOutput

func (DevicePolicyAllowedEncryptionStatusesItem) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutputWithContext added in v0.6.0 

func (e DevicePolicyAllowedEncryptionStatusesItem) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutputWithContext(ctx context.Context) DevicePolicyAllowedEncryptionStatusesItemPtrOutput

func (DevicePolicyAllowedEncryptionStatusesItem) ToStringOutput added in v0.4.0 

func (e DevicePolicyAllowedEncryptionStatusesItem) ToStringOutput() pulumi.StringOutput

func (DevicePolicyAllowedEncryptionStatusesItem) ToStringOutputWithContext added in v0.4.0 

func (e DevicePolicyAllowedEncryptionStatusesItem) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (DevicePolicyAllowedEncryptionStatusesItem) ToStringPtrOutput added in v0.4.0 

func (e DevicePolicyAllowedEncryptionStatusesItem) ToStringPtrOutput() pulumi.StringPtrOutput

func (DevicePolicyAllowedEncryptionStatusesItem) ToStringPtrOutputWithContext added in v0.4.0 

func (e DevicePolicyAllowedEncryptionStatusesItem) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type DevicePolicyAllowedEncryptionStatusesItemArray added in v0.4.0 

type DevicePolicyAllowedEncryptionStatusesItemArray []DevicePolicyAllowedEncryptionStatusesItem

func (DevicePolicyAllowedEncryptionStatusesItemArray) ElementType added in v0.4.0 

func (DevicePolicyAllowedEncryptionStatusesItemArray) ElementType() reflect.Type

func (DevicePolicyAllowedEncryptionStatusesItemArray) ToDevicePolicyAllowedEncryptionStatusesItemArrayOutput added in v0.4.0 

func (i DevicePolicyAllowedEncryptionStatusesItemArray) ToDevicePolicyAllowedEncryptionStatusesItemArrayOutput() DevicePolicyAllowedEncryptionStatusesItemArrayOutput

func (DevicePolicyAllowedEncryptionStatusesItemArray) ToDevicePolicyAllowedEncryptionStatusesItemArrayOutputWithContext added in v0.4.0 

func (i DevicePolicyAllowedEncryptionStatusesItemArray) ToDevicePolicyAllowedEncryptionStatusesItemArrayOutputWithContext(ctx context.Context) DevicePolicyAllowedEncryptionStatusesItemArrayOutput

type DevicePolicyAllowedEncryptionStatusesItemArrayInput added in v0.4.0 

type DevicePolicyAllowedEncryptionStatusesItemArrayInput interface {
	pulumi.Input

	ToDevicePolicyAllowedEncryptionStatusesItemArrayOutput() DevicePolicyAllowedEncryptionStatusesItemArrayOutput
	ToDevicePolicyAllowedEncryptionStatusesItemArrayOutputWithContext(context.Context) DevicePolicyAllowedEncryptionStatusesItemArrayOutput
}

DevicePolicyAllowedEncryptionStatusesItemArrayInput is an input type that accepts DevicePolicyAllowedEncryptionStatusesItemArray and DevicePolicyAllowedEncryptionStatusesItemArrayOutput values. You can construct a concrete instance of `DevicePolicyAllowedEncryptionStatusesItemArrayInput` via: 

DevicePolicyAllowedEncryptionStatusesItemArray{ DevicePolicyAllowedEncryptionStatusesItemArgs{...} }

type DevicePolicyAllowedEncryptionStatusesItemArrayOutput added in v0.4.0 

type DevicePolicyAllowedEncryptionStatusesItemArrayOutput struct{ *pulumi.OutputState }

func (DevicePolicyAllowedEncryptionStatusesItemArrayOutput) ElementType added in v0.4.0 

func (DevicePolicyAllowedEncryptionStatusesItemArrayOutput) ElementType() reflect.Type

func (DevicePolicyAllowedEncryptionStatusesItemArrayOutput) Index added in v0.4.0 

func (o DevicePolicyAllowedEncryptionStatusesItemArrayOutput) Index(i pulumi.IntInput) DevicePolicyAllowedEncryptionStatusesItemOutput

func (DevicePolicyAllowedEncryptionStatusesItemArrayOutput) ToDevicePolicyAllowedEncryptionStatusesItemArrayOutput added in v0.4.0 

func (o DevicePolicyAllowedEncryptionStatusesItemArrayOutput) ToDevicePolicyAllowedEncryptionStatusesItemArrayOutput() DevicePolicyAllowedEncryptionStatusesItemArrayOutput

func (DevicePolicyAllowedEncryptionStatusesItemArrayOutput) ToDevicePolicyAllowedEncryptionStatusesItemArrayOutputWithContext added in v0.4.0 

func (o DevicePolicyAllowedEncryptionStatusesItemArrayOutput) ToDevicePolicyAllowedEncryptionStatusesItemArrayOutputWithContext(ctx context.Context) DevicePolicyAllowedEncryptionStatusesItemArrayOutput

type DevicePolicyAllowedEncryptionStatusesItemInput added in v0.6.0 

type DevicePolicyAllowedEncryptionStatusesItemInput interface {
	pulumi.Input

	ToDevicePolicyAllowedEncryptionStatusesItemOutput() DevicePolicyAllowedEncryptionStatusesItemOutput
	ToDevicePolicyAllowedEncryptionStatusesItemOutputWithContext(context.Context) DevicePolicyAllowedEncryptionStatusesItemOutput
}

DevicePolicyAllowedEncryptionStatusesItemInput is an input type that accepts DevicePolicyAllowedEncryptionStatusesItemArgs and DevicePolicyAllowedEncryptionStatusesItemOutput values. You can construct a concrete instance of `DevicePolicyAllowedEncryptionStatusesItemInput` via: 

DevicePolicyAllowedEncryptionStatusesItemArgs{...}

type DevicePolicyAllowedEncryptionStatusesItemOutput added in v0.6.0 

type DevicePolicyAllowedEncryptionStatusesItemOutput struct{ *pulumi.OutputState }

func (DevicePolicyAllowedEncryptionStatusesItemOutput) ElementType added in v0.6.0 

func (DevicePolicyAllowedEncryptionStatusesItemOutput) ElementType() reflect.Type

func (DevicePolicyAllowedEncryptionStatusesItemOutput) ToDevicePolicyAllowedEncryptionStatusesItemOutput added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemOutput) ToDevicePolicyAllowedEncryptionStatusesItemOutput() DevicePolicyAllowedEncryptionStatusesItemOutput

func (DevicePolicyAllowedEncryptionStatusesItemOutput) ToDevicePolicyAllowedEncryptionStatusesItemOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemOutput) ToDevicePolicyAllowedEncryptionStatusesItemOutputWithContext(ctx context.Context) DevicePolicyAllowedEncryptionStatusesItemOutput

func (DevicePolicyAllowedEncryptionStatusesItemOutput) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutput added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemOutput) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutput() DevicePolicyAllowedEncryptionStatusesItemPtrOutput

func (DevicePolicyAllowedEncryptionStatusesItemOutput) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemOutput) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutputWithContext(ctx context.Context) DevicePolicyAllowedEncryptionStatusesItemPtrOutput

func (DevicePolicyAllowedEncryptionStatusesItemOutput) ToStringOutput added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemOutput) ToStringOutput() pulumi.StringOutput

func (DevicePolicyAllowedEncryptionStatusesItemOutput) ToStringOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (DevicePolicyAllowedEncryptionStatusesItemOutput) ToStringPtrOutput added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (DevicePolicyAllowedEncryptionStatusesItemOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type DevicePolicyAllowedEncryptionStatusesItemPtrInput added in v0.6.0 

type DevicePolicyAllowedEncryptionStatusesItemPtrInput interface {
	pulumi.Input

	ToDevicePolicyAllowedEncryptionStatusesItemPtrOutput() DevicePolicyAllowedEncryptionStatusesItemPtrOutput
	ToDevicePolicyAllowedEncryptionStatusesItemPtrOutputWithContext(context.Context) DevicePolicyAllowedEncryptionStatusesItemPtrOutput
}

func DevicePolicyAllowedEncryptionStatusesItemPtr added in v0.6.0 

func DevicePolicyAllowedEncryptionStatusesItemPtr(v string) DevicePolicyAllowedEncryptionStatusesItemPtrInput

type DevicePolicyAllowedEncryptionStatusesItemPtrOutput added in v0.6.0 

type DevicePolicyAllowedEncryptionStatusesItemPtrOutput struct{ *pulumi.OutputState }

func (DevicePolicyAllowedEncryptionStatusesItemPtrOutput) Elem added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemPtrOutput) Elem() DevicePolicyAllowedEncryptionStatusesItemOutput

func (DevicePolicyAllowedEncryptionStatusesItemPtrOutput) ElementType added in v0.6.0 

func (DevicePolicyAllowedEncryptionStatusesItemPtrOutput) ElementType() reflect.Type

func (DevicePolicyAllowedEncryptionStatusesItemPtrOutput) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutput added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemPtrOutput) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutput() DevicePolicyAllowedEncryptionStatusesItemPtrOutput

func (DevicePolicyAllowedEncryptionStatusesItemPtrOutput) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemPtrOutput) ToDevicePolicyAllowedEncryptionStatusesItemPtrOutputWithContext(ctx context.Context) DevicePolicyAllowedEncryptionStatusesItemPtrOutput

func (DevicePolicyAllowedEncryptionStatusesItemPtrOutput) ToStringPtrOutput added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (DevicePolicyAllowedEncryptionStatusesItemPtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o DevicePolicyAllowedEncryptionStatusesItemPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type DevicePolicyArgs 

type DevicePolicyArgs struct {
	// Allowed device management levels, an empty list allows all management levels.
	AllowedDeviceManagementLevels DevicePolicyAllowedDeviceManagementLevelsItemArrayInput `pulumi:"allowedDeviceManagementLevels"`
	// Allowed encryptions statuses, an empty list allows all statuses.
	AllowedEncryptionStatuses DevicePolicyAllowedEncryptionStatusesItemArrayInput `pulumi:"allowedEncryptionStatuses"`
	// Allowed OS versions, an empty list allows all types and all versions.
	OsConstraints OsConstraintArrayInput `pulumi:"osConstraints"`
	// Whether the device needs to be approved by the customer admin.
	RequireAdminApproval pulumi.BoolPtrInput `pulumi:"requireAdminApproval"`
	// Whether the device needs to be corp owned.
	RequireCorpOwned pulumi.BoolPtrInput `pulumi:"requireCorpOwned"`
	// Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`.
	RequireScreenlock pulumi.BoolPtrInput `pulumi:"requireScreenlock"`
}

`DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.

func (DevicePolicyArgs) ElementType 

func (DevicePolicyArgs) ElementType() reflect.Type

func (DevicePolicyArgs) ToDevicePolicyOutput 

func (i DevicePolicyArgs) ToDevicePolicyOutput() DevicePolicyOutput

func (DevicePolicyArgs) ToDevicePolicyOutputWithContext 

func (i DevicePolicyArgs) ToDevicePolicyOutputWithContext(ctx context.Context) DevicePolicyOutput

func (DevicePolicyArgs) ToDevicePolicyPtrOutput 

func (i DevicePolicyArgs) ToDevicePolicyPtrOutput() DevicePolicyPtrOutput

func (DevicePolicyArgs) ToDevicePolicyPtrOutputWithContext 

func (i DevicePolicyArgs) ToDevicePolicyPtrOutputWithContext(ctx context.Context) DevicePolicyPtrOutput

type DevicePolicyInput 

type DevicePolicyInput interface {
	pulumi.Input

	ToDevicePolicyOutput() DevicePolicyOutput
	ToDevicePolicyOutputWithContext(context.Context) DevicePolicyOutput
}

DevicePolicyInput is an input type that accepts DevicePolicyArgs and DevicePolicyOutput values. You can construct a concrete instance of `DevicePolicyInput` via: 

DevicePolicyArgs{...}

type DevicePolicyOutput 

type DevicePolicyOutput struct{ *pulumi.OutputState }

`DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.

func (DevicePolicyOutput) AllowedDeviceManagementLevels 

func (o DevicePolicyOutput) AllowedDeviceManagementLevels() DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput

Allowed device management levels, an empty list allows all management levels.

func (DevicePolicyOutput) AllowedEncryptionStatuses 

func (o DevicePolicyOutput) AllowedEncryptionStatuses() DevicePolicyAllowedEncryptionStatusesItemArrayOutput

Allowed encryptions statuses, an empty list allows all statuses.

func (DevicePolicyOutput) ElementType 

func (DevicePolicyOutput) ElementType() reflect.Type

func (DevicePolicyOutput) OsConstraints 

func (o DevicePolicyOutput) OsConstraints() OsConstraintArrayOutput

Allowed OS versions, an empty list allows all types and all versions.

func (DevicePolicyOutput) RequireAdminApproval 

func (o DevicePolicyOutput) RequireAdminApproval() pulumi.BoolPtrOutput

Whether the device needs to be approved by the customer admin.

func (DevicePolicyOutput) RequireCorpOwned 

func (o DevicePolicyOutput) RequireCorpOwned() pulumi.BoolPtrOutput

Whether the device needs to be corp owned.

func (DevicePolicyOutput) RequireScreenlock 

func (o DevicePolicyOutput) RequireScreenlock() pulumi.BoolPtrOutput

Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`.

func (DevicePolicyOutput) ToDevicePolicyOutput 

func (o DevicePolicyOutput) ToDevicePolicyOutput() DevicePolicyOutput

func (DevicePolicyOutput) ToDevicePolicyOutputWithContext 

func (o DevicePolicyOutput) ToDevicePolicyOutputWithContext(ctx context.Context) DevicePolicyOutput

func (DevicePolicyOutput) ToDevicePolicyPtrOutput 

func (o DevicePolicyOutput) ToDevicePolicyPtrOutput() DevicePolicyPtrOutput

func (DevicePolicyOutput) ToDevicePolicyPtrOutputWithContext 

func (o DevicePolicyOutput) ToDevicePolicyPtrOutputWithContext(ctx context.Context) DevicePolicyPtrOutput

type DevicePolicyPtrInput 

type DevicePolicyPtrInput interface {
	pulumi.Input

	ToDevicePolicyPtrOutput() DevicePolicyPtrOutput
	ToDevicePolicyPtrOutputWithContext(context.Context) DevicePolicyPtrOutput
}

DevicePolicyPtrInput is an input type that accepts DevicePolicyArgs, DevicePolicyPtr and DevicePolicyPtrOutput values. You can construct a concrete instance of `DevicePolicyPtrInput` via: 

        DevicePolicyArgs{...}

or:

        nil

func DevicePolicyPtr 

func DevicePolicyPtr(v *DevicePolicyArgs) DevicePolicyPtrInput

type DevicePolicyPtrOutput 

type DevicePolicyPtrOutput struct{ *pulumi.OutputState }

func (DevicePolicyPtrOutput) AllowedDeviceManagementLevels 

func (o DevicePolicyPtrOutput) AllowedDeviceManagementLevels() DevicePolicyAllowedDeviceManagementLevelsItemArrayOutput

Allowed device management levels, an empty list allows all management levels.

func (DevicePolicyPtrOutput) AllowedEncryptionStatuses 

func (o DevicePolicyPtrOutput) AllowedEncryptionStatuses() DevicePolicyAllowedEncryptionStatusesItemArrayOutput

Allowed encryptions statuses, an empty list allows all statuses.

func (DevicePolicyPtrOutput) Elem 

func (o DevicePolicyPtrOutput) Elem() DevicePolicyOutput

func (DevicePolicyPtrOutput) ElementType 

func (DevicePolicyPtrOutput) ElementType() reflect.Type

func (DevicePolicyPtrOutput) OsConstraints 

func (o DevicePolicyPtrOutput) OsConstraints() OsConstraintArrayOutput

Allowed OS versions, an empty list allows all types and all versions.

func (DevicePolicyPtrOutput) RequireAdminApproval 

func (o DevicePolicyPtrOutput) RequireAdminApproval() pulumi.BoolPtrOutput

Whether the device needs to be approved by the customer admin.

func (DevicePolicyPtrOutput) RequireCorpOwned 

func (o DevicePolicyPtrOutput) RequireCorpOwned() pulumi.BoolPtrOutput

Whether the device needs to be corp owned.

func (DevicePolicyPtrOutput) RequireScreenlock 

func (o DevicePolicyPtrOutput) RequireScreenlock() pulumi.BoolPtrOutput

Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`.

func (DevicePolicyPtrOutput) ToDevicePolicyPtrOutput 

func (o DevicePolicyPtrOutput) ToDevicePolicyPtrOutput() DevicePolicyPtrOutput

func (DevicePolicyPtrOutput) ToDevicePolicyPtrOutputWithContext 

func (o DevicePolicyPtrOutput) ToDevicePolicyPtrOutputWithContext(ctx context.Context) DevicePolicyPtrOutput

type DevicePolicyResponse 

type DevicePolicyResponse struct {
	// Allowed device management levels, an empty list allows all management levels.
	AllowedDeviceManagementLevels []string `pulumi:"allowedDeviceManagementLevels"`
	// Allowed encryptions statuses, an empty list allows all statuses.
	AllowedEncryptionStatuses []string `pulumi:"allowedEncryptionStatuses"`
	// Allowed OS versions, an empty list allows all types and all versions.
	OsConstraints []OsConstraintResponse `pulumi:"osConstraints"`
	// Whether the device needs to be approved by the customer admin.
	RequireAdminApproval bool `pulumi:"requireAdminApproval"`
	// Whether the device needs to be corp owned.
	RequireCorpOwned bool `pulumi:"requireCorpOwned"`
	// Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`.
	RequireScreenlock bool `pulumi:"requireScreenlock"`
}

`DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.

type DevicePolicyResponseOutput 

type DevicePolicyResponseOutput struct{ *pulumi.OutputState }

`DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.

func (DevicePolicyResponseOutput) AllowedDeviceManagementLevels 

func (o DevicePolicyResponseOutput) AllowedDeviceManagementLevels() pulumi.StringArrayOutput

Allowed device management levels, an empty list allows all management levels.

func (DevicePolicyResponseOutput) AllowedEncryptionStatuses 

func (o DevicePolicyResponseOutput) AllowedEncryptionStatuses() pulumi.StringArrayOutput

Allowed encryptions statuses, an empty list allows all statuses.

func (DevicePolicyResponseOutput) ElementType 

func (DevicePolicyResponseOutput) ElementType() reflect.Type

func (DevicePolicyResponseOutput) OsConstraints 

func (o DevicePolicyResponseOutput) OsConstraints() OsConstraintResponseArrayOutput

Allowed OS versions, an empty list allows all types and all versions.

func (DevicePolicyResponseOutput) RequireAdminApproval 

func (o DevicePolicyResponseOutput) RequireAdminApproval() pulumi.BoolOutput

Whether the device needs to be approved by the customer admin.

func (DevicePolicyResponseOutput) RequireCorpOwned 

func (o DevicePolicyResponseOutput) RequireCorpOwned() pulumi.BoolOutput

Whether the device needs to be corp owned.

func (DevicePolicyResponseOutput) RequireScreenlock 

func (o DevicePolicyResponseOutput) RequireScreenlock() pulumi.BoolOutput

Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`.

func (DevicePolicyResponseOutput) ToDevicePolicyResponseOutput 

func (o DevicePolicyResponseOutput) ToDevicePolicyResponseOutput() DevicePolicyResponseOutput

func (DevicePolicyResponseOutput) ToDevicePolicyResponseOutputWithContext 

func (o DevicePolicyResponseOutput) ToDevicePolicyResponseOutputWithContext(ctx context.Context) DevicePolicyResponseOutput

type EgressFrom 

type EgressFrom struct {
	// A list of identities that are allowed access through this [EgressPolicy]. Should be in the format of email address. The email address should represent individual user or service account only.
	Identities []string `pulumi:"identities"`
	// Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.
	IdentityType *EgressFromIdentityType `pulumi:"identityType"`
	// Whether to enforce traffic restrictions based on `sources` field. If the `sources` fields is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.
	SourceRestriction *EgressFromSourceRestriction `pulumi:"sourceRestriction"`
	// Sources that this EgressPolicy authorizes access from. If this field is not empty, then `source_restriction` must be set to `SOURCE_RESTRICTION_ENABLED`.
	Sources []EgressSource `pulumi:"sources"`
}

Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.

type EgressFromArgs 

type EgressFromArgs struct {
	// A list of identities that are allowed access through this [EgressPolicy]. Should be in the format of email address. The email address should represent individual user or service account only.
	Identities pulumi.StringArrayInput `pulumi:"identities"`
	// Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.
	IdentityType EgressFromIdentityTypePtrInput `pulumi:"identityType"`
	// Whether to enforce traffic restrictions based on `sources` field. If the `sources` fields is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.
	SourceRestriction EgressFromSourceRestrictionPtrInput `pulumi:"sourceRestriction"`
	// Sources that this EgressPolicy authorizes access from. If this field is not empty, then `source_restriction` must be set to `SOURCE_RESTRICTION_ENABLED`.
	Sources EgressSourceArrayInput `pulumi:"sources"`
}

Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.

func (EgressFromArgs) ElementType 

func (EgressFromArgs) ElementType() reflect.Type

func (EgressFromArgs) ToEgressFromOutput 

func (i EgressFromArgs) ToEgressFromOutput() EgressFromOutput

func (EgressFromArgs) ToEgressFromOutputWithContext 

func (i EgressFromArgs) ToEgressFromOutputWithContext(ctx context.Context) EgressFromOutput

func (EgressFromArgs) ToEgressFromPtrOutput 

func (i EgressFromArgs) ToEgressFromPtrOutput() EgressFromPtrOutput

func (EgressFromArgs) ToEgressFromPtrOutputWithContext 

func (i EgressFromArgs) ToEgressFromPtrOutputWithContext(ctx context.Context) EgressFromPtrOutput

type EgressFromIdentityType added in v0.4.0 

type EgressFromIdentityType string

Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.

func (EgressFromIdentityType) ElementType added in v0.4.0 

func (EgressFromIdentityType) ElementType() reflect.Type

func (EgressFromIdentityType) ToEgressFromIdentityTypeOutput added in v0.6.0 

func (e EgressFromIdentityType) ToEgressFromIdentityTypeOutput() EgressFromIdentityTypeOutput

func (EgressFromIdentityType) ToEgressFromIdentityTypeOutputWithContext added in v0.6.0 

func (e EgressFromIdentityType) ToEgressFromIdentityTypeOutputWithContext(ctx context.Context) EgressFromIdentityTypeOutput

func (EgressFromIdentityType) ToEgressFromIdentityTypePtrOutput added in v0.6.0 

func (e EgressFromIdentityType) ToEgressFromIdentityTypePtrOutput() EgressFromIdentityTypePtrOutput

func (EgressFromIdentityType) ToEgressFromIdentityTypePtrOutputWithContext added in v0.6.0 

func (e EgressFromIdentityType) ToEgressFromIdentityTypePtrOutputWithContext(ctx context.Context) EgressFromIdentityTypePtrOutput

func (EgressFromIdentityType) ToStringOutput added in v0.4.0 

func (e EgressFromIdentityType) ToStringOutput() pulumi.StringOutput

func (EgressFromIdentityType) ToStringOutputWithContext added in v0.4.0 

func (e EgressFromIdentityType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (EgressFromIdentityType) ToStringPtrOutput added in v0.4.0 

func (e EgressFromIdentityType) ToStringPtrOutput() pulumi.StringPtrOutput

func (EgressFromIdentityType) ToStringPtrOutputWithContext added in v0.4.0 

func (e EgressFromIdentityType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EgressFromIdentityTypeInput added in v0.6.0 

type EgressFromIdentityTypeInput interface {
	pulumi.Input

	ToEgressFromIdentityTypeOutput() EgressFromIdentityTypeOutput
	ToEgressFromIdentityTypeOutputWithContext(context.Context) EgressFromIdentityTypeOutput
}

EgressFromIdentityTypeInput is an input type that accepts EgressFromIdentityTypeArgs and EgressFromIdentityTypeOutput values. You can construct a concrete instance of `EgressFromIdentityTypeInput` via: 

