@cdktf/provider-google
Version:
Prebuilt google Provider for Terraform CDK (cdktf)
768 lines • 75.8 kB
TypeScript
/**
* Copyright (c) HashiCorp, Inc.
* SPDX-License-Identifier: MPL-2.0
*/
import { Construct } from 'constructs';
import * as cdktf from 'cdktf';
export interface ComputeSecurityPolicyRuleAConfig extends cdktf.TerraformMetaArguments {
/**
* The Action to perform when the rule is matched. The following are the valid actions:
*
* * allow: allow access to target.
*
* * deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for STATUS are 403, 404, and 502.
*
* * rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rateLimitOptions to be set.
*
* * redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR.
*
* * throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#action ComputeSecurityPolicyRuleA#action}
*/
readonly action: string;
/**
* An optional description of this resource. Provide this property when you create the resource.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#description ComputeSecurityPolicyRuleA#description}
*/
readonly description?: string;
/**
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#id ComputeSecurityPolicyRuleA#id}
*
* Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2.
* If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
*/
readonly id?: string;
/**
* If set to true, the specified action is not enforced.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#preview ComputeSecurityPolicyRuleA#preview}
*/
readonly preview?: boolean | cdktf.IResolvable;
/**
* An integer indicating the priority of a rule in the list.
* The priority must be a positive value between 0 and 2147483647.
* Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#priority ComputeSecurityPolicyRuleA#priority}
*/
readonly priority: number;
/**
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#project ComputeSecurityPolicyRuleA#project}
*/
readonly project?: string;
/**
* The name of the security policy this rule belongs to.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#security_policy ComputeSecurityPolicyRuleA#security_policy}
*/
readonly securityPolicy: string;
/**
* header_action block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#header_action ComputeSecurityPolicyRuleA#header_action}
*/
readonly headerAction?: ComputeSecurityPolicyRuleHeaderActionA;
/**
* match block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#match ComputeSecurityPolicyRuleA#match}
*/
readonly match?: ComputeSecurityPolicyRuleMatchA;
/**
* preconfigured_waf_config block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#preconfigured_waf_config ComputeSecurityPolicyRuleA#preconfigured_waf_config}
*/
readonly preconfiguredWafConfig?: ComputeSecurityPolicyRulePreconfiguredWafConfigA;
/**
* rate_limit_options block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#rate_limit_options ComputeSecurityPolicyRuleA#rate_limit_options}
*/
readonly rateLimitOptions?: ComputeSecurityPolicyRuleRateLimitOptionsA;
/**
* redirect_options block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#redirect_options ComputeSecurityPolicyRuleA#redirect_options}
*/
readonly redirectOptions?: ComputeSecurityPolicyRuleRedirectOptionsA;
/**
* timeouts block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#timeouts ComputeSecurityPolicyRuleA#timeouts}
*/
readonly timeouts?: ComputeSecurityPolicyRuleTimeouts;
}
export interface ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsA {
/**
* The name of the header to set.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#header_name ComputeSecurityPolicyRuleA#header_name}
*/
readonly headerName?: string;
/**
* The value to set the named header to.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#header_value ComputeSecurityPolicyRuleA#header_value}
*/
readonly headerValue?: string;
}
export declare function computeSecurityPolicyRuleHeaderActionRequestHeadersToAddsAToTerraform(struct?: ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsA | cdktf.IResolvable): any;
export declare function computeSecurityPolicyRuleHeaderActionRequestHeadersToAddsAToHclTerraform(struct?: ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsA | cdktf.IResolvable): any;
export declare class ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
private resolvableValue?;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param complexObjectIndex the index of this item in the list
* @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean);
get internalValue(): ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsA | cdktf.IResolvable | undefined;
set internalValue(value: ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsA | cdktf.IResolvable | undefined);
private _headerName?;
get headerName(): string;
set headerName(value: string);
resetHeaderName(): void;
get headerNameInput(): string | undefined;
