v1

package
v0.32.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 29, 2023 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Default value.
	AddressGroupTypeTypeUnspecified = AddressGroupType("TYPE_UNSPECIFIED")
	// IP v4 ranges.
	AddressGroupTypeIpv4 = AddressGroupType("IPV4")
	// IP v6 ranges.
	AddressGroupTypeIpv6 = AddressGroupType("IPV6")
)
View Source 
const (
	// Default value.
	AuthorizationPolicyActionActionUnspecified = AuthorizationPolicyAction("ACTION_UNSPECIFIED")
	// Grant access.
	AuthorizationPolicyActionAllow = AuthorizationPolicyAction("ALLOW")
	// Deny access. Deny rules should be avoided unless they are used to provide a default "deny all" fallback.
	AuthorizationPolicyActionDeny = AuthorizationPolicyAction("DENY")
)
View Source 
const (
	// Default case. Should never be this.
	GoogleIamV1AuditLogConfigLogTypeLogTypeUnspecified = GoogleIamV1AuditLogConfigLogType("LOG_TYPE_UNSPECIFIED")
	// Admin reads. Example: CloudIAM getIamPolicy
	GoogleIamV1AuditLogConfigLogTypeAdminRead = GoogleIamV1AuditLogConfigLogType("ADMIN_READ")
	// Data writes. Example: CloudSQL Users create
	GoogleIamV1AuditLogConfigLogTypeDataWrite = GoogleIamV1AuditLogConfigLogType("DATA_WRITE")
	// Data reads. Example: CloudSQL Users list
	GoogleIamV1AuditLogConfigLogTypeDataRead = GoogleIamV1AuditLogConfigLogType("DATA_READ")
)
View Source 
const (
	// Not allowed.
	MTLSPolicyClientValidationModeClientValidationModeUnspecified = MTLSPolicyClientValidationMode("CLIENT_VALIDATION_MODE_UNSPECIFIED")
	// Allow connection even if certificate chain validation of the client certificate failed or no client certificate was presented. The proof of possession of the private key is always checked if client certificate was presented. This mode requires the backend to implement processing of data extracted from a client certificate to authenticate the peer, or to reject connections if the client certificate fingerprint is missing.
	MTLSPolicyClientValidationModeAllowInvalidOrMissingClientCert = MTLSPolicyClientValidationMode("ALLOW_INVALID_OR_MISSING_CLIENT_CERT")
	// Require a client certificate and allow connection to the backend only if validation of the client certificate passed. If set, requires a reference to non-empty TrustConfig specified in `client_validation_trust_config`.
	MTLSPolicyClientValidationModeRejectInvalid = MTLSPolicyClientValidationMode("REJECT_INVALID")
)
View Source 
const (
	// Default value.
	OrganizationAddressGroupTypeTypeUnspecified = OrganizationAddressGroupType("TYPE_UNSPECIFIED")
	// IP v4 ranges.
	OrganizationAddressGroupTypeIpv4 = OrganizationAddressGroupType("IPV4")
	// IP v6 ranges.
	OrganizationAddressGroupTypeIpv6 = OrganizationAddressGroupType("IPV6")
)
View Source 
const (
	// If there is not a mentioned action for the target.
	RuleBasicProfileBasicProfileUnspecified = RuleBasicProfile("BASIC_PROFILE_UNSPECIFIED")
	// Allow the matched traffic.
	RuleBasicProfileAllow = RuleBasicProfile("ALLOW")
	// Deny the matched traffic.
	RuleBasicProfileDeny = RuleBasicProfile("DENY")
)
View Source 
const (
	// Indicates no TLS version was specified.
	TlsInspectionPolicyMinTlsVersionTlsVersionUnspecified = TlsInspectionPolicyMinTlsVersion("TLS_VERSION_UNSPECIFIED")
	// TLS 1.0
	TlsInspectionPolicyMinTlsVersionTls10 = TlsInspectionPolicyMinTlsVersion("TLS_1_0")
	// TLS 1.1
	TlsInspectionPolicyMinTlsVersionTls11 = TlsInspectionPolicyMinTlsVersion("TLS_1_1")
	// TLS 1.2
	TlsInspectionPolicyMinTlsVersionTls12 = TlsInspectionPolicyMinTlsVersion("TLS_1_2")
	// TLS 1.3
	TlsInspectionPolicyMinTlsVersionTls13 = TlsInspectionPolicyMinTlsVersion("TLS_1_3")
)
View Source 
const (
	// Indicates no profile was specified.
	TlsInspectionPolicyTlsFeatureProfileProfileUnspecified = TlsInspectionPolicyTlsFeatureProfile("PROFILE_UNSPECIFIED")
	// Compatible profile. Allows the broadest set of clients, even those which support only out-of-date SSL features to negotiate with the TLS inspection proxy.
	TlsInspectionPolicyTlsFeatureProfileProfileCompatible = TlsInspectionPolicyTlsFeatureProfile("PROFILE_COMPATIBLE")
	// Modern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the TLS inspection proxy.
	TlsInspectionPolicyTlsFeatureProfileProfileModern = TlsInspectionPolicyTlsFeatureProfile("PROFILE_MODERN")
	// Restricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.
	TlsInspectionPolicyTlsFeatureProfileProfileRestricted = TlsInspectionPolicyTlsFeatureProfile("PROFILE_RESTRICTED")
	// Custom profile. Allow only the set of allowed SSL features specified in the custom_features field of SslPolicy.
	TlsInspectionPolicyTlsFeatureProfileProfileCustom = TlsInspectionPolicyTlsFeatureProfile("PROFILE_CUSTOM")
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AddressGroup added in v0.32.0 

type AddressGroup struct {
	pulumi.CustomResourceState

	// Required. Short name of the AddressGroup resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "authz_policy".
	AddressGroupId pulumi.StringOutput `pulumi:"addressGroupId"`
	// Capacity of the Address Group
	Capacity pulumi.IntOutput `pulumi:"capacity"`
	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description pulumi.StringOutput `pulumi:"description"`
	// Optional. List of items.
	Items pulumi.StringArrayOutput `pulumi:"items"`
	// Optional. Set of label tags associated with the AddressGroup resource.
	Labels   pulumi.StringMapOutput `pulumi:"labels"`
	Location pulumi.StringOutput    `pulumi:"location"`
	// Name of the AddressGroup resource. It matches pattern `projects/*/locations/{location}/addressGroups/`.
	Name    pulumi.StringOutput `pulumi:"name"`
	Project pulumi.StringOutput `pulumi:"project"`
	// Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrOutput `pulumi:"requestId"`
	// Server-defined fully-qualified URL for this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// The type of the Address Group. Possible values are "IPv4" or "IPV6".
	Type pulumi.StringOutput `pulumi:"type"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Creates a new address group in a given project and location.

func GetAddressGroup added in v0.32.0 

func GetAddressGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupState, opts ...pulumi.ResourceOption) (*AddressGroup, error)

GetAddressGroup gets an existing AddressGroup resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroup added in v0.32.0 

func NewAddressGroup(ctx *pulumi.Context,
	name string, args *AddressGroupArgs, opts ...pulumi.ResourceOption) (*AddressGroup, error)

NewAddressGroup registers a new resource with the given unique name, arguments, and options.

func (*AddressGroup) ElementType added in v0.32.0 

func (*AddressGroup) ElementType() reflect.Type

func (*AddressGroup) ToAddressGroupOutput added in v0.32.0 

func (i *AddressGroup) ToAddressGroupOutput() AddressGroupOutput

func (*AddressGroup) ToAddressGroupOutputWithContext added in v0.32.0 

func (i *AddressGroup) ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput

type AddressGroupArgs added in v0.32.0 

type AddressGroupArgs struct {
	// Required. Short name of the AddressGroup resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "authz_policy".
	AddressGroupId pulumi.StringInput
	// Capacity of the Address Group
	Capacity pulumi.IntInput
	// Optional. Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Optional. List of items.
	Items pulumi.StringArrayInput
	// Optional. Set of label tags associated with the AddressGroup resource.
	Labels   pulumi.StringMapInput
	Location pulumi.StringPtrInput
	// Name of the AddressGroup resource. It matches pattern `projects/*/locations/{location}/addressGroups/`.
	Name    pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrInput
	// The type of the Address Group. Possible values are "IPv4" or "IPV6".
	Type AddressGroupTypeInput
}

The set of arguments for constructing a AddressGroup resource.

func (AddressGroupArgs) ElementType added in v0.32.0 

func (AddressGroupArgs) ElementType() reflect.Type

type AddressGroupIamBinding added in v0.32.0 

type AddressGroupIamBinding struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetAddressGroupIamBinding added in v0.32.0 

func GetAddressGroupIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupIamBindingState, opts ...pulumi.ResourceOption) (*AddressGroupIamBinding, error)

GetAddressGroupIamBinding gets an existing AddressGroupIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroupIamBinding added in v0.32.0 

func NewAddressGroupIamBinding(ctx *pulumi.Context,
	name string, args *AddressGroupIamBindingArgs, opts ...pulumi.ResourceOption) (*AddressGroupIamBinding, error)

NewAddressGroupIamBinding registers a new resource with the given unique name, arguments, and options.

func (*AddressGroupIamBinding) ElementType added in v0.32.0 

func (*AddressGroupIamBinding) ElementType() reflect.Type

func (*AddressGroupIamBinding) ToAddressGroupIamBindingOutput added in v0.32.0 

func (i *AddressGroupIamBinding) ToAddressGroupIamBindingOutput() AddressGroupIamBindingOutput

func (*AddressGroupIamBinding) ToAddressGroupIamBindingOutputWithContext added in v0.32.0 

func (i *AddressGroupIamBinding) ToAddressGroupIamBindingOutputWithContext(ctx context.Context) AddressGroupIamBindingOutput

type AddressGroupIamBindingArgs added in v0.32.0 

type AddressGroupIamBindingArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringInput
}

The set of arguments for constructing a AddressGroupIamBinding resource.

func (AddressGroupIamBindingArgs) ElementType added in v0.32.0 

func (AddressGroupIamBindingArgs) ElementType() reflect.Type

type AddressGroupIamBindingInput added in v0.32.0 

type AddressGroupIamBindingInput interface {
	pulumi.Input

	ToAddressGroupIamBindingOutput() AddressGroupIamBindingOutput
	ToAddressGroupIamBindingOutputWithContext(ctx context.Context) AddressGroupIamBindingOutput
}

type AddressGroupIamBindingOutput added in v0.32.0 

type AddressGroupIamBindingOutput struct{ *pulumi.OutputState }

func (AddressGroupIamBindingOutput) Condition added in v0.32.0 

func (o AddressGroupIamBindingOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (AddressGroupIamBindingOutput) ElementType added in v0.32.0 

func (AddressGroupIamBindingOutput) ElementType() reflect.Type

func (AddressGroupIamBindingOutput) Etag added in v0.32.0 

func (o AddressGroupIamBindingOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (AddressGroupIamBindingOutput) Members added in v0.32.0 

func (o AddressGroupIamBindingOutput) Members() pulumi.StringArrayOutput

Identities that will be granted the privilege in role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (AddressGroupIamBindingOutput) Name added in v0.32.0 

func (o AddressGroupIamBindingOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (AddressGroupIamBindingOutput) Project added in v0.32.0 

func (o AddressGroupIamBindingOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (AddressGroupIamBindingOutput) Role added in v0.32.0 

func (o AddressGroupIamBindingOutput) Role() pulumi.StringOutput

The role that should be applied. Only one `IamBinding` can be used per role.

func (AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutput added in v0.32.0 

func (o AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutput() AddressGroupIamBindingOutput

func (AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutputWithContext added in v0.32.0 

func (o AddressGroupIamBindingOutput) ToAddressGroupIamBindingOutputWithContext(ctx context.Context) AddressGroupIamBindingOutput

type AddressGroupIamBindingState added in v0.32.0 

type AddressGroupIamBindingState struct {
}

func (AddressGroupIamBindingState) ElementType added in v0.32.0 

func (AddressGroupIamBindingState) ElementType() reflect.Type

type AddressGroupIamMember added in v0.32.0 

type AddressGroupIamMember struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringOutput `pulumi:"member"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetAddressGroupIamMember added in v0.32.0 

func GetAddressGroupIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupIamMemberState, opts ...pulumi.ResourceOption) (*AddressGroupIamMember, error)

GetAddressGroupIamMember gets an existing AddressGroupIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroupIamMember added in v0.32.0 

func NewAddressGroupIamMember(ctx *pulumi.Context,
	name string, args *AddressGroupIamMemberArgs, opts ...pulumi.ResourceOption) (*AddressGroupIamMember, error)

NewAddressGroupIamMember registers a new resource with the given unique name, arguments, and options.

func (*AddressGroupIamMember) ElementType added in v0.32.0 

func (*AddressGroupIamMember) ElementType() reflect.Type

func (*AddressGroupIamMember) ToAddressGroupIamMemberOutput added in v0.32.0 

func (i *AddressGroupIamMember) ToAddressGroupIamMemberOutput() AddressGroupIamMemberOutput

func (*AddressGroupIamMember) ToAddressGroupIamMemberOutputWithContext added in v0.32.0 

func (i *AddressGroupIamMember) ToAddressGroupIamMemberOutputWithContext(ctx context.Context) AddressGroupIamMemberOutput

type AddressGroupIamMemberArgs added in v0.32.0 

type AddressGroupIamMemberArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied.
	Role pulumi.StringInput
}

The set of arguments for constructing a AddressGroupIamMember resource.

func (AddressGroupIamMemberArgs) ElementType added in v0.32.0 

func (AddressGroupIamMemberArgs) ElementType() reflect.Type

type AddressGroupIamMemberInput added in v0.32.0 

type AddressGroupIamMemberInput interface {
	pulumi.Input

	ToAddressGroupIamMemberOutput() AddressGroupIamMemberOutput
	ToAddressGroupIamMemberOutputWithContext(ctx context.Context) AddressGroupIamMemberOutput
}

type AddressGroupIamMemberOutput added in v0.32.0 

type AddressGroupIamMemberOutput struct{ *pulumi.OutputState }

func (AddressGroupIamMemberOutput) Condition added in v0.32.0 

func (o AddressGroupIamMemberOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (AddressGroupIamMemberOutput) ElementType added in v0.32.0 

func (AddressGroupIamMemberOutput) ElementType() reflect.Type

func (AddressGroupIamMemberOutput) Etag added in v0.32.0 

func (o AddressGroupIamMemberOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (AddressGroupIamMemberOutput) Member added in v0.32.0 

func (o AddressGroupIamMemberOutput) Member() pulumi.StringOutput

Identity that will be granted the privilege in role. The entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (AddressGroupIamMemberOutput) Name added in v0.32.0 

func (o AddressGroupIamMemberOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (AddressGroupIamMemberOutput) Project added in v0.32.0 

func (o AddressGroupIamMemberOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (AddressGroupIamMemberOutput) Role added in v0.32.0 

func (o AddressGroupIamMemberOutput) Role() pulumi.StringOutput

The role that should be applied.

func (AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutput added in v0.32.0 

func (o AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutput() AddressGroupIamMemberOutput

func (AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutputWithContext added in v0.32.0 

func (o AddressGroupIamMemberOutput) ToAddressGroupIamMemberOutputWithContext(ctx context.Context) AddressGroupIamMemberOutput

type AddressGroupIamMemberState added in v0.32.0 

type AddressGroupIamMemberState struct {
}

func (AddressGroupIamMemberState) ElementType added in v0.32.0 

func (AddressGroupIamMemberState) ElementType() reflect.Type

type AddressGroupIamPolicy added in v0.32.0 

type AddressGroupIamPolicy struct {
	pulumi.CustomResourceState

	AddressGroupId pulumi.StringOutput `pulumi:"addressGroupId"`
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs GoogleIamV1AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings GoogleIamV1BindingResponseArrayOutput `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringOutput `pulumi:"etag"`
	Location pulumi.StringOutput `pulumi:"location"`
	Project  pulumi.StringOutput `pulumi:"project"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetAddressGroupIamPolicy added in v0.32.0 

func GetAddressGroupIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AddressGroupIamPolicyState, opts ...pulumi.ResourceOption) (*AddressGroupIamPolicy, error)

GetAddressGroupIamPolicy gets an existing AddressGroupIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAddressGroupIamPolicy added in v0.32.0 

func NewAddressGroupIamPolicy(ctx *pulumi.Context,
	name string, args *AddressGroupIamPolicyArgs, opts ...pulumi.ResourceOption) (*AddressGroupIamPolicy, error)

NewAddressGroupIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*AddressGroupIamPolicy) ElementType added in v0.32.0 

func (*AddressGroupIamPolicy) ElementType() reflect.Type

func (*AddressGroupIamPolicy) ToAddressGroupIamPolicyOutput added in v0.32.0 

func (i *AddressGroupIamPolicy) ToAddressGroupIamPolicyOutput() AddressGroupIamPolicyOutput

func (*AddressGroupIamPolicy) ToAddressGroupIamPolicyOutputWithContext added in v0.32.0 

func (i *AddressGroupIamPolicy) ToAddressGroupIamPolicyOutputWithContext(ctx context.Context) AddressGroupIamPolicyOutput

type AddressGroupIamPolicyArgs added in v0.32.0 

type AddressGroupIamPolicyArgs struct {
	AddressGroupId pulumi.StringInput
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs GoogleIamV1AuditConfigArrayInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings GoogleIamV1BindingArrayInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringPtrInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a AddressGroupIamPolicy resource.

func (AddressGroupIamPolicyArgs) ElementType added in v0.32.0 

func (AddressGroupIamPolicyArgs) ElementType() reflect.Type

type AddressGroupIamPolicyInput added in v0.32.0 

type AddressGroupIamPolicyInput interface {
	pulumi.Input

	ToAddressGroupIamPolicyOutput() AddressGroupIamPolicyOutput
	ToAddressGroupIamPolicyOutputWithContext(ctx context.Context) AddressGroupIamPolicyOutput
}

type AddressGroupIamPolicyOutput added in v0.32.0 

type AddressGroupIamPolicyOutput struct{ *pulumi.OutputState }

func (AddressGroupIamPolicyOutput) AddressGroupId added in v0.32.0 

func (o AddressGroupIamPolicyOutput) AddressGroupId() pulumi.StringOutput

func (AddressGroupIamPolicyOutput) AuditConfigs added in v0.32.0 

func (o AddressGroupIamPolicyOutput) AuditConfigs() GoogleIamV1AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (AddressGroupIamPolicyOutput) Bindings added in v0.32.0 

func (o AddressGroupIamPolicyOutput) Bindings() GoogleIamV1BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (AddressGroupIamPolicyOutput) ElementType added in v0.32.0 

func (AddressGroupIamPolicyOutput) ElementType() reflect.Type

func (AddressGroupIamPolicyOutput) Etag added in v0.32.0 

func (o AddressGroupIamPolicyOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (AddressGroupIamPolicyOutput) Location added in v0.32.0 

func (o AddressGroupIamPolicyOutput) Location() pulumi.StringOutput

func (AddressGroupIamPolicyOutput) Project added in v0.32.0 

func (o AddressGroupIamPolicyOutput) Project() pulumi.StringOutput

func (AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutput added in v0.32.0 

func (o AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutput() AddressGroupIamPolicyOutput

func (AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutputWithContext added in v0.32.0 

func (o AddressGroupIamPolicyOutput) ToAddressGroupIamPolicyOutputWithContext(ctx context.Context) AddressGroupIamPolicyOutput

func (AddressGroupIamPolicyOutput) Version added in v0.32.0 

func (o AddressGroupIamPolicyOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type AddressGroupIamPolicyState added in v0.32.0 

type AddressGroupIamPolicyState struct {
}

func (AddressGroupIamPolicyState) ElementType added in v0.32.0 

func (AddressGroupIamPolicyState) ElementType() reflect.Type

type AddressGroupInput added in v0.32.0 

type AddressGroupInput interface {
	pulumi.Input

	ToAddressGroupOutput() AddressGroupOutput
	ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput
}

type AddressGroupOutput added in v0.32.0 

type AddressGroupOutput struct{ *pulumi.OutputState }

func (AddressGroupOutput) AddressGroupId added in v0.32.0 

func (o AddressGroupOutput) AddressGroupId() pulumi.StringOutput

Required. Short name of the AddressGroup resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "authz_policy".

func (AddressGroupOutput) Capacity added in v0.32.0 

func (o AddressGroupOutput) Capacity() pulumi.IntOutput

Capacity of the Address Group

func (AddressGroupOutput) CreateTime added in v0.32.0 

func (o AddressGroupOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (AddressGroupOutput) Description added in v0.32.0 

func (o AddressGroupOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (AddressGroupOutput) ElementType added in v0.32.0 

func (AddressGroupOutput) ElementType() reflect.Type

func (AddressGroupOutput) Items added in v0.32.0 

func (o AddressGroupOutput) Items() pulumi.StringArrayOutput

Optional. List of items.

func (AddressGroupOutput) Labels added in v0.32.0 

func (o AddressGroupOutput) Labels() pulumi.StringMapOutput

Optional. Set of label tags associated with the AddressGroup resource.

func (AddressGroupOutput) Location added in v0.32.0 

func (o AddressGroupOutput) Location() pulumi.StringOutput

func (AddressGroupOutput) Name added in v0.32.0 

func (o AddressGroupOutput) Name() pulumi.StringOutput

Name of the AddressGroup resource. It matches pattern `projects/*/locations/{location}/addressGroups/`.

func (AddressGroupOutput) Project added in v0.32.0 

func (o AddressGroupOutput) Project() pulumi.StringOutput

func (AddressGroupOutput) RequestId added in v0.32.0 

func (o AddressGroupOutput) RequestId() pulumi.StringPtrOutput

Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000). 

func (o AddressGroupOutput) SelfLink() pulumi.StringOutput

Server-defined fully-qualified URL for this resource.

func (AddressGroupOutput) ToAddressGroupOutput added in v0.32.0 

func (o AddressGroupOutput) ToAddressGroupOutput() AddressGroupOutput

func (AddressGroupOutput) ToAddressGroupOutputWithContext added in v0.32.0 

func (o AddressGroupOutput) ToAddressGroupOutputWithContext(ctx context.Context) AddressGroupOutput

func (AddressGroupOutput) Type added in v0.32.0 

func (o AddressGroupOutput) Type() pulumi.StringOutput

The type of the Address Group. Possible values are "IPv4" or "IPV6".

func (AddressGroupOutput) UpdateTime added in v0.32.0 

func (o AddressGroupOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type AddressGroupState added in v0.32.0 

type AddressGroupState struct {
}

func (AddressGroupState) ElementType added in v0.32.0 

func (AddressGroupState) ElementType() reflect.Type

type AddressGroupType added in v0.32.0 

type AddressGroupType string

Required. The type of the Address Group. Possible values are "IPv4" or "IPV6".

func (AddressGroupType) ElementType added in v0.32.0 

func (AddressGroupType) ElementType() reflect.Type

func (AddressGroupType) ToAddressGroupTypeOutput added in v0.32.0 

func (e AddressGroupType) ToAddressGroupTypeOutput() AddressGroupTypeOutput

func (AddressGroupType) ToAddressGroupTypeOutputWithContext added in v0.32.0 

func (e AddressGroupType) ToAddressGroupTypeOutputWithContext(ctx context.Context) AddressGroupTypeOutput

func (AddressGroupType) ToAddressGroupTypePtrOutput added in v0.32.0 

func (e AddressGroupType) ToAddressGroupTypePtrOutput() AddressGroupTypePtrOutput

func (AddressGroupType) ToAddressGroupTypePtrOutputWithContext added in v0.32.0 

func (e AddressGroupType) ToAddressGroupTypePtrOutputWithContext(ctx context.Context) AddressGroupTypePtrOutput

func (AddressGroupType) ToStringOutput added in v0.32.0 

func (e AddressGroupType) ToStringOutput() pulumi.StringOutput

func (AddressGroupType) ToStringOutputWithContext added in v0.32.0 

func (e AddressGroupType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AddressGroupType) ToStringPtrOutput added in v0.32.0 

func (e AddressGroupType) ToStringPtrOutput() pulumi.StringPtrOutput

func (AddressGroupType) ToStringPtrOutputWithContext added in v0.32.0 

func (e AddressGroupType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AddressGroupTypeInput added in v0.32.0 

type AddressGroupTypeInput interface {
	pulumi.Input

	ToAddressGroupTypeOutput() AddressGroupTypeOutput
	ToAddressGroupTypeOutputWithContext(context.Context) AddressGroupTypeOutput
}

AddressGroupTypeInput is an input type that accepts AddressGroupTypeArgs and AddressGroupTypeOutput values. You can construct a concrete instance of `AddressGroupTypeInput` via: 

AddressGroupTypeArgs{...}

type AddressGroupTypeOutput added in v0.32.0 

type AddressGroupTypeOutput struct{ *pulumi.OutputState }

func (AddressGroupTypeOutput) ElementType added in v0.32.0 

func (AddressGroupTypeOutput) ElementType() reflect.Type

func (AddressGroupTypeOutput) ToAddressGroupTypeOutput added in v0.32.0 

func (o AddressGroupTypeOutput) ToAddressGroupTypeOutput() AddressGroupTypeOutput

func (AddressGroupTypeOutput) ToAddressGroupTypeOutputWithContext added in v0.32.0 

func (o AddressGroupTypeOutput) ToAddressGroupTypeOutputWithContext(ctx context.Context) AddressGroupTypeOutput

func (AddressGroupTypeOutput) ToAddressGroupTypePtrOutput added in v0.32.0 

func (o AddressGroupTypeOutput) ToAddressGroupTypePtrOutput() AddressGroupTypePtrOutput

func (AddressGroupTypeOutput) ToAddressGroupTypePtrOutputWithContext added in v0.32.0 

func (o AddressGroupTypeOutput) ToAddressGroupTypePtrOutputWithContext(ctx context.Context) AddressGroupTypePtrOutput

func (AddressGroupTypeOutput) ToStringOutput added in v0.32.0 

func (o AddressGroupTypeOutput) ToStringOutput() pulumi.StringOutput

func (AddressGroupTypeOutput) ToStringOutputWithContext added in v0.32.0 

func (o AddressGroupTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AddressGroupTypeOutput) ToStringPtrOutput added in v0.32.0 

func (o AddressGroupTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AddressGroupTypeOutput) ToStringPtrOutputWithContext added in v0.32.0 

func (o AddressGroupTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AddressGroupTypePtrInput added in v0.32.0 

type AddressGroupTypePtrInput interface {
	pulumi.Input

	ToAddressGroupTypePtrOutput() AddressGroupTypePtrOutput
	ToAddressGroupTypePtrOutputWithContext(context.Context) AddressGroupTypePtrOutput
}

func AddressGroupTypePtr added in v0.32.0 

func AddressGroupTypePtr(v string) AddressGroupTypePtrInput

type AddressGroupTypePtrOutput added in v0.32.0 

type AddressGroupTypePtrOutput struct{ *pulumi.OutputState }

func (AddressGroupTypePtrOutput) Elem added in v0.32.0 

func (o AddressGroupTypePtrOutput) Elem() AddressGroupTypeOutput

func (AddressGroupTypePtrOutput) ElementType added in v0.32.0 

func (AddressGroupTypePtrOutput) ElementType() reflect.Type

func (AddressGroupTypePtrOutput) ToAddressGroupTypePtrOutput added in v0.32.0 

func (o AddressGroupTypePtrOutput) ToAddressGroupTypePtrOutput() AddressGroupTypePtrOutput

func (AddressGroupTypePtrOutput) ToAddressGroupTypePtrOutputWithContext added in v0.32.0 

func (o AddressGroupTypePtrOutput) ToAddressGroupTypePtrOutputWithContext(ctx context.Context) AddressGroupTypePtrOutput

func (AddressGroupTypePtrOutput) ToStringPtrOutput added in v0.32.0 

func (o AddressGroupTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AddressGroupTypePtrOutput) ToStringPtrOutputWithContext added in v0.32.0 

func (o AddressGroupTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizationPolicy 

type AuthorizationPolicy struct {
	pulumi.CustomResourceState

	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	Action pulumi.StringOutput `pulumi:"action"`
	// Required. Short name of the AuthorizationPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "authz_policy".
	AuthorizationPolicyId pulumi.StringOutput `pulumi:"authorizationPolicyId"`
	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description pulumi.StringOutput `pulumi:"description"`
	// Optional. Set of label tags associated with the AuthorizationPolicy resource.
	Labels   pulumi.StringMapOutput `pulumi:"labels"`
	Location pulumi.StringOutput    `pulumi:"location"`
	// Name of the AuthorizationPolicy resource. It matches pattern `projects/{project}/locations/{location}/authorizationPolicies/`.
	Name    pulumi.StringOutput `pulumi:"name"`
	Project pulumi.StringOutput `pulumi:"project"`
	// Optional. List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken. A rule is a match if there is a matching source and destination. If left blank, the action specified in the `action` field will be applied on every request.
	Rules RuleResponseArrayOutput `pulumi:"rules"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Creates a new AuthorizationPolicy in a given project and location.

func GetAuthorizationPolicy 

func GetAuthorizationPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthorizationPolicyState, opts ...pulumi.ResourceOption) (*AuthorizationPolicy, error)

GetAuthorizationPolicy gets an existing AuthorizationPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthorizationPolicy 

func NewAuthorizationPolicy(ctx *pulumi.Context,
	name string, args *AuthorizationPolicyArgs, opts ...pulumi.ResourceOption) (*AuthorizationPolicy, error)

NewAuthorizationPolicy registers a new resource with the given unique name, arguments, and options.

func (*AuthorizationPolicy) ElementType 

func (*AuthorizationPolicy) ElementType() reflect.Type

func (*AuthorizationPolicy) ToAuthorizationPolicyOutput 

func (i *AuthorizationPolicy) ToAuthorizationPolicyOutput() AuthorizationPolicyOutput

func (*AuthorizationPolicy) ToAuthorizationPolicyOutputWithContext 

func (i *AuthorizationPolicy) ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput

type AuthorizationPolicyAction 

type AuthorizationPolicyAction string

Required. The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".

func (AuthorizationPolicyAction) ElementType 

func (AuthorizationPolicyAction) ElementType() reflect.Type

func (AuthorizationPolicyAction) ToAuthorizationPolicyActionOutput 

func (e AuthorizationPolicyAction) ToAuthorizationPolicyActionOutput() AuthorizationPolicyActionOutput

func (AuthorizationPolicyAction) ToAuthorizationPolicyActionOutputWithContext 

func (e AuthorizationPolicyAction) ToAuthorizationPolicyActionOutputWithContext(ctx context.Context) AuthorizationPolicyActionOutput

func (AuthorizationPolicyAction) ToAuthorizationPolicyActionPtrOutput 

func (e AuthorizationPolicyAction) ToAuthorizationPolicyActionPtrOutput() AuthorizationPolicyActionPtrOutput

func (AuthorizationPolicyAction) ToAuthorizationPolicyActionPtrOutputWithContext 

func (e AuthorizationPolicyAction) ToAuthorizationPolicyActionPtrOutputWithContext(ctx context.Context) AuthorizationPolicyActionPtrOutput

func (AuthorizationPolicyAction) ToStringOutput 

func (e AuthorizationPolicyAction) ToStringOutput() pulumi.StringOutput

func (AuthorizationPolicyAction) ToStringOutputWithContext 

func (e AuthorizationPolicyAction) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuthorizationPolicyAction) ToStringPtrOutput 

func (e AuthorizationPolicyAction) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizationPolicyAction) ToStringPtrOutputWithContext 

func (e AuthorizationPolicyAction) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizationPolicyActionInput 

type AuthorizationPolicyActionInput interface {
	pulumi.Input

	ToAuthorizationPolicyActionOutput() AuthorizationPolicyActionOutput
	ToAuthorizationPolicyActionOutputWithContext(context.Context) AuthorizationPolicyActionOutput
}

AuthorizationPolicyActionInput is an input type that accepts AuthorizationPolicyActionArgs and AuthorizationPolicyActionOutput values. You can construct a concrete instance of `AuthorizationPolicyActionInput` via: 

AuthorizationPolicyActionArgs{...}

type AuthorizationPolicyActionOutput 

type AuthorizationPolicyActionOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyActionOutput) ElementType 

func (AuthorizationPolicyActionOutput) ElementType() reflect.Type

func (AuthorizationPolicyActionOutput) ToAuthorizationPolicyActionOutput 

func (o AuthorizationPolicyActionOutput) ToAuthorizationPolicyActionOutput() AuthorizationPolicyActionOutput

func (AuthorizationPolicyActionOutput) ToAuthorizationPolicyActionOutputWithContext 

func (o AuthorizationPolicyActionOutput) ToAuthorizationPolicyActionOutputWithContext(ctx context.Context) AuthorizationPolicyActionOutput

func (AuthorizationPolicyActionOutput) ToAuthorizationPolicyActionPtrOutput 

func (o AuthorizationPolicyActionOutput) ToAuthorizationPolicyActionPtrOutput() AuthorizationPolicyActionPtrOutput

func (AuthorizationPolicyActionOutput) ToAuthorizationPolicyActionPtrOutputWithContext 

func (o AuthorizationPolicyActionOutput) ToAuthorizationPolicyActionPtrOutputWithContext(ctx context.Context) AuthorizationPolicyActionPtrOutput

func (AuthorizationPolicyActionOutput) ToStringOutput 

func (o AuthorizationPolicyActionOutput) ToStringOutput() pulumi.StringOutput

func (AuthorizationPolicyActionOutput) ToStringOutputWithContext 

func (o AuthorizationPolicyActionOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuthorizationPolicyActionOutput) ToStringPtrOutput 

func (o AuthorizationPolicyActionOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizationPolicyActionOutput) ToStringPtrOutputWithContext 

func (o AuthorizationPolicyActionOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizationPolicyActionPtrInput 

type AuthorizationPolicyActionPtrInput interface {
	pulumi.Input

	ToAuthorizationPolicyActionPtrOutput() AuthorizationPolicyActionPtrOutput
	ToAuthorizationPolicyActionPtrOutputWithContext(context.Context) AuthorizationPolicyActionPtrOutput
}

func AuthorizationPolicyActionPtr 

func AuthorizationPolicyActionPtr(v string) AuthorizationPolicyActionPtrInput

type AuthorizationPolicyActionPtrOutput 

type AuthorizationPolicyActionPtrOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyActionPtrOutput) Elem 

func (o AuthorizationPolicyActionPtrOutput) Elem() AuthorizationPolicyActionOutput

func (AuthorizationPolicyActionPtrOutput) ElementType 

func (AuthorizationPolicyActionPtrOutput) ElementType() reflect.Type

func (AuthorizationPolicyActionPtrOutput) ToAuthorizationPolicyActionPtrOutput 

func (o AuthorizationPolicyActionPtrOutput) ToAuthorizationPolicyActionPtrOutput() AuthorizationPolicyActionPtrOutput

func (AuthorizationPolicyActionPtrOutput) ToAuthorizationPolicyActionPtrOutputWithContext 

func (o AuthorizationPolicyActionPtrOutput) ToAuthorizationPolicyActionPtrOutputWithContext(ctx context.Context) AuthorizationPolicyActionPtrOutput

func (AuthorizationPolicyActionPtrOutput) ToStringPtrOutput 

func (o AuthorizationPolicyActionPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuthorizationPolicyActionPtrOutput) ToStringPtrOutputWithContext 

func (o AuthorizationPolicyActionPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuthorizationPolicyArgs 

type AuthorizationPolicyArgs struct {
	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	Action AuthorizationPolicyActionInput
	// Required. Short name of the AuthorizationPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "authz_policy".
	AuthorizationPolicyId pulumi.StringInput
	// Optional. Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Optional. Set of label tags associated with the AuthorizationPolicy resource.
	Labels   pulumi.StringMapInput
	Location pulumi.StringPtrInput
	// Name of the AuthorizationPolicy resource. It matches pattern `projects/{project}/locations/{location}/authorizationPolicies/`.
	Name    pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// Optional. List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken. A rule is a match if there is a matching source and destination. If left blank, the action specified in the `action` field will be applied on every request.
	Rules RuleTypeArrayInput
}

The set of arguments for constructing a AuthorizationPolicy resource.

func (AuthorizationPolicyArgs) ElementType 

func (AuthorizationPolicyArgs) ElementType() reflect.Type

type AuthorizationPolicyIamBinding added in v0.26.0 

type AuthorizationPolicyIamBinding struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetAuthorizationPolicyIamBinding added in v0.26.0 

func GetAuthorizationPolicyIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthorizationPolicyIamBindingState, opts ...pulumi.ResourceOption) (*AuthorizationPolicyIamBinding, error)

GetAuthorizationPolicyIamBinding gets an existing AuthorizationPolicyIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthorizationPolicyIamBinding added in v0.26.0 

func NewAuthorizationPolicyIamBinding(ctx *pulumi.Context,
	name string, args *AuthorizationPolicyIamBindingArgs, opts ...pulumi.ResourceOption) (*AuthorizationPolicyIamBinding, error)

NewAuthorizationPolicyIamBinding registers a new resource with the given unique name, arguments, and options.

func (*AuthorizationPolicyIamBinding) ElementType added in v0.26.0 

func (*AuthorizationPolicyIamBinding) ElementType() reflect.Type

func (*AuthorizationPolicyIamBinding) ToAuthorizationPolicyIamBindingOutput added in v0.26.0 

func (i *AuthorizationPolicyIamBinding) ToAuthorizationPolicyIamBindingOutput() AuthorizationPolicyIamBindingOutput

func (*AuthorizationPolicyIamBinding) ToAuthorizationPolicyIamBindingOutputWithContext added in v0.26.0 

func (i *AuthorizationPolicyIamBinding) ToAuthorizationPolicyIamBindingOutputWithContext(ctx context.Context) AuthorizationPolicyIamBindingOutput

type AuthorizationPolicyIamBindingArgs added in v0.26.0 

type AuthorizationPolicyIamBindingArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringInput
}

The set of arguments for constructing a AuthorizationPolicyIamBinding resource.

