@cdktf/provider-google

/** * Copyright (c) HashiCorp, Inc. * SPDX-License-Identifier: MPL-2.0 */ import { Construct } from 'constructs'; import * as cdktf from 'cdktf'; export interface AccessContextManagerServicePerimetersConfig extends cdktf.TerraformMetaArguments { /** * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#id AccessContextManagerServicePerimeters#id} * * Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. * If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable. */ readonly id?: string; /** * The AccessPolicy this ServicePerimeter lives in. * Format: accessPolicies/{policy_id} * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#parent AccessContextManagerServicePerimeters#parent} */ readonly parent: string; /** * service_perimeters block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#service_perimeters AccessContextManagerServicePerimeters#service_perimeters} */ readonly servicePerimeters?: AccessContextManagerServicePerimetersServicePerimeters[] | cdktf.IResolvable; /** * timeouts block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#timeouts AccessContextManagerServicePerimeters#timeouts} */ readonly timeouts?: AccessContextManagerServicePerimetersTimeouts; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSources { /** * An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#access_level AccessContextManagerServicePerimeters#access_level} */ readonly accessLevel?: string; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSourcesToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSources | cdktf.IResolvable): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSourcesToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSources | cdktf.IResolvable): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSourcesOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSources | cdktf.IResolvable | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSources | cdktf.IResolvable | undefined); private _accessLevel?; get accessLevel(): string; set accessLevel(value: string); resetAccessLevel(): void; get accessLevelInput(): string | undefined; } export declare class AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSourcesList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSources[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSourcesOutputReference; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFrom { /** * Identities can be an individual user, service account, Google group, * or third-party identity. For third-party identity, only single identities * are supported and other identity types are not supported.The v1 identities * that have the prefix user, group and serviceAccount in * https://cloud.google.com/iam/docs/principal-identifiers#v1 are supported. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#identities AccessContextManagerServicePerimeters#identities} */ readonly identities?: string[]; /** * Specifies the type of identities that are allowed access to outside the * perimeter. If left unspecified, then members of 'identities' field will * be allowed access. Possible values: ["IDENTITY_TYPE_UNSPECIFIED", "ANY_IDENTITY", "ANY_USER_ACCOUNT", "ANY_SERVICE_ACCOUNT"] * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#identity_type AccessContextManagerServicePerimeters#identity_type} */ readonly identityType?: string; /** * Whether to enforce traffic restrictions based on 'sources' field. If the 'sources' field is non-empty, then this field must be set to 'SOURCE_RESTRICTION_ENABLED'. Possible values: ["SOURCE_RESTRICTION_UNSPECIFIED", "SOURCE_RESTRICTION_ENABLED", "SOURCE_RESTRICTION_DISABLED"] * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#source_restriction AccessContextManagerServicePerimeters#source_restriction} */ readonly sourceRestriction?: string; /** * sources block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#sources AccessContextManagerServicePerimeters#sources} */ readonly sources?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSources[] | cdktf.IResolvable; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromOutputReference | AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFrom): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromOutputReference | AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFrom): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFrom | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFrom | undefined); private _identities?; get identities(): string[]; set identities(value: string[]); resetIdentities(): void; get identitiesInput(): string[] | undefined; private _identityType?; get identityType(): string; set identityType(value: string); resetIdentityType(): void; get identityTypeInput(): string | undefined; private _sourceRestriction?; get sourceRestriction(): string; set sourceRestriction(value: string); resetSourceRestriction(): void; get sourceRestrictionInput(): string | undefined; private _sources; get sources(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSourcesList; putSources(value: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSources[] | cdktf.IResolvable): void; resetSources(): void; get sourcesInput(): cdktf.IResolvable | AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromSources[] | undefined; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectors { /** * Value for 'method' should be a valid method name for the corresponding * 'serviceName' in 'ApiOperation'. If '*' used as value for method, * then ALL methods and permissions are allowed. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#method AccessContextManagerServicePerimeters#method} */ readonly method?: string; /** * Value for permission should be a valid Cloud IAM permission for the * corresponding 'serviceName' in 'ApiOperation'. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#permission AccessContextManagerServicePerimeters#permission} */ readonly permission?: string; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectorsToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectors | cdktf.IResolvable): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectorsToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectors | cdktf.IResolvable): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectorsOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectors | cdktf.IResolvable | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectors | cdktf.IResolvable | undefined); private _method?; get method(): string; set method(value: string); resetMethod(): void; get methodInput(): string | undefined; private _permission?; get permission(): string; set permission(value: string); resetPermission(): void; get permissionInput(): string | undefined; } export declare class AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectorsList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectors[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectorsOutputReference; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperations { /** * The name of the API whose methods or permissions the 'IngressPolicy' or * 'EgressPolicy' want to allow. A single 'ApiOperation' with serviceName * field set to '*' will allow all methods AND permissions for all services. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#service_name AccessContextManagerServicePerimeters#service_name} */ readonly serviceName?: string; /** * method_selectors block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#method_selectors AccessContextManagerServicePerimeters#method_selectors} */ readonly methodSelectors?