@cdktf/provider-google

/** * Copyright (c) HashiCorp, Inc. * SPDX-License-Identifier: MPL-2.0 */ import { Construct } from 'constructs'; import * as cdktf from 'cdktf'; export interface NetworkSecurityAuthzPolicyConfig extends cdktf.TerraformMetaArguments { /** * When the action is CUSTOM, customProvider must be specified. * When the action is ALLOW, only requests matching the policy will be allowed. * When the action is DENY, only requests matching the policy will be denied. * * When a request arrives, the policies are evaluated in the following order: * 1. If there is a CUSTOM policy that matches the request, the CUSTOM policy is evaluated using the custom authorization providers and the request is denied if the provider rejects the request. * 2. If there are any DENY policies that match the request, the request is denied. * 3. If there are no ALLOW policies for the resource or if any of the ALLOW policies match the request, the request is allowed. * 4. Else the request is denied by default if none of the configured AuthzPolicies with ALLOW action match the request. Possible values: ["ALLOW", "DENY", "CUSTOM"] * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#action NetworkSecurityAuthzPolicy#action} */ readonly action: string; /** * A human-readable description of the resource. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#description NetworkSecurityAuthzPolicy#description} */ readonly description?: string; /** * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#id NetworkSecurityAuthzPolicy#id} * * Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. * If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable. */ readonly id?: string; /** * Set of labels associated with the AuthzExtension resource. * * * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field 'effective_labels' for all of the labels present on the resource. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#labels NetworkSecurityAuthzPolicy#labels} */ readonly labels?: { [key: string]: string; }; /** * The location of the resource. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#location NetworkSecurityAuthzPolicy#location} */ readonly location: string; /** * Identifier. Name of the AuthzPolicy resource. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#name NetworkSecurityAuthzPolicy#name} */ readonly name: string; /** * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#project NetworkSecurityAuthzPolicy#project} */ readonly project?: string; /** * custom_provider block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#custom_provider NetworkSecurityAuthzPolicy#custom_provider} */ readonly customProvider?: NetworkSecurityAuthzPolicyCustomProvider; /** * http_rules block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#http_rules NetworkSecurityAuthzPolicy#http_rules} */ readonly httpRules?: NetworkSecurityAuthzPolicyHttpRules[] | cdktf.IResolvable; /** * target block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#target NetworkSecurityAuthzPolicy#target} */ readonly target: NetworkSecurityAuthzPolicyTarget; /** * timeouts block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#timeouts NetworkSecurityAuthzPolicy#timeouts} */ readonly timeouts?: NetworkSecurityAuthzPolicyTimeouts; } export interface NetworkSecurityAuthzPolicyCustomProviderAuthzExtension { /** * A list of references to authorization extensions that will be invoked for requests matching this policy. Limited to 1 custom provider. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#resources NetworkSecurityAuthzPolicy#resources} */ readonly resources: string[]; } export declare function networkSecurityAuthzPolicyCustomProviderAuthzExtensionToTerraform(struct?: NetworkSecurityAuthzPolicyCustomProviderAuthzExtensionOutputReference | NetworkSecurityAuthzPolicyCustomProviderAuthzExtension): any; export declare function networkSecurityAuthzPolicyCustomProviderAuthzExtensionToHclTerraform(struct?: NetworkSecurityAuthzPolicyCustomProviderAuthzExtensionOutputReference | NetworkSecurityAuthzPolicyCustomProviderAuthzExtension): any; export declare class NetworkSecurityAuthzPolicyCustomProviderAuthzExtensionOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): NetworkSecurityAuthzPolicyCustomProviderAuthzExtension | undefined; set internalValue(value: NetworkSecurityAuthzPolicyCustomProviderAuthzExtension | undefined); private _resources?; get resources(): string[]; set resources(value: string[]); get resourcesInput(): string[] | undefined; } export interface NetworkSecurityAuthzPolicyCustomProviderCloudIap { /** * Enable Cloud IAP at the AuthzPolicy level. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#enabled NetworkSecurityAuthzPolicy#enabled} */ readonly enabled: boolean | cdktf.IResolvable; } export declare function networkSecurityAuthzPolicyCustomProviderCloudIapToTerraform(struct?: NetworkSecurityAuthzPolicyCustomProviderCloudIapOutputReference | NetworkSecurityAuthzPolicyCustomProviderCloudIap): any; export declare function networkSecurityAuthzPolicyCustomProviderCloudIapToHclTerraform(struct?: NetworkSecurityAuthzPolicyCustomProviderCloudIapOutputReference | NetworkSecurityAuthzPolicyCustomProviderCloudIap): any; export declare class NetworkSecurityAuthzPolicyCustomProviderCloudIapOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): NetworkSecurityAuthzPolicyCustomProviderCloudIap | undefined; set internalValue(value: NetworkSecurityAuthzPolicyCustomProviderCloudIap | undefined); private _enabled?; get enabled(): boolean | cdktf.IResolvable; set enabled(value: boolean | cdktf.IResolvable); get enabledInput(): boolean | cdktf.IResolvable | undefined; } export interface NetworkSecurityAuthzPolicyCustomProvider { /** * authz_extension block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#authz_extension NetworkSecurityAuthzPolicy#authz_extension} */ readonly authzExtension?: NetworkSecurityAuthzPolicyCustomProviderAuthzExtension; /** * cloud_iap block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#cloud_iap NetworkSecurityAuthzPolicy#cloud_iap} */ readonly cloudIap?: NetworkSecurityAuthzPolicyCustomProviderCloudIap; } export declare function networkSecurityAuthzPolicyCustomProviderToTerraform(struct?: NetworkSecurityAuthzPolicyCustomProviderOutputReference | NetworkSecurityAuthzPolicyCustomProvider): any; export declare function networkSecurityAuthzPolicyCustomProviderToHclTerraform(struct?: NetworkSecurityAuthzPolicyCustomProviderOutputReference | NetworkSecurityAuthzPolicyCustomProvider): any; export declare class NetworkSecurityAuthzPolicyCustomProviderOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): NetworkSecurityAuthzPolicyCustomProvider | undefined; set internalValue(value: NetworkSecurityAuthzPolicyCustomProvider | undefined); private _authzExtension; get authzExtension(): NetworkSecurityAuthzPolicyCustomProviderAuthzExtensionOutputReference; putAuthzExtension(value: NetworkSecurityAuthzPolicyCustomProviderAuthzExtension): void; resetAuthzExtension(): void; get authzExtensionInput(): NetworkSecurityAuthzPolicyCustomProviderAuthzExtension | undefined; private _cloudIap; get cloudIap(): NetworkSecurityAuthzPolicyCustomProviderCloudIapOutputReference; putCloudIap(value: NetworkSecurityAuthzPolicyCustomProviderCloudIap): void; resetCloudIap(): void; get cloudIapInput(): NetworkSecurityAuthzPolicyCustomProviderCloudIap | undefined; } export interface NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipals { /** * The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. * Examples: * * abc matches the value xyz.abc.def * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#contains NetworkSecurityAuthzPolicy#contains} */ readonly contains?: string; /** * The input string must match exactly the string specified here. * Examples: * * abc only matches the value abc. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#exact NetworkSecurityAuthzPolicy#exact} */ readonly exact?: string; /** * If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#ignore_case NetworkSecurityAuthzPolicy#ignore_case} */ readonly ignoreCase?: boolean | cdktf.IResolvable; /** * The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. * Examples: * * abc matches the value abc.xyz * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#prefix NetworkSecurityAuthzPolicy#prefix} */ readonly prefix?: string; /** * The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. * Examples: * * abc matches the value xyz.abc * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#suffix NetworkSecurityAuthzPolicy#suffix} */ readonly suffix?: string; } export declare function networkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipalsToTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipals | cdktf.IResolvable): any; export declare function networkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipalsToHclTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipals | cdktf.IResolvable): any; export declare class NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipalsOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipals | cdktf.IResolvable | undefined; set internalValue(value: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipals | cdktf.IResolvable | undefined); private _contains?; get contains(): string; set contains(value: string); resetContains(): void; get containsInput(): string | undefined; private _exact?; get exact(): string; set exact(value: string); resetExact(): void; get exactInput(): string | undefined; private _ignoreCase?; get ignoreCase(): boolean | cdktf.IResolvable; set ignoreCase(value: boolean | cdktf.IResolvable); resetIgnoreCase(): void; get ignoreCaseInput(): boolean | cdktf.IResolvable | undefined; private _prefix?; get prefix(): string; set prefix(value: string); resetPrefix(): void; get prefixInput(): string | undefined; private _suffix?; get suffix(): string; set suffix(value: string); resetSuffix(): void; get suffixInput(): string | undefined; } export declare class NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipalsList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipals[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipalsOutputReference; } export interface NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccount { /** * The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. * Examples: * * abc matches the value xyz.abc.def * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#contains NetworkSecurityAuthzPolicy#contains} */ readonly contains?: string; /** * The input string must match exactly the string specified here. * Examples: * * abc only matches the value abc. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#exact NetworkSecurityAuthzPolicy#exact} */ readonly exact?: string; /** * If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#ignore_case NetworkSecurityAuthzPolicy#ignore_case} */ readonly ignoreCase?: boolean | cdktf.IResolvable; /** * The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. * Examples: * * abc matches the value abc.xyz * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#prefix NetworkSecurityAuthzPolicy#prefix} */ readonly prefix?: string; /** * The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. * Examples: * * abc matches the value xyz.abc * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#suffix NetworkSecurityAuthzPolicy#suffix} */ readonly suffix?: string; } export declare function networkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccountToTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccountOutputReference | NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccount): any; export declare function networkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccountToHclTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccountOutputReference | NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccount): any; export declare class NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccountOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccount | undefined; set internalValue(value: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccount | undefined); private _contains?; get contains(): string; set contains(value: string); resetContains(): void; get containsInput(): string | undefined; private _exact?; get exact(): string; set exact(value: string); resetExact(): void; get exactInput(): string | undefined; private _ignoreCase?; get ignoreCase(): boolean | cdktf.IResolvable; set ignoreCase(value: boolean | cdktf.IResolvable); resetIgnoreCase(): void; get ignoreCaseInput(): boolean | cdktf.IResolvable | undefined; private _prefix?; get prefix(): string; set prefix(value: string); resetPrefix(): void; get prefixInput(): string | undefined; private _suffix?; get suffix(): string; set suffix(value: string); resetSuffix(): void; get suffixInput(): string | undefined; } export interface NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSet { /** * A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match. * Limited to 5 matches. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#ids NetworkSecurityAuthzPolicy#ids} */ readonly ids?: string[]; } export declare function networkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSetToTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSetOutputReference | NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSet): any; export declare function networkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSetToHclTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSetOutputReference | NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSet): any; export declare class NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSetOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSet | undefined; set internalValue(value: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSet | undefined); private _ids?; get ids(): string[]; set ids(value: string[]); resetIds(): void; get idsInput(): string[] | undefined; } export interface NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResources { /** * iam_service_account block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#iam_service_account NetworkSecurityAuthzPolicy#iam_service_account} */ readonly iamServiceAccount?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccount; /** * tag_value_id_set block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#tag_value_id_set NetworkSecurityAuthzPolicy#tag_value_id_set} */ readonly tagValueIdSet?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSet; } export declare function networkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesToTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResources | cdktf.IResolvable): any; export declare function networkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesToHclTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResources | cdktf.IResolvable): any; export declare class NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResources | cdktf.IResolvable | undefined; set internalValue(value: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResources | cdktf.IResolvable | undefined); private _iamServiceAccount; get iamServiceAccount(): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccountOutputReference; putIamServiceAccount(value: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccount): void; resetIamServiceAccount(): void; get iamServiceAccountInput(): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesIamServiceAccount | undefined; private _tagValueIdSet; get tagValueIdSet(): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSetOutputReference; putTagValueIdSet(value: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSet): void; resetTagValueIdSet(): void; get tagValueIdSetInput(): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesTagValueIdSet | undefined; } export declare class NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResources[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesOutputReference; } export interface NetworkSecurityAuthzPolicyHttpRulesFromNotSources { /** * principals block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#principals NetworkSecurityAuthzPolicy#principals} */ readonly principals?