@pulumi/gcp

import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * A set of reusable connection configurations to be used as a source or destination for a stream. * * To get more information about ConnectionProfile, see: * * * [API documentation](https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.connectionProfiles) * * How-to Guides * * [Official Documentation](https://cloud.google.com/datastream/docs/create-connection-profiles) * * ## Example Usage * * ### Datastream Connection Profile Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Connection profile", * location: "us-central1", * connectionProfileId: "my-profile", * gcsProfile: { * bucket: "my-bucket", * rootPath: "/path", * }, * }); * ``` * ### Datastream Connection Profile Postgresql Private Connection * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * import * as random from "@pulumi/random"; * * const _default = new gcp.compute.Network("default", { * name: "my-network", * autoCreateSubnetworks: false, * }); * const defaultSubnetwork = new gcp.compute.Subnetwork("default", { * name: "my-subnetwork", * ipCidrRange: "10.1.0.0/16", * region: "us-central1", * network: _default.id, * }); * const privateConnection = new gcp.datastream.PrivateConnection("private_connection", { * displayName: "Private connection", * location: "us-central1", * privateConnectionId: "my-connection", * vpcPeeringConfig: { * vpc: _default.id, * subnet: "10.0.0.0/29", * }, * }); * const natVmIp = new gcp.compute.Address("nat_vm_ip", {name: "nat-vm-ip"}); * const instance = new gcp.sql.DatabaseInstance("instance", { * name: "my-instance", * databaseVersion: "POSTGRES_14", * region: "us-central1", * settings: { * tier: "db-f1-micro", * ipConfiguration: { * authorizedNetworks: [{ * value: natVmIp.address, * }], * }, * }, * deletionProtection: true, * }); * const db = new gcp.sql.Database("db", { * instance: instance.name, * name: "db", * }); * const pwd = new random.RandomPassword("pwd", { * length: 16, * special: false, * }); * const user = new gcp.sql.User("user", { * name: "user", * instance: instance.name, * password: pwd.result, * }); * const natVm = new gcp.compute.Instance("nat_vm", { * name: "nat-vm", * machineType: "e2-medium", * zone: "us-central1-a", * desiredStatus: "RUNNING", * bootDisk: { * initializeParams: { * image: "debian-cloud/debian-12", * }, * }, * networkInterfaces: [{ * network: privateConnection.vpcPeeringConfig.apply(vpcPeeringConfig => vpcPeeringConfig?.vpc), * subnetwork: defaultSubnetwork.selfLink, * accessConfigs: [{ * natIp: natVmIp.address, * }], * }], * metadataStartupScript: pulumi.interpolate`#! /bin/bash * # See https://cloud.google.com/datastream/docs/private-connectivity#set-up-reverse-proxy * export DB_ADDR=${instance.publicIpAddress} * export DB_PORT=5432 * echo 1 > /proc/sys/net/ipv4/ip_forward * md_url_prefix="http://169.254.169.254/computeMetadata/v1/instance" * vm_nic_ip="$(curl -H "Metadata-Flavor: Google" ${md_url_prefix}/network-interfaces/0/ip)" * iptables -t nat -F * iptables -t nat -A PREROUTING \ * -p tcp --dport $DB_PORT \ * -j DNAT \ * --to-destination $DB_ADDR * iptables -t nat -A POSTROUTING \ * -p tcp --dport $DB_PORT \ * -j SNAT \ * --to-source $vm_nic_ip * iptables-save * `, * }); * const rules = new gcp.compute.Firewall("rules", { * name: "ingress-rule", * network: privateConnection.vpcPeeringConfig.apply(vpcPeeringConfig => vpcPeeringConfig?.vpc), * description: "Allow traffic into NAT VM", * direction: "INGRESS", * allows: [{ * protocol: "tcp", * ports: ["5432"], * }], * sourceRanges: [privateConnection.vpcPeeringConfig.apply(vpcPeeringConfig => vpcPeeringConfig?.subnet)], * }); * const defaultConnectionProfile = new gcp.datastream.ConnectionProfile("default", { * displayName: "Connection profile", * location: "us-central1", * connectionProfileId: "my-profile", * postgresqlProfile: { * hostname: natVm.networkInterfaces.apply(networkInterfaces => networkInterfaces[0].networkIp), * username: user.name, * password: user.password, * database: db.name, * port: 5432, * }, * privateConnectivity: { * privateConnection: privateConnection.id, * }, * }); * ``` * ### Datastream Connection Profile Full * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Connection profile", * location: "us-central1", * connectionProfileId: "my-profile", * gcsProfile: { * bucket: "my-bucket", * rootPath: "/path", * }, * forwardSshConnectivity: { * hostname: "google.com", * username: "my-user", * port: 8022, * password: "swordfish", * }, * labels: { * key: "value", * }, * }); * ``` * ### Datastream Connection Profile Postgres * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * import * as random from "@pulumi/random"; * * const instance = new gcp.sql.DatabaseInstance("instance", { * name: "my-instance", * databaseVersion: "POSTGRES_14", * region: "us-central1", * settings: { * tier: "db-f1-micro", * ipConfiguration: { * authorizedNetworks: [ * { * value: "34.71.242.81", * }, * { * value: "34.72.28.29", * }, * { * value: "34.67.6.157", * }, * { * value: "34.67.234.134", * }, * { * value: "34.72.239.218", * }, * ], * }, * }, * deletionProtection: true, * }); * const db = new gcp.sql.Database("db", { * instance: instance.name, * name: "db", * }); * const pwd = new