@pulumi/gcp
Version:
A Pulumi package for creating and managing Google Cloud Platform resources.
400 lines • 17.1 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* The FeedsService is responsible for configuring and managing the ingestion of third-party security data and logs into Google Security Operations through various feed creation, updates, and lifecycle management, and schema validation.
*
* > **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider.
* See Provider Versions for more details on beta resources.
*
* To get more information about Feed, see:
*
* * [API documentation](https://docs.cloud.google.com/chronicle/docs/reference/rest/v1beta/projects.locations.instances.feeds)
* * How-to Guides
* * [Feed management overview](https://docs.cloud.google.com/chronicle/docs/administration/feed-management-overview)
*
* ## Example Usage
*
* ### Chronicle Feed Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* // This is a basic example for Terraform support in Chronicle feeds APIs.
* const exampleFeed = new gcp.chronicle.Feed("example_feed", {
* location: "us",
* instance: "00000000-0000-0000-0000-000000000000",
* displayName: "test-feeds",
* details: {
* feedSourceType: "HTTPS_PUSH_GOOGLE_CLOUD_PUBSUB",
* logType: "projects/my-project-name/locations/us/instances/00000000-0000-0000-0000-000000000000/logTypes/GCP_CLOUDAUDIT",
* httpsPushGoogleCloudPubsubSettings: {
* splitDelimiter: "\n",
* },
* },
* });
* ```
* ### Chronicle Feed Gcs
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* // This is an example of a Chronicle feed using the pre_create hook to fetch the service account.
* // Valid for source type: GOOGLE_CLOUD_STORAGE_EVENT_DRIVEN and GOOGLE_CLOUD_STORAGE.
* // 0. Get the project's GCS service account (for Storage Notifications)
* const gcsAccount = gcp.storage.getProjectServiceAccount({
* project: "my-project-name",
* });
* // 1. Create the Pub/Sub Topic
* const testTopic = new gcp.pubsub.Topic("test_topic", {
* name: "chronicle-test-topic-my-project-name-_85840",
* project: "my-project-name",
* });
* // 2. Grant GCS permission to publish to the topic
* // This must remain so GCS can send file notifications to Pub/Sub
* const gcsPublisher = new gcp.pubsub.TopicIAMMember("gcs_publisher", {
* topic: testTopic.name,
* role: "roles/pubsub.publisher",
* member: gcsAccount.then(gcsAccount => `serviceAccount:${gcsAccount.emailAddress}`),
* });
* // 3. Create the Pub/Sub Subscription
* const testSubscription = new gcp.pubsub.Subscription("test_subscription", {
* name: "chronicle-test-sub-my-project-name-_60302",
* project: "my-project-name",
* topic: testTopic.name,
* messageRetentionDuration: "1200s",
* });
* // 4. Define the GCS Bucket
* const testBucket = new gcp.storage.Bucket("test_bucket", {
* name: "chronicle-test-bucket-my-project-name-_22811",
* project: "my-project-name",
* location: "US",
* forceDestroy: true,
* });
* // 5. Link GCS bucket to Pub/Sub Topic
* const notification = new gcp.storage.Notification("notification", {
* bucket: testBucket.name,
* payloadFormat: "JSON_API_V1",
* topic: testTopic.id,
* eventTypes: ["OBJECT_FINALIZE"],
* }, {
* dependsOn: [gcsPublisher],
* });
* // 6. The Chronicle Feed Resource
* // The required permissions (Storage Admin and Pub/Sub Subscriber) are assumed to be
* // granted manually at the project level prior to running this test.
* const exampleFeed = new gcp.chronicle.Feed("example_feed", {
* location: "us",
* instance: "00000000-0000-0000-0000-000000000000",
* displayName: "test-feeds",
* details: {
* feedSourceType: "GOOGLE_CLOUD_STORAGE_EVENT_DRIVEN",
* logType: "projects/my-project-name/locations/us/instances/00000000-0000-0000-0000-000000000000/logTypes/GCP_CLOUDAUDIT",
* googleCloudStorageEventDrivenSettings: {
* bucketUri: pulumi.interpolate`gs://${testBucket.name}`,
* pubsubSubscription: pulumi.interpolate`projects/my-project-name/subscriptions/${testSubscription.name}`,
* maxLookbackDays: 90,
* },
* },
* }, {
* dependsOn: [notification],
* });
* export const fetchedFeedServiceAccount = exampleFeed.feedServiceAccount;
* ```
* ### Chronicle Feed Https Push
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* // This is an example of a Chronicle feed using the post_create hook to fetch the secret.
* // Valid for source type: HTTPS_PUSH_AMAZON_KINESIS_FIREHOSE.
