@cdktf/provider-google

/** * Copyright (c) HashiCorp, Inc. * SPDX-License-Identifier: MPL-2.0 */ import { Construct } from 'constructs'; import * as cdktf from 'cdktf'; export interface IapSettingsConfig extends cdktf.TerraformMetaArguments { /** * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#id IapSettings#id} * * Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. * If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable. */ readonly id?: string; /** * The resource name of the IAP protected resource. Name can have below resources: * * organizations/{organization_id} * * folders/{folder_id} * * projects/{projects_id} * * projects/{projects_id}/iap_web * * projects/{projects_id}/iap_web/compute * * projects/{projects_id}/iap_web/compute-{region} * * projects/{projects_id}/iap_web/compute/service/{service_id} * * projects/{projects_id}/iap_web/compute-{region}/service/{service_id} * * projects/{projects_id}/iap_web/appengine-{app_id} * * projects/{projects_id}/iap_web/appengine-{app_id}/service/{service_id} * * projects/{projects_id}/iap_web/appengine-{app_id}/service/{service_id}/version/{version_id} * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#name IapSettings#name} */ readonly name: string; /** * access_settings block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#access_settings IapSettings#access_settings} */ readonly accessSettings?: IapSettingsAccessSettings; /** * application_settings block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#application_settings IapSettings#application_settings} */ readonly applicationSettings?: IapSettingsApplicationSettings; /** * timeouts block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#timeouts IapSettings#timeouts} */ readonly timeouts?: IapSettingsTimeouts; } export interface IapSettingsAccessSettingsAllowedDomainsSettings { /** * List of trusted domains. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#domains IapSettings#domains} */ readonly domains?: string[]; /** * Configuration for customers to opt in for the feature. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#enable IapSettings#enable} */ readonly enable?: boolean | cdktf.IResolvable; } export declare function iapSettingsAccessSettingsAllowedDomainsSettingsToTerraform(struct?: IapSettingsAccessSettingsAllowedDomainsSettingsOutputReference | IapSettingsAccessSettingsAllowedDomainsSettings): any; export declare function iapSettingsAccessSettingsAllowedDomainsSettingsToHclTerraform(struct?: IapSettingsAccessSettingsAllowedDomainsSettingsOutputReference | IapSettingsAccessSettingsAllowedDomainsSettings): any; export declare class IapSettingsAccessSettingsAllowedDomainsSettingsOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsAccessSettingsAllowedDomainsSettings | undefined; set internalValue(value: IapSettingsAccessSettingsAllowedDomainsSettings | undefined); private _domains?; get domains(): string[]; set domains(value: string[]); resetDomains(): void; get domainsInput(): string[] | undefined; private _enable?; get enable(): boolean | cdktf.IResolvable; set enable(value: boolean | cdktf.IResolvable); resetEnable(): void; get enableInput(): boolean | cdktf.IResolvable | undefined; } export interface IapSettingsAccessSettingsCorsSettings { /** * Configuration to allow HTTP OPTIONS calls to skip authorization. * If undefined, IAP will not apply any special logic to OPTIONS requests. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#allow_http_options IapSettings#allow_http_options} */ readonly allowHttpOptions?: boolean | cdktf.IResolvable; } export declare function iapSettingsAccessSettingsCorsSettingsToTerraform(struct?: IapSettingsAccessSettingsCorsSettingsOutputReference | IapSettingsAccessSettingsCorsSettings): any; export declare function iapSettingsAccessSettingsCorsSettingsToHclTerraform(struct?: IapSettingsAccessSettingsCorsSettingsOutputReference | IapSettingsAccessSettingsCorsSettings): any; export declare class IapSettingsAccessSettingsCorsSettingsOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsAccessSettingsCorsSettings | undefined; set internalValue(value: IapSettingsAccessSettingsCorsSettings | undefined); private _allowHttpOptions?; get allowHttpOptions(): boolean | cdktf.IResolvable; set allowHttpOptions(value: boolean | cdktf.IResolvable); resetAllowHttpOptions(): void; get allowHttpOptionsInput(): boolean | cdktf.IResolvable | undefined; } export interface IapSettingsAccessSettingsGcipSettings { /** * Login page URI associated with the GCIP tenants. Typically, all resources within * the same project share the same login page, though it could be overridden at the * sub resource level. