@pulumi/gcp
Version:
A Pulumi package for creating and managing Google Cloud Platform resources.
208 lines • 8.96 kB
JavaScript
;
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.SecurityAction = void 0;
const pulumi = __importStar(require("@pulumi/pulumi"));
const utilities = __importStar(require("../utilities"));
/**
* A SecurityAction is rule that can be enforced at an environment level.
* The result is one of: - A denied API call - An explicitly allowed API call
* - A flagged API call (HTTP headers added before the target receives it)
* At least one condition is required to create a SecurityAction.
*
* To get more information about SecurityAction, see:
*
* * [API documentation](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.environments.securityActions/create)
* * How-to Guides
* * [Creating security actions](https://cloud.google.com/apigee/docs/api-security/security-actions-api#create-security-actions)
*
* ## Example Usage
*
* ### Apigee Security Action Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const current = gcp.organizations.getClientConfig({});
* const apigeeNetwork = new gcp.compute.Network("apigee_network", {name: "my-network"});
* const apigeeRange = new gcp.compute.GlobalAddress("apigee_range", {
* name: "my-address",
* purpose: "VPC_PEERING",
* addressType: "INTERNAL",
* prefixLength: 16,
* network: apigeeNetwork.id,
* });
* const apigeeVpcConnection = new gcp.servicenetworking.Connection("apigee_vpc_connection", {
* network: apigeeNetwork.id,
* service: "servicenetworking.googleapis.com",
* reservedPeeringRanges: [apigeeRange.name],
* });
* const apigeeOrg = new gcp.apigee.Organization("apigee_org", {
* analyticsRegion: "us-central1",
* projectId: current.then(current => current.project),
* authorizedNetwork: apigeeNetwork.id,
* }, {
* dependsOn: [apigeeVpcConnection],
* });
* const env = new gcp.apigee.Environment("env", {
* name: "my-environment",
* description: "Apigee Environment",
* displayName: "environment-1",
* orgId: apigeeOrg.id,
* });
* const apigeeOrgSecurityAddonsConfig = new gcp.apigee.AddonsConfig("apigee_org_security_addons_config", {
* org: apigeeOrg.name,
* addonsConfig: {
* apiSecurityConfig: {
* enabled: true,
* },
* },
* });
* const apigeeSecurityAction = new gcp.apigee.SecurityAction("apigee_security_action", {
* securityActionId: "my-security-action",
* orgId: apigeeOrg.name,
* envId: env.name,
* description: "Apigee Security Action",
* state: "ENABLED",
* conditionConfig: {
* ipAddressRanges: [
* "100.0.220.1",
* "200.0.0.1",
* ],
* botReasons: [
* "Flooder",
* "Public Cloud Azure",
* "Public Cloud AWS",
* ],
* },
* allow: {},
* expireTime: "2025-12-31T23:59:59Z",
* }, {
* dependsOn: [apigeeOrgSecurityAddonsConfig],
* });
* ```
*
* ## Import
*
* SecurityAction can be imported using any of these accepted formats:
*
* * `organizations/{{org_id}}/environments/{{env_id}}/securityActions/{{security_action_id}}`
* * `{{org_id}}/{{env_id}}/{{security_action_id}}`
*
* When using the `pulumi import` command, SecurityAction can be imported using one of the formats above. For example:
*
* ```sh
* $ pulumi import gcp:apigee/securityAction:SecurityAction default organizations/{{org_id}}/environments/{{env_id}}/securityActions/{{security_action_id}}
* $ pulumi import gcp:apigee/securityAction:SecurityAction default {{org_id}}/{{env_id}}/{{security_action_id}}
* ```
*/
class SecurityAction extends pulumi.CustomResource {
/**
* Get an existing SecurityAction resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name, id, state, opts) {
return new SecurityAction(name, state, { ...opts, id: id });
}
/** @internal */
static __pulumiType = 'gcp:apigee/securityAction:SecurityAction';
/**
* Returns true if the given object is an instance of SecurityAction. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj) {
if (obj === undefined || obj === null) {
return false;
}
return obj['__pulumiType'] === SecurityAction.__pulumiType;
}
constructor(name, argsOrState, opts) {
let resourceInputs = {};
opts = opts || {};
if (opts.id) {
const state = argsOrState;
resourceInputs["allow"] = state?.allow;
resourceInputs["apiProxies"] = state?.apiProxies;
resourceInputs["conditionConfig"] = state?.conditionConfig;
resourceInputs["createTime"] = state?.createTime;
resourceInputs["deletionPolicy"] = state?.deletionPolicy;
resourceInputs["deny"] = state?.deny;
resourceInputs["description"] = state?.description;
resourceInputs["envId"] = state?.envId;
resourceInputs["expireTime"] = state?.expireTime;
resourceInputs["flag"] = state?.flag;
resourceInputs["orgId"] = state?.orgId;
resourceInputs["securityActionId"] = state?.securityActionId;
resourceInputs["state"] = state?.state;
resourceInputs["ttl"] = state?.ttl;
resourceInputs["updateTime"] = state?.updateTime;
}
else {
const args = argsOrState;
if (args?.conditionConfig === undefined && !opts.urn) {
throw new Error("Missing required property 'conditionConfig'");
}
if (args?.envId === undefined && !opts.urn) {
throw new Error("Missing required property 'envId'");
}
if (args?.orgId === undefined && !opts.urn) {
throw new Error("Missing required property 'orgId'");
}
if (args?.securityActionId === undefined && !opts.urn) {
throw new Error("Missing required property 'securityActionId'");
}
if (args?.state === undefined && !opts.urn) {
throw new Error("Missing required property 'state'");
}
resourceInputs["allow"] = args?.allow;
resourceInputs["apiProxies"] = args?.apiProxies;
resourceInputs["conditionConfig"] = args?.conditionConfig;
resourceInputs["deletionPolicy"] = args?.deletionPolicy;
resourceInputs["deny"] = args?.deny;
resourceInputs["description"] = args?.description;
resourceInputs["envId"] = args?.envId;
resourceInputs["expireTime"] = args?.expireTime;
resourceInputs["flag"] = args?.flag;
resourceInputs["orgId"] = args?.orgId;
resourceInputs["securityActionId"] = args?.securityActionId;
resourceInputs["state"] = args?.state;
resourceInputs["ttl"] = args?.ttl;
resourceInputs["createTime"] = undefined /*out*/;
resourceInputs["updateTime"] = undefined /*out*/;
}
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
super(SecurityAction.__pulumiType, name, resourceInputs, opts);
}
}
exports.SecurityAction = SecurityAction;
//# sourceMappingURL=securityAction.js.map