private _headerValue?;
get headerValue(): string;
set headerValue(value: string);
resetHeaderValue(): void;
get headerValueInput(): string | undefined;
}
export declare class ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsAList extends cdktf.ComplexList {
protected terraformResource: cdktf.IInterpolatingParent;
protected terraformAttribute: string;
protected wrapsSet: boolean;
internalValue?: ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsA[] | cdktf.IResolvable;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean);
/**
* @param index the index of the item to return
*/
get(index: number): ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsAOutputReference;
}
export interface ComputeSecurityPolicyRuleHeaderActionA {
/**
* request_headers_to_adds block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#request_headers_to_adds ComputeSecurityPolicyRuleA#request_headers_to_adds}
*/
readonly requestHeadersToAdds?: ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsA[] | cdktf.IResolvable;
}
export declare function computeSecurityPolicyRuleHeaderActionAToTerraform(struct?: ComputeSecurityPolicyRuleHeaderActionAOutputReference | ComputeSecurityPolicyRuleHeaderActionA): any;
export declare function computeSecurityPolicyRuleHeaderActionAToHclTerraform(struct?: ComputeSecurityPolicyRuleHeaderActionAOutputReference | ComputeSecurityPolicyRuleHeaderActionA): any;
export declare class ComputeSecurityPolicyRuleHeaderActionAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): ComputeSecurityPolicyRuleHeaderActionA | undefined;
set internalValue(value: ComputeSecurityPolicyRuleHeaderActionA | undefined);
private _requestHeadersToAdds;
get requestHeadersToAdds(): ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsAList;
putRequestHeadersToAdds(value: ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsA[] | cdktf.IResolvable): void;
resetRequestHeadersToAdds(): void;
get requestHeadersToAddsInput(): cdktf.IResolvable | ComputeSecurityPolicyRuleHeaderActionRequestHeadersToAddsA[] | undefined;
}
export interface ComputeSecurityPolicyRuleMatchConfigA {
/**
* CIDR IP address range. Maximum number of srcIpRanges allowed is 10.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#src_ip_ranges ComputeSecurityPolicyRuleA#src_ip_ranges}
*/
readonly srcIpRanges?: string[];
}
export declare function computeSecurityPolicyRuleMatchConfigAToTerraform(struct?: ComputeSecurityPolicyRuleMatchConfigAOutputReference | ComputeSecurityPolicyRuleMatchConfigA): any;
export declare function computeSecurityPolicyRuleMatchConfigAToHclTerraform(struct?: ComputeSecurityPolicyRuleMatchConfigAOutputReference | ComputeSecurityPolicyRuleMatchConfigA): any;
export declare class ComputeSecurityPolicyRuleMatchConfigAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): ComputeSecurityPolicyRuleMatchConfigA | undefined;
set internalValue(value: ComputeSecurityPolicyRuleMatchConfigA | undefined);
private _srcIpRanges?;
get srcIpRanges(): string[];
set srcIpRanges(value: string[]);
resetSrcIpRanges(): void;
get srcIpRangesInput(): string[] | undefined;
}
export interface ComputeSecurityPolicyRuleMatchExprA {
/**
* Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#expression ComputeSecurityPolicyRuleA#expression}
*/
readonly expression: string;
}
export declare function computeSecurityPolicyRuleMatchExprAToTerraform(struct?: ComputeSecurityPolicyRuleMatchExprAOutputReference | ComputeSecurityPolicyRuleMatchExprA): any;
export declare function computeSecurityPolicyRuleMatchExprAToHclTerraform(struct?: ComputeSecurityPolicyRuleMatchExprAOutputReference | ComputeSecurityPolicyRuleMatchExprA): any;
export declare class ComputeSecurityPolicyRuleMatchExprAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): ComputeSecurityPolicyRuleMatchExprA | undefined;
set internalValue(value: ComputeSecurityPolicyRuleMatchExprA | undefined);
private _expression?;
get expression(): string;
set expression(value: string);
get expressionInput(): string | undefined;
}
export interface ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsA {
/**
* A list of site keys to be used during the validation of reCAPTCHA action-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#action_token_site_keys ComputeSecurityPolicyRuleA#action_token_site_keys}
*/
readonly actionTokenSiteKeys?: string[];
/**
* A list of site keys to be used during the validation of reCAPTCHA session-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#session_token_site_keys ComputeSecurityPolicyRuleA#session_token_site_keys}
*/
readonly sessionTokenSiteKeys?: string[];
}
export declare function computeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsAToTerraform(struct?: ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsAOutputReference | ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsA): any;