EgressFromIdentityTypeArgs{...}

type EgressFromIdentityTypeOutput added in v0.6.0 

type EgressFromIdentityTypeOutput struct{ *pulumi.OutputState }

func (EgressFromIdentityTypeOutput) ElementType added in v0.6.0 

func (EgressFromIdentityTypeOutput) ElementType() reflect.Type

func (EgressFromIdentityTypeOutput) ToEgressFromIdentityTypeOutput added in v0.6.0 

func (o EgressFromIdentityTypeOutput) ToEgressFromIdentityTypeOutput() EgressFromIdentityTypeOutput

func (EgressFromIdentityTypeOutput) ToEgressFromIdentityTypeOutputWithContext added in v0.6.0 

func (o EgressFromIdentityTypeOutput) ToEgressFromIdentityTypeOutputWithContext(ctx context.Context) EgressFromIdentityTypeOutput

func (EgressFromIdentityTypeOutput) ToEgressFromIdentityTypePtrOutput added in v0.6.0 

func (o EgressFromIdentityTypeOutput) ToEgressFromIdentityTypePtrOutput() EgressFromIdentityTypePtrOutput

func (EgressFromIdentityTypeOutput) ToEgressFromIdentityTypePtrOutputWithContext added in v0.6.0 

func (o EgressFromIdentityTypeOutput) ToEgressFromIdentityTypePtrOutputWithContext(ctx context.Context) EgressFromIdentityTypePtrOutput

func (EgressFromIdentityTypeOutput) ToStringOutput added in v0.6.0 

func (o EgressFromIdentityTypeOutput) ToStringOutput() pulumi.StringOutput

func (EgressFromIdentityTypeOutput) ToStringOutputWithContext added in v0.6.0 

func (o EgressFromIdentityTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (EgressFromIdentityTypeOutput) ToStringPtrOutput added in v0.6.0 

func (o EgressFromIdentityTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (EgressFromIdentityTypeOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o EgressFromIdentityTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EgressFromIdentityTypePtrInput added in v0.6.0 

type EgressFromIdentityTypePtrInput interface {
	pulumi.Input

	ToEgressFromIdentityTypePtrOutput() EgressFromIdentityTypePtrOutput
	ToEgressFromIdentityTypePtrOutputWithContext(context.Context) EgressFromIdentityTypePtrOutput
}

func EgressFromIdentityTypePtr added in v0.6.0 

func EgressFromIdentityTypePtr(v string) EgressFromIdentityTypePtrInput

type EgressFromIdentityTypePtrOutput added in v0.6.0 

type EgressFromIdentityTypePtrOutput struct{ *pulumi.OutputState }

func (EgressFromIdentityTypePtrOutput) Elem added in v0.6.0 

func (o EgressFromIdentityTypePtrOutput) Elem() EgressFromIdentityTypeOutput

func (EgressFromIdentityTypePtrOutput) ElementType added in v0.6.0 

func (EgressFromIdentityTypePtrOutput) ElementType() reflect.Type

func (EgressFromIdentityTypePtrOutput) ToEgressFromIdentityTypePtrOutput added in v0.6.0 

func (o EgressFromIdentityTypePtrOutput) ToEgressFromIdentityTypePtrOutput() EgressFromIdentityTypePtrOutput

func (EgressFromIdentityTypePtrOutput) ToEgressFromIdentityTypePtrOutputWithContext added in v0.6.0 

func (o EgressFromIdentityTypePtrOutput) ToEgressFromIdentityTypePtrOutputWithContext(ctx context.Context) EgressFromIdentityTypePtrOutput

func (EgressFromIdentityTypePtrOutput) ToStringPtrOutput added in v0.6.0 

func (o EgressFromIdentityTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (EgressFromIdentityTypePtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o EgressFromIdentityTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EgressFromInput 

type EgressFromInput interface {
	pulumi.Input

	ToEgressFromOutput() EgressFromOutput
	ToEgressFromOutputWithContext(context.Context) EgressFromOutput
}

EgressFromInput is an input type that accepts EgressFromArgs and EgressFromOutput values. You can construct a concrete instance of `EgressFromInput` via: 

EgressFromArgs{...}

type EgressFromOutput 

type EgressFromOutput struct{ *pulumi.OutputState }

Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.

func (EgressFromOutput) ElementType 

func (EgressFromOutput) ElementType() reflect.Type

func (EgressFromOutput) Identities 

func (o EgressFromOutput) Identities() pulumi.StringArrayOutput

A list of identities that are allowed access through this EgressPolicy. Should be in the format of email address. The email address should represent individual user or service account only.

func (EgressFromOutput) IdentityType 

func (o EgressFromOutput) IdentityType() EgressFromIdentityTypePtrOutput

Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.

func (EgressFromOutput) SourceRestriction added in v0.32.0 

func (o EgressFromOutput) SourceRestriction() EgressFromSourceRestrictionPtrOutput

Whether to enforce traffic restrictions based on `sources` field. If the `sources` fields is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.

func (EgressFromOutput) Sources added in v0.32.0 

func (o EgressFromOutput) Sources() EgressSourceArrayOutput

Sources that this EgressPolicy authorizes access from. If this field is not empty, then `source_restriction` must be set to `SOURCE_RESTRICTION_ENABLED`.

func (EgressFromOutput) ToEgressFromOutput 

func (o EgressFromOutput) ToEgressFromOutput() EgressFromOutput

func (EgressFromOutput) ToEgressFromOutputWithContext 

func (o EgressFromOutput) ToEgressFromOutputWithContext(ctx context.Context) EgressFromOutput

func (EgressFromOutput) ToEgressFromPtrOutput 

func (o EgressFromOutput) ToEgressFromPtrOutput() EgressFromPtrOutput

func (EgressFromOutput) ToEgressFromPtrOutputWithContext 

func (o EgressFromOutput) ToEgressFromPtrOutputWithContext(ctx context.Context) EgressFromPtrOutput

type EgressFromPtrInput 

type EgressFromPtrInput interface {
	pulumi.Input

	ToEgressFromPtrOutput() EgressFromPtrOutput
	ToEgressFromPtrOutputWithContext(context.Context) EgressFromPtrOutput
}

EgressFromPtrInput is an input type that accepts EgressFromArgs, EgressFromPtr and EgressFromPtrOutput values. You can construct a concrete instance of `EgressFromPtrInput` via: 

        EgressFromArgs{...}

or:

        nil

func EgressFromPtr 

func EgressFromPtr(v *EgressFromArgs) EgressFromPtrInput

type EgressFromPtrOutput 

type EgressFromPtrOutput struct{ *pulumi.OutputState }

func (EgressFromPtrOutput) Elem 

func (o EgressFromPtrOutput) Elem() EgressFromOutput

func (EgressFromPtrOutput) ElementType 

func (EgressFromPtrOutput) ElementType() reflect.Type

func (EgressFromPtrOutput) Identities 

func (o EgressFromPtrOutput) Identities() pulumi.StringArrayOutput

A list of identities that are allowed access through this EgressPolicy. Should be in the format of email address. The email address should represent individual user or service account only.

func (EgressFromPtrOutput) IdentityType 

func (o EgressFromPtrOutput) IdentityType() EgressFromIdentityTypePtrOutput

Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.

func (EgressFromPtrOutput) SourceRestriction added in v0.32.0 

func (o EgressFromPtrOutput) SourceRestriction() EgressFromSourceRestrictionPtrOutput

Whether to enforce traffic restrictions based on `sources` field. If the `sources` fields is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.

func (EgressFromPtrOutput) Sources added in v0.32.0 

func (o EgressFromPtrOutput) Sources() EgressSourceArrayOutput

Sources that this EgressPolicy authorizes access from. If this field is not empty, then `source_restriction` must be set to `SOURCE_RESTRICTION_ENABLED`.

func (EgressFromPtrOutput) ToEgressFromPtrOutput 

func (o EgressFromPtrOutput) ToEgressFromPtrOutput() EgressFromPtrOutput

func (EgressFromPtrOutput) ToEgressFromPtrOutputWithContext 

func (o EgressFromPtrOutput) ToEgressFromPtrOutputWithContext(ctx context.Context) EgressFromPtrOutput

type EgressFromResponse 

type EgressFromResponse struct {
	// A list of identities that are allowed access through this [EgressPolicy]. Should be in the format of email address. The email address should represent individual user or service account only.
	Identities []string `pulumi:"identities"`
	// Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.
	IdentityType string `pulumi:"identityType"`
	// Whether to enforce traffic restrictions based on `sources` field. If the `sources` fields is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.
	SourceRestriction string `pulumi:"sourceRestriction"`
	// Sources that this EgressPolicy authorizes access from. If this field is not empty, then `source_restriction` must be set to `SOURCE_RESTRICTION_ENABLED`.
	Sources []EgressSourceResponse `pulumi:"sources"`
}

Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.

type EgressFromResponseOutput 

type EgressFromResponseOutput struct{ *pulumi.OutputState }

Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.

func (EgressFromResponseOutput) ElementType 

func (EgressFromResponseOutput) ElementType() reflect.Type

func (EgressFromResponseOutput) Identities 

func (o EgressFromResponseOutput) Identities() pulumi.StringArrayOutput

A list of identities that are allowed access through this EgressPolicy. Should be in the format of email address. The email address should represent individual user or service account only.

func (EgressFromResponseOutput) IdentityType 

func (o EgressFromResponseOutput) IdentityType() pulumi.StringOutput

Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.

func (EgressFromResponseOutput) SourceRestriction added in v0.32.0 

func (o EgressFromResponseOutput) SourceRestriction() pulumi.StringOutput

Whether to enforce traffic restrictions based on `sources` field. If the `sources` fields is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.

func (EgressFromResponseOutput) Sources added in v0.32.0 

func (o EgressFromResponseOutput) Sources() EgressSourceResponseArrayOutput

Sources that this EgressPolicy authorizes access from. If this field is not empty, then `source_restriction` must be set to `SOURCE_RESTRICTION_ENABLED`.

func (EgressFromResponseOutput) ToEgressFromResponseOutput 

func (o EgressFromResponseOutput) ToEgressFromResponseOutput() EgressFromResponseOutput

func (EgressFromResponseOutput) ToEgressFromResponseOutputWithContext 

func (o EgressFromResponseOutput) ToEgressFromResponseOutputWithContext(ctx context.Context) EgressFromResponseOutput

type EgressFromSourceRestriction added in v0.32.0 

type EgressFromSourceRestriction string

Whether to enforce traffic restrictions based on `sources` field. If the `sources` fields is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.

func (EgressFromSourceRestriction) ElementType added in v0.32.0 

func (EgressFromSourceRestriction) ElementType() reflect.Type

func (EgressFromSourceRestriction) ToEgressFromSourceRestrictionOutput added in v0.32.0 

func (e EgressFromSourceRestriction) ToEgressFromSourceRestrictionOutput() EgressFromSourceRestrictionOutput

func (EgressFromSourceRestriction) ToEgressFromSourceRestrictionOutputWithContext added in v0.32.0 

func (e EgressFromSourceRestriction) ToEgressFromSourceRestrictionOutputWithContext(ctx context.Context) EgressFromSourceRestrictionOutput

func (EgressFromSourceRestriction) ToEgressFromSourceRestrictionPtrOutput added in v0.32.0 

func (e EgressFromSourceRestriction) ToEgressFromSourceRestrictionPtrOutput() EgressFromSourceRestrictionPtrOutput

func (EgressFromSourceRestriction) ToEgressFromSourceRestrictionPtrOutputWithContext added in v0.32.0 

func (e EgressFromSourceRestriction) ToEgressFromSourceRestrictionPtrOutputWithContext(ctx context.Context) EgressFromSourceRestrictionPtrOutput

func (EgressFromSourceRestriction) ToStringOutput added in v0.32.0 

func (e EgressFromSourceRestriction) ToStringOutput() pulumi.StringOutput

func (EgressFromSourceRestriction) ToStringOutputWithContext added in v0.32.0 

func (e EgressFromSourceRestriction) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (EgressFromSourceRestriction) ToStringPtrOutput added in v0.32.0 

func (e EgressFromSourceRestriction) ToStringPtrOutput() pulumi.StringPtrOutput

func (EgressFromSourceRestriction) ToStringPtrOutputWithContext added in v0.32.0 

func (e EgressFromSourceRestriction) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EgressFromSourceRestrictionInput added in v0.32.0 

type EgressFromSourceRestrictionInput interface {
	pulumi.Input

	ToEgressFromSourceRestrictionOutput() EgressFromSourceRestrictionOutput
	ToEgressFromSourceRestrictionOutputWithContext(context.Context) EgressFromSourceRestrictionOutput
}

EgressFromSourceRestrictionInput is an input type that accepts EgressFromSourceRestrictionArgs and EgressFromSourceRestrictionOutput values. You can construct a concrete instance of `EgressFromSourceRestrictionInput` via: 

EgressFromSourceRestrictionArgs{...}

type EgressFromSourceRestrictionOutput added in v0.32.0 

type EgressFromSourceRestrictionOutput struct{ *pulumi.OutputState }

func (EgressFromSourceRestrictionOutput) ElementType added in v0.32.0 

func (EgressFromSourceRestrictionOutput) ElementType() reflect.Type

func (EgressFromSourceRestrictionOutput) ToEgressFromSourceRestrictionOutput added in v0.32.0 

func (o EgressFromSourceRestrictionOutput) ToEgressFromSourceRestrictionOutput() EgressFromSourceRestrictionOutput

func (EgressFromSourceRestrictionOutput) ToEgressFromSourceRestrictionOutputWithContext added in v0.32.0 

func (o EgressFromSourceRestrictionOutput) ToEgressFromSourceRestrictionOutputWithContext(ctx context.Context) EgressFromSourceRestrictionOutput

func (EgressFromSourceRestrictionOutput) ToEgressFromSourceRestrictionPtrOutput added in v0.32.0 

func (o EgressFromSourceRestrictionOutput) ToEgressFromSourceRestrictionPtrOutput() EgressFromSourceRestrictionPtrOutput

func (EgressFromSourceRestrictionOutput) ToEgressFromSourceRestrictionPtrOutputWithContext added in v0.32.0 

func (o EgressFromSourceRestrictionOutput) ToEgressFromSourceRestrictionPtrOutputWithContext(ctx context.Context) EgressFromSourceRestrictionPtrOutput

func (EgressFromSourceRestrictionOutput) ToStringOutput added in v0.32.0 

func (o EgressFromSourceRestrictionOutput) ToStringOutput() pulumi.StringOutput

func (EgressFromSourceRestrictionOutput) ToStringOutputWithContext added in v0.32.0 

func (o EgressFromSourceRestrictionOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (EgressFromSourceRestrictionOutput) ToStringPtrOutput added in v0.32.0 

func (o EgressFromSourceRestrictionOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (EgressFromSourceRestrictionOutput) ToStringPtrOutputWithContext added in v0.32.0 

func (o EgressFromSourceRestrictionOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EgressFromSourceRestrictionPtrInput added in v0.32.0 

type EgressFromSourceRestrictionPtrInput interface {
	pulumi.Input

	ToEgressFromSourceRestrictionPtrOutput() EgressFromSourceRestrictionPtrOutput
	ToEgressFromSourceRestrictionPtrOutputWithContext(context.Context) EgressFromSourceRestrictionPtrOutput
}

func EgressFromSourceRestrictionPtr added in v0.32.0 

func EgressFromSourceRestrictionPtr(v string) EgressFromSourceRestrictionPtrInput

type EgressFromSourceRestrictionPtrOutput added in v0.32.0 

type EgressFromSourceRestrictionPtrOutput struct{ *pulumi.OutputState }

func (EgressFromSourceRestrictionPtrOutput) Elem added in v0.32.0 

func (o EgressFromSourceRestrictionPtrOutput) Elem() EgressFromSourceRestrictionOutput

func (EgressFromSourceRestrictionPtrOutput) ElementType added in v0.32.0 

func (EgressFromSourceRestrictionPtrOutput) ElementType() reflect.Type

func (EgressFromSourceRestrictionPtrOutput) ToEgressFromSourceRestrictionPtrOutput added in v0.32.0 

func (o EgressFromSourceRestrictionPtrOutput) ToEgressFromSourceRestrictionPtrOutput() EgressFromSourceRestrictionPtrOutput

func (EgressFromSourceRestrictionPtrOutput) ToEgressFromSourceRestrictionPtrOutputWithContext added in v0.32.0 

func (o EgressFromSourceRestrictionPtrOutput) ToEgressFromSourceRestrictionPtrOutputWithContext(ctx context.Context) EgressFromSourceRestrictionPtrOutput

func (EgressFromSourceRestrictionPtrOutput) ToStringPtrOutput added in v0.32.0 

func (o EgressFromSourceRestrictionPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (EgressFromSourceRestrictionPtrOutput) ToStringPtrOutputWithContext added in v0.32.0 

func (o EgressFromSourceRestrictionPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EgressPolicy 

type EgressPolicy struct {
	// Defines conditions on the source of a request causing this EgressPolicy to apply.
	EgressFrom *EgressFrom `pulumi:"egressFrom"`
	// Defines the conditions on the ApiOperation and destination resources that cause this EgressPolicy to apply.
	EgressTo *EgressTo `pulumi:"egressTo"`
}

Policy for egress from perimeter. EgressPolicies match requests based on `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, both `egress_from` and `egress_to` stanzas must be matched. If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter boundary. For example, an EgressPolicy can be used to allow VMs on networks within the ServicePerimeter to access a defined set of projects outside the perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket or query against a BigQuery dataset). EgressPolicies are concerned with the *resources* that a request relates as well as the API services and API actions being used. They do not related to the direction of data movement. More detailed documentation for this concept can be found in the descriptions of EgressFrom and EgressTo.

type EgressPolicyArgs 

type EgressPolicyArgs struct {
	// Defines conditions on the source of a request causing this EgressPolicy to apply.
	EgressFrom EgressFromPtrInput `pulumi:"egressFrom"`
	// Defines the conditions on the ApiOperation and destination resources that cause this EgressPolicy to apply.
	EgressTo EgressToPtrInput `pulumi:"egressTo"`
}

Policy for egress from perimeter. EgressPolicies match requests based on `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, both `egress_from` and `egress_to` stanzas must be matched. If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter boundary. For example, an EgressPolicy can be used to allow VMs on networks within the ServicePerimeter to access a defined set of projects outside the perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket or query against a BigQuery dataset). EgressPolicies are concerned with the *resources* that a request relates as well as the API services and API actions being used. They do not related to the direction of data movement. More detailed documentation for this concept can be found in the descriptions of EgressFrom and EgressTo.

func (EgressPolicyArgs) ElementType 

func (EgressPolicyArgs) ElementType() reflect.Type

func (EgressPolicyArgs) ToEgressPolicyOutput 

func (i EgressPolicyArgs) ToEgressPolicyOutput() EgressPolicyOutput

func (EgressPolicyArgs) ToEgressPolicyOutputWithContext 

func (i EgressPolicyArgs) ToEgressPolicyOutputWithContext(ctx context.Context) EgressPolicyOutput

type EgressPolicyArray 

type EgressPolicyArray []EgressPolicyInput

func (EgressPolicyArray) ElementType 

func (EgressPolicyArray) ElementType() reflect.Type

func (EgressPolicyArray) ToEgressPolicyArrayOutput 

func (i EgressPolicyArray) ToEgressPolicyArrayOutput() EgressPolicyArrayOutput

func (EgressPolicyArray) ToEgressPolicyArrayOutputWithContext 

func (i EgressPolicyArray) ToEgressPolicyArrayOutputWithContext(ctx context.Context) EgressPolicyArrayOutput

type EgressPolicyArrayInput 

type EgressPolicyArrayInput interface {
	pulumi.Input

	ToEgressPolicyArrayOutput() EgressPolicyArrayOutput
	ToEgressPolicyArrayOutputWithContext(context.Context) EgressPolicyArrayOutput
}

EgressPolicyArrayInput is an input type that accepts EgressPolicyArray and EgressPolicyArrayOutput values. You can construct a concrete instance of `EgressPolicyArrayInput` via: 

EgressPolicyArray{ EgressPolicyArgs{...} }

type EgressPolicyArrayOutput 

type EgressPolicyArrayOutput struct{ *pulumi.OutputState }

func (EgressPolicyArrayOutput) ElementType 

func (EgressPolicyArrayOutput) ElementType() reflect.Type

func (EgressPolicyArrayOutput) Index 

func (o EgressPolicyArrayOutput) Index(i pulumi.IntInput) EgressPolicyOutput

func (EgressPolicyArrayOutput) ToEgressPolicyArrayOutput 

func (o EgressPolicyArrayOutput) ToEgressPolicyArrayOutput() EgressPolicyArrayOutput

func (EgressPolicyArrayOutput) ToEgressPolicyArrayOutputWithContext 

func (o EgressPolicyArrayOutput) ToEgressPolicyArrayOutputWithContext(ctx context.Context) EgressPolicyArrayOutput

type EgressPolicyInput 

type EgressPolicyInput interface {
	pulumi.Input

	ToEgressPolicyOutput() EgressPolicyOutput
	ToEgressPolicyOutputWithContext(context.Context) EgressPolicyOutput
}

EgressPolicyInput is an input type that accepts EgressPolicyArgs and EgressPolicyOutput values. You can construct a concrete instance of `EgressPolicyInput` via: 

EgressPolicyArgs{...}

type EgressPolicyOutput 

type EgressPolicyOutput struct{ *pulumi.OutputState }

Policy for egress from perimeter. EgressPolicies match requests based on `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, both `egress_from` and `egress_to` stanzas must be matched. If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter boundary. For example, an EgressPolicy can be used to allow VMs on networks within the ServicePerimeter to access a defined set of projects outside the perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket or query against a BigQuery dataset). EgressPolicies are concerned with the *resources* that a request relates as well as the API services and API actions being used. They do not related to the direction of data movement. More detailed documentation for this concept can be found in the descriptions of EgressFrom and EgressTo.

func (EgressPolicyOutput) EgressFrom 

func (o EgressPolicyOutput) EgressFrom() EgressFromPtrOutput

Defines conditions on the source of a request causing this EgressPolicy to apply.

func (EgressPolicyOutput) EgressTo 

func (o EgressPolicyOutput) EgressTo() EgressToPtrOutput

Defines the conditions on the ApiOperation and destination resources that cause this EgressPolicy to apply.

func (EgressPolicyOutput) ElementType 

func (EgressPolicyOutput) ElementType() reflect.Type

func (EgressPolicyOutput) ToEgressPolicyOutput 

func (o EgressPolicyOutput) ToEgressPolicyOutput() EgressPolicyOutput

func (EgressPolicyOutput) ToEgressPolicyOutputWithContext 

func (o EgressPolicyOutput) ToEgressPolicyOutputWithContext(ctx context.Context) EgressPolicyOutput

type EgressPolicyResponse 

type EgressPolicyResponse struct {
	// Defines conditions on the source of a request causing this EgressPolicy to apply.
	EgressFrom EgressFromResponse `pulumi:"egressFrom"`
	// Defines the conditions on the ApiOperation and destination resources that cause this EgressPolicy to apply.
	EgressTo EgressToResponse `pulumi:"egressTo"`
}

Policy for egress from perimeter. EgressPolicies match requests based on `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, both `egress_from` and `egress_to` stanzas must be matched. If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter boundary. For example, an EgressPolicy can be used to allow VMs on networks within the ServicePerimeter to access a defined set of projects outside the perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket or query against a BigQuery dataset). EgressPolicies are concerned with the *resources* that a request relates as well as the API services and API actions being used. They do not related to the direction of data movement. More detailed documentation for this concept can be found in the descriptions of EgressFrom and EgressTo.

type EgressPolicyResponseArrayOutput 

type EgressPolicyResponseArrayOutput struct{ *pulumi.OutputState }

func (EgressPolicyResponseArrayOutput) ElementType 

func (EgressPolicyResponseArrayOutput) ElementType() reflect.Type

func (EgressPolicyResponseArrayOutput) Index 

func (o EgressPolicyResponseArrayOutput) Index(i pulumi.IntInput) EgressPolicyResponseOutput

func (EgressPolicyResponseArrayOutput) ToEgressPolicyResponseArrayOutput 

func (o EgressPolicyResponseArrayOutput) ToEgressPolicyResponseArrayOutput() EgressPolicyResponseArrayOutput

func (EgressPolicyResponseArrayOutput) ToEgressPolicyResponseArrayOutputWithContext 

func (o EgressPolicyResponseArrayOutput) ToEgressPolicyResponseArrayOutputWithContext(ctx context.Context) EgressPolicyResponseArrayOutput

type EgressPolicyResponseOutput 

type EgressPolicyResponseOutput struct{ *pulumi.OutputState }

Policy for egress from perimeter. EgressPolicies match requests based on `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, both `egress_from` and `egress_to` stanzas must be matched. If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter boundary. For example, an EgressPolicy can be used to allow VMs on networks within the ServicePerimeter to access a defined set of projects outside the perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket or query against a BigQuery dataset). EgressPolicies are concerned with the *resources* that a request relates as well as the API services and API actions being used. They do not related to the direction of data movement. More detailed documentation for this concept can be found in the descriptions of EgressFrom and EgressTo.

func (EgressPolicyResponseOutput) EgressFrom 

func (o EgressPolicyResponseOutput) EgressFrom() EgressFromResponseOutput

Defines conditions on the source of a request causing this EgressPolicy to apply.

func (EgressPolicyResponseOutput) EgressTo 

func (o EgressPolicyResponseOutput) EgressTo() EgressToResponseOutput

Defines the conditions on the ApiOperation and destination resources that cause this EgressPolicy to apply.

func (EgressPolicyResponseOutput) ElementType 

func (EgressPolicyResponseOutput) ElementType() reflect.Type

func (EgressPolicyResponseOutput) ToEgressPolicyResponseOutput 

func (o EgressPolicyResponseOutput) ToEgressPolicyResponseOutput() EgressPolicyResponseOutput

func (EgressPolicyResponseOutput) ToEgressPolicyResponseOutputWithContext 

func (o EgressPolicyResponseOutput) ToEgressPolicyResponseOutputWithContext(ctx context.Context) EgressPolicyResponseOutput

type EgressSource added in v0.32.0 

type EgressSource struct {
	// An AccessLevel resource name that allows protected resources inside the ServicePerimeters to access outside the ServicePerimeter boundaries. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If an AccessLevel name is not specified, only resources within the perimeter can be accessed through Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all EgressSources will be allowed.
	AccessLevel *string `pulumi:"accessLevel"`
}

The source that EgressPolicy authorizes access from inside the ServicePerimeter to somewhere outside the ServicePerimeter boundaries.

type EgressSourceArgs added in v0.32.0 

type EgressSourceArgs struct {
	// An AccessLevel resource name that allows protected resources inside the ServicePerimeters to access outside the ServicePerimeter boundaries. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If an AccessLevel name is not specified, only resources within the perimeter can be accessed through Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all EgressSources will be allowed.
	AccessLevel pulumi.StringPtrInput `pulumi:"accessLevel"`
}

The source that EgressPolicy authorizes access from inside the ServicePerimeter to somewhere outside the ServicePerimeter boundaries.