func (AuthorizationPolicyIamBindingArgs) ElementType added in v0.26.0 

func (AuthorizationPolicyIamBindingArgs) ElementType() reflect.Type

type AuthorizationPolicyIamBindingInput added in v0.26.0 

type AuthorizationPolicyIamBindingInput interface {
	pulumi.Input

	ToAuthorizationPolicyIamBindingOutput() AuthorizationPolicyIamBindingOutput
	ToAuthorizationPolicyIamBindingOutputWithContext(ctx context.Context) AuthorizationPolicyIamBindingOutput
}

type AuthorizationPolicyIamBindingOutput added in v0.26.0 

type AuthorizationPolicyIamBindingOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyIamBindingOutput) Condition added in v0.26.0 

func (o AuthorizationPolicyIamBindingOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (AuthorizationPolicyIamBindingOutput) ElementType added in v0.26.0 

func (AuthorizationPolicyIamBindingOutput) ElementType() reflect.Type

func (AuthorizationPolicyIamBindingOutput) Etag added in v0.26.0 

func (o AuthorizationPolicyIamBindingOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (AuthorizationPolicyIamBindingOutput) Members added in v0.26.0 

func (o AuthorizationPolicyIamBindingOutput) Members() pulumi.StringArrayOutput

Identities that will be granted the privilege in role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (AuthorizationPolicyIamBindingOutput) Name added in v0.26.0 

func (o AuthorizationPolicyIamBindingOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (AuthorizationPolicyIamBindingOutput) Project added in v0.26.0 

func (o AuthorizationPolicyIamBindingOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (AuthorizationPolicyIamBindingOutput) Role added in v0.26.0 

func (o AuthorizationPolicyIamBindingOutput) Role() pulumi.StringOutput

The role that should be applied. Only one `IamBinding` can be used per role.

func (AuthorizationPolicyIamBindingOutput) ToAuthorizationPolicyIamBindingOutput added in v0.26.0 

func (o AuthorizationPolicyIamBindingOutput) ToAuthorizationPolicyIamBindingOutput() AuthorizationPolicyIamBindingOutput

func (AuthorizationPolicyIamBindingOutput) ToAuthorizationPolicyIamBindingOutputWithContext added in v0.26.0 

func (o AuthorizationPolicyIamBindingOutput) ToAuthorizationPolicyIamBindingOutputWithContext(ctx context.Context) AuthorizationPolicyIamBindingOutput

type AuthorizationPolicyIamBindingState added in v0.26.0 

type AuthorizationPolicyIamBindingState struct {
}

func (AuthorizationPolicyIamBindingState) ElementType added in v0.26.0 

func (AuthorizationPolicyIamBindingState) ElementType() reflect.Type

type AuthorizationPolicyIamMember added in v0.26.0 

type AuthorizationPolicyIamMember struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringOutput `pulumi:"member"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetAuthorizationPolicyIamMember added in v0.26.0 

func GetAuthorizationPolicyIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthorizationPolicyIamMemberState, opts ...pulumi.ResourceOption) (*AuthorizationPolicyIamMember, error)

GetAuthorizationPolicyIamMember gets an existing AuthorizationPolicyIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthorizationPolicyIamMember added in v0.26.0 

func NewAuthorizationPolicyIamMember(ctx *pulumi.Context,
	name string, args *AuthorizationPolicyIamMemberArgs, opts ...pulumi.ResourceOption) (*AuthorizationPolicyIamMember, error)

NewAuthorizationPolicyIamMember registers a new resource with the given unique name, arguments, and options.

func (*AuthorizationPolicyIamMember) ElementType added in v0.26.0 

func (*AuthorizationPolicyIamMember) ElementType() reflect.Type

func (*AuthorizationPolicyIamMember) ToAuthorizationPolicyIamMemberOutput added in v0.26.0 

func (i *AuthorizationPolicyIamMember) ToAuthorizationPolicyIamMemberOutput() AuthorizationPolicyIamMemberOutput

func (*AuthorizationPolicyIamMember) ToAuthorizationPolicyIamMemberOutputWithContext added in v0.26.0 

func (i *AuthorizationPolicyIamMember) ToAuthorizationPolicyIamMemberOutputWithContext(ctx context.Context) AuthorizationPolicyIamMemberOutput

type AuthorizationPolicyIamMemberArgs added in v0.26.0 

type AuthorizationPolicyIamMemberArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied.
	Role pulumi.StringInput
}

The set of arguments for constructing a AuthorizationPolicyIamMember resource.

func (AuthorizationPolicyIamMemberArgs) ElementType added in v0.26.0 

func (AuthorizationPolicyIamMemberArgs) ElementType() reflect.Type

type AuthorizationPolicyIamMemberInput added in v0.26.0 

type AuthorizationPolicyIamMemberInput interface {
	pulumi.Input

	ToAuthorizationPolicyIamMemberOutput() AuthorizationPolicyIamMemberOutput
	ToAuthorizationPolicyIamMemberOutputWithContext(ctx context.Context) AuthorizationPolicyIamMemberOutput
}

type AuthorizationPolicyIamMemberOutput added in v0.26.0 

type AuthorizationPolicyIamMemberOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyIamMemberOutput) Condition added in v0.26.0 

func (o AuthorizationPolicyIamMemberOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (AuthorizationPolicyIamMemberOutput) ElementType added in v0.26.0 

func (AuthorizationPolicyIamMemberOutput) ElementType() reflect.Type

func (AuthorizationPolicyIamMemberOutput) Etag added in v0.26.0 

func (o AuthorizationPolicyIamMemberOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (AuthorizationPolicyIamMemberOutput) Member added in v0.26.0 

func (o AuthorizationPolicyIamMemberOutput) Member() pulumi.StringOutput

Identity that will be granted the privilege in role. The entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (AuthorizationPolicyIamMemberOutput) Name added in v0.26.0 

func (o AuthorizationPolicyIamMemberOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (AuthorizationPolicyIamMemberOutput) Project added in v0.26.0 

func (o AuthorizationPolicyIamMemberOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (AuthorizationPolicyIamMemberOutput) Role added in v0.26.0 

func (o AuthorizationPolicyIamMemberOutput) Role() pulumi.StringOutput

The role that should be applied.

func (AuthorizationPolicyIamMemberOutput) ToAuthorizationPolicyIamMemberOutput added in v0.26.0 

func (o AuthorizationPolicyIamMemberOutput) ToAuthorizationPolicyIamMemberOutput() AuthorizationPolicyIamMemberOutput

func (AuthorizationPolicyIamMemberOutput) ToAuthorizationPolicyIamMemberOutputWithContext added in v0.26.0 

func (o AuthorizationPolicyIamMemberOutput) ToAuthorizationPolicyIamMemberOutputWithContext(ctx context.Context) AuthorizationPolicyIamMemberOutput

type AuthorizationPolicyIamMemberState added in v0.26.0 

type AuthorizationPolicyIamMemberState struct {
}

func (AuthorizationPolicyIamMemberState) ElementType added in v0.26.0 

func (AuthorizationPolicyIamMemberState) ElementType() reflect.Type

type AuthorizationPolicyIamPolicy 

type AuthorizationPolicyIamPolicy struct {
	pulumi.CustomResourceState

	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs          GoogleIamV1AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	AuthorizationPolicyId pulumi.StringOutput                       `pulumi:"authorizationPolicyId"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings GoogleIamV1BindingResponseArrayOutput `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringOutput `pulumi:"etag"`
	Location pulumi.StringOutput `pulumi:"location"`
	Project  pulumi.StringOutput `pulumi:"project"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetAuthorizationPolicyIamPolicy 

func GetAuthorizationPolicyIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AuthorizationPolicyIamPolicyState, opts ...pulumi.ResourceOption) (*AuthorizationPolicyIamPolicy, error)

GetAuthorizationPolicyIamPolicy gets an existing AuthorizationPolicyIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAuthorizationPolicyIamPolicy 

func NewAuthorizationPolicyIamPolicy(ctx *pulumi.Context,
	name string, args *AuthorizationPolicyIamPolicyArgs, opts ...pulumi.ResourceOption) (*AuthorizationPolicyIamPolicy, error)

NewAuthorizationPolicyIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*AuthorizationPolicyIamPolicy) ElementType 

func (*AuthorizationPolicyIamPolicy) ElementType() reflect.Type

func (*AuthorizationPolicyIamPolicy) ToAuthorizationPolicyIamPolicyOutput 

func (i *AuthorizationPolicyIamPolicy) ToAuthorizationPolicyIamPolicyOutput() AuthorizationPolicyIamPolicyOutput

func (*AuthorizationPolicyIamPolicy) ToAuthorizationPolicyIamPolicyOutputWithContext 

func (i *AuthorizationPolicyIamPolicy) ToAuthorizationPolicyIamPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyIamPolicyOutput

type AuthorizationPolicyIamPolicyArgs 

type AuthorizationPolicyIamPolicyArgs struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs          GoogleIamV1AuditConfigArrayInput
	AuthorizationPolicyId pulumi.StringInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings GoogleIamV1BindingArrayInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringPtrInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a AuthorizationPolicyIamPolicy resource.

func (AuthorizationPolicyIamPolicyArgs) ElementType 

func (AuthorizationPolicyIamPolicyArgs) ElementType() reflect.Type

type AuthorizationPolicyIamPolicyInput 

type AuthorizationPolicyIamPolicyInput interface {
	pulumi.Input

	ToAuthorizationPolicyIamPolicyOutput() AuthorizationPolicyIamPolicyOutput
	ToAuthorizationPolicyIamPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyIamPolicyOutput
}

type AuthorizationPolicyIamPolicyOutput 

type AuthorizationPolicyIamPolicyOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyIamPolicyOutput) AuditConfigs added in v0.19.0 

func (o AuthorizationPolicyIamPolicyOutput) AuditConfigs() GoogleIamV1AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (AuthorizationPolicyIamPolicyOutput) AuthorizationPolicyId added in v0.21.0 

func (o AuthorizationPolicyIamPolicyOutput) AuthorizationPolicyId() pulumi.StringOutput

func (AuthorizationPolicyIamPolicyOutput) Bindings added in v0.19.0 

func (o AuthorizationPolicyIamPolicyOutput) Bindings() GoogleIamV1BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (AuthorizationPolicyIamPolicyOutput) ElementType 

func (AuthorizationPolicyIamPolicyOutput) ElementType() reflect.Type

func (AuthorizationPolicyIamPolicyOutput) Etag added in v0.19.0 

func (o AuthorizationPolicyIamPolicyOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (AuthorizationPolicyIamPolicyOutput) Location added in v0.21.0 

func (o AuthorizationPolicyIamPolicyOutput) Location() pulumi.StringOutput

func (AuthorizationPolicyIamPolicyOutput) Project added in v0.21.0 

func (o AuthorizationPolicyIamPolicyOutput) Project() pulumi.StringOutput

func (AuthorizationPolicyIamPolicyOutput) ToAuthorizationPolicyIamPolicyOutput 

func (o AuthorizationPolicyIamPolicyOutput) ToAuthorizationPolicyIamPolicyOutput() AuthorizationPolicyIamPolicyOutput

func (AuthorizationPolicyIamPolicyOutput) ToAuthorizationPolicyIamPolicyOutputWithContext 

func (o AuthorizationPolicyIamPolicyOutput) ToAuthorizationPolicyIamPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyIamPolicyOutput

func (AuthorizationPolicyIamPolicyOutput) Version added in v0.19.0 

func (o AuthorizationPolicyIamPolicyOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type AuthorizationPolicyIamPolicyState 

type AuthorizationPolicyIamPolicyState struct {
}

func (AuthorizationPolicyIamPolicyState) ElementType 

func (AuthorizationPolicyIamPolicyState) ElementType() reflect.Type

type AuthorizationPolicyInput 

type AuthorizationPolicyInput interface {
	pulumi.Input

	ToAuthorizationPolicyOutput() AuthorizationPolicyOutput
	ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput
}

type AuthorizationPolicyOutput 

type AuthorizationPolicyOutput struct{ *pulumi.OutputState }

func (AuthorizationPolicyOutput) Action added in v0.19.0 

func (o AuthorizationPolicyOutput) Action() pulumi.StringOutput

The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".

func (AuthorizationPolicyOutput) AuthorizationPolicyId added in v0.21.0 

func (o AuthorizationPolicyOutput) AuthorizationPolicyId() pulumi.StringOutput

Required. Short name of the AuthorizationPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "authz_policy".

func (AuthorizationPolicyOutput) CreateTime added in v0.19.0 

func (o AuthorizationPolicyOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (AuthorizationPolicyOutput) Description added in v0.19.0 

func (o AuthorizationPolicyOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (AuthorizationPolicyOutput) ElementType 

func (AuthorizationPolicyOutput) ElementType() reflect.Type

func (AuthorizationPolicyOutput) Labels added in v0.19.0 

func (o AuthorizationPolicyOutput) Labels() pulumi.StringMapOutput

Optional. Set of label tags associated with the AuthorizationPolicy resource.

func (AuthorizationPolicyOutput) Location added in v0.21.0 

func (o AuthorizationPolicyOutput) Location() pulumi.StringOutput

func (AuthorizationPolicyOutput) Name added in v0.19.0 

func (o AuthorizationPolicyOutput) Name() pulumi.StringOutput

Name of the AuthorizationPolicy resource. It matches pattern `projects/{project}/locations/{location}/authorizationPolicies/`.

func (AuthorizationPolicyOutput) Project added in v0.21.0 

func (o AuthorizationPolicyOutput) Project() pulumi.StringOutput

func (AuthorizationPolicyOutput) Rules added in v0.19.0 

func (o AuthorizationPolicyOutput) Rules() RuleResponseArrayOutput

Optional. List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken. A rule is a match if there is a matching source and destination. If left blank, the action specified in the `action` field will be applied on every request.

func (AuthorizationPolicyOutput) ToAuthorizationPolicyOutput 

func (o AuthorizationPolicyOutput) ToAuthorizationPolicyOutput() AuthorizationPolicyOutput

func (AuthorizationPolicyOutput) ToAuthorizationPolicyOutputWithContext 

func (o AuthorizationPolicyOutput) ToAuthorizationPolicyOutputWithContext(ctx context.Context) AuthorizationPolicyOutput

func (AuthorizationPolicyOutput) UpdateTime added in v0.19.0 

func (o AuthorizationPolicyOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type AuthorizationPolicyState 

type AuthorizationPolicyState struct {
}

func (AuthorizationPolicyState) ElementType 

func (AuthorizationPolicyState) ElementType() reflect.Type

type CertificateProviderInstance 

type CertificateProviderInstance struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

Specification of a TLS certificate provider instance. Workloads may have one or more CertificateProvider instances (plugins) and one of them is enabled and configured by specifying this message. Workloads use the values from this message to locate and load the CertificateProvider instance configuration.

type CertificateProviderInstanceArgs 

type CertificateProviderInstanceArgs struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance pulumi.StringInput `pulumi:"pluginInstance"`
}

Specification of a TLS certificate provider instance. Workloads may have one or more CertificateProvider instances (plugins) and one of them is enabled and configured by specifying this message. Workloads use the values from this message to locate and load the CertificateProvider instance configuration.

func (CertificateProviderInstanceArgs) ElementType 

func (CertificateProviderInstanceArgs) ElementType() reflect.Type

func (CertificateProviderInstanceArgs) ToCertificateProviderInstanceOutput 

func (i CertificateProviderInstanceArgs) ToCertificateProviderInstanceOutput() CertificateProviderInstanceOutput

func (CertificateProviderInstanceArgs) ToCertificateProviderInstanceOutputWithContext 

func (i CertificateProviderInstanceArgs) ToCertificateProviderInstanceOutputWithContext(ctx context.Context) CertificateProviderInstanceOutput

func (CertificateProviderInstanceArgs) ToCertificateProviderInstancePtrOutput 

func (i CertificateProviderInstanceArgs) ToCertificateProviderInstancePtrOutput() CertificateProviderInstancePtrOutput

func (CertificateProviderInstanceArgs) ToCertificateProviderInstancePtrOutputWithContext 

func (i CertificateProviderInstanceArgs) ToCertificateProviderInstancePtrOutputWithContext(ctx context.Context) CertificateProviderInstancePtrOutput

type CertificateProviderInstanceInput 

type CertificateProviderInstanceInput interface {
	pulumi.Input

	ToCertificateProviderInstanceOutput() CertificateProviderInstanceOutput
	ToCertificateProviderInstanceOutputWithContext(context.Context) CertificateProviderInstanceOutput
}

CertificateProviderInstanceInput is an input type that accepts CertificateProviderInstanceArgs and CertificateProviderInstanceOutput values. You can construct a concrete instance of `CertificateProviderInstanceInput` via: 

CertificateProviderInstanceArgs{...}

type CertificateProviderInstanceOutput 

type CertificateProviderInstanceOutput struct{ *pulumi.OutputState }

Specification of a TLS certificate provider instance. Workloads may have one or more CertificateProvider instances (plugins) and one of them is enabled and configured by specifying this message. Workloads use the values from this message to locate and load the CertificateProvider instance configuration.

func (CertificateProviderInstanceOutput) ElementType 

func (CertificateProviderInstanceOutput) ElementType() reflect.Type

func (CertificateProviderInstanceOutput) PluginInstance 

func (o CertificateProviderInstanceOutput) PluginInstance() pulumi.StringOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

func (CertificateProviderInstanceOutput) ToCertificateProviderInstanceOutput 

func (o CertificateProviderInstanceOutput) ToCertificateProviderInstanceOutput() CertificateProviderInstanceOutput

func (CertificateProviderInstanceOutput) ToCertificateProviderInstanceOutputWithContext 

func (o CertificateProviderInstanceOutput) ToCertificateProviderInstanceOutputWithContext(ctx context.Context) CertificateProviderInstanceOutput

func (CertificateProviderInstanceOutput) ToCertificateProviderInstancePtrOutput 

func (o CertificateProviderInstanceOutput) ToCertificateProviderInstancePtrOutput() CertificateProviderInstancePtrOutput

func (CertificateProviderInstanceOutput) ToCertificateProviderInstancePtrOutputWithContext 

func (o CertificateProviderInstanceOutput) ToCertificateProviderInstancePtrOutputWithContext(ctx context.Context) CertificateProviderInstancePtrOutput

type CertificateProviderInstancePtrInput 

type CertificateProviderInstancePtrInput interface {
	pulumi.Input

	ToCertificateProviderInstancePtrOutput() CertificateProviderInstancePtrOutput
	ToCertificateProviderInstancePtrOutputWithContext(context.Context) CertificateProviderInstancePtrOutput
}

CertificateProviderInstancePtrInput is an input type that accepts CertificateProviderInstanceArgs, CertificateProviderInstancePtr and CertificateProviderInstancePtrOutput values. You can construct a concrete instance of `CertificateProviderInstancePtrInput` via: 

        CertificateProviderInstanceArgs{...}

or:

        nil

func CertificateProviderInstancePtr 

func CertificateProviderInstancePtr(v *CertificateProviderInstanceArgs) CertificateProviderInstancePtrInput

type CertificateProviderInstancePtrOutput 

type CertificateProviderInstancePtrOutput struct{ *pulumi.OutputState }

func (CertificateProviderInstancePtrOutput) Elem 

func (o CertificateProviderInstancePtrOutput) Elem() CertificateProviderInstanceOutput

func (CertificateProviderInstancePtrOutput) ElementType 

func (CertificateProviderInstancePtrOutput) ElementType() reflect.Type

func (CertificateProviderInstancePtrOutput) PluginInstance 

func (o CertificateProviderInstancePtrOutput) PluginInstance() pulumi.StringPtrOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

func (CertificateProviderInstancePtrOutput) ToCertificateProviderInstancePtrOutput 

func (o CertificateProviderInstancePtrOutput) ToCertificateProviderInstancePtrOutput() CertificateProviderInstancePtrOutput

func (CertificateProviderInstancePtrOutput) ToCertificateProviderInstancePtrOutputWithContext 

func (o CertificateProviderInstancePtrOutput) ToCertificateProviderInstancePtrOutputWithContext(ctx context.Context) CertificateProviderInstancePtrOutput

type CertificateProviderInstanceResponse 

type CertificateProviderInstanceResponse struct {
	// Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
	PluginInstance string `pulumi:"pluginInstance"`
}

Specification of a TLS certificate provider instance. Workloads may have one or more CertificateProvider instances (plugins) and one of them is enabled and configured by specifying this message. Workloads use the values from this message to locate and load the CertificateProvider instance configuration.

type CertificateProviderInstanceResponseOutput 

type CertificateProviderInstanceResponseOutput struct{ *pulumi.OutputState }

Specification of a TLS certificate provider instance. Workloads may have one or more CertificateProvider instances (plugins) and one of them is enabled and configured by specifying this message. Workloads use the values from this message to locate and load the CertificateProvider instance configuration.

func (CertificateProviderInstanceResponseOutput) ElementType 

func (CertificateProviderInstanceResponseOutput) ElementType() reflect.Type

func (CertificateProviderInstanceResponseOutput) PluginInstance 

func (o CertificateProviderInstanceResponseOutput) PluginInstance() pulumi.StringOutput

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

func (CertificateProviderInstanceResponseOutput) ToCertificateProviderInstanceResponseOutput 

func (o CertificateProviderInstanceResponseOutput) ToCertificateProviderInstanceResponseOutput() CertificateProviderInstanceResponseOutput

func (CertificateProviderInstanceResponseOutput) ToCertificateProviderInstanceResponseOutputWithContext 

func (o CertificateProviderInstanceResponseOutput) ToCertificateProviderInstanceResponseOutputWithContext(ctx context.Context) CertificateProviderInstanceResponseOutput

type ClientTlsPolicy 

type ClientTlsPolicy struct {
	pulumi.CustomResourceState

	// Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	ClientCertificate GoogleCloudNetworksecurityV1CertificateProviderResponseOutput `pulumi:"clientCertificate"`
	// Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
	ClientTlsPolicyId pulumi.StringOutput `pulumi:"clientTlsPolicyId"`
	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description pulumi.StringOutput `pulumi:"description"`
	// Optional. Set of label tags associated with the resource.
	Labels   pulumi.StringMapOutput `pulumi:"labels"`
	Location pulumi.StringOutput    `pulumi:"location"`
	// Name of the ClientTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}`
	Name    pulumi.StringOutput `pulumi:"name"`
	Project pulumi.StringOutput `pulumi:"project"`
	// Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	ServerValidationCa ValidationCAResponseArrayOutput `pulumi:"serverValidationCa"`
	// Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni pulumi.StringOutput `pulumi:"sni"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Creates a new ClientTlsPolicy in a given project and location.

func GetClientTlsPolicy 

func GetClientTlsPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClientTlsPolicyState, opts ...pulumi.ResourceOption) (*ClientTlsPolicy, error)

GetClientTlsPolicy gets an existing ClientTlsPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClientTlsPolicy 

func NewClientTlsPolicy(ctx *pulumi.Context,
	name string, args *ClientTlsPolicyArgs, opts ...pulumi.ResourceOption) (*ClientTlsPolicy, error)

NewClientTlsPolicy registers a new resource with the given unique name, arguments, and options.

func (*ClientTlsPolicy) ElementType 

func (*ClientTlsPolicy) ElementType() reflect.Type

func (*ClientTlsPolicy) ToClientTlsPolicyOutput 

func (i *ClientTlsPolicy) ToClientTlsPolicyOutput() ClientTlsPolicyOutput

func (*ClientTlsPolicy) ToClientTlsPolicyOutputWithContext 

func (i *ClientTlsPolicy) ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput

type ClientTlsPolicyArgs 

type ClientTlsPolicyArgs struct {
	// Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	ClientCertificate GoogleCloudNetworksecurityV1CertificateProviderPtrInput
	// Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
	ClientTlsPolicyId pulumi.StringInput
	// Optional. Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Optional. Set of label tags associated with the resource.
	Labels   pulumi.StringMapInput
	Location pulumi.StringPtrInput
	// Name of the ClientTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}`
	Name    pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	ServerValidationCa ValidationCAArrayInput
	// Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni pulumi.StringPtrInput
}

The set of arguments for constructing a ClientTlsPolicy resource.

func (ClientTlsPolicyArgs) ElementType 

func (ClientTlsPolicyArgs) ElementType() reflect.Type

type ClientTlsPolicyIamBinding added in v0.26.0 

type ClientTlsPolicyIamBinding struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetClientTlsPolicyIamBinding added in v0.26.0 

func GetClientTlsPolicyIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClientTlsPolicyIamBindingState, opts ...pulumi.ResourceOption) (*ClientTlsPolicyIamBinding, error)

GetClientTlsPolicyIamBinding gets an existing ClientTlsPolicyIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClientTlsPolicyIamBinding added in v0.26.0 

func NewClientTlsPolicyIamBinding(ctx *pulumi.Context,
	name string, args *ClientTlsPolicyIamBindingArgs, opts ...pulumi.ResourceOption) (*ClientTlsPolicyIamBinding, error)

NewClientTlsPolicyIamBinding registers a new resource with the given unique name, arguments, and options.

func (*ClientTlsPolicyIamBinding) ElementType added in v0.26.0 

func (*ClientTlsPolicyIamBinding) ElementType() reflect.Type

func (*ClientTlsPolicyIamBinding) ToClientTlsPolicyIamBindingOutput added in v0.26.0 

func (i *ClientTlsPolicyIamBinding) ToClientTlsPolicyIamBindingOutput() ClientTlsPolicyIamBindingOutput

func (*ClientTlsPolicyIamBinding) ToClientTlsPolicyIamBindingOutputWithContext added in v0.26.0 

func (i *ClientTlsPolicyIamBinding) ToClientTlsPolicyIamBindingOutputWithContext(ctx context.Context) ClientTlsPolicyIamBindingOutput

type ClientTlsPolicyIamBindingArgs added in v0.26.0 

type ClientTlsPolicyIamBindingArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringInput
}

The set of arguments for constructing a ClientTlsPolicyIamBinding resource.

func (ClientTlsPolicyIamBindingArgs) ElementType added in v0.26.0 

func (ClientTlsPolicyIamBindingArgs) ElementType() reflect.Type

type ClientTlsPolicyIamBindingInput added in v0.26.0 

type ClientTlsPolicyIamBindingInput interface {
	pulumi.Input

	ToClientTlsPolicyIamBindingOutput() ClientTlsPolicyIamBindingOutput
	ToClientTlsPolicyIamBindingOutputWithContext(ctx context.Context) ClientTlsPolicyIamBindingOutput
}

type ClientTlsPolicyIamBindingOutput added in v0.26.0 

type ClientTlsPolicyIamBindingOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyIamBindingOutput) Condition added in v0.26.0 

func (o ClientTlsPolicyIamBindingOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (ClientTlsPolicyIamBindingOutput) ElementType added in v0.26.0 

func (ClientTlsPolicyIamBindingOutput) ElementType() reflect.Type

func (ClientTlsPolicyIamBindingOutput) Etag added in v0.26.0 

func (o ClientTlsPolicyIamBindingOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (ClientTlsPolicyIamBindingOutput) Members added in v0.26.0 

func (o ClientTlsPolicyIamBindingOutput) Members() pulumi.StringArrayOutput

Identities that will be granted the privilege in role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (ClientTlsPolicyIamBindingOutput) Name added in v0.26.0 

func (o ClientTlsPolicyIamBindingOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (ClientTlsPolicyIamBindingOutput) Project added in v0.26.0 

func (o ClientTlsPolicyIamBindingOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (ClientTlsPolicyIamBindingOutput) Role added in v0.26.0 

func (o ClientTlsPolicyIamBindingOutput) Role() pulumi.StringOutput

The role that should be applied. Only one `IamBinding` can be used per role.

func (ClientTlsPolicyIamBindingOutput) ToClientTlsPolicyIamBindingOutput added in v0.26.0 

func (o ClientTlsPolicyIamBindingOutput) ToClientTlsPolicyIamBindingOutput() ClientTlsPolicyIamBindingOutput

func (ClientTlsPolicyIamBindingOutput) ToClientTlsPolicyIamBindingOutputWithContext added in v0.26.0 

func (o ClientTlsPolicyIamBindingOutput) ToClientTlsPolicyIamBindingOutputWithContext(ctx context.Context) ClientTlsPolicyIamBindingOutput

type ClientTlsPolicyIamBindingState added in v0.26.0 

type ClientTlsPolicyIamBindingState struct {
}

func (ClientTlsPolicyIamBindingState) ElementType added in v0.26.0 

func (ClientTlsPolicyIamBindingState) ElementType() reflect.Type

type ClientTlsPolicyIamMember added in v0.26.0 

type ClientTlsPolicyIamMember struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringOutput `pulumi:"member"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetClientTlsPolicyIamMember added in v0.26.0 

func GetClientTlsPolicyIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClientTlsPolicyIamMemberState, opts ...pulumi.ResourceOption) (*ClientTlsPolicyIamMember, error)

GetClientTlsPolicyIamMember gets an existing ClientTlsPolicyIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClientTlsPolicyIamMember added in v0.26.0 

func NewClientTlsPolicyIamMember(ctx *pulumi.Context,
	name string, args *ClientTlsPolicyIamMemberArgs, opts ...pulumi.ResourceOption) (*ClientTlsPolicyIamMember, error)

NewClientTlsPolicyIamMember registers a new resource with the given unique name, arguments, and options.

func (*ClientTlsPolicyIamMember) ElementType added in v0.26.0 

func (*ClientTlsPolicyIamMember) ElementType() reflect.Type

func (*ClientTlsPolicyIamMember) ToClientTlsPolicyIamMemberOutput added in v0.26.0 

func (i *ClientTlsPolicyIamMember) ToClientTlsPolicyIamMemberOutput() ClientTlsPolicyIamMemberOutput

func (*ClientTlsPolicyIamMember) ToClientTlsPolicyIamMemberOutputWithContext added in v0.26.0 

func (i *ClientTlsPolicyIamMember) ToClientTlsPolicyIamMemberOutputWithContext(ctx context.Context) ClientTlsPolicyIamMemberOutput

type ClientTlsPolicyIamMemberArgs added in v0.26.0 

type ClientTlsPolicyIamMemberArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied.
	Role pulumi.StringInput
}

The set of arguments for constructing a ClientTlsPolicyIamMember resource.

func (ClientTlsPolicyIamMemberArgs) ElementType added in v0.26.0 

func (ClientTlsPolicyIamMemberArgs) ElementType() reflect.Type

type ClientTlsPolicyIamMemberInput added in v0.26.0 

type ClientTlsPolicyIamMemberInput interface {
	pulumi.Input

	ToClientTlsPolicyIamMemberOutput() ClientTlsPolicyIamMemberOutput
	ToClientTlsPolicyIamMemberOutputWithContext(ctx context.Context) ClientTlsPolicyIamMemberOutput
}

type ClientTlsPolicyIamMemberOutput added in v0.26.0 

type ClientTlsPolicyIamMemberOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyIamMemberOutput) Condition added in v0.26.0 

func (o ClientTlsPolicyIamMemberOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (ClientTlsPolicyIamMemberOutput) ElementType added in v0.26.0 

func (ClientTlsPolicyIamMemberOutput) ElementType() reflect.Type

func (ClientTlsPolicyIamMemberOutput) Etag added in v0.26.0 

func (o ClientTlsPolicyIamMemberOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (ClientTlsPolicyIamMemberOutput) Member added in v0.26.0 

func (o ClientTlsPolicyIamMemberOutput) Member() pulumi.StringOutput

Identity that will be granted the privilege in role. The entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (ClientTlsPolicyIamMemberOutput) Name added in v0.26.0 

func (o ClientTlsPolicyIamMemberOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (ClientTlsPolicyIamMemberOutput) Project added in v0.26.0 

func (o ClientTlsPolicyIamMemberOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (ClientTlsPolicyIamMemberOutput) Role added in v0.26.0 

func (o ClientTlsPolicyIamMemberOutput) Role() pulumi.StringOutput

The role that should be applied.

func (ClientTlsPolicyIamMemberOutput) ToClientTlsPolicyIamMemberOutput added in v0.26.0 

func (o ClientTlsPolicyIamMemberOutput) ToClientTlsPolicyIamMemberOutput() ClientTlsPolicyIamMemberOutput

func (ClientTlsPolicyIamMemberOutput) ToClientTlsPolicyIamMemberOutputWithContext added in v0.26.0 

func (o ClientTlsPolicyIamMemberOutput) ToClientTlsPolicyIamMemberOutputWithContext(ctx context.Context) ClientTlsPolicyIamMemberOutput

type ClientTlsPolicyIamMemberState added in v0.26.0 

type ClientTlsPolicyIamMemberState struct {
}

func (ClientTlsPolicyIamMemberState) ElementType added in v0.26.0 

func (ClientTlsPolicyIamMemberState) ElementType() reflect.Type

type ClientTlsPolicyIamPolicy 

type ClientTlsPolicyIamPolicy struct {
	pulumi.CustomResourceState

	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs GoogleIamV1AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings          GoogleIamV1BindingResponseArrayOutput `pulumi:"bindings"`
	ClientTlsPolicyId pulumi.StringOutput                   `pulumi:"clientTlsPolicyId"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringOutput `pulumi:"etag"`
	Location pulumi.StringOutput `pulumi:"location"`
	Project  pulumi.StringOutput `pulumi:"project"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetClientTlsPolicyIamPolicy 

func GetClientTlsPolicyIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClientTlsPolicyIamPolicyState, opts ...pulumi.ResourceOption) (*ClientTlsPolicyIamPolicy, error)

GetClientTlsPolicyIamPolicy gets an existing ClientTlsPolicyIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClientTlsPolicyIamPolicy 

func NewClientTlsPolicyIamPolicy(ctx *pulumi.Context,
	name string, args *ClientTlsPolicyIamPolicyArgs, opts ...pulumi.ResourceOption) (*ClientTlsPolicyIamPolicy, error)

NewClientTlsPolicyIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*ClientTlsPolicyIamPolicy) ElementType 

func (*ClientTlsPolicyIamPolicy) ElementType() reflect.Type

func (*ClientTlsPolicyIamPolicy) ToClientTlsPolicyIamPolicyOutput 

func (i *ClientTlsPolicyIamPolicy) ToClientTlsPolicyIamPolicyOutput() ClientTlsPolicyIamPolicyOutput

func (*ClientTlsPolicyIamPolicy) ToClientTlsPolicyIamPolicyOutputWithContext 

func (i *ClientTlsPolicyIamPolicy) ToClientTlsPolicyIamPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyIamPolicyOutput

type ClientTlsPolicyIamPolicyArgs 

type ClientTlsPolicyIamPolicyArgs struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs GoogleIamV1AuditConfigArrayInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings          GoogleIamV1BindingArrayInput
	ClientTlsPolicyId pulumi.StringInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringPtrInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a ClientTlsPolicyIamPolicy resource.

func (ClientTlsPolicyIamPolicyArgs) ElementType 

func (ClientTlsPolicyIamPolicyArgs) ElementType() reflect.Type

type ClientTlsPolicyIamPolicyInput 

type ClientTlsPolicyIamPolicyInput interface {
	pulumi.Input

	ToClientTlsPolicyIamPolicyOutput() ClientTlsPolicyIamPolicyOutput
	ToClientTlsPolicyIamPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyIamPolicyOutput
}

type ClientTlsPolicyIamPolicyOutput 

type ClientTlsPolicyIamPolicyOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyIamPolicyOutput) AuditConfigs added in v0.19.0 

func (o ClientTlsPolicyIamPolicyOutput) AuditConfigs() GoogleIamV1AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (ClientTlsPolicyIamPolicyOutput) Bindings added in v0.19.0 

func (o ClientTlsPolicyIamPolicyOutput) Bindings() GoogleIamV1BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (ClientTlsPolicyIamPolicyOutput) ClientTlsPolicyId added in v0.21.0 

func (o ClientTlsPolicyIamPolicyOutput) ClientTlsPolicyId() pulumi.StringOutput

func (ClientTlsPolicyIamPolicyOutput) ElementType 

func (ClientTlsPolicyIamPolicyOutput) ElementType() reflect.Type

func (ClientTlsPolicyIamPolicyOutput) Etag added in v0.19.0 

func (o ClientTlsPolicyIamPolicyOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (ClientTlsPolicyIamPolicyOutput) Location added in v0.21.0 

func (o ClientTlsPolicyIamPolicyOutput) Location() pulumi.StringOutput

func (ClientTlsPolicyIamPolicyOutput) Project added in v0.21.0 

func (o ClientTlsPolicyIamPolicyOutput) Project() pulumi.StringOutput

func (ClientTlsPolicyIamPolicyOutput) ToClientTlsPolicyIamPolicyOutput 

func (o ClientTlsPolicyIamPolicyOutput) ToClientTlsPolicyIamPolicyOutput() ClientTlsPolicyIamPolicyOutput

func (ClientTlsPolicyIamPolicyOutput) ToClientTlsPolicyIamPolicyOutputWithContext 

func (o ClientTlsPolicyIamPolicyOutput) ToClientTlsPolicyIamPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyIamPolicyOutput

func (ClientTlsPolicyIamPolicyOutput) Version added in v0.19.0 

func (o ClientTlsPolicyIamPolicyOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type ClientTlsPolicyIamPolicyState 

type ClientTlsPolicyIamPolicyState struct {
}

func (ClientTlsPolicyIamPolicyState) ElementType 

func (ClientTlsPolicyIamPolicyState) ElementType() reflect.Type

type ClientTlsPolicyInput 

type ClientTlsPolicyInput interface {
	pulumi.Input

	ToClientTlsPolicyOutput() ClientTlsPolicyOutput
	ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput
}

type ClientTlsPolicyOutput 

type ClientTlsPolicyOutput struct{ *pulumi.OutputState }

func (ClientTlsPolicyOutput) ClientCertificate added in v0.19.0 

func (o ClientTlsPolicyOutput) ClientCertificate() GoogleCloudNetworksecurityV1CertificateProviderResponseOutput

Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

func (ClientTlsPolicyOutput) ClientTlsPolicyId added in v0.21.0 

func (o ClientTlsPolicyOutput) ClientTlsPolicyId() pulumi.StringOutput

Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

func (ClientTlsPolicyOutput) CreateTime added in v0.19.0 

func (o ClientTlsPolicyOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (ClientTlsPolicyOutput) Description added in v0.19.0 

func (o ClientTlsPolicyOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (ClientTlsPolicyOutput) ElementType 

func (ClientTlsPolicyOutput) ElementType() reflect.Type

func (ClientTlsPolicyOutput) Labels added in v0.19.0 

func (o ClientTlsPolicyOutput) Labels() pulumi.StringMapOutput

Optional. Set of label tags associated with the resource.

func (ClientTlsPolicyOutput) Location added in v0.21.0 

func (o ClientTlsPolicyOutput) Location() pulumi.StringOutput

func (ClientTlsPolicyOutput) Name added in v0.19.0 

func (o ClientTlsPolicyOutput) Name() pulumi.StringOutput

Name of the ClientTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}`

func (ClientTlsPolicyOutput) Project added in v0.21.0 

func (o ClientTlsPolicyOutput) Project() pulumi.StringOutput

func (ClientTlsPolicyOutput) ServerValidationCa added in v0.19.0 

func (o ClientTlsPolicyOutput) ServerValidationCa() ValidationCAResponseArrayOutput

Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

func (ClientTlsPolicyOutput) Sni added in v0.19.0 

func (o ClientTlsPolicyOutput) Sni() pulumi.StringOutput

Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

func (ClientTlsPolicyOutput) ToClientTlsPolicyOutput 

func (o ClientTlsPolicyOutput) ToClientTlsPolicyOutput() ClientTlsPolicyOutput

func (ClientTlsPolicyOutput) ToClientTlsPolicyOutputWithContext 

func (o ClientTlsPolicyOutput) ToClientTlsPolicyOutputWithContext(ctx context.Context) ClientTlsPolicyOutput

func (ClientTlsPolicyOutput) UpdateTime added in v0.19.0 

func (o ClientTlsPolicyOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type ClientTlsPolicyState 

type ClientTlsPolicyState struct {
}

func (ClientTlsPolicyState) ElementType 

func (ClientTlsPolicyState) ElementType() reflect.Type

type Destination 

type Destination struct {
	// List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".
	Hosts []string `pulumi:"hosts"`
	// Optional. Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match. Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy.
	HttpHeaderMatch *HttpHeaderMatch `pulumi:"httpHeaderMatch"`
	// Optional. A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.
	Methods []string `pulumi:"methods"`
	// List of destination ports to match. At least one port should match.
	Ports []int `pulumi:"ports"`
}

Specification of traffic destination attributes.

type DestinationArgs 

type DestinationArgs struct {
	// List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".
	Hosts pulumi.StringArrayInput `pulumi:"hosts"`
	// Optional. Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match. Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy.
	HttpHeaderMatch HttpHeaderMatchPtrInput `pulumi:"httpHeaderMatch"`
	// Optional. A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.
	Methods pulumi.StringArrayInput `pulumi:"methods"`
	// List of destination ports to match. At least one port should match.
	Ports pulumi.IntArrayInput `pulumi:"ports"`
}

Specification of traffic destination attributes.

func (DestinationArgs) ElementType 

func (DestinationArgs) ElementType() reflect.Type

func (DestinationArgs) ToDestinationOutput 

func (i DestinationArgs) ToDestinationOutput() DestinationOutput

func (DestinationArgs) ToDestinationOutputWithContext 

func (i DestinationArgs) ToDestinationOutputWithContext(ctx context.Context) DestinationOutput

type DestinationArray 

type DestinationArray []DestinationInput

func (DestinationArray) ElementType 

func (DestinationArray) ElementType() reflect.Type

func (DestinationArray) ToDestinationArrayOutput 

func (i DestinationArray) ToDestinationArrayOutput() DestinationArrayOutput

func (DestinationArray) ToDestinationArrayOutputWithContext 

func (i DestinationArray) ToDestinationArrayOutputWithContext(ctx context.Context) DestinationArrayOutput

type DestinationArrayInput 

type DestinationArrayInput interface {
	pulumi.Input

	ToDestinationArrayOutput() DestinationArrayOutput
	ToDestinationArrayOutputWithContext(context.Context) DestinationArrayOutput
}

DestinationArrayInput is an input type that accepts DestinationArray and DestinationArrayOutput values. You can construct a concrete instance of `DestinationArrayInput` via: 

DestinationArray{ DestinationArgs{...} }

type DestinationArrayOutput 

type DestinationArrayOutput struct{ *pulumi.OutputState }

func (DestinationArrayOutput) ElementType 

func (DestinationArrayOutput) ElementType() reflect.Type

func (DestinationArrayOutput) Index 

func (o DestinationArrayOutput) Index(i pulumi.IntInput) DestinationOutput

func (DestinationArrayOutput) ToDestinationArrayOutput 

func (o DestinationArrayOutput) ToDestinationArrayOutput() DestinationArrayOutput

func (DestinationArrayOutput) ToDestinationArrayOutputWithContext 

func (o DestinationArrayOutput) ToDestinationArrayOutputWithContext(ctx context.Context) DestinationArrayOutput

type DestinationInput 

type DestinationInput interface {
	pulumi.Input

	ToDestinationOutput() DestinationOutput
	ToDestinationOutputWithContext(context.Context) DestinationOutput
}

DestinationInput is an input type that accepts DestinationArgs and DestinationOutput values. You can construct a concrete instance of `DestinationInput` via: 

DestinationArgs{...}

type DestinationOutput 

type DestinationOutput struct{ *pulumi.OutputState }

Specification of traffic destination attributes.

func (DestinationOutput) ElementType 

func (DestinationOutput) ElementType() reflect.Type

func (DestinationOutput) Hosts 

func (o DestinationOutput) Hosts() pulumi.StringArrayOutput

List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".

func (DestinationOutput) HttpHeaderMatch 

func (o DestinationOutput) HttpHeaderMatch() HttpHeaderMatchPtrOutput

Optional. Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match. Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy.

func (DestinationOutput) Methods 

func (o DestinationOutput) Methods() pulumi.StringArrayOutput

Optional. A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.

func (DestinationOutput) Ports 

func (o DestinationOutput) Ports() pulumi.IntArrayOutput

List of destination ports to match. At least one port should match.

func (DestinationOutput) ToDestinationOutput 

func (o DestinationOutput) ToDestinationOutput() DestinationOutput

func (DestinationOutput) ToDestinationOutputWithContext 

func (o DestinationOutput) ToDestinationOutputWithContext(ctx context.Context) DestinationOutput

type DestinationResponse 

type DestinationResponse struct {
	// List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".
	Hosts []string `pulumi:"hosts"`
	// Optional. Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match. Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy.
	HttpHeaderMatch HttpHeaderMatchResponse `pulumi:"httpHeaderMatch"`
	// Optional. A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.
	Methods []string `pulumi:"methods"`
	// List of destination ports to match. At least one port should match.
	Ports []int `pulumi:"ports"`
}

Specification of traffic destination attributes.

type DestinationResponseArrayOutput 

type DestinationResponseArrayOutput struct{ *pulumi.OutputState }

func (DestinationResponseArrayOutput) ElementType 

func (DestinationResponseArrayOutput) ElementType() reflect.Type

func (DestinationResponseArrayOutput) Index 

func (o DestinationResponseArrayOutput) Index(i pulumi.IntInput) DestinationResponseOutput

func (DestinationResponseArrayOutput) ToDestinationResponseArrayOutput 

func (o DestinationResponseArrayOutput) ToDestinationResponseArrayOutput() DestinationResponseArrayOutput

func (DestinationResponseArrayOutput) ToDestinationResponseArrayOutputWithContext 

func (o DestinationResponseArrayOutput) ToDestinationResponseArrayOutputWithContext(ctx context.Context) DestinationResponseArrayOutput

type DestinationResponseOutput 

type DestinationResponseOutput struct{ *pulumi.OutputState }

Specification of traffic destination attributes.

func (DestinationResponseOutput) ElementType 

func (DestinationResponseOutput) ElementType() reflect.Type

func (DestinationResponseOutput) Hosts 

func (o DestinationResponseOutput) Hosts() pulumi.StringArrayOutput

List of host names to match. Matched against the ":authority" header in http requests. At least one host should match. Each host can be an exact match, or a prefix match (example "mydomain.*") or a suffix match (example "*.myorg.com") or a presence (any) match "*".

func (DestinationResponseOutput) HttpHeaderMatch 

func (o DestinationResponseOutput) HttpHeaderMatch() HttpHeaderMatchResponseOutput

Optional. Match against key:value pair in http header. Provides a flexible match based on HTTP headers, for potentially advanced use cases. At least one header should match. Avoid using header matches to make authorization decisions unless there is a strong guarantee that requests arrive through a trusted client or proxy.

func (DestinationResponseOutput) Methods 

func (o DestinationResponseOutput) Methods() pulumi.StringArrayOutput

Optional. A list of HTTP methods to match. At least one method should match. Should not be set for gRPC services.

func (DestinationResponseOutput) Ports 

func (o DestinationResponseOutput) Ports() pulumi.IntArrayOutput

List of destination ports to match. At least one port should match.

func (DestinationResponseOutput) ToDestinationResponseOutput 

func (o DestinationResponseOutput) ToDestinationResponseOutput() DestinationResponseOutput

func (DestinationResponseOutput) ToDestinationResponseOutputWithContext 

func (o DestinationResponseOutput) ToDestinationResponseOutputWithContext(ctx context.Context) DestinationResponseOutput

type Expr 

type Expr struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression *string `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location *string `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title *string `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

type ExprArgs 

type ExprArgs struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringPtrInput `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location pulumi.StringPtrInput `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title pulumi.StringPtrInput `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprArgs) ElementType 

func (ExprArgs) ElementType() reflect.Type

func (ExprArgs) ToExprOutput 

func (i ExprArgs) ToExprOutput() ExprOutput

func (ExprArgs) ToExprOutputWithContext 

func (i ExprArgs) ToExprOutputWithContext(ctx context.Context) ExprOutput

func (ExprArgs) ToExprPtrOutput 

func (i ExprArgs) ToExprPtrOutput() ExprPtrOutput

func (ExprArgs) ToExprPtrOutputWithContext 

func (i ExprArgs) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprInput 

type ExprInput interface {
	pulumi.Input

	ToExprOutput() ExprOutput
	ToExprOutputWithContext(context.Context) ExprOutput
}

ExprInput is an input type that accepts ExprArgs and ExprOutput values. You can construct a concrete instance of `ExprInput` via: 

ExprArgs{...}

type ExprOutput 

type ExprOutput struct{ *pulumi.OutputState }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprOutput) Description 

func (o ExprOutput) Description() pulumi.StringPtrOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprOutput) ElementType 

func (ExprOutput) ElementType() reflect.Type

func (ExprOutput) Expression 

func (o ExprOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprOutput) Location 

func (o ExprOutput) Location() pulumi.StringPtrOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprOutput) Title 

func (o ExprOutput) Title() pulumi.StringPtrOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprOutput) ToExprOutput 

func (o ExprOutput) ToExprOutput() ExprOutput

func (ExprOutput) ToExprOutputWithContext 

func (o ExprOutput) ToExprOutputWithContext(ctx context.Context) ExprOutput

func (ExprOutput) ToExprPtrOutput 

func (o ExprOutput) ToExprPtrOutput() ExprPtrOutput

func (ExprOutput) ToExprPtrOutputWithContext 

func (o ExprOutput) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprPtrInput 

type ExprPtrInput interface {
	pulumi.Input

	ToExprPtrOutput() ExprPtrOutput
	ToExprPtrOutputWithContext(context.Context) ExprPtrOutput
}

ExprPtrInput is an input type that accepts ExprArgs, ExprPtr and ExprPtrOutput values. You can construct a concrete instance of `ExprPtrInput` via: 

        ExprArgs{...}

or:

        nil

func ExprPtr 

func ExprPtr(v *ExprArgs) ExprPtrInput

type ExprPtrOutput 

type ExprPtrOutput struct{ *pulumi.OutputState }

func (ExprPtrOutput) Description 

func (o ExprPtrOutput) Description() pulumi.StringPtrOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprPtrOutput) Elem 

func (o ExprPtrOutput) Elem() ExprOutput

func (ExprPtrOutput) ElementType 

func (ExprPtrOutput) ElementType() reflect.Type

func (ExprPtrOutput) Expression 

func (o ExprPtrOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprPtrOutput) Location 

func (o ExprPtrOutput) Location() pulumi.StringPtrOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprPtrOutput) Title 

func (o ExprPtrOutput) Title() pulumi.StringPtrOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprPtrOutput) ToExprPtrOutput 

func (o ExprPtrOutput) ToExprPtrOutput() ExprPtrOutput

func (ExprPtrOutput) ToExprPtrOutputWithContext 

func (o ExprPtrOutput) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprResponse 

type ExprResponse struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location string `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title string `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

type ExprResponseOutput 

type ExprResponseOutput struct{ *pulumi.OutputState }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprResponseOutput) Description 

func (o ExprResponseOutput) Description() pulumi.StringOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprResponseOutput) ElementType 

func (ExprResponseOutput) ElementType() reflect.Type

func (ExprResponseOutput) Expression 

func (o ExprResponseOutput) Expression() pulumi.StringOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprResponseOutput) Location 

func (o ExprResponseOutput) Location() pulumi.StringOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprResponseOutput) Title 

func (o ExprResponseOutput) Title() pulumi.StringOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprResponseOutput) ToExprResponseOutput 

func (o ExprResponseOutput) ToExprResponseOutput() ExprResponseOutput

func (ExprResponseOutput) ToExprResponseOutputWithContext 

func (o ExprResponseOutput) ToExprResponseOutputWithContext(ctx context.Context) ExprResponseOutput

type GatewaySecurityPolicy added in v0.31.1 

type GatewaySecurityPolicy struct {
	pulumi.CustomResourceState

	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description pulumi.StringOutput `pulumi:"description"`
	// Required. Short name of the GatewaySecurityPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "gateway_security_policy1".
	GatewaySecurityPolicyId pulumi.StringOutput `pulumi:"gatewaySecurityPolicyId"`
	Location                pulumi.StringOutput `pulumi:"location"`
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy} gateway_security_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name    pulumi.StringOutput `pulumi:"name"`
	Project pulumi.StringOutput `pulumi:"project"`
	// Optional. Name of a TLS Inspection Policy resource that defines how TLS inspection will be performed for any rule(s) which enables it.
	TlsInspectionPolicy pulumi.StringOutput `pulumi:"tlsInspectionPolicy"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Creates a new GatewaySecurityPolicy in a given project and location.

func GetGatewaySecurityPolicy added in v0.31.1 

func GetGatewaySecurityPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GatewaySecurityPolicyState, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicy, error)

GetGatewaySecurityPolicy gets an existing GatewaySecurityPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGatewaySecurityPolicy added in v0.31.1 

func NewGatewaySecurityPolicy(ctx *pulumi.Context,
	name string, args *GatewaySecurityPolicyArgs, opts ...pulumi.ResourceOption) (*GatewaySecurityPolicy, error)

NewGatewaySecurityPolicy registers a new resource with the given unique name, arguments, and options.

func (*GatewaySecurityPolicy) ElementType added in v0.31.1 

func (*GatewaySecurityPolicy) ElementType() reflect.Type

func (*GatewaySecurityPolicy) ToGatewaySecurityPolicyOutput added in v0.31.1 

func (i *GatewaySecurityPolicy) ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput

func (*GatewaySecurityPolicy) ToGatewaySecurityPolicyOutputWithContext added in v0.31.1 

func (i *GatewaySecurityPolicy) ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput

type GatewaySecurityPolicyArgs added in v0.31.1 

type GatewaySecurityPolicyArgs struct {
	// Optional. Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Required. Short name of the GatewaySecurityPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "gateway_security_policy1".
	GatewaySecurityPolicyId pulumi.StringInput
	Location                pulumi.StringPtrInput
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy} gateway_security_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name    pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// Optional. Name of a TLS Inspection Policy resource that defines how TLS inspection will be performed for any rule(s) which enables it.
	TlsInspectionPolicy pulumi.StringPtrInput
}

The set of arguments for constructing a GatewaySecurityPolicy resource.

func (GatewaySecurityPolicyArgs) ElementType added in v0.31.1 

func (GatewaySecurityPolicyArgs) ElementType() reflect.Type

type GatewaySecurityPolicyInput added in v0.31.1 

type GatewaySecurityPolicyInput interface {
	pulumi.Input

	ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput
	ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput
}

type GatewaySecurityPolicyOutput added in v0.31.1 

type GatewaySecurityPolicyOutput struct{ *pulumi.OutputState }

func (GatewaySecurityPolicyOutput) CreateTime added in v0.31.1 

func (o GatewaySecurityPolicyOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (GatewaySecurityPolicyOutput) Description added in v0.31.1 

func (o GatewaySecurityPolicyOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (GatewaySecurityPolicyOutput) ElementType added in v0.31.1 

func (GatewaySecurityPolicyOutput) ElementType() reflect.Type

func (GatewaySecurityPolicyOutput) GatewaySecurityPolicyId added in v0.31.1 

func (o GatewaySecurityPolicyOutput) GatewaySecurityPolicyId() pulumi.StringOutput

Required. Short name of the GatewaySecurityPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "gateway_security_policy1".

func (GatewaySecurityPolicyOutput) Location added in v0.31.1 

func (o GatewaySecurityPolicyOutput) Location() pulumi.StringOutput

func (GatewaySecurityPolicyOutput) Name added in v0.31.1 

func (o GatewaySecurityPolicyOutput) Name() pulumi.StringOutput

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy} gateway_security_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).

func (GatewaySecurityPolicyOutput) Project added in v0.31.1 

func (o GatewaySecurityPolicyOutput) Project() pulumi.StringOutput

func (GatewaySecurityPolicyOutput) TlsInspectionPolicy added in v0.31.1 

func (o GatewaySecurityPolicyOutput) TlsInspectionPolicy() pulumi.StringOutput

Optional. Name of a TLS Inspection Policy resource that defines how TLS inspection will be performed for any rule(s) which enables it.

func (GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutput added in v0.31.1 

func (o GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutput() GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutputWithContext added in v0.31.1 

func (o GatewaySecurityPolicyOutput) ToGatewaySecurityPolicyOutputWithContext(ctx context.Context) GatewaySecurityPolicyOutput

func (GatewaySecurityPolicyOutput) UpdateTime added in v0.31.1 

func (o GatewaySecurityPolicyOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type GatewaySecurityPolicyState added in v0.31.1 

type GatewaySecurityPolicyState struct {
}

func (GatewaySecurityPolicyState) ElementType added in v0.31.1 

func (GatewaySecurityPolicyState) ElementType() reflect.Type

type GoogleCloudNetworksecurityV1CertificateProvider 

type GoogleCloudNetworksecurityV1CertificateProvider struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	CertificateProviderInstance *CertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	GrpcEndpoint *GoogleCloudNetworksecurityV1GrpcEndpoint `pulumi:"grpcEndpoint"`
}

Specification of certificate provider. Defines the mechanism to obtain the certificate and private key for peer to peer authentication.

type GoogleCloudNetworksecurityV1CertificateProviderArgs 

type GoogleCloudNetworksecurityV1CertificateProviderArgs struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	CertificateProviderInstance CertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

Specification of certificate provider. Defines the mechanism to obtain the certificate and private key for peer to peer authentication.

func (GoogleCloudNetworksecurityV1CertificateProviderArgs) ElementType 

func (GoogleCloudNetworksecurityV1CertificateProviderArgs) ElementType() reflect.Type

func (GoogleCloudNetworksecurityV1CertificateProviderArgs) ToGoogleCloudNetworksecurityV1CertificateProviderOutput 

func (i GoogleCloudNetworksecurityV1CertificateProviderArgs) ToGoogleCloudNetworksecurityV1CertificateProviderOutput() GoogleCloudNetworksecurityV1CertificateProviderOutput

func (GoogleCloudNetworksecurityV1CertificateProviderArgs) ToGoogleCloudNetworksecurityV1CertificateProviderOutputWithContext 

func (i GoogleCloudNetworksecurityV1CertificateProviderArgs) ToGoogleCloudNetworksecurityV1CertificateProviderOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1CertificateProviderOutput

func (GoogleCloudNetworksecurityV1CertificateProviderArgs) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutput 

func (i GoogleCloudNetworksecurityV1CertificateProviderArgs) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutput() GoogleCloudNetworksecurityV1CertificateProviderPtrOutput

func (GoogleCloudNetworksecurityV1CertificateProviderArgs) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutputWithContext 

func (i GoogleCloudNetworksecurityV1CertificateProviderArgs) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1CertificateProviderPtrOutput

type GoogleCloudNetworksecurityV1CertificateProviderInput 

type GoogleCloudNetworksecurityV1CertificateProviderInput interface {
	pulumi.Input

	ToGoogleCloudNetworksecurityV1CertificateProviderOutput() GoogleCloudNetworksecurityV1CertificateProviderOutput
	ToGoogleCloudNetworksecurityV1CertificateProviderOutputWithContext(context.Context) GoogleCloudNetworksecurityV1CertificateProviderOutput
}

GoogleCloudNetworksecurityV1CertificateProviderInput is an input type that accepts GoogleCloudNetworksecurityV1CertificateProviderArgs and GoogleCloudNetworksecurityV1CertificateProviderOutput values. You can construct a concrete instance of `GoogleCloudNetworksecurityV1CertificateProviderInput` via: 

GoogleCloudNetworksecurityV1CertificateProviderArgs{...}

type GoogleCloudNetworksecurityV1CertificateProviderOutput 

type GoogleCloudNetworksecurityV1CertificateProviderOutput struct{ *pulumi.OutputState }

Specification of certificate provider. Defines the mechanism to obtain the certificate and private key for peer to peer authentication.

func (GoogleCloudNetworksecurityV1CertificateProviderOutput) CertificateProviderInstance 

func (o GoogleCloudNetworksecurityV1CertificateProviderOutput) CertificateProviderInstance() CertificateProviderInstancePtrOutput

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

func (GoogleCloudNetworksecurityV1CertificateProviderOutput) ElementType 

func (GoogleCloudNetworksecurityV1CertificateProviderOutput) ElementType() reflect.Type

func (GoogleCloudNetworksecurityV1CertificateProviderOutput) GrpcEndpoint 

func (o GoogleCloudNetworksecurityV1CertificateProviderOutput) GrpcEndpoint() GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

func (GoogleCloudNetworksecurityV1CertificateProviderOutput) ToGoogleCloudNetworksecurityV1CertificateProviderOutput 

func (o GoogleCloudNetworksecurityV1CertificateProviderOutput) ToGoogleCloudNetworksecurityV1CertificateProviderOutput() GoogleCloudNetworksecurityV1CertificateProviderOutput

func (GoogleCloudNetworksecurityV1CertificateProviderOutput) ToGoogleCloudNetworksecurityV1CertificateProviderOutputWithContext 

func (o GoogleCloudNetworksecurityV1CertificateProviderOutput) ToGoogleCloudNetworksecurityV1CertificateProviderOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1CertificateProviderOutput

func (GoogleCloudNetworksecurityV1CertificateProviderOutput) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutput 

func (o GoogleCloudNetworksecurityV1CertificateProviderOutput) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutput() GoogleCloudNetworksecurityV1CertificateProviderPtrOutput

func (GoogleCloudNetworksecurityV1CertificateProviderOutput) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutputWithContext 

func (o GoogleCloudNetworksecurityV1CertificateProviderOutput) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1CertificateProviderPtrOutput

type GoogleCloudNetworksecurityV1CertificateProviderPtrInput 

type GoogleCloudNetworksecurityV1CertificateProviderPtrInput interface {
	pulumi.Input

	ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutput() GoogleCloudNetworksecurityV1CertificateProviderPtrOutput
	ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutputWithContext(context.Context) GoogleCloudNetworksecurityV1CertificateProviderPtrOutput
}

GoogleCloudNetworksecurityV1CertificateProviderPtrInput is an input type that accepts GoogleCloudNetworksecurityV1CertificateProviderArgs, GoogleCloudNetworksecurityV1CertificateProviderPtr and GoogleCloudNetworksecurityV1CertificateProviderPtrOutput values. You can construct a concrete instance of `GoogleCloudNetworksecurityV1CertificateProviderPtrInput` via: 

        GoogleCloudNetworksecurityV1CertificateProviderArgs{...}

or:

        nil

func GoogleCloudNetworksecurityV1CertificateProviderPtr 

func GoogleCloudNetworksecurityV1CertificateProviderPtr(v *GoogleCloudNetworksecurityV1CertificateProviderArgs) GoogleCloudNetworksecurityV1CertificateProviderPtrInput

type GoogleCloudNetworksecurityV1CertificateProviderPtrOutput 

type GoogleCloudNetworksecurityV1CertificateProviderPtrOutput struct{ *pulumi.OutputState }

func (GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) CertificateProviderInstance 

func (o GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) CertificateProviderInstance() CertificateProviderInstancePtrOutput

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

func (GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) Elem 

func (o GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) Elem() GoogleCloudNetworksecurityV1CertificateProviderOutput

func (GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) ElementType 

func (GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) ElementType() reflect.Type

func (GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) GrpcEndpoint 

func (o GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) GrpcEndpoint() GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

func (GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutput 

func (o GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutput() GoogleCloudNetworksecurityV1CertificateProviderPtrOutput

func (GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutputWithContext 

func (o GoogleCloudNetworksecurityV1CertificateProviderPtrOutput) ToGoogleCloudNetworksecurityV1CertificateProviderPtrOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1CertificateProviderPtrOutput

type GoogleCloudNetworksecurityV1CertificateProviderResponse 

type GoogleCloudNetworksecurityV1CertificateProviderResponse struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	CertificateProviderInstance CertificateProviderInstanceResponse `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the cert and private key.
	GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse `pulumi:"grpcEndpoint"`
}

Specification of certificate provider. Defines the mechanism to obtain the certificate and private key for peer to peer authentication.

type GoogleCloudNetworksecurityV1CertificateProviderResponseOutput 

type GoogleCloudNetworksecurityV1CertificateProviderResponseOutput struct{ *pulumi.OutputState }

Specification of certificate provider. Defines the mechanism to obtain the certificate and private key for peer to peer authentication.

func (GoogleCloudNetworksecurityV1CertificateProviderResponseOutput) CertificateProviderInstance 

func (o GoogleCloudNetworksecurityV1CertificateProviderResponseOutput) CertificateProviderInstance() CertificateProviderInstanceResponseOutput

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

func (GoogleCloudNetworksecurityV1CertificateProviderResponseOutput) ElementType 

func (GoogleCloudNetworksecurityV1CertificateProviderResponseOutput) ElementType() reflect.Type

func (GoogleCloudNetworksecurityV1CertificateProviderResponseOutput) GrpcEndpoint 

func (o GoogleCloudNetworksecurityV1CertificateProviderResponseOutput) GrpcEndpoint() GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

func (GoogleCloudNetworksecurityV1CertificateProviderResponseOutput) ToGoogleCloudNetworksecurityV1CertificateProviderResponseOutput 

func (o GoogleCloudNetworksecurityV1CertificateProviderResponseOutput) ToGoogleCloudNetworksecurityV1CertificateProviderResponseOutput() GoogleCloudNetworksecurityV1CertificateProviderResponseOutput

func (GoogleCloudNetworksecurityV1CertificateProviderResponseOutput) ToGoogleCloudNetworksecurityV1CertificateProviderResponseOutputWithContext 

func (o GoogleCloudNetworksecurityV1CertificateProviderResponseOutput) ToGoogleCloudNetworksecurityV1CertificateProviderResponseOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1CertificateProviderResponseOutput

type GoogleCloudNetworksecurityV1GrpcEndpoint 

type GoogleCloudNetworksecurityV1GrpcEndpoint struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

Specification of the GRPC Endpoint.

type GoogleCloudNetworksecurityV1GrpcEndpointArgs 

type GoogleCloudNetworksecurityV1GrpcEndpointArgs struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri pulumi.StringInput `pulumi:"targetUri"`
}

Specification of the GRPC Endpoint.

func (GoogleCloudNetworksecurityV1GrpcEndpointArgs) ElementType 

func (GoogleCloudNetworksecurityV1GrpcEndpointArgs) ElementType() reflect.Type

func (GoogleCloudNetworksecurityV1GrpcEndpointArgs) ToGoogleCloudNetworksecurityV1GrpcEndpointOutput 

func (i GoogleCloudNetworksecurityV1GrpcEndpointArgs) ToGoogleCloudNetworksecurityV1GrpcEndpointOutput() GoogleCloudNetworksecurityV1GrpcEndpointOutput

func (GoogleCloudNetworksecurityV1GrpcEndpointArgs) ToGoogleCloudNetworksecurityV1GrpcEndpointOutputWithContext 

func (i GoogleCloudNetworksecurityV1GrpcEndpointArgs) ToGoogleCloudNetworksecurityV1GrpcEndpointOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1GrpcEndpointOutput

func (GoogleCloudNetworksecurityV1GrpcEndpointArgs) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutput 

func (i GoogleCloudNetworksecurityV1GrpcEndpointArgs) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutput() GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput

func (GoogleCloudNetworksecurityV1GrpcEndpointArgs) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutputWithContext 

func (i GoogleCloudNetworksecurityV1GrpcEndpointArgs) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput

type GoogleCloudNetworksecurityV1GrpcEndpointInput 

type GoogleCloudNetworksecurityV1GrpcEndpointInput interface {
	pulumi.Input

	ToGoogleCloudNetworksecurityV1GrpcEndpointOutput() GoogleCloudNetworksecurityV1GrpcEndpointOutput
	ToGoogleCloudNetworksecurityV1GrpcEndpointOutputWithContext(context.Context) GoogleCloudNetworksecurityV1GrpcEndpointOutput
}

GoogleCloudNetworksecurityV1GrpcEndpointInput is an input type that accepts GoogleCloudNetworksecurityV1GrpcEndpointArgs and GoogleCloudNetworksecurityV1GrpcEndpointOutput values. You can construct a concrete instance of `GoogleCloudNetworksecurityV1GrpcEndpointInput` via: 

GoogleCloudNetworksecurityV1GrpcEndpointArgs{...}

type GoogleCloudNetworksecurityV1GrpcEndpointOutput 

type GoogleCloudNetworksecurityV1GrpcEndpointOutput struct{ *pulumi.OutputState }

Specification of the GRPC Endpoint.

func (GoogleCloudNetworksecurityV1GrpcEndpointOutput) ElementType 

func (GoogleCloudNetworksecurityV1GrpcEndpointOutput) ElementType() reflect.Type

func (GoogleCloudNetworksecurityV1GrpcEndpointOutput) TargetUri 

func (o GoogleCloudNetworksecurityV1GrpcEndpointOutput) TargetUri() pulumi.StringOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (GoogleCloudNetworksecurityV1GrpcEndpointOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointOutput 

func (o GoogleCloudNetworksecurityV1GrpcEndpointOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointOutput() GoogleCloudNetworksecurityV1GrpcEndpointOutput

func (GoogleCloudNetworksecurityV1GrpcEndpointOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointOutputWithContext 

func (o GoogleCloudNetworksecurityV1GrpcEndpointOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1GrpcEndpointOutput

func (GoogleCloudNetworksecurityV1GrpcEndpointOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutput 

func (o GoogleCloudNetworksecurityV1GrpcEndpointOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutput() GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput

func (GoogleCloudNetworksecurityV1GrpcEndpointOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutputWithContext 

func (o GoogleCloudNetworksecurityV1GrpcEndpointOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput

type GoogleCloudNetworksecurityV1GrpcEndpointPtrInput 

type GoogleCloudNetworksecurityV1GrpcEndpointPtrInput interface {
	pulumi.Input

	ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutput() GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput
	ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutputWithContext(context.Context) GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput
}

GoogleCloudNetworksecurityV1GrpcEndpointPtrInput is an input type that accepts GoogleCloudNetworksecurityV1GrpcEndpointArgs, GoogleCloudNetworksecurityV1GrpcEndpointPtr and GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput values. You can construct a concrete instance of `GoogleCloudNetworksecurityV1GrpcEndpointPtrInput` via: 

        GoogleCloudNetworksecurityV1GrpcEndpointArgs{...}

or:

        nil

func GoogleCloudNetworksecurityV1GrpcEndpointPtr 

func GoogleCloudNetworksecurityV1GrpcEndpointPtr(v *GoogleCloudNetworksecurityV1GrpcEndpointArgs) GoogleCloudNetworksecurityV1GrpcEndpointPtrInput

type GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput 

type GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput struct{ *pulumi.OutputState }

func (GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput) Elem 

func (o GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput) Elem() GoogleCloudNetworksecurityV1GrpcEndpointOutput

func (GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput) ElementType 

func (GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput) ElementType() reflect.Type

func (GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput) TargetUri 

func (o GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput) TargetUri() pulumi.StringPtrOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutput 

func (o GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutput() GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput

func (GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutputWithContext 

func (o GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointPtrOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput

type GoogleCloudNetworksecurityV1GrpcEndpointResponse 

type GoogleCloudNetworksecurityV1GrpcEndpointResponse struct {
	// The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
	TargetUri string `pulumi:"targetUri"`
}

Specification of the GRPC Endpoint.

type GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput 

type GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput struct{ *pulumi.OutputState }

Specification of the GRPC Endpoint.

func (GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput) ElementType 

func (GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput) ElementType() reflect.Type

func (GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput) TargetUri 

func (o GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput) TargetUri() pulumi.StringOutput

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

func (GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointResponseOutput 

func (o GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointResponseOutput() GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput

func (GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointResponseOutputWithContext 

func (o GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput) ToGoogleCloudNetworksecurityV1GrpcEndpointResponseOutputWithContext(ctx context.Context) GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput

type GoogleIamV1AuditConfig 

type GoogleIamV1AuditConfig struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs []GoogleIamV1AuditLogConfig `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service *string `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

type GoogleIamV1AuditConfigArgs 

type GoogleIamV1AuditConfigArgs struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs GoogleIamV1AuditLogConfigArrayInput `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service pulumi.StringPtrInput `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

func (GoogleIamV1AuditConfigArgs) ElementType 

func (GoogleIamV1AuditConfigArgs) ElementType() reflect.Type

func (GoogleIamV1AuditConfigArgs) ToGoogleIamV1AuditConfigOutput 

func (i GoogleIamV1AuditConfigArgs) ToGoogleIamV1AuditConfigOutput() GoogleIamV1AuditConfigOutput

func (GoogleIamV1AuditConfigArgs) ToGoogleIamV1AuditConfigOutputWithContext 

func (i GoogleIamV1AuditConfigArgs) ToGoogleIamV1AuditConfigOutputWithContext(ctx context.Context) GoogleIamV1AuditConfigOutput

type GoogleIamV1AuditConfigArray 

type GoogleIamV1AuditConfigArray []GoogleIamV1AuditConfigInput

func (GoogleIamV1AuditConfigArray) ElementType 

func (GoogleIamV1AuditConfigArray) ElementType() reflect.Type

func (GoogleIamV1AuditConfigArray) ToGoogleIamV1AuditConfigArrayOutput 

func (i GoogleIamV1AuditConfigArray) ToGoogleIamV1AuditConfigArrayOutput() GoogleIamV1AuditConfigArrayOutput

func (GoogleIamV1AuditConfigArray) ToGoogleIamV1AuditConfigArrayOutputWithContext 

func (i GoogleIamV1AuditConfigArray) ToGoogleIamV1AuditConfigArrayOutputWithContext(ctx context.Context) GoogleIamV1AuditConfigArrayOutput

type GoogleIamV1AuditConfigArrayInput 

type GoogleIamV1AuditConfigArrayInput interface {
	pulumi.Input

	ToGoogleIamV1AuditConfigArrayOutput() GoogleIamV1AuditConfigArrayOutput
	ToGoogleIamV1AuditConfigArrayOutputWithContext(context.Context) GoogleIamV1AuditConfigArrayOutput
}

GoogleIamV1AuditConfigArrayInput is an input type that accepts GoogleIamV1AuditConfigArray and GoogleIamV1AuditConfigArrayOutput values. You can construct a concrete instance of `GoogleIamV1AuditConfigArrayInput` via: 

GoogleIamV1AuditConfigArray{ GoogleIamV1AuditConfigArgs{...} }

type GoogleIamV1AuditConfigArrayOutput 

type GoogleIamV1AuditConfigArrayOutput struct{ *pulumi.OutputState }

func (GoogleIamV1AuditConfigArrayOutput) ElementType 

func (GoogleIamV1AuditConfigArrayOutput) ElementType() reflect.Type

func (GoogleIamV1AuditConfigArrayOutput) Index 

func (o GoogleIamV1AuditConfigArrayOutput) Index(i pulumi.IntInput) GoogleIamV1AuditConfigOutput

func (GoogleIamV1AuditConfigArrayOutput) ToGoogleIamV1AuditConfigArrayOutput 

func (o GoogleIamV1AuditConfigArrayOutput) ToGoogleIamV1AuditConfigArrayOutput() GoogleIamV1AuditConfigArrayOutput

func (GoogleIamV1AuditConfigArrayOutput) ToGoogleIamV1AuditConfigArrayOutputWithContext 

func (o GoogleIamV1AuditConfigArrayOutput) ToGoogleIamV1AuditConfigArrayOutputWithContext(ctx context.Context) GoogleIamV1AuditConfigArrayOutput

type GoogleIamV1AuditConfigInput 

type GoogleIamV1AuditConfigInput interface {
	pulumi.Input

	ToGoogleIamV1AuditConfigOutput() GoogleIamV1AuditConfigOutput
	ToGoogleIamV1AuditConfigOutputWithContext(context.Context) GoogleIamV1AuditConfigOutput
}

GoogleIamV1AuditConfigInput is an input type that accepts GoogleIamV1AuditConfigArgs and GoogleIamV1AuditConfigOutput values. You can construct a concrete instance of `GoogleIamV1AuditConfigInput` via: 

GoogleIamV1AuditConfigArgs{...}

type GoogleIamV1AuditConfigOutput 

type GoogleIamV1AuditConfigOutput struct{ *pulumi.OutputState }

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

func (GoogleIamV1AuditConfigOutput) AuditLogConfigs 

func (o GoogleIamV1AuditConfigOutput) AuditLogConfigs() GoogleIamV1AuditLogConfigArrayOutput