export declare function computeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsAToHclTerraform(struct?: ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsAOutputReference | ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsA): any;
export declare class ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsA | undefined;
set internalValue(value: ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsA | undefined);
private _actionTokenSiteKeys?;
get actionTokenSiteKeys(): string[];
set actionTokenSiteKeys(value: string[]);
resetActionTokenSiteKeys(): void;
get actionTokenSiteKeysInput(): string[] | undefined;
private _sessionTokenSiteKeys?;
get sessionTokenSiteKeys(): string[];
set sessionTokenSiteKeys(value: string[]);
resetSessionTokenSiteKeys(): void;
get sessionTokenSiteKeysInput(): string[] | undefined;
}
export interface ComputeSecurityPolicyRuleMatchExprOptionsA {
/**
* recaptcha_options block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#recaptcha_options ComputeSecurityPolicyRuleA#recaptcha_options}
*/
readonly recaptchaOptions: ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsA;
}
export declare function computeSecurityPolicyRuleMatchExprOptionsAToTerraform(struct?: ComputeSecurityPolicyRuleMatchExprOptionsAOutputReference | ComputeSecurityPolicyRuleMatchExprOptionsA): any;
export declare function computeSecurityPolicyRuleMatchExprOptionsAToHclTerraform(struct?: ComputeSecurityPolicyRuleMatchExprOptionsAOutputReference | ComputeSecurityPolicyRuleMatchExprOptionsA): any;
export declare class ComputeSecurityPolicyRuleMatchExprOptionsAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): ComputeSecurityPolicyRuleMatchExprOptionsA | undefined;
set internalValue(value: ComputeSecurityPolicyRuleMatchExprOptionsA | undefined);
private _recaptchaOptions;
get recaptchaOptions(): ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsAOutputReference;
putRecaptchaOptions(value: ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsA): void;
get recaptchaOptionsInput(): ComputeSecurityPolicyRuleMatchExprOptionsRecaptchaOptionsA | undefined;
}
export interface ComputeSecurityPolicyRuleMatchA {
/**
* Preconfigured versioned expression. If this field is specified, config must also be specified.
* Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding srcIpRange field in config. Possible values: ["SRC_IPS_V1"]
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#versioned_expr ComputeSecurityPolicyRuleA#versioned_expr}
*/
readonly versionedExpr?: string;
/**
* config block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#config ComputeSecurityPolicyRuleA#config}
*/
readonly config?: ComputeSecurityPolicyRuleMatchConfigA;
/**
* expr block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#expr ComputeSecurityPolicyRuleA#expr}
*/
readonly expr?: ComputeSecurityPolicyRuleMatchExprA;
/**
* expr_options block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#expr_options ComputeSecurityPolicyRuleA#expr_options}
*/
readonly exprOptions?: ComputeSecurityPolicyRuleMatchExprOptionsA;
}
export declare function computeSecurityPolicyRuleMatchAToTerraform(struct?: ComputeSecurityPolicyRuleMatchAOutputReference | ComputeSecurityPolicyRuleMatchA): any;
export declare function computeSecurityPolicyRuleMatchAToHclTerraform(struct?: ComputeSecurityPolicyRuleMatchAOutputReference | ComputeSecurityPolicyRuleMatchA): any;
export declare class ComputeSecurityPolicyRuleMatchAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): ComputeSecurityPolicyRuleMatchA | undefined;
set internalValue(value: ComputeSecurityPolicyRuleMatchA | undefined);
private _versionedExpr?;
get versionedExpr(): string;
set versionedExpr(value: string);
resetVersionedExpr(): void;
get versionedExprInput(): string | undefined;
private _config;
get config(): ComputeSecurityPolicyRuleMatchConfigAOutputReference;
putConfig(value: ComputeSecurityPolicyRuleMatchConfigA): void;
resetConfig(): void;
get configInput(): ComputeSecurityPolicyRuleMatchConfigA | undefined;
private _expr;
get expr(): ComputeSecurityPolicyRuleMatchExprAOutputReference;
putExpr(value: ComputeSecurityPolicyRuleMatchExprA): void;
resetExpr(): void;
get exprInput(): ComputeSecurityPolicyRuleMatchExprA | undefined;
private _exprOptions;
get exprOptions(): ComputeSecurityPolicyRuleMatchExprOptionsAOutputReference;
putExprOptions(value: ComputeSecurityPolicyRuleMatchExprOptionsA): void;
resetExprOptions(): void;
get exprOptionsInput(): ComputeSecurityPolicyRuleMatchExprOptionsA | undefined;
}
export interface ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieA {
/**
* You can specify an exact match or a partial match by using a field operator and a field value.
* Available options:
* EQUALS: The operator matches if the field value equals the specified value.
* STARTS_WITH: The operator matches if the field value starts with the specified value.