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipals[] | cdktf.IResolvable; /** * resources block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#resources NetworkSecurityAuthzPolicy#resources} */ readonly resources?: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResources[] | cdktf.IResolvable; } export declare function networkSecurityAuthzPolicyHttpRulesFromNotSourcesToTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromNotSources | cdktf.IResolvable): any; export declare function networkSecurityAuthzPolicyHttpRulesFromNotSourcesToHclTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromNotSources | cdktf.IResolvable): any; export declare class NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): NetworkSecurityAuthzPolicyHttpRulesFromNotSources | cdktf.IResolvable | undefined; set internalValue(value: NetworkSecurityAuthzPolicyHttpRulesFromNotSources | cdktf.IResolvable | undefined); private _principals; get principals(): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipalsList; putPrincipals(value: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipals[] | cdktf.IResolvable): void; resetPrincipals(): void; get principalsInput(): cdktf.IResolvable | NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesPrincipals[] | undefined; private _resources; get resources(): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResourcesList; putResources(value: NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResources[] | cdktf.IResolvable): void; resetResources(): void; get resourcesInput(): cdktf.IResolvable | NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesResources[] | undefined; } export declare class NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: NetworkSecurityAuthzPolicyHttpRulesFromNotSources[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesOutputReference; } export interface NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipals { /** * The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. * Examples: * * abc matches the value xyz.abc.def * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#contains NetworkSecurityAuthzPolicy#contains} */ readonly contains?: string; /** * The input string must match exactly the string specified here. * Examples: * * abc only matches the value abc. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#exact NetworkSecurityAuthzPolicy#exact} */ readonly exact?: string; /** * If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#ignore_case NetworkSecurityAuthzPolicy#ignore_case} */ readonly ignoreCase?: boolean | cdktf.IResolvable; /** * The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. * Examples: * * abc matches the value abc.xyz * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#prefix NetworkSecurityAuthzPolicy#prefix} */ readonly prefix?: string; /** * The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. * Examples: * * abc matches the value xyz.abc * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#suffix NetworkSecurityAuthzPolicy#suffix} */ readonly suffix?: string; } export declare function networkSecurityAuthzPolicyHttpRulesFromSourcesPrincipalsToTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipals | cdktf.IResolvable): any; export declare function networkSecurityAuthzPolicyHttpRulesFromSourcesPrincipalsToHclTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipals | cdktf.IResolvable): any; export declare class NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipalsOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipals | cdktf.IResolvable | undefined; set internalValue(value: NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipals | cdktf.IResolvable | undefined); private _contains?; get contains(): string; set contains(value: string); resetContains(): void; get containsInput(): string | undefined; private _exact?; get exact(): string; set exact(value: string); resetExact(): void; get exactInput(): string | undefined; private _ignoreCase?; get ignoreCase(): boolean | cdktf.IResolvable; set ignoreCase(value: boolean | cdktf.IResolvable); resetIgnoreCase(): void; get ignoreCaseInput(): boolean | cdktf.IResolvable | undefined; private _prefix?; get prefix(): string; set prefix(value: string); resetPrefix(): void; get prefixInput(): string | undefined; private _suffix?; get suffix(): string; set suffix(value: string); resetSuffix(): void; get suffixInput(): string | undefined; } export declare class NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipalsList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipals[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipalsOutputReference; } export interface NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccount { /** * The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. * Examples: * * abc matches the value xyz.abc.def * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#contains NetworkSecurityAuthzPolicy#contains} */ readonly contains?: string; /** * The input string must match exactly the string specified here. * Examples: * * abc only matches the value abc. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#exact NetworkSecurityAuthzPolicy#exact} */ readonly exact?: string; /** * If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. For example, the matcher data will match both input string Data and data if set to true. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#ignore_case NetworkSecurityAuthzPolicy#ignore_case} */ readonly ignoreCase?: boolean | cdktf.IResolvable; /** * The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. * Examples: * * abc matches the value abc.xyz * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#prefix NetworkSecurityAuthzPolicy#prefix} */ readonly prefix?: string; /** * The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. * Examples: * * abc matches the value xyz.abc * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#suffix NetworkSecurityAuthzPolicy#suffix} */ readonly suffix?: string; } export declare function networkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccountToTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccountOutputReference | NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccount): any; export declare function networkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccountToHclTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccountOutputReference | NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccount): any; export declare class NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccountOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccount | undefined; set internalValue(value: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccount | undefined); private _contains?; get contains(): string; set contains(value: string); resetContains(): void; get containsInput(): string | undefined; private _exact?; get exact(): string; set exact(value: string); resetExact(): void; get exactInput(): string | undefined; private _ignoreCase?; get ignoreCase(): boolean | cdktf.IResolvable; set ignoreCase(value: boolean | cdktf.IResolvable); resetIgnoreCase(): void; get ignoreCaseInput(): boolean | cdktf.IResolvable | undefined; private _prefix?; get prefix(): string; set prefix(value: string); resetPrefix(): void; get prefixInput(): string | undefined; private _suffix?; get suffix(): string; set suffix(value: string); resetSuffix(): void; get suffixInput(): string | undefined; } export interface NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSet { /** * A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match. * Limited to 5 matches. * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#ids NetworkSecurityAuthzPolicy#ids} */ readonly ids?: string[]; } export declare function networkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSetToTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSetOutputReference | NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSet): any; export declare function networkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSetToHclTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSetOutputReference | NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSet): any; export declare class NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSetOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSet | undefined; set internalValue(value: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSet | undefined); private _ids?; get ids(): string[]; set ids(value: string[]); resetIds(): void; get idsInput(): string[] | undefined; } export interface NetworkSecurityAuthzPolicyHttpRulesFromSourcesResources { /** * iam_service_account block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#iam_service_account NetworkSecurityAuthzPolicy#iam_service_account} */ readonly iamServiceAccount?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccount; /** * tag_value_id_set block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#tag_value_id_set NetworkSecurityAuthzPolicy#tag_value_id_set} */ readonly tagValueIdSet?