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#login_page_uri IapSettings#login_page_uri} */ readonly loginPageUri?: string; /** * GCIP tenant ids that are linked to the IAP resource. tenantIds could be a string * beginning with a number character to indicate authenticating with GCIP tenant flow, * or in the format of _ to indicate authenticating with GCIP agent flow. If agent flow * is used, tenantIds should only contain one single element, while for tenant flow, * tenantIds can contain multiple elements. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#tenant_ids IapSettings#tenant_ids} */ readonly tenantIds?: string[]; } export declare function iapSettingsAccessSettingsGcipSettingsToTerraform(struct?: IapSettingsAccessSettingsGcipSettingsOutputReference | IapSettingsAccessSettingsGcipSettings): any; export declare function iapSettingsAccessSettingsGcipSettingsToHclTerraform(struct?: IapSettingsAccessSettingsGcipSettingsOutputReference | IapSettingsAccessSettingsGcipSettings): any; export declare class IapSettingsAccessSettingsGcipSettingsOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsAccessSettingsGcipSettings | undefined; set internalValue(value: IapSettingsAccessSettingsGcipSettings | undefined); private _loginPageUri?; get loginPageUri(): string; set loginPageUri(value: string); resetLoginPageUri(): void; get loginPageUriInput(): string | undefined; private _tenantIds?; get tenantIds(): string[]; set tenantIds(value: string[]); resetTenantIds(): void; get tenantIdsInput(): string[] | undefined; } export interface IapSettingsAccessSettingsOauthSettings { /** * Domain hint to send as hd=? parameter in OAuth request flow. * Enables redirect to primary IDP by skipping Google's login screen. * (https://developers.google.com/identity/protocols/OpenIDConnect#hd-param) * Note: IAP does not verify that the id token's hd claim matches this value * since access behavior is managed by IAM policies. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#login_hint IapSettings#login_hint} */ readonly loginHint?: string; /** * List of client ids allowed to use IAP programmatically. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#programmatic_clients IapSettings#programmatic_clients} */ readonly programmaticClients?: string[]; } export declare function iapSettingsAccessSettingsOauthSettingsToTerraform(struct?: IapSettingsAccessSettingsOauthSettingsOutputReference | IapSettingsAccessSettingsOauthSettings): any; export declare function iapSettingsAccessSettingsOauthSettingsToHclTerraform(struct?: IapSettingsAccessSettingsOauthSettingsOutputReference | IapSettingsAccessSettingsOauthSettings): any; export declare class IapSettingsAccessSettingsOauthSettingsOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsAccessSettingsOauthSettings | undefined; set internalValue(value: IapSettingsAccessSettingsOauthSettings | undefined); private _loginHint?; get loginHint(): string; set loginHint(value: string); resetLoginHint(): void; get loginHintInput(): string | undefined; private _programmaticClients?; get programmaticClients(): string[]; set programmaticClients(value: string[]); resetProgrammaticClients(): void; get programmaticClientsInput(): string[] | undefined; } export interface IapSettingsAccessSettingsReauthSettings { /** * Reauth session lifetime, how long before a user has to reauthenticate again. * A duration in seconds with up to nine fractional digits, ending with 's'. * Example: "3.5s". * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#max_age IapSettings#max_age} */ readonly maxAge: string; /** * Reauth method requested. The possible values are: * * * 'LOGIN': Prompts the user to log in again. * * 'SECURE_KEY': User must use their secure key 2nd factor device. * * 'ENROLLED_SECOND_FACTORS': User can use any enabled 2nd factor. Possible values: ["LOGIN", "SECURE_KEY", "ENROLLED_SECOND_FACTORS"] * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#method IapSettings#method} */ readonly method: string; /** * How IAP determines the