func (EgressSourceArgs) ElementType added in v0.32.0 

func (EgressSourceArgs) ElementType() reflect.Type

func (EgressSourceArgs) ToEgressSourceOutput added in v0.32.0 

func (i EgressSourceArgs) ToEgressSourceOutput() EgressSourceOutput

func (EgressSourceArgs) ToEgressSourceOutputWithContext added in v0.32.0 

func (i EgressSourceArgs) ToEgressSourceOutputWithContext(ctx context.Context) EgressSourceOutput

type EgressSourceArray added in v0.32.0 

type EgressSourceArray []EgressSourceInput

func (EgressSourceArray) ElementType added in v0.32.0 

func (EgressSourceArray) ElementType() reflect.Type

func (EgressSourceArray) ToEgressSourceArrayOutput added in v0.32.0 

func (i EgressSourceArray) ToEgressSourceArrayOutput() EgressSourceArrayOutput

func (EgressSourceArray) ToEgressSourceArrayOutputWithContext added in v0.32.0 

func (i EgressSourceArray) ToEgressSourceArrayOutputWithContext(ctx context.Context) EgressSourceArrayOutput

type EgressSourceArrayInput added in v0.32.0 

type EgressSourceArrayInput interface {
	pulumi.Input

	ToEgressSourceArrayOutput() EgressSourceArrayOutput
	ToEgressSourceArrayOutputWithContext(context.Context) EgressSourceArrayOutput
}

EgressSourceArrayInput is an input type that accepts EgressSourceArray and EgressSourceArrayOutput values. You can construct a concrete instance of `EgressSourceArrayInput` via: 

EgressSourceArray{ EgressSourceArgs{...} }

type EgressSourceArrayOutput added in v0.32.0 

type EgressSourceArrayOutput struct{ *pulumi.OutputState }

func (EgressSourceArrayOutput) ElementType added in v0.32.0 

func (EgressSourceArrayOutput) ElementType() reflect.Type

func (EgressSourceArrayOutput) Index added in v0.32.0 

func (o EgressSourceArrayOutput) Index(i pulumi.IntInput) EgressSourceOutput

func (EgressSourceArrayOutput) ToEgressSourceArrayOutput added in v0.32.0 

func (o EgressSourceArrayOutput) ToEgressSourceArrayOutput() EgressSourceArrayOutput

func (EgressSourceArrayOutput) ToEgressSourceArrayOutputWithContext added in v0.32.0 

func (o EgressSourceArrayOutput) ToEgressSourceArrayOutputWithContext(ctx context.Context) EgressSourceArrayOutput

type EgressSourceInput added in v0.32.0 

type EgressSourceInput interface {
	pulumi.Input

	ToEgressSourceOutput() EgressSourceOutput
	ToEgressSourceOutputWithContext(context.Context) EgressSourceOutput
}

EgressSourceInput is an input type that accepts EgressSourceArgs and EgressSourceOutput values. You can construct a concrete instance of `EgressSourceInput` via: 

EgressSourceArgs{...}

type EgressSourceOutput added in v0.32.0 

type EgressSourceOutput struct{ *pulumi.OutputState }

The source that EgressPolicy authorizes access from inside the ServicePerimeter to somewhere outside the ServicePerimeter boundaries.

func (EgressSourceOutput) AccessLevel added in v0.32.0 

func (o EgressSourceOutput) AccessLevel() pulumi.StringPtrOutput

An AccessLevel resource name that allows protected resources inside the ServicePerimeters to access outside the ServicePerimeter boundaries. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If an AccessLevel name is not specified, only resources within the perimeter can be accessed through Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all EgressSources will be allowed.

func (EgressSourceOutput) ElementType added in v0.32.0 

func (EgressSourceOutput) ElementType() reflect.Type

func (EgressSourceOutput) ToEgressSourceOutput added in v0.32.0 

func (o EgressSourceOutput) ToEgressSourceOutput() EgressSourceOutput

func (EgressSourceOutput) ToEgressSourceOutputWithContext added in v0.32.0 

func (o EgressSourceOutput) ToEgressSourceOutputWithContext(ctx context.Context) EgressSourceOutput

type EgressSourceResponse added in v0.32.0 

type EgressSourceResponse struct {
	// An AccessLevel resource name that allows protected resources inside the ServicePerimeters to access outside the ServicePerimeter boundaries. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If an AccessLevel name is not specified, only resources within the perimeter can be accessed through Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all EgressSources will be allowed.
	AccessLevel string `pulumi:"accessLevel"`
}

The source that EgressPolicy authorizes access from inside the ServicePerimeter to somewhere outside the ServicePerimeter boundaries.

type EgressSourceResponseArrayOutput added in v0.32.0 

type EgressSourceResponseArrayOutput struct{ *pulumi.OutputState }

func (EgressSourceResponseArrayOutput) ElementType added in v0.32.0 

func (EgressSourceResponseArrayOutput) ElementType() reflect.Type

func (EgressSourceResponseArrayOutput) Index added in v0.32.0 

func (o EgressSourceResponseArrayOutput) Index(i pulumi.IntInput) EgressSourceResponseOutput

func (EgressSourceResponseArrayOutput) ToEgressSourceResponseArrayOutput added in v0.32.0 

func (o EgressSourceResponseArrayOutput) ToEgressSourceResponseArrayOutput() EgressSourceResponseArrayOutput

func (EgressSourceResponseArrayOutput) ToEgressSourceResponseArrayOutputWithContext added in v0.32.0 

func (o EgressSourceResponseArrayOutput) ToEgressSourceResponseArrayOutputWithContext(ctx context.Context) EgressSourceResponseArrayOutput

type EgressSourceResponseOutput added in v0.32.0 

type EgressSourceResponseOutput struct{ *pulumi.OutputState }

The source that EgressPolicy authorizes access from inside the ServicePerimeter to somewhere outside the ServicePerimeter boundaries.

func (EgressSourceResponseOutput) AccessLevel added in v0.32.0 

func (o EgressSourceResponseOutput) AccessLevel() pulumi.StringOutput

An AccessLevel resource name that allows protected resources inside the ServicePerimeters to access outside the ServicePerimeter boundaries. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If an AccessLevel name is not specified, only resources within the perimeter can be accessed through Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all EgressSources will be allowed.

func (EgressSourceResponseOutput) ElementType added in v0.32.0 

func (EgressSourceResponseOutput) ElementType() reflect.Type

func (EgressSourceResponseOutput) ToEgressSourceResponseOutput added in v0.32.0 

func (o EgressSourceResponseOutput) ToEgressSourceResponseOutput() EgressSourceResponseOutput

func (EgressSourceResponseOutput) ToEgressSourceResponseOutputWithContext added in v0.32.0 

func (o EgressSourceResponseOutput) ToEgressSourceResponseOutputWithContext(ctx context.Context) EgressSourceResponseOutput

type EgressTo 

type EgressTo struct {
	// A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.
	ExternalResources []string `pulumi:"externalResources"`
	// A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/service in this list.
	Operations []ApiOperation `pulumi:"operations"`
	// A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter.
	Resources []string `pulumi:"resources"`
}

Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed. The request must match `operations` AND `resources` fields in order to be allowed egress out of the perimeter.

type EgressToArgs 

type EgressToArgs struct {
	// A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.
	ExternalResources pulumi.StringArrayInput `pulumi:"externalResources"`
	// A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/service in this list.
	Operations ApiOperationArrayInput `pulumi:"operations"`
	// A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter.
	Resources pulumi.StringArrayInput `pulumi:"resources"`
}

Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed. The request must match `operations` AND `resources` fields in order to be allowed egress out of the perimeter.

func (EgressToArgs) ElementType 

func (EgressToArgs) ElementType() reflect.Type

func (EgressToArgs) ToEgressToOutput 

func (i EgressToArgs) ToEgressToOutput() EgressToOutput

func (EgressToArgs) ToEgressToOutputWithContext 

func (i EgressToArgs) ToEgressToOutputWithContext(ctx context.Context) EgressToOutput

func (EgressToArgs) ToEgressToPtrOutput 

func (i EgressToArgs) ToEgressToPtrOutput() EgressToPtrOutput

func (EgressToArgs) ToEgressToPtrOutputWithContext 

func (i EgressToArgs) ToEgressToPtrOutputWithContext(ctx context.Context) EgressToPtrOutput

type EgressToInput 

type EgressToInput interface {
	pulumi.Input

	ToEgressToOutput() EgressToOutput
	ToEgressToOutputWithContext(context.Context) EgressToOutput
}

EgressToInput is an input type that accepts EgressToArgs and EgressToOutput values. You can construct a concrete instance of `EgressToInput` via: 

EgressToArgs{...}

type EgressToOutput 

type EgressToOutput struct{ *pulumi.OutputState }

Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed. The request must match `operations` AND `resources` fields in order to be allowed egress out of the perimeter.

func (EgressToOutput) ElementType 

func (EgressToOutput) ElementType() reflect.Type

func (EgressToOutput) ExternalResources added in v0.21.0 

func (o EgressToOutput) ExternalResources() pulumi.StringArrayOutput

A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.

func (EgressToOutput) Operations 

func (o EgressToOutput) Operations() ApiOperationArrayOutput

A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/service in this list.

func (EgressToOutput) Resources 

func (o EgressToOutput) Resources() pulumi.StringArrayOutput

A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter.

func (EgressToOutput) ToEgressToOutput 

func (o EgressToOutput) ToEgressToOutput() EgressToOutput

func (EgressToOutput) ToEgressToOutputWithContext 

func (o EgressToOutput) ToEgressToOutputWithContext(ctx context.Context) EgressToOutput

func (EgressToOutput) ToEgressToPtrOutput 

func (o EgressToOutput) ToEgressToPtrOutput() EgressToPtrOutput

func (EgressToOutput) ToEgressToPtrOutputWithContext 

func (o EgressToOutput) ToEgressToPtrOutputWithContext(ctx context.Context) EgressToPtrOutput

type EgressToPtrInput 

type EgressToPtrInput interface {
	pulumi.Input

	ToEgressToPtrOutput() EgressToPtrOutput
	ToEgressToPtrOutputWithContext(context.Context) EgressToPtrOutput
}

EgressToPtrInput is an input type that accepts EgressToArgs, EgressToPtr and EgressToPtrOutput values. You can construct a concrete instance of `EgressToPtrInput` via: 

        EgressToArgs{...}

or:

        nil

func EgressToPtr 

func EgressToPtr(v *EgressToArgs) EgressToPtrInput

type EgressToPtrOutput 

type EgressToPtrOutput struct{ *pulumi.OutputState }

func (EgressToPtrOutput) Elem 

func (o EgressToPtrOutput) Elem() EgressToOutput

func (EgressToPtrOutput) ElementType 

func (EgressToPtrOutput) ElementType() reflect.Type

func (EgressToPtrOutput) ExternalResources added in v0.21.0 

func (o EgressToPtrOutput) ExternalResources() pulumi.StringArrayOutput

A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.

func (EgressToPtrOutput) Operations 

func (o EgressToPtrOutput) Operations() ApiOperationArrayOutput

A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/service in this list.

func (EgressToPtrOutput) Resources 

func (o EgressToPtrOutput) Resources() pulumi.StringArrayOutput

A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter.

func (EgressToPtrOutput) ToEgressToPtrOutput 

func (o EgressToPtrOutput) ToEgressToPtrOutput() EgressToPtrOutput

func (EgressToPtrOutput) ToEgressToPtrOutputWithContext 

func (o EgressToPtrOutput) ToEgressToPtrOutputWithContext(ctx context.Context) EgressToPtrOutput

type EgressToResponse 

type EgressToResponse struct {
	// A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.
	ExternalResources []string `pulumi:"externalResources"`
	// A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/service in this list.
	Operations []ApiOperationResponse `pulumi:"operations"`
	// A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter.
	Resources []string `pulumi:"resources"`
}

Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed. The request must match `operations` AND `resources` fields in order to be allowed egress out of the perimeter.

type EgressToResponseOutput 

type EgressToResponseOutput struct{ *pulumi.OutputState }

Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed. The request must match `operations` AND `resources` fields in order to be allowed egress out of the perimeter.

func (EgressToResponseOutput) ElementType 

func (EgressToResponseOutput) ElementType() reflect.Type

func (EgressToResponseOutput) ExternalResources added in v0.21.0 

func (o EgressToResponseOutput) ExternalResources() pulumi.StringArrayOutput

A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.

func (EgressToResponseOutput) Operations 

func (o EgressToResponseOutput) Operations() ApiOperationResponseArrayOutput

A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/service in this list.

func (EgressToResponseOutput) Resources 

func (o EgressToResponseOutput) Resources() pulumi.StringArrayOutput

A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter.

func (EgressToResponseOutput) ToEgressToResponseOutput 

func (o EgressToResponseOutput) ToEgressToResponseOutput() EgressToResponseOutput

func (EgressToResponseOutput) ToEgressToResponseOutputWithContext 

func (o EgressToResponseOutput) ToEgressToResponseOutputWithContext(ctx context.Context) EgressToResponseOutput

type Expr 

type Expr struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression *string `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location *string `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title *string `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

type ExprArgs 

type ExprArgs struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringPtrInput `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location pulumi.StringPtrInput `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title pulumi.StringPtrInput `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprArgs) ElementType 

func (ExprArgs) ElementType() reflect.Type

func (ExprArgs) ToExprOutput 

func (i ExprArgs) ToExprOutput() ExprOutput

func (ExprArgs) ToExprOutputWithContext 

func (i ExprArgs) ToExprOutputWithContext(ctx context.Context) ExprOutput

func (ExprArgs) ToExprPtrOutput 

func (i ExprArgs) ToExprPtrOutput() ExprPtrOutput

func (ExprArgs) ToExprPtrOutputWithContext 

func (i ExprArgs) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprInput 

type ExprInput interface {
	pulumi.Input

	ToExprOutput() ExprOutput
	ToExprOutputWithContext(context.Context) ExprOutput
}

ExprInput is an input type that accepts ExprArgs and ExprOutput values. You can construct a concrete instance of `ExprInput` via: 

ExprArgs{...}

type ExprOutput 

type ExprOutput struct{ *pulumi.OutputState }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprOutput) Description 

func (o ExprOutput) Description() pulumi.StringPtrOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprOutput) ElementType 

func (ExprOutput) ElementType() reflect.Type

func (ExprOutput) Expression 

func (o ExprOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprOutput) Location 

func (o ExprOutput) Location() pulumi.StringPtrOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprOutput) Title 

func (o ExprOutput) Title() pulumi.StringPtrOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprOutput) ToExprOutput 

func (o ExprOutput) ToExprOutput() ExprOutput

func (ExprOutput) ToExprOutputWithContext 

func (o ExprOutput) ToExprOutputWithContext(ctx context.Context) ExprOutput

func (ExprOutput) ToExprPtrOutput 

func (o ExprOutput) ToExprPtrOutput() ExprPtrOutput

func (ExprOutput) ToExprPtrOutputWithContext 

func (o ExprOutput) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprPtrInput 

type ExprPtrInput interface {
	pulumi.Input

	ToExprPtrOutput() ExprPtrOutput
	ToExprPtrOutputWithContext(context.Context) ExprPtrOutput
}

ExprPtrInput is an input type that accepts ExprArgs, ExprPtr and ExprPtrOutput values. You can construct a concrete instance of `ExprPtrInput` via: 

        ExprArgs{...}

or:

        nil

func ExprPtr 

func ExprPtr(v *ExprArgs) ExprPtrInput

type ExprPtrOutput 

type ExprPtrOutput struct{ *pulumi.OutputState }

func (ExprPtrOutput) Description 

func (o ExprPtrOutput) Description() pulumi.StringPtrOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprPtrOutput) Elem 

func (o ExprPtrOutput) Elem() ExprOutput

func (ExprPtrOutput) ElementType 

func (ExprPtrOutput) ElementType() reflect.Type

func (ExprPtrOutput) Expression 

func (o ExprPtrOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprPtrOutput) Location 

func (o ExprPtrOutput) Location() pulumi.StringPtrOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprPtrOutput) Title 

func (o ExprPtrOutput) Title() pulumi.StringPtrOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprPtrOutput) ToExprPtrOutput 

func (o ExprPtrOutput) ToExprPtrOutput() ExprPtrOutput

func (ExprPtrOutput) ToExprPtrOutputWithContext 

func (o ExprPtrOutput) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprResponse 

type ExprResponse struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location string `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title string `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

type ExprResponseOutput 

type ExprResponseOutput struct{ *pulumi.OutputState }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprResponseOutput) Description 

func (o ExprResponseOutput) Description() pulumi.StringOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprResponseOutput) ElementType 

func (ExprResponseOutput) ElementType() reflect.Type

func (ExprResponseOutput) Expression 

func (o ExprResponseOutput) Expression() pulumi.StringOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprResponseOutput) Location 

func (o ExprResponseOutput) Location() pulumi.StringOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprResponseOutput) Title 

func (o ExprResponseOutput) Title() pulumi.StringOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprResponseOutput) ToExprResponseOutput 

func (o ExprResponseOutput) ToExprResponseOutput() ExprResponseOutput

func (ExprResponseOutput) ToExprResponseOutputWithContext 

func (o ExprResponseOutput) ToExprResponseOutputWithContext(ctx context.Context) ExprResponseOutput

type GcpUserAccessBinding added in v0.3.0 

type GcpUserAccessBinding struct {
	pulumi.CustomResourceState

	// Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
	AccessLevels pulumi.StringArrayOutput `pulumi:"accessLevels"`
	// Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
	DryRunAccessLevels pulumi.StringArrayOutput `pulumi:"dryRunAccessLevels"`
	// Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the [G Suite Directory API's Groups resource] (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht"
	GroupKey pulumi.StringOutput `pulumi:"groupKey"`
	// Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by [RFC 3986 Section 2.3](https://tools.ietf.org/html/rfc3986#section-2.3)). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
	Name           pulumi.StringOutput `pulumi:"name"`
	OrganizationId pulumi.StringOutput `pulumi:"organizationId"`
}

Creates a GcpUserAccessBinding. If the client specifies a name, the server ignores it. Fails if a resource already exists with the same group_key. Completion of this long-running operation does not necessarily signify that the new binding is deployed onto all affected users, which may take more time.

func GetGcpUserAccessBinding added in v0.3.0 

func GetGcpUserAccessBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GcpUserAccessBindingState, opts ...pulumi.ResourceOption) (*GcpUserAccessBinding, error)

GetGcpUserAccessBinding gets an existing GcpUserAccessBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGcpUserAccessBinding added in v0.3.0 

func NewGcpUserAccessBinding(ctx *pulumi.Context,
	name string, args *GcpUserAccessBindingArgs, opts ...pulumi.ResourceOption) (*GcpUserAccessBinding, error)

NewGcpUserAccessBinding registers a new resource with the given unique name, arguments, and options.

func (*GcpUserAccessBinding) ElementType added in v0.3.0 

func (*GcpUserAccessBinding) ElementType() reflect.Type

func (*GcpUserAccessBinding) ToGcpUserAccessBindingOutput added in v0.3.0 

func (i *GcpUserAccessBinding) ToGcpUserAccessBindingOutput() GcpUserAccessBindingOutput

func (*GcpUserAccessBinding) ToGcpUserAccessBindingOutputWithContext added in v0.3.0 

func (i *GcpUserAccessBinding) ToGcpUserAccessBindingOutputWithContext(ctx context.Context) GcpUserAccessBindingOutput

type GcpUserAccessBindingArgs added in v0.3.0 

type GcpUserAccessBindingArgs struct {
	// Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
	AccessLevels pulumi.StringArrayInput
	// Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
	DryRunAccessLevels pulumi.StringArrayInput
	// Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the [G Suite Directory API's Groups resource] (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht"
	GroupKey pulumi.StringInput
	// Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by [RFC 3986 Section 2.3](https://tools.ietf.org/html/rfc3986#section-2.3)). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
	Name           pulumi.StringPtrInput
	OrganizationId pulumi.StringInput
}

The set of arguments for constructing a GcpUserAccessBinding resource.

func (GcpUserAccessBindingArgs) ElementType added in v0.3.0 

func (GcpUserAccessBindingArgs) ElementType() reflect.Type

type GcpUserAccessBindingInput added in v0.3.0 

type GcpUserAccessBindingInput interface {
	pulumi.Input

	ToGcpUserAccessBindingOutput() GcpUserAccessBindingOutput
	ToGcpUserAccessBindingOutputWithContext(ctx context.Context) GcpUserAccessBindingOutput
}

type GcpUserAccessBindingOutput added in v0.3.0 

type GcpUserAccessBindingOutput struct{ *pulumi.OutputState }

func (GcpUserAccessBindingOutput) AccessLevels added in v0.19.0 

func (o GcpUserAccessBindingOutput) AccessLevels() pulumi.StringArrayOutput

Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"

func (GcpUserAccessBindingOutput) DryRunAccessLevels added in v0.29.0 

func (o GcpUserAccessBindingOutput) DryRunAccessLevels() pulumi.StringArrayOutput

Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"

func (GcpUserAccessBindingOutput) ElementType added in v0.3.0 

func (GcpUserAccessBindingOutput) ElementType() reflect.Type

func (GcpUserAccessBindingOutput) GroupKey added in v0.19.0 

func (o GcpUserAccessBindingOutput) GroupKey() pulumi.StringOutput

Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the [G Suite Directory API's Groups resource] (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht"

func (GcpUserAccessBindingOutput) Name added in v0.19.0 

func (o GcpUserAccessBindingOutput) Name() pulumi.StringOutput

Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by [RFC 3986 Section 2.3](https://tools.ietf.org/html/rfc3986#section-2.3)). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"

func (GcpUserAccessBindingOutput) OrganizationId added in v0.21.0 

func (o GcpUserAccessBindingOutput) OrganizationId() pulumi.StringOutput

func (GcpUserAccessBindingOutput) ToGcpUserAccessBindingOutput added in v0.3.0 

func (o GcpUserAccessBindingOutput) ToGcpUserAccessBindingOutput() GcpUserAccessBindingOutput

func (GcpUserAccessBindingOutput) ToGcpUserAccessBindingOutputWithContext added in v0.3.0 

func (o GcpUserAccessBindingOutput) ToGcpUserAccessBindingOutputWithContext(ctx context.Context) GcpUserAccessBindingOutput

type GcpUserAccessBindingState added in v0.3.0 

type GcpUserAccessBindingState struct {
}

func (GcpUserAccessBindingState) ElementType added in v0.3.0 

func (GcpUserAccessBindingState) ElementType() reflect.Type

type IngressFrom 

type IngressFrom struct {
	// A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only.
	Identities []string `pulumi:"identities"`
	// Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.
	IdentityType *IngressFromIdentityType `pulumi:"identityType"`
	// Sources that this IngressPolicy authorizes access from.
	Sources []IngressSource `pulumi:"sources"`
}

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request. The request must satisfy what is defined in `sources` AND identity related fields in order to match.

type IngressFromArgs 

type IngressFromArgs struct {
	// A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only.
	Identities pulumi.StringArrayInput `pulumi:"identities"`
	// Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.
	IdentityType IngressFromIdentityTypePtrInput `pulumi:"identityType"`
	// Sources that this IngressPolicy authorizes access from.
	Sources IngressSourceArrayInput `pulumi:"sources"`
}

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request. The request must satisfy what is defined in `sources` AND identity related fields in order to match.

func (IngressFromArgs) ElementType 

func (IngressFromArgs) ElementType() reflect.Type

func (IngressFromArgs) ToIngressFromOutput 

func (i IngressFromArgs) ToIngressFromOutput() IngressFromOutput

func (IngressFromArgs) ToIngressFromOutputWithContext 

func (i IngressFromArgs) ToIngressFromOutputWithContext(ctx context.Context) IngressFromOutput

func (IngressFromArgs) ToIngressFromPtrOutput 

func (i IngressFromArgs) ToIngressFromPtrOutput() IngressFromPtrOutput

func (IngressFromArgs) ToIngressFromPtrOutputWithContext 

func (i IngressFromArgs) ToIngressFromPtrOutputWithContext(ctx context.Context) IngressFromPtrOutput

type IngressFromIdentityType added in v0.4.0 

type IngressFromIdentityType string

Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.

func (IngressFromIdentityType) ElementType added in v0.4.0 

func (IngressFromIdentityType) ElementType() reflect.Type

func (IngressFromIdentityType) ToIngressFromIdentityTypeOutput added in v0.6.0 

func (e IngressFromIdentityType) ToIngressFromIdentityTypeOutput() IngressFromIdentityTypeOutput

func (IngressFromIdentityType) ToIngressFromIdentityTypeOutputWithContext added in v0.6.0 

func (e IngressFromIdentityType) ToIngressFromIdentityTypeOutputWithContext(ctx context.Context) IngressFromIdentityTypeOutput

func (IngressFromIdentityType) ToIngressFromIdentityTypePtrOutput added in v0.6.0 

func (e IngressFromIdentityType) ToIngressFromIdentityTypePtrOutput() IngressFromIdentityTypePtrOutput

func (IngressFromIdentityType) ToIngressFromIdentityTypePtrOutputWithContext added in v0.6.0 

func (e IngressFromIdentityType) ToIngressFromIdentityTypePtrOutputWithContext(ctx context.Context) IngressFromIdentityTypePtrOutput

func (IngressFromIdentityType) ToStringOutput added in v0.4.0 

func (e IngressFromIdentityType) ToStringOutput() pulumi.StringOutput

func (IngressFromIdentityType) ToStringOutputWithContext added in v0.4.0 

func (e IngressFromIdentityType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (IngressFromIdentityType) ToStringPtrOutput added in v0.4.0 

func (e IngressFromIdentityType) ToStringPtrOutput() pulumi.StringPtrOutput

func (IngressFromIdentityType) ToStringPtrOutputWithContext added in v0.4.0 

func (e IngressFromIdentityType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type IngressFromIdentityTypeInput added in v0.6.0 

type IngressFromIdentityTypeInput interface {
	pulumi.Input

	ToIngressFromIdentityTypeOutput() IngressFromIdentityTypeOutput
	ToIngressFromIdentityTypeOutputWithContext(context.Context) IngressFromIdentityTypeOutput
}