The configuration for logging of each type of permission.

func (GoogleIamV1AuditConfigOutput) ElementType 

func (GoogleIamV1AuditConfigOutput) ElementType() reflect.Type

func (GoogleIamV1AuditConfigOutput) Service 

func (o GoogleIamV1AuditConfigOutput) Service() pulumi.StringPtrOutput

Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.

func (GoogleIamV1AuditConfigOutput) ToGoogleIamV1AuditConfigOutput 

func (o GoogleIamV1AuditConfigOutput) ToGoogleIamV1AuditConfigOutput() GoogleIamV1AuditConfigOutput

func (GoogleIamV1AuditConfigOutput) ToGoogleIamV1AuditConfigOutputWithContext 

func (o GoogleIamV1AuditConfigOutput) ToGoogleIamV1AuditConfigOutputWithContext(ctx context.Context) GoogleIamV1AuditConfigOutput

type GoogleIamV1AuditConfigResponse 

type GoogleIamV1AuditConfigResponse struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs []GoogleIamV1AuditLogConfigResponse `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service string `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

type GoogleIamV1AuditConfigResponseArrayOutput 

type GoogleIamV1AuditConfigResponseArrayOutput struct{ *pulumi.OutputState }

func (GoogleIamV1AuditConfigResponseArrayOutput) ElementType 

func (GoogleIamV1AuditConfigResponseArrayOutput) ElementType() reflect.Type

func (GoogleIamV1AuditConfigResponseArrayOutput) Index 

func (o GoogleIamV1AuditConfigResponseArrayOutput) Index(i pulumi.IntInput) GoogleIamV1AuditConfigResponseOutput

func (GoogleIamV1AuditConfigResponseArrayOutput) ToGoogleIamV1AuditConfigResponseArrayOutput 

func (o GoogleIamV1AuditConfigResponseArrayOutput) ToGoogleIamV1AuditConfigResponseArrayOutput() GoogleIamV1AuditConfigResponseArrayOutput

func (GoogleIamV1AuditConfigResponseArrayOutput) ToGoogleIamV1AuditConfigResponseArrayOutputWithContext 

func (o GoogleIamV1AuditConfigResponseArrayOutput) ToGoogleIamV1AuditConfigResponseArrayOutputWithContext(ctx context.Context) GoogleIamV1AuditConfigResponseArrayOutput

type GoogleIamV1AuditConfigResponseOutput 

type GoogleIamV1AuditConfigResponseOutput struct{ *pulumi.OutputState }

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

func (GoogleIamV1AuditConfigResponseOutput) AuditLogConfigs 

func (o GoogleIamV1AuditConfigResponseOutput) AuditLogConfigs() GoogleIamV1AuditLogConfigResponseArrayOutput

The configuration for logging of each type of permission.

func (GoogleIamV1AuditConfigResponseOutput) ElementType 

func (GoogleIamV1AuditConfigResponseOutput) ElementType() reflect.Type

func (GoogleIamV1AuditConfigResponseOutput) Service 

func (o GoogleIamV1AuditConfigResponseOutput) Service() pulumi.StringOutput

Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.

func (GoogleIamV1AuditConfigResponseOutput) ToGoogleIamV1AuditConfigResponseOutput 

func (o GoogleIamV1AuditConfigResponseOutput) ToGoogleIamV1AuditConfigResponseOutput() GoogleIamV1AuditConfigResponseOutput

func (GoogleIamV1AuditConfigResponseOutput) ToGoogleIamV1AuditConfigResponseOutputWithContext 

func (o GoogleIamV1AuditConfigResponseOutput) ToGoogleIamV1AuditConfigResponseOutputWithContext(ctx context.Context) GoogleIamV1AuditConfigResponseOutput

type GoogleIamV1AuditLogConfig 

type GoogleIamV1AuditLogConfig struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType *GoogleIamV1AuditLogConfigLogType `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

type GoogleIamV1AuditLogConfigArgs 

type GoogleIamV1AuditLogConfigArgs struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers pulumi.StringArrayInput `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType GoogleIamV1AuditLogConfigLogTypePtrInput `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (GoogleIamV1AuditLogConfigArgs) ElementType 

func (GoogleIamV1AuditLogConfigArgs) ElementType() reflect.Type

func (GoogleIamV1AuditLogConfigArgs) ToGoogleIamV1AuditLogConfigOutput 

func (i GoogleIamV1AuditLogConfigArgs) ToGoogleIamV1AuditLogConfigOutput() GoogleIamV1AuditLogConfigOutput

func (GoogleIamV1AuditLogConfigArgs) ToGoogleIamV1AuditLogConfigOutputWithContext 

func (i GoogleIamV1AuditLogConfigArgs) ToGoogleIamV1AuditLogConfigOutputWithContext(ctx context.Context) GoogleIamV1AuditLogConfigOutput

type GoogleIamV1AuditLogConfigArray 

type GoogleIamV1AuditLogConfigArray []GoogleIamV1AuditLogConfigInput

func (GoogleIamV1AuditLogConfigArray) ElementType 

func (GoogleIamV1AuditLogConfigArray) ElementType() reflect.Type

func (GoogleIamV1AuditLogConfigArray) ToGoogleIamV1AuditLogConfigArrayOutput 

func (i GoogleIamV1AuditLogConfigArray) ToGoogleIamV1AuditLogConfigArrayOutput() GoogleIamV1AuditLogConfigArrayOutput

func (GoogleIamV1AuditLogConfigArray) ToGoogleIamV1AuditLogConfigArrayOutputWithContext 

func (i GoogleIamV1AuditLogConfigArray) ToGoogleIamV1AuditLogConfigArrayOutputWithContext(ctx context.Context) GoogleIamV1AuditLogConfigArrayOutput

type GoogleIamV1AuditLogConfigArrayInput 

type GoogleIamV1AuditLogConfigArrayInput interface {
	pulumi.Input

	ToGoogleIamV1AuditLogConfigArrayOutput() GoogleIamV1AuditLogConfigArrayOutput
	ToGoogleIamV1AuditLogConfigArrayOutputWithContext(context.Context) GoogleIamV1AuditLogConfigArrayOutput
}

GoogleIamV1AuditLogConfigArrayInput is an input type that accepts GoogleIamV1AuditLogConfigArray and GoogleIamV1AuditLogConfigArrayOutput values. You can construct a concrete instance of `GoogleIamV1AuditLogConfigArrayInput` via: 

GoogleIamV1AuditLogConfigArray{ GoogleIamV1AuditLogConfigArgs{...} }

type GoogleIamV1AuditLogConfigArrayOutput 

type GoogleIamV1AuditLogConfigArrayOutput struct{ *pulumi.OutputState }

func (GoogleIamV1AuditLogConfigArrayOutput) ElementType 

func (GoogleIamV1AuditLogConfigArrayOutput) ElementType() reflect.Type

func (GoogleIamV1AuditLogConfigArrayOutput) Index 

func (o GoogleIamV1AuditLogConfigArrayOutput) Index(i pulumi.IntInput) GoogleIamV1AuditLogConfigOutput

func (GoogleIamV1AuditLogConfigArrayOutput) ToGoogleIamV1AuditLogConfigArrayOutput 

func (o GoogleIamV1AuditLogConfigArrayOutput) ToGoogleIamV1AuditLogConfigArrayOutput() GoogleIamV1AuditLogConfigArrayOutput

func (GoogleIamV1AuditLogConfigArrayOutput) ToGoogleIamV1AuditLogConfigArrayOutputWithContext 

func (o GoogleIamV1AuditLogConfigArrayOutput) ToGoogleIamV1AuditLogConfigArrayOutputWithContext(ctx context.Context) GoogleIamV1AuditLogConfigArrayOutput

type GoogleIamV1AuditLogConfigInput 

type GoogleIamV1AuditLogConfigInput interface {
	pulumi.Input

	ToGoogleIamV1AuditLogConfigOutput() GoogleIamV1AuditLogConfigOutput
	ToGoogleIamV1AuditLogConfigOutputWithContext(context.Context) GoogleIamV1AuditLogConfigOutput
}

GoogleIamV1AuditLogConfigInput is an input type that accepts GoogleIamV1AuditLogConfigArgs and GoogleIamV1AuditLogConfigOutput values. You can construct a concrete instance of `GoogleIamV1AuditLogConfigInput` via: 

GoogleIamV1AuditLogConfigArgs{...}

type GoogleIamV1AuditLogConfigLogType 

type GoogleIamV1AuditLogConfigLogType string

The log type that this config enables.

func (GoogleIamV1AuditLogConfigLogType) ElementType 

func (GoogleIamV1AuditLogConfigLogType) ElementType() reflect.Type

func (GoogleIamV1AuditLogConfigLogType) ToGoogleIamV1AuditLogConfigLogTypeOutput 

func (e GoogleIamV1AuditLogConfigLogType) ToGoogleIamV1AuditLogConfigLogTypeOutput() GoogleIamV1AuditLogConfigLogTypeOutput

func (GoogleIamV1AuditLogConfigLogType) ToGoogleIamV1AuditLogConfigLogTypeOutputWithContext 

func (e GoogleIamV1AuditLogConfigLogType) ToGoogleIamV1AuditLogConfigLogTypeOutputWithContext(ctx context.Context) GoogleIamV1AuditLogConfigLogTypeOutput

func (GoogleIamV1AuditLogConfigLogType) ToGoogleIamV1AuditLogConfigLogTypePtrOutput 

func (e GoogleIamV1AuditLogConfigLogType) ToGoogleIamV1AuditLogConfigLogTypePtrOutput() GoogleIamV1AuditLogConfigLogTypePtrOutput

func (GoogleIamV1AuditLogConfigLogType) ToGoogleIamV1AuditLogConfigLogTypePtrOutputWithContext 

func (e GoogleIamV1AuditLogConfigLogType) ToGoogleIamV1AuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) GoogleIamV1AuditLogConfigLogTypePtrOutput

func (GoogleIamV1AuditLogConfigLogType) ToStringOutput 

func (e GoogleIamV1AuditLogConfigLogType) ToStringOutput() pulumi.StringOutput

func (GoogleIamV1AuditLogConfigLogType) ToStringOutputWithContext 

func (e GoogleIamV1AuditLogConfigLogType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (GoogleIamV1AuditLogConfigLogType) ToStringPtrOutput 

func (e GoogleIamV1AuditLogConfigLogType) ToStringPtrOutput() pulumi.StringPtrOutput

func (GoogleIamV1AuditLogConfigLogType) ToStringPtrOutputWithContext 

func (e GoogleIamV1AuditLogConfigLogType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type GoogleIamV1AuditLogConfigLogTypeInput 

type GoogleIamV1AuditLogConfigLogTypeInput interface {
	pulumi.Input

	ToGoogleIamV1AuditLogConfigLogTypeOutput() GoogleIamV1AuditLogConfigLogTypeOutput
	ToGoogleIamV1AuditLogConfigLogTypeOutputWithContext(context.Context) GoogleIamV1AuditLogConfigLogTypeOutput
}

GoogleIamV1AuditLogConfigLogTypeInput is an input type that accepts GoogleIamV1AuditLogConfigLogTypeArgs and GoogleIamV1AuditLogConfigLogTypeOutput values. You can construct a concrete instance of `GoogleIamV1AuditLogConfigLogTypeInput` via: 

GoogleIamV1AuditLogConfigLogTypeArgs{...}

type GoogleIamV1AuditLogConfigLogTypeOutput 

type GoogleIamV1AuditLogConfigLogTypeOutput struct{ *pulumi.OutputState }

func (GoogleIamV1AuditLogConfigLogTypeOutput) ElementType 

func (GoogleIamV1AuditLogConfigLogTypeOutput) ElementType() reflect.Type

func (GoogleIamV1AuditLogConfigLogTypeOutput) ToGoogleIamV1AuditLogConfigLogTypeOutput 

func (o GoogleIamV1AuditLogConfigLogTypeOutput) ToGoogleIamV1AuditLogConfigLogTypeOutput() GoogleIamV1AuditLogConfigLogTypeOutput

func (GoogleIamV1AuditLogConfigLogTypeOutput) ToGoogleIamV1AuditLogConfigLogTypeOutputWithContext 

func (o GoogleIamV1AuditLogConfigLogTypeOutput) ToGoogleIamV1AuditLogConfigLogTypeOutputWithContext(ctx context.Context) GoogleIamV1AuditLogConfigLogTypeOutput

func (GoogleIamV1AuditLogConfigLogTypeOutput) ToGoogleIamV1AuditLogConfigLogTypePtrOutput 

func (o GoogleIamV1AuditLogConfigLogTypeOutput) ToGoogleIamV1AuditLogConfigLogTypePtrOutput() GoogleIamV1AuditLogConfigLogTypePtrOutput

func (GoogleIamV1AuditLogConfigLogTypeOutput) ToGoogleIamV1AuditLogConfigLogTypePtrOutputWithContext 

func (o GoogleIamV1AuditLogConfigLogTypeOutput) ToGoogleIamV1AuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) GoogleIamV1AuditLogConfigLogTypePtrOutput

func (GoogleIamV1AuditLogConfigLogTypeOutput) ToStringOutput 

func (o GoogleIamV1AuditLogConfigLogTypeOutput) ToStringOutput() pulumi.StringOutput

func (GoogleIamV1AuditLogConfigLogTypeOutput) ToStringOutputWithContext 

func (o GoogleIamV1AuditLogConfigLogTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (GoogleIamV1AuditLogConfigLogTypeOutput) ToStringPtrOutput 

func (o GoogleIamV1AuditLogConfigLogTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (GoogleIamV1AuditLogConfigLogTypeOutput) ToStringPtrOutputWithContext 

func (o GoogleIamV1AuditLogConfigLogTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type GoogleIamV1AuditLogConfigLogTypePtrInput 

type GoogleIamV1AuditLogConfigLogTypePtrInput interface {
	pulumi.Input

	ToGoogleIamV1AuditLogConfigLogTypePtrOutput() GoogleIamV1AuditLogConfigLogTypePtrOutput
	ToGoogleIamV1AuditLogConfigLogTypePtrOutputWithContext(context.Context) GoogleIamV1AuditLogConfigLogTypePtrOutput
}

func GoogleIamV1AuditLogConfigLogTypePtr 

func GoogleIamV1AuditLogConfigLogTypePtr(v string) GoogleIamV1AuditLogConfigLogTypePtrInput

type GoogleIamV1AuditLogConfigLogTypePtrOutput 

type GoogleIamV1AuditLogConfigLogTypePtrOutput struct{ *pulumi.OutputState }

func (GoogleIamV1AuditLogConfigLogTypePtrOutput) Elem 

func (o GoogleIamV1AuditLogConfigLogTypePtrOutput) Elem() GoogleIamV1AuditLogConfigLogTypeOutput

func (GoogleIamV1AuditLogConfigLogTypePtrOutput) ElementType 

func (GoogleIamV1AuditLogConfigLogTypePtrOutput) ElementType() reflect.Type

func (GoogleIamV1AuditLogConfigLogTypePtrOutput) ToGoogleIamV1AuditLogConfigLogTypePtrOutput 

func (o GoogleIamV1AuditLogConfigLogTypePtrOutput) ToGoogleIamV1AuditLogConfigLogTypePtrOutput() GoogleIamV1AuditLogConfigLogTypePtrOutput

func (GoogleIamV1AuditLogConfigLogTypePtrOutput) ToGoogleIamV1AuditLogConfigLogTypePtrOutputWithContext 

func (o GoogleIamV1AuditLogConfigLogTypePtrOutput) ToGoogleIamV1AuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) GoogleIamV1AuditLogConfigLogTypePtrOutput

func (GoogleIamV1AuditLogConfigLogTypePtrOutput) ToStringPtrOutput 

func (o GoogleIamV1AuditLogConfigLogTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (GoogleIamV1AuditLogConfigLogTypePtrOutput) ToStringPtrOutputWithContext 

func (o GoogleIamV1AuditLogConfigLogTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type GoogleIamV1AuditLogConfigOutput 

type GoogleIamV1AuditLogConfigOutput struct{ *pulumi.OutputState }

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (GoogleIamV1AuditLogConfigOutput) ElementType 

func (GoogleIamV1AuditLogConfigOutput) ElementType() reflect.Type

func (GoogleIamV1AuditLogConfigOutput) ExemptedMembers 

func (o GoogleIamV1AuditLogConfigOutput) ExemptedMembers() pulumi.StringArrayOutput

Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.

func (GoogleIamV1AuditLogConfigOutput) LogType 

func (o GoogleIamV1AuditLogConfigOutput) LogType() GoogleIamV1AuditLogConfigLogTypePtrOutput

The log type that this config enables.

func (GoogleIamV1AuditLogConfigOutput) ToGoogleIamV1AuditLogConfigOutput 

func (o GoogleIamV1AuditLogConfigOutput) ToGoogleIamV1AuditLogConfigOutput() GoogleIamV1AuditLogConfigOutput

func (GoogleIamV1AuditLogConfigOutput) ToGoogleIamV1AuditLogConfigOutputWithContext 

func (o GoogleIamV1AuditLogConfigOutput) ToGoogleIamV1AuditLogConfigOutputWithContext(ctx context.Context) GoogleIamV1AuditLogConfigOutput

type GoogleIamV1AuditLogConfigResponse 

type GoogleIamV1AuditLogConfigResponse struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType string `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

type GoogleIamV1AuditLogConfigResponseArrayOutput 

type GoogleIamV1AuditLogConfigResponseArrayOutput struct{ *pulumi.OutputState }

func (GoogleIamV1AuditLogConfigResponseArrayOutput) ElementType 

func (GoogleIamV1AuditLogConfigResponseArrayOutput) ElementType() reflect.Type

func (GoogleIamV1AuditLogConfigResponseArrayOutput) Index 

func (o GoogleIamV1AuditLogConfigResponseArrayOutput) Index(i pulumi.IntInput) GoogleIamV1AuditLogConfigResponseOutput

func (GoogleIamV1AuditLogConfigResponseArrayOutput) ToGoogleIamV1AuditLogConfigResponseArrayOutput 

func (o GoogleIamV1AuditLogConfigResponseArrayOutput) ToGoogleIamV1AuditLogConfigResponseArrayOutput() GoogleIamV1AuditLogConfigResponseArrayOutput

func (GoogleIamV1AuditLogConfigResponseArrayOutput) ToGoogleIamV1AuditLogConfigResponseArrayOutputWithContext 

func (o GoogleIamV1AuditLogConfigResponseArrayOutput) ToGoogleIamV1AuditLogConfigResponseArrayOutputWithContext(ctx context.Context) GoogleIamV1AuditLogConfigResponseArrayOutput

type GoogleIamV1AuditLogConfigResponseOutput 

type GoogleIamV1AuditLogConfigResponseOutput struct{ *pulumi.OutputState }

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (GoogleIamV1AuditLogConfigResponseOutput) ElementType 

func (GoogleIamV1AuditLogConfigResponseOutput) ElementType() reflect.Type

func (GoogleIamV1AuditLogConfigResponseOutput) ExemptedMembers 

func (o GoogleIamV1AuditLogConfigResponseOutput) ExemptedMembers() pulumi.StringArrayOutput

Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.

func (GoogleIamV1AuditLogConfigResponseOutput) LogType 

func (o GoogleIamV1AuditLogConfigResponseOutput) LogType() pulumi.StringOutput

The log type that this config enables.

func (GoogleIamV1AuditLogConfigResponseOutput) ToGoogleIamV1AuditLogConfigResponseOutput 

func (o GoogleIamV1AuditLogConfigResponseOutput) ToGoogleIamV1AuditLogConfigResponseOutput() GoogleIamV1AuditLogConfigResponseOutput

func (GoogleIamV1AuditLogConfigResponseOutput) ToGoogleIamV1AuditLogConfigResponseOutputWithContext 

func (o GoogleIamV1AuditLogConfigResponseOutput) ToGoogleIamV1AuditLogConfigResponseOutputWithContext(ctx context.Context) GoogleIamV1AuditLogConfigResponseOutput

type GoogleIamV1Binding 

type GoogleIamV1Binding struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition *Expr `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members []string `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role *string `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

type GoogleIamV1BindingArgs 

type GoogleIamV1BindingArgs struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition ExprPtrInput `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members pulumi.StringArrayInput `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringPtrInput `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

func (GoogleIamV1BindingArgs) ElementType 

func (GoogleIamV1BindingArgs) ElementType() reflect.Type

func (GoogleIamV1BindingArgs) ToGoogleIamV1BindingOutput 

func (i GoogleIamV1BindingArgs) ToGoogleIamV1BindingOutput() GoogleIamV1BindingOutput

func (GoogleIamV1BindingArgs) ToGoogleIamV1BindingOutputWithContext 

func (i GoogleIamV1BindingArgs) ToGoogleIamV1BindingOutputWithContext(ctx context.Context) GoogleIamV1BindingOutput

type GoogleIamV1BindingArray 

type GoogleIamV1BindingArray []GoogleIamV1BindingInput

func (GoogleIamV1BindingArray) ElementType 

func (GoogleIamV1BindingArray) ElementType() reflect.Type

func (GoogleIamV1BindingArray) ToGoogleIamV1BindingArrayOutput 

func (i GoogleIamV1BindingArray) ToGoogleIamV1BindingArrayOutput() GoogleIamV1BindingArrayOutput

func (GoogleIamV1BindingArray) ToGoogleIamV1BindingArrayOutputWithContext 

func (i GoogleIamV1BindingArray) ToGoogleIamV1BindingArrayOutputWithContext(ctx context.Context) GoogleIamV1BindingArrayOutput

type GoogleIamV1BindingArrayInput 

type GoogleIamV1BindingArrayInput interface {
	pulumi.Input

	ToGoogleIamV1BindingArrayOutput() GoogleIamV1BindingArrayOutput
	ToGoogleIamV1BindingArrayOutputWithContext(context.Context) GoogleIamV1BindingArrayOutput
}

GoogleIamV1BindingArrayInput is an input type that accepts GoogleIamV1BindingArray and GoogleIamV1BindingArrayOutput values. You can construct a concrete instance of `GoogleIamV1BindingArrayInput` via: 

GoogleIamV1BindingArray{ GoogleIamV1BindingArgs{...} }

type GoogleIamV1BindingArrayOutput 

type GoogleIamV1BindingArrayOutput struct{ *pulumi.OutputState }

func (GoogleIamV1BindingArrayOutput) ElementType 

func (GoogleIamV1BindingArrayOutput) ElementType() reflect.Type

func (GoogleIamV1BindingArrayOutput) Index 

func (o GoogleIamV1BindingArrayOutput) Index(i pulumi.IntInput) GoogleIamV1BindingOutput

func (GoogleIamV1BindingArrayOutput) ToGoogleIamV1BindingArrayOutput 

func (o GoogleIamV1BindingArrayOutput) ToGoogleIamV1BindingArrayOutput() GoogleIamV1BindingArrayOutput

func (GoogleIamV1BindingArrayOutput) ToGoogleIamV1BindingArrayOutputWithContext 

func (o GoogleIamV1BindingArrayOutput) ToGoogleIamV1BindingArrayOutputWithContext(ctx context.Context) GoogleIamV1BindingArrayOutput

type GoogleIamV1BindingInput 

type GoogleIamV1BindingInput interface {
	pulumi.Input

	ToGoogleIamV1BindingOutput() GoogleIamV1BindingOutput
	ToGoogleIamV1BindingOutputWithContext(context.Context) GoogleIamV1BindingOutput
}

GoogleIamV1BindingInput is an input type that accepts GoogleIamV1BindingArgs and GoogleIamV1BindingOutput values. You can construct a concrete instance of `GoogleIamV1BindingInput` via: 

GoogleIamV1BindingArgs{...}

type GoogleIamV1BindingOutput 

type GoogleIamV1BindingOutput struct{ *pulumi.OutputState }

Associates `members`, or principals, with a `role`.

func (GoogleIamV1BindingOutput) Condition 

func (o GoogleIamV1BindingOutput) Condition() ExprPtrOutput

The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

func (GoogleIamV1BindingOutput) ElementType 

func (GoogleIamV1BindingOutput) ElementType() reflect.Type

func (GoogleIamV1BindingOutput) Members 

func (o GoogleIamV1BindingOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (GoogleIamV1BindingOutput) Role 

func (o GoogleIamV1BindingOutput) Role() pulumi.StringPtrOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (GoogleIamV1BindingOutput) ToGoogleIamV1BindingOutput 

func (o GoogleIamV1BindingOutput) ToGoogleIamV1BindingOutput() GoogleIamV1BindingOutput

func (GoogleIamV1BindingOutput) ToGoogleIamV1BindingOutputWithContext 

func (o GoogleIamV1BindingOutput) ToGoogleIamV1BindingOutputWithContext(ctx context.Context) GoogleIamV1BindingOutput

type GoogleIamV1BindingResponse 

type GoogleIamV1BindingResponse struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition ExprResponse `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members []string `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role string `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

type GoogleIamV1BindingResponseArrayOutput 

type GoogleIamV1BindingResponseArrayOutput struct{ *pulumi.OutputState }

func (GoogleIamV1BindingResponseArrayOutput) ElementType 

func (GoogleIamV1BindingResponseArrayOutput) ElementType() reflect.Type

func (GoogleIamV1BindingResponseArrayOutput) Index 

func (o GoogleIamV1BindingResponseArrayOutput) Index(i pulumi.IntInput) GoogleIamV1BindingResponseOutput

func (GoogleIamV1BindingResponseArrayOutput) ToGoogleIamV1BindingResponseArrayOutput 

func (o GoogleIamV1BindingResponseArrayOutput) ToGoogleIamV1BindingResponseArrayOutput() GoogleIamV1BindingResponseArrayOutput

func (GoogleIamV1BindingResponseArrayOutput) ToGoogleIamV1BindingResponseArrayOutputWithContext 

func (o GoogleIamV1BindingResponseArrayOutput) ToGoogleIamV1BindingResponseArrayOutputWithContext(ctx context.Context) GoogleIamV1BindingResponseArrayOutput

type GoogleIamV1BindingResponseOutput 

type GoogleIamV1BindingResponseOutput struct{ *pulumi.OutputState }

Associates `members`, or principals, with a `role`.

func (GoogleIamV1BindingResponseOutput) Condition 

func (o GoogleIamV1BindingResponseOutput) Condition() ExprResponseOutput

The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

func (GoogleIamV1BindingResponseOutput) ElementType 

func (GoogleIamV1BindingResponseOutput) ElementType() reflect.Type

func (GoogleIamV1BindingResponseOutput) Members 

func (o GoogleIamV1BindingResponseOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (GoogleIamV1BindingResponseOutput) Role 

func (o GoogleIamV1BindingResponseOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (GoogleIamV1BindingResponseOutput) ToGoogleIamV1BindingResponseOutput 

func (o GoogleIamV1BindingResponseOutput) ToGoogleIamV1BindingResponseOutput() GoogleIamV1BindingResponseOutput

func (GoogleIamV1BindingResponseOutput) ToGoogleIamV1BindingResponseOutputWithContext 

func (o GoogleIamV1BindingResponseOutput) ToGoogleIamV1BindingResponseOutputWithContext(ctx context.Context) GoogleIamV1BindingResponseOutput

type HttpHeaderMatch 

type HttpHeaderMatch struct {
	// The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".
	HeaderName string `pulumi:"headerName"`
	// The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.
	RegexMatch string `pulumi:"regexMatch"`
}

Specification of HTTP header match attributes.

type HttpHeaderMatchArgs 

type HttpHeaderMatchArgs struct {
	// The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".
	HeaderName pulumi.StringInput `pulumi:"headerName"`
	// The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.
	RegexMatch pulumi.StringInput `pulumi:"regexMatch"`
}

Specification of HTTP header match attributes.

func (HttpHeaderMatchArgs) ElementType 

func (HttpHeaderMatchArgs) ElementType() reflect.Type

func (HttpHeaderMatchArgs) ToHttpHeaderMatchOutput 

func (i HttpHeaderMatchArgs) ToHttpHeaderMatchOutput() HttpHeaderMatchOutput

func (HttpHeaderMatchArgs) ToHttpHeaderMatchOutputWithContext 

func (i HttpHeaderMatchArgs) ToHttpHeaderMatchOutputWithContext(ctx context.Context) HttpHeaderMatchOutput

func (HttpHeaderMatchArgs) ToHttpHeaderMatchPtrOutput 

func (i HttpHeaderMatchArgs) ToHttpHeaderMatchPtrOutput() HttpHeaderMatchPtrOutput

func (HttpHeaderMatchArgs) ToHttpHeaderMatchPtrOutputWithContext 

func (i HttpHeaderMatchArgs) ToHttpHeaderMatchPtrOutputWithContext(ctx context.Context) HttpHeaderMatchPtrOutput

type HttpHeaderMatchInput 

type HttpHeaderMatchInput interface {
	pulumi.Input

	ToHttpHeaderMatchOutput() HttpHeaderMatchOutput
	ToHttpHeaderMatchOutputWithContext(context.Context) HttpHeaderMatchOutput
}

HttpHeaderMatchInput is an input type that accepts HttpHeaderMatchArgs and HttpHeaderMatchOutput values. You can construct a concrete instance of `HttpHeaderMatchInput` via: 

HttpHeaderMatchArgs{...}

type HttpHeaderMatchOutput 

type HttpHeaderMatchOutput struct{ *pulumi.OutputState }

Specification of HTTP header match attributes.

func (HttpHeaderMatchOutput) ElementType 

func (HttpHeaderMatchOutput) ElementType() reflect.Type

func (HttpHeaderMatchOutput) HeaderName 

func (o HttpHeaderMatchOutput) HeaderName() pulumi.StringOutput

The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".

func (HttpHeaderMatchOutput) RegexMatch 

func (o HttpHeaderMatchOutput) RegexMatch() pulumi.StringOutput

The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.

func (HttpHeaderMatchOutput) ToHttpHeaderMatchOutput 

func (o HttpHeaderMatchOutput) ToHttpHeaderMatchOutput() HttpHeaderMatchOutput

func (HttpHeaderMatchOutput) ToHttpHeaderMatchOutputWithContext 

func (o HttpHeaderMatchOutput) ToHttpHeaderMatchOutputWithContext(ctx context.Context) HttpHeaderMatchOutput

func (HttpHeaderMatchOutput) ToHttpHeaderMatchPtrOutput 

func (o HttpHeaderMatchOutput) ToHttpHeaderMatchPtrOutput() HttpHeaderMatchPtrOutput

func (HttpHeaderMatchOutput) ToHttpHeaderMatchPtrOutputWithContext 

func (o HttpHeaderMatchOutput) ToHttpHeaderMatchPtrOutputWithContext(ctx context.Context) HttpHeaderMatchPtrOutput

type HttpHeaderMatchPtrInput 

type HttpHeaderMatchPtrInput interface {
	pulumi.Input

	ToHttpHeaderMatchPtrOutput() HttpHeaderMatchPtrOutput
	ToHttpHeaderMatchPtrOutputWithContext(context.Context) HttpHeaderMatchPtrOutput
}

HttpHeaderMatchPtrInput is an input type that accepts HttpHeaderMatchArgs, HttpHeaderMatchPtr and HttpHeaderMatchPtrOutput values. You can construct a concrete instance of `HttpHeaderMatchPtrInput` via: 

        HttpHeaderMatchArgs{...}

or:

        nil

func HttpHeaderMatchPtr 

func HttpHeaderMatchPtr(v *HttpHeaderMatchArgs) HttpHeaderMatchPtrInput

type HttpHeaderMatchPtrOutput 

type HttpHeaderMatchPtrOutput struct{ *pulumi.OutputState }

func (HttpHeaderMatchPtrOutput) Elem 

func (o HttpHeaderMatchPtrOutput) Elem() HttpHeaderMatchOutput

func (HttpHeaderMatchPtrOutput) ElementType 

func (HttpHeaderMatchPtrOutput) ElementType() reflect.Type

func (HttpHeaderMatchPtrOutput) HeaderName 

func (o HttpHeaderMatchPtrOutput) HeaderName() pulumi.StringPtrOutput

The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".

func (HttpHeaderMatchPtrOutput) RegexMatch 

func (o HttpHeaderMatchPtrOutput) RegexMatch() pulumi.StringPtrOutput

The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.

func (HttpHeaderMatchPtrOutput) ToHttpHeaderMatchPtrOutput 

func (o HttpHeaderMatchPtrOutput) ToHttpHeaderMatchPtrOutput() HttpHeaderMatchPtrOutput

func (HttpHeaderMatchPtrOutput) ToHttpHeaderMatchPtrOutputWithContext 

func (o HttpHeaderMatchPtrOutput) ToHttpHeaderMatchPtrOutputWithContext(ctx context.Context) HttpHeaderMatchPtrOutput

type HttpHeaderMatchResponse 

type HttpHeaderMatchResponse struct {
	// The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".
	HeaderName string `pulumi:"headerName"`
	// The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.
	RegexMatch string `pulumi:"regexMatch"`
}

Specification of HTTP header match attributes.

type HttpHeaderMatchResponseOutput 

type HttpHeaderMatchResponseOutput struct{ *pulumi.OutputState }

Specification of HTTP header match attributes.

func (HttpHeaderMatchResponseOutput) ElementType 

func (HttpHeaderMatchResponseOutput) ElementType() reflect.Type

func (HttpHeaderMatchResponseOutput) HeaderName 

func (o HttpHeaderMatchResponseOutput) HeaderName() pulumi.StringOutput

The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method".

func (HttpHeaderMatchResponseOutput) RegexMatch 

func (o HttpHeaderMatchResponseOutput) RegexMatch() pulumi.StringOutput

The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: en.cppreference.com/w/cpp/regex/ecmascript For matching against a port specified in the HTTP request, use a headerMatch with headerName set to Host and a regular expression that satisfies the RFC2616 Host header's port specifier.

func (HttpHeaderMatchResponseOutput) ToHttpHeaderMatchResponseOutput 

func (o HttpHeaderMatchResponseOutput) ToHttpHeaderMatchResponseOutput() HttpHeaderMatchResponseOutput

func (HttpHeaderMatchResponseOutput) ToHttpHeaderMatchResponseOutputWithContext 

func (o HttpHeaderMatchResponseOutput) ToHttpHeaderMatchResponseOutputWithContext(ctx context.Context) HttpHeaderMatchResponseOutput

type LookupAddressGroupArgs added in v0.32.0 

type LookupAddressGroupArgs struct {
	AddressGroupId string  `pulumi:"addressGroupId"`
	Location       string  `pulumi:"location"`
	Project        *string `pulumi:"project"`
}

type LookupAddressGroupIamPolicyArgs added in v0.32.0 

type LookupAddressGroupIamPolicyArgs struct {
	AddressGroupId                string  `pulumi:"addressGroupId"`
	Location                      string  `pulumi:"location"`
	OptionsRequestedPolicyVersion *int    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       *string `pulumi:"project"`
}

type LookupAddressGroupIamPolicyOutputArgs added in v0.32.0 

type LookupAddressGroupIamPolicyOutputArgs struct {
	AddressGroupId                pulumi.StringInput    `pulumi:"addressGroupId"`
	Location                      pulumi.StringInput    `pulumi:"location"`
	OptionsRequestedPolicyVersion pulumi.IntPtrInput    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupAddressGroupIamPolicyOutputArgs) ElementType added in v0.32.0 

func (LookupAddressGroupIamPolicyOutputArgs) ElementType() reflect.Type

type LookupAddressGroupIamPolicyResult added in v0.32.0 

type LookupAddressGroupIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []GoogleIamV1AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []GoogleIamV1BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupAddressGroupIamPolicy added in v0.32.0 

func LookupAddressGroupIamPolicy(ctx *pulumi.Context, args *LookupAddressGroupIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupAddressGroupIamPolicyResult, error)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

type LookupAddressGroupIamPolicyResultOutput added in v0.32.0 

type LookupAddressGroupIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupAddressGroupIamPolicyOutput added in v0.32.0 

func LookupAddressGroupIamPolicyOutput(ctx *pulumi.Context, args LookupAddressGroupIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupAddressGroupIamPolicyResultOutput

func (LookupAddressGroupIamPolicyResultOutput) AuditConfigs added in v0.32.0 

func (o LookupAddressGroupIamPolicyResultOutput) AuditConfigs() GoogleIamV1AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupAddressGroupIamPolicyResultOutput) Bindings added in v0.32.0 

func (o LookupAddressGroupIamPolicyResultOutput) Bindings() GoogleIamV1BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupAddressGroupIamPolicyResultOutput) ElementType added in v0.32.0 

func (LookupAddressGroupIamPolicyResultOutput) ElementType() reflect.Type

func (LookupAddressGroupIamPolicyResultOutput) Etag added in v0.32.0 

func (o LookupAddressGroupIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutput added in v0.32.0 

func (o LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutput() LookupAddressGroupIamPolicyResultOutput

func (LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutputWithContext added in v0.32.0 

func (o LookupAddressGroupIamPolicyResultOutput) ToLookupAddressGroupIamPolicyResultOutputWithContext(ctx context.Context) LookupAddressGroupIamPolicyResultOutput

func (LookupAddressGroupIamPolicyResultOutput) Version added in v0.32.0 

func (o LookupAddressGroupIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupAddressGroupOutputArgs added in v0.32.0 

type LookupAddressGroupOutputArgs struct {
	AddressGroupId pulumi.StringInput    `pulumi:"addressGroupId"`
	Location       pulumi.StringInput    `pulumi:"location"`
	Project        pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupAddressGroupOutputArgs) ElementType added in v0.32.0 

func (LookupAddressGroupOutputArgs) ElementType() reflect.Type

type LookupAddressGroupResult added in v0.32.0 

type LookupAddressGroupResult struct {
	// Capacity of the Address Group
	Capacity int `pulumi:"capacity"`
	// The timestamp when the resource was created.
	CreateTime string `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description string `pulumi:"description"`
	// Optional. List of items.
	Items []string `pulumi:"items"`
	// Optional. Set of label tags associated with the AddressGroup resource.
	Labels map[string]string `pulumi:"labels"`
	// Name of the AddressGroup resource. It matches pattern `projects/*/locations/{location}/addressGroups/`.
	Name string `pulumi:"name"`
	// Server-defined fully-qualified URL for this resource.
	SelfLink string `pulumi:"selfLink"`
	// The type of the Address Group. Possible values are "IPv4" or "IPV6".
	Type string `pulumi:"type"`
	// The timestamp when the resource was updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupAddressGroup added in v0.32.0 

func LookupAddressGroup(ctx *pulumi.Context, args *LookupAddressGroupArgs, opts ...pulumi.InvokeOption) (*LookupAddressGroupResult, error)

