@pulumi/gcp

import * as pulumi from "@pulumi/pulumi"; /** * An association for the OrganizationSecurityPolicy. * * To get more information about OrganizationSecurityPolicyAssociation, see: * * * [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/organizationSecurityPolicies/addAssociation) * * How-to Guides * * [Associating a policy with the organization or folder](https://cloud.google.com/vpc/docs/using-firewall-policies#associate) * * ## Example Usage * * ### Organization Security Policy Association Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const securityPolicyTarget = new gcp.organizations.Folder("security_policy_target", { * displayName: "tf-test-secpol", * parent: "organizations/123456789", * deletionProtection: false, * }); * const policy = new gcp.compute.OrganizationSecurityPolicy("policy", { * displayName: "tf-test", * parent: securityPolicyTarget.name, * type: "CLOUD_ARMOR", * }); * const policyOrganizationSecurityPolicyAssociation = new gcp.compute.OrganizationSecurityPolicyAssociation("policy", { * name: "tf-test", * attachmentId: policy.parent, * policyId: policy.id, * }); * ``` * ### Organization Security Policy Association Excluded * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const securityPolicyTarget = new gcp.organizations.Folder("security_policy_target", { * displayName: "tf-test-secpol-_72490", * parent: "organizations/123456789", * deletionProtection: false, * }); * const policy = new gcp.compute.OrganizationSecurityPolicy("policy", { * shortName: "tf-test_89605", * parent: securityPolicyTarget.name, * type: "CLOUD_ARMOR", * }); * const policyOrganizationSecurityPolicyAssociation = new gcp.compute.OrganizationSecurityPolicyAssociation("policy", { * name: "tf-test", * attachmentId: "organizations/123456789", * policyId: policy.id, * excludedProjects: [ * "projects/2000000002", * "projects/3000000003", * ], * excludedFolders: [ * "folders/4000000004", * "folders/5000000005", * ], * }); * ``` * * ## Import * * OrganizationSecurityPolicyAssociation can be imported using any of these accepted formats: * * * `{{policy_id}}/association/{{name}}` * * When using the `pulumi import` command, OrganizationSecurityPolicyAssociation can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:compute/organizationSecurityPolicyAssociation:OrganizationSecurityPolicyAssociation default {{policy_id}}/association/{{name}} * ``` */ export declare class OrganizationSecurityPolicyAssociation extends pulumi.CustomResource { /** * Get an existing OrganizationSecurityPolicyAssociation resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: OrganizationSecurityPolicyAssociationState, opts?: pulumi.CustomResourceOptions): OrganizationSecurityPolicyAssociation; /** * Returns true if the given object is an instance of OrganizationSecurityPolicyAssociation. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is OrganizationSecurityPolicyAssociation; /** * The resource that the security policy is attached to. */ readonly attachmentId: pulumi.Output<string>; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ readonly deletionPolicy: pulumi.Output<string>; /** * The display name of the security policy of the association. */ readonly displayName: pulumi.Output<string>; /** * A list of folders to exclude from the security policy. */ readonly excludedFolders: pulumi.Output<string[] | undefined>; /** * A list of projects to exclude from the security policy. */ readonly excludedProjects: pulumi.Output<string[] | undefined>; /** * The name for an association. */ readonly name: pulumi.Output<string>; /** * The security policy ID of the association. */ readonly policyId: pulumi.Output<string>; /** * Create a OrganizationSecurityPolicyAssociation resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: OrganizationSecurityPolicyAssociationArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering OrganizationSecurityPolicyAssociation resources. */ export interface OrganizationSecurityPolicyAssociationState { /** * The resource that the security policy is attached to. */ attachmentId?: pulumi.Input<string | undefined>; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input<string | undefined>; /** * The display name of the security policy of the association. */ displayName?: pulumi.Input<string | undefined>; /** * A list of folders to exclude from the security policy. */ excludedFolders?: pulumi.Input<pulumi.Input<string>[] | undefined>; /** * A list of projects to exclude from the security policy. */ excludedProjects?: pulumi.Input<pulumi.Input<string>[] | undefined>; /** * The name for an association. */ name?: pulumi.Input<string | undefined>; /** * The security policy ID of the association. */ policyId?: pulumi.Input<string | undefined>; } /** * The set of arguments for constructing a OrganizationSecurityPolicyAssociation resource. */ export interface OrganizationSecurityPolicyAssociationArgs { /** * The resource that the security policy is attached to. */ attachmentId: pulumi.Input<string>; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input<string | undefined>; /** * A list of folders to exclude from the security policy. */ excludedFolders?: pulumi.Input<pulumi.Input<string>[] | undefined>; /** * A list of projects to exclude from the security policy. */ excludedProjects?: pulumi.Input<pulumi.Input<string>[] | undefined>; /** * The name for an association. */ name?: pulumi.Input<string | undefined>; /** * The security policy ID of the association. */ policyId: pulumi.Input<string>; } //# sourceMappingURL=organizationSecurityPolicyAssociation.d.ts.map