* ENDS_WITH: The operator matches if the field value ends with the specified value.
* CONTAINS: The operator matches if the field value contains the specified value.
* EQUALS_ANY: The operator matches if the field value is any value.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#operator ComputeSecurityPolicyRuleA#operator}
*/
readonly operator: string;
/**
* A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation.
* The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#value ComputeSecurityPolicyRuleA#value}
*/
readonly value?: string;
}
export declare function computeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieAToTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieA | cdktf.IResolvable): any;
export declare function computeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieAToHclTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieA | cdktf.IResolvable): any;
export declare class ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
private resolvableValue?;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param complexObjectIndex the index of this item in the list
* @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean);
get internalValue(): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieA | cdktf.IResolvable | undefined;
set internalValue(value: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieA | cdktf.IResolvable | undefined);
private _operator?;
get operator(): string;
set operator(value: string);
get operatorInput(): string | undefined;
private _value?;
get value(): string;
set value(value: string);
resetValue(): void;
get valueInput(): string | undefined;
}
export declare class ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieAList extends cdktf.ComplexList {
protected terraformResource: cdktf.IInterpolatingParent;
protected terraformAttribute: string;
protected wrapsSet: boolean;
internalValue?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieA[] | cdktf.IResolvable;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean);
/**
* @param index the index of the item to return
*/
get(index: number): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieAOutputReference;
}
export interface ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderA {
/**
* You can specify an exact match or a partial match by using a field operator and a field value.
* Available options:
* EQUALS: The operator matches if the field value equals the specified value.
* STARTS_WITH: The operator matches if the field value starts with the specified value.
* ENDS_WITH: The operator matches if the field value ends with the specified value.
* CONTAINS: The operator matches if the field value contains the specified value.
* EQUALS_ANY: The operator matches if the field value is any value.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#operator ComputeSecurityPolicyRuleA#operator}
*/
readonly operator: string;
/**
* A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation.
* The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#value ComputeSecurityPolicyRuleA#value}
*/
readonly value?: string;
}
export declare function computeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderAToTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderA | cdktf.IResolvable): any;
export declare function computeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderAToHclTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderA | cdktf.IResolvable): any;
export declare class ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
private resolvableValue?;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param complexObjectIndex the index of this item in the list
* @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean);
get internalValue(): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderA | cdktf.IResolvable | undefined;
set internalValue(value: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderA | cdktf.IResolvable | undefined);
private _operator?;
get operator(): string;
set operator(value: string);
get operatorInput(): string | undefined;
private _value?;
get value(): string;
set value(value: string);
resetValue(): void;
get valueInput(): string | undefined;
}
export declare class ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderAList extends cdktf.ComplexList {
protected terraformResource: cdktf.IInterpolatingParent;
protected terraformAttribute: string;
protected wrapsSet: boolean;
internalValue?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderA[] | cdktf.IResolvable;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean);
/**
* @param index the index of the item to return
*/
get(index: number): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderAOutputReference;
}
export interface ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamA {
/**
* You can specify an exact match or a partial match by using a field operator and a field value.
* Available options:
* EQUALS: The operator matches if the field value equals the specified value.
* STARTS_WITH: The operator matches if the field value starts with the specified value.
* ENDS_WITH: The operator matches if the field value ends with the specified value.
* CONTAINS: The operator matches if the field value contains the specified value.
* EQUALS_ANY: The operator matches if the field value is any value.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#operator ComputeSecurityPolicyRuleA#operator}
*/
readonly operator: string;
/**
* A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation.
* The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#value ComputeSecurityPolicyRuleA#value}
*/
readonly value?: string;
}
export declare function computeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamAToTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamA | cdktf.IResolvable): any;
export declare function computeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamAToHclTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamA | cdktf.IResolvable): any;
export declare class ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
private resolvableValue?;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param complexObjectIndex the index of this item in the list
* @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean);
get internalValue(): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamA | cdktf.IResolvable | undefined;
set internalValue(value: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamA | cdktf.IResolvable | undefined);
private _operator?;
get operator(): string;
set operator(value: string);
get operatorInput(): string | undefined;
private _value?;
get value(): string;
set value(value: string);
resetValue(): void;
get valueInput(): string | undefined;
}
export declare class ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamAList extends cdktf.ComplexList {
protected terraformResource: cdktf.IInterpolatingParent;
protected terraformAttribute: string;
protected wrapsSet: boolean;
internalValue?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamA[] | cdktf.IResolvable;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean);
/**
* @param index the index of the item to return
*/
get(index: number): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamAOutputReference;
}
export interface ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriA {
/**
* You can specify an exact match or a partial match by using a field operator and a field value.
