@pulumi/gcp
Version:
A Pulumi package for creating and managing Google Cloud Platform resources.
216 lines • 8.5 kB
JavaScript
;
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.ServerTlsPolicy = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
* ServerTlsPolicy is a resource that specifies how a server should authenticate incoming requests. This resource itself does not affect configuration unless it is attached to a target HTTPS proxy or endpoint config selector resource.
*
* To get more information about ServerTlsPolicy, see:
*
* * [API documentation](https://cloud.google.com/traffic-director/docs/reference/network-security/rest/v1beta1/projects.locations.serverTlsPolicies)
*
* ## Example Usage
*
* ### Network Security Server Tls Policy Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const _default = new gcp.networksecurity.ServerTlsPolicy("default", {
* name: "my-server-tls-policy",
* labels: {
* foo: "bar",
* },
* description: "my description",
* allowOpen: false,
* serverCertificate: {
* certificateProviderInstance: {
* pluginInstance: "google_cloud_private_spiffe",
* },
* },
* mtlsPolicy: {
* clientValidationCas: [{
* grpcEndpoint: {
* targetUri: "unix:mypath",
* },
* }],
* },
* });
* ```
* ### Network Security Server Tls Policy Advanced
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const _default = new gcp.networksecurity.ServerTlsPolicy("default", {
* name: "my-server-tls-policy",
* labels: {
* foo: "bar",
* },
* description: "my description",
* location: "global",
* allowOpen: false,
* mtlsPolicy: {
* clientValidationMode: "ALLOW_INVALID_OR_MISSING_CLIENT_CERT",
* },
* });
* ```
* ### Network Security Server Tls Policy Server Cert
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const _default = new gcp.networksecurity.ServerTlsPolicy("default", {
* name: "my-server-tls-policy",
* labels: {
* foo: "bar",
* },
* description: "my description",
* location: "global",
* allowOpen: false,
* serverCertificate: {
* grpcEndpoint: {
* targetUri: "unix:mypath",
* },
* },
* });
* ```
* ### Network Security Server Tls Policy Mtls
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
*
* const project = gcp.organizations.getProject({});
* const defaultTrustConfig = new gcp.certificatemanager.TrustConfig("default", {
* name: "my-trust-config",
* description: "sample trust config description",
* location: "global",
* trustStores: [{
* trustAnchors: [{
* pemCertificate: std.file({
* input: "test-fixtures/ca_cert.pem",
* }).then(invoke => invoke.result),
* }],
* intermediateCas: [{
* pemCertificate: std.file({
* input: "test-fixtures/ca_cert.pem",
* }).then(invoke => invoke.result),
* }],
* }],
* labels: {
* foo: "bar",
* },
* });
* const _default = new gcp.networksecurity.ServerTlsPolicy("default", {
* name: "my-server-tls-policy",
* description: "my description",
* location: "global",
* allowOpen: false,
* mtlsPolicy: {
* clientValidationMode: "REJECT_INVALID",
* clientValidationTrustConfig: pulumi.all([project, defaultTrustConfig.name]).apply(([project, name]) => `projects/${project.number}/locations/global/trustConfigs/${name}`),
* },
* labels: {
* foo: "bar",
* },
* });
* ```
*
* ## Import
*
* ServerTlsPolicy can be imported using any of these accepted formats:
*
* * `projects/{{project}}/locations/{{location}}/serverTlsPolicies/{{name}}`
*
* * `{{project}}/{{location}}/{{name}}`
*
* * `{{location}}/{{name}}`
*
* When using the `pulumi import` command, ServerTlsPolicy can be imported using one of the formats above. For example:
*
* ```sh
* $ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default projects/{{project}}/locations/{{location}}/serverTlsPolicies/{{name}}
* ```
*
* ```sh
* $ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default {{project}}/{{location}}/{{name}}
* ```
*
* ```sh
* $ pulumi import gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy default {{location}}/{{name}}
* ```
*/
class ServerTlsPolicy extends pulumi.CustomResource {
/**
* Get an existing ServerTlsPolicy resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name, id, state, opts) {
return new ServerTlsPolicy(name, state, Object.assign(Object.assign({}, opts), { id: id }));
}
/**
* Returns true if the given object is an instance of ServerTlsPolicy. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj) {
if (obj === undefined || obj === null) {
return false;
}
return obj['__pulumiType'] === ServerTlsPolicy.__pulumiType;
}
constructor(name, argsOrState, opts) {
let resourceInputs = {};
opts = opts || {};
if (opts.id) {
const state = argsOrState;
resourceInputs["allowOpen"] = state ? state.allowOpen : undefined;
resourceInputs["createTime"] = state ? state.createTime : undefined;
resourceInputs["description"] = state ? state.description : undefined;
resourceInputs["effectiveLabels"] = state ? state.effectiveLabels : undefined;
resourceInputs["labels"] = state ? state.labels : undefined;
resourceInputs["location"] = state ? state.location : undefined;
resourceInputs["mtlsPolicy"] = state ? state.mtlsPolicy : undefined;
resourceInputs["name"] = state ? state.name : undefined;
resourceInputs["project"] = state ? state.project : undefined;
resourceInputs["pulumiLabels"] = state ? state.pulumiLabels : undefined;
resourceInputs["serverCertificate"] = state ? state.serverCertificate : undefined;
resourceInputs["updateTime"] = state ? state.updateTime : undefined;
}
else {
const args = argsOrState;
resourceInputs["allowOpen"] = args ? args.allowOpen : undefined;
resourceInputs["description"] = args ? args.description : undefined;
resourceInputs["labels"] = args ? args.labels : undefined;
resourceInputs["location"] = args ? args.location : undefined;
resourceInputs["mtlsPolicy"] = args ? args.mtlsPolicy : undefined;
resourceInputs["name"] = args ? args.name : undefined;
resourceInputs["project"] = args ? args.project : undefined;
resourceInputs["serverCertificate"] = args ? args.serverCertificate : undefined;
resourceInputs["createTime"] = undefined /*out*/;
resourceInputs["effectiveLabels"] = undefined /*out*/;
resourceInputs["pulumiLabels"] = undefined /*out*/;
resourceInputs["updateTime"] = undefined /*out*/;
}
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
const secretOpts = { additionalSecretOutputs: ["effectiveLabels", "pulumiLabels"] };
opts = pulumi.mergeOptions(opts, secretOpts);
super(ServerTlsPolicy.__pulumiType, name, resourceInputs, opts);
}
}
exports.ServerTlsPolicy = ServerTlsPolicy;
/** @internal */
ServerTlsPolicy.__pulumiType = 'gcp:networksecurity/serverTlsPolicy:ServerTlsPolicy';
//# sourceMappingURL=serverTlsPolicy.js.map