@pulumi/gcp/networksecurity/gatewaySecurityPolicy.js

A Pulumi package for creating and managing Google Cloud Platform resources.

"use strict";
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.GatewaySecurityPolicy = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
 * The GatewaySecurityPolicy resource contains a collection of GatewaySecurityPolicyRules and associated metadata.
 *
 * To get more information about GatewaySecurityPolicy, see:
 *
 * * [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.gatewaySecurityPolicies)
 *
 * ## Example Usage
 *
 * ### Network Security Gateway Security Policy Basic
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 *
 * const _default = new gcp.networksecurity.GatewaySecurityPolicy("default", {
 *     name: "my-gateway-security-policy",
 *     location: "us-central1",
 *     description: "my description",
 * });
 * ```
 * ### Network Security Gateway Security Policy Tls Inspection Basic
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 *
 * const _default = new gcp.certificateauthority.CaPool("default", {
 *     name: "my-basic-ca-pool",
 *     location: "us-central1",
 *     tier: "DEVOPS",
 *     publishingOptions: {
 *         publishCaCert: false,
 *         publishCrl: false,
 *     },
 *     issuancePolicy: {
 *         maximumLifetime: "1209600s",
 *         baselineValues: {
 *             caOptions: {
 *                 isCa: false,
 *             },
 *             keyUsage: {
 *                 baseKeyUsage: {},
 *                 extendedKeyUsage: {
 *                     serverAuth: true,
 *                 },
 *             },
 *         },
 *     },
 * });
 * const defaultAuthority = new gcp.certificateauthority.Authority("default", {
 *     pool: _default.name,
 *     certificateAuthorityId: "my-basic-certificate-authority",
 *     location: "us-central1",
 *     lifetime: "86400s",
 *     type: "SELF_SIGNED",
 *     deletionProtection: false,
 *     skipGracePeriod: true,
 *     ignoreActiveCertificatesOnDeletion: true,
 *     config: {
 *         subjectConfig: {
 *             subject: {
 *                 organization: "Test LLC",
 *                 commonName: "my-ca",
 *             },
 *         },
 *         x509Config: {
 *             caOptions: {
 *                 isCa: true,
 *             },
 *             keyUsage: {
 *                 baseKeyUsage: {
 *                     certSign: true,
 *                     crlSign: true,
 *                 },
 *                 extendedKeyUsage: {
 *                     serverAuth: false,
 *                 },
 *             },
 *         },
 *     },
 *     keySpec: {
 *         algorithm: "RSA_PKCS1_4096_SHA256",
 *     },
 * });
 * const project = gcp.organizations.getProject({});
 * const tlsInspectionPermission = new gcp.certificateauthority.CaPoolIamMember("tls_inspection_permission", {
 *     caPool: _default.id,
 *     role: "roles/privateca.certificateManager",
 *     member: project.then(project => `serviceAccount:service-${project.number}@gcp-sa-networksecurity.iam.gserviceaccount.com`),
 * });
 * const defaultTlsInspectionPolicy = new gcp.networksecurity.TlsInspectionPolicy("default", {
 *     name: "my-tls-inspection-policy",
 *     location: "us-central1",
 *     caPool: _default.id,
 * }, {
 *     dependsOn: [
 *         _default,
 *         defaultAuthority,
 *         tlsInspectionPermission,
 *     ],
 * });
 * const defaultGatewaySecurityPolicy = new gcp.networksecurity.GatewaySecurityPolicy("default", {
 *     name: "my-gateway-security-policy",
 *     location: "us-central1",
 *     description: "my description",
 *     tlsInspectionPolicy: defaultTlsInspectionPolicy.id,
 * }, {
 *     dependsOn: [defaultTlsInspectionPolicy],
 * });
 * ```
 *
 * ## Import
 *
 * GatewaySecurityPolicy can be imported using any of these accepted formats:
 *
 * * `projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{name}}`
 *
 * * `{{project}}/{{location}}/{{name}}`
 *
 * * `{{location}}/{{name}}`
 *
 * When using the `pulumi import` command, GatewaySecurityPolicy can be imported using one of the formats above. For example:
 *
 * ```sh
 * $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{name}}
 * ```
 *
 * ```sh
 * $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{project}}/{{location}}/{{name}}
 * ```
 *
 * ```sh
 * $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{location}}/{{name}}
 * ```
 */
class GatewaySecurityPolicy extends pulumi.CustomResource {
    /**
     * Get an existing GatewaySecurityPolicy resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name, id, state, opts) {
        return new GatewaySecurityPolicy(name, state, { ...opts, id: id });
    }
    /**
     * Returns true if the given object is an instance of GatewaySecurityPolicy.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj) {
        if (obj === undefined || obj === null) {
            return false;
        }
        return obj['__pulumiType'] === GatewaySecurityPolicy.__pulumiType;
    }
    constructor(name, argsOrState, opts) {
        let resourceInputs = {};
        opts = opts || {};
        if (opts.id) {
            const state = argsOrState;
            resourceInputs["createTime"] = state?.createTime;
            resourceInputs["description"] = state?.description;
            resourceInputs["location"] = state?.location;
            resourceInputs["name"] = state?.name;
            resourceInputs["project"] = state?.project;
            resourceInputs["selfLink"] = state?.selfLink;
            resourceInputs["tlsInspectionPolicy"] = state?.tlsInspectionPolicy;
            resourceInputs["updateTime"] = state?.updateTime;
        }
        else {
            const args = argsOrState;
            resourceInputs["description"] = args?.description;
            resourceInputs["location"] = args?.location;
            resourceInputs["name"] = args?.name;
            resourceInputs["project"] = args?.project;
            resourceInputs["tlsInspectionPolicy"] = args?.tlsInspectionPolicy;
            resourceInputs["createTime"] = undefined /*out*/;
            resourceInputs["selfLink"] = undefined /*out*/;
            resourceInputs["updateTime"] = undefined /*out*/;
        }
        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
        super(GatewaySecurityPolicy.__pulumiType, name, resourceInputs, opts);
    }
}
exports.GatewaySecurityPolicy = GatewaySecurityPolicy;
/** @internal */
GatewaySecurityPolicy.__pulumiType = 'gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy';
//# sourceMappingURL=gatewaySecurityPolicy.js.map