effective policy in cases of hierarchical policies. * Policies are merged from higher in the hierarchy to lower in the hierarchy. * The possible values are: * * * 'MINIMUM': This policy acts as a minimum to other policies, lower in the hierarchy. * Effective policy may only be the same or stricter. * * 'DEFAULT': This policy acts as a default if no other reauth policy is set. Possible values: ["MINIMUM", "DEFAULT"] * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#policy_type IapSettings#policy_type} */ readonly policyType: string; } export declare function iapSettingsAccessSettingsReauthSettingsToTerraform(struct?: IapSettingsAccessSettingsReauthSettingsOutputReference | IapSettingsAccessSettingsReauthSettings): any; export declare function iapSettingsAccessSettingsReauthSettingsToHclTerraform(struct?: IapSettingsAccessSettingsReauthSettingsOutputReference | IapSettingsAccessSettingsReauthSettings): any; export declare class IapSettingsAccessSettingsReauthSettingsOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsAccessSettingsReauthSettings | undefined; set internalValue(value: IapSettingsAccessSettingsReauthSettings | undefined); private _maxAge?; get maxAge(): string; set maxAge(value: string); get maxAgeInput(): string | undefined; private _method?; get method(): string; set method(value: string); get methodInput(): string | undefined; private _policyType?; get policyType(): string; set policyType(value: string); get policyTypeInput(): string | undefined; } export interface IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2 { /** * The OAuth 2.0 client ID registered in the workforce identity * federation OAuth 2.0 Server. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#client_id IapSettings#client_id} */ readonly clientId?: string; /** * Input only. The OAuth 2.0 client secret created while registering * the client ID. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#client_secret IapSettings#client_secret} */ readonly clientSecret?: string; } export declare function iapSettingsAccessSettingsWorkforceIdentitySettingsOauth2ToTerraform(struct?: IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2OutputReference | IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2): any; export declare function iapSettingsAccessSettingsWorkforceIdentitySettingsOauth2ToHclTerraform(struct?: IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2OutputReference | IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2): any; export declare class IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2OutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2 | undefined; set internalValue(value: IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2 | undefined); private _clientId?; get clientId(): string; set clientId(value: string); resetClientId(): void; get clientIdInput(): string | undefined; private _clientSecret?; get clientSecret(): string; set clientSecret(value: string); resetClientSecret(): void; get clientSecretInput(): string | undefined; get clientSecretSha256(): string; } export interface IapSettingsAccessSettingsWorkforceIdentitySettings { /** * The workforce pool resources. Only one workforce pool is accepted. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#workforce_pools IapSettings#workforce_pools} */ readonly workforcePools?: string[]; /** * oauth2 block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#oauth2 IapSettings#oauth2} */ readonly oauth2?: IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2; } export declare function iapSettingsAccessSettingsWorkforceIdentitySettingsToTerraform(struct?: IapSettingsAccessSettingsWorkforceIdentitySettingsOutputReference | IapSettingsAccessSettingsWorkforceIdentitySettings): any; export declare function iapSettingsAccessSettingsWorkforceIdentitySettingsToHclTerraform(struct?: IapSettingsAccessSettingsWorkforceIdentitySettingsOutputReference | IapSettingsAccessSettingsWorkforceIdentitySettings): any; export declare class IapSettingsAccessSettingsWorkforceIdentitySettingsOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsAccessSettingsWorkforceIdentitySettings | undefined; set internalValue(value: IapSettingsAccessSettingsWorkforceIdentitySettings | undefined); private _workforcePools?; get workforcePools(): string[]; set workforcePools(value: string[]); resetWorkforcePools(): void; get