@pulumi/gcp
Version:
A Pulumi package for creating and managing Google Cloud Platform resources.
215 lines • 8.62 kB
JavaScript
;
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.SecurityProfile = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
* A security profile defines the behavior associated to a profile type.
*
* To get more information about SecurityProfile, see:
*
* * [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/organizations.locations.securityProfiles)
* * How-to Guides
* * [Create and manage security profiles](https://cloud.google.com/firewall/docs/configure-security-profiles)
*
* ## Example Usage
*
* ### Network Security Security Profile Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const _default = new gcp.networksecurity.SecurityProfile("default", {
* name: "my-security-profile",
* parent: "organizations/123456789",
* description: "my description",
* type: "THREAT_PREVENTION",
* labels: {
* foo: "bar",
* },
* });
* ```
* ### Network Security Security Profile Overrides
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const _default = new gcp.networksecurity.SecurityProfile("default", {
* name: "my-security-profile",
* parent: "organizations/123456789",
* description: "my description",
* type: "THREAT_PREVENTION",
* threatPreventionProfile: {
* severityOverrides: [
* {
* action: "ALLOW",
* severity: "INFORMATIONAL",
* },
* {
* action: "DENY",
* severity: "HIGH",
* },
* ],
* threatOverrides: [{
* action: "ALLOW",
* threatId: "280647",
* }],
* antivirusOverrides: [{
* protocol: "SMTP",
* action: "ALLOW",
* }],
* },
* });
* ```
* ### Network Security Security Profile Mirroring
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const _default = new gcp.compute.Network("default", {
* name: "my-network",
* autoCreateSubnetworks: false,
* });
* const defaultMirroringDeploymentGroup = new gcp.networksecurity.MirroringDeploymentGroup("default", {
* mirroringDeploymentGroupId: "my-dg",
* location: "global",
* network: _default.id,
* });
* const defaultMirroringEndpointGroup = new gcp.networksecurity.MirroringEndpointGroup("default", {
* mirroringEndpointGroupId: "my-eg",
* location: "global",
* mirroringDeploymentGroup: defaultMirroringDeploymentGroup.id,
* });
* const defaultSecurityProfile = new gcp.networksecurity.SecurityProfile("default", {
* name: "my-security-profile",
* parent: "organizations/123456789",
* description: "my description",
* type: "CUSTOM_MIRRORING",
* customMirroringProfile: {
* mirroringEndpointGroup: defaultMirroringEndpointGroup.id,
* },
* });
* ```
* ### Network Security Security Profile Intercept
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const _default = new gcp.compute.Network("default", {
* name: "my-network",
* autoCreateSubnetworks: false,
* });
* const defaultInterceptDeploymentGroup = new gcp.networksecurity.InterceptDeploymentGroup("default", {
* interceptDeploymentGroupId: "my-dg",
* location: "global",
* network: _default.id,
* });
* const defaultInterceptEndpointGroup = new gcp.networksecurity.InterceptEndpointGroup("default", {
* interceptEndpointGroupId: "my-eg",
* location: "global",
* interceptDeploymentGroup: defaultInterceptDeploymentGroup.id,
* });
* const defaultSecurityProfile = new gcp.networksecurity.SecurityProfile("default", {
* name: "my-security-profile",
* parent: "organizations/123456789",
* description: "my description",
* type: "CUSTOM_INTERCEPT",
* customInterceptProfile: {
* interceptEndpointGroup: defaultInterceptEndpointGroup.id,
* },
* });
* ```
*
* ## Import
*
* SecurityProfile can be imported using any of these accepted formats:
*
* * `{{parent}}/locations/{{location}}/securityProfiles/{{name}}`
*
* When using the `pulumi import` command, SecurityProfile can be imported using one of the formats above. For example:
*
* ```sh
* $ pulumi import gcp:networksecurity/securityProfile:SecurityProfile default {{parent}}/locations/{{location}}/securityProfiles/{{name}}
* ```
*/
class SecurityProfile extends pulumi.CustomResource {
/**
* Get an existing SecurityProfile resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name, id, state, opts) {
return new SecurityProfile(name, state, { ...opts, id: id });
}
/**
* Returns true if the given object is an instance of SecurityProfile. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj) {
if (obj === undefined || obj === null) {
return false;
}
return obj['__pulumiType'] === SecurityProfile.__pulumiType;
}
constructor(name, argsOrState, opts) {
let resourceInputs = {};
opts = opts || {};
if (opts.id) {
const state = argsOrState;
resourceInputs["createTime"] = state?.createTime;
resourceInputs["customInterceptProfile"] = state?.customInterceptProfile;
resourceInputs["customMirroringProfile"] = state?.customMirroringProfile;
resourceInputs["description"] = state?.description;
resourceInputs["effectiveLabels"] = state?.effectiveLabels;
resourceInputs["etag"] = state?.etag;
resourceInputs["labels"] = state?.labels;
resourceInputs["location"] = state?.location;
resourceInputs["name"] = state?.name;
resourceInputs["parent"] = state?.parent;
resourceInputs["pulumiLabels"] = state?.pulumiLabels;
resourceInputs["selfLink"] = state?.selfLink;
resourceInputs["threatPreventionProfile"] = state?.threatPreventionProfile;
resourceInputs["type"] = state?.type;
resourceInputs["updateTime"] = state?.updateTime;
}
else {
const args = argsOrState;
if (args?.type === undefined && !opts.urn) {
throw new Error("Missing required property 'type'");
}
resourceInputs["customInterceptProfile"] = args?.customInterceptProfile;
resourceInputs["customMirroringProfile"] = args?.customMirroringProfile;
resourceInputs["description"] = args?.description;
resourceInputs["labels"] = args?.labels;
resourceInputs["location"] = args?.location;
resourceInputs["name"] = args?.name;
resourceInputs["parent"] = args?.parent;
resourceInputs["threatPreventionProfile"] = args?.threatPreventionProfile;
resourceInputs["type"] = args?.type;
resourceInputs["createTime"] = undefined /*out*/;
resourceInputs["effectiveLabels"] = undefined /*out*/;
resourceInputs["etag"] = undefined /*out*/;
resourceInputs["pulumiLabels"] = undefined /*out*/;
resourceInputs["selfLink"] = undefined /*out*/;
resourceInputs["updateTime"] = undefined /*out*/;
}
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
const secretOpts = { additionalSecretOutputs: ["effectiveLabels", "pulumiLabels"] };
opts = pulumi.mergeOptions(opts, secretOpts);
super(SecurityProfile.__pulumiType, name, resourceInputs, opts);
}
}
exports.SecurityProfile = SecurityProfile;
/** @internal */
SecurityProfile.__pulumiType = 'gcp:networksecurity/securityProfile:SecurityProfile';
//# sourceMappingURL=securityProfile.js.map