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectors[] | cdktf.IResolvable; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperations | cdktf.IResolvable): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperations | cdktf.IResolvable): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperations | cdktf.IResolvable | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperations | cdktf.IResolvable | undefined); private _serviceName?; get serviceName(): string; set serviceName(value: string); resetServiceName(): void; get serviceNameInput(): string | undefined; private _methodSelectors; get methodSelectors(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectorsList; putMethodSelectors(value: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectors[] | cdktf.IResolvable): void; resetMethodSelectors(): void; get methodSelectorsInput(): cdktf.IResolvable | AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsMethodSelectors[] | undefined; } export declare class AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperations[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsOutputReference; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressTo { /** * A list of external resources that are allowed to be accessed. A request * matches if it contains an external resource in this list (Example: * s3://bucket/path). Currently '*' is not allowed. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#external_resources AccessContextManagerServicePerimeters#external_resources} */ readonly externalResources?: string[]; /** * A list of resources, currently only projects in the form * 'projects/<projectnumber>', that match this to stanza. A request matches * if it contains a resource in this list. If * is specified for resources, * then this 'EgressTo' rule will authorize access to all resources outside * the perimeter. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#resources AccessContextManagerServicePerimeters#resources} */ readonly resources?: string[]; /** * operations block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#operations AccessContextManagerServicePerimeters#operations} */ readonly operations?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperations[] | cdktf.IResolvable; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOutputReference | AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressTo): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOutputReference | AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressTo): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressTo | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressTo | undefined); private _externalResources?; get externalResources(): string[]; set externalResources(value: string[]); resetExternalResources(): void; get externalResourcesInput(): string[] | undefined; private _resources?; get resources(): string[]; set resources(value: string[]); resetResources(): void; get resourcesInput(): string[] | undefined; private _operations; get operations(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperationsList; putOperations(value: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperations[] | cdktf.IResolvable): void; resetOperations(): void; get operationsInput(): cdktf.IResolvable | AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOperations[] | undefined; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecEgressPolicies { /** * egress_from block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#egress_from AccessContextManagerServicePerimeters#egress_from} */ readonly egressFrom?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFrom; /** * egress_to block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#egress_to AccessContextManagerServicePerimeters#egress_to} */ readonly egressTo?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressTo; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPolicies | cdktf.IResolvable): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPolicies | cdktf.IResolvable): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPolicies | cdktf.IResolvable | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPolicies | cdktf.IResolvable | undefined); private _egressFrom; get egressFrom(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFromOutputReference; putEgressFrom(value: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFrom): void; resetEgressFrom(): void; get egressFromInput(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressFrom | undefined; private _egressTo; get egressTo(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressToOutputReference; putEgressTo(value: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressTo): void; resetEgressTo(): void; get egressToInput(): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesEgressTo | undefined; } export declare class AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: AccessContextManagerServicePerimetersServicePerimetersSpecEgressPolicies[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): AccessContextManagerServicePerimetersServicePerimetersSpecEgressPoliciesOutputReference; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSources { /** * An 'AccessLevel' resource name that allow resources within the * 'ServicePerimeters' to be accessed from the internet. 'AccessLevels' listed * must be in the same policy as this 'ServicePerimeter'. Referencing a nonexistent * 'AccessLevel' will cause an error. If no 'AccessLevel' names are listed, * resources within the perimeter can only be accessed via Google Cloud calls * with request origins within the perimeter. * Example 'accessPolicies/MY_POLICY/accessLevels/MY_LEVEL.' * If * is specified, then all IngressSources will be allowed. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#access_level AccessContextManagerServicePerimeters#access_level} */ readonly accessLevel?: string; /** * A Google Cloud resource that is allowed to ingress the perimeter. * Requests from these resources will be allowed to access perimeter data. * Currently only projects are allowed. Format 'projects/{project_number}' * The project may be in any Google Cloud organization, not just the * organization that the perimeter is defined in. '*' is not allowed, the case * of allowing all Google Cloud resources only is not supported. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#resource AccessContextManagerServicePerimeters#resource} */ readonly resource?: string; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSourcesToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSources | cdktf.IResolvable): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSourcesToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSources | cdktf.IResolvable): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSourcesOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSources | cdktf.IResolvable | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSources | cdktf.IResolvable | undefined); private _accessLevel?; get accessLevel(): string; set accessLevel(value: string); resetAccessLevel(): void; get accessLevelInput(): string | undefined; private _resource?; get resource(): string; set resource(value: string); resetResource(): void; get resourceInput(): string | undefined; } export declare class AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSourcesList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSources[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSourcesOutputReference; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFrom { /** * A list of identities that are allowed access through this ingress policy. * Should be in the format of email address. The email address should represent * individual user or service account only. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#identities AccessContextManagerServicePerimeters#identities} */ readonly identities?: string[]; /** * Specifies the type of identities that are allowed access from outside the * perimeter. If left unspecified, then members of 'identities' field will be * allowed access. Possible values: ["IDENTITY_TYPE_UNSPECIFIED", "ANY_IDENTITY", "ANY_USER_ACCOUNT", "ANY_SERVICE_ACCOUNT"] * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#identity_type AccessContextManagerServicePerimeters#identity_type} */ readonly identityType?: string; /** * sources block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#sources AccessContextManagerServicePerimeters#sources} */ readonly sources?