IngressFromIdentityTypeInput is an input type that accepts IngressFromIdentityTypeArgs and IngressFromIdentityTypeOutput values. You can construct a concrete instance of `IngressFromIdentityTypeInput` via: 

IngressFromIdentityTypeArgs{...}

type IngressFromIdentityTypeOutput added in v0.6.0 

type IngressFromIdentityTypeOutput struct{ *pulumi.OutputState }

func (IngressFromIdentityTypeOutput) ElementType added in v0.6.0 

func (IngressFromIdentityTypeOutput) ElementType() reflect.Type

func (IngressFromIdentityTypeOutput) ToIngressFromIdentityTypeOutput added in v0.6.0 

func (o IngressFromIdentityTypeOutput) ToIngressFromIdentityTypeOutput() IngressFromIdentityTypeOutput

func (IngressFromIdentityTypeOutput) ToIngressFromIdentityTypeOutputWithContext added in v0.6.0 

func (o IngressFromIdentityTypeOutput) ToIngressFromIdentityTypeOutputWithContext(ctx context.Context) IngressFromIdentityTypeOutput

func (IngressFromIdentityTypeOutput) ToIngressFromIdentityTypePtrOutput added in v0.6.0 

func (o IngressFromIdentityTypeOutput) ToIngressFromIdentityTypePtrOutput() IngressFromIdentityTypePtrOutput

func (IngressFromIdentityTypeOutput) ToIngressFromIdentityTypePtrOutputWithContext added in v0.6.0 

func (o IngressFromIdentityTypeOutput) ToIngressFromIdentityTypePtrOutputWithContext(ctx context.Context) IngressFromIdentityTypePtrOutput

func (IngressFromIdentityTypeOutput) ToStringOutput added in v0.6.0 

func (o IngressFromIdentityTypeOutput) ToStringOutput() pulumi.StringOutput

func (IngressFromIdentityTypeOutput) ToStringOutputWithContext added in v0.6.0 

func (o IngressFromIdentityTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (IngressFromIdentityTypeOutput) ToStringPtrOutput added in v0.6.0 

func (o IngressFromIdentityTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (IngressFromIdentityTypeOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o IngressFromIdentityTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type IngressFromIdentityTypePtrInput added in v0.6.0 

type IngressFromIdentityTypePtrInput interface {
	pulumi.Input

	ToIngressFromIdentityTypePtrOutput() IngressFromIdentityTypePtrOutput
	ToIngressFromIdentityTypePtrOutputWithContext(context.Context) IngressFromIdentityTypePtrOutput
}

func IngressFromIdentityTypePtr added in v0.6.0 

func IngressFromIdentityTypePtr(v string) IngressFromIdentityTypePtrInput

type IngressFromIdentityTypePtrOutput added in v0.6.0 

type IngressFromIdentityTypePtrOutput struct{ *pulumi.OutputState }

func (IngressFromIdentityTypePtrOutput) Elem added in v0.6.0 

func (o IngressFromIdentityTypePtrOutput) Elem() IngressFromIdentityTypeOutput

func (IngressFromIdentityTypePtrOutput) ElementType added in v0.6.0 

func (IngressFromIdentityTypePtrOutput) ElementType() reflect.Type

func (IngressFromIdentityTypePtrOutput) ToIngressFromIdentityTypePtrOutput added in v0.6.0 

func (o IngressFromIdentityTypePtrOutput) ToIngressFromIdentityTypePtrOutput() IngressFromIdentityTypePtrOutput

func (IngressFromIdentityTypePtrOutput) ToIngressFromIdentityTypePtrOutputWithContext added in v0.6.0 

func (o IngressFromIdentityTypePtrOutput) ToIngressFromIdentityTypePtrOutputWithContext(ctx context.Context) IngressFromIdentityTypePtrOutput

func (IngressFromIdentityTypePtrOutput) ToStringPtrOutput added in v0.6.0 

func (o IngressFromIdentityTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (IngressFromIdentityTypePtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o IngressFromIdentityTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type IngressFromInput 

type IngressFromInput interface {
	pulumi.Input

	ToIngressFromOutput() IngressFromOutput
	ToIngressFromOutputWithContext(context.Context) IngressFromOutput
}

IngressFromInput is an input type that accepts IngressFromArgs and IngressFromOutput values. You can construct a concrete instance of `IngressFromInput` via: 

IngressFromArgs{...}

type IngressFromOutput 

type IngressFromOutput struct{ *pulumi.OutputState }

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request. The request must satisfy what is defined in `sources` AND identity related fields in order to match.

func (IngressFromOutput) ElementType 

func (IngressFromOutput) ElementType() reflect.Type

func (IngressFromOutput) Identities 

func (o IngressFromOutput) Identities() pulumi.StringArrayOutput

A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only.

func (IngressFromOutput) IdentityType 

func (o IngressFromOutput) IdentityType() IngressFromIdentityTypePtrOutput

Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.

func (IngressFromOutput) Sources 

func (o IngressFromOutput) Sources() IngressSourceArrayOutput

Sources that this IngressPolicy authorizes access from.

func (IngressFromOutput) ToIngressFromOutput 

func (o IngressFromOutput) ToIngressFromOutput() IngressFromOutput

func (IngressFromOutput) ToIngressFromOutputWithContext 

func (o IngressFromOutput) ToIngressFromOutputWithContext(ctx context.Context) IngressFromOutput

func (IngressFromOutput) ToIngressFromPtrOutput 

func (o IngressFromOutput) ToIngressFromPtrOutput() IngressFromPtrOutput

func (IngressFromOutput) ToIngressFromPtrOutputWithContext 

func (o IngressFromOutput) ToIngressFromPtrOutputWithContext(ctx context.Context) IngressFromPtrOutput

type IngressFromPtrInput 

type IngressFromPtrInput interface {
	pulumi.Input

	ToIngressFromPtrOutput() IngressFromPtrOutput
	ToIngressFromPtrOutputWithContext(context.Context) IngressFromPtrOutput
}

IngressFromPtrInput is an input type that accepts IngressFromArgs, IngressFromPtr and IngressFromPtrOutput values. You can construct a concrete instance of `IngressFromPtrInput` via: 

        IngressFromArgs{...}

or:

        nil

func IngressFromPtr 

func IngressFromPtr(v *IngressFromArgs) IngressFromPtrInput

type IngressFromPtrOutput 

type IngressFromPtrOutput struct{ *pulumi.OutputState }

func (IngressFromPtrOutput) Elem 

func (o IngressFromPtrOutput) Elem() IngressFromOutput

func (IngressFromPtrOutput) ElementType 

func (IngressFromPtrOutput) ElementType() reflect.Type

func (IngressFromPtrOutput) Identities 

func (o IngressFromPtrOutput) Identities() pulumi.StringArrayOutput

A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only.

func (IngressFromPtrOutput) IdentityType 

func (o IngressFromPtrOutput) IdentityType() IngressFromIdentityTypePtrOutput

Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.

func (IngressFromPtrOutput) Sources 

func (o IngressFromPtrOutput) Sources() IngressSourceArrayOutput

Sources that this IngressPolicy authorizes access from.

func (IngressFromPtrOutput) ToIngressFromPtrOutput 

func (o IngressFromPtrOutput) ToIngressFromPtrOutput() IngressFromPtrOutput

func (IngressFromPtrOutput) ToIngressFromPtrOutputWithContext 

func (o IngressFromPtrOutput) ToIngressFromPtrOutputWithContext(ctx context.Context) IngressFromPtrOutput

type IngressFromResponse 

type IngressFromResponse struct {
	// A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only.
	Identities []string `pulumi:"identities"`
	// Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.
	IdentityType string `pulumi:"identityType"`
	// Sources that this IngressPolicy authorizes access from.
	Sources []IngressSourceResponse `pulumi:"sources"`
}

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request. The request must satisfy what is defined in `sources` AND identity related fields in order to match.

type IngressFromResponseOutput 

type IngressFromResponseOutput struct{ *pulumi.OutputState }

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request. The request must satisfy what is defined in `sources` AND identity related fields in order to match.

func (IngressFromResponseOutput) ElementType 

func (IngressFromResponseOutput) ElementType() reflect.Type

func (IngressFromResponseOutput) Identities 

func (o IngressFromResponseOutput) Identities() pulumi.StringArrayOutput

A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only.

func (IngressFromResponseOutput) IdentityType 

func (o IngressFromResponseOutput) IdentityType() pulumi.StringOutput

Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.

func (IngressFromResponseOutput) Sources 

func (o IngressFromResponseOutput) Sources() IngressSourceResponseArrayOutput

Sources that this IngressPolicy authorizes access from.

func (IngressFromResponseOutput) ToIngressFromResponseOutput 

func (o IngressFromResponseOutput) ToIngressFromResponseOutput() IngressFromResponseOutput

func (IngressFromResponseOutput) ToIngressFromResponseOutputWithContext 

func (o IngressFromResponseOutput) ToIngressFromResponseOutputWithContext(ctx context.Context) IngressFromResponseOutput

type IngressPolicy 

type IngressPolicy struct {
	// Defines the conditions on the source of a request causing this IngressPolicy to apply.
	IngressFrom *IngressFrom `pulumi:"ingressFrom"`
	// Defines the conditions on the ApiOperation and request destination that cause this IngressPolicy to apply.
	IngressTo *IngressTo `pulumi:"ingressTo"`
}

Policy for ingress into ServicePerimeter. IngressPolicies match requests based on `ingress_from` and `ingress_to` stanzas. For an ingress policy to match, both the `ingress_from` and `ingress_to` stanzas must be matched. If an IngressPolicy matches a request, the request is allowed through the perimeter boundary from outside the perimeter. For example, access from the internet can be allowed either based on an AccessLevel or, for traffic hosted on Google Cloud, the project of the source network. For access from private networks, using the project of the hosting network is required. Individual ingress policies can be limited by restricting which services and/or actions they match using the `ingress_to` field.

type IngressPolicyArgs 

type IngressPolicyArgs struct {
	// Defines the conditions on the source of a request causing this IngressPolicy to apply.
	IngressFrom IngressFromPtrInput `pulumi:"ingressFrom"`
	// Defines the conditions on the ApiOperation and request destination that cause this IngressPolicy to apply.
	IngressTo IngressToPtrInput `pulumi:"ingressTo"`
}

Policy for ingress into ServicePerimeter. IngressPolicies match requests based on `ingress_from` and `ingress_to` stanzas. For an ingress policy to match, both the `ingress_from` and `ingress_to` stanzas must be matched. If an IngressPolicy matches a request, the request is allowed through the perimeter boundary from outside the perimeter. For example, access from the internet can be allowed either based on an AccessLevel or, for traffic hosted on Google Cloud, the project of the source network. For access from private networks, using the project of the hosting network is required. Individual ingress policies can be limited by restricting which services and/or actions they match using the `ingress_to` field.

func (IngressPolicyArgs) ElementType 

func (IngressPolicyArgs) ElementType() reflect.Type

func (IngressPolicyArgs) ToIngressPolicyOutput 

func (i IngressPolicyArgs) ToIngressPolicyOutput() IngressPolicyOutput

func (IngressPolicyArgs) ToIngressPolicyOutputWithContext 

func (i IngressPolicyArgs) ToIngressPolicyOutputWithContext(ctx context.Context) IngressPolicyOutput

type IngressPolicyArray 

type IngressPolicyArray []IngressPolicyInput

func (IngressPolicyArray) ElementType 

func (IngressPolicyArray) ElementType() reflect.Type

func (IngressPolicyArray) ToIngressPolicyArrayOutput 

func (i IngressPolicyArray) ToIngressPolicyArrayOutput() IngressPolicyArrayOutput

func (IngressPolicyArray) ToIngressPolicyArrayOutputWithContext 

func (i IngressPolicyArray) ToIngressPolicyArrayOutputWithContext(ctx context.Context) IngressPolicyArrayOutput

type IngressPolicyArrayInput 

type IngressPolicyArrayInput interface {
	pulumi.Input

	ToIngressPolicyArrayOutput() IngressPolicyArrayOutput
	ToIngressPolicyArrayOutputWithContext(context.Context) IngressPolicyArrayOutput
}

IngressPolicyArrayInput is an input type that accepts IngressPolicyArray and IngressPolicyArrayOutput values. You can construct a concrete instance of `IngressPolicyArrayInput` via: 

IngressPolicyArray{ IngressPolicyArgs{...} }

type IngressPolicyArrayOutput 

type IngressPolicyArrayOutput struct{ *pulumi.OutputState }

func (IngressPolicyArrayOutput) ElementType 

func (IngressPolicyArrayOutput) ElementType() reflect.Type

func (IngressPolicyArrayOutput) Index 

func (o IngressPolicyArrayOutput) Index(i pulumi.IntInput) IngressPolicyOutput

func (IngressPolicyArrayOutput) ToIngressPolicyArrayOutput 

func (o IngressPolicyArrayOutput) ToIngressPolicyArrayOutput() IngressPolicyArrayOutput

func (IngressPolicyArrayOutput) ToIngressPolicyArrayOutputWithContext 

func (o IngressPolicyArrayOutput) ToIngressPolicyArrayOutputWithContext(ctx context.Context) IngressPolicyArrayOutput

type IngressPolicyInput 

type IngressPolicyInput interface {
	pulumi.Input

	ToIngressPolicyOutput() IngressPolicyOutput
	ToIngressPolicyOutputWithContext(context.Context) IngressPolicyOutput
}

IngressPolicyInput is an input type that accepts IngressPolicyArgs and IngressPolicyOutput values. You can construct a concrete instance of `IngressPolicyInput` via: 

IngressPolicyArgs{...}

type IngressPolicyOutput 

type IngressPolicyOutput struct{ *pulumi.OutputState }

Policy for ingress into ServicePerimeter. IngressPolicies match requests based on `ingress_from` and `ingress_to` stanzas. For an ingress policy to match, both the `ingress_from` and `ingress_to` stanzas must be matched. If an IngressPolicy matches a request, the request is allowed through the perimeter boundary from outside the perimeter. For example, access from the internet can be allowed either based on an AccessLevel or, for traffic hosted on Google Cloud, the project of the source network. For access from private networks, using the project of the hosting network is required. Individual ingress policies can be limited by restricting which services and/or actions they match using the `ingress_to` field.

func (IngressPolicyOutput) ElementType 

func (IngressPolicyOutput) ElementType() reflect.Type

func (IngressPolicyOutput) IngressFrom 

func (o IngressPolicyOutput) IngressFrom() IngressFromPtrOutput

Defines the conditions on the source of a request causing this IngressPolicy to apply.

func (IngressPolicyOutput) IngressTo 

func (o IngressPolicyOutput) IngressTo() IngressToPtrOutput

Defines the conditions on the ApiOperation and request destination that cause this IngressPolicy to apply.

func (IngressPolicyOutput) ToIngressPolicyOutput 

func (o IngressPolicyOutput) ToIngressPolicyOutput() IngressPolicyOutput

func (IngressPolicyOutput) ToIngressPolicyOutputWithContext 

func (o IngressPolicyOutput) ToIngressPolicyOutputWithContext(ctx context.Context) IngressPolicyOutput

type IngressPolicyResponse 

type IngressPolicyResponse struct {
	// Defines the conditions on the source of a request causing this IngressPolicy to apply.
	IngressFrom IngressFromResponse `pulumi:"ingressFrom"`
	// Defines the conditions on the ApiOperation and request destination that cause this IngressPolicy to apply.
	IngressTo IngressToResponse `pulumi:"ingressTo"`
}

Policy for ingress into ServicePerimeter. IngressPolicies match requests based on `ingress_from` and `ingress_to` stanzas. For an ingress policy to match, both the `ingress_from` and `ingress_to` stanzas must be matched. If an IngressPolicy matches a request, the request is allowed through the perimeter boundary from outside the perimeter. For example, access from the internet can be allowed either based on an AccessLevel or, for traffic hosted on Google Cloud, the project of the source network. For access from private networks, using the project of the hosting network is required. Individual ingress policies can be limited by restricting which services and/or actions they match using the `ingress_to` field.

type IngressPolicyResponseArrayOutput 

type IngressPolicyResponseArrayOutput struct{ *pulumi.OutputState }

func (IngressPolicyResponseArrayOutput) ElementType 

func (IngressPolicyResponseArrayOutput) ElementType() reflect.Type

func (IngressPolicyResponseArrayOutput) Index 

func (o IngressPolicyResponseArrayOutput) Index(i pulumi.IntInput) IngressPolicyResponseOutput

func (IngressPolicyResponseArrayOutput) ToIngressPolicyResponseArrayOutput 

func (o IngressPolicyResponseArrayOutput) ToIngressPolicyResponseArrayOutput() IngressPolicyResponseArrayOutput

func (IngressPolicyResponseArrayOutput) ToIngressPolicyResponseArrayOutputWithContext 

func (o IngressPolicyResponseArrayOutput) ToIngressPolicyResponseArrayOutputWithContext(ctx context.Context) IngressPolicyResponseArrayOutput

type IngressPolicyResponseOutput 

type IngressPolicyResponseOutput struct{ *pulumi.OutputState }

Policy for ingress into ServicePerimeter. IngressPolicies match requests based on `ingress_from` and `ingress_to` stanzas. For an ingress policy to match, both the `ingress_from` and `ingress_to` stanzas must be matched. If an IngressPolicy matches a request, the request is allowed through the perimeter boundary from outside the perimeter. For example, access from the internet can be allowed either based on an AccessLevel or, for traffic hosted on Google Cloud, the project of the source network. For access from private networks, using the project of the hosting network is required. Individual ingress policies can be limited by restricting which services and/or actions they match using the `ingress_to` field.

func (IngressPolicyResponseOutput) ElementType 

func (IngressPolicyResponseOutput) ElementType() reflect.Type

func (IngressPolicyResponseOutput) IngressFrom 

func (o IngressPolicyResponseOutput) IngressFrom() IngressFromResponseOutput

Defines the conditions on the source of a request causing this IngressPolicy to apply.

func (IngressPolicyResponseOutput) IngressTo 

func (o IngressPolicyResponseOutput) IngressTo() IngressToResponseOutput

Defines the conditions on the ApiOperation and request destination that cause this IngressPolicy to apply.

func (IngressPolicyResponseOutput) ToIngressPolicyResponseOutput 

func (o IngressPolicyResponseOutput) ToIngressPolicyResponseOutput() IngressPolicyResponseOutput

func (IngressPolicyResponseOutput) ToIngressPolicyResponseOutputWithContext 

func (o IngressPolicyResponseOutput) ToIngressPolicyResponseOutputWithContext(ctx context.Context) IngressPolicyResponseOutput

type IngressSource 

type IngressSource struct {
	// An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all IngressSources will be allowed.
	AccessLevel *string `pulumi:"accessLevel"`
	// A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported.
	Resource *string `pulumi:"resource"`
}

The source that IngressPolicy authorizes access from.

type IngressSourceArgs 

type IngressSourceArgs struct {
	// An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all IngressSources will be allowed.
	AccessLevel pulumi.StringPtrInput `pulumi:"accessLevel"`
	// A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported.
	Resource pulumi.StringPtrInput `pulumi:"resource"`
}

The source that IngressPolicy authorizes access from.

func (IngressSourceArgs) ElementType 

func (IngressSourceArgs) ElementType() reflect.Type

func (IngressSourceArgs) ToIngressSourceOutput 

func (i IngressSourceArgs) ToIngressSourceOutput() IngressSourceOutput

func (IngressSourceArgs) ToIngressSourceOutputWithContext 

func (i IngressSourceArgs) ToIngressSourceOutputWithContext(ctx context.Context) IngressSourceOutput

type IngressSourceArray 

type IngressSourceArray []IngressSourceInput

func (IngressSourceArray) ElementType 

func (IngressSourceArray) ElementType() reflect.Type

func (IngressSourceArray) ToIngressSourceArrayOutput 

func (i IngressSourceArray) ToIngressSourceArrayOutput() IngressSourceArrayOutput

func (IngressSourceArray) ToIngressSourceArrayOutputWithContext 

func (i IngressSourceArray) ToIngressSourceArrayOutputWithContext(ctx context.Context) IngressSourceArrayOutput

type IngressSourceArrayInput 

type IngressSourceArrayInput interface {
	pulumi.Input

	ToIngressSourceArrayOutput() IngressSourceArrayOutput
	ToIngressSourceArrayOutputWithContext(context.Context) IngressSourceArrayOutput
}

IngressSourceArrayInput is an input type that accepts IngressSourceArray and IngressSourceArrayOutput values. You can construct a concrete instance of `IngressSourceArrayInput` via: 

IngressSourceArray{ IngressSourceArgs{...} }

type IngressSourceArrayOutput 

type IngressSourceArrayOutput struct{ *pulumi.OutputState }

func (IngressSourceArrayOutput) ElementType 

func (IngressSourceArrayOutput) ElementType() reflect.Type

func (IngressSourceArrayOutput) Index 

func (o IngressSourceArrayOutput) Index(i pulumi.IntInput) IngressSourceOutput

func (IngressSourceArrayOutput) ToIngressSourceArrayOutput 

func (o IngressSourceArrayOutput) ToIngressSourceArrayOutput() IngressSourceArrayOutput

func (IngressSourceArrayOutput) ToIngressSourceArrayOutputWithContext 

func (o IngressSourceArrayOutput) ToIngressSourceArrayOutputWithContext(ctx context.Context) IngressSourceArrayOutput

type IngressSourceInput 

type IngressSourceInput interface {
	pulumi.Input

	ToIngressSourceOutput() IngressSourceOutput
	ToIngressSourceOutputWithContext(context.Context) IngressSourceOutput
}

IngressSourceInput is an input type that accepts IngressSourceArgs and IngressSourceOutput values. You can construct a concrete instance of `IngressSourceInput` via: 

IngressSourceArgs{...}

type IngressSourceOutput 

type IngressSourceOutput struct{ *pulumi.OutputState }

The source that IngressPolicy authorizes access from.

func (IngressSourceOutput) AccessLevel 

func (o IngressSourceOutput) AccessLevel() pulumi.StringPtrOutput

An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all IngressSources will be allowed.

func (IngressSourceOutput) ElementType 

func (IngressSourceOutput) ElementType() reflect.Type

func (IngressSourceOutput) Resource 

func (o IngressSourceOutput) Resource() pulumi.StringPtrOutput

A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported.

func (IngressSourceOutput) ToIngressSourceOutput 

func (o IngressSourceOutput) ToIngressSourceOutput() IngressSourceOutput

func (IngressSourceOutput) ToIngressSourceOutputWithContext 

func (o IngressSourceOutput) ToIngressSourceOutputWithContext(ctx context.Context) IngressSourceOutput

type IngressSourceResponse 

type IngressSourceResponse struct {
	// An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all IngressSources will be allowed.
	AccessLevel string `pulumi:"accessLevel"`
	// A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported.
	Resource string `pulumi:"resource"`
}

The source that IngressPolicy authorizes access from.

type IngressSourceResponseArrayOutput 

type IngressSourceResponseArrayOutput struct{ *pulumi.OutputState }

func (IngressSourceResponseArrayOutput) ElementType 

func (IngressSourceResponseArrayOutput) ElementType() reflect.Type

func (IngressSourceResponseArrayOutput) Index 

func (o IngressSourceResponseArrayOutput) Index(i pulumi.IntInput) IngressSourceResponseOutput

func (IngressSourceResponseArrayOutput) ToIngressSourceResponseArrayOutput 

func (o IngressSourceResponseArrayOutput) ToIngressSourceResponseArrayOutput() IngressSourceResponseArrayOutput

func (IngressSourceResponseArrayOutput) ToIngressSourceResponseArrayOutputWithContext 

func (o IngressSourceResponseArrayOutput) ToIngressSourceResponseArrayOutputWithContext(ctx context.Context) IngressSourceResponseArrayOutput

type IngressSourceResponseOutput 

type IngressSourceResponseOutput struct{ *pulumi.OutputState }

The source that IngressPolicy authorizes access from.

func (IngressSourceResponseOutput) AccessLevel 

func (o IngressSourceResponseOutput) AccessLevel() pulumi.StringOutput

An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all IngressSources will be allowed.

func (IngressSourceResponseOutput) ElementType 

func (IngressSourceResponseOutput) ElementType() reflect.Type

func (IngressSourceResponseOutput) Resource 

func (o IngressSourceResponseOutput) Resource() pulumi.StringOutput

A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported.

func (IngressSourceResponseOutput) ToIngressSourceResponseOutput 

func (o IngressSourceResponseOutput) ToIngressSourceResponseOutput() IngressSourceResponseOutput

func (IngressSourceResponseOutput) ToIngressSourceResponseOutputWithContext 

func (o IngressSourceResponseOutput) ToIngressSourceResponseOutputWithContext(ctx context.Context) IngressSourceResponseOutput

type IngressTo 

type IngressTo struct {
	// A list of ApiOperations allowed to be performed by the sources specified in corresponding IngressFrom in this ServicePerimeter.
	Operations []ApiOperation `pulumi:"operations"`
	// A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. If a single `*` is specified, then access to all resources inside the perimeter are allowed.
	Resources []string `pulumi:"resources"`
}

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the target resource of the request. The request must satisfy what is defined in `operations` AND `resources` in order to match.

type IngressToArgs 

type IngressToArgs struct {
	// A list of ApiOperations allowed to be performed by the sources specified in corresponding IngressFrom in this ServicePerimeter.
	Operations ApiOperationArrayInput `pulumi:"operations"`
	// A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. If a single `*` is specified, then access to all resources inside the perimeter are allowed.
	Resources pulumi.StringArrayInput `pulumi:"resources"`
}