* Available options:
* EQUALS: The operator matches if the field value equals the specified value.
* STARTS_WITH: The operator matches if the field value starts with the specified value.
* ENDS_WITH: The operator matches if the field value ends with the specified value.
* CONTAINS: The operator matches if the field value contains the specified value.
* EQUALS_ANY: The operator matches if the field value is any value.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#operator ComputeSecurityPolicyRuleA#operator}
*/
readonly operator: string;
/**
* A request field matching the specified value will be excluded from inspection during preconfigured WAF evaluation.
* The field value must be given if the field operator is not EQUALS_ANY, and cannot be given if the field operator is EQUALS_ANY.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#value ComputeSecurityPolicyRuleA#value}
*/
readonly value?: string;
}
export declare function computeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriAToTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriA | cdktf.IResolvable): any;
export declare function computeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriAToHclTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriA | cdktf.IResolvable): any;
export declare class ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
private resolvableValue?;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param complexObjectIndex the index of this item in the list
* @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean);
get internalValue(): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriA | cdktf.IResolvable | undefined;
set internalValue(value: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriA | cdktf.IResolvable | undefined);
private _operator?;
get operator(): string;
set operator(value: string);
get operatorInput(): string | undefined;
private _value?;
get value(): string;
set value(value: string);
resetValue(): void;
get valueInput(): string | undefined;
}
export declare class ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriAList extends cdktf.ComplexList {
protected terraformResource: cdktf.IInterpolatingParent;
protected terraformAttribute: string;
protected wrapsSet: boolean;
internalValue?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriA[] | cdktf.IResolvable;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean);
/**
* @param index the index of the item to return
*/
get(index: number): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriAOutputReference;
}
export interface ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionA {
/**
* A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion.
* If omitted, it refers to all the rule IDs under the WAF rule set.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#target_rule_ids ComputeSecurityPolicyRuleA#target_rule_ids}
*/
readonly targetRuleIds?: string[];
/**
* Target WAF rule set to apply the preconfigured WAF exclusion.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#target_rule_set ComputeSecurityPolicyRuleA#target_rule_set}
*/
readonly targetRuleSet: string;
/**
* request_cookie block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#request_cookie ComputeSecurityPolicyRuleA#request_cookie}
*/
readonly requestCookie?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieA[] | cdktf.IResolvable;
/**
* request_header block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#request_header ComputeSecurityPolicyRuleA#request_header}
*/
readonly requestHeader?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderA[] | cdktf.IResolvable;
/**
* request_query_param block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#request_query_param ComputeSecurityPolicyRuleA#request_query_param}
*/
readonly requestQueryParam?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamA[] | cdktf.IResolvable;
/**
* request_uri block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#request_uri ComputeSecurityPolicyRuleA#request_uri}
*/
readonly requestUri?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriA[] | cdktf.IResolvable;
}
export declare function computeSecurityPolicyRulePreconfiguredWafConfigExclusionAToTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionA | cdktf.IResolvable): any;
export declare function computeSecurityPolicyRulePreconfiguredWafConfigExclusionAToHclTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionA | cdktf.IResolvable): any;
export declare class ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
private resolvableValue?;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param complexObjectIndex the index of this item in the list
* @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean);
get internalValue(): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionA | cdktf.IResolvable | undefined;
set internalValue(value: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionA | cdktf.IResolvable | undefined);
private _targetRuleIds?;
get targetRuleIds(): string[];
set targetRuleIds(value: string[]);
resetTargetRuleIds(): void;
get targetRuleIdsInput(): string[] | undefined;
private _targetRuleSet?;
get targetRuleSet(): string;
set targetRuleSet(value: string);
get targetRuleSetInput(): string | undefined;
private _requestCookie;
get requestCookie(): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieAList;
putRequestCookie(value: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieA[] | cdktf.IResolvable): void;
resetRequestCookie(): void;