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSources[] | cdktf.IResolvable; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromOutputReference | AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFrom): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromOutputReference | AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFrom): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFrom | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFrom | undefined); private _identities?; get identities(): string[]; set identities(value: string[]); resetIdentities(): void; get identitiesInput(): string[] | undefined; private _identityType?; get identityType(): string; set identityType(value: string); resetIdentityType(): void; get identityTypeInput(): string | undefined; private _sources; get sources(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSourcesList; putSources(value: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSources[] | cdktf.IResolvable): void; resetSources(): void; get sourcesInput(): cdktf.IResolvable | AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromSources[] | undefined; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectors { /** * Value for method should be a valid method name for the corresponding * serviceName in 'ApiOperation'. If '*' used as value for 'method', then * ALL methods and permissions are allowed. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#method AccessContextManagerServicePerimeters#method} */ readonly method?: string; /** * Value for permission should be a valid Cloud IAM permission for the * corresponding 'serviceName' in 'ApiOperation'. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#permission AccessContextManagerServicePerimeters#permission} */ readonly permission?: string; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectorsToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectors | cdktf.IResolvable): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectorsToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectors | cdktf.IResolvable): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectorsOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectors | cdktf.IResolvable | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectors | cdktf.IResolvable | undefined); private _method?; get method(): string; set method(value: string); resetMethod(): void; get methodInput(): string | undefined; private _permission?; get permission(): string; set permission(value: string); resetPermission(): void; get permissionInput(): string | undefined; } export declare class AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectorsList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectors[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectorsOutputReference; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperations { /** * The name of the API whose methods or permissions the 'IngressPolicy' or * 'EgressPolicy' want to allow. A single 'ApiOperation' with 'serviceName' * field set to '*' will allow all methods AND permissions for all services. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#service_name AccessContextManagerServicePerimeters#service_name} */ readonly serviceName?: string; /** * method_selectors block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#method_selectors AccessContextManagerServicePerimeters#method_selectors} */ readonly methodSelectors?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectors[] | cdktf.IResolvable; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperations | cdktf.IResolvable): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperations | cdktf.IResolvable): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperations | cdktf.IResolvable | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperations | cdktf.IResolvable | undefined); private _serviceName?; get serviceName(): string; set serviceName(value: string); resetServiceName(): void; get serviceNameInput(): string | undefined; private _methodSelectors; get methodSelectors(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectorsList; putMethodSelectors(value: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectors[] | cdktf.IResolvable): void; resetMethodSelectors(): void; get methodSelectorsInput(): cdktf.IResolvable | AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsMethodSelectors[] | undefined; } export declare class AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperations[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsOutputReference; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressTo { /** * A list of resources, currently only projects in the form * 'projects/<projectnumber>', protected by this 'ServicePerimeter' * that are allowed to be accessed by sources defined in the * corresponding 'IngressFrom'. A request matches if it contains * a resource in this list. If '*' is specified for resources, * then this 'IngressTo' rule will authorize access to all * resources inside the perimeter, provided that the request * also matches the 'operations' field. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#resources AccessContextManagerServicePerimeters#resources} */ readonly resources?: string[]; /** * operations block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#operations AccessContextManagerServicePerimeters#operations} */ readonly operations?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperations[] | cdktf.IResolvable; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOutputReference | AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressTo): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOutputReference | AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressTo): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressTo | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressTo | undefined); private _resources?; get resources(): string[]; set resources(value: string[]); resetResources(): void; get resourcesInput(): string[] | undefined; private _operations; get operations(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperationsList; putOperations(value: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperations[] | cdktf.IResolvable): void; resetOperations(): void; get operationsInput(): cdktf.IResolvable | AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOperations[] | undefined; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecIngressPolicies { /** * ingress_from block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#ingress_from AccessContextManagerServicePerimeters#ingress_from} */ readonly ingressFrom?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFrom; /** * ingress_to block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/access_context_manager_service_perimeters#ingress_to AccessContextManagerServicePerimeters#ingress_to} */ readonly ingressTo?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressTo; } export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesToTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPolicies | cdktf.IResolvable): any; export declare function accessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesToHclTerraform(struct?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPolicies | cdktf.IResolvable): any; export declare class AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPolicies | cdktf.IResolvable | undefined; set internalValue(value: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPolicies | cdktf.IResolvable | undefined); private _ingressFrom; get ingressFrom(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFromOutputReference; putIngressFrom(value: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFrom): void; resetIngressFrom(): void; get ingressFromInput(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressFrom | undefined; private _ingressTo; get ingressTo(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressToOutputReference; putIngressTo(value: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressTo): void; resetIngressTo(): void; get ingressToInput(): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesIngressTo | undefined; } export declare class AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: AccessContextManagerServicePerimetersServicePerimetersSpecIngressPolicies[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): AccessContextManagerServicePerimetersServicePerimetersSpecIngressPoliciesOutputReference; } export interface AccessContextManagerServicePerimetersServicePerimetersSpecVpcAccessibleServices { /**