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the target resource of the request. The request must satisfy what is defined in `operations` AND `resources` in order to match.

func (IngressToArgs) ElementType 

func (IngressToArgs) ElementType() reflect.Type

func (IngressToArgs) ToIngressToOutput 

func (i IngressToArgs) ToIngressToOutput() IngressToOutput

func (IngressToArgs) ToIngressToOutputWithContext 

func (i IngressToArgs) ToIngressToOutputWithContext(ctx context.Context) IngressToOutput

func (IngressToArgs) ToIngressToPtrOutput 

func (i IngressToArgs) ToIngressToPtrOutput() IngressToPtrOutput

func (IngressToArgs) ToIngressToPtrOutputWithContext 

func (i IngressToArgs) ToIngressToPtrOutputWithContext(ctx context.Context) IngressToPtrOutput

type IngressToInput 

type IngressToInput interface {
	pulumi.Input

	ToIngressToOutput() IngressToOutput
	ToIngressToOutputWithContext(context.Context) IngressToOutput
}

IngressToInput is an input type that accepts IngressToArgs and IngressToOutput values. You can construct a concrete instance of `IngressToInput` via: 

IngressToArgs{...}

type IngressToOutput 

type IngressToOutput struct{ *pulumi.OutputState }

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the target resource of the request. The request must satisfy what is defined in `operations` AND `resources` in order to match.

func (IngressToOutput) ElementType 

func (IngressToOutput) ElementType() reflect.Type

func (IngressToOutput) Operations 

func (o IngressToOutput) Operations() ApiOperationArrayOutput

A list of ApiOperations allowed to be performed by the sources specified in corresponding IngressFrom in this ServicePerimeter.

func (IngressToOutput) Resources 

func (o IngressToOutput) Resources() pulumi.StringArrayOutput

A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. If a single `*` is specified, then access to all resources inside the perimeter are allowed.

func (IngressToOutput) ToIngressToOutput 

func (o IngressToOutput) ToIngressToOutput() IngressToOutput

func (IngressToOutput) ToIngressToOutputWithContext 

func (o IngressToOutput) ToIngressToOutputWithContext(ctx context.Context) IngressToOutput

func (IngressToOutput) ToIngressToPtrOutput 

func (o IngressToOutput) ToIngressToPtrOutput() IngressToPtrOutput

func (IngressToOutput) ToIngressToPtrOutputWithContext 

func (o IngressToOutput) ToIngressToPtrOutputWithContext(ctx context.Context) IngressToPtrOutput

type IngressToPtrInput 

type IngressToPtrInput interface {
	pulumi.Input

	ToIngressToPtrOutput() IngressToPtrOutput
	ToIngressToPtrOutputWithContext(context.Context) IngressToPtrOutput
}

IngressToPtrInput is an input type that accepts IngressToArgs, IngressToPtr and IngressToPtrOutput values. You can construct a concrete instance of `IngressToPtrInput` via: 

        IngressToArgs{...}

or:

        nil

func IngressToPtr 

func IngressToPtr(v *IngressToArgs) IngressToPtrInput

type IngressToPtrOutput 

type IngressToPtrOutput struct{ *pulumi.OutputState }

func (IngressToPtrOutput) Elem 

func (o IngressToPtrOutput) Elem() IngressToOutput

func (IngressToPtrOutput) ElementType 

func (IngressToPtrOutput) ElementType() reflect.Type

func (IngressToPtrOutput) Operations 

func (o IngressToPtrOutput) Operations() ApiOperationArrayOutput

A list of ApiOperations allowed to be performed by the sources specified in corresponding IngressFrom in this ServicePerimeter.

func (IngressToPtrOutput) Resources 

func (o IngressToPtrOutput) Resources() pulumi.StringArrayOutput

A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. If a single `*` is specified, then access to all resources inside the perimeter are allowed.

func (IngressToPtrOutput) ToIngressToPtrOutput 

func (o IngressToPtrOutput) ToIngressToPtrOutput() IngressToPtrOutput

func (IngressToPtrOutput) ToIngressToPtrOutputWithContext 

func (o IngressToPtrOutput) ToIngressToPtrOutputWithContext(ctx context.Context) IngressToPtrOutput

type IngressToResponse 

type IngressToResponse struct {
	// A list of ApiOperations allowed to be performed by the sources specified in corresponding IngressFrom in this ServicePerimeter.
	Operations []ApiOperationResponse `pulumi:"operations"`
	// A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. If a single `*` is specified, then access to all resources inside the perimeter are allowed.
	Resources []string `pulumi:"resources"`
}

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the target resource of the request. The request must satisfy what is defined in `operations` AND `resources` in order to match.

type IngressToResponseOutput 

type IngressToResponseOutput struct{ *pulumi.OutputState }

Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the target resource of the request. The request must satisfy what is defined in `operations` AND `resources` in order to match.

func (IngressToResponseOutput) ElementType 

func (IngressToResponseOutput) ElementType() reflect.Type

func (IngressToResponseOutput) Operations 

func (o IngressToResponseOutput) Operations() ApiOperationResponseArrayOutput

A list of ApiOperations allowed to be performed by the sources specified in corresponding IngressFrom in this ServicePerimeter.

func (IngressToResponseOutput) Resources 

func (o IngressToResponseOutput) Resources() pulumi.StringArrayOutput

A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. If a single `*` is specified, then access to all resources inside the perimeter are allowed.

func (IngressToResponseOutput) ToIngressToResponseOutput 

func (o IngressToResponseOutput) ToIngressToResponseOutput() IngressToResponseOutput

func (IngressToResponseOutput) ToIngressToResponseOutputWithContext 

func (o IngressToResponseOutput) ToIngressToResponseOutputWithContext(ctx context.Context) IngressToResponseOutput

type LookupAccessLevelArgs added in v0.4.0 

type LookupAccessLevelArgs struct {
	AccessLevelFormat *string `pulumi:"accessLevelFormat"`
	AccessLevelId     string  `pulumi:"accessLevelId"`
	AccessPolicyId    string  `pulumi:"accessPolicyId"`
}

type LookupAccessLevelOutputArgs added in v0.8.0 

type LookupAccessLevelOutputArgs struct {
	AccessLevelFormat pulumi.StringPtrInput `pulumi:"accessLevelFormat"`
	AccessLevelId     pulumi.StringInput    `pulumi:"accessLevelId"`
	AccessPolicyId    pulumi.StringInput    `pulumi:"accessPolicyId"`
}

func (LookupAccessLevelOutputArgs) ElementType added in v0.8.0 

func (LookupAccessLevelOutputArgs) ElementType() reflect.Type

type LookupAccessLevelResult added in v0.4.0 

type LookupAccessLevelResult struct {
	// A `BasicLevel` composed of `Conditions`.
	Basic BasicLevelResponse `pulumi:"basic"`
	// A `CustomLevel` written in the Common Expression Language.
	Custom CustomLevelResponse `pulumi:"custom"`
	// Description of the `AccessLevel` and its use. Does not affect behavior.
	Description string `pulumi:"description"`
	// Resource name for the `AccessLevel`. Format: `accessPolicies/{access_policy}/accessLevels/{access_level}`. The `access_level` component must begin with a letter, followed by alphanumeric characters or `_`. Its maximum length is 50 characters. After you create an `AccessLevel`, you cannot change its `name`.
	Name string `pulumi:"name"`
	// Human readable title. Must be unique within the Policy.
	Title string `pulumi:"title"`
}

func LookupAccessLevel added in v0.4.0 

func LookupAccessLevel(ctx *pulumi.Context, args *LookupAccessLevelArgs, opts ...pulumi.InvokeOption) (*LookupAccessLevelResult, error)

Gets an access level based on the resource name.

type LookupAccessLevelResultOutput added in v0.8.0 

type LookupAccessLevelResultOutput struct{ *pulumi.OutputState }

func LookupAccessLevelOutput added in v0.8.0 

func LookupAccessLevelOutput(ctx *pulumi.Context, args LookupAccessLevelOutputArgs, opts ...pulumi.InvokeOption) LookupAccessLevelResultOutput

func (LookupAccessLevelResultOutput) Basic added in v0.8.0 

func (o LookupAccessLevelResultOutput) Basic() BasicLevelResponseOutput

A `BasicLevel` composed of `Conditions`.

func (LookupAccessLevelResultOutput) Custom added in v0.8.0 

func (o LookupAccessLevelResultOutput) Custom() CustomLevelResponseOutput

A `CustomLevel` written in the Common Expression Language.

func (LookupAccessLevelResultOutput) Description added in v0.8.0 

func (o LookupAccessLevelResultOutput) Description() pulumi.StringOutput

Description of the `AccessLevel` and its use. Does not affect behavior.

func (LookupAccessLevelResultOutput) ElementType added in v0.8.0 

func (LookupAccessLevelResultOutput) ElementType() reflect.Type

func (LookupAccessLevelResultOutput) Name added in v0.8.0 

func (o LookupAccessLevelResultOutput) Name() pulumi.StringOutput

Resource name for the `AccessLevel`. Format: `accessPolicies/{access_policy}/accessLevels/{access_level}`. The `access_level` component must begin with a letter, followed by alphanumeric characters or `_`. Its maximum length is 50 characters. After you create an `AccessLevel`, you cannot change its `name`.

func (LookupAccessLevelResultOutput) Title added in v0.8.0 

func (o LookupAccessLevelResultOutput) Title() pulumi.StringOutput

Human readable title. Must be unique within the Policy.

func (LookupAccessLevelResultOutput) ToLookupAccessLevelResultOutput added in v0.8.0 

func (o LookupAccessLevelResultOutput) ToLookupAccessLevelResultOutput() LookupAccessLevelResultOutput

func (LookupAccessLevelResultOutput) ToLookupAccessLevelResultOutputWithContext added in v0.8.0 

func (o LookupAccessLevelResultOutput) ToLookupAccessLevelResultOutputWithContext(ctx context.Context) LookupAccessLevelResultOutput

type LookupAccessPolicyArgs added in v0.4.0 

type LookupAccessPolicyArgs struct {
	AccessPolicyId string `pulumi:"accessPolicyId"`
}

type LookupAccessPolicyIamPolicyArgs added in v0.11.0 

type LookupAccessPolicyIamPolicyArgs struct {
	AccessPolicyId string `pulumi:"accessPolicyId"`
}

type LookupAccessPolicyIamPolicyOutputArgs added in v0.11.0 

type LookupAccessPolicyIamPolicyOutputArgs struct {
	AccessPolicyId pulumi.StringInput `pulumi:"accessPolicyId"`
}

func (LookupAccessPolicyIamPolicyOutputArgs) ElementType added in v0.11.0 

func (LookupAccessPolicyIamPolicyOutputArgs) ElementType() reflect.Type

type LookupAccessPolicyIamPolicyResult added in v0.11.0 

type LookupAccessPolicyIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupAccessPolicyIamPolicy added in v0.11.0 

func LookupAccessPolicyIamPolicy(ctx *pulumi.Context, args *LookupAccessPolicyIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupAccessPolicyIamPolicyResult, error)

Gets the IAM policy for the specified Access Context Manager access policy.

type LookupAccessPolicyIamPolicyResultOutput added in v0.11.0 

type LookupAccessPolicyIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupAccessPolicyIamPolicyOutput added in v0.11.0 

func LookupAccessPolicyIamPolicyOutput(ctx *pulumi.Context, args LookupAccessPolicyIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupAccessPolicyIamPolicyResultOutput

func (LookupAccessPolicyIamPolicyResultOutput) AuditConfigs added in v0.11.0 

func (o LookupAccessPolicyIamPolicyResultOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupAccessPolicyIamPolicyResultOutput) Bindings added in v0.11.0 

func (o LookupAccessPolicyIamPolicyResultOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupAccessPolicyIamPolicyResultOutput) ElementType added in v0.11.0 

func (LookupAccessPolicyIamPolicyResultOutput) ElementType() reflect.Type

func (LookupAccessPolicyIamPolicyResultOutput) Etag added in v0.11.0 

func (o LookupAccessPolicyIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupAccessPolicyIamPolicyResultOutput) ToLookupAccessPolicyIamPolicyResultOutput added in v0.11.0 

func (o LookupAccessPolicyIamPolicyResultOutput) ToLookupAccessPolicyIamPolicyResultOutput() LookupAccessPolicyIamPolicyResultOutput

func (LookupAccessPolicyIamPolicyResultOutput) ToLookupAccessPolicyIamPolicyResultOutputWithContext added in v0.11.0 

func (o LookupAccessPolicyIamPolicyResultOutput) ToLookupAccessPolicyIamPolicyResultOutputWithContext(ctx context.Context) LookupAccessPolicyIamPolicyResultOutput

func (LookupAccessPolicyIamPolicyResultOutput) Version added in v0.11.0 

func (o LookupAccessPolicyIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupAccessPolicyOutputArgs added in v0.8.0 

type LookupAccessPolicyOutputArgs struct {
	AccessPolicyId pulumi.StringInput `pulumi:"accessPolicyId"`
}

func (LookupAccessPolicyOutputArgs) ElementType added in v0.8.0 

func (LookupAccessPolicyOutputArgs) ElementType() reflect.Type

type LookupAccessPolicyResult added in v0.4.0 

type LookupAccessPolicyResult struct {
	// An opaque identifier for the current version of the `AccessPolicy`. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.
	Etag string `pulumi:"etag"`
	// Resource name of the `AccessPolicy`. Format: `accessPolicies/{access_policy}`
	Name string `pulumi:"name"`
	// The parent of this `AccessPolicy` in the Cloud Resource Hierarchy. Currently immutable once created. Format: `organizations/{organization_id}`
	Parent string `pulumi:"parent"`
	// The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with `scopes=["folders/123"]` has the following behavior: - ServicePerimeter can only restrict projects within `folders/123`. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes `folders/123` will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of `folders/{folder_number}` or `projects/{project_number}`
	Scopes []string `pulumi:"scopes"`
	// Human readable title. Does not affect behavior.
	Title string `pulumi:"title"`
}

func LookupAccessPolicy added in v0.4.0 

func LookupAccessPolicy(ctx *pulumi.Context, args *LookupAccessPolicyArgs, opts ...pulumi.InvokeOption) (*LookupAccessPolicyResult, error)

Returns an access policy based on the name.

type LookupAccessPolicyResultOutput added in v0.8.0 

type LookupAccessPolicyResultOutput struct{ *pulumi.OutputState }

func LookupAccessPolicyOutput added in v0.8.0 

func LookupAccessPolicyOutput(ctx *pulumi.Context, args LookupAccessPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupAccessPolicyResultOutput

func (LookupAccessPolicyResultOutput) ElementType added in v0.8.0 

func (LookupAccessPolicyResultOutput) ElementType() reflect.Type

func (LookupAccessPolicyResultOutput) Etag added in v0.8.0 

func (o LookupAccessPolicyResultOutput) Etag() pulumi.StringOutput

An opaque identifier for the current version of the `AccessPolicy`. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.

func (LookupAccessPolicyResultOutput) Name added in v0.8.0 

func (o LookupAccessPolicyResultOutput) Name() pulumi.StringOutput

Resource name of the `AccessPolicy`. Format: `accessPolicies/{access_policy}`

func (LookupAccessPolicyResultOutput) Parent added in v0.8.0 

func (o LookupAccessPolicyResultOutput) Parent() pulumi.StringOutput

The parent of this `AccessPolicy` in the Cloud Resource Hierarchy. Currently immutable once created. Format: `organizations/{organization_id}`

func (LookupAccessPolicyResultOutput) Scopes added in v0.11.0 

func (o LookupAccessPolicyResultOutput) Scopes() pulumi.StringArrayOutput

The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with `scopes=["folders/123"]` has the following behavior: - ServicePerimeter can only restrict projects within `folders/123`. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes `folders/123` will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of `folders/{folder_number}` or `projects/{project_number}`

func (LookupAccessPolicyResultOutput) Title added in v0.8.0 

func (o LookupAccessPolicyResultOutput) Title() pulumi.StringOutput

Human readable title. Does not affect behavior.

func (LookupAccessPolicyResultOutput) ToLookupAccessPolicyResultOutput added in v0.8.0 

func (o LookupAccessPolicyResultOutput) ToLookupAccessPolicyResultOutput() LookupAccessPolicyResultOutput

func (LookupAccessPolicyResultOutput) ToLookupAccessPolicyResultOutputWithContext added in v0.8.0 

func (o LookupAccessPolicyResultOutput) ToLookupAccessPolicyResultOutputWithContext(ctx context.Context) LookupAccessPolicyResultOutput

type LookupAuthorizedOrgsDescArgs added in v0.28.0 

type LookupAuthorizedOrgsDescArgs struct {
	AccessPolicyId       string `pulumi:"accessPolicyId"`
	AuthorizedOrgsDescId string `pulumi:"authorizedOrgsDescId"`
}

type LookupAuthorizedOrgsDescOutputArgs added in v0.28.0 

type LookupAuthorizedOrgsDescOutputArgs struct {
	AccessPolicyId       pulumi.StringInput `pulumi:"accessPolicyId"`
	AuthorizedOrgsDescId pulumi.StringInput `pulumi:"authorizedOrgsDescId"`
}

func (LookupAuthorizedOrgsDescOutputArgs) ElementType added in v0.28.0 

func (LookupAuthorizedOrgsDescOutputArgs) ElementType() reflect.Type

type LookupAuthorizedOrgsDescResult added in v0.28.0 

type LookupAuthorizedOrgsDescResult struct {
	// The asset type of this authorized orgs desc. Valid values are `ASSET_TYPE_DEVICE`, and `ASSET_TYPE_CREDENTIAL_STRENGTH`.
	AssetType string `pulumi:"assetType"`
	// The direction of the authorization relationship between this organization and the organizations listed in the `orgs` field. The valid values for this field include the following: `AUTHORIZATION_DIRECTION_FROM`: Allows this organization to evaluate traffic in the organizations listed in the `orgs` field. `AUTHORIZATION_DIRECTION_TO`: Allows the organizations listed in the `orgs` field to evaluate the traffic in this organization. For the authorization relationship to take effect, all of the organizations must authorize and specify the appropriate relationship direction. For example, if organization A authorized organization B and C to evaluate its traffic, by specifying `AUTHORIZATION_DIRECTION_TO` as the authorization direction, organizations B and C must specify `AUTHORIZATION_DIRECTION_FROM` as the authorization direction in their `AuthorizedOrgsDesc` resource.
	AuthorizationDirection string `pulumi:"authorizationDirection"`
	// A granular control type for authorization levels. Valid value is `AUTHORIZATION_TYPE_TRUST`.
	AuthorizationType string `pulumi:"authorizationType"`
	// Resource name for the `AuthorizedOrgsDesc`. Format: `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`. The `authorized_orgs_desc` component must begin with a letter, followed by alphanumeric characters or `_`. After you create an `AuthorizedOrgsDesc`, you cannot change its `name`.
	Name string `pulumi:"name"`
	// The list of organization ids in this AuthorizedOrgsDesc. Format: `organizations/` Example: `organizations/123456`
	Orgs []string `pulumi:"orgs"`
}

func LookupAuthorizedOrgsDesc added in v0.28.0 

func LookupAuthorizedOrgsDesc(ctx *pulumi.Context, args *LookupAuthorizedOrgsDescArgs, opts ...pulumi.InvokeOption) (*LookupAuthorizedOrgsDescResult, error)

Gets an authorized orgs desc based on the resource name.

type LookupAuthorizedOrgsDescResultOutput added in v0.28.0 

type LookupAuthorizedOrgsDescResultOutput struct{ *pulumi.OutputState }

func LookupAuthorizedOrgsDescOutput added in v0.28.0 

func LookupAuthorizedOrgsDescOutput(ctx *pulumi.Context, args LookupAuthorizedOrgsDescOutputArgs, opts ...pulumi.InvokeOption) LookupAuthorizedOrgsDescResultOutput

func (LookupAuthorizedOrgsDescResultOutput) AssetType added in v0.28.0 

func (o LookupAuthorizedOrgsDescResultOutput) AssetType() pulumi.StringOutput

The asset type of this authorized orgs desc. Valid values are `ASSET_TYPE_DEVICE`, and `ASSET_TYPE_CREDENTIAL_STRENGTH`.

func (LookupAuthorizedOrgsDescResultOutput) AuthorizationDirection added in v0.28.0 

func (o LookupAuthorizedOrgsDescResultOutput) AuthorizationDirection() pulumi.StringOutput

The direction of the authorization relationship between this organization and the organizations listed in the `orgs` field. The valid values for this field include the following: `AUTHORIZATION_DIRECTION_FROM`: Allows this organization to evaluate traffic in the organizations listed in the `orgs` field. `AUTHORIZATION_DIRECTION_TO`: Allows the organizations listed in the `orgs` field to evaluate the traffic in this organization. For the authorization relationship to take effect, all of the organizations must authorize and specify the appropriate relationship direction. For example, if organization A authorized organization B and C to evaluate its traffic, by specifying `AUTHORIZATION_DIRECTION_TO` as the authorization direction, organizations B and C must specify `AUTHORIZATION_DIRECTION_FROM` as the authorization direction in their `AuthorizedOrgsDesc` resource.

func (LookupAuthorizedOrgsDescResultOutput) AuthorizationType added in v0.28.0 

func (o LookupAuthorizedOrgsDescResultOutput) AuthorizationType() pulumi.StringOutput

A granular control type for authorization levels. Valid value is `AUTHORIZATION_TYPE_TRUST`.

func (LookupAuthorizedOrgsDescResultOutput) ElementType added in v0.28.0 

func (LookupAuthorizedOrgsDescResultOutput) ElementType() reflect.Type

func (LookupAuthorizedOrgsDescResultOutput) Name added in v0.28.0 

func (o LookupAuthorizedOrgsDescResultOutput) Name() pulumi.StringOutput

Resource name for the `AuthorizedOrgsDesc`. Format: `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`. The `authorized_orgs_desc` component must begin with a letter, followed by alphanumeric characters or `_`. After you create an `AuthorizedOrgsDesc`, you cannot change its `name`.

func (LookupAuthorizedOrgsDescResultOutput) Orgs added in v0.28.0 

func (o LookupAuthorizedOrgsDescResultOutput) Orgs() pulumi.StringArrayOutput

The list of organization ids in this AuthorizedOrgsDesc. Format: `organizations/` Example: `organizations/123456`

func (LookupAuthorizedOrgsDescResultOutput) ToLookupAuthorizedOrgsDescResultOutput added in v0.28.0 

func (o LookupAuthorizedOrgsDescResultOutput) ToLookupAuthorizedOrgsDescResultOutput() LookupAuthorizedOrgsDescResultOutput

func (LookupAuthorizedOrgsDescResultOutput) ToLookupAuthorizedOrgsDescResultOutputWithContext added in v0.28.0 

func (o LookupAuthorizedOrgsDescResultOutput) ToLookupAuthorizedOrgsDescResultOutputWithContext(ctx context.Context) LookupAuthorizedOrgsDescResultOutput

type LookupGcpUserAccessBindingArgs added in v0.4.0 

type LookupGcpUserAccessBindingArgs struct {
	GcpUserAccessBindingId string `pulumi:"gcpUserAccessBindingId"`
	OrganizationId         string `pulumi:"organizationId"`
}

type LookupGcpUserAccessBindingOutputArgs added in v0.8.0 

type LookupGcpUserAccessBindingOutputArgs struct {
	GcpUserAccessBindingId pulumi.StringInput `pulumi:"gcpUserAccessBindingId"`
	OrganizationId         pulumi.StringInput `pulumi:"organizationId"`
}

func (LookupGcpUserAccessBindingOutputArgs) ElementType added in v0.8.0 

func (LookupGcpUserAccessBindingOutputArgs) ElementType() reflect.Type

type LookupGcpUserAccessBindingResult added in v0.4.0 

type LookupGcpUserAccessBindingResult struct {
	// Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
	AccessLevels []string `pulumi:"accessLevels"`
	// Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
	DryRunAccessLevels []string `pulumi:"dryRunAccessLevels"`
	// Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the [G Suite Directory API's Groups resource] (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht"
	GroupKey string `pulumi:"groupKey"`
	// Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by [RFC 3986 Section 2.3](https://tools.ietf.org/html/rfc3986#section-2.3)). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
	Name string `pulumi:"name"`
}

func LookupGcpUserAccessBinding added in v0.4.0 

func LookupGcpUserAccessBinding(ctx *pulumi.Context, args *LookupGcpUserAccessBindingArgs, opts ...pulumi.InvokeOption) (*LookupGcpUserAccessBindingResult, error)

Gets the GcpUserAccessBinding with the given name.

type LookupGcpUserAccessBindingResultOutput added in v0.8.0 

type LookupGcpUserAccessBindingResultOutput struct{ *pulumi.OutputState }

func LookupGcpUserAccessBindingOutput added in v0.8.0 

func LookupGcpUserAccessBindingOutput(ctx *pulumi.Context, args LookupGcpUserAccessBindingOutputArgs, opts ...pulumi.InvokeOption) LookupGcpUserAccessBindingResultOutput

func (LookupGcpUserAccessBindingResultOutput) AccessLevels added in v0.8.0 

func (o LookupGcpUserAccessBindingResultOutput) AccessLevels() pulumi.StringArrayOutput

Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"

func (LookupGcpUserAccessBindingResultOutput) DryRunAccessLevels added in v0.29.0 

func (o LookupGcpUserAccessBindingResultOutput) DryRunAccessLevels() pulumi.StringArrayOutput

Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"

func (LookupGcpUserAccessBindingResultOutput) ElementType added in v0.8.0 

func (LookupGcpUserAccessBindingResultOutput) ElementType() reflect.Type

func (LookupGcpUserAccessBindingResultOutput) GroupKey added in v0.8.0 

func (o LookupGcpUserAccessBindingResultOutput) GroupKey() pulumi.StringOutput

Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the [G Suite Directory API's Groups resource] (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht"

func (LookupGcpUserAccessBindingResultOutput) Name added in v0.8.0 

func (o LookupGcpUserAccessBindingResultOutput) Name() pulumi.StringOutput

Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by [RFC 3986 Section 2.3](https://tools.ietf.org/html/rfc3986#section-2.3)). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"

func (LookupGcpUserAccessBindingResultOutput) ToLookupGcpUserAccessBindingResultOutput added in v0.8.0 

func (o LookupGcpUserAccessBindingResultOutput) ToLookupGcpUserAccessBindingResultOutput() LookupGcpUserAccessBindingResultOutput

func (LookupGcpUserAccessBindingResultOutput) ToLookupGcpUserAccessBindingResultOutputWithContext added in v0.8.0 

func (o LookupGcpUserAccessBindingResultOutput) ToLookupGcpUserAccessBindingResultOutputWithContext(ctx context.Context) LookupGcpUserAccessBindingResultOutput

type LookupServicePerimeterArgs added in v0.4.0 

type LookupServicePerimeterArgs struct {
	AccessPolicyId     string `pulumi:"accessPolicyId"`
	ServicePerimeterId string `pulumi:"servicePerimeterId"`
}

type LookupServicePerimeterOutputArgs added in v0.8.0 

type LookupServicePerimeterOutputArgs struct {
	AccessPolicyId     pulumi.StringInput `pulumi:"accessPolicyId"`
	ServicePerimeterId pulumi.StringInput `pulumi:"servicePerimeterId"`
}

func (LookupServicePerimeterOutputArgs) ElementType added in v0.8.0 

func (LookupServicePerimeterOutputArgs) ElementType() reflect.Type

type LookupServicePerimeterResult added in v0.4.0 

type LookupServicePerimeterResult struct {
	// Description of the `ServicePerimeter` and its use. Does not affect behavior.
	Description string `pulumi:"description"`
	// Resource name for the `ServicePerimeter`. Format: `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. The `service_perimeter` component must begin with a letter, followed by alphanumeric characters or `_`. After you create a `ServicePerimeter`, you cannot change its `name`.
	Name string `pulumi:"name"`
	// Perimeter type indicator. A single project or VPC network is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, the restricted service list as well as access level lists must be empty.
	PerimeterType string `pulumi:"perimeterType"`
	// Proposed (or dry run) ServicePerimeter configuration. This configuration allows to specify and test ServicePerimeter configuration without enforcing actual access restrictions. Only allowed to be set when the "use_explicit_dry_run_spec" flag is set.
	Spec ServicePerimeterConfigResponse `pulumi:"spec"`
	// Current ServicePerimeter configuration. Specifies sets of resources, restricted services and access levels that determine perimeter content and boundaries.
	Status ServicePerimeterConfigResponse `pulumi:"status"`
	// Human readable title. Must be unique within the Policy.
	Title string `pulumi:"title"`
	// Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists for all Service Perimeters, and that spec is identical to the status for those Service Perimeters. When this flag is set, it inhibits the generation of the implicit spec, thereby allowing the user to explicitly provide a configuration ("spec") to use in a dry-run version of the Service Perimeter. This allows the user to test changes to the enforced config ("status") without actually enforcing them. This testing is done through analyzing the differences between currently enforced and suggested restrictions. use_explicit_dry_run_spec must bet set to True if any of the fields in the spec are set to non-default values.
	UseExplicitDryRunSpec bool `pulumi:"useExplicitDryRunSpec"`
}

func LookupServicePerimeter added in v0.4.0 

func LookupServicePerimeter(ctx *pulumi.Context, args *LookupServicePerimeterArgs, opts ...pulumi.InvokeOption) (*LookupServicePerimeterResult, error)

Gets a service perimeter based on the resource name.

type LookupServicePerimeterResultOutput added in v0.8.0 

type LookupServicePerimeterResultOutput struct{ *pulumi.OutputState }

func LookupServicePerimeterOutput added in v0.8.0 

func LookupServicePerimeterOutput(ctx *pulumi.Context, args LookupServicePerimeterOutputArgs, opts ...pulumi.InvokeOption) LookupServicePerimeterResultOutput

func (LookupServicePerimeterResultOutput) Description added in v0.8.0 

func (o LookupServicePerimeterResultOutput) Description() pulumi.StringOutput

Description of the `ServicePerimeter` and its use. Does not affect behavior.

func (LookupServicePerimeterResultOutput) ElementType added in v0.8.0 

func (LookupServicePerimeterResultOutput) ElementType() reflect.Type

func (LookupServicePerimeterResultOutput) Name added in v0.8.0 

func (o LookupServicePerimeterResultOutput) Name() pulumi.StringOutput

Resource name for the `ServicePerimeter`. Format: `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. The `service_perimeter` component must begin with a letter, followed by alphanumeric characters or `_`. After you create a `ServicePerimeter`, you cannot change its `name`.

func (LookupServicePerimeterResultOutput) PerimeterType added in v0.8.0 

func (o LookupServicePerimeterResultOutput) PerimeterType() pulumi.StringOutput

Perimeter type indicator. A single project or VPC network is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, the restricted service list as well as access level lists must be empty.

func (LookupServicePerimeterResultOutput) Spec added in v0.8.0 

func (o LookupServicePerimeterResultOutput) Spec() ServicePerimeterConfigResponseOutput

Proposed (or dry run) ServicePerimeter configuration. This configuration allows to specify and test ServicePerimeter configuration without enforcing actual access restrictions. Only allowed to be set when the "use_explicit_dry_run_spec" flag is set.

func (LookupServicePerimeterResultOutput) Status added in v0.8.0 

func (o LookupServicePerimeterResultOutput) Status() ServicePerimeterConfigResponseOutput

Current ServicePerimeter configuration. Specifies sets of resources, restricted services and access levels that determine perimeter content and boundaries.

func (LookupServicePerimeterResultOutput) Title added in v0.8.0 

func (o LookupServicePerimeterResultOutput) Title() pulumi.StringOutput

Human readable title. Must be unique within the Policy.

func (LookupServicePerimeterResultOutput) ToLookupServicePerimeterResultOutput added in v0.8.0 

func (o LookupServicePerimeterResultOutput) ToLookupServicePerimeterResultOutput() LookupServicePerimeterResultOutput

func (LookupServicePerimeterResultOutput) ToLookupServicePerimeterResultOutputWithContext added in v0.8.0 

func (o LookupServicePerimeterResultOutput) ToLookupServicePerimeterResultOutputWithContext(ctx context.Context) LookupServicePerimeterResultOutput

func (LookupServicePerimeterResultOutput) UseExplicitDryRunSpec added in v0.8.0 

func (o LookupServicePerimeterResultOutput) UseExplicitDryRunSpec() pulumi.BoolOutput

Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists for all Service Perimeters, and that spec is identical to the status for those Service Perimeters. When this flag is set, it inhibits the generation of the implicit spec, thereby allowing the user to explicitly provide a configuration ("spec") to use in a dry-run version of the Service Perimeter. This allows the user to test changes to the enforced config ("status") without actually enforcing them. This testing is done through analyzing the differences between currently enforced and suggested restrictions. use_explicit_dry_run_spec must bet set to True if any of the fields in the spec are set to non-default values.

type MethodSelector 

type MethodSelector struct {
	// Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed.
	Method *string `pulumi:"method"`
	// Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.
	Permission *string `pulumi:"permission"`
}

An allowed method or permission of a service specified in ApiOperation.

type MethodSelectorArgs 

type MethodSelectorArgs struct {
	// Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed.
	Method pulumi.StringPtrInput `pulumi:"method"`
	// Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.
	Permission pulumi.StringPtrInput `pulumi:"permission"`
}

An allowed method or permission of a service specified in ApiOperation.

func (MethodSelectorArgs) ElementType 

func (MethodSelectorArgs) ElementType() reflect.Type

func (MethodSelectorArgs) ToMethodSelectorOutput 

func (i MethodSelectorArgs) ToMethodSelectorOutput() MethodSelectorOutput

func (MethodSelectorArgs) ToMethodSelectorOutputWithContext 

func (i MethodSelectorArgs) ToMethodSelectorOutputWithContext(ctx context.Context) MethodSelectorOutput

type MethodSelectorArray 

type MethodSelectorArray []MethodSelectorInput

func (MethodSelectorArray) ElementType 

func (MethodSelectorArray) ElementType() reflect.Type

func (MethodSelectorArray) ToMethodSelectorArrayOutput 

func (i MethodSelectorArray) ToMethodSelectorArrayOutput() MethodSelectorArrayOutput

func (MethodSelectorArray) ToMethodSelectorArrayOutputWithContext 

func (i MethodSelectorArray) ToMethodSelectorArrayOutputWithContext(ctx context.Context) MethodSelectorArrayOutput

type MethodSelectorArrayInput 

type MethodSelectorArrayInput interface {
	pulumi.Input

	ToMethodSelectorArrayOutput() MethodSelectorArrayOutput
	ToMethodSelectorArrayOutputWithContext(context.Context) MethodSelectorArrayOutput
}

MethodSelectorArrayInput is an input type that accepts MethodSelectorArray and MethodSelectorArrayOutput values. You can construct a concrete instance of `MethodSelectorArrayInput` via: 

MethodSelectorArray{ MethodSelectorArgs{...} }

type MethodSelectorArrayOutput 

type MethodSelectorArrayOutput struct{ *pulumi.OutputState }

func (MethodSelectorArrayOutput) ElementType 

func (MethodSelectorArrayOutput) ElementType() reflect.Type

func (MethodSelectorArrayOutput) Index 

func (o MethodSelectorArrayOutput) Index(i pulumi.IntInput) MethodSelectorOutput

func (MethodSelectorArrayOutput) ToMethodSelectorArrayOutput 

func (o MethodSelectorArrayOutput) ToMethodSelectorArrayOutput() MethodSelectorArrayOutput

func (MethodSelectorArrayOutput) ToMethodSelectorArrayOutputWithContext 

func (o MethodSelectorArrayOutput) ToMethodSelectorArrayOutputWithContext(ctx context.Context) MethodSelectorArrayOutput

type MethodSelectorInput 

type MethodSelectorInput interface {
	pulumi.Input

	ToMethodSelectorOutput() MethodSelectorOutput
	ToMethodSelectorOutputWithContext(context.Context) MethodSelectorOutput
}

MethodSelectorInput is an input type that accepts MethodSelectorArgs and MethodSelectorOutput values. You can construct a concrete instance of `MethodSelectorInput` via: 

MethodSelectorArgs{...}

type MethodSelectorOutput 

type MethodSelectorOutput struct{ *pulumi.OutputState }

An allowed method or permission of a service specified in ApiOperation.

func (MethodSelectorOutput) ElementType 

func (MethodSelectorOutput) ElementType() reflect.Type

func (MethodSelectorOutput) Method 

func (o MethodSelectorOutput) Method() pulumi.StringPtrOutput

Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed.

func (MethodSelectorOutput) Permission 

func (o MethodSelectorOutput) Permission() pulumi.StringPtrOutput

Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.

func (MethodSelectorOutput) ToMethodSelectorOutput 

func (o MethodSelectorOutput) ToMethodSelectorOutput() MethodSelectorOutput

func (MethodSelectorOutput) ToMethodSelectorOutputWithContext 

func (o MethodSelectorOutput) ToMethodSelectorOutputWithContext(ctx context.Context) MethodSelectorOutput

type MethodSelectorResponse 

type MethodSelectorResponse struct {
	// Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed.
	Method string `pulumi:"method"`
	// Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.
	Permission string `pulumi:"permission"`
}

An allowed method or permission of a service specified in ApiOperation.

type MethodSelectorResponseArrayOutput 

type MethodSelectorResponseArrayOutput struct{ *pulumi.OutputState }

func (MethodSelectorResponseArrayOutput) ElementType 

func (MethodSelectorResponseArrayOutput) ElementType() reflect.Type

func (MethodSelectorResponseArrayOutput) Index 

func (o MethodSelectorResponseArrayOutput) Index(i pulumi.IntInput) MethodSelectorResponseOutput

func (MethodSelectorResponseArrayOutput) ToMethodSelectorResponseArrayOutput 

func (o MethodSelectorResponseArrayOutput) ToMethodSelectorResponseArrayOutput() MethodSelectorResponseArrayOutput

func (MethodSelectorResponseArrayOutput) ToMethodSelectorResponseArrayOutputWithContext 

func (o MethodSelectorResponseArrayOutput) ToMethodSelectorResponseArrayOutputWithContext(ctx context.Context) MethodSelectorResponseArrayOutput

type MethodSelectorResponseOutput 

type MethodSelectorResponseOutput struct{ *pulumi.OutputState }

An allowed method or permission of a service specified in ApiOperation.

func (MethodSelectorResponseOutput) ElementType 

func (MethodSelectorResponseOutput) ElementType() reflect.Type

func (MethodSelectorResponseOutput) Method 

func (o MethodSelectorResponseOutput) Method() pulumi.StringOutput

Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed.

func (MethodSelectorResponseOutput) Permission 

func (o MethodSelectorResponseOutput) Permission() pulumi.StringOutput

Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.

func (MethodSelectorResponseOutput) ToMethodSelectorResponseOutput 

func (o MethodSelectorResponseOutput) ToMethodSelectorResponseOutput() MethodSelectorResponseOutput

func (MethodSelectorResponseOutput) ToMethodSelectorResponseOutputWithContext 

func (o MethodSelectorResponseOutput) ToMethodSelectorResponseOutputWithContext(ctx context.Context) MethodSelectorResponseOutput

type OsConstraint 

type OsConstraint struct {
	// The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: `"major.minor.patch"`. Examples: `"10.5.301"`, `"9.2.1"`.
	MinimumVersion *string `pulumi:"minimumVersion"`
	// The allowed OS type.
	OsType OsConstraintOsType `pulumi:"osType"`
	// Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.
	RequireVerifiedChromeOs *bool `pulumi:"requireVerifiedChromeOs"`
}

A restriction on the OS type and version of devices making requests.

type OsConstraintArgs 

type OsConstraintArgs struct {
	// The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: `"major.minor.patch"`. Examples: `"10.5.301"`, `"9.2.1"`.
	MinimumVersion pulumi.StringPtrInput `pulumi:"minimumVersion"`
	// The allowed OS type.
	OsType OsConstraintOsTypeInput `pulumi:"osType"`
	// Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.
	RequireVerifiedChromeOs pulumi.BoolPtrInput `pulumi:"requireVerifiedChromeOs"`
}

A restriction on the OS type and version of devices making requests.

func (OsConstraintArgs) ElementType 

func (OsConstraintArgs) ElementType() reflect.Type

func (OsConstraintArgs) ToOsConstraintOutput 

func (i OsConstraintArgs) ToOsConstraintOutput() OsConstraintOutput

func (OsConstraintArgs) ToOsConstraintOutputWithContext 

func (i OsConstraintArgs) ToOsConstraintOutputWithContext(ctx context.Context) OsConstraintOutput

type OsConstraintArray 

type OsConstraintArray []OsConstraintInput

func (OsConstraintArray) ElementType 

func (OsConstraintArray) ElementType() reflect.Type

func (OsConstraintArray) ToOsConstraintArrayOutput 

func (i OsConstraintArray) ToOsConstraintArrayOutput() OsConstraintArrayOutput

func (OsConstraintArray) ToOsConstraintArrayOutputWithContext 

func (i OsConstraintArray) ToOsConstraintArrayOutputWithContext(ctx context.Context) OsConstraintArrayOutput

type OsConstraintArrayInput 

type OsConstraintArrayInput interface {
	pulumi.Input

	ToOsConstraintArrayOutput() OsConstraintArrayOutput
	ToOsConstraintArrayOutputWithContext(context.Context) OsConstraintArrayOutput
}

OsConstraintArrayInput is an input type that accepts OsConstraintArray and OsConstraintArrayOutput values. You can construct a concrete instance of `OsConstraintArrayInput` via: 

OsConstraintArray{ OsConstraintArgs{...} }

type OsConstraintArrayOutput 

type OsConstraintArrayOutput struct{ *pulumi.OutputState }

func (OsConstraintArrayOutput) ElementType 

func (OsConstraintArrayOutput) ElementType() reflect.Type

func (OsConstraintArrayOutput) Index 

func (o OsConstraintArrayOutput) Index(i pulumi.IntInput) OsConstraintOutput

func (OsConstraintArrayOutput) ToOsConstraintArrayOutput 

func (o OsConstraintArrayOutput) ToOsConstraintArrayOutput() OsConstraintArrayOutput

func (OsConstraintArrayOutput) ToOsConstraintArrayOutputWithContext 

func (o OsConstraintArrayOutput) ToOsConstraintArrayOutputWithContext(ctx context.Context) OsConstraintArrayOutput

type OsConstraintInput 

type OsConstraintInput interface {
	pulumi.Input

	ToOsConstraintOutput() OsConstraintOutput
	ToOsConstraintOutputWithContext(context.Context) OsConstraintOutput
}

OsConstraintInput is an input type that accepts OsConstraintArgs and OsConstraintOutput values. You can construct a concrete instance of `OsConstraintInput` via: 

OsConstraintArgs{...}

type OsConstraintOsType added in v0.4.0 

type OsConstraintOsType string

Required. The allowed OS type.

func (OsConstraintOsType) ElementType added in v0.4.0 

func (OsConstraintOsType) ElementType() reflect.Type

func (OsConstraintOsType) ToOsConstraintOsTypeOutput added in v0.6.0 

func (e OsConstraintOsType) ToOsConstraintOsTypeOutput() OsConstraintOsTypeOutput

func (OsConstraintOsType) ToOsConstraintOsTypeOutputWithContext added in v0.6.0 

func (e OsConstraintOsType) ToOsConstraintOsTypeOutputWithContext(ctx context.Context) OsConstraintOsTypeOutput

func (OsConstraintOsType) ToOsConstraintOsTypePtrOutput added in v0.6.0 

func (e OsConstraintOsType) ToOsConstraintOsTypePtrOutput() OsConstraintOsTypePtrOutput

func (OsConstraintOsType) ToOsConstraintOsTypePtrOutputWithContext added in v0.6.0 

func (e OsConstraintOsType) ToOsConstraintOsTypePtrOutputWithContext(ctx context.Context) OsConstraintOsTypePtrOutput

func (OsConstraintOsType) ToStringOutput added in v0.4.0 

func (e OsConstraintOsType) ToStringOutput() pulumi.StringOutput

func (OsConstraintOsType) ToStringOutputWithContext added in v0.4.0 

func (e OsConstraintOsType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (OsConstraintOsType) ToStringPtrOutput added in v0.4.0 

func (e OsConstraintOsType) ToStringPtrOutput() pulumi.StringPtrOutput

func (OsConstraintOsType) ToStringPtrOutputWithContext added in v0.4.0 

func (e OsConstraintOsType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type OsConstraintOsTypeInput added in v0.6.0 

type OsConstraintOsTypeInput interface {
	pulumi.Input

	ToOsConstraintOsTypeOutput() OsConstraintOsTypeOutput
	ToOsConstraintOsTypeOutputWithContext(context.Context) OsConstraintOsTypeOutput
}

OsConstraintOsTypeInput is an input type that accepts OsConstraintOsTypeArgs and OsConstraintOsTypeOutput values. You can construct a concrete instance of `OsConstraintOsTypeInput` via: 

OsConstraintOsTypeArgs{...}

type OsConstraintOsTypeOutput added in v0.6.0 

type OsConstraintOsTypeOutput struct{ *pulumi.OutputState }

func (OsConstraintOsTypeOutput) ElementType added in v0.6.0 

func (OsConstraintOsTypeOutput) ElementType() reflect.Type

func (OsConstraintOsTypeOutput) ToOsConstraintOsTypeOutput added in v0.6.0 

func (o OsConstraintOsTypeOutput) ToOsConstraintOsTypeOutput() OsConstraintOsTypeOutput

func (OsConstraintOsTypeOutput) ToOsConstraintOsTypeOutputWithContext added in v0.6.0 

func (o OsConstraintOsTypeOutput) ToOsConstraintOsTypeOutputWithContext(ctx context.Context) OsConstraintOsTypeOutput

func (OsConstraintOsTypeOutput) ToOsConstraintOsTypePtrOutput added in v0.6.0 

func (o OsConstraintOsTypeOutput) ToOsConstraintOsTypePtrOutput() OsConstraintOsTypePtrOutput

func (OsConstraintOsTypeOutput) ToOsConstraintOsTypePtrOutputWithContext added in v0.6.0 

func (o OsConstraintOsTypeOutput) ToOsConstraintOsTypePtrOutputWithContext(ctx context.Context) OsConstraintOsTypePtrOutput

func (OsConstraintOsTypeOutput) ToStringOutput added in v0.6.0 

func (o OsConstraintOsTypeOutput) ToStringOutput() pulumi.StringOutput

func (OsConstraintOsTypeOutput) ToStringOutputWithContext added in v0.6.0 

func (o OsConstraintOsTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (OsConstraintOsTypeOutput) ToStringPtrOutput added in v0.6.0 

func (o OsConstraintOsTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (OsConstraintOsTypeOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o OsConstraintOsTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type OsConstraintOsTypePtrInput added in v0.6.0 

type OsConstraintOsTypePtrInput interface {
	pulumi.Input

	ToOsConstraintOsTypePtrOutput() OsConstraintOsTypePtrOutput
	ToOsConstraintOsTypePtrOutputWithContext(context.Context) OsConstraintOsTypePtrOutput
}

func OsConstraintOsTypePtr added in v0.6.0 

func OsConstraintOsTypePtr(v string) OsConstraintOsTypePtrInput

type OsConstraintOsTypePtrOutput added in v0.6.0 

type OsConstraintOsTypePtrOutput struct{ *pulumi.OutputState }

func (OsConstraintOsTypePtrOutput) Elem added in v0.6.0 

func (o OsConstraintOsTypePtrOutput) Elem() OsConstraintOsTypeOutput

func (OsConstraintOsTypePtrOutput) ElementType added in v0.6.0 

func (OsConstraintOsTypePtrOutput) ElementType() reflect.Type

func (OsConstraintOsTypePtrOutput) ToOsConstraintOsTypePtrOutput added in v0.6.0 

func (o OsConstraintOsTypePtrOutput) ToOsConstraintOsTypePtrOutput() OsConstraintOsTypePtrOutput

func (OsConstraintOsTypePtrOutput) ToOsConstraintOsTypePtrOutputWithContext added in v0.6.0 

func (o OsConstraintOsTypePtrOutput) ToOsConstraintOsTypePtrOutputWithContext(ctx context.Context) OsConstraintOsTypePtrOutput

func (OsConstraintOsTypePtrOutput) ToStringPtrOutput added in v0.6.0 

func (o OsConstraintOsTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (OsConstraintOsTypePtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o OsConstraintOsTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type OsConstraintOutput 

type OsConstraintOutput struct{ *pulumi.OutputState }

A restriction on the OS type and version of devices making requests.

func (OsConstraintOutput) ElementType 

func (OsConstraintOutput) ElementType() reflect.Type

func (OsConstraintOutput) MinimumVersion 

func (o OsConstraintOutput) MinimumVersion() pulumi.StringPtrOutput

The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: `"major.minor.patch"`. Examples: `"10.5.301"`, `"9.2.1"`.

func (OsConstraintOutput) OsType 

func (o OsConstraintOutput) OsType() OsConstraintOsTypeOutput

The allowed OS type.

func (OsConstraintOutput) RequireVerifiedChromeOs 

func (o OsConstraintOutput) RequireVerifiedChromeOs() pulumi.BoolPtrOutput

Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

func (OsConstraintOutput) ToOsConstraintOutput 

func (o OsConstraintOutput) ToOsConstraintOutput() OsConstraintOutput

func (OsConstraintOutput) ToOsConstraintOutputWithContext 

func (o OsConstraintOutput) ToOsConstraintOutputWithContext(ctx context.Context) OsConstraintOutput

type OsConstraintResponse 

type OsConstraintResponse struct {
	// The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: `"major.minor.patch"`. Examples: `"10.5.301"`, `"9.2.1"`.
	MinimumVersion string `pulumi:"minimumVersion"`
	// The allowed OS type.
	OsType string `pulumi:"osType"`
	// Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.
	RequireVerifiedChromeOs bool `pulumi:"requireVerifiedChromeOs"`
}

A restriction on the OS type and version of devices making requests.

type OsConstraintResponseArrayOutput 

type OsConstraintResponseArrayOutput struct{ *pulumi.OutputState }

func (OsConstraintResponseArrayOutput) ElementType 

func (OsConstraintResponseArrayOutput) ElementType() reflect.Type

func (OsConstraintResponseArrayOutput) Index 

func (o OsConstraintResponseArrayOutput) Index(i pulumi.IntInput) OsConstraintResponseOutput

func (OsConstraintResponseArrayOutput) ToOsConstraintResponseArrayOutput 

func (o OsConstraintResponseArrayOutput) ToOsConstraintResponseArrayOutput() OsConstraintResponseArrayOutput

func (OsConstraintResponseArrayOutput) ToOsConstraintResponseArrayOutputWithContext 

func (o OsConstraintResponseArrayOutput) ToOsConstraintResponseArrayOutputWithContext(ctx context.Context) OsConstraintResponseArrayOutput

type OsConstraintResponseOutput 

type OsConstraintResponseOutput struct{ *pulumi.OutputState }

A restriction on the OS type and version of devices making requests.

func (OsConstraintResponseOutput) ElementType 

func (OsConstraintResponseOutput) ElementType() reflect.Type

func (OsConstraintResponseOutput) MinimumVersion 

func (o OsConstraintResponseOutput) MinimumVersion() pulumi.StringOutput

The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: `"major.minor.patch"`. Examples: `"10.5.301"`, `"9.2.1"`.

