@pulumi/gcp

import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * Packet Mirroring mirrors traffic to and from particular VM instances. * You can use the collected traffic to help you detect security threats * and monitor application performance. * * To get more information about PacketMirroring, see: * * * [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/packetMirrorings) * * How-to Guides * * [Using Packet Mirroring](https://cloud.google.com/vpc/docs/using-packet-mirroring#creating) * * ## Example Usage * * ### Compute Packet Mirroring Full * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.compute.Network("default", {name: "my-network"}); * const mirror = new gcp.compute.Instance("mirror", { * networkInterfaces: [{ * accessConfigs: [{}], * network: _default.id, * }], * name: "my-instance", * machineType: "e2-medium", * bootDisk: { * initializeParams: { * image: "debian-cloud/debian-11", * }, * }, * }); * const defaultSubnetwork = new gcp.compute.Subnetwork("default", { * name: "my-subnetwork", * network: _default.id, * ipCidrRange: "10.2.0.0/16", * }); * const defaultHealthCheck = new gcp.compute.HealthCheck("default", { * name: "my-healthcheck", * checkIntervalSec: 1, * timeoutSec: 1, * tcpHealthCheck: { * port: 80, * }, * }); * const defaultRegionBackendService = new gcp.compute.RegionBackendService("default", { * name: "my-service", * healthChecks: defaultHealthCheck.id, * }); * const defaultForwardingRule = new gcp.compute.ForwardingRule("default", { * name: "my-ilb", * isMirroringCollector: true, * ipProtocol: "TCP", * loadBalancingScheme: "INTERNAL", * backendService: defaultRegionBackendService.id, * allPorts: true, * network: _default.id, * subnetwork: defaultSubnetwork.id, * networkTier: "PREMIUM", * }, { * dependsOn: [defaultSubnetwork], * }); * const foobar = new gcp.compute.PacketMirroring("foobar", { * name: "my-mirroring", * description: "bar", * network: { * url: _default.id, * }, * collectorIlb: { * url: defaultForwardingRule.id, * }, * mirroredResources: { * tags: ["foo"], * instances: [{ * url: mirror.id, * }], * }, * filter: { * ipProtocols: ["tcp"], * cidrRanges: ["0.0.0.0/0"], * direction: "BOTH", * }, * }); * ``` * * ## Import * * PacketMirroring can be imported using any of these accepted formats: * * * `projects/{{project}}/regions/{{region}}/packetMirrorings/{{name}}` * * * `{{project}}/{{region}}/{{name}}` * * * `{{region}}/{{name}}` * * * `{{name}}` * * When using the `pulumi import` command, PacketMirroring can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:compute/packetMirroring:PacketMirroring default projects/{{project}}/regions/{{region}}/packetMirrorings/{{name}} * ``` * * ```sh * $ pulumi import gcp:compute/packetMirroring:PacketMirroring default {{project}}/{{region}}/{{name}} * ``` * * ```sh * $ pulumi import gcp:compute/packetMirroring:PacketMirroring default {{region}}/{{name}} * ``` * * ```sh * $ pulumi import gcp:compute/packetMirroring:PacketMirroring default {{name}} * ``` */ export declare class PacketMirroring extends pulumi.CustomResource { /** * Get an existing PacketMirroring resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PacketMirroringState, opts?: pulumi.CustomResourceOptions): PacketMirroring; /** * Returns true if the given object is an instance of PacketMirroring. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is PacketMirroring; /** * The Forwarding Rule resource (of type load_balancing_scheme=INTERNAL) * that will be used as collector for mirrored traffic. The * specified forwarding rule must have isMirroringCollector * set to true. * Structure is documented below. */ readonly collectorIlb: pulumi.Output<outputs.compute.PacketMirroringCollectorIlb>; /** * A human-readable description of the rule. */ readonly description: pulumi.Output<string | undefined>; /** * A filter for mirrored traffic. If unset, all traffic is mirrored. */ readonly filter: pulumi.Output<outputs.compute.PacketMirroringFilter | undefined>; /** * A means of specifying which resources to mirror. * Structure is documented below. */ readonly mirroredResources: pulumi.Output<outputs.compute.PacketMirroringMirroredResources>; /** * The name of the packet mirroring rule */ readonly name: pulumi.Output<string>; /** * Specifies the mirrored VPC network. Only packets in this network * will be mirrored. All mirrored VMs should have a NIC in the given * network. All mirrored subnetworks should belong to the given network. * Structure is documented below. */ readonly network: pulumi.Output<outputs.compute.PacketMirroringNetwork>; /** * Since only one rule can be active at a time, priority is used to break ties in the case of two rules that apply to the * same instances. */ readonly priority: pulumi.Output<number>; readonly project: pulumi.Output<string>; /** * The Region in which the created address should reside. If it is not provided, the provider region is used. */ readonly region: pulumi.Output<string>; /** * Create a PacketMirroring resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: PacketMirroringArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering PacketMirroring resources. */ export interface PacketMirroringState { /** * The Forwarding Rule resource (of type load_balancing_scheme=INTERNAL) * that will be used as collector for mirrored traffic. The * specified forwarding rule must have isMirroringCollector * set to true. * Structure is documented below. */ collectorIlb?: pulumi.Input<inputs.compute.PacketMirroringCollectorIlb>; /** * A human-readable description of the rule. */ description?: pulumi.Input<string>; /** * A filter for mirrored traffic. If unset, all traffic is mirrored. */ filter?: pulumi.Input<inputs.compute.PacketMirroringFilter>; /** * A means of specifying which resources to mirror. * Structure is documented below. */ mirroredResources?: pulumi.Input<inputs.compute.PacketMirroringMirroredResources>; /** * The name of the packet mirroring rule */ name?: pulumi.Input<string>; /** * Specifies the mirrored VPC network. Only packets in this network * will be mirrored. All mirrored VMs should have a NIC in the given * network. All mirrored subnetworks should belong to the given network. * Structure is documented below. */ network?: pulumi.Input<inputs.compute.PacketMirroringNetwork>; /** * Since only one rule can be active at a time, priority is used to break ties in the case of two rules that apply to the * same instances. */ priority?: pulumi.Input<number>; project?: pulumi.Input<string>; /** * The Region in which the created address should reside. If it is not provided, the provider region is used. */ region?: pulumi.Input<string>; } /** * The set of arguments for constructing a PacketMirroring resource. */ export interface PacketMirroringArgs { /** * The Forwarding Rule resource (of type load_balancing_scheme=INTERNAL) * that will be used as collector for mirrored traffic. The * specified forwarding rule must have isMirroringCollector * set to true. * Structure is documented below. */ collectorIlb: pulumi.Input<inputs.compute.PacketMirroringCollectorIlb>; /** * A human-readable description of the rule. */ description?: pulumi.Input<string>; /** * A filter for mirrored traffic. If unset, all traffic is mirrored. */ filter?: pulumi.Input<inputs.compute.PacketMirroringFilter>; /** * A means of specifying which resources to mirror. * Structure is documented below. */ mirroredResources: pulumi.Input<inputs.compute.PacketMirroringMirroredResources>; /** * The name of the packet mirroring rule */ name?: pulumi.Input<string>; /** * Specifies the mirrored VPC network. Only packets in this network * will be mirrored. All mirrored VMs should have a NIC in the given * network. All mirrored subnetworks should belong to the given network. * Structure is documented below. */ network: pulumi.Input<inputs.compute.PacketMirroringNetwork>; /** * Since only one rule can be active at a time, priority is used to break ties in the case of two rules that apply to the * same instances. */ priority?: pulumi.Input<number>; project?: pulumi.Input<string>; /** * The Region in which the created address should reside. If it is not provided, the provider region is used. */ region?: pulumi.Input<string>; }