random.RandomPassword("pwd", { * length: 16, * special: false, * }); * const user = new gcp.sql.User("user", { * name: "user", * instance: instance.name, * password: pwd.result, * }); * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Connection profile", * location: "us-central1", * connectionProfileId: "my-profile", * postgresqlProfile: { * hostname: instance.publicIpAddress, * username: user.name, * password: user.password, * database: db.name, * }, * }); * ``` * ### Datastream Connection Profile Sql Server * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const instance = new gcp.sql.DatabaseInstance("instance", { * name: "sql-server", * databaseVersion: "SQLSERVER_2019_STANDARD", * region: "us-central1", * rootPassword: "root-password", * deletionProtection: true, * settings: { * tier: "db-custom-2-4096", * ipConfiguration: { * authorizedNetworks: [ * { * value: "34.71.242.81", * }, * { * value: "34.72.28.29", * }, * { * value: "34.67.6.157", * }, * { * value: "34.67.234.134", * }, * { * value: "34.72.239.218", * }, * ], * }, * }, * }); * const db = new gcp.sql.Database("db", { * name: "db", * instance: instance.name, * }); * const user = new gcp.sql.User("user", { * name: "user", * instance: instance.name, * password: "password", * }); * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "SQL Server Source", * location: "us-central1", * connectionProfileId: "source-profile", * sqlServerProfile: { * hostname: instance.publicIpAddress, * port: 1433, * username: user.name, * password: user.password, * database: db.name, * }, * }); * ``` * ### Datastream Connection Profile Salesforce * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Salesforce Source", * location: "us-central1", * connectionProfileId: "source-profile", * createWithoutValidation: true, * salesforceProfile: { * domain: "fake-domain.my.salesforce.com", * userCredentials: { * username: "fake-username", * secretManagerStoredPassword: "fake-password", * secretManagerStoredSecurityToken: "fake-token", * }, * }, * }); * ``` * ### Datastream Connection Profile Postgres Secret Manager * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Postgres Source With Secret Manager", * location: "us-central1", * connectionProfileId: "source-profile", * createWithoutValidation: true, * postgresqlProfile: { * hostname: "fake-hostname", * port: 3306, * username: "fake-username", * secretManagerStoredPassword: "projects/fake-project/secrets/fake-secret/versions/1", * database: "fake-database", * }, * }); * ``` * * ## Import * * ConnectionProfile can be imported using any of these accepted formats: * * * `projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}` * * * `{{project}}/{{location}}/{{connection_profile_id}}` * * * `{{location}}/{{connection_profile_id}}` * * When using the `pulumi import` command, ConnectionProfile can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:datastream/connectionProfile:ConnectionProfile default projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}} * ``` * * ```sh * $ pulumi import gcp:datastream/connectionProfile:ConnectionProfile default {{project}}/{{location}}/{{connection_profile_id}} * ``` * * ```sh * $ pulumi import gcp:datastream/connectionProfile:ConnectionProfile default {{location}}/{{connection_profile_id}} * ``` */ export declare class ConnectionProfile extends pulumi.CustomResource { /** * Get an existing ConnectionProfile resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ConnectionProfileState, opts?: pulumi.CustomResourceOptions): ConnectionProfile; /** * Returns true if the given object is an instance of ConnectionProfile. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ConnectionProfile; /** * BigQuery warehouse profile. */ readonly bigqueryProfile: pulumi.Output<outputs.datastream.ConnectionProfileBigqueryProfile | undefined>; /** * The connection profile identifier. */ readonly connectionProfileId: pulumi.Output<string>; /** * Create the connection profile without validating it. */ readonly createWithoutValidation: pulumi.Output<boolean | undefined>; /** * Display name. */ readonly displayName: pulumi.Output<string>; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ readonly effectiveLabels: pulumi.Output<{ [key: string]: string; }>; /** * Forward SSH tunnel connectivity. * Structure is documented below. */ readonly forwardSshConnectivity: pulumi.Output<outputs.datastream.ConnectionProfileForwardSshConnectivity | undefined>; /** * Cloud Storage bucket profile. * Structure is documented below. */ readonly gcsProfile: pulumi.Output<outputs.datastream.ConnectionProfileGcsProfile | undefined>; /** * Labels. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ readonly labels: pulumi.Output<{ [key: string]: string; } | undefined>; /** * The name of the location this connection profile is located in. */ readonly location: pulumi.Output<string>; /** * MySQL database profile. * Structure is documented below. */ readonly mysqlProfile: pulumi.Output<outputs.datastream.ConnectionProfileMysqlProfile | undefined>; /** * The resource's name. */ readonly name: pulumi.Output<string>; /** * Oracle database profile. * Structure is documented below. */ readonly oracleProfile: pulumi.Output<outputs.datastream.ConnectionProfileOracleProfile | undefined>; /** * PostgreSQL database profile. * Structure is documented below. */ readonly postgresqlProfile: pulumi.Output<outputs.datastream.ConnectionProfilePostgresqlProfile | undefined>; /** * Private connectivity. * Structure is documented below. */ readonly privateConnectivity: pulumi.Output<outputs.datastream.ConnectionProfilePrivateConnectivity | undefined>; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ readonly project: pulumi.Output<string>; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ readonly pulumiLabels: pulumi.Output<{ [key: string]: string; }>; /** * Salesforce profile. * Structure is documented below. */ readonly salesforceProfile: pulumi.Output<outputs.datastream.ConnectionProfileSalesforceProfile | undefined>; /** * SQL Server database profile. * Structure is documented below. */ readonly sqlServerProfile: pulumi.Output<outputs.datastream.ConnectionProfileSqlServerProfile | undefined>; /** * Create a ConnectionProfile resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ConnectionProfileArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ConnectionProfile resources. */ export interface ConnectionProfileState { /** * BigQuery warehouse profile. */ bigqueryProfile?: pulumi.Input<inputs.datastream.ConnectionProfileBigqueryProfile>; /** * The connection profile identifier. */ connectionProfileId?: pulumi.Input<string>; /** * Create the connection profile without validating it. */ createWithoutValidation?: pulumi.Input<boolean>; /** * Display name. */ displayName?: pulumi.Input<string>; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ effectiveLabels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Forward SSH tunnel connectivity. * Structure is documented below. */ forwardSshConnectivity?: pulumi.Input<inputs.datastream.ConnectionProfileForwardSshConnectivity>; /** * Cloud Storage bucket profile. * Structure is documented below. */ gcsProfile?: pulumi.Input<inputs.datastream.ConnectionProfileGcsProfile>; /** * Labels. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * The name of the location this connection profile is located in. */ location?: pulumi.Input<string>; /** * MySQL database profile. * Structure is documented below. */ mysqlProfile?: pulumi.Input<inputs.datastream.ConnectionProfileMysqlProfile>; /** * The resource's name. */ name?: pulumi.Input<string>; /** * Oracle database profile. * Structure is documented below. */ oracleProfile?: pulumi.Input<inputs.datastream.ConnectionProfileOracleProfile>; /** * PostgreSQL database profile. * Structure is documented below. */ postgresqlProfile?: pulumi.Input<inputs.datastream.ConnectionProfilePostgresqlProfile>; /** * Private connectivity. * Structure is documented below. */ privateConnectivity?: pulumi.Input<inputs.datastream.ConnectionProfilePrivateConnectivity>; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input<string>; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ pulumiLabels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Salesforce profile. * Structure is documented below. */ salesforceProfile?: pulumi.Input<inputs.datastream.ConnectionProfileSalesforceProfile>; /** * SQL Server database profile. * Structure is documented below. */ sqlServerProfile?: pulumi.Input<inputs.datastream.ConnectionProfileSqlServerProfile>; } /** * The set of arguments for constructing a ConnectionProfile resource. */ export interface ConnectionProfileArgs { /** * BigQuery warehouse profile. */ bigqueryProfile?: pulumi.Input<inputs.datastream.ConnectionProfileBigqueryProfile>; /** * The connection profile identifier. */ connectionProfileId: pulumi.Input<string>; /** * Create the connection profile without validating it. */ createWithoutValidation?: pulumi.Input<boolean>; /** * Display name. */ displayName: pulumi.Input<string>; /** * Forward SSH tunnel connectivity. * Structure is documented below. */ forwardSshConnectivity?: pulumi.Input<inputs.datastream.ConnectionProfileForwardSshConnectivity>; /** * Cloud Storage bucket profile. * Structure is documented below. */ gcsProfile?: pulumi.Input<inputs.datastream.ConnectionProfileGcsProfile>; /** * Labels. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * The name of the location this connection profile is located in. */ location: pulumi.Input<string>; /** * MySQL database profile. * Structure is documented below. */ mysqlProfile?: pulumi.Input<inputs.datastream.ConnectionProfileMysqlProfile>; /** * Oracle database profile. * Structure is documented below. */ oracleProfile?: pulumi.Input<inputs.datastream.ConnectionProfileOracleProfile>; /** * PostgreSQL database profile. * Structure is documented below. */ postgresqlProfile?: pulumi.Input<inputs.datastream.ConnectionProfilePostgresqlProfile>; /** * Private connectivity. * Structure is documented below. */ privateConnectivity?: pulumi.Input<inputs.datastream.ConnectionProfilePrivateConnectivity>; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input<string>; /** * Salesforce profile. * Structure is documented below. */ salesforceProfile?: pulumi.Input<inputs.datastream.ConnectionProfileSalesforceProfile>; /** * SQL Server database profile. * Structure is documented below. */ sqlServerProfile?: pulumi.Input<inputs.datastream.ConnectionProfileSqlServerProfile>; }