func (OsConstraintResponseOutput) OsType 

func (o OsConstraintResponseOutput) OsType() pulumi.StringOutput

The allowed OS type.

func (OsConstraintResponseOutput) RequireVerifiedChromeOs 

func (o OsConstraintResponseOutput) RequireVerifiedChromeOs() pulumi.BoolOutput

Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

func (OsConstraintResponseOutput) ToOsConstraintResponseOutput 

func (o OsConstraintResponseOutput) ToOsConstraintResponseOutput() OsConstraintResponseOutput

func (OsConstraintResponseOutput) ToOsConstraintResponseOutputWithContext 

func (o OsConstraintResponseOutput) ToOsConstraintResponseOutputWithContext(ctx context.Context) OsConstraintResponseOutput

type ServicePerimeter added in v0.3.0 

type ServicePerimeter struct {
	pulumi.CustomResourceState

	AccessPolicyId pulumi.StringOutput `pulumi:"accessPolicyId"`
	// Description of the `ServicePerimeter` and its use. Does not affect behavior.
	Description pulumi.StringOutput `pulumi:"description"`
	// Resource name for the `ServicePerimeter`. Format: `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. The `service_perimeter` component must begin with a letter, followed by alphanumeric characters or `_`. After you create a `ServicePerimeter`, you cannot change its `name`.
	Name pulumi.StringOutput `pulumi:"name"`
	// Perimeter type indicator. A single project or VPC network is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, the restricted service list as well as access level lists must be empty.
	PerimeterType pulumi.StringOutput `pulumi:"perimeterType"`
	// Proposed (or dry run) ServicePerimeter configuration. This configuration allows to specify and test ServicePerimeter configuration without enforcing actual access restrictions. Only allowed to be set when the "use_explicit_dry_run_spec" flag is set.
	Spec ServicePerimeterConfigResponseOutput `pulumi:"spec"`
	// Current ServicePerimeter configuration. Specifies sets of resources, restricted services and access levels that determine perimeter content and boundaries.
	Status ServicePerimeterConfigResponseOutput `pulumi:"status"`
	// Human readable title. Must be unique within the Policy.
	Title pulumi.StringOutput `pulumi:"title"`
	// Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists for all Service Perimeters, and that spec is identical to the status for those Service Perimeters. When this flag is set, it inhibits the generation of the implicit spec, thereby allowing the user to explicitly provide a configuration ("spec") to use in a dry-run version of the Service Perimeter. This allows the user to test changes to the enforced config ("status") without actually enforcing them. This testing is done through analyzing the differences between currently enforced and suggested restrictions. use_explicit_dry_run_spec must bet set to True if any of the fields in the spec are set to non-default values.
	UseExplicitDryRunSpec pulumi.BoolOutput `pulumi:"useExplicitDryRunSpec"`
}

Creates a service perimeter. The long-running operation from this RPC has a successful status after the service perimeter propagates to long-lasting storage. If a service perimeter contains errors, an error response is returned for the first error encountered.

func GetServicePerimeter added in v0.3.0 

func GetServicePerimeter(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServicePerimeterState, opts ...pulumi.ResourceOption) (*ServicePerimeter, error)

GetServicePerimeter gets an existing ServicePerimeter resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServicePerimeter added in v0.3.0 

func NewServicePerimeter(ctx *pulumi.Context,
	name string, args *ServicePerimeterArgs, opts ...pulumi.ResourceOption) (*ServicePerimeter, error)

NewServicePerimeter registers a new resource with the given unique name, arguments, and options.

func (*ServicePerimeter) ElementType added in v0.3.0 

func (*ServicePerimeter) ElementType() reflect.Type

func (*ServicePerimeter) ToServicePerimeterOutput added in v0.3.0 

func (i *ServicePerimeter) ToServicePerimeterOutput() ServicePerimeterOutput

func (*ServicePerimeter) ToServicePerimeterOutputWithContext added in v0.3.0 

func (i *ServicePerimeter) ToServicePerimeterOutputWithContext(ctx context.Context) ServicePerimeterOutput

type ServicePerimeterArgs added in v0.3.0 

type ServicePerimeterArgs struct {
	AccessPolicyId pulumi.StringInput
	// Description of the `ServicePerimeter` and its use. Does not affect behavior.
	Description pulumi.StringPtrInput
	// Resource name for the `ServicePerimeter`. Format: `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. The `service_perimeter` component must begin with a letter, followed by alphanumeric characters or `_`. After you create a `ServicePerimeter`, you cannot change its `name`.
	Name pulumi.StringPtrInput
	// Perimeter type indicator. A single project or VPC network is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, the restricted service list as well as access level lists must be empty.
	PerimeterType ServicePerimeterPerimeterTypePtrInput
	// Proposed (or dry run) ServicePerimeter configuration. This configuration allows to specify and test ServicePerimeter configuration without enforcing actual access restrictions. Only allowed to be set when the "use_explicit_dry_run_spec" flag is set.
	Spec ServicePerimeterConfigPtrInput
	// Human readable title. Must be unique within the Policy.
	Title pulumi.StringPtrInput
	// Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists for all Service Perimeters, and that spec is identical to the status for those Service Perimeters. When this flag is set, it inhibits the generation of the implicit spec, thereby allowing the user to explicitly provide a configuration ("spec") to use in a dry-run version of the Service Perimeter. This allows the user to test changes to the enforced config ("status") without actually enforcing them. This testing is done through analyzing the differences between currently enforced and suggested restrictions. use_explicit_dry_run_spec must bet set to True if any of the fields in the spec are set to non-default values.
	UseExplicitDryRunSpec pulumi.BoolPtrInput
}

The set of arguments for constructing a ServicePerimeter resource.

func (ServicePerimeterArgs) ElementType added in v0.3.0 

func (ServicePerimeterArgs) ElementType() reflect.Type

type ServicePerimeterConfig 

type ServicePerimeterConfig struct {
	// A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.
	AccessLevels []string `pulumi:"accessLevels"`
	// List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge.
	EgressPolicies []EgressPolicy `pulumi:"egressPolicies"`
	// List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge.
	IngressPolicies []IngressPolicy `pulumi:"ingressPolicies"`
	// A list of Google Cloud resources that are inside of the service perimeter. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`.
	Resources []string `pulumi:"resources"`
	// Google Cloud services that are subject to the Service Perimeter restrictions. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
	RestrictedServices []string `pulumi:"restrictedServices"`
	// Configuration for APIs allowed within Perimeter.
	VpcAccessibleServices *VpcAccessibleServices `pulumi:"vpcAccessibleServices"`
}

`ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

type ServicePerimeterConfigArgs 

type ServicePerimeterConfigArgs struct {
	// A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.
	AccessLevels pulumi.StringArrayInput `pulumi:"accessLevels"`
	// List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge.
	EgressPolicies EgressPolicyArrayInput `pulumi:"egressPolicies"`
	// List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge.
	IngressPolicies IngressPolicyArrayInput `pulumi:"ingressPolicies"`
	// A list of Google Cloud resources that are inside of the service perimeter. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`.
	Resources pulumi.StringArrayInput `pulumi:"resources"`
	// Google Cloud services that are subject to the Service Perimeter restrictions. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
	RestrictedServices pulumi.StringArrayInput `pulumi:"restrictedServices"`
	// Configuration for APIs allowed within Perimeter.
	VpcAccessibleServices VpcAccessibleServicesPtrInput `pulumi:"vpcAccessibleServices"`
}

`ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

func (ServicePerimeterConfigArgs) ElementType 

func (ServicePerimeterConfigArgs) ElementType() reflect.Type

func (ServicePerimeterConfigArgs) ToServicePerimeterConfigOutput 

func (i ServicePerimeterConfigArgs) ToServicePerimeterConfigOutput() ServicePerimeterConfigOutput

func (ServicePerimeterConfigArgs) ToServicePerimeterConfigOutputWithContext 

func (i ServicePerimeterConfigArgs) ToServicePerimeterConfigOutputWithContext(ctx context.Context) ServicePerimeterConfigOutput

func (ServicePerimeterConfigArgs) ToServicePerimeterConfigPtrOutput 

func (i ServicePerimeterConfigArgs) ToServicePerimeterConfigPtrOutput() ServicePerimeterConfigPtrOutput

func (ServicePerimeterConfigArgs) ToServicePerimeterConfigPtrOutputWithContext 

func (i ServicePerimeterConfigArgs) ToServicePerimeterConfigPtrOutputWithContext(ctx context.Context) ServicePerimeterConfigPtrOutput

type ServicePerimeterConfigInput 

type ServicePerimeterConfigInput interface {
	pulumi.Input

	ToServicePerimeterConfigOutput() ServicePerimeterConfigOutput
	ToServicePerimeterConfigOutputWithContext(context.Context) ServicePerimeterConfigOutput
}

ServicePerimeterConfigInput is an input type that accepts ServicePerimeterConfigArgs and ServicePerimeterConfigOutput values. You can construct a concrete instance of `ServicePerimeterConfigInput` via: 

ServicePerimeterConfigArgs{...}

type ServicePerimeterConfigOutput 

type ServicePerimeterConfigOutput struct{ *pulumi.OutputState }

`ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

func (ServicePerimeterConfigOutput) AccessLevels 

func (o ServicePerimeterConfigOutput) AccessLevels() pulumi.StringArrayOutput

A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.

func (ServicePerimeterConfigOutput) EgressPolicies 

func (o ServicePerimeterConfigOutput) EgressPolicies() EgressPolicyArrayOutput

List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge.

func (ServicePerimeterConfigOutput) ElementType 

func (ServicePerimeterConfigOutput) ElementType() reflect.Type

func (ServicePerimeterConfigOutput) IngressPolicies 

func (o ServicePerimeterConfigOutput) IngressPolicies() IngressPolicyArrayOutput

List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge.

func (ServicePerimeterConfigOutput) Resources 

func (o ServicePerimeterConfigOutput) Resources() pulumi.StringArrayOutput

A list of Google Cloud resources that are inside of the service perimeter. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`.

func (ServicePerimeterConfigOutput) RestrictedServices 

func (o ServicePerimeterConfigOutput) RestrictedServices() pulumi.StringArrayOutput

Google Cloud services that are subject to the Service Perimeter restrictions. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

func (ServicePerimeterConfigOutput) ToServicePerimeterConfigOutput 

func (o ServicePerimeterConfigOutput) ToServicePerimeterConfigOutput() ServicePerimeterConfigOutput

func (ServicePerimeterConfigOutput) ToServicePerimeterConfigOutputWithContext 

func (o ServicePerimeterConfigOutput) ToServicePerimeterConfigOutputWithContext(ctx context.Context) ServicePerimeterConfigOutput

func (ServicePerimeterConfigOutput) ToServicePerimeterConfigPtrOutput 

func (o ServicePerimeterConfigOutput) ToServicePerimeterConfigPtrOutput() ServicePerimeterConfigPtrOutput

func (ServicePerimeterConfigOutput) ToServicePerimeterConfigPtrOutputWithContext 

func (o ServicePerimeterConfigOutput) ToServicePerimeterConfigPtrOutputWithContext(ctx context.Context) ServicePerimeterConfigPtrOutput

func (ServicePerimeterConfigOutput) VpcAccessibleServices 

func (o ServicePerimeterConfigOutput) VpcAccessibleServices() VpcAccessibleServicesPtrOutput

Configuration for APIs allowed within Perimeter.

type ServicePerimeterConfigPtrInput 

type ServicePerimeterConfigPtrInput interface {
	pulumi.Input

	ToServicePerimeterConfigPtrOutput() ServicePerimeterConfigPtrOutput
	ToServicePerimeterConfigPtrOutputWithContext(context.Context) ServicePerimeterConfigPtrOutput
}

ServicePerimeterConfigPtrInput is an input type that accepts ServicePerimeterConfigArgs, ServicePerimeterConfigPtr and ServicePerimeterConfigPtrOutput values. You can construct a concrete instance of `ServicePerimeterConfigPtrInput` via: 

        ServicePerimeterConfigArgs{...}

or:

        nil

func ServicePerimeterConfigPtr 

func ServicePerimeterConfigPtr(v *ServicePerimeterConfigArgs) ServicePerimeterConfigPtrInput

type ServicePerimeterConfigPtrOutput 

type ServicePerimeterConfigPtrOutput struct{ *pulumi.OutputState }

func (ServicePerimeterConfigPtrOutput) AccessLevels 

func (o ServicePerimeterConfigPtrOutput) AccessLevels() pulumi.StringArrayOutput

A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.

func (ServicePerimeterConfigPtrOutput) EgressPolicies 

func (o ServicePerimeterConfigPtrOutput) EgressPolicies() EgressPolicyArrayOutput

List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge.

func (ServicePerimeterConfigPtrOutput) Elem 

func (o ServicePerimeterConfigPtrOutput) Elem() ServicePerimeterConfigOutput

func (ServicePerimeterConfigPtrOutput) ElementType 

func (ServicePerimeterConfigPtrOutput) ElementType() reflect.Type

func (ServicePerimeterConfigPtrOutput) IngressPolicies 

func (o ServicePerimeterConfigPtrOutput) IngressPolicies() IngressPolicyArrayOutput

List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge.

func (ServicePerimeterConfigPtrOutput) Resources 

func (o ServicePerimeterConfigPtrOutput) Resources() pulumi.StringArrayOutput

A list of Google Cloud resources that are inside of the service perimeter. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`.

func (ServicePerimeterConfigPtrOutput) RestrictedServices 

func (o ServicePerimeterConfigPtrOutput) RestrictedServices() pulumi.StringArrayOutput

Google Cloud services that are subject to the Service Perimeter restrictions. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

func (ServicePerimeterConfigPtrOutput) ToServicePerimeterConfigPtrOutput 

func (o ServicePerimeterConfigPtrOutput) ToServicePerimeterConfigPtrOutput() ServicePerimeterConfigPtrOutput

func (ServicePerimeterConfigPtrOutput) ToServicePerimeterConfigPtrOutputWithContext 

func (o ServicePerimeterConfigPtrOutput) ToServicePerimeterConfigPtrOutputWithContext(ctx context.Context) ServicePerimeterConfigPtrOutput

func (ServicePerimeterConfigPtrOutput) VpcAccessibleServices 

func (o ServicePerimeterConfigPtrOutput) VpcAccessibleServices() VpcAccessibleServicesPtrOutput

Configuration for APIs allowed within Perimeter.

type ServicePerimeterConfigResponse 

type ServicePerimeterConfigResponse struct {
	// A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.
	AccessLevels []string `pulumi:"accessLevels"`
	// List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge.
	EgressPolicies []EgressPolicyResponse `pulumi:"egressPolicies"`
	// List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge.
	IngressPolicies []IngressPolicyResponse `pulumi:"ingressPolicies"`
	// A list of Google Cloud resources that are inside of the service perimeter. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`.
	Resources []string `pulumi:"resources"`
	// Google Cloud services that are subject to the Service Perimeter restrictions. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
	RestrictedServices []string `pulumi:"restrictedServices"`
	// Configuration for APIs allowed within Perimeter.
	VpcAccessibleServices VpcAccessibleServicesResponse `pulumi:"vpcAccessibleServices"`
}

`ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

type ServicePerimeterConfigResponseOutput 

type ServicePerimeterConfigResponseOutput struct{ *pulumi.OutputState }

`ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

func (ServicePerimeterConfigResponseOutput) AccessLevels 

func (o ServicePerimeterConfigResponseOutput) AccessLevels() pulumi.StringArrayOutput

A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.

func (ServicePerimeterConfigResponseOutput) EgressPolicies 

func (o ServicePerimeterConfigResponseOutput) EgressPolicies() EgressPolicyResponseArrayOutput

List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge.

func (ServicePerimeterConfigResponseOutput) ElementType 

func (ServicePerimeterConfigResponseOutput) ElementType() reflect.Type

func (ServicePerimeterConfigResponseOutput) IngressPolicies 

func (o ServicePerimeterConfigResponseOutput) IngressPolicies() IngressPolicyResponseArrayOutput

List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge.

func (ServicePerimeterConfigResponseOutput) Resources 

func (o ServicePerimeterConfigResponseOutput) Resources() pulumi.StringArrayOutput

A list of Google Cloud resources that are inside of the service perimeter. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`.

func (ServicePerimeterConfigResponseOutput) RestrictedServices 

func (o ServicePerimeterConfigResponseOutput) RestrictedServices() pulumi.StringArrayOutput

Google Cloud services that are subject to the Service Perimeter restrictions. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.

func (ServicePerimeterConfigResponseOutput) ToServicePerimeterConfigResponseOutput 

func (o ServicePerimeterConfigResponseOutput) ToServicePerimeterConfigResponseOutput() ServicePerimeterConfigResponseOutput

func (ServicePerimeterConfigResponseOutput) ToServicePerimeterConfigResponseOutputWithContext 

func (o ServicePerimeterConfigResponseOutput) ToServicePerimeterConfigResponseOutputWithContext(ctx context.Context) ServicePerimeterConfigResponseOutput

func (ServicePerimeterConfigResponseOutput) VpcAccessibleServices 

func (o ServicePerimeterConfigResponseOutput) VpcAccessibleServices() VpcAccessibleServicesResponseOutput

Configuration for APIs allowed within Perimeter.

type ServicePerimeterInput added in v0.3.0 

type ServicePerimeterInput interface {
	pulumi.Input

	ToServicePerimeterOutput() ServicePerimeterOutput
	ToServicePerimeterOutputWithContext(ctx context.Context) ServicePerimeterOutput
}

type ServicePerimeterOutput added in v0.3.0 

type ServicePerimeterOutput struct{ *pulumi.OutputState }

func (ServicePerimeterOutput) AccessPolicyId added in v0.21.0 

func (o ServicePerimeterOutput) AccessPolicyId() pulumi.StringOutput

func (ServicePerimeterOutput) Description added in v0.19.0 

func (o ServicePerimeterOutput) Description() pulumi.StringOutput

Description of the `ServicePerimeter` and its use. Does not affect behavior.

func (ServicePerimeterOutput) ElementType added in v0.3.0 

func (ServicePerimeterOutput) ElementType() reflect.Type

func (ServicePerimeterOutput) Name added in v0.19.0 

func (o ServicePerimeterOutput) Name() pulumi.StringOutput

Resource name for the `ServicePerimeter`. Format: `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. The `service_perimeter` component must begin with a letter, followed by alphanumeric characters or `_`. After you create a `ServicePerimeter`, you cannot change its `name`.

func (ServicePerimeterOutput) PerimeterType added in v0.19.0 

func (o ServicePerimeterOutput) PerimeterType() pulumi.StringOutput

Perimeter type indicator. A single project or VPC network is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, the restricted service list as well as access level lists must be empty.

func (ServicePerimeterOutput) Spec added in v0.19.0 

func (o ServicePerimeterOutput) Spec() ServicePerimeterConfigResponseOutput

Proposed (or dry run) ServicePerimeter configuration. This configuration allows to specify and test ServicePerimeter configuration without enforcing actual access restrictions. Only allowed to be set when the "use_explicit_dry_run_spec" flag is set.

func (ServicePerimeterOutput) Status added in v0.19.0 

func (o ServicePerimeterOutput) Status() ServicePerimeterConfigResponseOutput

Current ServicePerimeter configuration. Specifies sets of resources, restricted services and access levels that determine perimeter content and boundaries.

func (ServicePerimeterOutput) Title added in v0.19.0 

func (o ServicePerimeterOutput) Title() pulumi.StringOutput

Human readable title. Must be unique within the Policy.

func (ServicePerimeterOutput) ToServicePerimeterOutput added in v0.3.0 

func (o ServicePerimeterOutput) ToServicePerimeterOutput() ServicePerimeterOutput

func (ServicePerimeterOutput) ToServicePerimeterOutputWithContext added in v0.3.0 

func (o ServicePerimeterOutput) ToServicePerimeterOutputWithContext(ctx context.Context) ServicePerimeterOutput

func (ServicePerimeterOutput) UseExplicitDryRunSpec added in v0.19.0 

func (o ServicePerimeterOutput) UseExplicitDryRunSpec() pulumi.BoolOutput

Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists for all Service Perimeters, and that spec is identical to the status for those Service Perimeters. When this flag is set, it inhibits the generation of the implicit spec, thereby allowing the user to explicitly provide a configuration ("spec") to use in a dry-run version of the Service Perimeter. This allows the user to test changes to the enforced config ("status") without actually enforcing them. This testing is done through analyzing the differences between currently enforced and suggested restrictions. use_explicit_dry_run_spec must bet set to True if any of the fields in the spec are set to non-default values.

type ServicePerimeterPerimeterType added in v0.4.0 

type ServicePerimeterPerimeterType string

Perimeter type indicator. A single project or VPC network is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, the restricted service list as well as access level lists must be empty.

func (ServicePerimeterPerimeterType) ElementType added in v0.4.0 

func (ServicePerimeterPerimeterType) ElementType() reflect.Type

func (ServicePerimeterPerimeterType) ToServicePerimeterPerimeterTypeOutput added in v0.6.0 

func (e ServicePerimeterPerimeterType) ToServicePerimeterPerimeterTypeOutput() ServicePerimeterPerimeterTypeOutput

func (ServicePerimeterPerimeterType) ToServicePerimeterPerimeterTypeOutputWithContext added in v0.6.0 

func (e ServicePerimeterPerimeterType) ToServicePerimeterPerimeterTypeOutputWithContext(ctx context.Context) ServicePerimeterPerimeterTypeOutput

func (ServicePerimeterPerimeterType) ToServicePerimeterPerimeterTypePtrOutput added in v0.6.0 

func (e ServicePerimeterPerimeterType) ToServicePerimeterPerimeterTypePtrOutput() ServicePerimeterPerimeterTypePtrOutput

func (ServicePerimeterPerimeterType) ToServicePerimeterPerimeterTypePtrOutputWithContext added in v0.6.0 

func (e ServicePerimeterPerimeterType) ToServicePerimeterPerimeterTypePtrOutputWithContext(ctx context.Context) ServicePerimeterPerimeterTypePtrOutput

func (ServicePerimeterPerimeterType) ToStringOutput added in v0.4.0 

func (e ServicePerimeterPerimeterType) ToStringOutput() pulumi.StringOutput

func (ServicePerimeterPerimeterType) ToStringOutputWithContext added in v0.4.0 

func (e ServicePerimeterPerimeterType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (ServicePerimeterPerimeterType) ToStringPtrOutput added in v0.4.0 

func (e ServicePerimeterPerimeterType) ToStringPtrOutput() pulumi.StringPtrOutput

func (ServicePerimeterPerimeterType) ToStringPtrOutputWithContext added in v0.4.0 

func (e ServicePerimeterPerimeterType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type ServicePerimeterPerimeterTypeInput added in v0.6.0 

type ServicePerimeterPerimeterTypeInput interface {
	pulumi.Input

	ToServicePerimeterPerimeterTypeOutput() ServicePerimeterPerimeterTypeOutput
	ToServicePerimeterPerimeterTypeOutputWithContext(context.Context) ServicePerimeterPerimeterTypeOutput
}

ServicePerimeterPerimeterTypeInput is an input type that accepts ServicePerimeterPerimeterTypeArgs and ServicePerimeterPerimeterTypeOutput values. You can construct a concrete instance of `ServicePerimeterPerimeterTypeInput` via: 

ServicePerimeterPerimeterTypeArgs{...}

type ServicePerimeterPerimeterTypeOutput added in v0.6.0 

type ServicePerimeterPerimeterTypeOutput struct{ *pulumi.OutputState }

func (ServicePerimeterPerimeterTypeOutput) ElementType added in v0.6.0 

func (ServicePerimeterPerimeterTypeOutput) ElementType() reflect.Type

func (ServicePerimeterPerimeterTypeOutput) ToServicePerimeterPerimeterTypeOutput added in v0.6.0 

func (o ServicePerimeterPerimeterTypeOutput) ToServicePerimeterPerimeterTypeOutput() ServicePerimeterPerimeterTypeOutput

func (ServicePerimeterPerimeterTypeOutput) ToServicePerimeterPerimeterTypeOutputWithContext added in v0.6.0 

func (o ServicePerimeterPerimeterTypeOutput) ToServicePerimeterPerimeterTypeOutputWithContext(ctx context.Context) ServicePerimeterPerimeterTypeOutput

func (ServicePerimeterPerimeterTypeOutput) ToServicePerimeterPerimeterTypePtrOutput added in v0.6.0 

func (o ServicePerimeterPerimeterTypeOutput) ToServicePerimeterPerimeterTypePtrOutput() ServicePerimeterPerimeterTypePtrOutput

func (ServicePerimeterPerimeterTypeOutput) ToServicePerimeterPerimeterTypePtrOutputWithContext added in v0.6.0 

func (o ServicePerimeterPerimeterTypeOutput) ToServicePerimeterPerimeterTypePtrOutputWithContext(ctx context.Context) ServicePerimeterPerimeterTypePtrOutput

func (ServicePerimeterPerimeterTypeOutput) ToStringOutput added in v0.6.0 

func (o ServicePerimeterPerimeterTypeOutput) ToStringOutput() pulumi.StringOutput

func (ServicePerimeterPerimeterTypeOutput) ToStringOutputWithContext added in v0.6.0 

func (o ServicePerimeterPerimeterTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (ServicePerimeterPerimeterTypeOutput) ToStringPtrOutput added in v0.6.0 

func (o ServicePerimeterPerimeterTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (ServicePerimeterPerimeterTypeOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o ServicePerimeterPerimeterTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type ServicePerimeterPerimeterTypePtrInput added in v0.6.0 

type ServicePerimeterPerimeterTypePtrInput interface {
	pulumi.Input

	ToServicePerimeterPerimeterTypePtrOutput() ServicePerimeterPerimeterTypePtrOutput
	ToServicePerimeterPerimeterTypePtrOutputWithContext(context.Context) ServicePerimeterPerimeterTypePtrOutput
}

func ServicePerimeterPerimeterTypePtr added in v0.6.0 

func ServicePerimeterPerimeterTypePtr(v string) ServicePerimeterPerimeterTypePtrInput

type ServicePerimeterPerimeterTypePtrOutput added in v0.6.0 

type ServicePerimeterPerimeterTypePtrOutput struct{ *pulumi.OutputState }

func (ServicePerimeterPerimeterTypePtrOutput) Elem added in v0.6.0 

func (o ServicePerimeterPerimeterTypePtrOutput) Elem() ServicePerimeterPerimeterTypeOutput

func (ServicePerimeterPerimeterTypePtrOutput) ElementType added in v0.6.0 

func (ServicePerimeterPerimeterTypePtrOutput) ElementType() reflect.Type

func (ServicePerimeterPerimeterTypePtrOutput) ToServicePerimeterPerimeterTypePtrOutput added in v0.6.0 

func (o ServicePerimeterPerimeterTypePtrOutput) ToServicePerimeterPerimeterTypePtrOutput() ServicePerimeterPerimeterTypePtrOutput

func (ServicePerimeterPerimeterTypePtrOutput) ToServicePerimeterPerimeterTypePtrOutputWithContext added in v0.6.0 

func (o ServicePerimeterPerimeterTypePtrOutput) ToServicePerimeterPerimeterTypePtrOutputWithContext(ctx context.Context) ServicePerimeterPerimeterTypePtrOutput

func (ServicePerimeterPerimeterTypePtrOutput) ToStringPtrOutput added in v0.6.0 

func (o ServicePerimeterPerimeterTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (ServicePerimeterPerimeterTypePtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o ServicePerimeterPerimeterTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type ServicePerimeterState added in v0.3.0 

type ServicePerimeterState struct {
}

func (ServicePerimeterState) ElementType added in v0.3.0 

func (ServicePerimeterState) ElementType() reflect.Type

type VpcAccessibleServices 

type VpcAccessibleServices struct {
	// The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
	AllowedServices []string `pulumi:"allowedServices"`
	// Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
	EnableRestriction *bool `pulumi:"enableRestriction"`
}