get requestCookieInput(): cdktf.IResolvable | ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestCookieA[] | undefined;
private _requestHeader;
get requestHeader(): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderAList;
putRequestHeader(value: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderA[] | cdktf.IResolvable): void;
resetRequestHeader(): void;
get requestHeaderInput(): cdktf.IResolvable | ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestHeaderA[] | undefined;
private _requestQueryParam;
get requestQueryParam(): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamAList;
putRequestQueryParam(value: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamA[] | cdktf.IResolvable): void;
resetRequestQueryParam(): void;
get requestQueryParamInput(): cdktf.IResolvable | ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestQueryParamA[] | undefined;
private _requestUri;
get requestUri(): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriAList;
putRequestUri(value: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriA[] | cdktf.IResolvable): void;
resetRequestUri(): void;
get requestUriInput(): cdktf.IResolvable | ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriA[] | undefined;
}
export declare class ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionAList extends cdktf.ComplexList {
protected terraformResource: cdktf.IInterpolatingParent;
protected terraformAttribute: string;
protected wrapsSet: boolean;
internalValue?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionA[] | cdktf.IResolvable;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean);
/**
* @param index the index of the item to return
*/
get(index: number): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionAOutputReference;
}
export interface ComputeSecurityPolicyRulePreconfiguredWafConfigA {
/**
* exclusion block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#exclusion ComputeSecurityPolicyRuleA#exclusion}
*/
readonly exclusion?: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionA[] | cdktf.IResolvable;
}
export declare function computeSecurityPolicyRulePreconfiguredWafConfigAToTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigAOutputReference | ComputeSecurityPolicyRulePreconfiguredWafConfigA): any;
export declare function computeSecurityPolicyRulePreconfiguredWafConfigAToHclTerraform(struct?: ComputeSecurityPolicyRulePreconfiguredWafConfigAOutputReference | ComputeSecurityPolicyRulePreconfiguredWafConfigA): any;
export declare class ComputeSecurityPolicyRulePreconfiguredWafConfigAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): ComputeSecurityPolicyRulePreconfiguredWafConfigA | undefined;
set internalValue(value: ComputeSecurityPolicyRulePreconfiguredWafConfigA | undefined);
private _exclusion;
get exclusion(): ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionAList;
putExclusion(value: ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionA[] | cdktf.IResolvable): void;
resetExclusion(): void;
get exclusionInput(): cdktf.IResolvable | ComputeSecurityPolicyRulePreconfiguredWafConfigExclusionA[] | undefined;
}
export interface ComputeSecurityPolicyRuleRateLimitOptionsBanThresholdA {
/**
* Number of HTTP(S) requests for calculating the threshold.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#count ComputeSecurityPolicyRuleA#count}
*/
readonly count?: number;
/**
* Interval over which the threshold is computed.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#interval_sec ComputeSecurityPolicyRuleA#interval_sec}
*/
readonly intervalSec?: number;
}
export declare function computeSecurityPolicyRuleRateLimitOptionsBanThresholdAToTerraform(struct?: ComputeSecurityPolicyRuleRateLimitOptionsBanThresholdAOutputReference | ComputeSecurityPolicyRuleRateLimitOptionsBanThresholdA): any;
export declare function computeSecurityPolicyRuleRateLimitOptionsBanThresholdAToHclTerraform(struct?: ComputeSecurityPolicyRuleRateLimitOptionsBanThresholdAOutputReference | ComputeSecurityPolicyRuleRateLimitOptionsBanThresholdA): any;
export declare class ComputeSecurityPolicyRuleRateLimitOptionsBanThresholdAOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): ComputeSecurityPolicyRuleRateLimitOptionsBanThresholdA | undefined;
set internalValue(value: ComputeSecurityPolicyRuleRateLimitOptionsBanThresholdA | undefined);
private _count?;
get count(): number;
set count(value: number);
resetCount(): void;
get countInput(): number | undefined;
private _intervalSec?;
get intervalSec(): number;
set intervalSec(value: number);
resetIntervalSec(): void;
get intervalSecInput(): number | undefined;
}
export interface ComputeSecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigs {
/**
* Rate limit key name applicable only for the following key types:
* HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value.
* HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/compute_security_policy_rule#enforce_on_key_name ComputeSecurityPolicyRuleA#enforce_on_key_name}
*/
readonly enforceOnKeyName?: string;
/**
* Determines the key to enforce the rateLimitThreshold on. Possible values are:
* * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured.
* * IP: The source IP address of the request is the key. Each IP has this limit enforced separately.
* * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL.
* * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP.
* * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL.
* * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes.
* * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session.
* * REGION_CODE: The country/region from