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSet; } export declare function networkSecurityAuthzPolicyHttpRulesFromSourcesResourcesToTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResources | cdktf.IResolvable): any; export declare function networkSecurityAuthzPolicyHttpRulesFromSourcesResourcesToHclTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResources | cdktf.IResolvable): any; export declare class NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): NetworkSecurityAuthzPolicyHttpRulesFromSourcesResources | cdktf.IResolvable | undefined; set internalValue(value: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResources | cdktf.IResolvable | undefined); private _iamServiceAccount; get iamServiceAccount(): NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccountOutputReference; putIamServiceAccount(value: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccount): void; resetIamServiceAccount(): void; get iamServiceAccountInput(): NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesIamServiceAccount | undefined; private _tagValueIdSet; get tagValueIdSet(): NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSetOutputReference; putTagValueIdSet(value: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSet): void; resetTagValueIdSet(): void; get tagValueIdSetInput(): NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesTagValueIdSet | undefined; } export declare class NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResources[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesOutputReference; } export interface NetworkSecurityAuthzPolicyHttpRulesFromSources { /** * principals block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#principals NetworkSecurityAuthzPolicy#principals} */ readonly principals?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipals[] | cdktf.IResolvable; /** * resources block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#resources NetworkSecurityAuthzPolicy#resources} */ readonly resources?: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResources[] | cdktf.IResolvable; } export declare function networkSecurityAuthzPolicyHttpRulesFromSourcesToTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromSources | cdktf.IResolvable): any; export declare function networkSecurityAuthzPolicyHttpRulesFromSourcesToHclTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromSources | cdktf.IResolvable): any; export declare class NetworkSecurityAuthzPolicyHttpRulesFromSourcesOutputReference extends cdktf.ComplexObject { private isEmptyObject; private resolvableValue?; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param complexObjectIndex the index of this item in the list * @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean); get internalValue(): NetworkSecurityAuthzPolicyHttpRulesFromSources | cdktf.IResolvable | undefined; set internalValue(value: NetworkSecurityAuthzPolicyHttpRulesFromSources | cdktf.IResolvable | undefined); private _principals; get principals(): NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipalsList; putPrincipals(value: NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipals[] | cdktf.IResolvable): void; resetPrincipals(): void; get principalsInput(): cdktf.IResolvable | NetworkSecurityAuthzPolicyHttpRulesFromSourcesPrincipals[] | undefined; private _resources; get resources(): NetworkSecurityAuthzPolicyHttpRulesFromSourcesResourcesList; putResources(value: NetworkSecurityAuthzPolicyHttpRulesFromSourcesResources[] | cdktf.IResolvable): void; resetResources(): void; get resourcesInput(): cdktf.IResolvable | NetworkSecurityAuthzPolicyHttpRulesFromSourcesResources[] | undefined; } export declare class NetworkSecurityAuthzPolicyHttpRulesFromSourcesList extends cdktf.ComplexList { protected terraformResource: cdktf.IInterpolatingParent; protected terraformAttribute: string; protected wrapsSet: boolean; internalValue?: NetworkSecurityAuthzPolicyHttpRulesFromSources[] | cdktf.IResolvable; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing * @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index) */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean); /** * @param index the index of the item to return */ get(index: number): NetworkSecurityAuthzPolicyHttpRulesFromSourcesOutputReference; } export interface NetworkSecurityAuthzPolicyHttpRulesFrom { /** * not_sources block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#not_sources NetworkSecurityAuthzPolicy#not_sources} */ readonly notSources?: NetworkSecurityAuthzPolicyHttpRulesFromNotSources[] | cdktf.IResolvable; /** * sources block * * Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/network_security_authz_policy#sources NetworkSecurityAuthzPolicy#sources} */ readonly sources?: NetworkSecurityAuthzPolicyHttpRulesFromSources[] | cdktf.IResolvable; } export declare function networkSecurityAuthzPolicyHttpRulesFromToTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromOutputReference | NetworkSecurityAuthzPolicyHttpRulesFrom): any; export declare function networkSecurityAuthzPolicyHttpRulesFromToHclTerraform(struct?: NetworkSecurityAuthzPolicyHttpRulesFromOutputReference | NetworkSecurityAuthzPolicyHttpRulesFrom): any; export declare class NetworkSecurityAuthzPolicyHttpRulesFromOutputReference extends cdktf.ComplexObject { private isEmptyObject; /** * @param terraformResource The parent resource * @param terraformAttribute The attribute on the parent resource this class is referencing */ constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string); get internalValue(): NetworkSecurityAuthzPolicyHttpRulesFrom | undefined; set internalValue(value: NetworkSecurityAuthzPolicyHttpRulesFrom | undefined); private _notSources; get notSources(): NetworkSecurityAuthzPolicyHttpRulesFromNotSourcesList; putNotSources(value: NetworkSecurityAuthzPolicyHttpRulesFromNotSources[] | cdktf.