Gets details of a single address group.

type LookupAddressGroupResultOutput added in v0.32.0 

type LookupAddressGroupResultOutput struct{ *pulumi.OutputState }

func LookupAddressGroupOutput added in v0.32.0 

func LookupAddressGroupOutput(ctx *pulumi.Context, args LookupAddressGroupOutputArgs, opts ...pulumi.InvokeOption) LookupAddressGroupResultOutput

func (LookupAddressGroupResultOutput) Capacity added in v0.32.0 

func (o LookupAddressGroupResultOutput) Capacity() pulumi.IntOutput

Capacity of the Address Group

func (LookupAddressGroupResultOutput) CreateTime added in v0.32.0 

func (o LookupAddressGroupResultOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (LookupAddressGroupResultOutput) Description added in v0.32.0 

func (o LookupAddressGroupResultOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (LookupAddressGroupResultOutput) ElementType added in v0.32.0 

func (LookupAddressGroupResultOutput) ElementType() reflect.Type

func (LookupAddressGroupResultOutput) Items added in v0.32.0 

func (o LookupAddressGroupResultOutput) Items() pulumi.StringArrayOutput

Optional. List of items.

func (LookupAddressGroupResultOutput) Labels added in v0.32.0 

func (o LookupAddressGroupResultOutput) Labels() pulumi.StringMapOutput

Optional. Set of label tags associated with the AddressGroup resource.

func (LookupAddressGroupResultOutput) Name added in v0.32.0 

func (o LookupAddressGroupResultOutput) Name() pulumi.StringOutput

Name of the AddressGroup resource. It matches pattern `projects/*/locations/{location}/addressGroups/`. 

func (o LookupAddressGroupResultOutput) SelfLink() pulumi.StringOutput

Server-defined fully-qualified URL for this resource.

func (LookupAddressGroupResultOutput) ToLookupAddressGroupResultOutput added in v0.32.0 

func (o LookupAddressGroupResultOutput) ToLookupAddressGroupResultOutput() LookupAddressGroupResultOutput

func (LookupAddressGroupResultOutput) ToLookupAddressGroupResultOutputWithContext added in v0.32.0 

func (o LookupAddressGroupResultOutput) ToLookupAddressGroupResultOutputWithContext(ctx context.Context) LookupAddressGroupResultOutput

func (LookupAddressGroupResultOutput) Type added in v0.32.0 

func (o LookupAddressGroupResultOutput) Type() pulumi.StringOutput

The type of the Address Group. Possible values are "IPv4" or "IPV6".

func (LookupAddressGroupResultOutput) UpdateTime added in v0.32.0 

func (o LookupAddressGroupResultOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type LookupAuthorizationPolicyArgs 

type LookupAuthorizationPolicyArgs struct {
	AuthorizationPolicyId string  `pulumi:"authorizationPolicyId"`
	Location              string  `pulumi:"location"`
	Project               *string `pulumi:"project"`
}

type LookupAuthorizationPolicyIamPolicyArgs 

type LookupAuthorizationPolicyIamPolicyArgs struct {
	AuthorizationPolicyId         string  `pulumi:"authorizationPolicyId"`
	Location                      string  `pulumi:"location"`
	OptionsRequestedPolicyVersion *int    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       *string `pulumi:"project"`
}

type LookupAuthorizationPolicyIamPolicyOutputArgs 

type LookupAuthorizationPolicyIamPolicyOutputArgs struct {
	AuthorizationPolicyId         pulumi.StringInput    `pulumi:"authorizationPolicyId"`
	Location                      pulumi.StringInput    `pulumi:"location"`
	OptionsRequestedPolicyVersion pulumi.IntPtrInput    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupAuthorizationPolicyIamPolicyOutputArgs) ElementType 

func (LookupAuthorizationPolicyIamPolicyOutputArgs) ElementType() reflect.Type

type LookupAuthorizationPolicyIamPolicyResult 

type LookupAuthorizationPolicyIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []GoogleIamV1AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []GoogleIamV1BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupAuthorizationPolicyIamPolicy 

func LookupAuthorizationPolicyIamPolicy(ctx *pulumi.Context, args *LookupAuthorizationPolicyIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupAuthorizationPolicyIamPolicyResult, error)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

type LookupAuthorizationPolicyIamPolicyResultOutput 

type LookupAuthorizationPolicyIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupAuthorizationPolicyIamPolicyOutput 

func LookupAuthorizationPolicyIamPolicyOutput(ctx *pulumi.Context, args LookupAuthorizationPolicyIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupAuthorizationPolicyIamPolicyResultOutput

func (LookupAuthorizationPolicyIamPolicyResultOutput) AuditConfigs 

func (o LookupAuthorizationPolicyIamPolicyResultOutput) AuditConfigs() GoogleIamV1AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupAuthorizationPolicyIamPolicyResultOutput) Bindings 

func (o LookupAuthorizationPolicyIamPolicyResultOutput) Bindings() GoogleIamV1BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupAuthorizationPolicyIamPolicyResultOutput) ElementType 

func (LookupAuthorizationPolicyIamPolicyResultOutput) ElementType() reflect.Type

func (LookupAuthorizationPolicyIamPolicyResultOutput) Etag 

func (o LookupAuthorizationPolicyIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupAuthorizationPolicyIamPolicyResultOutput) ToLookupAuthorizationPolicyIamPolicyResultOutput 

func (o LookupAuthorizationPolicyIamPolicyResultOutput) ToLookupAuthorizationPolicyIamPolicyResultOutput() LookupAuthorizationPolicyIamPolicyResultOutput

func (LookupAuthorizationPolicyIamPolicyResultOutput) ToLookupAuthorizationPolicyIamPolicyResultOutputWithContext 

func (o LookupAuthorizationPolicyIamPolicyResultOutput) ToLookupAuthorizationPolicyIamPolicyResultOutputWithContext(ctx context.Context) LookupAuthorizationPolicyIamPolicyResultOutput

func (LookupAuthorizationPolicyIamPolicyResultOutput) Version 

func (o LookupAuthorizationPolicyIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupAuthorizationPolicyOutputArgs 

type LookupAuthorizationPolicyOutputArgs struct {
	AuthorizationPolicyId pulumi.StringInput    `pulumi:"authorizationPolicyId"`
	Location              pulumi.StringInput    `pulumi:"location"`
	Project               pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupAuthorizationPolicyOutputArgs) ElementType 

func (LookupAuthorizationPolicyOutputArgs) ElementType() reflect.Type

type LookupAuthorizationPolicyResult 

type LookupAuthorizationPolicyResult struct {
	// The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".
	Action string `pulumi:"action"`
	// The timestamp when the resource was created.
	CreateTime string `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description string `pulumi:"description"`
	// Optional. Set of label tags associated with the AuthorizationPolicy resource.
	Labels map[string]string `pulumi:"labels"`
	// Name of the AuthorizationPolicy resource. It matches pattern `projects/{project}/locations/{location}/authorizationPolicies/`.
	Name string `pulumi:"name"`
	// Optional. List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken. A rule is a match if there is a matching source and destination. If left blank, the action specified in the `action` field will be applied on every request.
	Rules []RuleResponse `pulumi:"rules"`
	// The timestamp when the resource was updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupAuthorizationPolicy 

func LookupAuthorizationPolicy(ctx *pulumi.Context, args *LookupAuthorizationPolicyArgs, opts ...pulumi.InvokeOption) (*LookupAuthorizationPolicyResult, error)

Gets details of a single AuthorizationPolicy.

type LookupAuthorizationPolicyResultOutput 

type LookupAuthorizationPolicyResultOutput struct{ *pulumi.OutputState }

func LookupAuthorizationPolicyOutput 

func LookupAuthorizationPolicyOutput(ctx *pulumi.Context, args LookupAuthorizationPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupAuthorizationPolicyResultOutput

func (LookupAuthorizationPolicyResultOutput) Action 

func (o LookupAuthorizationPolicyResultOutput) Action() pulumi.StringOutput

The action to take when a rule match is found. Possible values are "ALLOW" or "DENY".

func (LookupAuthorizationPolicyResultOutput) CreateTime 

func (o LookupAuthorizationPolicyResultOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (LookupAuthorizationPolicyResultOutput) Description 

func (o LookupAuthorizationPolicyResultOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (LookupAuthorizationPolicyResultOutput) ElementType 

func (LookupAuthorizationPolicyResultOutput) ElementType() reflect.Type

func (LookupAuthorizationPolicyResultOutput) Labels 

func (o LookupAuthorizationPolicyResultOutput) Labels() pulumi.StringMapOutput

Optional. Set of label tags associated with the AuthorizationPolicy resource.

func (LookupAuthorizationPolicyResultOutput) Name 

func (o LookupAuthorizationPolicyResultOutput) Name() pulumi.StringOutput

Name of the AuthorizationPolicy resource. It matches pattern `projects/{project}/locations/{location}/authorizationPolicies/`.

func (LookupAuthorizationPolicyResultOutput) Rules 

func (o LookupAuthorizationPolicyResultOutput) Rules() RuleResponseArrayOutput

Optional. List of rules to match. Note that at least one of the rules must match in order for the action specified in the 'action' field to be taken. A rule is a match if there is a matching source and destination. If left blank, the action specified in the `action` field will be applied on every request.

func (LookupAuthorizationPolicyResultOutput) ToLookupAuthorizationPolicyResultOutput 

func (o LookupAuthorizationPolicyResultOutput) ToLookupAuthorizationPolicyResultOutput() LookupAuthorizationPolicyResultOutput

func (LookupAuthorizationPolicyResultOutput) ToLookupAuthorizationPolicyResultOutputWithContext 

func (o LookupAuthorizationPolicyResultOutput) ToLookupAuthorizationPolicyResultOutputWithContext(ctx context.Context) LookupAuthorizationPolicyResultOutput

func (LookupAuthorizationPolicyResultOutput) UpdateTime 

func (o LookupAuthorizationPolicyResultOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type LookupClientTlsPolicyArgs 

type LookupClientTlsPolicyArgs struct {
	ClientTlsPolicyId string  `pulumi:"clientTlsPolicyId"`
	Location          string  `pulumi:"location"`
	Project           *string `pulumi:"project"`
}

type LookupClientTlsPolicyIamPolicyArgs 

type LookupClientTlsPolicyIamPolicyArgs struct {
	ClientTlsPolicyId             string  `pulumi:"clientTlsPolicyId"`
	Location                      string  `pulumi:"location"`
	OptionsRequestedPolicyVersion *int    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       *string `pulumi:"project"`
}

type LookupClientTlsPolicyIamPolicyOutputArgs 

type LookupClientTlsPolicyIamPolicyOutputArgs struct {
	ClientTlsPolicyId             pulumi.StringInput    `pulumi:"clientTlsPolicyId"`
	Location                      pulumi.StringInput    `pulumi:"location"`
	OptionsRequestedPolicyVersion pulumi.IntPtrInput    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupClientTlsPolicyIamPolicyOutputArgs) ElementType 

func (LookupClientTlsPolicyIamPolicyOutputArgs) ElementType() reflect.Type

type LookupClientTlsPolicyIamPolicyResult 

type LookupClientTlsPolicyIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []GoogleIamV1AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []GoogleIamV1BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupClientTlsPolicyIamPolicy 

func LookupClientTlsPolicyIamPolicy(ctx *pulumi.Context, args *LookupClientTlsPolicyIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupClientTlsPolicyIamPolicyResult, error)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

type LookupClientTlsPolicyIamPolicyResultOutput 

type LookupClientTlsPolicyIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupClientTlsPolicyIamPolicyOutput 

func LookupClientTlsPolicyIamPolicyOutput(ctx *pulumi.Context, args LookupClientTlsPolicyIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupClientTlsPolicyIamPolicyResultOutput

func (LookupClientTlsPolicyIamPolicyResultOutput) AuditConfigs 

func (o LookupClientTlsPolicyIamPolicyResultOutput) AuditConfigs() GoogleIamV1AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupClientTlsPolicyIamPolicyResultOutput) Bindings 

func (o LookupClientTlsPolicyIamPolicyResultOutput) Bindings() GoogleIamV1BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupClientTlsPolicyIamPolicyResultOutput) ElementType 

func (LookupClientTlsPolicyIamPolicyResultOutput) ElementType() reflect.Type

func (LookupClientTlsPolicyIamPolicyResultOutput) Etag 

func (o LookupClientTlsPolicyIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupClientTlsPolicyIamPolicyResultOutput) ToLookupClientTlsPolicyIamPolicyResultOutput 

func (o LookupClientTlsPolicyIamPolicyResultOutput) ToLookupClientTlsPolicyIamPolicyResultOutput() LookupClientTlsPolicyIamPolicyResultOutput

func (LookupClientTlsPolicyIamPolicyResultOutput) ToLookupClientTlsPolicyIamPolicyResultOutputWithContext 

func (o LookupClientTlsPolicyIamPolicyResultOutput) ToLookupClientTlsPolicyIamPolicyResultOutputWithContext(ctx context.Context) LookupClientTlsPolicyIamPolicyResultOutput

func (LookupClientTlsPolicyIamPolicyResultOutput) Version 

func (o LookupClientTlsPolicyIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupClientTlsPolicyOutputArgs 

type LookupClientTlsPolicyOutputArgs struct {
	ClientTlsPolicyId pulumi.StringInput    `pulumi:"clientTlsPolicyId"`
	Location          pulumi.StringInput    `pulumi:"location"`
	Project           pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupClientTlsPolicyOutputArgs) ElementType 

func (LookupClientTlsPolicyOutputArgs) ElementType() reflect.Type

type LookupClientTlsPolicyResult 

type LookupClientTlsPolicyResult struct {
	// Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
	ClientCertificate GoogleCloudNetworksecurityV1CertificateProviderResponse `pulumi:"clientCertificate"`
	// The timestamp when the resource was created.
	CreateTime string `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description string `pulumi:"description"`
	// Optional. Set of label tags associated with the resource.
	Labels map[string]string `pulumi:"labels"`
	// Name of the ClientTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}`
	Name string `pulumi:"name"`
	// Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
	ServerValidationCa []ValidationCAResponse `pulumi:"serverValidationCa"`
	// Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
	Sni string `pulumi:"sni"`
	// The timestamp when the resource was updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupClientTlsPolicy 

func LookupClientTlsPolicy(ctx *pulumi.Context, args *LookupClientTlsPolicyArgs, opts ...pulumi.InvokeOption) (*LookupClientTlsPolicyResult, error)

Gets details of a single ClientTlsPolicy.

type LookupClientTlsPolicyResultOutput 

type LookupClientTlsPolicyResultOutput struct{ *pulumi.OutputState }

func LookupClientTlsPolicyOutput 

func LookupClientTlsPolicyOutput(ctx *pulumi.Context, args LookupClientTlsPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupClientTlsPolicyResultOutput

func (LookupClientTlsPolicyResultOutput) ClientCertificate 

func (o LookupClientTlsPolicyResultOutput) ClientCertificate() GoogleCloudNetworksecurityV1CertificateProviderResponseOutput

Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

func (LookupClientTlsPolicyResultOutput) CreateTime 

func (o LookupClientTlsPolicyResultOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (LookupClientTlsPolicyResultOutput) Description 

func (o LookupClientTlsPolicyResultOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (LookupClientTlsPolicyResultOutput) ElementType 

func (LookupClientTlsPolicyResultOutput) ElementType() reflect.Type

func (LookupClientTlsPolicyResultOutput) Labels 

func (o LookupClientTlsPolicyResultOutput) Labels() pulumi.StringMapOutput

Optional. Set of label tags associated with the resource.

func (LookupClientTlsPolicyResultOutput) Name 

func (o LookupClientTlsPolicyResultOutput) Name() pulumi.StringOutput

Name of the ClientTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}`

func (LookupClientTlsPolicyResultOutput) ServerValidationCa 

func (o LookupClientTlsPolicyResultOutput) ServerValidationCa() ValidationCAResponseArrayOutput

Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

func (LookupClientTlsPolicyResultOutput) Sni 

func (o LookupClientTlsPolicyResultOutput) Sni() pulumi.StringOutput

Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

func (LookupClientTlsPolicyResultOutput) ToLookupClientTlsPolicyResultOutput 

func (o LookupClientTlsPolicyResultOutput) ToLookupClientTlsPolicyResultOutput() LookupClientTlsPolicyResultOutput

func (LookupClientTlsPolicyResultOutput) ToLookupClientTlsPolicyResultOutputWithContext 

func (o LookupClientTlsPolicyResultOutput) ToLookupClientTlsPolicyResultOutputWithContext(ctx context.Context) LookupClientTlsPolicyResultOutput

func (LookupClientTlsPolicyResultOutput) UpdateTime 

func (o LookupClientTlsPolicyResultOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type LookupGatewaySecurityPolicyArgs added in v0.31.1 

type LookupGatewaySecurityPolicyArgs struct {
	GatewaySecurityPolicyId string  `pulumi:"gatewaySecurityPolicyId"`
	Location                string  `pulumi:"location"`
	Project                 *string `pulumi:"project"`
}

type LookupGatewaySecurityPolicyOutputArgs added in v0.31.1 

type LookupGatewaySecurityPolicyOutputArgs struct {
	GatewaySecurityPolicyId pulumi.StringInput    `pulumi:"gatewaySecurityPolicyId"`
	Location                pulumi.StringInput    `pulumi:"location"`
	Project                 pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupGatewaySecurityPolicyOutputArgs) ElementType added in v0.31.1 

func (LookupGatewaySecurityPolicyOutputArgs) ElementType() reflect.Type

type LookupGatewaySecurityPolicyResult added in v0.31.1 

type LookupGatewaySecurityPolicyResult struct {
	// The timestamp when the resource was created.
	CreateTime string `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description string `pulumi:"description"`
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy} gateway_security_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name string `pulumi:"name"`
	// Optional. Name of a TLS Inspection Policy resource that defines how TLS inspection will be performed for any rule(s) which enables it.
	TlsInspectionPolicy string `pulumi:"tlsInspectionPolicy"`
	// The timestamp when the resource was updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupGatewaySecurityPolicy added in v0.31.1 

func LookupGatewaySecurityPolicy(ctx *pulumi.Context, args *LookupGatewaySecurityPolicyArgs, opts ...pulumi.InvokeOption) (*LookupGatewaySecurityPolicyResult, error)

Gets details of a single GatewaySecurityPolicy.

type LookupGatewaySecurityPolicyResultOutput added in v0.31.1 

type LookupGatewaySecurityPolicyResultOutput struct{ *pulumi.OutputState }

func LookupGatewaySecurityPolicyOutput added in v0.31.1 

func LookupGatewaySecurityPolicyOutput(ctx *pulumi.Context, args LookupGatewaySecurityPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupGatewaySecurityPolicyResultOutput

func (LookupGatewaySecurityPolicyResultOutput) CreateTime added in v0.31.1 

func (o LookupGatewaySecurityPolicyResultOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (LookupGatewaySecurityPolicyResultOutput) Description added in v0.31.1 

func (o LookupGatewaySecurityPolicyResultOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (LookupGatewaySecurityPolicyResultOutput) ElementType added in v0.31.1 

func (LookupGatewaySecurityPolicyResultOutput) ElementType() reflect.Type

func (LookupGatewaySecurityPolicyResultOutput) Name added in v0.31.1 

func (o LookupGatewaySecurityPolicyResultOutput) Name() pulumi.StringOutput

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy} gateway_security_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).

func (LookupGatewaySecurityPolicyResultOutput) TlsInspectionPolicy added in v0.31.1 

func (o LookupGatewaySecurityPolicyResultOutput) TlsInspectionPolicy() pulumi.StringOutput

Optional. Name of a TLS Inspection Policy resource that defines how TLS inspection will be performed for any rule(s) which enables it.

func (LookupGatewaySecurityPolicyResultOutput) ToLookupGatewaySecurityPolicyResultOutput added in v0.31.1 

func (o LookupGatewaySecurityPolicyResultOutput) ToLookupGatewaySecurityPolicyResultOutput() LookupGatewaySecurityPolicyResultOutput

func (LookupGatewaySecurityPolicyResultOutput) ToLookupGatewaySecurityPolicyResultOutputWithContext added in v0.31.1 

func (o LookupGatewaySecurityPolicyResultOutput) ToLookupGatewaySecurityPolicyResultOutputWithContext(ctx context.Context) LookupGatewaySecurityPolicyResultOutput

func (LookupGatewaySecurityPolicyResultOutput) UpdateTime added in v0.31.1 

func (o LookupGatewaySecurityPolicyResultOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type LookupOrganizationAddressGroupArgs added in v0.32.0 

type LookupOrganizationAddressGroupArgs struct {
	AddressGroupId string `pulumi:"addressGroupId"`
	Location       string `pulumi:"location"`
	OrganizationId string `pulumi:"organizationId"`
}

type LookupOrganizationAddressGroupOutputArgs added in v0.32.0 

type LookupOrganizationAddressGroupOutputArgs struct {
	AddressGroupId pulumi.StringInput `pulumi:"addressGroupId"`
	Location       pulumi.StringInput `pulumi:"location"`
	OrganizationId pulumi.StringInput `pulumi:"organizationId"`
}

func (LookupOrganizationAddressGroupOutputArgs) ElementType added in v0.32.0 

func (LookupOrganizationAddressGroupOutputArgs) ElementType() reflect.Type

type LookupOrganizationAddressGroupResult added in v0.32.0 

type LookupOrganizationAddressGroupResult struct {
	// Capacity of the Address Group
	Capacity int `pulumi:"capacity"`
	// The timestamp when the resource was created.
	CreateTime string `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description string `pulumi:"description"`
	// Optional. List of items.
	Items []string `pulumi:"items"`
	// Optional. Set of label tags associated with the AddressGroup resource.
	Labels map[string]string `pulumi:"labels"`
	// Name of the AddressGroup resource. It matches pattern `projects/*/locations/{location}/addressGroups/`.
	Name string `pulumi:"name"`
	// Server-defined fully-qualified URL for this resource.
	SelfLink string `pulumi:"selfLink"`
	// The type of the Address Group. Possible values are "IPv4" or "IPV6".
	Type string `pulumi:"type"`
	// The timestamp when the resource was updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupOrganizationAddressGroup added in v0.32.0 

func LookupOrganizationAddressGroup(ctx *pulumi.Context, args *LookupOrganizationAddressGroupArgs, opts ...pulumi.InvokeOption) (*LookupOrganizationAddressGroupResult, error)

Gets details of a single address group.

type LookupOrganizationAddressGroupResultOutput added in v0.32.0 

type LookupOrganizationAddressGroupResultOutput struct{ *pulumi.OutputState }

func LookupOrganizationAddressGroupOutput added in v0.32.0 

func LookupOrganizationAddressGroupOutput(ctx *pulumi.Context, args LookupOrganizationAddressGroupOutputArgs, opts ...pulumi.InvokeOption) LookupOrganizationAddressGroupResultOutput

func (LookupOrganizationAddressGroupResultOutput) Capacity added in v0.32.0 

func (o LookupOrganizationAddressGroupResultOutput) Capacity() pulumi.IntOutput

Capacity of the Address Group

func (LookupOrganizationAddressGroupResultOutput) CreateTime added in v0.32.0 

func (o LookupOrganizationAddressGroupResultOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (LookupOrganizationAddressGroupResultOutput) Description added in v0.32.0 

func (o LookupOrganizationAddressGroupResultOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (LookupOrganizationAddressGroupResultOutput) ElementType added in v0.32.0 

func (LookupOrganizationAddressGroupResultOutput) ElementType() reflect.Type

func (LookupOrganizationAddressGroupResultOutput) Items added in v0.32.0 

func (o LookupOrganizationAddressGroupResultOutput) Items() pulumi.StringArrayOutput

Optional. List of items.

func (LookupOrganizationAddressGroupResultOutput) Labels added in v0.32.0 

func (o LookupOrganizationAddressGroupResultOutput) Labels() pulumi.StringMapOutput

Optional. Set of label tags associated with the AddressGroup resource.

func (LookupOrganizationAddressGroupResultOutput) Name added in v0.32.0 

func (o LookupOrganizationAddressGroupResultOutput) Name() pulumi.StringOutput

Name of the AddressGroup resource. It matches pattern `projects/*/locations/{location}/addressGroups/`. 

func (o LookupOrganizationAddressGroupResultOutput) SelfLink() pulumi.StringOutput

Server-defined fully-qualified URL for this resource.

func (LookupOrganizationAddressGroupResultOutput) ToLookupOrganizationAddressGroupResultOutput added in v0.32.0 

func (o LookupOrganizationAddressGroupResultOutput) ToLookupOrganizationAddressGroupResultOutput() LookupOrganizationAddressGroupResultOutput

func (LookupOrganizationAddressGroupResultOutput) ToLookupOrganizationAddressGroupResultOutputWithContext added in v0.32.0 

func (o LookupOrganizationAddressGroupResultOutput) ToLookupOrganizationAddressGroupResultOutputWithContext(ctx context.Context) LookupOrganizationAddressGroupResultOutput

func (LookupOrganizationAddressGroupResultOutput) Type added in v0.32.0 

func (o LookupOrganizationAddressGroupResultOutput) Type() pulumi.StringOutput

The type of the Address Group. Possible values are "IPv4" or "IPV6".

func (LookupOrganizationAddressGroupResultOutput) UpdateTime added in v0.32.0 

func (o LookupOrganizationAddressGroupResultOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type LookupRuleArgs added in v0.31.1 

type LookupRuleArgs struct {
	GatewaySecurityPolicyId string  `pulumi:"gatewaySecurityPolicyId"`
	Location                string  `pulumi:"location"`
	Project                 *string `pulumi:"project"`
	RuleId                  string  `pulumi:"ruleId"`
}

type LookupRuleOutputArgs added in v0.31.1 

type LookupRuleOutputArgs struct {
	GatewaySecurityPolicyId pulumi.StringInput    `pulumi:"gatewaySecurityPolicyId"`
	Location                pulumi.StringInput    `pulumi:"location"`
	Project                 pulumi.StringPtrInput `pulumi:"project"`
	RuleId                  pulumi.StringInput    `pulumi:"ruleId"`
}

func (LookupRuleOutputArgs) ElementType added in v0.31.1 

func (LookupRuleOutputArgs) ElementType() reflect.Type

type LookupRuleResult added in v0.31.1 

type LookupRuleResult struct {
	// Optional. CEL expression for matching on L7/application level criteria.
	ApplicationMatcher string `pulumi:"applicationMatcher"`
	// Profile which tells what the primitive action should be.
	BasicProfile string `pulumi:"basicProfile"`
	// Time when the rule was created.
	CreateTime string `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description string `pulumi:"description"`
	// Whether the rule is enforced.
	Enabled bool `pulumi:"enabled"`
	// Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name string `pulumi:"name"`
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority int `pulumi:"priority"`
	// CEL expression for matching on session criteria.
	SessionMatcher string `pulumi:"sessionMatcher"`
	// Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled bool `pulumi:"tlsInspectionEnabled"`
	// Time when the rule was updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupRule added in v0.31.1 

func LookupRule(ctx *pulumi.Context, args *LookupRuleArgs, opts ...pulumi.InvokeOption) (*LookupRuleResult, error)

Gets details of a single GatewaySecurityPolicyRule.

type LookupRuleResultOutput added in v0.31.1 

type LookupRuleResultOutput struct{ *pulumi.OutputState }

func LookupRuleOutput added in v0.31.1 

func LookupRuleOutput(ctx *pulumi.Context, args LookupRuleOutputArgs, opts ...pulumi.InvokeOption) LookupRuleResultOutput

func (LookupRuleResultOutput) ApplicationMatcher added in v0.31.1 

func (o LookupRuleResultOutput) ApplicationMatcher() pulumi.StringOutput

Optional. CEL expression for matching on L7/application level criteria.

func (LookupRuleResultOutput) BasicProfile added in v0.31.1 

func (o LookupRuleResultOutput) BasicProfile() pulumi.StringOutput

Profile which tells what the primitive action should be.

func (LookupRuleResultOutput) CreateTime added in v0.31.1 

func (o LookupRuleResultOutput) CreateTime() pulumi.StringOutput

Time when the rule was created.

func (LookupRuleResultOutput) Description added in v0.31.1 

func (o LookupRuleResultOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (LookupRuleResultOutput) ElementType added in v0.31.1 

func (LookupRuleResultOutput) ElementType() reflect.Type

func (LookupRuleResultOutput) Enabled added in v0.31.1 

func (o LookupRuleResultOutput) Enabled() pulumi.BoolOutput

Whether the rule is enforced.

func (LookupRuleResultOutput) Name added in v0.31.1 

func (o LookupRuleResultOutput) Name() pulumi.StringOutput

Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).

func (LookupRuleResultOutput) Priority added in v0.31.1 

func (o LookupRuleResultOutput) Priority() pulumi.IntOutput

Priority of the rule. Lower number corresponds to higher precedence.

func (LookupRuleResultOutput) SessionMatcher added in v0.31.1 

func (o LookupRuleResultOutput) SessionMatcher() pulumi.StringOutput

CEL expression for matching on session criteria.

func (LookupRuleResultOutput) TlsInspectionEnabled added in v0.31.1 

func (o LookupRuleResultOutput) TlsInspectionEnabled() pulumi.BoolOutput

Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

func (LookupRuleResultOutput) ToLookupRuleResultOutput added in v0.31.1 

func (o LookupRuleResultOutput) ToLookupRuleResultOutput() LookupRuleResultOutput

func (LookupRuleResultOutput) ToLookupRuleResultOutputWithContext added in v0.31.1 

func (o LookupRuleResultOutput) ToLookupRuleResultOutputWithContext(ctx context.Context) LookupRuleResultOutput

func (LookupRuleResultOutput) UpdateTime added in v0.31.1 

func (o LookupRuleResultOutput) UpdateTime() pulumi.StringOutput

Time when the rule was updated.

type LookupServerTlsPolicyArgs 

type LookupServerTlsPolicyArgs struct {
	Location          string  `pulumi:"location"`
	Project           *string `pulumi:"project"`
	ServerTlsPolicyId string  `pulumi:"serverTlsPolicyId"`
}

type LookupServerTlsPolicyIamPolicyArgs 

type LookupServerTlsPolicyIamPolicyArgs struct {
	Location                      string  `pulumi:"location"`
	OptionsRequestedPolicyVersion *int    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       *string `pulumi:"project"`
	ServerTlsPolicyId             string  `pulumi:"serverTlsPolicyId"`
}

type LookupServerTlsPolicyIamPolicyOutputArgs 

type LookupServerTlsPolicyIamPolicyOutputArgs struct {
	Location                      pulumi.StringInput    `pulumi:"location"`
	OptionsRequestedPolicyVersion pulumi.IntPtrInput    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       pulumi.StringPtrInput `pulumi:"project"`
	ServerTlsPolicyId             pulumi.StringInput    `pulumi:"serverTlsPolicyId"`
}

func (LookupServerTlsPolicyIamPolicyOutputArgs) ElementType 

func (LookupServerTlsPolicyIamPolicyOutputArgs) ElementType() reflect.Type

type LookupServerTlsPolicyIamPolicyResult 

type LookupServerTlsPolicyIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []GoogleIamV1AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []GoogleIamV1BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupServerTlsPolicyIamPolicy 

func LookupServerTlsPolicyIamPolicy(ctx *pulumi.Context, args *LookupServerTlsPolicyIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupServerTlsPolicyIamPolicyResult, error)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

type LookupServerTlsPolicyIamPolicyResultOutput 

type LookupServerTlsPolicyIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupServerTlsPolicyIamPolicyOutput 

func LookupServerTlsPolicyIamPolicyOutput(ctx *pulumi.Context, args LookupServerTlsPolicyIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupServerTlsPolicyIamPolicyResultOutput

func (LookupServerTlsPolicyIamPolicyResultOutput) AuditConfigs 

func (o LookupServerTlsPolicyIamPolicyResultOutput) AuditConfigs() GoogleIamV1AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupServerTlsPolicyIamPolicyResultOutput) Bindings 

func (o LookupServerTlsPolicyIamPolicyResultOutput) Bindings() GoogleIamV1BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupServerTlsPolicyIamPolicyResultOutput) ElementType 

func (LookupServerTlsPolicyIamPolicyResultOutput) ElementType() reflect.Type

func (LookupServerTlsPolicyIamPolicyResultOutput) Etag 

func (o LookupServerTlsPolicyIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupServerTlsPolicyIamPolicyResultOutput) ToLookupServerTlsPolicyIamPolicyResultOutput 

func (o LookupServerTlsPolicyIamPolicyResultOutput) ToLookupServerTlsPolicyIamPolicyResultOutput() LookupServerTlsPolicyIamPolicyResultOutput

func (LookupServerTlsPolicyIamPolicyResultOutput) ToLookupServerTlsPolicyIamPolicyResultOutputWithContext 

func (o LookupServerTlsPolicyIamPolicyResultOutput) ToLookupServerTlsPolicyIamPolicyResultOutputWithContext(ctx context.Context) LookupServerTlsPolicyIamPolicyResultOutput

func (LookupServerTlsPolicyIamPolicyResultOutput) Version 

func (o LookupServerTlsPolicyIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupServerTlsPolicyOutputArgs 

type LookupServerTlsPolicyOutputArgs struct {
	Location          pulumi.StringInput    `pulumi:"location"`
	Project           pulumi.StringPtrInput `pulumi:"project"`
	ServerTlsPolicyId pulumi.StringInput    `pulumi:"serverTlsPolicyId"`
}

func (LookupServerTlsPolicyOutputArgs) ElementType 

func (LookupServerTlsPolicyOutputArgs) ElementType() reflect.Type

type LookupServerTlsPolicyResult 

type LookupServerTlsPolicyResult struct {
	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies. Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if `allow_open` and `mtls_policy` are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility. Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen bool `pulumi:"allowOpen"`
	// The timestamp when the resource was created.
	CreateTime string `pulumi:"createTime"`
	// Free-text description of the resource.
	Description string `pulumi:"description"`
	// Set of label tags associated with the resource.
	Labels map[string]string `pulumi:"labels"`
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director. Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain text and mTLS connections.
	MtlsPolicy MTLSPolicyResponse `pulumi:"mtlsPolicy"`
	// Name of the ServerTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/serverTlsPolicies/{server_tls_policy}`
	Name string `pulumi:"name"`
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with `allow_open` as a permissive mode that allows both plain text and TLS is not supported.
	ServerCertificate GoogleCloudNetworksecurityV1CertificateProviderResponse `pulumi:"serverCertificate"`
	// The timestamp when the resource was updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupServerTlsPolicy 

func LookupServerTlsPolicy(ctx *pulumi.Context, args *LookupServerTlsPolicyArgs, opts ...pulumi.InvokeOption) (*LookupServerTlsPolicyResult, error)

Gets details of a single ServerTlsPolicy.

type LookupServerTlsPolicyResultOutput 

type LookupServerTlsPolicyResultOutput struct{ *pulumi.OutputState }

func LookupServerTlsPolicyOutput 

func LookupServerTlsPolicyOutput(ctx *pulumi.Context, args LookupServerTlsPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupServerTlsPolicyResultOutput

func (LookupServerTlsPolicyResultOutput) AllowOpen 

func (o LookupServerTlsPolicyResultOutput) AllowOpen() pulumi.BoolOutput

This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies. Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if `allow_open` and `mtls_policy` are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility. Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.

func (LookupServerTlsPolicyResultOutput) CreateTime 

func (o LookupServerTlsPolicyResultOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (LookupServerTlsPolicyResultOutput) Description 

func (o LookupServerTlsPolicyResultOutput) Description() pulumi.StringOutput

Free-text description of the resource.

func (LookupServerTlsPolicyResultOutput) ElementType 

func (LookupServerTlsPolicyResultOutput) ElementType() reflect.Type

func (LookupServerTlsPolicyResultOutput) Labels 

func (o LookupServerTlsPolicyResultOutput) Labels() pulumi.StringMapOutput

Set of label tags associated with the resource.

func (LookupServerTlsPolicyResultOutput) MtlsPolicy 

func (o LookupServerTlsPolicyResultOutput) MtlsPolicy() MTLSPolicyResponseOutput

This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director. Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain text and mTLS connections.

func (LookupServerTlsPolicyResultOutput) Name 

func (o LookupServerTlsPolicyResultOutput) Name() pulumi.StringOutput

Name of the ServerTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/serverTlsPolicies/{server_tls_policy}`

func (LookupServerTlsPolicyResultOutput) ServerCertificate 

func (o LookupServerTlsPolicyResultOutput) ServerCertificate() GoogleCloudNetworksecurityV1CertificateProviderResponseOutput

Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with `allow_open` as a permissive mode that allows both plain text and TLS is not supported.

