@pulumi/gcp
Version:
A Pulumi package for creating and managing Google Cloud Platform resources.
332 lines (331 loc) • 12.9 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* External access firewall rules for filtering incoming traffic destined to `ExternalAddress` resources.
*
* To get more information about ExternalAccessRule, see:
*
* * [API documentation](https://cloud.google.com/vmware-engine/docs/reference/rest/v1/projects.locations.networkPolicies.externalAccessRules)
*
* ## Example Usage
*
* ### Vmware Engine External Access Rule Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const external_access_rule_nw = new gcp.vmwareengine.Network("external-access-rule-nw", {
* name: "sample-nw",
* location: "global",
* type: "STANDARD",
* description: "PC network description.",
* });
* const external_access_rule_np = new gcp.vmwareengine.NetworkPolicy("external-access-rule-np", {
* location: "us-west1",
* name: "sample-np",
* edgeServicesCidr: "192.168.30.0/26",
* vmwareEngineNetwork: external_access_rule_nw.id,
* });
* const vmw_engine_external_access_rule = new gcp.vmwareengine.ExternalAccessRule("vmw-engine-external-access-rule", {
* name: "sample-external-access-rule",
* parent: external_access_rule_np.id,
* priority: 101,
* action: "DENY",
* ipProtocol: "TCP",
* sourceIpRanges: [{
* ipAddressRange: "0.0.0.0/0",
* }],
* sourcePorts: ["80"],
* destinationIpRanges: [{
* ipAddressRange: "0.0.0.0/0",
* }],
* destinationPorts: ["433"],
* });
* ```
* ### Vmware Engine External Access Rule Full
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const external_access_rule_nw = new gcp.vmwareengine.Network("external-access-rule-nw", {
* name: "sample-nw",
* location: "global",
* type: "STANDARD",
* description: "PC network description.",
* });
* const external_access_rule_pc = new gcp.vmwareengine.PrivateCloud("external-access-rule-pc", {
* location: "us-west1-a",
* name: "sample-pc",
* description: "Sample test PC.",
* networkConfig: {
* managementCidr: "192.168.50.0/24",
* vmwareEngineNetwork: external_access_rule_nw.id,
* },
* managementCluster: {
* clusterId: "sample-mgmt-cluster",
* nodeTypeConfigs: [{
* nodeTypeId: "standard-72",
* nodeCount: 3,
* }],
* },
* });
* const external_access_rule_np = new gcp.vmwareengine.NetworkPolicy("external-access-rule-np", {
* location: "us-west1",
* name: "sample-np",
* edgeServicesCidr: "192.168.30.0/26",
* vmwareEngineNetwork: external_access_rule_nw.id,
* });
* const external_access_rule_ea = new gcp.vmwareengine.ExternalAddress("external-access-rule-ea", {
* name: "sample-ea",
* parent: external_access_rule_pc.id,
* internalIp: "192.168.0.65",
* });
* const vmw_engine_external_access_rule = new gcp.vmwareengine.ExternalAccessRule("vmw-engine-external-access-rule", {
* name: "sample-external-access-rule",
* parent: external_access_rule_np.id,
* description: "Sample Description",
* priority: 101,
* action: "ALLOW",
* ipProtocol: "tcp",
* sourceIpRanges: [{
* ipAddressRange: "0.0.0.0/0",
* }],
* sourcePorts: ["80"],
* destinationIpRanges: [{
* externalAddress: external_access_rule_ea.id,
* }],
* destinationPorts: ["433"],
* });
* ```
*
* ## Import
*
* ExternalAccessRule can be imported using any of these accepted formats:
*
* * `{{parent}}/externalAccessRules/{{name}}`
*
* When using the `pulumi import` command, ExternalAccessRule can be imported using one of the formats above. For example:
*
* ```sh
* $ pulumi import gcp:vmwareengine/externalAccessRule:ExternalAccessRule default {{parent}}/externalAccessRules/{{name}}
* ```
*/
export declare class ExternalAccessRule extends pulumi.CustomResource {
/**
* Get an existing ExternalAccessRule resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ExternalAccessRuleState, opts?: pulumi.CustomResourceOptions): ExternalAccessRule;
/**
* Returns true if the given object is an instance of ExternalAccessRule. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is ExternalAccessRule;
/**
* The action that the external access rule performs.
* Possible values are: `ALLOW`, `DENY`.
*/
readonly action: pulumi.Output<string>;
/**
* Creation time of this resource.
* A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and
* up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
*/
readonly createTime: pulumi.Output<string>;
/**
* User-provided description for the external access rule.
*/
readonly description: pulumi.Output<string | undefined>;
/**
* If destination ranges are specified, the external access rule applies only to
* traffic that has a destination IP address in these ranges.
* Structure is documented below.
*/
readonly destinationIpRanges: pulumi.Output<outputs.vmwareengine.ExternalAccessRuleDestinationIpRange[]>;
/**
* A list of destination ports to which the external access rule applies.