workforcePoolsInput(): string[] | undefined; private _oauth2; get oauth2(): IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2OutputReference; putOauth2(value: IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2): void; resetOauth2(): void; get oauth2Input(): IapSettingsAccessSettingsWorkforceIdentitySettingsOauth2 | undefined; } export interface IapSettingsAccessSettings { /** * Identity sources that IAP can use to authenticate the end user. Only one identity source * can be configured. The possible values are: * * * 'WORKFORCE_IDENTITY_FEDERATION': Use external identities set up on Google Cloud Workforce * Identity Federation. Possible values: ["WORKFORCE_IDENTITY_FEDERATION"] * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#identity_sources IapSettings#identity_sources} */ readonly identitySources?: string[]; /** * allowed_domains_settings block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#allowed_domains_settings IapSettings#allowed_domains_settings} */ readonly allowedDomainsSettings?: IapSettingsAccessSettingsAllowedDomainsSettings; /** * cors_settings block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#cors_settings IapSettings#cors_settings} */ readonly corsSettings?: IapSettingsAccessSettingsCorsSettings; /** * gcip_settings block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#gcip_settings IapSettings#gcip_settings} */ readonly gcipSettings?: IapSettingsAccessSettingsGcipSettings; /** * oauth_settings block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#oauth_settings IapSettings#oauth_settings} */ readonly oauthSettings?: IapSettingsAccessSettingsOauthSettings; /** * reauth_settings block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#reauth_settings IapSettings#reauth_settings} */ readonly reauthSettings?: IapSettingsAccessSettingsReauthSettings; /** * workforce_identity_settings block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#workforce_identity_settings IapSettings#workforce_identity_settings} */ readonly workforceIdentitySettings?: IapSettingsAccessSettingsWorkforceIdentitySettings; } export declare function iapSettingsAccessSettingsToTerraform(struct?: IapSettingsAccessSettingsOutputReference | IapSettingsAccessSettings): any; export declare function iapSettingsAccessSettingsToHclTerraform(struct?: IapSettingsAccessSettingsOutputReference | IapSettingsAccessSettings): any; export declare class IapSettingsAccessSettingsOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsAccessSettings | undefined; set internalValue(value: IapSettingsAccessSettings | undefined); private _identitySources?; get identitySources(): string[]; set identitySources(value: string[]); resetIdentitySources(): void; get identitySourcesInput(): string[] | undefined; private _allowedDomainsSettings; get allowedDomainsSettings(): IapSettingsAccessSettingsAllowedDomainsSettingsOutputReference; putAllowedDomainsSettings(value: IapSettingsAccessSettingsAllowedDomainsSettings): void; resetAllowedDomainsSettings(): void; get allowedDomainsSettingsInput(): IapSettingsAccessSettingsAllowedDomainsSettings | undefined; private _corsSettings; get corsSettings(): IapSettingsAccessSettingsCorsSettingsOutputReference; putCorsSettings(value: IapSettingsAccessSettingsCorsSettings): void; resetCorsSettings(): void; get corsSettingsInput(): IapSettingsAccessSettingsCorsSettings | undefined; private _gcipSettings; get gcipSettings(): IapSettingsAccessSettingsGcipSettingsOutputReference; putGcipSettings(value: IapSettingsAccessSettingsGcipSettings): void; resetGcipSettings(): void; get gcipSettingsInput(): IapSettingsAccessSettingsGcipSettings | undefined; private _oauthSettings; get oauthSettings(): IapSettingsAccessSettingsOauthSettingsOutputReference; putOauthSettings(value: IapSettingsAccessSettingsOauthSettings): void; resetOauthSettings(): void; get oauthSettingsInput(): IapSettingsAccessSettingsOauthSettings | undefined; private _reauthSettings; get reauthSettings(): IapSettingsAccessSettingsReauthSettingsOutputReference; putReauthSettings(value: IapSettingsAccessSettingsReauthSettings): void; resetReauthSettings(): void; get reauthSettingsInput(): IapSettingsAccessSettingsReauthSettings | undefined; private _workforceIdentitySettings; get workforceIdentitySettings(): IapSettingsAccessSettingsWorkforceIdentitySettingsOutputReference; putWorkforceIdentitySettings(value: IapSettingsAccessSettingsWorkforceIdentitySettings): void; resetWorkforceIdentitySettings(): void; get workforceIdentitySettingsInput(): IapSettingsAccessSettingsWorkforceIdentitySettings | undefined; } export interface IapSettingsApplicationSettingsAccessDeniedPageSettings { /** * The URI to be redirected to when access is denied. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#access_denied_page_uri IapSettings#access_denied_page_uri} */ readonly accessDeniedPageUri?: string; /** * Whether to generate a troubleshooting URL on access denied events to this application. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#generate_troubleshooting_uri IapSettings#generate_troubleshooting_uri} */ readonly generateTroubleshootingUri?: boolean | cdktf.IResolvable; /** * Whether to generate remediation token on access denied events to this application. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#remediation_token_generation_enabled IapSettings#remediation_token_generation_enabled} */ readonly remediationTokenGenerationEnabled?: boolean | cdktf.IResolvable; } export declare function iapSettingsApplicationSettingsAccessDeniedPageSettingsToTerraform(struct?: IapSettingsApplicationSettingsAccessDeniedPageSettingsOutputReference | IapSettingsApplicationSettingsAccessDeniedPageSettings): any; export declare function iapSettingsApplicationSettingsAccessDeniedPageSettingsToHclTerraform(struct?: IapSettingsApplicationSettingsAccessDeniedPageSettingsOutputReference | IapSettingsApplicationSettingsAccessDeniedPageSettings): any; export declare class IapSettingsApplicationSettingsAccessDeniedPageSettingsOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsApplicationSettingsAccessDeniedPageSettings | undefined; set internalValue(value: IapSettingsApplicationSettingsAccessDeniedPageSettings | undefined); private _accessDeniedPageUri?; get accessDeniedPageUri(): string; set accessDeniedPageUri(value: string); resetAccessDeniedPageUri(): void; get accessDeniedPageUriInput(): string | undefined; private _generateTroubleshootingUri?; get generateTroubleshootingUri(): boolean | cdktf.IResolvable; set generateTroubleshootingUri(value: boolean | cdktf.IResolvable); resetGenerateTroubleshootingUri(): void; get generateTroubleshootingUriInput(): boolean | cdktf.IResolvable | undefined; private _remediationTokenGenerationEnabled?; get remediationTokenGenerationEnabled(): boolean | cdktf.IResolvable; set remediationTokenGenerationEnabled(value: boolean | cdktf.IResolvable); resetRemediationTokenGenerationEnabled(): void; get remediationTokenGenerationEnabledInput(): boolean | cdktf.IResolvable | undefined; } export interface IapSettingsApplicationSettingsAttributePropagationSettings { /** * Whether the provided attribute propagation settings should be evaluated on user requests. * If set to true, attributes returned from the expression will be propagated in the set output credentials. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#enable IapSettings#enable} */ readonly enable?: boolean | cdktf.IResolvable; /** * Raw string CEL expression. Must return a list of attributes. A maximum of 45 attributes can * be selected. Expressions can select different attribute types from attributes: * attributes.saml_attributes, attributes.iap_attributes. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#expression IapSettings#expression} */ readonly expression?: string; /** * Which output credentials attributes selected by the CEL expression should be propagated in. * All attributes will be fully duplicated in each selected output credential. * Possible values are: * * * 'HEADER': Propagate attributes in the headers with "x-goog-iap-attr-" prefix. * * 'JWT': Propagate attributes in the JWT of the form: * "additional_claims": { "my_attribute": ["value1", "value2"] } * * 'RCTOKEN': Propagate attributes in the RCToken of the form: " * additional_claims": { "my_attribute": ["value1", "value2"] } Possible values: ["HEADER", "JWT", "RCTOKEN"] * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#output_credentials IapSettings#output_credentials} */ readonly outputCredentials?: string[]; } export declare function iapSettingsApplicationSettingsAttributePropagationSettingsToTerraform(struct?: IapSettingsApplicationSettingsAttributePropagationSettingsOutputReference | IapSettingsApplicationSettingsAttributePropagationSettings): any; export declare function iapSettingsApplicationSettingsAttributePropagationSettingsToHclTerraform(struct?: IapSettingsApplicationSettingsAttributePropagationSettingsOutputReference | IapSettingsApplicationSettingsAttributePropagationSettings): any; export declare class IapSettingsApplicationSettingsAttributePropagationSettingsOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsApplicationSettingsAttributePropagationSettings | undefined; set internalValue(value: IapSettingsApplicationSettingsAttributePropagationSettings | undefined); private _enable?; get enable(): boolean | cdktf.IResolvable; set enable(value: boolean | cdktf.IResolvable); resetEnable(): void; get enableInput(): boolean | cdktf.IResolvable | undefined; private _expression?; get expression(): string; set expression(value: string); resetExpression(): void; get expressionInput(): string | undefined; private _outputCredentials?; get outputCredentials(): string[]; set outputCredentials(value: string[]); resetOutputCredentials(): void; get outputCredentialsInput(): string[] | undefined; } export interface IapSettingsApplicationSettingsCsmSettings { /** * Audience claim set in the generated RCToken. This value is not validated by IAP. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#rctoken_aud IapSettings#rctoken_aud} */ readonly rctokenAud?: string; } export declare function iapSettingsApplicationSettingsCsmSettingsToTerraform(struct?: IapSettingsApplicationSettingsCsmSettingsOutputReference | IapSettingsApplicationSettingsCsmSettings): any; export declare function iapSettingsApplicationSettingsCsmSettingsToHclTerraform(struct?: IapSettingsApplicationSettingsCsmSettingsOutputReference | IapSettingsApplicationSettingsCsmSettings): any; export declare class IapSettingsApplicationSettingsCsmSettingsOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsApplicationSettingsCsmSettings | undefined; set internalValue(value: IapSettingsApplicationSettingsCsmSettings | undefined); private _rctokenAud?; get rctokenAud(): string; set rctokenAud(value: string); resetRctokenAud(): void; get rctokenAudInput(): string | undefined; } export interface IapSettingsApplicationSettings { /** * The Domain value to set for cookies generated by IAP. This value is not validated by the API, * but will be ignored at runtime if invalid. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#cookie_domain IapSettings#cookie_domain} */ readonly cookieDomain?: string; /** * access_denied_page_settings block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#access_denied_page_settings IapSettings#access_denied_page_settings} */ readonly accessDeniedPageSettings?: IapSettingsApplicationSettingsAccessDeniedPageSettings; /** * attribute_propagation_settings block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#attribute_propagation_settings IapSettings#attribute_propagation_settings} */ readonly attributePropagationSettings?: IapSettingsApplicationSettingsAttributePropagationSettings; /** * csm_settings block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#csm_settings IapSettings#csm_settings} */ readonly csmSettings?: IapSettingsApplicationSettingsCsmSettings; } export declare function iapSettingsApplicationSettingsToTerraform(struct?: IapSettingsApplicationSettingsOutputReference | IapSettingsApplicationSettings): any; export declare function iapSettingsApplicationSettingsToHclTerraform(struct?: IapSettingsApplicationSettingsOutputReference | IapSettingsApplicationSettings): any; export declare class IapSettingsApplicationSettingsOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsApplicationSettings | undefined; set internalValue(value: IapSettingsApplicationSettings | undefined); private _cookieDomain?; get cookieDomain(): string; set cookieDomain(value: string); resetCookieDomain(): void; get cookieDomainInput(): string | undefined; private _accessDeniedPageSettings; get accessDeniedPageSettings(): IapSettingsApplicationSettingsAccessDeniedPageSettingsOutputReference; putAccessDeniedPageSettings(value: IapSettingsApplicationSettingsAccessDeniedPageSettings): void; resetAccessDeniedPageSettings(): void; get accessDeniedPageSettingsInput(): IapSettingsApplicationSettingsAccessDeniedPageSettings | undefined; private _attributePropagationSettings; get attributePropagationSettings(): IapSettingsApplicationSettingsAttributePropagationSettingsOutputReference; putAttributePropagationSettings(value: IapSettingsApplicationSettingsAttributePropagationSettings): void; resetAttributePropagationSettings(): void; get attributePropagationSettingsInput(): IapSettingsApplicationSettingsAttributePropagationSettings | undefined; private _csmSettings; get csmSettings(): IapSettingsApplicationSettingsCsmSettingsOutputReference; putCsmSettings(value: IapSettingsApplicationSettingsCsmSettings): void; resetCsmSettings(): void; get csmSettingsInput(): IapSettingsApplicationSettingsCsmSettings | undefined; } export interface IapSettingsTimeouts { /** * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#create IapSettings#create} */ readonly create?: string; /** * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#delete IapSettings#delete} */ readonly delete?: string; /** * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#update IapSettings#update} */ readonly update?: string; } export declare function iapSettingsTimeoutsToTerraform(struct?: IapSettingsTimeouts | cdktf.IResolvable): any; export declare function iapSettingsTimeoutsToHclTerraform(struct?: IapSettingsTimeouts | cdktf.IResolvable): any; export declare class IapSettingsTimeoutsOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): IapSettingsTimeouts | cdktf.IResolvable | undefined; set internalValue(value: IapSettingsTimeouts | cdktf.IResolvable | undefined); private _create?; get create(): string; set create(value: string); resetCreate(): void; get createInput(): string | undefined; private _delete?; get delete(): string; set delete(value: string); resetDelete(): void; get deleteInput(): string | undefined; private _update?; get update(): string; set update(value: string); resetUpdate(): void; get updateInput(): string | undefined; } /** * Represents a {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings google_iap_settings} */ export declare class IapSettings extends cdktf.TerraformResource { static readonly tfResourceType = "google_iap_settings"; /** * Generates CDKTF code for importing a IapSettings resource upon running "cdktf plan <stack-name>" * @param scope The scope in which to define this construct * @param importToId The construct id used in the generated config for the IapSettings to import * @param importFromId The id of the existing IapSettings that should be imported. Refer to the {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings#import import section} in the documentation of this resource for the id to use * @param provider? Optional instance of the provider where the IapSettings to import is found */ static generateConfigForImport(scope: Construct, importToId: string, importFromId: string, provider?: cdktf.TerraformProvider): cdktf.ImportableResource; /** * Create a new {@link https://registry.terraform.io/providers/hashicorp/google/6.13.0/docs/resources/iap_settings google_iap_settings} Resource * * @param scope The scope in which to define this construct * @param id The scoped construct ID. Must be unique amongst siblings in the same scope * @param options IapSettingsConfig */ constructor(scope: Construct, id: string, config: IapSettingsConfig); private _id?; get id(): string; set id(value: string); resetId(): void; get idInput(): string | undefined; private _name?; get name(): string; set name(value: string); get nameInput(): string | undefined; private _accessSettings; get accessSettings(): IapSettingsAccessSettingsOutputReference; putAccessSettings(value: IapSettingsAccessSettings): void; resetAccessSettings(): void; get accessSettingsInput(): IapSettingsAccessSettings | undefined; private _applicationSettings; get applicationSettings(): IapSettingsApplicationSettingsOutputReference; putApplicationSettings(value: IapSettingsApplicationSettings): void; resetApplicationSettings(): void; get applicationSettingsInput(): IapSettingsApplicationSettings | undefined; private _timeouts; get timeouts(): IapSettingsTimeoutsOutputReference; putTimeouts(value: IapSettingsTimeouts): void; resetTimeouts(): void; get timeoutsInput(): cdktf.IResolvable | IapSettingsTimeouts | undefined; protected synthesizeAttributes(): { [name: string]: any; }; protected synthesizeHclAttributes(): { [name: string]: any; }; }