func (LookupServerTlsPolicyResultOutput) ToLookupServerTlsPolicyResultOutput 

func (o LookupServerTlsPolicyResultOutput) ToLookupServerTlsPolicyResultOutput() LookupServerTlsPolicyResultOutput

func (LookupServerTlsPolicyResultOutput) ToLookupServerTlsPolicyResultOutputWithContext 

func (o LookupServerTlsPolicyResultOutput) ToLookupServerTlsPolicyResultOutputWithContext(ctx context.Context) LookupServerTlsPolicyResultOutput

func (LookupServerTlsPolicyResultOutput) UpdateTime 

func (o LookupServerTlsPolicyResultOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type LookupTlsInspectionPolicyArgs added in v0.31.1 

type LookupTlsInspectionPolicyArgs struct {
	Location              string  `pulumi:"location"`
	Project               *string `pulumi:"project"`
	TlsInspectionPolicyId string  `pulumi:"tlsInspectionPolicyId"`
}

type LookupTlsInspectionPolicyOutputArgs added in v0.31.1 

type LookupTlsInspectionPolicyOutputArgs struct {
	Location              pulumi.StringInput    `pulumi:"location"`
	Project               pulumi.StringPtrInput `pulumi:"project"`
	TlsInspectionPolicyId pulumi.StringInput    `pulumi:"tlsInspectionPolicyId"`
}

func (LookupTlsInspectionPolicyOutputArgs) ElementType added in v0.31.1 

func (LookupTlsInspectionPolicyOutputArgs) ElementType() reflect.Type

type LookupTlsInspectionPolicyResult added in v0.31.1 

type LookupTlsInspectionPolicyResult struct {
	// A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".
	CaPool string `pulumi:"caPool"`
	// The timestamp when the resource was created.
	CreateTime string `pulumi:"createTime"`
	// Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
	CustomTlsFeatures []string `pulumi:"customTlsFeatures"`
	// Optional. Free-text description of the resource.
	Description string `pulumi:"description"`
	// Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is *not recommended* unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.
	ExcludePublicCaSet bool `pulumi:"excludePublicCaSet"`
	// Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	MinTlsVersion string `pulumi:"minTlsVersion"`
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name string `pulumi:"name"`
	// Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	TlsFeatureProfile string `pulumi:"tlsFeatureProfile"`
	// Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.
	TrustConfig string `pulumi:"trustConfig"`
	// The timestamp when the resource was updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupTlsInspectionPolicy added in v0.31.1 

func LookupTlsInspectionPolicy(ctx *pulumi.Context, args *LookupTlsInspectionPolicyArgs, opts ...pulumi.InvokeOption) (*LookupTlsInspectionPolicyResult, error)

Gets details of a single TlsInspectionPolicy.

type LookupTlsInspectionPolicyResultOutput added in v0.31.1 

type LookupTlsInspectionPolicyResultOutput struct{ *pulumi.OutputState }

func LookupTlsInspectionPolicyOutput added in v0.31.1 

func LookupTlsInspectionPolicyOutput(ctx *pulumi.Context, args LookupTlsInspectionPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupTlsInspectionPolicyResultOutput

func (LookupTlsInspectionPolicyResultOutput) CaPool added in v0.31.1 

func (o LookupTlsInspectionPolicyResultOutput) CaPool() pulumi.StringOutput

A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".

func (LookupTlsInspectionPolicyResultOutput) CreateTime added in v0.31.1 

func (o LookupTlsInspectionPolicyResultOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (LookupTlsInspectionPolicyResultOutput) CustomTlsFeatures added in v0.32.0 

func (o LookupTlsInspectionPolicyResultOutput) CustomTlsFeatures() pulumi.StringArrayOutput

Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.

func (LookupTlsInspectionPolicyResultOutput) Description added in v0.31.1 

func (o LookupTlsInspectionPolicyResultOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (LookupTlsInspectionPolicyResultOutput) ElementType added in v0.31.1 

func (LookupTlsInspectionPolicyResultOutput) ElementType() reflect.Type

func (LookupTlsInspectionPolicyResultOutput) ExcludePublicCaSet added in v0.32.0 

func (o LookupTlsInspectionPolicyResultOutput) ExcludePublicCaSet() pulumi.BoolOutput

Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is *not recommended* unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.

func (LookupTlsInspectionPolicyResultOutput) MinTlsVersion added in v0.32.0 

func (o LookupTlsInspectionPolicyResultOutput) MinTlsVersion() pulumi.StringOutput

Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.

func (LookupTlsInspectionPolicyResultOutput) Name added in v0.31.1 

func (o LookupTlsInspectionPolicyResultOutput) Name() pulumi.StringOutput

Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).

func (LookupTlsInspectionPolicyResultOutput) TlsFeatureProfile added in v0.32.0 

func (o LookupTlsInspectionPolicyResultOutput) TlsFeatureProfile() pulumi.StringOutput

Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.

func (LookupTlsInspectionPolicyResultOutput) ToLookupTlsInspectionPolicyResultOutput added in v0.31.1 

func (o LookupTlsInspectionPolicyResultOutput) ToLookupTlsInspectionPolicyResultOutput() LookupTlsInspectionPolicyResultOutput

func (LookupTlsInspectionPolicyResultOutput) ToLookupTlsInspectionPolicyResultOutputWithContext added in v0.31.1 

func (o LookupTlsInspectionPolicyResultOutput) ToLookupTlsInspectionPolicyResultOutputWithContext(ctx context.Context) LookupTlsInspectionPolicyResultOutput

func (LookupTlsInspectionPolicyResultOutput) TrustConfig added in v0.32.0 

func (o LookupTlsInspectionPolicyResultOutput) TrustConfig() pulumi.StringOutput

Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.

func (LookupTlsInspectionPolicyResultOutput) UpdateTime added in v0.31.1 

func (o LookupTlsInspectionPolicyResultOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type LookupUrlListArgs added in v0.31.1 

type LookupUrlListArgs struct {
	Location  string  `pulumi:"location"`
	Project   *string `pulumi:"project"`
	UrlListId string  `pulumi:"urlListId"`
}

type LookupUrlListOutputArgs added in v0.31.1 

type LookupUrlListOutputArgs struct {
	Location  pulumi.StringInput    `pulumi:"location"`
	Project   pulumi.StringPtrInput `pulumi:"project"`
	UrlListId pulumi.StringInput    `pulumi:"urlListId"`
}

func (LookupUrlListOutputArgs) ElementType added in v0.31.1 

func (LookupUrlListOutputArgs) ElementType() reflect.Type

type LookupUrlListResult added in v0.31.1 

type LookupUrlListResult struct {
	// Time when the security policy was created.
	CreateTime string `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description string `pulumi:"description"`
	// Name of the resource provided by the user. Name is of the form projects/{project}/locations/{location}/urlLists/{url_list} url_list should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name string `pulumi:"name"`
	// Time when the security policy was updated.
	UpdateTime string `pulumi:"updateTime"`
	// FQDNs and URLs.
	Values []string `pulumi:"values"`
}

func LookupUrlList added in v0.31.1 

func LookupUrlList(ctx *pulumi.Context, args *LookupUrlListArgs, opts ...pulumi.InvokeOption) (*LookupUrlListResult, error)

Gets details of a single UrlList.

type LookupUrlListResultOutput added in v0.31.1 

type LookupUrlListResultOutput struct{ *pulumi.OutputState }

func LookupUrlListOutput added in v0.31.1 

func LookupUrlListOutput(ctx *pulumi.Context, args LookupUrlListOutputArgs, opts ...pulumi.InvokeOption) LookupUrlListResultOutput

func (LookupUrlListResultOutput) CreateTime added in v0.31.1 

func (o LookupUrlListResultOutput) CreateTime() pulumi.StringOutput

Time when the security policy was created.

func (LookupUrlListResultOutput) Description added in v0.31.1 

func (o LookupUrlListResultOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (LookupUrlListResultOutput) ElementType added in v0.31.1 

func (LookupUrlListResultOutput) ElementType() reflect.Type

func (LookupUrlListResultOutput) Name added in v0.31.1 

func (o LookupUrlListResultOutput) Name() pulumi.StringOutput

Name of the resource provided by the user. Name is of the form projects/{project}/locations/{location}/urlLists/{url_list} url_list should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).

func (LookupUrlListResultOutput) ToLookupUrlListResultOutput added in v0.31.1 

func (o LookupUrlListResultOutput) ToLookupUrlListResultOutput() LookupUrlListResultOutput

func (LookupUrlListResultOutput) ToLookupUrlListResultOutputWithContext added in v0.31.1 

func (o LookupUrlListResultOutput) ToLookupUrlListResultOutputWithContext(ctx context.Context) LookupUrlListResultOutput

func (LookupUrlListResultOutput) UpdateTime added in v0.31.1 

func (o LookupUrlListResultOutput) UpdateTime() pulumi.StringOutput

Time when the security policy was updated.

func (LookupUrlListResultOutput) Values added in v0.31.1 

func (o LookupUrlListResultOutput) Values() pulumi.StringArrayOutput

FQDNs and URLs.

type MTLSPolicy 

type MTLSPolicy struct {
	// Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.
	ClientValidationCa []ValidationCA `pulumi:"clientValidationCa"`
	// When the client presents an invalid certificate or no certificate to the load balancer, the `client_validation_mode` specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.
	ClientValidationMode *MTLSPolicyClientValidationMode `pulumi:"clientValidationMode"`
	// Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.
	ClientValidationTrustConfig *string `pulumi:"clientValidationTrustConfig"`
}

Specification of the MTLSPolicy.

type MTLSPolicyArgs 

type MTLSPolicyArgs struct {
	// Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.
	ClientValidationCa ValidationCAArrayInput `pulumi:"clientValidationCa"`
	// When the client presents an invalid certificate or no certificate to the load balancer, the `client_validation_mode` specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.
	ClientValidationMode MTLSPolicyClientValidationModePtrInput `pulumi:"clientValidationMode"`
	// Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.
	ClientValidationTrustConfig pulumi.StringPtrInput `pulumi:"clientValidationTrustConfig"`
}

Specification of the MTLSPolicy.

func (MTLSPolicyArgs) ElementType 

func (MTLSPolicyArgs) ElementType() reflect.Type

func (MTLSPolicyArgs) ToMTLSPolicyOutput 

func (i MTLSPolicyArgs) ToMTLSPolicyOutput() MTLSPolicyOutput

func (MTLSPolicyArgs) ToMTLSPolicyOutputWithContext 

func (i MTLSPolicyArgs) ToMTLSPolicyOutputWithContext(ctx context.Context) MTLSPolicyOutput

func (MTLSPolicyArgs) ToMTLSPolicyPtrOutput 

func (i MTLSPolicyArgs) ToMTLSPolicyPtrOutput() MTLSPolicyPtrOutput

func (MTLSPolicyArgs) ToMTLSPolicyPtrOutputWithContext 

func (i MTLSPolicyArgs) ToMTLSPolicyPtrOutputWithContext(ctx context.Context) MTLSPolicyPtrOutput

type MTLSPolicyClientValidationMode added in v0.31.1 

type MTLSPolicyClientValidationMode string

When the client presents an invalid certificate or no certificate to the load balancer, the `client_validation_mode` specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.

func (MTLSPolicyClientValidationMode) ElementType added in v0.31.1 

func (MTLSPolicyClientValidationMode) ElementType() reflect.Type

func (MTLSPolicyClientValidationMode) ToMTLSPolicyClientValidationModeOutput added in v0.31.1 

func (e MTLSPolicyClientValidationMode) ToMTLSPolicyClientValidationModeOutput() MTLSPolicyClientValidationModeOutput

func (MTLSPolicyClientValidationMode) ToMTLSPolicyClientValidationModeOutputWithContext added in v0.31.1 

func (e MTLSPolicyClientValidationMode) ToMTLSPolicyClientValidationModeOutputWithContext(ctx context.Context) MTLSPolicyClientValidationModeOutput

func (MTLSPolicyClientValidationMode) ToMTLSPolicyClientValidationModePtrOutput added in v0.31.1 

func (e MTLSPolicyClientValidationMode) ToMTLSPolicyClientValidationModePtrOutput() MTLSPolicyClientValidationModePtrOutput

func (MTLSPolicyClientValidationMode) ToMTLSPolicyClientValidationModePtrOutputWithContext added in v0.31.1 

func (e MTLSPolicyClientValidationMode) ToMTLSPolicyClientValidationModePtrOutputWithContext(ctx context.Context) MTLSPolicyClientValidationModePtrOutput

func (MTLSPolicyClientValidationMode) ToStringOutput added in v0.31.1 

func (e MTLSPolicyClientValidationMode) ToStringOutput() pulumi.StringOutput

func (MTLSPolicyClientValidationMode) ToStringOutputWithContext added in v0.31.1 

func (e MTLSPolicyClientValidationMode) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (MTLSPolicyClientValidationMode) ToStringPtrOutput added in v0.31.1 

func (e MTLSPolicyClientValidationMode) ToStringPtrOutput() pulumi.StringPtrOutput

func (MTLSPolicyClientValidationMode) ToStringPtrOutputWithContext added in v0.31.1 

func (e MTLSPolicyClientValidationMode) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type MTLSPolicyClientValidationModeInput added in v0.31.1 

type MTLSPolicyClientValidationModeInput interface {
	pulumi.Input

	ToMTLSPolicyClientValidationModeOutput() MTLSPolicyClientValidationModeOutput
	ToMTLSPolicyClientValidationModeOutputWithContext(context.Context) MTLSPolicyClientValidationModeOutput
}

MTLSPolicyClientValidationModeInput is an input type that accepts MTLSPolicyClientValidationModeArgs and MTLSPolicyClientValidationModeOutput values. You can construct a concrete instance of `MTLSPolicyClientValidationModeInput` via: 

MTLSPolicyClientValidationModeArgs{...}

type MTLSPolicyClientValidationModeOutput added in v0.31.1 

type MTLSPolicyClientValidationModeOutput struct{ *pulumi.OutputState }

func (MTLSPolicyClientValidationModeOutput) ElementType added in v0.31.1 

func (MTLSPolicyClientValidationModeOutput) ElementType() reflect.Type

func (MTLSPolicyClientValidationModeOutput) ToMTLSPolicyClientValidationModeOutput added in v0.31.1 

func (o MTLSPolicyClientValidationModeOutput) ToMTLSPolicyClientValidationModeOutput() MTLSPolicyClientValidationModeOutput

func (MTLSPolicyClientValidationModeOutput) ToMTLSPolicyClientValidationModeOutputWithContext added in v0.31.1 

func (o MTLSPolicyClientValidationModeOutput) ToMTLSPolicyClientValidationModeOutputWithContext(ctx context.Context) MTLSPolicyClientValidationModeOutput

func (MTLSPolicyClientValidationModeOutput) ToMTLSPolicyClientValidationModePtrOutput added in v0.31.1 

func (o MTLSPolicyClientValidationModeOutput) ToMTLSPolicyClientValidationModePtrOutput() MTLSPolicyClientValidationModePtrOutput

func (MTLSPolicyClientValidationModeOutput) ToMTLSPolicyClientValidationModePtrOutputWithContext added in v0.31.1 

func (o MTLSPolicyClientValidationModeOutput) ToMTLSPolicyClientValidationModePtrOutputWithContext(ctx context.Context) MTLSPolicyClientValidationModePtrOutput

func (MTLSPolicyClientValidationModeOutput) ToStringOutput added in v0.31.1 

func (o MTLSPolicyClientValidationModeOutput) ToStringOutput() pulumi.StringOutput

func (MTLSPolicyClientValidationModeOutput) ToStringOutputWithContext added in v0.31.1 

func (o MTLSPolicyClientValidationModeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (MTLSPolicyClientValidationModeOutput) ToStringPtrOutput added in v0.31.1 

func (o MTLSPolicyClientValidationModeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (MTLSPolicyClientValidationModeOutput) ToStringPtrOutputWithContext added in v0.31.1 

func (o MTLSPolicyClientValidationModeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type MTLSPolicyClientValidationModePtrInput added in v0.31.1 

type MTLSPolicyClientValidationModePtrInput interface {
	pulumi.Input

	ToMTLSPolicyClientValidationModePtrOutput() MTLSPolicyClientValidationModePtrOutput
	ToMTLSPolicyClientValidationModePtrOutputWithContext(context.Context) MTLSPolicyClientValidationModePtrOutput
}

func MTLSPolicyClientValidationModePtr added in v0.31.1 

func MTLSPolicyClientValidationModePtr(v string) MTLSPolicyClientValidationModePtrInput

type MTLSPolicyClientValidationModePtrOutput added in v0.31.1 

type MTLSPolicyClientValidationModePtrOutput struct{ *pulumi.OutputState }

func (MTLSPolicyClientValidationModePtrOutput) Elem added in v0.31.1 

func (o MTLSPolicyClientValidationModePtrOutput) Elem() MTLSPolicyClientValidationModeOutput

func (MTLSPolicyClientValidationModePtrOutput) ElementType added in v0.31.1 

func (MTLSPolicyClientValidationModePtrOutput) ElementType() reflect.Type

func (MTLSPolicyClientValidationModePtrOutput) ToMTLSPolicyClientValidationModePtrOutput added in v0.31.1 

func (o MTLSPolicyClientValidationModePtrOutput) ToMTLSPolicyClientValidationModePtrOutput() MTLSPolicyClientValidationModePtrOutput

func (MTLSPolicyClientValidationModePtrOutput) ToMTLSPolicyClientValidationModePtrOutputWithContext added in v0.31.1 

func (o MTLSPolicyClientValidationModePtrOutput) ToMTLSPolicyClientValidationModePtrOutputWithContext(ctx context.Context) MTLSPolicyClientValidationModePtrOutput

func (MTLSPolicyClientValidationModePtrOutput) ToStringPtrOutput added in v0.31.1 

func (o MTLSPolicyClientValidationModePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (MTLSPolicyClientValidationModePtrOutput) ToStringPtrOutputWithContext added in v0.31.1 

func (o MTLSPolicyClientValidationModePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type MTLSPolicyInput 

type MTLSPolicyInput interface {
	pulumi.Input

	ToMTLSPolicyOutput() MTLSPolicyOutput
	ToMTLSPolicyOutputWithContext(context.Context) MTLSPolicyOutput
}

MTLSPolicyInput is an input type that accepts MTLSPolicyArgs and MTLSPolicyOutput values. You can construct a concrete instance of `MTLSPolicyInput` via: 

MTLSPolicyArgs{...}

type MTLSPolicyOutput 

type MTLSPolicyOutput struct{ *pulumi.OutputState }

Specification of the MTLSPolicy.

func (MTLSPolicyOutput) ClientValidationCa 

func (o MTLSPolicyOutput) ClientValidationCa() ValidationCAArrayOutput

Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.

func (MTLSPolicyOutput) ClientValidationMode added in v0.31.1 

func (o MTLSPolicyOutput) ClientValidationMode() MTLSPolicyClientValidationModePtrOutput

When the client presents an invalid certificate or no certificate to the load balancer, the `client_validation_mode` specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.

func (MTLSPolicyOutput) ClientValidationTrustConfig added in v0.31.1 

func (o MTLSPolicyOutput) ClientValidationTrustConfig() pulumi.StringPtrOutput

Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.

func (MTLSPolicyOutput) ElementType 

func (MTLSPolicyOutput) ElementType() reflect.Type

func (MTLSPolicyOutput) ToMTLSPolicyOutput 

func (o MTLSPolicyOutput) ToMTLSPolicyOutput() MTLSPolicyOutput

func (MTLSPolicyOutput) ToMTLSPolicyOutputWithContext 

func (o MTLSPolicyOutput) ToMTLSPolicyOutputWithContext(ctx context.Context) MTLSPolicyOutput

func (MTLSPolicyOutput) ToMTLSPolicyPtrOutput 

func (o MTLSPolicyOutput) ToMTLSPolicyPtrOutput() MTLSPolicyPtrOutput

func (MTLSPolicyOutput) ToMTLSPolicyPtrOutputWithContext 

func (o MTLSPolicyOutput) ToMTLSPolicyPtrOutputWithContext(ctx context.Context) MTLSPolicyPtrOutput

type MTLSPolicyPtrInput 

type MTLSPolicyPtrInput interface {
	pulumi.Input

	ToMTLSPolicyPtrOutput() MTLSPolicyPtrOutput
	ToMTLSPolicyPtrOutputWithContext(context.Context) MTLSPolicyPtrOutput
}

MTLSPolicyPtrInput is an input type that accepts MTLSPolicyArgs, MTLSPolicyPtr and MTLSPolicyPtrOutput values. You can construct a concrete instance of `MTLSPolicyPtrInput` via: 

        MTLSPolicyArgs{...}

or:

        nil

func MTLSPolicyPtr 

func MTLSPolicyPtr(v *MTLSPolicyArgs) MTLSPolicyPtrInput

type MTLSPolicyPtrOutput 

type MTLSPolicyPtrOutput struct{ *pulumi.OutputState }

func (MTLSPolicyPtrOutput) ClientValidationCa 

func (o MTLSPolicyPtrOutput) ClientValidationCa() ValidationCAArrayOutput

Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.

func (MTLSPolicyPtrOutput) ClientValidationMode added in v0.31.1 

func (o MTLSPolicyPtrOutput) ClientValidationMode() MTLSPolicyClientValidationModePtrOutput

When the client presents an invalid certificate or no certificate to the load balancer, the `client_validation_mode` specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.

func (MTLSPolicyPtrOutput) ClientValidationTrustConfig added in v0.31.1 

func (o MTLSPolicyPtrOutput) ClientValidationTrustConfig() pulumi.StringPtrOutput

Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.

func (MTLSPolicyPtrOutput) Elem 

func (o MTLSPolicyPtrOutput) Elem() MTLSPolicyOutput

func (MTLSPolicyPtrOutput) ElementType 

func (MTLSPolicyPtrOutput) ElementType() reflect.Type

func (MTLSPolicyPtrOutput) ToMTLSPolicyPtrOutput 

func (o MTLSPolicyPtrOutput) ToMTLSPolicyPtrOutput() MTLSPolicyPtrOutput

func (MTLSPolicyPtrOutput) ToMTLSPolicyPtrOutputWithContext 

func (o MTLSPolicyPtrOutput) ToMTLSPolicyPtrOutputWithContext(ctx context.Context) MTLSPolicyPtrOutput

type MTLSPolicyResponse 

type MTLSPolicyResponse struct {
	// Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.
	ClientValidationCa []ValidationCAResponse `pulumi:"clientValidationCa"`
	// When the client presents an invalid certificate or no certificate to the load balancer, the `client_validation_mode` specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.
	ClientValidationMode string `pulumi:"clientValidationMode"`
	// Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.
	ClientValidationTrustConfig string `pulumi:"clientValidationTrustConfig"`
}

Specification of the MTLSPolicy.

type MTLSPolicyResponseOutput 

type MTLSPolicyResponseOutput struct{ *pulumi.OutputState }

Specification of the MTLSPolicy.

func (MTLSPolicyResponseOutput) ClientValidationCa 

func (o MTLSPolicyResponseOutput) ClientValidationCa() ValidationCAResponseArrayOutput

Required if the policy is to be used with Traffic Director. For external HTTPS load balancers it must be empty. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.

func (MTLSPolicyResponseOutput) ClientValidationMode added in v0.31.1 

func (o MTLSPolicyResponseOutput) ClientValidationMode() pulumi.StringOutput

When the client presents an invalid certificate or no certificate to the load balancer, the `client_validation_mode` specifies how the client connection is handled. Required if the policy is to be used with the external HTTPS load balancing. For Traffic Director it must be empty.

func (MTLSPolicyResponseOutput) ClientValidationTrustConfig added in v0.31.1 

func (o MTLSPolicyResponseOutput) ClientValidationTrustConfig() pulumi.StringOutput

Reference to the TrustConfig from certificatemanager.googleapis.com namespace. If specified, the chain validation will be performed against certificates configured in the given TrustConfig. Allowed only if the policy is to be used with external HTTPS load balancers.

func (MTLSPolicyResponseOutput) ElementType 

func (MTLSPolicyResponseOutput) ElementType() reflect.Type

func (MTLSPolicyResponseOutput) ToMTLSPolicyResponseOutput 

func (o MTLSPolicyResponseOutput) ToMTLSPolicyResponseOutput() MTLSPolicyResponseOutput

func (MTLSPolicyResponseOutput) ToMTLSPolicyResponseOutputWithContext 

func (o MTLSPolicyResponseOutput) ToMTLSPolicyResponseOutputWithContext(ctx context.Context) MTLSPolicyResponseOutput

type OrganizationAddressGroup added in v0.32.0 

type OrganizationAddressGroup struct {
	pulumi.CustomResourceState

	// Required. Short name of the AddressGroup resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "authz_policy".
	AddressGroupId pulumi.StringOutput `pulumi:"addressGroupId"`
	// Capacity of the Address Group
	Capacity pulumi.IntOutput `pulumi:"capacity"`
	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description pulumi.StringOutput `pulumi:"description"`
	// Optional. List of items.
	Items pulumi.StringArrayOutput `pulumi:"items"`
	// Optional. Set of label tags associated with the AddressGroup resource.
	Labels   pulumi.StringMapOutput `pulumi:"labels"`
	Location pulumi.StringOutput    `pulumi:"location"`
	// Name of the AddressGroup resource. It matches pattern `projects/*/locations/{location}/addressGroups/`.
	Name           pulumi.StringOutput `pulumi:"name"`
	OrganizationId pulumi.StringOutput `pulumi:"organizationId"`
	// Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrOutput `pulumi:"requestId"`
	// Server-defined fully-qualified URL for this resource.
	SelfLink pulumi.StringOutput `pulumi:"selfLink"`
	// The type of the Address Group. Possible values are "IPv4" or "IPV6".
	Type pulumi.StringOutput `pulumi:"type"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Creates a new address group in a given project and location. Auto-naming is currently not supported for this resource.

func GetOrganizationAddressGroup added in v0.32.0 

func GetOrganizationAddressGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OrganizationAddressGroupState, opts ...pulumi.ResourceOption) (*OrganizationAddressGroup, error)

GetOrganizationAddressGroup gets an existing OrganizationAddressGroup resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOrganizationAddressGroup added in v0.32.0 

func NewOrganizationAddressGroup(ctx *pulumi.Context,
	name string, args *OrganizationAddressGroupArgs, opts ...pulumi.ResourceOption) (*OrganizationAddressGroup, error)

NewOrganizationAddressGroup registers a new resource with the given unique name, arguments, and options.

func (*OrganizationAddressGroup) ElementType added in v0.32.0 

func (*OrganizationAddressGroup) ElementType() reflect.Type

func (*OrganizationAddressGroup) ToOrganizationAddressGroupOutput added in v0.32.0 

func (i *OrganizationAddressGroup) ToOrganizationAddressGroupOutput() OrganizationAddressGroupOutput

func (*OrganizationAddressGroup) ToOrganizationAddressGroupOutputWithContext added in v0.32.0 

func (i *OrganizationAddressGroup) ToOrganizationAddressGroupOutputWithContext(ctx context.Context) OrganizationAddressGroupOutput

type OrganizationAddressGroupArgs added in v0.32.0 

type OrganizationAddressGroupArgs struct {
	// Required. Short name of the AddressGroup resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "authz_policy".
	AddressGroupId pulumi.StringInput
	// Capacity of the Address Group
	Capacity pulumi.IntInput
	// Optional. Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Optional. List of items.
	Items pulumi.StringArrayInput
	// Optional. Set of label tags associated with the AddressGroup resource.
	Labels   pulumi.StringMapInput
	Location pulumi.StringPtrInput
	// Name of the AddressGroup resource. It matches pattern `projects/*/locations/{location}/addressGroups/`.
	Name           pulumi.StringInput
	OrganizationId pulumi.StringInput
	// Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrInput
	// The type of the Address Group. Possible values are "IPv4" or "IPV6".
	Type OrganizationAddressGroupTypeInput
}

The set of arguments for constructing a OrganizationAddressGroup resource.

func (OrganizationAddressGroupArgs) ElementType added in v0.32.0 

func (OrganizationAddressGroupArgs) ElementType() reflect.Type

type OrganizationAddressGroupInput added in v0.32.0 

type OrganizationAddressGroupInput interface {
	pulumi.Input

	ToOrganizationAddressGroupOutput() OrganizationAddressGroupOutput
	ToOrganizationAddressGroupOutputWithContext(ctx context.Context) OrganizationAddressGroupOutput
}

type OrganizationAddressGroupOutput added in v0.32.0 

type OrganizationAddressGroupOutput struct{ *pulumi.OutputState }

func (OrganizationAddressGroupOutput) AddressGroupId added in v0.32.0 

func (o OrganizationAddressGroupOutput) AddressGroupId() pulumi.StringOutput

Required. Short name of the AddressGroup resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "authz_policy".

func (OrganizationAddressGroupOutput) Capacity added in v0.32.0 

func (o OrganizationAddressGroupOutput) Capacity() pulumi.IntOutput

Capacity of the Address Group

func (OrganizationAddressGroupOutput) CreateTime added in v0.32.0 

func (o OrganizationAddressGroupOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (OrganizationAddressGroupOutput) Description added in v0.32.0 

func (o OrganizationAddressGroupOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (OrganizationAddressGroupOutput) ElementType added in v0.32.0 

func (OrganizationAddressGroupOutput) ElementType() reflect.Type

func (OrganizationAddressGroupOutput) Items added in v0.32.0 

func (o OrganizationAddressGroupOutput) Items() pulumi.StringArrayOutput

Optional. List of items.

func (OrganizationAddressGroupOutput) Labels added in v0.32.0 

func (o OrganizationAddressGroupOutput) Labels() pulumi.StringMapOutput

Optional. Set of label tags associated with the AddressGroup resource.

func (OrganizationAddressGroupOutput) Location added in v0.32.0 

func (o OrganizationAddressGroupOutput) Location() pulumi.StringOutput

func (OrganizationAddressGroupOutput) Name added in v0.32.0 

func (o OrganizationAddressGroupOutput) Name() pulumi.StringOutput

Name of the AddressGroup resource. It matches pattern `projects/*/locations/{location}/addressGroups/`.

func (OrganizationAddressGroupOutput) OrganizationId added in v0.32.0 

func (o OrganizationAddressGroupOutput) OrganizationId() pulumi.StringOutput

func (OrganizationAddressGroupOutput) RequestId added in v0.32.0 

func (o OrganizationAddressGroupOutput) RequestId() pulumi.StringPtrOutput

Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000). 

func (o OrganizationAddressGroupOutput) SelfLink() pulumi.StringOutput

Server-defined fully-qualified URL for this resource.

func (OrganizationAddressGroupOutput) ToOrganizationAddressGroupOutput added in v0.32.0 

func (o OrganizationAddressGroupOutput) ToOrganizationAddressGroupOutput() OrganizationAddressGroupOutput

func (OrganizationAddressGroupOutput) ToOrganizationAddressGroupOutputWithContext added in v0.32.0 

func (o OrganizationAddressGroupOutput) ToOrganizationAddressGroupOutputWithContext(ctx context.Context) OrganizationAddressGroupOutput

func (OrganizationAddressGroupOutput) Type added in v0.32.0 

func (o OrganizationAddressGroupOutput) Type() pulumi.StringOutput

The type of the Address Group. Possible values are "IPv4" or "IPV6".

func (OrganizationAddressGroupOutput) UpdateTime added in v0.32.0 

func (o OrganizationAddressGroupOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type OrganizationAddressGroupState added in v0.32.0 

type OrganizationAddressGroupState struct {
}

func (OrganizationAddressGroupState) ElementType added in v0.32.0 

func (OrganizationAddressGroupState) ElementType() reflect.Type

type OrganizationAddressGroupType added in v0.32.0 

type OrganizationAddressGroupType string

Required. The type of the Address Group. Possible values are "IPv4" or "IPV6".

func (OrganizationAddressGroupType) ElementType added in v0.32.0 

func (OrganizationAddressGroupType) ElementType() reflect.Type

func (OrganizationAddressGroupType) ToOrganizationAddressGroupTypeOutput added in v0.32.0 

func (e OrganizationAddressGroupType) ToOrganizationAddressGroupTypeOutput() OrganizationAddressGroupTypeOutput

func (OrganizationAddressGroupType) ToOrganizationAddressGroupTypeOutputWithContext added in v0.32.0 

func (e OrganizationAddressGroupType) ToOrganizationAddressGroupTypeOutputWithContext(ctx context.Context) OrganizationAddressGroupTypeOutput

func (OrganizationAddressGroupType) ToOrganizationAddressGroupTypePtrOutput added in v0.32.0 

func (e OrganizationAddressGroupType) ToOrganizationAddressGroupTypePtrOutput() OrganizationAddressGroupTypePtrOutput

func (OrganizationAddressGroupType) ToOrganizationAddressGroupTypePtrOutputWithContext added in v0.32.0 

func (e OrganizationAddressGroupType) ToOrganizationAddressGroupTypePtrOutputWithContext(ctx context.Context) OrganizationAddressGroupTypePtrOutput

func (OrganizationAddressGroupType) ToStringOutput added in v0.32.0 

func (e OrganizationAddressGroupType) ToStringOutput() pulumi.StringOutput

func (OrganizationAddressGroupType) ToStringOutputWithContext added in v0.32.0 

func (e OrganizationAddressGroupType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (OrganizationAddressGroupType) ToStringPtrOutput added in v0.32.0 

func (e OrganizationAddressGroupType) ToStringPtrOutput() pulumi.StringPtrOutput

func (OrganizationAddressGroupType) ToStringPtrOutputWithContext added in v0.32.0 

func (e OrganizationAddressGroupType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type OrganizationAddressGroupTypeInput added in v0.32.0 

type OrganizationAddressGroupTypeInput interface {
	pulumi.Input

	ToOrganizationAddressGroupTypeOutput() OrganizationAddressGroupTypeOutput
	ToOrganizationAddressGroupTypeOutputWithContext(context.Context) OrganizationAddressGroupTypeOutput
}

OrganizationAddressGroupTypeInput is an input type that accepts OrganizationAddressGroupTypeArgs and OrganizationAddressGroupTypeOutput values. You can construct a concrete instance of `OrganizationAddressGroupTypeInput` via: 

OrganizationAddressGroupTypeArgs{...}

type OrganizationAddressGroupTypeOutput added in v0.32.0 

type OrganizationAddressGroupTypeOutput struct{ *pulumi.OutputState }

func (OrganizationAddressGroupTypeOutput) ElementType added in v0.32.0 

func (OrganizationAddressGroupTypeOutput) ElementType() reflect.Type

func (OrganizationAddressGroupTypeOutput) ToOrganizationAddressGroupTypeOutput added in v0.32.0 

func (o OrganizationAddressGroupTypeOutput) ToOrganizationAddressGroupTypeOutput() OrganizationAddressGroupTypeOutput

func (OrganizationAddressGroupTypeOutput) ToOrganizationAddressGroupTypeOutputWithContext added in v0.32.0 

func (o OrganizationAddressGroupTypeOutput) ToOrganizationAddressGroupTypeOutputWithContext(ctx context.Context) OrganizationAddressGroupTypeOutput

func (OrganizationAddressGroupTypeOutput) ToOrganizationAddressGroupTypePtrOutput added in v0.32.0 

func (o OrganizationAddressGroupTypeOutput) ToOrganizationAddressGroupTypePtrOutput() OrganizationAddressGroupTypePtrOutput

func (OrganizationAddressGroupTypeOutput) ToOrganizationAddressGroupTypePtrOutputWithContext added in v0.32.0 

func (o OrganizationAddressGroupTypeOutput) ToOrganizationAddressGroupTypePtrOutputWithContext(ctx context.Context) OrganizationAddressGroupTypePtrOutput

func (OrganizationAddressGroupTypeOutput) ToStringOutput added in v0.32.0 

func (o OrganizationAddressGroupTypeOutput) ToStringOutput() pulumi.StringOutput

func (OrganizationAddressGroupTypeOutput) ToStringOutputWithContext added in v0.32.0 

func (o OrganizationAddressGroupTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (OrganizationAddressGroupTypeOutput) ToStringPtrOutput added in v0.32.0 

func (o OrganizationAddressGroupTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (OrganizationAddressGroupTypeOutput) ToStringPtrOutputWithContext added in v0.32.0 

func (o OrganizationAddressGroupTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type OrganizationAddressGroupTypePtrInput added in v0.32.0 

type OrganizationAddressGroupTypePtrInput interface {
	pulumi.Input

	ToOrganizationAddressGroupTypePtrOutput() OrganizationAddressGroupTypePtrOutput
	ToOrganizationAddressGroupTypePtrOutputWithContext(context.Context) OrganizationAddressGroupTypePtrOutput
}

func OrganizationAddressGroupTypePtr added in v0.32.0 

func OrganizationAddressGroupTypePtr(v string) OrganizationAddressGroupTypePtrInput

type OrganizationAddressGroupTypePtrOutput added in v0.32.0 

type OrganizationAddressGroupTypePtrOutput struct{ *pulumi.OutputState }

func (OrganizationAddressGroupTypePtrOutput) Elem added in v0.32.0 

func (o OrganizationAddressGroupTypePtrOutput) Elem() OrganizationAddressGroupTypeOutput

func (OrganizationAddressGroupTypePtrOutput) ElementType added in v0.32.0 

func (OrganizationAddressGroupTypePtrOutput) ElementType() reflect.Type

func (OrganizationAddressGroupTypePtrOutput) ToOrganizationAddressGroupTypePtrOutput added in v0.32.0 

func (o OrganizationAddressGroupTypePtrOutput) ToOrganizationAddressGroupTypePtrOutput() OrganizationAddressGroupTypePtrOutput

func (OrganizationAddressGroupTypePtrOutput) ToOrganizationAddressGroupTypePtrOutputWithContext added in v0.32.0 

func (o OrganizationAddressGroupTypePtrOutput) ToOrganizationAddressGroupTypePtrOutputWithContext(ctx context.Context) OrganizationAddressGroupTypePtrOutput

func (OrganizationAddressGroupTypePtrOutput) ToStringPtrOutput added in v0.32.0 

func (o OrganizationAddressGroupTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (OrganizationAddressGroupTypePtrOutput) ToStringPtrOutputWithContext added in v0.32.0 

func (o OrganizationAddressGroupTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type Rule 

type Rule struct {
	pulumi.CustomResourceState

	// Optional. CEL expression for matching on L7/application level criteria.
	ApplicationMatcher pulumi.StringOutput `pulumi:"applicationMatcher"`
	// Profile which tells what the primitive action should be.
	BasicProfile pulumi.StringOutput `pulumi:"basicProfile"`
	// Time when the rule was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description pulumi.StringOutput `pulumi:"description"`
	// Whether the rule is enforced.
	Enabled                 pulumi.BoolOutput   `pulumi:"enabled"`
	GatewaySecurityPolicyId pulumi.StringOutput `pulumi:"gatewaySecurityPolicyId"`
	// The ID to use for the rule, which will become the final component of the rule's resource name. This value should be 4-63 characters, and valid characters are /a-z-/.
	GatewaySecurityPolicyRuleId pulumi.StringPtrOutput `pulumi:"gatewaySecurityPolicyRuleId"`
	Location                    pulumi.StringOutput    `pulumi:"location"`
	// Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name pulumi.StringOutput `pulumi:"name"`
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority pulumi.IntOutput    `pulumi:"priority"`
	Project  pulumi.StringOutput `pulumi:"project"`
	// CEL expression for matching on session criteria.
	SessionMatcher pulumi.StringOutput `pulumi:"sessionMatcher"`
	// Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled pulumi.BoolOutput `pulumi:"tlsInspectionEnabled"`
	// Time when the rule was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Creates a new GatewaySecurityPolicy in a given project and location. Auto-naming is currently not supported for this resource.