Specifies how APIs are allowed to communicate within the Service Perimeter.

type VpcAccessibleServicesArgs 

type VpcAccessibleServicesArgs struct {
	// The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
	AllowedServices pulumi.StringArrayInput `pulumi:"allowedServices"`
	// Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
	EnableRestriction pulumi.BoolPtrInput `pulumi:"enableRestriction"`
}

Specifies how APIs are allowed to communicate within the Service Perimeter.

func (VpcAccessibleServicesArgs) ElementType 

func (VpcAccessibleServicesArgs) ElementType() reflect.Type

func (VpcAccessibleServicesArgs) ToVpcAccessibleServicesOutput 

func (i VpcAccessibleServicesArgs) ToVpcAccessibleServicesOutput() VpcAccessibleServicesOutput

func (VpcAccessibleServicesArgs) ToVpcAccessibleServicesOutputWithContext 

func (i VpcAccessibleServicesArgs) ToVpcAccessibleServicesOutputWithContext(ctx context.Context) VpcAccessibleServicesOutput

func (VpcAccessibleServicesArgs) ToVpcAccessibleServicesPtrOutput 

func (i VpcAccessibleServicesArgs) ToVpcAccessibleServicesPtrOutput() VpcAccessibleServicesPtrOutput

func (VpcAccessibleServicesArgs) ToVpcAccessibleServicesPtrOutputWithContext 

func (i VpcAccessibleServicesArgs) ToVpcAccessibleServicesPtrOutputWithContext(ctx context.Context) VpcAccessibleServicesPtrOutput

type VpcAccessibleServicesInput 

type VpcAccessibleServicesInput interface {
	pulumi.Input

	ToVpcAccessibleServicesOutput() VpcAccessibleServicesOutput
	ToVpcAccessibleServicesOutputWithContext(context.Context) VpcAccessibleServicesOutput
}

VpcAccessibleServicesInput is an input type that accepts VpcAccessibleServicesArgs and VpcAccessibleServicesOutput values. You can construct a concrete instance of `VpcAccessibleServicesInput` via: 

VpcAccessibleServicesArgs{...}

type VpcAccessibleServicesOutput 

type VpcAccessibleServicesOutput struct{ *pulumi.OutputState }

Specifies how APIs are allowed to communicate within the Service Perimeter.

func (VpcAccessibleServicesOutput) AllowedServices 

func (o VpcAccessibleServicesOutput) AllowedServices() pulumi.StringArrayOutput

The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.

func (VpcAccessibleServicesOutput) ElementType 

func (VpcAccessibleServicesOutput) ElementType() reflect.Type

func (VpcAccessibleServicesOutput) EnableRestriction 

func (o VpcAccessibleServicesOutput) EnableRestriction() pulumi.BoolPtrOutput

Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.

func (VpcAccessibleServicesOutput) ToVpcAccessibleServicesOutput 

func (o VpcAccessibleServicesOutput) ToVpcAccessibleServicesOutput() VpcAccessibleServicesOutput

func (VpcAccessibleServicesOutput) ToVpcAccessibleServicesOutputWithContext 

func (o VpcAccessibleServicesOutput) ToVpcAccessibleServicesOutputWithContext(ctx context.Context) VpcAccessibleServicesOutput

func (VpcAccessibleServicesOutput) ToVpcAccessibleServicesPtrOutput 

func (o VpcAccessibleServicesOutput) ToVpcAccessibleServicesPtrOutput() VpcAccessibleServicesPtrOutput

func (VpcAccessibleServicesOutput) ToVpcAccessibleServicesPtrOutputWithContext 

func (o VpcAccessibleServicesOutput) ToVpcAccessibleServicesPtrOutputWithContext(ctx context.Context) VpcAccessibleServicesPtrOutput

type VpcAccessibleServicesPtrInput 

type VpcAccessibleServicesPtrInput interface {
	pulumi.Input

	ToVpcAccessibleServicesPtrOutput() VpcAccessibleServicesPtrOutput
	ToVpcAccessibleServicesPtrOutputWithContext(context.Context) VpcAccessibleServicesPtrOutput
}

VpcAccessibleServicesPtrInput is an input type that accepts VpcAccessibleServicesArgs, VpcAccessibleServicesPtr and VpcAccessibleServicesPtrOutput values. You can construct a concrete instance of `VpcAccessibleServicesPtrInput` via: 

        VpcAccessibleServicesArgs{...}

or:

        nil

func VpcAccessibleServicesPtr 

func VpcAccessibleServicesPtr(v *VpcAccessibleServicesArgs) VpcAccessibleServicesPtrInput

type VpcAccessibleServicesPtrOutput 

type VpcAccessibleServicesPtrOutput struct{ *pulumi.OutputState }

func (VpcAccessibleServicesPtrOutput) AllowedServices 

func (o VpcAccessibleServicesPtrOutput) AllowedServices() pulumi.StringArrayOutput

The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.

func (VpcAccessibleServicesPtrOutput) Elem 

func (o VpcAccessibleServicesPtrOutput) Elem() VpcAccessibleServicesOutput

func (VpcAccessibleServicesPtrOutput) ElementType 

func (VpcAccessibleServicesPtrOutput) ElementType() reflect.Type

func (VpcAccessibleServicesPtrOutput) EnableRestriction 

func (o VpcAccessibleServicesPtrOutput) EnableRestriction() pulumi.BoolPtrOutput

Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.

func (VpcAccessibleServicesPtrOutput) ToVpcAccessibleServicesPtrOutput 

func (o VpcAccessibleServicesPtrOutput) ToVpcAccessibleServicesPtrOutput() VpcAccessibleServicesPtrOutput

func (VpcAccessibleServicesPtrOutput) ToVpcAccessibleServicesPtrOutputWithContext 

func (o VpcAccessibleServicesPtrOutput) ToVpcAccessibleServicesPtrOutputWithContext(ctx context.Context) VpcAccessibleServicesPtrOutput

type VpcAccessibleServicesResponse 

type VpcAccessibleServicesResponse struct {
	// The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
	AllowedServices []string `pulumi:"allowedServices"`
	// Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
	EnableRestriction bool `pulumi:"enableRestriction"`
}

Specifies how APIs are allowed to communicate within the Service Perimeter.

type VpcAccessibleServicesResponseOutput 

type VpcAccessibleServicesResponseOutput struct{ *pulumi.OutputState }

Specifies how APIs are allowed to communicate within the Service Perimeter.

func (VpcAccessibleServicesResponseOutput) AllowedServices 

func (o VpcAccessibleServicesResponseOutput) AllowedServices() pulumi.StringArrayOutput

The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.

func (VpcAccessibleServicesResponseOutput) ElementType 

func (VpcAccessibleServicesResponseOutput) ElementType() reflect.Type

func (VpcAccessibleServicesResponseOutput) EnableRestriction 

func (o VpcAccessibleServicesResponseOutput) EnableRestriction() pulumi.BoolOutput

Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.

func (VpcAccessibleServicesResponseOutput) ToVpcAccessibleServicesResponseOutput 

func (o VpcAccessibleServicesResponseOutput) ToVpcAccessibleServicesResponseOutput() VpcAccessibleServicesResponseOutput

func (VpcAccessibleServicesResponseOutput) ToVpcAccessibleServicesResponseOutputWithContext 

func (o VpcAccessibleServicesResponseOutput) ToVpcAccessibleServicesResponseOutputWithContext(ctx context.Context) VpcAccessibleServicesResponseOutput

type VpcNetworkSource added in v0.32.0 

type VpcNetworkSource struct {
	// Sub-segment ranges of a VPC network.
	VpcSubnetwork *VpcSubNetwork `pulumi:"vpcSubnetwork"`
}

The originating network source in Google Cloud.

type VpcNetworkSourceArgs added in v0.32.0 

type VpcNetworkSourceArgs struct {
	// Sub-segment ranges of a VPC network.
	VpcSubnetwork VpcSubNetworkPtrInput `pulumi:"vpcSubnetwork"`
}

The originating network source in Google Cloud.

func (VpcNetworkSourceArgs) ElementType added in v0.32.0 

func (VpcNetworkSourceArgs) ElementType() reflect.Type

func (VpcNetworkSourceArgs) ToVpcNetworkSourceOutput added in v0.32.0 

func (i VpcNetworkSourceArgs) ToVpcNetworkSourceOutput() VpcNetworkSourceOutput

func (VpcNetworkSourceArgs) ToVpcNetworkSourceOutputWithContext added in v0.32.0 

func (i VpcNetworkSourceArgs) ToVpcNetworkSourceOutputWithContext(ctx context.Context) VpcNetworkSourceOutput

type VpcNetworkSourceArray added in v0.32.0 

type VpcNetworkSourceArray []VpcNetworkSourceInput

func (VpcNetworkSourceArray) ElementType added in v0.32.0 

func (VpcNetworkSourceArray) ElementType() reflect.Type

func (VpcNetworkSourceArray) ToVpcNetworkSourceArrayOutput added in v0.32.0 

func (i VpcNetworkSourceArray) ToVpcNetworkSourceArrayOutput() VpcNetworkSourceArrayOutput

func (VpcNetworkSourceArray) ToVpcNetworkSourceArrayOutputWithContext added in v0.32.0 

func (i VpcNetworkSourceArray) ToVpcNetworkSourceArrayOutputWithContext(ctx context.Context) VpcNetworkSourceArrayOutput

type VpcNetworkSourceArrayInput added in v0.32.0 

type VpcNetworkSourceArrayInput interface {
	pulumi.Input

	ToVpcNetworkSourceArrayOutput() VpcNetworkSourceArrayOutput
	ToVpcNetworkSourceArrayOutputWithContext(context.Context) VpcNetworkSourceArrayOutput
}

VpcNetworkSourceArrayInput is an input type that accepts VpcNetworkSourceArray and VpcNetworkSourceArrayOutput values. You can construct a concrete instance of `VpcNetworkSourceArrayInput` via: 

VpcNetworkSourceArray{ VpcNetworkSourceArgs{...} }

type VpcNetworkSourceArrayOutput added in v0.32.0 

type VpcNetworkSourceArrayOutput struct{ *pulumi.OutputState }

func (VpcNetworkSourceArrayOutput) ElementType added in v0.32.0 

func (VpcNetworkSourceArrayOutput) ElementType() reflect.Type

func (VpcNetworkSourceArrayOutput) Index added in v0.32.0 

func (o VpcNetworkSourceArrayOutput) Index(i pulumi.IntInput) VpcNetworkSourceOutput

func (VpcNetworkSourceArrayOutput) ToVpcNetworkSourceArrayOutput added in v0.32.0 

func (o VpcNetworkSourceArrayOutput) ToVpcNetworkSourceArrayOutput() VpcNetworkSourceArrayOutput

func (VpcNetworkSourceArrayOutput) ToVpcNetworkSourceArrayOutputWithContext added in v0.32.0 

func (o VpcNetworkSourceArrayOutput) ToVpcNetworkSourceArrayOutputWithContext(ctx context.Context) VpcNetworkSourceArrayOutput

type VpcNetworkSourceInput added in v0.32.0 

type VpcNetworkSourceInput interface {
	pulumi.Input

	ToVpcNetworkSourceOutput() VpcNetworkSourceOutput
	ToVpcNetworkSourceOutputWithContext(context.Context) VpcNetworkSourceOutput
}

VpcNetworkSourceInput is an input type that accepts VpcNetworkSourceArgs and VpcNetworkSourceOutput values. You can construct a concrete instance of `VpcNetworkSourceInput` via: 

VpcNetworkSourceArgs{...}

type VpcNetworkSourceOutput added in v0.32.0 

type VpcNetworkSourceOutput struct{ *pulumi.OutputState }

The originating network source in Google Cloud.

func (VpcNetworkSourceOutput) ElementType added in v0.32.0 

func (VpcNetworkSourceOutput) ElementType() reflect.Type

func (VpcNetworkSourceOutput) ToVpcNetworkSourceOutput added in v0.32.0 

func (o VpcNetworkSourceOutput) ToVpcNetworkSourceOutput() VpcNetworkSourceOutput

func (VpcNetworkSourceOutput) ToVpcNetworkSourceOutputWithContext added in v0.32.0 

func (o VpcNetworkSourceOutput) ToVpcNetworkSourceOutputWithContext(ctx context.Context) VpcNetworkSourceOutput

func (VpcNetworkSourceOutput) VpcSubnetwork added in v0.32.0 

func (o VpcNetworkSourceOutput) VpcSubnetwork() VpcSubNetworkPtrOutput

Sub-segment ranges of a VPC network.

type VpcNetworkSourceResponse added in v0.32.0 

type VpcNetworkSourceResponse struct {
	// Sub-segment ranges of a VPC network.
	VpcSubnetwork VpcSubNetworkResponse `pulumi:"vpcSubnetwork"`
}

The originating network source in Google Cloud.

type VpcNetworkSourceResponseArrayOutput added in v0.32.0 

type VpcNetworkSourceResponseArrayOutput struct{ *pulumi.OutputState }

func (VpcNetworkSourceResponseArrayOutput) ElementType added in v0.32.0 

func (VpcNetworkSourceResponseArrayOutput) ElementType() reflect.Type

func (VpcNetworkSourceResponseArrayOutput) Index added in v0.32.0 

func (o VpcNetworkSourceResponseArrayOutput) Index(i pulumi.IntInput) VpcNetworkSourceResponseOutput

func (VpcNetworkSourceResponseArrayOutput) ToVpcNetworkSourceResponseArrayOutput added in v0.32.0 

func (o VpcNetworkSourceResponseArrayOutput) ToVpcNetworkSourceResponseArrayOutput() VpcNetworkSourceResponseArrayOutput

func (VpcNetworkSourceResponseArrayOutput) ToVpcNetworkSourceResponseArrayOutputWithContext added in v0.32.0 

func (o VpcNetworkSourceResponseArrayOutput) ToVpcNetworkSourceResponseArrayOutputWithContext(ctx context.Context) VpcNetworkSourceResponseArrayOutput

type VpcNetworkSourceResponseOutput added in v0.32.0 

type VpcNetworkSourceResponseOutput struct{ *pulumi.OutputState }

The originating network source in Google Cloud.

func (VpcNetworkSourceResponseOutput) ElementType added in v0.32.0 

func (VpcNetworkSourceResponseOutput) ElementType() reflect.Type

func (VpcNetworkSourceResponseOutput) ToVpcNetworkSourceResponseOutput added in v0.32.0 

func (o VpcNetworkSourceResponseOutput) ToVpcNetworkSourceResponseOutput() VpcNetworkSourceResponseOutput

func (VpcNetworkSourceResponseOutput) ToVpcNetworkSourceResponseOutputWithContext added in v0.32.0 

func (o VpcNetworkSourceResponseOutput) ToVpcNetworkSourceResponseOutputWithContext(ctx context.Context) VpcNetworkSourceResponseOutput

func (VpcNetworkSourceResponseOutput) VpcSubnetwork added in v0.32.0 

func (o VpcNetworkSourceResponseOutput) VpcSubnetwork() VpcSubNetworkResponseOutput

Sub-segment ranges of a VPC network.

type VpcSubNetwork added in v0.32.0 

type VpcSubNetwork struct {
	// Network name. If the network is not part of the organization, the `compute.network.get` permission must be granted to the caller. Format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` Example: `//compute.googleapis.com/projects/my-project/global/networks/network-1`
	Network string `pulumi:"network"`
	// CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.
	VpcIpSubnetworks []string `pulumi:"vpcIpSubnetworks"`
}

Sub-segment ranges inside of a VPC Network.

type VpcSubNetworkArgs added in v0.32.0 

type VpcSubNetworkArgs struct {
	// Network name. If the network is not part of the organization, the `compute.network.get` permission must be granted to the caller. Format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` Example: `//compute.googleapis.com/projects/my-project/global/networks/network-1`
	Network pulumi.StringInput `pulumi:"network"`
	// CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.
	VpcIpSubnetworks pulumi.StringArrayInput `pulumi:"vpcIpSubnetworks"`
}

Sub-segment ranges inside of a VPC Network.

func (VpcSubNetworkArgs) ElementType added in v0.32.0 

func (VpcSubNetworkArgs) ElementType() reflect.Type

func (VpcSubNetworkArgs) ToVpcSubNetworkOutput added in v0.32.0 

func (i VpcSubNetworkArgs) ToVpcSubNetworkOutput() VpcSubNetworkOutput

func (VpcSubNetworkArgs) ToVpcSubNetworkOutputWithContext added in v0.32.0 

func (i VpcSubNetworkArgs) ToVpcSubNetworkOutputWithContext(ctx context.Context) VpcSubNetworkOutput

func (VpcSubNetworkArgs) ToVpcSubNetworkPtrOutput added in v0.32.0 

func (i VpcSubNetworkArgs) ToVpcSubNetworkPtrOutput() VpcSubNetworkPtrOutput

func (VpcSubNetworkArgs) ToVpcSubNetworkPtrOutputWithContext added in v0.32.0 

func (i VpcSubNetworkArgs) ToVpcSubNetworkPtrOutputWithContext(ctx context.Context) VpcSubNetworkPtrOutput

type VpcSubNetworkInput added in v0.32.0 

type VpcSubNetworkInput interface {
	pulumi.Input

	ToVpcSubNetworkOutput() VpcSubNetworkOutput
	ToVpcSubNetworkOutputWithContext(context.Context) VpcSubNetworkOutput
}

VpcSubNetworkInput is an input type that accepts VpcSubNetworkArgs and VpcSubNetworkOutput values. You can construct a concrete instance of `VpcSubNetworkInput` via: 

VpcSubNetworkArgs{...}

type VpcSubNetworkOutput added in v0.32.0 

type VpcSubNetworkOutput struct{ *pulumi.OutputState }

Sub-segment ranges inside of a VPC Network.

func (VpcSubNetworkOutput) ElementType added in v0.32.0 

func (VpcSubNetworkOutput) ElementType() reflect.Type

func (VpcSubNetworkOutput) Network added in v0.32.0 

func (o VpcSubNetworkOutput) Network() pulumi.StringOutput

Network name. If the network is not part of the organization, the `compute.network.get` permission must be granted to the caller. Format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` Example: `//compute.googleapis.com/projects/my-project/global/networks/network-1`

func (VpcSubNetworkOutput) ToVpcSubNetworkOutput added in v0.32.0 

func (o VpcSubNetworkOutput) ToVpcSubNetworkOutput() VpcSubNetworkOutput

func (VpcSubNetworkOutput) ToVpcSubNetworkOutputWithContext added in v0.32.0 

func (o VpcSubNetworkOutput) ToVpcSubNetworkOutputWithContext(ctx context.Context) VpcSubNetworkOutput

func (VpcSubNetworkOutput) ToVpcSubNetworkPtrOutput added in v0.32.0 

func (o VpcSubNetworkOutput) ToVpcSubNetworkPtrOutput() VpcSubNetworkPtrOutput

func (VpcSubNetworkOutput) ToVpcSubNetworkPtrOutputWithContext added in v0.32.0 

func (o VpcSubNetworkOutput) ToVpcSubNetworkPtrOutputWithContext(ctx context.Context) VpcSubNetworkPtrOutput

func (VpcSubNetworkOutput) VpcIpSubnetworks added in v0.32.0 

func (o VpcSubNetworkOutput) VpcIpSubnetworks() pulumi.StringArrayOutput

CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.

type VpcSubNetworkPtrInput added in v0.32.0 

type VpcSubNetworkPtrInput interface {
	pulumi.Input

	ToVpcSubNetworkPtrOutput() VpcSubNetworkPtrOutput
	ToVpcSubNetworkPtrOutputWithContext(context.Context) VpcSubNetworkPtrOutput
}

VpcSubNetworkPtrInput is an input type that accepts VpcSubNetworkArgs, VpcSubNetworkPtr and VpcSubNetworkPtrOutput values. You can construct a concrete instance of `VpcSubNetworkPtrInput` via: 

        VpcSubNetworkArgs{...}

or:

        nil

func VpcSubNetworkPtr added in v0.32.0 

func VpcSubNetworkPtr(v *VpcSubNetworkArgs) VpcSubNetworkPtrInput

type VpcSubNetworkPtrOutput added in v0.32.0 

type VpcSubNetworkPtrOutput struct{ *pulumi.OutputState }

func (VpcSubNetworkPtrOutput) Elem added in v0.32.0 

func (o VpcSubNetworkPtrOutput) Elem() VpcSubNetworkOutput

func (VpcSubNetworkPtrOutput) ElementType added in v0.32.0 

func (VpcSubNetworkPtrOutput) ElementType() reflect.Type

func (VpcSubNetworkPtrOutput) Network added in v0.32.0 

func (o VpcSubNetworkPtrOutput) Network() pulumi.StringPtrOutput

Network name. If the network is not part of the organization, the `compute.network.get` permission must be granted to the caller. Format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` Example: `//compute.googleapis.com/projects/my-project/global/networks/network-1`

func (VpcSubNetworkPtrOutput) ToVpcSubNetworkPtrOutput added in v0.32.0 

func (o VpcSubNetworkPtrOutput) ToVpcSubNetworkPtrOutput() VpcSubNetworkPtrOutput

func (VpcSubNetworkPtrOutput) ToVpcSubNetworkPtrOutputWithContext added in v0.32.0 

func (o VpcSubNetworkPtrOutput) ToVpcSubNetworkPtrOutputWithContext(ctx context.Context) VpcSubNetworkPtrOutput

func (VpcSubNetworkPtrOutput) VpcIpSubnetworks added in v0.32.0 

func (o VpcSubNetworkPtrOutput) VpcIpSubnetworks() pulumi.StringArrayOutput

CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.

type VpcSubNetworkResponse added in v0.32.0 

type VpcSubNetworkResponse struct {
	// Network name. If the network is not part of the organization, the `compute.network.get` permission must be granted to the caller. Format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` Example: `//compute.googleapis.com/projects/my-project/global/networks/network-1`
	Network string `pulumi:"network"`
	// CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.
	VpcIpSubnetworks []string `pulumi:"vpcIpSubnetworks"`
}

Sub-segment ranges inside of a VPC Network.

type VpcSubNetworkResponseOutput added in v0.32.0 

type VpcSubNetworkResponseOutput struct{ *pulumi.OutputState }

Sub-segment ranges inside of a VPC Network.

func (VpcSubNetworkResponseOutput) ElementType added in v0.32.0 

func (VpcSubNetworkResponseOutput) ElementType() reflect.Type

func (VpcSubNetworkResponseOutput) Network added in v0.32.0 

func (o VpcSubNetworkResponseOutput) Network() pulumi.StringOutput

Network name. If the network is not part of the organization, the `compute.network.get` permission must be granted to the caller. Format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` Example: `//compute.googleapis.com/projects/my-project/global/networks/network-1`

func (VpcSubNetworkResponseOutput) ToVpcSubNetworkResponseOutput added in v0.32.0 

func (o VpcSubNetworkResponseOutput) ToVpcSubNetworkResponseOutput() VpcSubNetworkResponseOutput

func (VpcSubNetworkResponseOutput) ToVpcSubNetworkResponseOutputWithContext added in v0.32.0 

func (o VpcSubNetworkResponseOutput) ToVpcSubNetworkResponseOutputWithContext(ctx context.Context) VpcSubNetworkResponseOutput

func (VpcSubNetworkResponseOutput) VpcIpSubnetworks added in v0.32.0 

func (o VpcSubNetworkResponseOutput) VpcIpSubnetworks() pulumi.StringArrayOutput

CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.