*/
readonly destinationPorts: pulumi.Output<string[]>;
/**
* The IP protocol to which the external access rule applies.
*/
readonly ipProtocol: pulumi.Output<string>;
/**
* The ID of the external access rule.
*/
readonly name: pulumi.Output<string>;
/**
* The resource name of the network policy.
* Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names.
* For example: projects/my-project/locations/us-west1-a/networkPolicies/my-policy
*/
readonly parent: pulumi.Output<string>;
/**
* External access rule priority, which determines the external access rule to use when multiple rules apply.
*/
readonly priority: pulumi.Output<number>;
/**
* If source ranges are specified, the external access rule applies only to
* traffic that has a source IP address in these ranges.
* Structure is documented below.
*/
readonly sourceIpRanges: pulumi.Output<outputs.vmwareengine.ExternalAccessRuleSourceIpRange[]>;
/**
* A list of source ports to which the external access rule applies.
*/
readonly sourcePorts: pulumi.Output<string[]>;
/**
* State of the Cluster.
*/
readonly state: pulumi.Output<string>;
/**
* System-generated unique identifier for the resource.
*/
readonly uid: pulumi.Output<string>;
/**
* Last updated time of this resource.
* A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine
* fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
*/
readonly updateTime: pulumi.Output<string>;
/**
* Create a ExternalAccessRule resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: ExternalAccessRuleArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering ExternalAccessRule resources.
*/
export interface ExternalAccessRuleState {
/**
* The action that the external access rule performs.
* Possible values are: `ALLOW`, `DENY`.
*/
action?: pulumi.Input<string>;
/**
* Creation time of this resource.
* A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and
* up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
*/
createTime?: pulumi.Input<string>;
/**
* User-provided description for the external access rule.
*/
description?: pulumi.Input<string>;
/**
* If destination ranges are specified, the external access rule applies only to
* traffic that has a destination IP address in these ranges.
* Structure is documented below.
*/
destinationIpRanges?: pulumi.Input<pulumi.Input<inputs.vmwareengine.ExternalAccessRuleDestinationIpRange>[]>;
/**
* A list of destination ports to which the external access rule applies.
*/
destinationPorts?: pulumi.Input<pulumi.Input<string>[]>;
/**
* The IP protocol to which the external access rule applies.
*/
ipProtocol?: pulumi.Input<string>;
/**
* The ID of the external access rule.
*/
name?: pulumi.Input<string>;
/**
* The resource name of the network policy.
* Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names.
* For example: projects/my-project/locations/us-west1-a/networkPolicies/my-policy
*/
parent?: pulumi.Input<string>;
/**
* External access rule priority, which determines the external access rule to use when multiple rules apply.
*/
priority?: pulumi.Input<number>;
/**
* If source ranges are specified, the external access rule applies only to
* traffic that has a source IP address in these ranges.
* Structure is documented below.
*/
sourceIpRanges?: pulumi.Input<pulumi.Input<inputs.vmwareengine.ExternalAccessRuleSourceIpRange>[]>;
/**
* A list of source ports to which the external access rule applies.
*/
sourcePorts?: pulumi.Input<pulumi.Input<string>[]>;
/**
* State of the Cluster.
*/
state?: pulumi.Input<string>;
/**
* System-generated unique identifier for the resource.
*/
uid?: pulumi.Input<string>;
/**
* Last updated time of this resource.
* A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine
* fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
*/
updateTime?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a ExternalAccessRule resource.
*/
export interface ExternalAccessRuleArgs {
/**
* The action that the external access rule performs.
* Possible values are: `ALLOW`, `DENY`.
*/
action: pulumi.Input<string>;
/**
* User-provided description for the external access rule.
*/
description?: pulumi.Input<string>;
/**
* If destination ranges are specified, the external access rule applies only to
* traffic that has a destination IP address in these ranges.
* Structure is documented below.
*/
destinationIpRanges: pulumi.Input<pulumi.Input<inputs.vmwareengine.ExternalAccessRuleDestinationIpRange>[]>;
/**
* A list of destination ports to which the external access rule applies.
*/
destinationPorts: pulumi.Input<pulumi.Input<string>[]>;
/**
* The IP protocol to which the external access rule applies.
*/
ipProtocol: pulumi.Input<string>;
/**
* The ID of the external access rule.
*/
name?: pulumi.Input<string>;
/**
* The resource name of the network policy.
* Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names.
* For example: projects/my-project/locations/us-west1-a/networkPolicies/my-policy
*/
parent: pulumi.Input<string>;
/**
* External access rule priority, which determines the external access rule to use when multiple rules apply.
*/
priority: pulumi.Input<number>;
/**
* If source ranges are specified, the external access rule applies only to
* traffic that has a source IP address in these ranges.
* Structure is documented below.
*/
sourceIpRanges: pulumi.Input<pulumi.Input<inputs.vmwareengine.ExternalAccessRuleSourceIpRange>[]>;
/**
* A list of source ports to which the external access rule applies.
*/
sourcePorts: pulumi.Input<pulumi.Input<string>[]>;
}