func GetRule added in v0.31.1 

func GetRule(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RuleState, opts ...pulumi.ResourceOption) (*Rule, error)

GetRule gets an existing Rule resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRule added in v0.31.1 

func NewRule(ctx *pulumi.Context,
	name string, args *RuleArgs, opts ...pulumi.ResourceOption) (*Rule, error)

NewRule registers a new resource with the given unique name, arguments, and options.

func (*Rule) ElementType added in v0.31.1 

func (*Rule) ElementType() reflect.Type

func (*Rule) ToRuleOutput added in v0.31.1 

func (i *Rule) ToRuleOutput() RuleOutput

func (*Rule) ToRuleOutputWithContext added in v0.31.1 

func (i *Rule) ToRuleOutputWithContext(ctx context.Context) RuleOutput

type RuleArgs 

type RuleArgs struct {
	// Optional. CEL expression for matching on L7/application level criteria.
	ApplicationMatcher pulumi.StringPtrInput
	// Profile which tells what the primitive action should be.
	BasicProfile RuleBasicProfileInput
	// Optional. Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Whether the rule is enforced.
	Enabled                 pulumi.BoolInput
	GatewaySecurityPolicyId pulumi.StringInput
	// The ID to use for the rule, which will become the final component of the rule's resource name. This value should be 4-63 characters, and valid characters are /a-z-/.
	GatewaySecurityPolicyRuleId pulumi.StringPtrInput
	Location                    pulumi.StringPtrInput
	// Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name pulumi.StringInput
	// Priority of the rule. Lower number corresponds to higher precedence.
	Priority pulumi.IntInput
	Project  pulumi.StringPtrInput
	// CEL expression for matching on session criteria.
	SessionMatcher pulumi.StringInput
	// Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
	TlsInspectionEnabled pulumi.BoolPtrInput
}

The set of arguments for constructing a Rule resource.

func (RuleArgs) ElementType 

func (RuleArgs) ElementType() reflect.Type

type RuleBasicProfile added in v0.31.1 

type RuleBasicProfile string

Required. Profile which tells what the primitive action should be.

func (RuleBasicProfile) ElementType added in v0.31.1 

func (RuleBasicProfile) ElementType() reflect.Type

func (RuleBasicProfile) ToRuleBasicProfileOutput added in v0.31.1 

func (e RuleBasicProfile) ToRuleBasicProfileOutput() RuleBasicProfileOutput

func (RuleBasicProfile) ToRuleBasicProfileOutputWithContext added in v0.31.1 

func (e RuleBasicProfile) ToRuleBasicProfileOutputWithContext(ctx context.Context) RuleBasicProfileOutput

func (RuleBasicProfile) ToRuleBasicProfilePtrOutput added in v0.31.1 

func (e RuleBasicProfile) ToRuleBasicProfilePtrOutput() RuleBasicProfilePtrOutput

func (RuleBasicProfile) ToRuleBasicProfilePtrOutputWithContext added in v0.31.1 

func (e RuleBasicProfile) ToRuleBasicProfilePtrOutputWithContext(ctx context.Context) RuleBasicProfilePtrOutput

func (RuleBasicProfile) ToStringOutput added in v0.31.1 

func (e RuleBasicProfile) ToStringOutput() pulumi.StringOutput

func (RuleBasicProfile) ToStringOutputWithContext added in v0.31.1 

func (e RuleBasicProfile) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (RuleBasicProfile) ToStringPtrOutput added in v0.31.1 

func (e RuleBasicProfile) ToStringPtrOutput() pulumi.StringPtrOutput

func (RuleBasicProfile) ToStringPtrOutputWithContext added in v0.31.1 

func (e RuleBasicProfile) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type RuleBasicProfileInput added in v0.31.1 

type RuleBasicProfileInput interface {
	pulumi.Input

	ToRuleBasicProfileOutput() RuleBasicProfileOutput
	ToRuleBasicProfileOutputWithContext(context.Context) RuleBasicProfileOutput
}

RuleBasicProfileInput is an input type that accepts RuleBasicProfileArgs and RuleBasicProfileOutput values. You can construct a concrete instance of `RuleBasicProfileInput` via: 

RuleBasicProfileArgs{...}

type RuleBasicProfileOutput added in v0.31.1 

type RuleBasicProfileOutput struct{ *pulumi.OutputState }

func (RuleBasicProfileOutput) ElementType added in v0.31.1 

func (RuleBasicProfileOutput) ElementType() reflect.Type

func (RuleBasicProfileOutput) ToRuleBasicProfileOutput added in v0.31.1 

func (o RuleBasicProfileOutput) ToRuleBasicProfileOutput() RuleBasicProfileOutput

func (RuleBasicProfileOutput) ToRuleBasicProfileOutputWithContext added in v0.31.1 

func (o RuleBasicProfileOutput) ToRuleBasicProfileOutputWithContext(ctx context.Context) RuleBasicProfileOutput

func (RuleBasicProfileOutput) ToRuleBasicProfilePtrOutput added in v0.31.1 

func (o RuleBasicProfileOutput) ToRuleBasicProfilePtrOutput() RuleBasicProfilePtrOutput

func (RuleBasicProfileOutput) ToRuleBasicProfilePtrOutputWithContext added in v0.31.1 

func (o RuleBasicProfileOutput) ToRuleBasicProfilePtrOutputWithContext(ctx context.Context) RuleBasicProfilePtrOutput

func (RuleBasicProfileOutput) ToStringOutput added in v0.31.1 

func (o RuleBasicProfileOutput) ToStringOutput() pulumi.StringOutput

func (RuleBasicProfileOutput) ToStringOutputWithContext added in v0.31.1 

func (o RuleBasicProfileOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (RuleBasicProfileOutput) ToStringPtrOutput added in v0.31.1 

func (o RuleBasicProfileOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (RuleBasicProfileOutput) ToStringPtrOutputWithContext added in v0.31.1 

func (o RuleBasicProfileOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type RuleBasicProfilePtrInput added in v0.31.1 

type RuleBasicProfilePtrInput interface {
	pulumi.Input

	ToRuleBasicProfilePtrOutput() RuleBasicProfilePtrOutput
	ToRuleBasicProfilePtrOutputWithContext(context.Context) RuleBasicProfilePtrOutput
}

func RuleBasicProfilePtr added in v0.31.1 

func RuleBasicProfilePtr(v string) RuleBasicProfilePtrInput

type RuleBasicProfilePtrOutput added in v0.31.1 

type RuleBasicProfilePtrOutput struct{ *pulumi.OutputState }

func (RuleBasicProfilePtrOutput) Elem added in v0.31.1 

func (o RuleBasicProfilePtrOutput) Elem() RuleBasicProfileOutput

func (RuleBasicProfilePtrOutput) ElementType added in v0.31.1 

func (RuleBasicProfilePtrOutput) ElementType() reflect.Type

func (RuleBasicProfilePtrOutput) ToRuleBasicProfilePtrOutput added in v0.31.1 

func (o RuleBasicProfilePtrOutput) ToRuleBasicProfilePtrOutput() RuleBasicProfilePtrOutput

func (RuleBasicProfilePtrOutput) ToRuleBasicProfilePtrOutputWithContext added in v0.31.1 

func (o RuleBasicProfilePtrOutput) ToRuleBasicProfilePtrOutputWithContext(ctx context.Context) RuleBasicProfilePtrOutput

func (RuleBasicProfilePtrOutput) ToStringPtrOutput added in v0.31.1 

func (o RuleBasicProfilePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (RuleBasicProfilePtrOutput) ToStringPtrOutputWithContext added in v0.31.1 

func (o RuleBasicProfilePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type RuleInput 

type RuleInput interface {
	pulumi.Input

	ToRuleOutput() RuleOutput
	ToRuleOutputWithContext(ctx context.Context) RuleOutput
}

type RuleOutput 

type RuleOutput struct{ *pulumi.OutputState }

func (RuleOutput) ApplicationMatcher added in v0.31.1 

func (o RuleOutput) ApplicationMatcher() pulumi.StringOutput

Optional. CEL expression for matching on L7/application level criteria.

func (RuleOutput) BasicProfile added in v0.31.1 

func (o RuleOutput) BasicProfile() pulumi.StringOutput

Profile which tells what the primitive action should be.

func (RuleOutput) CreateTime added in v0.31.1 

func (o RuleOutput) CreateTime() pulumi.StringOutput

Time when the rule was created.

func (RuleOutput) Description added in v0.31.1 

func (o RuleOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (RuleOutput) ElementType 

func (RuleOutput) ElementType() reflect.Type

func (RuleOutput) Enabled added in v0.31.1 

func (o RuleOutput) Enabled() pulumi.BoolOutput

Whether the rule is enforced.

func (RuleOutput) GatewaySecurityPolicyId added in v0.31.1 

func (o RuleOutput) GatewaySecurityPolicyId() pulumi.StringOutput

func (RuleOutput) GatewaySecurityPolicyRuleId added in v0.31.1 

func (o RuleOutput) GatewaySecurityPolicyRuleId() pulumi.StringPtrOutput

The ID to use for the rule, which will become the final component of the rule's resource name. This value should be 4-63 characters, and valid characters are /a-z-/.

func (RuleOutput) Location added in v0.31.1 

func (o RuleOutput) Location() pulumi.StringOutput

func (RuleOutput) Name added in v0.31.1 

func (o RuleOutput) Name() pulumi.StringOutput

Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).

func (RuleOutput) Priority added in v0.31.1 

func (o RuleOutput) Priority() pulumi.IntOutput

Priority of the rule. Lower number corresponds to higher precedence.

func (RuleOutput) Project added in v0.31.1 

func (o RuleOutput) Project() pulumi.StringOutput

func (RuleOutput) SessionMatcher added in v0.31.1 

func (o RuleOutput) SessionMatcher() pulumi.StringOutput

CEL expression for matching on session criteria.

func (RuleOutput) TlsInspectionEnabled added in v0.31.1 

func (o RuleOutput) TlsInspectionEnabled() pulumi.BoolOutput

Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

func (RuleOutput) ToRuleOutput 

func (o RuleOutput) ToRuleOutput() RuleOutput

func (RuleOutput) ToRuleOutputWithContext 

func (o RuleOutput) ToRuleOutputWithContext(ctx context.Context) RuleOutput

func (RuleOutput) UpdateTime added in v0.31.1 

func (o RuleOutput) UpdateTime() pulumi.StringOutput

Time when the rule was updated.

type RuleResponse 

type RuleResponse struct {
	// Optional. List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers. If not set, the action specified in the 'action' field will be applied without any rule checks for the destination.
	Destinations []DestinationResponse `pulumi:"destinations"`
	// Optional. List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ip_blocks match. If not set, the action specified in the 'action' field will be applied without any rule checks for the source.
	Sources []SourceResponse `pulumi:"sources"`
}

Specification of rules.

type RuleResponseArrayOutput 

type RuleResponseArrayOutput struct{ *pulumi.OutputState }

func (RuleResponseArrayOutput) ElementType 

func (RuleResponseArrayOutput) ElementType() reflect.Type

func (RuleResponseArrayOutput) Index 

func (o RuleResponseArrayOutput) Index(i pulumi.IntInput) RuleResponseOutput

func (RuleResponseArrayOutput) ToRuleResponseArrayOutput 

func (o RuleResponseArrayOutput) ToRuleResponseArrayOutput() RuleResponseArrayOutput

func (RuleResponseArrayOutput) ToRuleResponseArrayOutputWithContext 

func (o RuleResponseArrayOutput) ToRuleResponseArrayOutputWithContext(ctx context.Context) RuleResponseArrayOutput

type RuleResponseOutput 

type RuleResponseOutput struct{ *pulumi.OutputState }

Specification of rules.

func (RuleResponseOutput) Destinations 

func (o RuleResponseOutput) Destinations() DestinationResponseArrayOutput

Optional. List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers. If not set, the action specified in the 'action' field will be applied without any rule checks for the destination.

func (RuleResponseOutput) ElementType 

func (RuleResponseOutput) ElementType() reflect.Type

func (RuleResponseOutput) Sources 

func (o RuleResponseOutput) Sources() SourceResponseArrayOutput

Optional. List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ip_blocks match. If not set, the action specified in the 'action' field will be applied without any rule checks for the source.

func (RuleResponseOutput) ToRuleResponseOutput 

func (o RuleResponseOutput) ToRuleResponseOutput() RuleResponseOutput

func (RuleResponseOutput) ToRuleResponseOutputWithContext 

func (o RuleResponseOutput) ToRuleResponseOutputWithContext(ctx context.Context) RuleResponseOutput

type RuleState added in v0.31.1 

type RuleState struct {
}

func (RuleState) ElementType added in v0.31.1 

func (RuleState) ElementType() reflect.Type

type RuleType added in v0.31.1 

type RuleType struct {
	// Optional. List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers. If not set, the action specified in the 'action' field will be applied without any rule checks for the destination.
	Destinations []Destination `pulumi:"destinations"`
	// Optional. List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ip_blocks match. If not set, the action specified in the 'action' field will be applied without any rule checks for the source.
	Sources []Source `pulumi:"sources"`
}

Specification of rules.

type RuleTypeArgs added in v0.31.1 

type RuleTypeArgs struct {
	// Optional. List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers. If not set, the action specified in the 'action' field will be applied without any rule checks for the destination.
	Destinations DestinationArrayInput `pulumi:"destinations"`
	// Optional. List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ip_blocks match. If not set, the action specified in the 'action' field will be applied without any rule checks for the source.
	Sources SourceArrayInput `pulumi:"sources"`
}

Specification of rules.

func (RuleTypeArgs) ElementType added in v0.31.1 

func (RuleTypeArgs) ElementType() reflect.Type

func (RuleTypeArgs) ToRuleTypeOutput added in v0.31.1 

func (i RuleTypeArgs) ToRuleTypeOutput() RuleTypeOutput

func (RuleTypeArgs) ToRuleTypeOutputWithContext added in v0.31.1 

func (i RuleTypeArgs) ToRuleTypeOutputWithContext(ctx context.Context) RuleTypeOutput

type RuleTypeArray added in v0.31.1 

type RuleTypeArray []RuleTypeInput

func (RuleTypeArray) ElementType added in v0.31.1 

func (RuleTypeArray) ElementType() reflect.Type

func (RuleTypeArray) ToRuleTypeArrayOutput added in v0.31.1 

func (i RuleTypeArray) ToRuleTypeArrayOutput() RuleTypeArrayOutput

func (RuleTypeArray) ToRuleTypeArrayOutputWithContext added in v0.31.1 

func (i RuleTypeArray) ToRuleTypeArrayOutputWithContext(ctx context.Context) RuleTypeArrayOutput

type RuleTypeArrayInput added in v0.31.1 

type RuleTypeArrayInput interface {
	pulumi.Input

	ToRuleTypeArrayOutput() RuleTypeArrayOutput
	ToRuleTypeArrayOutputWithContext(context.Context) RuleTypeArrayOutput
}

RuleTypeArrayInput is an input type that accepts RuleTypeArray and RuleTypeArrayOutput values. You can construct a concrete instance of `RuleTypeArrayInput` via: 

RuleTypeArray{ RuleTypeArgs{...} }

type RuleTypeArrayOutput added in v0.31.1 

type RuleTypeArrayOutput struct{ *pulumi.OutputState }

func (RuleTypeArrayOutput) ElementType added in v0.31.1 

func (RuleTypeArrayOutput) ElementType() reflect.Type

func (RuleTypeArrayOutput) Index added in v0.31.1 

func (o RuleTypeArrayOutput) Index(i pulumi.IntInput) RuleTypeOutput

func (RuleTypeArrayOutput) ToRuleTypeArrayOutput added in v0.31.1 

func (o RuleTypeArrayOutput) ToRuleTypeArrayOutput() RuleTypeArrayOutput

func (RuleTypeArrayOutput) ToRuleTypeArrayOutputWithContext added in v0.31.1 

func (o RuleTypeArrayOutput) ToRuleTypeArrayOutputWithContext(ctx context.Context) RuleTypeArrayOutput

type RuleTypeInput added in v0.31.1 

type RuleTypeInput interface {
	pulumi.Input

	ToRuleTypeOutput() RuleTypeOutput
	ToRuleTypeOutputWithContext(context.Context) RuleTypeOutput
}

RuleTypeInput is an input type that accepts RuleTypeArgs and RuleTypeOutput values. You can construct a concrete instance of `RuleTypeInput` via: 

RuleTypeArgs{...}

type RuleTypeOutput added in v0.31.1 

type RuleTypeOutput struct{ *pulumi.OutputState }

Specification of rules.

func (RuleTypeOutput) Destinations added in v0.31.1 

func (o RuleTypeOutput) Destinations() DestinationArrayOutput

Optional. List of attributes for the traffic destination. All of the destinations must match. A destination is a match if a request matches all the specified hosts, ports, methods and headers. If not set, the action specified in the 'action' field will be applied without any rule checks for the destination.

func (RuleTypeOutput) ElementType added in v0.31.1 

func (RuleTypeOutput) ElementType() reflect.Type

func (RuleTypeOutput) Sources added in v0.31.1 

func (o RuleTypeOutput) Sources() SourceArrayOutput

Optional. List of attributes for the traffic source. All of the sources must match. A source is a match if both principals and ip_blocks match. If not set, the action specified in the 'action' field will be applied without any rule checks for the source.

func (RuleTypeOutput) ToRuleTypeOutput added in v0.31.1 

func (o RuleTypeOutput) ToRuleTypeOutput() RuleTypeOutput

func (RuleTypeOutput) ToRuleTypeOutputWithContext added in v0.31.1 

func (o RuleTypeOutput) ToRuleTypeOutputWithContext(ctx context.Context) RuleTypeOutput

type ServerTlsPolicy 

type ServerTlsPolicy struct {
	pulumi.CustomResourceState

	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies. Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if `allow_open` and `mtls_policy` are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility. Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen pulumi.BoolOutput `pulumi:"allowOpen"`
	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Free-text description of the resource.
	Description pulumi.StringOutput `pulumi:"description"`
	// Set of label tags associated with the resource.
	Labels   pulumi.StringMapOutput `pulumi:"labels"`
	Location pulumi.StringOutput    `pulumi:"location"`
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director. Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain text and mTLS connections.
	MtlsPolicy MTLSPolicyResponseOutput `pulumi:"mtlsPolicy"`
	// Name of the ServerTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/serverTlsPolicies/{server_tls_policy}`
	Name    pulumi.StringOutput `pulumi:"name"`
	Project pulumi.StringOutput `pulumi:"project"`
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with `allow_open` as a permissive mode that allows both plain text and TLS is not supported.
	ServerCertificate GoogleCloudNetworksecurityV1CertificateProviderResponseOutput `pulumi:"serverCertificate"`
	// Required. Short name of the ServerTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "server_mtls_policy".
	ServerTlsPolicyId pulumi.StringOutput `pulumi:"serverTlsPolicyId"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Creates a new ServerTlsPolicy in a given project and location.

func GetServerTlsPolicy 

func GetServerTlsPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServerTlsPolicyState, opts ...pulumi.ResourceOption) (*ServerTlsPolicy, error)

GetServerTlsPolicy gets an existing ServerTlsPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServerTlsPolicy 

func NewServerTlsPolicy(ctx *pulumi.Context,
	name string, args *ServerTlsPolicyArgs, opts ...pulumi.ResourceOption) (*ServerTlsPolicy, error)

NewServerTlsPolicy registers a new resource with the given unique name, arguments, and options.

func (*ServerTlsPolicy) ElementType 

func (*ServerTlsPolicy) ElementType() reflect.Type

func (*ServerTlsPolicy) ToServerTlsPolicyOutput 

func (i *ServerTlsPolicy) ToServerTlsPolicyOutput() ServerTlsPolicyOutput

func (*ServerTlsPolicy) ToServerTlsPolicyOutputWithContext 

func (i *ServerTlsPolicy) ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput

type ServerTlsPolicyArgs 

type ServerTlsPolicyArgs struct {
	// This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies. Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if `allow_open` and `mtls_policy` are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility. Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.
	AllowOpen pulumi.BoolPtrInput
	// Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Set of label tags associated with the resource.
	Labels   pulumi.StringMapInput
	Location pulumi.StringPtrInput
	// This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director. Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain text and mTLS connections.
	MtlsPolicy MTLSPolicyPtrInput
	// Name of the ServerTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/serverTlsPolicies/{server_tls_policy}`
	Name    pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with `allow_open` as a permissive mode that allows both plain text and TLS is not supported.
	ServerCertificate GoogleCloudNetworksecurityV1CertificateProviderPtrInput
	// Required. Short name of the ServerTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "server_mtls_policy".
	ServerTlsPolicyId pulumi.StringInput
}

The set of arguments for constructing a ServerTlsPolicy resource.

func (ServerTlsPolicyArgs) ElementType 

func (ServerTlsPolicyArgs) ElementType() reflect.Type

type ServerTlsPolicyIamBinding added in v0.26.0 

type ServerTlsPolicyIamBinding struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetServerTlsPolicyIamBinding added in v0.26.0 

func GetServerTlsPolicyIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServerTlsPolicyIamBindingState, opts ...pulumi.ResourceOption) (*ServerTlsPolicyIamBinding, error)

GetServerTlsPolicyIamBinding gets an existing ServerTlsPolicyIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServerTlsPolicyIamBinding added in v0.26.0 

func NewServerTlsPolicyIamBinding(ctx *pulumi.Context,
	name string, args *ServerTlsPolicyIamBindingArgs, opts ...pulumi.ResourceOption) (*ServerTlsPolicyIamBinding, error)

NewServerTlsPolicyIamBinding registers a new resource with the given unique name, arguments, and options.

func (*ServerTlsPolicyIamBinding) ElementType added in v0.26.0 

func (*ServerTlsPolicyIamBinding) ElementType() reflect.Type

func (*ServerTlsPolicyIamBinding) ToServerTlsPolicyIamBindingOutput added in v0.26.0 

func (i *ServerTlsPolicyIamBinding) ToServerTlsPolicyIamBindingOutput() ServerTlsPolicyIamBindingOutput

func (*ServerTlsPolicyIamBinding) ToServerTlsPolicyIamBindingOutputWithContext added in v0.26.0 

func (i *ServerTlsPolicyIamBinding) ToServerTlsPolicyIamBindingOutputWithContext(ctx context.Context) ServerTlsPolicyIamBindingOutput

type ServerTlsPolicyIamBindingArgs added in v0.26.0 

type ServerTlsPolicyIamBindingArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringInput
}

The set of arguments for constructing a ServerTlsPolicyIamBinding resource.

func (ServerTlsPolicyIamBindingArgs) ElementType added in v0.26.0 

func (ServerTlsPolicyIamBindingArgs) ElementType() reflect.Type

type ServerTlsPolicyIamBindingInput added in v0.26.0 

type ServerTlsPolicyIamBindingInput interface {
	pulumi.Input

	ToServerTlsPolicyIamBindingOutput() ServerTlsPolicyIamBindingOutput
	ToServerTlsPolicyIamBindingOutputWithContext(ctx context.Context) ServerTlsPolicyIamBindingOutput
}

type ServerTlsPolicyIamBindingOutput added in v0.26.0 

type ServerTlsPolicyIamBindingOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyIamBindingOutput) Condition added in v0.26.0 

func (o ServerTlsPolicyIamBindingOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (ServerTlsPolicyIamBindingOutput) ElementType added in v0.26.0 

func (ServerTlsPolicyIamBindingOutput) ElementType() reflect.Type

func (ServerTlsPolicyIamBindingOutput) Etag added in v0.26.0 

func (o ServerTlsPolicyIamBindingOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (ServerTlsPolicyIamBindingOutput) Members added in v0.26.0 

func (o ServerTlsPolicyIamBindingOutput) Members() pulumi.StringArrayOutput

Identities that will be granted the privilege in role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (ServerTlsPolicyIamBindingOutput) Name added in v0.26.0 

func (o ServerTlsPolicyIamBindingOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (ServerTlsPolicyIamBindingOutput) Project added in v0.26.0 

func (o ServerTlsPolicyIamBindingOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (ServerTlsPolicyIamBindingOutput) Role added in v0.26.0 

func (o ServerTlsPolicyIamBindingOutput) Role() pulumi.StringOutput

The role that should be applied. Only one `IamBinding` can be used per role.

func (ServerTlsPolicyIamBindingOutput) ToServerTlsPolicyIamBindingOutput added in v0.26.0 

func (o ServerTlsPolicyIamBindingOutput) ToServerTlsPolicyIamBindingOutput() ServerTlsPolicyIamBindingOutput

func (ServerTlsPolicyIamBindingOutput) ToServerTlsPolicyIamBindingOutputWithContext added in v0.26.0 

func (o ServerTlsPolicyIamBindingOutput) ToServerTlsPolicyIamBindingOutputWithContext(ctx context.Context) ServerTlsPolicyIamBindingOutput

type ServerTlsPolicyIamBindingState added in v0.26.0 

type ServerTlsPolicyIamBindingState struct {
}

func (ServerTlsPolicyIamBindingState) ElementType added in v0.26.0 

func (ServerTlsPolicyIamBindingState) ElementType() reflect.Type

type ServerTlsPolicyIamMember added in v0.26.0 

type ServerTlsPolicyIamMember struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringOutput `pulumi:"member"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetServerTlsPolicyIamMember added in v0.26.0 

func GetServerTlsPolicyIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServerTlsPolicyIamMemberState, opts ...pulumi.ResourceOption) (*ServerTlsPolicyIamMember, error)

GetServerTlsPolicyIamMember gets an existing ServerTlsPolicyIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServerTlsPolicyIamMember added in v0.26.0 

func NewServerTlsPolicyIamMember(ctx *pulumi.Context,
	name string, args *ServerTlsPolicyIamMemberArgs, opts ...pulumi.ResourceOption) (*ServerTlsPolicyIamMember, error)

NewServerTlsPolicyIamMember registers a new resource with the given unique name, arguments, and options.

func (*ServerTlsPolicyIamMember) ElementType added in v0.26.0 

func (*ServerTlsPolicyIamMember) ElementType() reflect.Type

func (*ServerTlsPolicyIamMember) ToServerTlsPolicyIamMemberOutput added in v0.26.0 

func (i *ServerTlsPolicyIamMember) ToServerTlsPolicyIamMemberOutput() ServerTlsPolicyIamMemberOutput

func (*ServerTlsPolicyIamMember) ToServerTlsPolicyIamMemberOutputWithContext added in v0.26.0 

func (i *ServerTlsPolicyIamMember) ToServerTlsPolicyIamMemberOutputWithContext(ctx context.Context) ServerTlsPolicyIamMemberOutput

type ServerTlsPolicyIamMemberArgs added in v0.26.0 

type ServerTlsPolicyIamMemberArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied.
	Role pulumi.StringInput
}

The set of arguments for constructing a ServerTlsPolicyIamMember resource.

func (ServerTlsPolicyIamMemberArgs) ElementType added in v0.26.0 

func (ServerTlsPolicyIamMemberArgs) ElementType() reflect.Type

type ServerTlsPolicyIamMemberInput added in v0.26.0 

type ServerTlsPolicyIamMemberInput interface {
	pulumi.Input

	ToServerTlsPolicyIamMemberOutput() ServerTlsPolicyIamMemberOutput
	ToServerTlsPolicyIamMemberOutputWithContext(ctx context.Context) ServerTlsPolicyIamMemberOutput
}

type ServerTlsPolicyIamMemberOutput added in v0.26.0 

type ServerTlsPolicyIamMemberOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyIamMemberOutput) Condition added in v0.26.0 

func (o ServerTlsPolicyIamMemberOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (ServerTlsPolicyIamMemberOutput) ElementType added in v0.26.0 

func (ServerTlsPolicyIamMemberOutput) ElementType() reflect.Type

func (ServerTlsPolicyIamMemberOutput) Etag added in v0.26.0 

func (o ServerTlsPolicyIamMemberOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (ServerTlsPolicyIamMemberOutput) Member added in v0.26.0 

func (o ServerTlsPolicyIamMemberOutput) Member() pulumi.StringOutput

Identity that will be granted the privilege in role. The entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (ServerTlsPolicyIamMemberOutput) Name added in v0.26.0 

func (o ServerTlsPolicyIamMemberOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (ServerTlsPolicyIamMemberOutput) Project added in v0.26.0 

func (o ServerTlsPolicyIamMemberOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (ServerTlsPolicyIamMemberOutput) Role added in v0.26.0 

func (o ServerTlsPolicyIamMemberOutput) Role() pulumi.StringOutput

The role that should be applied.

func (ServerTlsPolicyIamMemberOutput) ToServerTlsPolicyIamMemberOutput added in v0.26.0 

func (o ServerTlsPolicyIamMemberOutput) ToServerTlsPolicyIamMemberOutput() ServerTlsPolicyIamMemberOutput

func (ServerTlsPolicyIamMemberOutput) ToServerTlsPolicyIamMemberOutputWithContext added in v0.26.0 

func (o ServerTlsPolicyIamMemberOutput) ToServerTlsPolicyIamMemberOutputWithContext(ctx context.Context) ServerTlsPolicyIamMemberOutput

type ServerTlsPolicyIamMemberState added in v0.26.0 

type ServerTlsPolicyIamMemberState struct {
}

func (ServerTlsPolicyIamMemberState) ElementType added in v0.26.0 

func (ServerTlsPolicyIamMemberState) ElementType() reflect.Type

type ServerTlsPolicyIamPolicy 

type ServerTlsPolicyIamPolicy struct {
	pulumi.CustomResourceState

	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs GoogleIamV1AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings GoogleIamV1BindingResponseArrayOutput `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag              pulumi.StringOutput `pulumi:"etag"`
	Location          pulumi.StringOutput `pulumi:"location"`
	Project           pulumi.StringOutput `pulumi:"project"`
	ServerTlsPolicyId pulumi.StringOutput `pulumi:"serverTlsPolicyId"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetServerTlsPolicyIamPolicy 

func GetServerTlsPolicyIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServerTlsPolicyIamPolicyState, opts ...pulumi.ResourceOption) (*ServerTlsPolicyIamPolicy, error)

GetServerTlsPolicyIamPolicy gets an existing ServerTlsPolicyIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServerTlsPolicyIamPolicy 

func NewServerTlsPolicyIamPolicy(ctx *pulumi.Context,
	name string, args *ServerTlsPolicyIamPolicyArgs, opts ...pulumi.ResourceOption) (*ServerTlsPolicyIamPolicy, error)

NewServerTlsPolicyIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*ServerTlsPolicyIamPolicy) ElementType 

func (*ServerTlsPolicyIamPolicy) ElementType() reflect.Type

func (*ServerTlsPolicyIamPolicy) ToServerTlsPolicyIamPolicyOutput 

func (i *ServerTlsPolicyIamPolicy) ToServerTlsPolicyIamPolicyOutput() ServerTlsPolicyIamPolicyOutput

func (*ServerTlsPolicyIamPolicy) ToServerTlsPolicyIamPolicyOutputWithContext 

func (i *ServerTlsPolicyIamPolicy) ToServerTlsPolicyIamPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyIamPolicyOutput

type ServerTlsPolicyIamPolicyArgs 

type ServerTlsPolicyIamPolicyArgs struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs GoogleIamV1AuditConfigArrayInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings GoogleIamV1BindingArrayInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag              pulumi.StringPtrInput
	Location          pulumi.StringPtrInput
	Project           pulumi.StringPtrInput
	ServerTlsPolicyId pulumi.StringInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a ServerTlsPolicyIamPolicy resource.

func (ServerTlsPolicyIamPolicyArgs) ElementType 

func (ServerTlsPolicyIamPolicyArgs) ElementType() reflect.Type

type ServerTlsPolicyIamPolicyInput 

type ServerTlsPolicyIamPolicyInput interface {
	pulumi.Input

	ToServerTlsPolicyIamPolicyOutput() ServerTlsPolicyIamPolicyOutput
	ToServerTlsPolicyIamPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyIamPolicyOutput
}

type ServerTlsPolicyIamPolicyOutput 

type ServerTlsPolicyIamPolicyOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyIamPolicyOutput) AuditConfigs added in v0.19.0 

func (o ServerTlsPolicyIamPolicyOutput) AuditConfigs() GoogleIamV1AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (ServerTlsPolicyIamPolicyOutput) Bindings added in v0.19.0 

func (o ServerTlsPolicyIamPolicyOutput) Bindings() GoogleIamV1BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (ServerTlsPolicyIamPolicyOutput) ElementType 

func (ServerTlsPolicyIamPolicyOutput) ElementType() reflect.Type

func (ServerTlsPolicyIamPolicyOutput) Etag added in v0.19.0 

func (o ServerTlsPolicyIamPolicyOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (ServerTlsPolicyIamPolicyOutput) Location added in v0.21.0 

func (o ServerTlsPolicyIamPolicyOutput) Location() pulumi.StringOutput

func (ServerTlsPolicyIamPolicyOutput) Project added in v0.21.0 

func (o ServerTlsPolicyIamPolicyOutput) Project() pulumi.StringOutput

func (ServerTlsPolicyIamPolicyOutput) ServerTlsPolicyId added in v0.21.0 

func (o ServerTlsPolicyIamPolicyOutput) ServerTlsPolicyId() pulumi.StringOutput

func (ServerTlsPolicyIamPolicyOutput) ToServerTlsPolicyIamPolicyOutput 

func (o ServerTlsPolicyIamPolicyOutput) ToServerTlsPolicyIamPolicyOutput() ServerTlsPolicyIamPolicyOutput

func (ServerTlsPolicyIamPolicyOutput) ToServerTlsPolicyIamPolicyOutputWithContext 

func (o ServerTlsPolicyIamPolicyOutput) ToServerTlsPolicyIamPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyIamPolicyOutput

func (ServerTlsPolicyIamPolicyOutput) Version added in v0.19.0 

func (o ServerTlsPolicyIamPolicyOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type ServerTlsPolicyIamPolicyState 

type ServerTlsPolicyIamPolicyState struct {
}

func (ServerTlsPolicyIamPolicyState) ElementType 

func (ServerTlsPolicyIamPolicyState) ElementType() reflect.Type

type ServerTlsPolicyInput 

type ServerTlsPolicyInput interface {
	pulumi.Input

	ToServerTlsPolicyOutput() ServerTlsPolicyOutput
	ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput
}

type ServerTlsPolicyOutput 

type ServerTlsPolicyOutput struct{ *pulumi.OutputState }

func (ServerTlsPolicyOutput) AllowOpen added in v0.19.0 

func (o ServerTlsPolicyOutput) AllowOpen() pulumi.BoolOutput

This field applies only for Traffic Director policies. It is must be set to false for external HTTPS load balancer policies. Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if `allow_open` and `mtls_policy` are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility. Consider using it if you wish to upgrade in place your deployment to TLS while having mixed TLS and non-TLS traffic reaching port :80.

func (ServerTlsPolicyOutput) CreateTime added in v0.19.0 

func (o ServerTlsPolicyOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (ServerTlsPolicyOutput) Description added in v0.19.0 

func (o ServerTlsPolicyOutput) Description() pulumi.StringOutput

Free-text description of the resource.

func (ServerTlsPolicyOutput) ElementType 

func (ServerTlsPolicyOutput) ElementType() reflect.Type

func (ServerTlsPolicyOutput) Labels added in v0.19.0 

func (o ServerTlsPolicyOutput) Labels() pulumi.StringMapOutput

Set of label tags associated with the resource.

func (ServerTlsPolicyOutput) Location added in v0.21.0 

func (o ServerTlsPolicyOutput) Location() pulumi.StringOutput

func (ServerTlsPolicyOutput) MtlsPolicy added in v0.19.0 

func (o ServerTlsPolicyOutput) MtlsPolicy() MTLSPolicyResponseOutput

This field is required if the policy is used with external HTTPS load balancers. This field can be empty for Traffic Director. Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain text and mTLS connections.

func (ServerTlsPolicyOutput) Name added in v0.19.0 

func (o ServerTlsPolicyOutput) Name() pulumi.StringOutput

Name of the ServerTlsPolicy resource. It matches the pattern `projects/*/locations/{location}/serverTlsPolicies/{server_tls_policy}`

func (ServerTlsPolicyOutput) Project added in v0.21.0 

func (o ServerTlsPolicyOutput) Project() pulumi.StringOutput

func (ServerTlsPolicyOutput) ServerCertificate added in v0.19.0 

func (o ServerTlsPolicyOutput) ServerCertificate() GoogleCloudNetworksecurityV1CertificateProviderResponseOutput

Optional if policy is to be used with Traffic Director. For external HTTPS load balancer must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with `allow_open` as a permissive mode that allows both plain text and TLS is not supported.

func (ServerTlsPolicyOutput) ServerTlsPolicyId added in v0.21.0 

func (o ServerTlsPolicyOutput) ServerTlsPolicyId() pulumi.StringOutput

Required. Short name of the ServerTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "server_mtls_policy".

func (ServerTlsPolicyOutput) ToServerTlsPolicyOutput 

func (o ServerTlsPolicyOutput) ToServerTlsPolicyOutput() ServerTlsPolicyOutput

func (ServerTlsPolicyOutput) ToServerTlsPolicyOutputWithContext 

func (o ServerTlsPolicyOutput) ToServerTlsPolicyOutputWithContext(ctx context.Context) ServerTlsPolicyOutput

func (ServerTlsPolicyOutput) UpdateTime added in v0.19.0 

func (o ServerTlsPolicyOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type ServerTlsPolicyState 

type ServerTlsPolicyState struct {
}

func (ServerTlsPolicyState) ElementType 

func (ServerTlsPolicyState) ElementType() reflect.Type

type Source 

type Source struct {
	// Optional. List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided. The IP addresses of any load balancers or proxies should be considered untrusted.
	IpBlocks []string `pulumi:"ipBlocks"`
	// Optional. List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*". Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.
	Principals []string `pulumi:"principals"`
}

