@pulumi/consul

import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * The `consulServiceIntentionsConfigEntry` resource configures [service intentions](https://developer.hashicorp.com/consul/docs/connect/config-entries/service-intentions) that are configurations for controlling access between services in the service mesh. A single service intentions configuration entry specifies one destination service and one or more L4 traffic sources, L7 traffic sources, or combination of traffic sources. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as consul from "@pulumi/consul"; * * const jwtProvider = new consul.ConfigEntry("jwt_provider", { * name: "okta", * kind: "jwt-provider", * configJson: JSON.stringify({ * ClockSkewSeconds: 30, * Issuer: "test-issuer", * JSONWebKeySet: { * Remote: { * URI: "https://127.0.0.1:9091", * FetchAsynchronously: true, * }, * }, * }), * }); * const web = new consul.ConfigEntryServiceIntentions("web", { * name: "web", * jwts: [{ * providers: [{ * name: jwtProvider.name, * verifyClaims: [{ * paths: [ * "perms", * "role", * ], * value: "admin", * }], * }], * }], * sources: [ * { * name: "frontend-webapp", * type: "consul", * action: "allow", * }, * { * name: "nightly-cronjob", * type: "consul", * action: "deny", * }, * ], * }); * ``` */ export declare class ConfigEntryServiceIntentions extends pulumi.CustomResource { /** * Get an existing ConfigEntryServiceIntentions resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ConfigEntryServiceIntentionsState, opts?: pulumi.CustomResourceOptions): ConfigEntryServiceIntentions; /** * Returns true if the given object is an instance of ConfigEntryServiceIntentions. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ConfigEntryServiceIntentions; /** * Specifies a JSON Web Token provider configured in a JWT provider configuration entry, as well as additional configurations for verifying a service's JWT before authorizing communication between services */ readonly jwts: pulumi.Output<outputs.ConfigEntryServiceIntentionsJwt[] | undefined>; /** * Specifies key-value pairs to add to the KV store. */ readonly meta: pulumi.Output<{ [key: string]: string; } | undefined>; /** * Specifies a name of the destination service for all intentions defined in the configuration entry. */ readonly name: pulumi.Output<string>; /** * Specifies the namespace to apply the configuration entry. */ readonly namespace: pulumi.Output<string | undefined>; /** * Specifies the admin partition to apply the configuration entry. */ readonly partition: pulumi.Output<string | undefined>; /** * List of configurations that define intention sources and the authorization granted to the sources. */ readonly sources: pulumi.Output<outputs.ConfigEntryServiceIntentionsSource[] | undefined>; /** * Create a ConfigEntryServiceIntentions resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args?: ConfigEntryServiceIntentionsArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ConfigEntryServiceIntentions resources. */ export interface ConfigEntryServiceIntentionsState { /** * Specifies a JSON Web Token provider configured in a JWT provider configuration entry, as well as additional configurations for verifying a service's JWT before authorizing communication between services */ jwts?: pulumi.Input<pulumi.Input<inputs.ConfigEntryServiceIntentionsJwt>[]>; /** * Specifies key-value pairs to add to the KV store. */ meta?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Specifies a name of the destination service for all intentions defined in the configuration entry. */ name?: pulumi.Input<string>; /** * Specifies the namespace to apply the configuration entry. */ namespace?: pulumi.Input<string>; /** * Specifies the admin partition to apply the configuration entry. */ partition?: pulumi.Input<string>; /** * List of configurations that define intention sources and the authorization granted to the sources. */ sources?: pulumi.Input<pulumi.Input<inputs.ConfigEntryServiceIntentionsSource>[]>; } /** * The set of arguments for constructing a ConfigEntryServiceIntentions resource. */ export interface ConfigEntryServiceIntentionsArgs { /** * Specifies a JSON Web Token provider configured in a JWT provider configuration entry, as well as additional configurations for verifying a service's JWT before authorizing communication between services */ jwts?: pulumi.Input<pulumi.Input<inputs.ConfigEntryServiceIntentionsJwt>[]>; /** * Specifies key-value pairs to add to the KV store. */ meta?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Specifies a name of the destination service for all intentions defined in the configuration entry. */ name?: pulumi.Input<string>; /** * Specifies the namespace to apply the configuration entry. */ namespace?: pulumi.Input<string>; /** * Specifies the admin partition to apply the configuration entry. */ partition?: pulumi.Input<string>; /** * List of configurations that define intention sources and the authorization granted to the sources. */ sources?: pulumi.Input<pulumi.Input<inputs.ConfigEntryServiceIntentionsSource>[]>; }