* const exampleFeed = new gcp.chronicle.Feed("example_feed", {
* location: "us",
* instance: "00000000-0000-0000-0000-000000000000",
* displayName: "test-feeds",
* details: {
* feedSourceType: "HTTPS_PUSH_AMAZON_KINESIS_FIREHOSE",
* logType: "projects/my-project-name/locations/us/instances/00000000-0000-0000-0000-000000000000/logTypes/GCP_CLOUDAUDIT",
* httpsPushAmazonKinesisFirehoseSettings: {
* splitDelimiter: "\n",
* },
* },
* });
* export const feedSecret = exampleFeed.secret;
* ```
*
* ## Import
*
* Feed can be imported using any of these accepted formats:
*
* * `projects/{{project}}/locations/{{location}}/instances/{{instance}}/feeds/{{feed}}`
* * `{{project}}/{{location}}/{{instance}}/{{feed}}`
* * `{{location}}/{{instance}}/{{feed}}`
*
* When using the `pulumi import` command, Feed can be imported using one of the formats above. For example:
*
* ```sh
* $ pulumi import gcp:chronicle/feed:Feed default projects/{{project}}/locations/{{location}}/instances/{{instance}}/feeds/{{feed}}
* $ pulumi import gcp:chronicle/feed:Feed default {{project}}/{{location}}/{{instance}}/{{feed}}
* $ pulumi import gcp:chronicle/feed:Feed default {{location}}/{{instance}}/{{feed}}
* ```
*/
export declare class Feed extends pulumi.CustomResource {
/**
* Get an existing Feed resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FeedState, opts?: pulumi.CustomResourceOptions): Feed;
/**
* Returns true if the given object is an instance of Feed. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Feed;
/**
* Whether Terraform will be prevented from destroying the resource. Defaults to DELETE.
* When a 'terraform destroy' or 'pulumi up' would delete the resource,
* the command will fail if this field is set to "PREVENT" in Terraform state.
* When set to "ABANDON", the command will remove the resource from Terraform
* management without updating or deleting the resource in the API.
* When set to "DELETE", deleting the resource is allowed.
*/
readonly deletionPolicy: pulumi.Output<string>;
/**
* Additional details of the feed, these details are dynamic and will be
* different for each of the feeds.
* Structure is documented below.
*/
readonly details: pulumi.Output<outputs.chronicle.FeedDetails | undefined>;
/**
* Customer-provided feed name.
*/
readonly displayName: pulumi.Output<string | undefined>;
/**
* Whether the feed is enabled.
*/
readonly enabled: pulumi.Output<boolean | undefined>;
/**
* FeedFailureDetails contains details about the errors thrown by chronicle for
* the feeds. These are user visible details. These details help user identify
* the root cause and take appropriate action for the feed errors.
* NEXT TAG: 5
* Structure is documented below.
*/
readonly failureDetails: pulumi.Output<outputs.chronicle.FeedFailureDetails | undefined>;
/**
* Details about the most recent failure when feed state is FAILED.
*/
readonly failureMsg: pulumi.Output<string>;
/**
* Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.
*/
readonly feed: pulumi.Output<string>;
/**
* Output only. The service account used by Chronicle to ingest data from Cloud Storage. This is only available when the feed source type is GOOGLE_CLOUD_STORAGE_EVENT_DRIVEN or GOOGLE_CLOUD_STORAGE.
*/
readonly feedServiceAccount: pulumi.Output<string>;
/**
* Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.
*/
readonly instance: pulumi.Output<string>;
/**
* Latest timestamp when the transfer was successful for the feed.
*/
readonly lastFeedInitiationTime: pulumi.Output<string>;
/**
* Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.
*/
readonly location: pulumi.Output<string>;
/**
* The resource name of the feed.
* Format:
* projects/{project}/locations/{location}/instances/{instance}/feeds/{feed}
*/
readonly name: pulumi.Output<string>;
/**
* The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
readonly project: pulumi.Output<string>;
/**
* Whether this feed can be updated or deleted.
*/
readonly readOnly: pulumi.Output<boolean>;
/**
* Reference ID, this field will contain the legacy id of the feed.
*/
readonly referenceId: pulumi.Output<string>;
/**
* Output only. The secret generated for the feed. This is only available when the feed source type is HTTPS_PUSH_AMAZON_KINESIS_FIREHOSE.
*/
readonly secret: pulumi.Output<string>;
/**
* The state of the feed (e.g., ACTIVE, INACTIVE).
*/
readonly state: pulumi.Output<string>;
/**
* Unique identifier for the feed.
*/
readonly uid: pulumi.Output<string>;
/**
* Create a Feed resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: FeedArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Feed resources.