Specification of traffic source attributes.

type SourceArgs 

type SourceArgs struct {
	// Optional. List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided. The IP addresses of any load balancers or proxies should be considered untrusted.
	IpBlocks pulumi.StringArrayInput `pulumi:"ipBlocks"`
	// Optional. List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*". Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.
	Principals pulumi.StringArrayInput `pulumi:"principals"`
}

Specification of traffic source attributes.

func (SourceArgs) ElementType 

func (SourceArgs) ElementType() reflect.Type

func (SourceArgs) ToSourceOutput 

func (i SourceArgs) ToSourceOutput() SourceOutput

func (SourceArgs) ToSourceOutputWithContext 

func (i SourceArgs) ToSourceOutputWithContext(ctx context.Context) SourceOutput

type SourceArray 

type SourceArray []SourceInput

func (SourceArray) ElementType 

func (SourceArray) ElementType() reflect.Type

func (SourceArray) ToSourceArrayOutput 

func (i SourceArray) ToSourceArrayOutput() SourceArrayOutput

func (SourceArray) ToSourceArrayOutputWithContext 

func (i SourceArray) ToSourceArrayOutputWithContext(ctx context.Context) SourceArrayOutput

type SourceArrayInput 

type SourceArrayInput interface {
	pulumi.Input

	ToSourceArrayOutput() SourceArrayOutput
	ToSourceArrayOutputWithContext(context.Context) SourceArrayOutput
}

SourceArrayInput is an input type that accepts SourceArray and SourceArrayOutput values. You can construct a concrete instance of `SourceArrayInput` via: 

SourceArray{ SourceArgs{...} }

type SourceArrayOutput 

type SourceArrayOutput struct{ *pulumi.OutputState }

func (SourceArrayOutput) ElementType 

func (SourceArrayOutput) ElementType() reflect.Type

func (SourceArrayOutput) Index 

func (o SourceArrayOutput) Index(i pulumi.IntInput) SourceOutput

func (SourceArrayOutput) ToSourceArrayOutput 

func (o SourceArrayOutput) ToSourceArrayOutput() SourceArrayOutput

func (SourceArrayOutput) ToSourceArrayOutputWithContext 

func (o SourceArrayOutput) ToSourceArrayOutputWithContext(ctx context.Context) SourceArrayOutput

type SourceInput 

type SourceInput interface {
	pulumi.Input

	ToSourceOutput() SourceOutput
	ToSourceOutputWithContext(context.Context) SourceOutput
}

SourceInput is an input type that accepts SourceArgs and SourceOutput values. You can construct a concrete instance of `SourceInput` via: 

SourceArgs{...}

type SourceOutput 

type SourceOutput struct{ *pulumi.OutputState }

Specification of traffic source attributes.

func (SourceOutput) ElementType 

func (SourceOutput) ElementType() reflect.Type

func (SourceOutput) IpBlocks 

func (o SourceOutput) IpBlocks() pulumi.StringArrayOutput

Optional. List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided. The IP addresses of any load balancers or proxies should be considered untrusted.

func (SourceOutput) Principals 

func (o SourceOutput) Principals() pulumi.StringArrayOutput

Optional. List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*". Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.

func (SourceOutput) ToSourceOutput 

func (o SourceOutput) ToSourceOutput() SourceOutput

func (SourceOutput) ToSourceOutputWithContext 

func (o SourceOutput) ToSourceOutputWithContext(ctx context.Context) SourceOutput

type SourceResponse 

type SourceResponse struct {
	// Optional. List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided. The IP addresses of any load balancers or proxies should be considered untrusted.
	IpBlocks []string `pulumi:"ipBlocks"`
	// Optional. List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*". Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.
	Principals []string `pulumi:"principals"`
}

Specification of traffic source attributes.

type SourceResponseArrayOutput 

type SourceResponseArrayOutput struct{ *pulumi.OutputState }

func (SourceResponseArrayOutput) ElementType 

func (SourceResponseArrayOutput) ElementType() reflect.Type

func (SourceResponseArrayOutput) Index 

func (o SourceResponseArrayOutput) Index(i pulumi.IntInput) SourceResponseOutput

func (SourceResponseArrayOutput) ToSourceResponseArrayOutput 

func (o SourceResponseArrayOutput) ToSourceResponseArrayOutput() SourceResponseArrayOutput

func (SourceResponseArrayOutput) ToSourceResponseArrayOutputWithContext 

func (o SourceResponseArrayOutput) ToSourceResponseArrayOutputWithContext(ctx context.Context) SourceResponseArrayOutput

type SourceResponseOutput 

type SourceResponseOutput struct{ *pulumi.OutputState }

Specification of traffic source attributes.

func (SourceResponseOutput) ElementType 

func (SourceResponseOutput) ElementType() reflect.Type

func (SourceResponseOutput) IpBlocks 

func (o SourceResponseOutput) IpBlocks() pulumi.StringArrayOutput

Optional. List of CIDR ranges to match based on source IP address. At least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on source IP alone should be avoided. The IP addresses of any load balancers or proxies should be considered untrusted.

func (SourceResponseOutput) Principals 

func (o SourceResponseOutput) Principals() pulumi.StringArrayOutput

Optional. List of peer identities to match for authorization. At least one principal should match. Each peer can be an exact match, or a prefix match (example, "namespace/*") or a suffix match (example, "*/service-account") or a presence match "*". Authorization based on the principal name without certificate validation (configured by ServerTlsPolicy resource) is considered insecure.

func (SourceResponseOutput) ToSourceResponseOutput 

func (o SourceResponseOutput) ToSourceResponseOutput() SourceResponseOutput

func (SourceResponseOutput) ToSourceResponseOutputWithContext 

func (o SourceResponseOutput) ToSourceResponseOutputWithContext(ctx context.Context) SourceResponseOutput

type TlsInspectionPolicy added in v0.31.1 

type TlsInspectionPolicy struct {
	pulumi.CustomResourceState

	// A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".
	CaPool pulumi.StringOutput `pulumi:"caPool"`
	// The timestamp when the resource was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
	CustomTlsFeatures pulumi.StringArrayOutput `pulumi:"customTlsFeatures"`
	// Optional. Free-text description of the resource.
	Description pulumi.StringOutput `pulumi:"description"`
	// Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is *not recommended* unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.
	ExcludePublicCaSet pulumi.BoolOutput   `pulumi:"excludePublicCaSet"`
	Location           pulumi.StringOutput `pulumi:"location"`
	// Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	MinTlsVersion pulumi.StringOutput `pulumi:"minTlsVersion"`
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name    pulumi.StringOutput `pulumi:"name"`
	Project pulumi.StringOutput `pulumi:"project"`
	// Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	TlsFeatureProfile pulumi.StringOutput `pulumi:"tlsFeatureProfile"`
	// Required. Short name of the TlsInspectionPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "tls_inspection_policy1".
	TlsInspectionPolicyId pulumi.StringOutput `pulumi:"tlsInspectionPolicyId"`
	// Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.
	TrustConfig pulumi.StringOutput `pulumi:"trustConfig"`
	// The timestamp when the resource was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Creates a new TlsInspectionPolicy in a given project and location.

func GetTlsInspectionPolicy added in v0.31.1 

func GetTlsInspectionPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *TlsInspectionPolicyState, opts ...pulumi.ResourceOption) (*TlsInspectionPolicy, error)

GetTlsInspectionPolicy gets an existing TlsInspectionPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewTlsInspectionPolicy added in v0.31.1 

func NewTlsInspectionPolicy(ctx *pulumi.Context,
	name string, args *TlsInspectionPolicyArgs, opts ...pulumi.ResourceOption) (*TlsInspectionPolicy, error)

NewTlsInspectionPolicy registers a new resource with the given unique name, arguments, and options.

func (*TlsInspectionPolicy) ElementType added in v0.31.1 

func (*TlsInspectionPolicy) ElementType() reflect.Type

func (*TlsInspectionPolicy) ToTlsInspectionPolicyOutput added in v0.31.1 

func (i *TlsInspectionPolicy) ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput

func (*TlsInspectionPolicy) ToTlsInspectionPolicyOutputWithContext added in v0.31.1 

func (i *TlsInspectionPolicy) ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput

type TlsInspectionPolicyArgs added in v0.31.1 

type TlsInspectionPolicyArgs struct {
	// A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".
	CaPool pulumi.StringInput
	// Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
	CustomTlsFeatures pulumi.StringArrayInput
	// Optional. Free-text description of the resource.
	Description pulumi.StringPtrInput
	// Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is *not recommended* unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.
	ExcludePublicCaSet pulumi.BoolPtrInput
	Location           pulumi.StringPtrInput
	// Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	MinTlsVersion TlsInspectionPolicyMinTlsVersionPtrInput
	// Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name    pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
	TlsFeatureProfile TlsInspectionPolicyTlsFeatureProfilePtrInput
	// Required. Short name of the TlsInspectionPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "tls_inspection_policy1".
	TlsInspectionPolicyId pulumi.StringInput
	// Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.
	TrustConfig pulumi.StringPtrInput
}

The set of arguments for constructing a TlsInspectionPolicy resource.

func (TlsInspectionPolicyArgs) ElementType added in v0.31.1 

func (TlsInspectionPolicyArgs) ElementType() reflect.Type

type TlsInspectionPolicyInput added in v0.31.1 

type TlsInspectionPolicyInput interface {
	pulumi.Input

	ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput
	ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput
}

type TlsInspectionPolicyMinTlsVersion added in v0.32.0 

type TlsInspectionPolicyMinTlsVersion string

Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.

func (TlsInspectionPolicyMinTlsVersion) ElementType added in v0.32.0 

func (TlsInspectionPolicyMinTlsVersion) ElementType() reflect.Type

func (TlsInspectionPolicyMinTlsVersion) ToStringOutput added in v0.32.0 

func (e TlsInspectionPolicyMinTlsVersion) ToStringOutput() pulumi.StringOutput

func (TlsInspectionPolicyMinTlsVersion) ToStringOutputWithContext added in v0.32.0 

func (e TlsInspectionPolicyMinTlsVersion) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (TlsInspectionPolicyMinTlsVersion) ToStringPtrOutput added in v0.32.0 

func (e TlsInspectionPolicyMinTlsVersion) ToStringPtrOutput() pulumi.StringPtrOutput

func (TlsInspectionPolicyMinTlsVersion) ToStringPtrOutputWithContext added in v0.32.0 

func (e TlsInspectionPolicyMinTlsVersion) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

func (TlsInspectionPolicyMinTlsVersion) ToTlsInspectionPolicyMinTlsVersionOutput added in v0.32.0 

func (e TlsInspectionPolicyMinTlsVersion) ToTlsInspectionPolicyMinTlsVersionOutput() TlsInspectionPolicyMinTlsVersionOutput

func (TlsInspectionPolicyMinTlsVersion) ToTlsInspectionPolicyMinTlsVersionOutputWithContext added in v0.32.0 

func (e TlsInspectionPolicyMinTlsVersion) ToTlsInspectionPolicyMinTlsVersionOutputWithContext(ctx context.Context) TlsInspectionPolicyMinTlsVersionOutput

func (TlsInspectionPolicyMinTlsVersion) ToTlsInspectionPolicyMinTlsVersionPtrOutput added in v0.32.0 

func (e TlsInspectionPolicyMinTlsVersion) ToTlsInspectionPolicyMinTlsVersionPtrOutput() TlsInspectionPolicyMinTlsVersionPtrOutput

func (TlsInspectionPolicyMinTlsVersion) ToTlsInspectionPolicyMinTlsVersionPtrOutputWithContext added in v0.32.0 

func (e TlsInspectionPolicyMinTlsVersion) ToTlsInspectionPolicyMinTlsVersionPtrOutputWithContext(ctx context.Context) TlsInspectionPolicyMinTlsVersionPtrOutput

type TlsInspectionPolicyMinTlsVersionInput added in v0.32.0 

type TlsInspectionPolicyMinTlsVersionInput interface {
	pulumi.Input

	ToTlsInspectionPolicyMinTlsVersionOutput() TlsInspectionPolicyMinTlsVersionOutput
	ToTlsInspectionPolicyMinTlsVersionOutputWithContext(context.Context) TlsInspectionPolicyMinTlsVersionOutput
}

TlsInspectionPolicyMinTlsVersionInput is an input type that accepts TlsInspectionPolicyMinTlsVersionArgs and TlsInspectionPolicyMinTlsVersionOutput values. You can construct a concrete instance of `TlsInspectionPolicyMinTlsVersionInput` via: 

TlsInspectionPolicyMinTlsVersionArgs{...}

type TlsInspectionPolicyMinTlsVersionOutput added in v0.32.0 

type TlsInspectionPolicyMinTlsVersionOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyMinTlsVersionOutput) ElementType added in v0.32.0 

func (TlsInspectionPolicyMinTlsVersionOutput) ElementType() reflect.Type

func (TlsInspectionPolicyMinTlsVersionOutput) ToStringOutput added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionOutput) ToStringOutput() pulumi.StringOutput

func (TlsInspectionPolicyMinTlsVersionOutput) ToStringOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (TlsInspectionPolicyMinTlsVersionOutput) ToStringPtrOutput added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (TlsInspectionPolicyMinTlsVersionOutput) ToStringPtrOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

func (TlsInspectionPolicyMinTlsVersionOutput) ToTlsInspectionPolicyMinTlsVersionOutput added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionOutput) ToTlsInspectionPolicyMinTlsVersionOutput() TlsInspectionPolicyMinTlsVersionOutput

func (TlsInspectionPolicyMinTlsVersionOutput) ToTlsInspectionPolicyMinTlsVersionOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionOutput) ToTlsInspectionPolicyMinTlsVersionOutputWithContext(ctx context.Context) TlsInspectionPolicyMinTlsVersionOutput

func (TlsInspectionPolicyMinTlsVersionOutput) ToTlsInspectionPolicyMinTlsVersionPtrOutput added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionOutput) ToTlsInspectionPolicyMinTlsVersionPtrOutput() TlsInspectionPolicyMinTlsVersionPtrOutput

func (TlsInspectionPolicyMinTlsVersionOutput) ToTlsInspectionPolicyMinTlsVersionPtrOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionOutput) ToTlsInspectionPolicyMinTlsVersionPtrOutputWithContext(ctx context.Context) TlsInspectionPolicyMinTlsVersionPtrOutput

type TlsInspectionPolicyMinTlsVersionPtrInput added in v0.32.0 

type TlsInspectionPolicyMinTlsVersionPtrInput interface {
	pulumi.Input

	ToTlsInspectionPolicyMinTlsVersionPtrOutput() TlsInspectionPolicyMinTlsVersionPtrOutput
	ToTlsInspectionPolicyMinTlsVersionPtrOutputWithContext(context.Context) TlsInspectionPolicyMinTlsVersionPtrOutput
}

func TlsInspectionPolicyMinTlsVersionPtr added in v0.32.0 

func TlsInspectionPolicyMinTlsVersionPtr(v string) TlsInspectionPolicyMinTlsVersionPtrInput

type TlsInspectionPolicyMinTlsVersionPtrOutput added in v0.32.0 

type TlsInspectionPolicyMinTlsVersionPtrOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyMinTlsVersionPtrOutput) Elem added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionPtrOutput) Elem() TlsInspectionPolicyMinTlsVersionOutput

func (TlsInspectionPolicyMinTlsVersionPtrOutput) ElementType added in v0.32.0 

func (TlsInspectionPolicyMinTlsVersionPtrOutput) ElementType() reflect.Type

func (TlsInspectionPolicyMinTlsVersionPtrOutput) ToStringPtrOutput added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (TlsInspectionPolicyMinTlsVersionPtrOutput) ToStringPtrOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

func (TlsInspectionPolicyMinTlsVersionPtrOutput) ToTlsInspectionPolicyMinTlsVersionPtrOutput added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionPtrOutput) ToTlsInspectionPolicyMinTlsVersionPtrOutput() TlsInspectionPolicyMinTlsVersionPtrOutput

func (TlsInspectionPolicyMinTlsVersionPtrOutput) ToTlsInspectionPolicyMinTlsVersionPtrOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyMinTlsVersionPtrOutput) ToTlsInspectionPolicyMinTlsVersionPtrOutputWithContext(ctx context.Context) TlsInspectionPolicyMinTlsVersionPtrOutput

type TlsInspectionPolicyOutput added in v0.31.1 

type TlsInspectionPolicyOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyOutput) CaPool added in v0.31.1 

func (o TlsInspectionPolicyOutput) CaPool() pulumi.StringOutput

A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".

func (TlsInspectionPolicyOutput) CreateTime added in v0.31.1 

func (o TlsInspectionPolicyOutput) CreateTime() pulumi.StringOutput

The timestamp when the resource was created.

func (TlsInspectionPolicyOutput) CustomTlsFeatures added in v0.32.0 

func (o TlsInspectionPolicyOutput) CustomTlsFeatures() pulumi.StringArrayOutput

Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.

func (TlsInspectionPolicyOutput) Description added in v0.31.1 

func (o TlsInspectionPolicyOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (TlsInspectionPolicyOutput) ElementType added in v0.31.1 

func (TlsInspectionPolicyOutput) ElementType() reflect.Type

func (TlsInspectionPolicyOutput) ExcludePublicCaSet added in v0.32.0 

func (o TlsInspectionPolicyOutput) ExcludePublicCaSet() pulumi.BoolOutput

Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is *not recommended* unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.

func (TlsInspectionPolicyOutput) Location added in v0.31.1 

func (o TlsInspectionPolicyOutput) Location() pulumi.StringOutput

func (TlsInspectionPolicyOutput) MinTlsVersion added in v0.32.0 

func (o TlsInspectionPolicyOutput) MinTlsVersion() pulumi.StringOutput

Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.

func (TlsInspectionPolicyOutput) Name added in v0.31.1 

func (o TlsInspectionPolicyOutput) Name() pulumi.StringOutput

Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).

func (TlsInspectionPolicyOutput) Project added in v0.31.1 

func (o TlsInspectionPolicyOutput) Project() pulumi.StringOutput

func (TlsInspectionPolicyOutput) TlsFeatureProfile added in v0.32.0 

func (o TlsInspectionPolicyOutput) TlsFeatureProfile() pulumi.StringOutput

Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.

func (TlsInspectionPolicyOutput) TlsInspectionPolicyId added in v0.31.1 

func (o TlsInspectionPolicyOutput) TlsInspectionPolicyId() pulumi.StringOutput

Required. Short name of the TlsInspectionPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "tls_inspection_policy1".

func (TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutput added in v0.31.1 

func (o TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutput() TlsInspectionPolicyOutput

func (TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutputWithContext added in v0.31.1 

func (o TlsInspectionPolicyOutput) ToTlsInspectionPolicyOutputWithContext(ctx context.Context) TlsInspectionPolicyOutput

func (TlsInspectionPolicyOutput) TrustConfig added in v0.32.0 

func (o TlsInspectionPolicyOutput) TrustConfig() pulumi.StringOutput

Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.

func (TlsInspectionPolicyOutput) UpdateTime added in v0.31.1 

func (o TlsInspectionPolicyOutput) UpdateTime() pulumi.StringOutput

The timestamp when the resource was updated.

type TlsInspectionPolicyState added in v0.31.1 

type TlsInspectionPolicyState struct {
}

func (TlsInspectionPolicyState) ElementType added in v0.31.1 

func (TlsInspectionPolicyState) ElementType() reflect.Type

type TlsInspectionPolicyTlsFeatureProfile added in v0.32.0 

type TlsInspectionPolicyTlsFeatureProfile string

Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.

func (TlsInspectionPolicyTlsFeatureProfile) ElementType added in v0.32.0 

func (TlsInspectionPolicyTlsFeatureProfile) ElementType() reflect.Type

func (TlsInspectionPolicyTlsFeatureProfile) ToStringOutput added in v0.32.0 

func (e TlsInspectionPolicyTlsFeatureProfile) ToStringOutput() pulumi.StringOutput

func (TlsInspectionPolicyTlsFeatureProfile) ToStringOutputWithContext added in v0.32.0 

func (e TlsInspectionPolicyTlsFeatureProfile) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (TlsInspectionPolicyTlsFeatureProfile) ToStringPtrOutput added in v0.32.0 

func (e TlsInspectionPolicyTlsFeatureProfile) ToStringPtrOutput() pulumi.StringPtrOutput

func (TlsInspectionPolicyTlsFeatureProfile) ToStringPtrOutputWithContext added in v0.32.0 

func (e TlsInspectionPolicyTlsFeatureProfile) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

func (TlsInspectionPolicyTlsFeatureProfile) ToTlsInspectionPolicyTlsFeatureProfileOutput added in v0.32.0 

func (e TlsInspectionPolicyTlsFeatureProfile) ToTlsInspectionPolicyTlsFeatureProfileOutput() TlsInspectionPolicyTlsFeatureProfileOutput

func (TlsInspectionPolicyTlsFeatureProfile) ToTlsInspectionPolicyTlsFeatureProfileOutputWithContext added in v0.32.0 

func (e TlsInspectionPolicyTlsFeatureProfile) ToTlsInspectionPolicyTlsFeatureProfileOutputWithContext(ctx context.Context) TlsInspectionPolicyTlsFeatureProfileOutput

func (TlsInspectionPolicyTlsFeatureProfile) ToTlsInspectionPolicyTlsFeatureProfilePtrOutput added in v0.32.0 

func (e TlsInspectionPolicyTlsFeatureProfile) ToTlsInspectionPolicyTlsFeatureProfilePtrOutput() TlsInspectionPolicyTlsFeatureProfilePtrOutput

func (TlsInspectionPolicyTlsFeatureProfile) ToTlsInspectionPolicyTlsFeatureProfilePtrOutputWithContext added in v0.32.0 

func (e TlsInspectionPolicyTlsFeatureProfile) ToTlsInspectionPolicyTlsFeatureProfilePtrOutputWithContext(ctx context.Context) TlsInspectionPolicyTlsFeatureProfilePtrOutput

type TlsInspectionPolicyTlsFeatureProfileInput added in v0.32.0 

type TlsInspectionPolicyTlsFeatureProfileInput interface {
	pulumi.Input

	ToTlsInspectionPolicyTlsFeatureProfileOutput() TlsInspectionPolicyTlsFeatureProfileOutput
	ToTlsInspectionPolicyTlsFeatureProfileOutputWithContext(context.Context) TlsInspectionPolicyTlsFeatureProfileOutput
}

TlsInspectionPolicyTlsFeatureProfileInput is an input type that accepts TlsInspectionPolicyTlsFeatureProfileArgs and TlsInspectionPolicyTlsFeatureProfileOutput values. You can construct a concrete instance of `TlsInspectionPolicyTlsFeatureProfileInput` via: 

TlsInspectionPolicyTlsFeatureProfileArgs{...}

type TlsInspectionPolicyTlsFeatureProfileOutput added in v0.32.0 

type TlsInspectionPolicyTlsFeatureProfileOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyTlsFeatureProfileOutput) ElementType added in v0.32.0 

func (TlsInspectionPolicyTlsFeatureProfileOutput) ElementType() reflect.Type

func (TlsInspectionPolicyTlsFeatureProfileOutput) ToStringOutput added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfileOutput) ToStringOutput() pulumi.StringOutput

func (TlsInspectionPolicyTlsFeatureProfileOutput) ToStringOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfileOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (TlsInspectionPolicyTlsFeatureProfileOutput) ToStringPtrOutput added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfileOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (TlsInspectionPolicyTlsFeatureProfileOutput) ToStringPtrOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfileOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

func (TlsInspectionPolicyTlsFeatureProfileOutput) ToTlsInspectionPolicyTlsFeatureProfileOutput added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfileOutput) ToTlsInspectionPolicyTlsFeatureProfileOutput() TlsInspectionPolicyTlsFeatureProfileOutput

func (TlsInspectionPolicyTlsFeatureProfileOutput) ToTlsInspectionPolicyTlsFeatureProfileOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfileOutput) ToTlsInspectionPolicyTlsFeatureProfileOutputWithContext(ctx context.Context) TlsInspectionPolicyTlsFeatureProfileOutput

func (TlsInspectionPolicyTlsFeatureProfileOutput) ToTlsInspectionPolicyTlsFeatureProfilePtrOutput added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfileOutput) ToTlsInspectionPolicyTlsFeatureProfilePtrOutput() TlsInspectionPolicyTlsFeatureProfilePtrOutput

func (TlsInspectionPolicyTlsFeatureProfileOutput) ToTlsInspectionPolicyTlsFeatureProfilePtrOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfileOutput) ToTlsInspectionPolicyTlsFeatureProfilePtrOutputWithContext(ctx context.Context) TlsInspectionPolicyTlsFeatureProfilePtrOutput

type TlsInspectionPolicyTlsFeatureProfilePtrInput added in v0.32.0 

type TlsInspectionPolicyTlsFeatureProfilePtrInput interface {
	pulumi.Input

	ToTlsInspectionPolicyTlsFeatureProfilePtrOutput() TlsInspectionPolicyTlsFeatureProfilePtrOutput
	ToTlsInspectionPolicyTlsFeatureProfilePtrOutputWithContext(context.Context) TlsInspectionPolicyTlsFeatureProfilePtrOutput
}

func TlsInspectionPolicyTlsFeatureProfilePtr added in v0.32.0 

func TlsInspectionPolicyTlsFeatureProfilePtr(v string) TlsInspectionPolicyTlsFeatureProfilePtrInput

type TlsInspectionPolicyTlsFeatureProfilePtrOutput added in v0.32.0 

type TlsInspectionPolicyTlsFeatureProfilePtrOutput struct{ *pulumi.OutputState }

func (TlsInspectionPolicyTlsFeatureProfilePtrOutput) Elem added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfilePtrOutput) Elem() TlsInspectionPolicyTlsFeatureProfileOutput

func (TlsInspectionPolicyTlsFeatureProfilePtrOutput) ElementType added in v0.32.0 

func (TlsInspectionPolicyTlsFeatureProfilePtrOutput) ElementType() reflect.Type

func (TlsInspectionPolicyTlsFeatureProfilePtrOutput) ToStringPtrOutput added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfilePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (TlsInspectionPolicyTlsFeatureProfilePtrOutput) ToStringPtrOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfilePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

func (TlsInspectionPolicyTlsFeatureProfilePtrOutput) ToTlsInspectionPolicyTlsFeatureProfilePtrOutput added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfilePtrOutput) ToTlsInspectionPolicyTlsFeatureProfilePtrOutput() TlsInspectionPolicyTlsFeatureProfilePtrOutput

func (TlsInspectionPolicyTlsFeatureProfilePtrOutput) ToTlsInspectionPolicyTlsFeatureProfilePtrOutputWithContext added in v0.32.0 

func (o TlsInspectionPolicyTlsFeatureProfilePtrOutput) ToTlsInspectionPolicyTlsFeatureProfilePtrOutputWithContext(ctx context.Context) TlsInspectionPolicyTlsFeatureProfilePtrOutput

type UrlList added in v0.31.1 

type UrlList struct {
	pulumi.CustomResourceState

	// Time when the security policy was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Optional. Free-text description of the resource.
	Description pulumi.StringOutput `pulumi:"description"`
	Location    pulumi.StringOutput `pulumi:"location"`
	// Name of the resource provided by the user. Name is of the form projects/{project}/locations/{location}/urlLists/{url_list} url_list should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name    pulumi.StringOutput `pulumi:"name"`
	Project pulumi.StringOutput `pulumi:"project"`
	// Time when the security policy was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
	// Required. Short name of the UrlList resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "url_list".
	UrlListId pulumi.StringOutput `pulumi:"urlListId"`
	// FQDNs and URLs.
	Values pulumi.StringArrayOutput `pulumi:"values"`
}

Creates a new UrlList in a given project and location.

func GetUrlList added in v0.31.1 

func GetUrlList(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UrlListState, opts ...pulumi.ResourceOption) (*UrlList, error)

GetUrlList gets an existing UrlList resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUrlList added in v0.31.1 

func NewUrlList(ctx *pulumi.Context,
	name string, args *UrlListArgs, opts ...pulumi.ResourceOption) (*UrlList, error)

NewUrlList registers a new resource with the given unique name, arguments, and options.

func (*UrlList) ElementType added in v0.31.1 

func (*UrlList) ElementType() reflect.Type

func (*UrlList) ToUrlListOutput added in v0.31.1 

func (i *UrlList) ToUrlListOutput() UrlListOutput

func (*UrlList) ToUrlListOutputWithContext added in v0.31.1 

func (i *UrlList) ToUrlListOutputWithContext(ctx context.Context) UrlListOutput

type UrlListArgs added in v0.31.1 

type UrlListArgs struct {
	// Optional. Free-text description of the resource.
	Description pulumi.StringPtrInput
	Location    pulumi.StringPtrInput
	// Name of the resource provided by the user. Name is of the form projects/{project}/locations/{location}/urlLists/{url_list} url_list should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).
	Name    pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// Required. Short name of the UrlList resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "url_list".
	UrlListId pulumi.StringInput
	// FQDNs and URLs.
	Values pulumi.StringArrayInput
}

The set of arguments for constructing a UrlList resource.

func (UrlListArgs) ElementType added in v0.31.1 

func (UrlListArgs) ElementType() reflect.Type

type UrlListInput added in v0.31.1 

type UrlListInput interface {
	pulumi.Input

	ToUrlListOutput() UrlListOutput
	ToUrlListOutputWithContext(ctx context.Context) UrlListOutput
}

type UrlListOutput added in v0.31.1 

type UrlListOutput struct{ *pulumi.OutputState }

func (UrlListOutput) CreateTime added in v0.31.1 

func (o UrlListOutput) CreateTime() pulumi.StringOutput

Time when the security policy was created.

func (UrlListOutput) Description added in v0.31.1 

func (o UrlListOutput) Description() pulumi.StringOutput

Optional. Free-text description of the resource.

func (UrlListOutput) ElementType added in v0.31.1 

func (UrlListOutput) ElementType() reflect.Type

func (UrlListOutput) Location added in v0.31.1 

func (o UrlListOutput) Location() pulumi.StringOutput

func (UrlListOutput) Name added in v0.31.1 

func (o UrlListOutput) Name() pulumi.StringOutput

Name of the resource provided by the user. Name is of the form projects/{project}/locations/{location}/urlLists/{url_list} url_list should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$).

func (UrlListOutput) Project added in v0.31.1 

func (o UrlListOutput) Project() pulumi.StringOutput

func (UrlListOutput) ToUrlListOutput added in v0.31.1 

func (o UrlListOutput) ToUrlListOutput() UrlListOutput

func (UrlListOutput) ToUrlListOutputWithContext added in v0.31.1 

func (o UrlListOutput) ToUrlListOutputWithContext(ctx context.Context) UrlListOutput

func (UrlListOutput) UpdateTime added in v0.31.1 

func (o UrlListOutput) UpdateTime() pulumi.StringOutput

Time when the security policy was updated.

func (UrlListOutput) UrlListId added in v0.31.1 

func (o UrlListOutput) UrlListId() pulumi.StringOutput

Required. Short name of the UrlList resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "url_list".

func (UrlListOutput) Values added in v0.31.1 

func (o UrlListOutput) Values() pulumi.StringArrayOutput

FQDNs and URLs.

type UrlListState added in v0.31.1 

type UrlListState struct {
}

func (UrlListState) ElementType added in v0.31.1 

func (UrlListState) ElementType() reflect.Type

type ValidationCA 

type ValidationCA struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	CertificateProviderInstance *CertificateProviderInstance `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the CA certificate.
	GrpcEndpoint *GoogleCloudNetworksecurityV1GrpcEndpoint `pulumi:"grpcEndpoint"`
}

Specification of ValidationCA. Defines the mechanism to obtain the Certificate Authority certificate to validate the peer certificate.

type ValidationCAArgs 

type ValidationCAArgs struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	CertificateProviderInstance CertificateProviderInstancePtrInput `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the CA certificate.
	GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointPtrInput `pulumi:"grpcEndpoint"`
}

Specification of ValidationCA. Defines the mechanism to obtain the Certificate Authority certificate to validate the peer certificate.

func (ValidationCAArgs) ElementType 

func (ValidationCAArgs) ElementType() reflect.Type

func (ValidationCAArgs) ToValidationCAOutput 

func (i ValidationCAArgs) ToValidationCAOutput() ValidationCAOutput

func (ValidationCAArgs) ToValidationCAOutputWithContext 

func (i ValidationCAArgs) ToValidationCAOutputWithContext(ctx context.Context) ValidationCAOutput

type ValidationCAArray 

type ValidationCAArray []ValidationCAInput

func (ValidationCAArray) ElementType 

func (ValidationCAArray) ElementType() reflect.Type

func (ValidationCAArray) ToValidationCAArrayOutput 

func (i ValidationCAArray) ToValidationCAArrayOutput() ValidationCAArrayOutput

func (ValidationCAArray) ToValidationCAArrayOutputWithContext 

func (i ValidationCAArray) ToValidationCAArrayOutputWithContext(ctx context.Context) ValidationCAArrayOutput

type ValidationCAArrayInput 

type ValidationCAArrayInput interface {
	pulumi.Input

	ToValidationCAArrayOutput() ValidationCAArrayOutput
	ToValidationCAArrayOutputWithContext(context.Context) ValidationCAArrayOutput
}

ValidationCAArrayInput is an input type that accepts ValidationCAArray and ValidationCAArrayOutput values. You can construct a concrete instance of `ValidationCAArrayInput` via: 

ValidationCAArray{ ValidationCAArgs{...} }

type ValidationCAArrayOutput 

type ValidationCAArrayOutput struct{ *pulumi.OutputState }

func (ValidationCAArrayOutput) ElementType 

func (ValidationCAArrayOutput) ElementType() reflect.Type

func (ValidationCAArrayOutput) Index 

func (o ValidationCAArrayOutput) Index(i pulumi.IntInput) ValidationCAOutput

func (ValidationCAArrayOutput) ToValidationCAArrayOutput 

func (o ValidationCAArrayOutput) ToValidationCAArrayOutput() ValidationCAArrayOutput

func (ValidationCAArrayOutput) ToValidationCAArrayOutputWithContext 

func (o ValidationCAArrayOutput) ToValidationCAArrayOutputWithContext(ctx context.Context) ValidationCAArrayOutput

type ValidationCAInput 

type ValidationCAInput interface {
	pulumi.Input

	ToValidationCAOutput() ValidationCAOutput
	ToValidationCAOutputWithContext(context.Context) ValidationCAOutput
}

ValidationCAInput is an input type that accepts ValidationCAArgs and ValidationCAOutput values. You can construct a concrete instance of `ValidationCAInput` via: 

ValidationCAArgs{...}

type ValidationCAOutput 

type ValidationCAOutput struct{ *pulumi.OutputState }

Specification of ValidationCA. Defines the mechanism to obtain the Certificate Authority certificate to validate the peer certificate.

func (ValidationCAOutput) CertificateProviderInstance 

func (o ValidationCAOutput) CertificateProviderInstance() CertificateProviderInstancePtrOutput

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

func (ValidationCAOutput) ElementType 

func (ValidationCAOutput) ElementType() reflect.Type

func (ValidationCAOutput) GrpcEndpoint 

func (o ValidationCAOutput) GrpcEndpoint() GoogleCloudNetworksecurityV1GrpcEndpointPtrOutput

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

func (ValidationCAOutput) ToValidationCAOutput 

func (o ValidationCAOutput) ToValidationCAOutput() ValidationCAOutput

func (ValidationCAOutput) ToValidationCAOutputWithContext 

func (o ValidationCAOutput) ToValidationCAOutputWithContext(ctx context.Context) ValidationCAOutput

type ValidationCAResponse 

type ValidationCAResponse struct {
	// The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
	CertificateProviderInstance CertificateProviderInstanceResponse `pulumi:"certificateProviderInstance"`
	// gRPC specific configuration to access the gRPC server to obtain the CA certificate.
	GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse `pulumi:"grpcEndpoint"`
}

Specification of ValidationCA. Defines the mechanism to obtain the Certificate Authority certificate to validate the peer certificate.

type ValidationCAResponseArrayOutput 

type ValidationCAResponseArrayOutput struct{ *pulumi.OutputState }

func (ValidationCAResponseArrayOutput) ElementType 

func (ValidationCAResponseArrayOutput) ElementType() reflect.Type

func (ValidationCAResponseArrayOutput) Index 

func (o ValidationCAResponseArrayOutput) Index(i pulumi.IntInput) ValidationCAResponseOutput

func (ValidationCAResponseArrayOutput) ToValidationCAResponseArrayOutput 

func (o ValidationCAResponseArrayOutput) ToValidationCAResponseArrayOutput() ValidationCAResponseArrayOutput

func (ValidationCAResponseArrayOutput) ToValidationCAResponseArrayOutputWithContext 

func (o ValidationCAResponseArrayOutput) ToValidationCAResponseArrayOutputWithContext(ctx context.Context) ValidationCAResponseArrayOutput

type ValidationCAResponseOutput 

type ValidationCAResponseOutput struct{ *pulumi.OutputState }

Specification of ValidationCA. Defines the mechanism to obtain the Certificate Authority certificate to validate the peer certificate.

func (ValidationCAResponseOutput) CertificateProviderInstance 

func (o ValidationCAResponseOutput) CertificateProviderInstance() CertificateProviderInstanceResponseOutput

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

func (ValidationCAResponseOutput) ElementType 

func (ValidationCAResponseOutput) ElementType() reflect.Type

func (ValidationCAResponseOutput) GrpcEndpoint 

func (o ValidationCAResponseOutput) GrpcEndpoint() GoogleCloudNetworksecurityV1GrpcEndpointResponseOutput

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

func (ValidationCAResponseOutput) ToValidationCAResponseOutput 

func (o ValidationCAResponseOutput) ToValidationCAResponseOutput() ValidationCAResponseOutput

func (ValidationCAResponseOutput) ToValidationCAResponseOutputWithContext 

func (o ValidationCAResponseOutput) ToValidationCAResponseOutputWithContext(ctx context.Context) ValidationCAResponseOutput

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.