@pulumi/gcp

import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * Framework deployments represent the assignment of a framework to a target resource. Supported target resources are organizations, folders, and projects. * * To get more information about FrameworkDeployment, see: * * * [API documentation](https://docs.cloud.google.com/security-command-center/docs/reference/cloudsecuritycompliance/rest/v1/organizations.locations.frameworkDeployments) * * ## Example Usage * * ## Import * * FrameworkDeployment can be imported using any of these accepted formats: * * * `organizations/{{organization}}/locations/{{location}}/frameworkDeployments/{{framework_deployment_id}}` * * `{{organization}}/{{location}}/{{framework_deployment_id}}` * * When using the `pulumi import` command, FrameworkDeployment can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:cloudsecuritycompliance/frameworkDeployment:FrameworkDeployment default organizations/{{organization}}/locations/{{location}}/frameworkDeployments/{{framework_deployment_id}} * $ pulumi import gcp:cloudsecuritycompliance/frameworkDeployment:FrameworkDeployment default {{organization}}/{{location}}/{{framework_deployment_id}} * ``` */ export declare class FrameworkDeployment extends pulumi.CustomResource { /** * Get an existing FrameworkDeployment resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FrameworkDeploymentState, opts?: pulumi.CustomResourceOptions): FrameworkDeployment; /** * Returns true if the given object is an instance of FrameworkDeployment. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is FrameworkDeployment; /** * The references to the cloud control deployments. It has all the * CloudControlDeployments which are either directly added in the framework or * through a CloudControlGroup. * Example: If a framework deployment deploys two * cloud controls, cc-deployment-1 and cc-deployment-2, then the * cloudControlDeploymentReferences will be: * { * cloud_control_deployment_reference: { * cloud_control_deployment: * "organizations/{organization}/locations/{location}/cloudControlDeployments/cc-deployment-1" * }, * cloud_control_deployment_reference: { * cloud_control_deployment: * "organizations/{organization}/locations/{location}/cloudControlDeployments/cc-deployment-2" * } * Structure is documented below. */ readonly cloudControlDeploymentReferences: pulumi.Output<outputs.cloudsecuritycompliance.FrameworkDeploymentCloudControlDeploymentReference[]>; /** * Deployment mode and parameters for each of the Cloud Controls in * the framework. Every Cloud Control in the framework must have a * CloudControlMetadata. * Structure is documented below. */ readonly cloudControlMetadatas: pulumi.Output<outputs.cloudsecuritycompliance.FrameworkDeploymentCloudControlMetadata[]>; /** * The resource on which the Framework is deployed based on the provided * TargetResourceConfig in the following format: * organizations/{organization}, folders/{folder} or projects/{project} */ readonly computedTargetResource: pulumi.Output<string>; /** * The time at which the resource was created. */ readonly createTime: pulumi.Output<string>; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ readonly deletionPolicy: pulumi.Output<string>; /** * The deployment state of the framework. * Possible values: * DEPLOYMENT_STATE_VALIDATING * DEPLOYMENT_STATE_CREATING * DEPLOYMENT_STATE_DELETING * DEPLOYMENT_STATE_FAILED * DEPLOYMENT_STATE_READY * DEPLOYMENT_STATE_PARTIALLY_DEPLOYED * DEPLOYMENT_STATE_PARTIALLY_DELETED */ readonly deploymentState: pulumi.Output<string>; /** * User provided description of the Framework deployment */ readonly description: pulumi.Output<string | undefined>; /** * To prevent concurrent updates from overwriting each other, always provide * the `etag` when you update a FrameworkDeployment. You can also * provide the `etag` when you delete a FrameworkDeployment, to help * ensure that you're deleting the intended version of the * FrameworkDeployment. */ readonly etag: pulumi.Output<string>; /** * FrameworkReference contains the reference of a framework. * Structure is documented below. */ readonly framework: pulumi.Output<outputs.cloudsecuritycompliance.FrameworkDeploymentFramework>; /** * User provided identifier. It should be unique in scope of a parent. * This is optional and if not provided, a random UUID will be generated. */ readonly frameworkDeploymentId: pulumi.Output<string>; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ readonly location: pulumi.Output<string>; /** * Identifier. FrameworkDeployment name in the following format: * organizations/{organization}/locations/{location}/frameworkDeployments/{framework_deployment_id} */ readonly name: pulumi.Output<string>; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ readonly organization: pulumi.Output<string>; /** * TargetResourceConfig contains either the name of the targetResource or * contains the config to create a new target_resource. * Structure is documented below. */ readonly targetResourceConfig: pulumi.Output<outputs.cloudsecuritycompliance.FrameworkDeploymentTargetResourceConfig>; /** * The display name of the target resource. */ readonly targetResourceDisplayName: pulumi.Output<string>; /** * The time at which the resource last updated. */ readonly updateTime: pulumi.Output<string>; /** * Create a FrameworkDeployment resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: FrameworkDeploymentArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering FrameworkDeployment resources. */ export interface FrameworkDeploymentState { /** * The references to the cloud control deployments. It has all the * CloudControlDeployments which are either directly added in the framework or * through a CloudControlGroup. * Example: If a framework deployment deploys two * cloud controls, cc-deployment-1 and cc-deployment-2, then the * cloudControlDeploymentReferences will be: * { * cloud_control_deployment_reference: { * cloud_control_deployment: * "organizations/{organization}/locations/{location}/cloudControlDeployments/cc-deployment-1" * }, * cloud_control_deployment_reference: { * cloud_control_deployment: * "organizations/{organization}/locations/{location}/cloudControlDeployments/cc-deployment-2" * } * Structure is documented below. */ cloudControlDeploymentReferences?: pulumi.Input<pulumi.Input<inputs.cloudsecuritycompliance.FrameworkDeploymentCloudControlDeploymentReference>[] | undefined>; /** * Deployment mode and parameters for each of the Cloud Controls in * the framework. Every Cloud Control in the framework must have a * CloudControlMetadata. * Structure is documented below. */ cloudControlMetadatas?: pulumi.Input<pulumi.Input<inputs.cloudsecuritycompliance.FrameworkDeploymentCloudControlMetadata>[] | undefined>; /** * The resource on which the Framework is deployed based on the provided * TargetResourceConfig in the following format: * organizations/{organization}, folders/{folder} or projects/{project} */ computedTargetResource?: pulumi.Input<string | undefined>; /** * The time at which the resource was created. */ createTime?: pulumi.Input<string | undefined>; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input<string | undefined>; /** * The deployment state of the framework. * Possible values: * DEPLOYMENT_STATE_VALIDATING * DEPLOYMENT_STATE_CREATING * DEPLOYMENT_STATE_DELETING * DEPLOYMENT_STATE_FAILED * DEPLOYMENT_STATE_READY * DEPLOYMENT_STATE_PARTIALLY_DEPLOYED * DEPLOYMENT_STATE_PARTIALLY_DELETED */ deploymentState?: pulumi.Input<string | undefined>; /** * User provided description of the Framework deployment */ description?: pulumi.Input<string | undefined>; /** * To prevent concurrent updates from overwriting each other, always provide * the `etag` when you update a FrameworkDeployment. You can also * provide the `etag` when you delete a FrameworkDeployment, to help * ensure that you're deleting the intended version of the * FrameworkDeployment. */ etag?: pulumi.Input<string | undefined>; /** * FrameworkReference contains the reference of a framework. * Structure is documented below. */ framework?: pulumi.Input<inputs.cloudsecuritycompliance.FrameworkDeploymentFramework | undefined>; /** * User provided identifier. It should be unique in scope of a parent. * This is optional and if not provided, a random UUID will be generated. */ frameworkDeploymentId?: pulumi.Input<string | undefined>; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ location?: pulumi.Input<string | undefined>; /** * Identifier. FrameworkDeployment name in the following format: * organizations/{organization}/locations/{location}/frameworkDeployments/{framework_deployment_id} */ name?: pulumi.Input<string | undefined>; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ organization?: pulumi.Input<string | undefined>; /** * TargetResourceConfig contains either the name of the targetResource or * contains the config to create a new target_resource. * Structure is documented below. */ targetResourceConfig?: pulumi.Input<inputs.cloudsecuritycompliance.FrameworkDeploymentTargetResourceConfig | undefined>; /** * The display name of the target resource. */ targetResourceDisplayName?: pulumi.Input<string | undefined>; /** * The time at which the resource last updated. */ updateTime?: pulumi.Input<string | undefined>; } /** * The set of arguments for constructing a FrameworkDeployment resource. */ export interface FrameworkDeploymentArgs { /** * Deployment mode and parameters for each of the Cloud Controls in * the framework. Every Cloud Control in the framework must have a * CloudControlMetadata. * Structure is documented below. */ cloudControlMetadatas: pulumi.Input<pulumi.Input<inputs.cloudsecuritycompliance.FrameworkDeploymentCloudControlMetadata>[]>; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input<string | undefined>; /** * User provided description of the Framework deployment */ description?: pulumi.Input<string | undefined>; /** * FrameworkReference contains the reference of a framework. * Structure is documented below. */ framework: pulumi.Input<inputs.cloudsecuritycompliance.FrameworkDeploymentFramework>; /** * User provided identifier. It should be unique in scope of a parent. * This is optional and if not provided, a random UUID will be generated. */ frameworkDeploymentId: pulumi.Input<string>; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ location: pulumi.Input<string>; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ organization: pulumi.Input<string>; /** * TargetResourceConfig contains either the name of the targetResource or * contains the config to create a new target_resource. * Structure is documented below. */ targetResourceConfig: pulumi.Input<inputs.cloudsecuritycompliance.FrameworkDeploymentTargetResourceConfig>; } //# sourceMappingURL=frameworkDeployment.d.ts.map