*/
export interface FeedState {
/**
* Whether Terraform will be prevented from destroying the resource. Defaults to DELETE.
* When a 'terraform destroy' or 'pulumi up' would delete the resource,
* the command will fail if this field is set to "PREVENT" in Terraform state.
* When set to "ABANDON", the command will remove the resource from Terraform
* management without updating or deleting the resource in the API.
* When set to "DELETE", deleting the resource is allowed.
*/
deletionPolicy?: pulumi.Input<string | undefined>;
/**
* Additional details of the feed, these details are dynamic and will be
* different for each of the feeds.
* Structure is documented below.
*/
details?: pulumi.Input<inputs.chronicle.FeedDetails | undefined>;
/**
* Customer-provided feed name.
*/
displayName?: pulumi.Input<string | undefined>;
/**
* Whether the feed is enabled.
*/
enabled?: pulumi.Input<boolean | undefined>;
/**
* FeedFailureDetails contains details about the errors thrown by chronicle for
* the feeds. These are user visible details. These details help user identify
* the root cause and take appropriate action for the feed errors.
* NEXT TAG: 5
* Structure is documented below.
*/
failureDetails?: pulumi.Input<inputs.chronicle.FeedFailureDetails | undefined>;
/**
* Details about the most recent failure when feed state is FAILED.
*/
failureMsg?: pulumi.Input<string | undefined>;
/**
* Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.
*/
feed?: pulumi.Input<string | undefined>;
/**
* Output only. The service account used by Chronicle to ingest data from Cloud Storage. This is only available when the feed source type is GOOGLE_CLOUD_STORAGE_EVENT_DRIVEN or GOOGLE_CLOUD_STORAGE.
*/
feedServiceAccount?: pulumi.Input<string | undefined>;
/**
* Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.
*/
instance?: pulumi.Input<string | undefined>;
/**
* Latest timestamp when the transfer was successful for the feed.
*/
lastFeedInitiationTime?: pulumi.Input<string | undefined>;
/**
* Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.
*/
location?: pulumi.Input<string | undefined>;
/**
* The resource name of the feed.
* Format:
* projects/{project}/locations/{location}/instances/{instance}/feeds/{feed}
*/
name?: pulumi.Input<string | undefined>;
/**
* The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
project?: pulumi.Input<string | undefined>;
/**
* Whether this feed can be updated or deleted.
*/
readOnly?: pulumi.Input<boolean | undefined>;
/**
* Reference ID, this field will contain the legacy id of the feed.
*/
referenceId?: pulumi.Input<string | undefined>;
/**
* Output only. The secret generated for the feed. This is only available when the feed source type is HTTPS_PUSH_AMAZON_KINESIS_FIREHOSE.
*/
secret?: pulumi.Input<string | undefined>;
/**
* The state of the feed (e.g., ACTIVE, INACTIVE).
*/
state?: pulumi.Input<string | undefined>;
/**
* Unique identifier for the feed.
*/
uid?: pulumi.Input<string | undefined>;
}
/**
* The set of arguments for constructing a Feed resource.
*/
export interface FeedArgs {
/**
* Whether Terraform will be prevented from destroying the resource. Defaults to DELETE.
* When a 'terraform destroy' or 'pulumi up' would delete the resource,
* the command will fail if this field is set to "PREVENT" in Terraform state.
* When set to "ABANDON", the command will remove the resource from Terraform
* management without updating or deleting the resource in the API.
* When set to "DELETE", deleting the resource is allowed.
*/
deletionPolicy?: pulumi.Input<string | undefined>;
/**
* Additional details of the feed, these details are dynamic and will be
* different for each of the feeds.
* Structure is documented below.
*/
details?: pulumi.Input<inputs.chronicle.FeedDetails | undefined>;
/**
* Customer-provided feed name.
*/
displayName?: pulumi.Input<string | undefined>;
/**
* Whether the feed is enabled.
*/
enabled?: pulumi.Input<boolean | undefined>;
/**
* FeedFailureDetails contains details about the errors thrown by chronicle for
* the feeds. These are user visible details. These details help user identify
* the root cause and take appropriate action for the feed errors.
* NEXT TAG: 5
* Structure is documented below.
*/
failureDetails?: pulumi.Input<inputs.chronicle.FeedFailureDetails | undefined>;
/**
* Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.
*/
feed?: pulumi.Input<string | undefined>;
/**
* Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.
*/
instance: pulumi.Input<string>;
/**
* Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.
*/
location: pulumi.Input<string>;
/**
* The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
project?: pulumi.Input<string | undefined>;
}
//# sourceMappingURL=feed.d.ts.map