@pulumi/gcp
Version:
A Pulumi package for creating and managing Google Cloud Platform resources.
647 lines • 28.4 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
/**
* Gateway represents the configuration for a proxy, typically a load balancer.
* It captures the ip:port over which the services are exposed by the proxy,
* along with any policy configurations. Routes have reference to to Gateways
* to dictate how requests should be routed by this Gateway.
*
* To get more information about Gateway, see:
*
* * [API documentation](https://cloud.google.com/traffic-director/docs/reference/network-services/rest/v1/projects.locations.gateways)
*
* ## Example Usage
*
* ### Network Services Gateway Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const _default = new gcp.networkservices.Gateway("default", {
* name: "my-gateway",
* scope: "default-scope-basic",
* type: "OPEN_MESH",
* ports: [443],
* });
* ```
* ### Network Services Gateway Advanced
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const _default = new gcp.networkservices.Gateway("default", {
* name: "my-gateway",
* labels: {
* foo: "bar",
* },
* description: "my description",
* type: "OPEN_MESH",
* ports: [443],
* scope: "default-scope-advance",
* });
* ```
* ### Network Services Gateway Secure Web Proxy
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
*
* const _default = new gcp.certificatemanager.Certificate("default", {
* name: "my-certificate",
* location: "us-central1",
* selfManaged: {
* pemCertificate: std.file({
* input: "test-fixtures/cert.pem",
* }).then(invoke => invoke.result),
* pemPrivateKey: std.file({
* input: "test-fixtures/private-key.pem",
* }).then(invoke => invoke.result),
* },
* });
* const defaultNetwork = new gcp.compute.Network("default", {
* name: "my-network",
* routingMode: "REGIONAL",
* autoCreateSubnetworks: false,
* });
* const defaultSubnetwork = new gcp.compute.Subnetwork("default", {
* name: "my-subnetwork-name",
* purpose: "PRIVATE",
* ipCidrRange: "10.128.0.0/20",
* region: "us-central1",
* network: defaultNetwork.id,
* role: "ACTIVE",
* });
* const proxyonlysubnet = new gcp.compute.Subnetwork("proxyonlysubnet", {
* name: "my-proxy-only-subnetwork",
* purpose: "REGIONAL_MANAGED_PROXY",
* ipCidrRange: "192.168.0.0/23",
* region: "us-central1",
* network: defaultNetwork.id,
* role: "ACTIVE",
* });
* const defaultGatewaySecurityPolicy = new gcp.networksecurity.GatewaySecurityPolicy("default", {
* name: "my-policy-name",
* location: "us-central1",
* });
* const defaultGatewaySecurityPolicyRule = new gcp.networksecurity.GatewaySecurityPolicyRule("default", {
* name: "my-policyrule-name",
* location: "us-central1",
* gatewaySecurityPolicy: defaultGatewaySecurityPolicy.name,
* enabled: true,
* priority: 1,
* sessionMatcher: "host() == 'example.com'",
* basicProfile: "ALLOW",
* });
* const defaultGateway = new gcp.networkservices.Gateway("default", {
* name: "my-gateway1",
* location: "us-central1",
* addresses: ["10.128.0.99"],
* type: "SECURE_WEB_GATEWAY",
* ports: [443],
* scope: "my-default-scope1",
* certificateUrls: [_default.id],
* gatewaySecurityPolicy: defaultGatewaySecurityPolicy.id,
* network: defaultNetwork.id,
* subnetwork: defaultSubnetwork.id,
* deleteSwgAutogenRouterOnDestroy: true,
* }, {
* dependsOn: [proxyonlysubnet],
* });
* ```
* ### Network Services Gateway Multiple Swp Same Network
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
*
* const _default = new gcp.certificatemanager.Certificate("default", {
* name: "my-certificate",
* location: "us-south1",
* selfManaged: {
* pemCertificate: std.file({
* input: "test-fixtures/cert.pem",
* }).then(invoke => invoke.result),
* pemPrivateKey: std.file({
* input: "test-fixtures/private-key.pem",
* }).then(invoke => invoke.result),
* },
* });
* const defaultNetwork = new gcp.compute.Network("default", {
* name: "my-network",
* routingMode: "REGIONAL",
* autoCreateSubnetworks: false,
* });
* const defaultSubnetwork = new gcp.compute.Subnetwork("default", {
* name: "my-subnetwork-name",
* purpose: "PRIVATE",
* ipCidrRange: "10.128.0.0/20",
* region: "us-south1",
* network: defaultNetwork.id,
* role: "ACTIVE",
* });
* const proxyonlysubnet = new gcp.compute.Subnetwork("proxyonlysubnet", {
* name: "my-proxy-only-subnetwork",
* purpose: "REGIONAL_MANAGED_PROXY",
* ipCidrRange: "192.168.0.0/23",
* region: "us-south1",
* network: defaultNetwork.id,
* role: "ACTIVE",
* });
* const defaultGatewaySecurityPolicy = new gcp.networksecurity.GatewaySecurityPolicy("default", {
* name: "my-policy-name",
* location: "us-south1",
* });
* const defaultGatewaySecurityPolicyRule = new gcp.networksecurity.GatewaySecurityPolicyRule("default", {
* name: "my-policyrule-name",
* location: "us-south1",
* gatewaySecurityPolicy: defaultGatewaySecurityPolicy.name,
* enabled: true,
* priority: 1,
* sessionMatcher: "host() == 'example.com'",
* basicProfile: "ALLOW",
* });
* const defaultGateway = new gcp.networkservices.Gateway("default", {
* name: "my-gateway1",
* location: "us-south1",
* addresses: ["10.128.0.99"],
* type: "SECURE_WEB_GATEWAY",
* ports: [443],
* scope: "my-default-scope1",
* certificateUrls: [_default.id],
* gatewaySecurityPolicy: defaultGatewaySecurityPolicy.id,
* network: defaultNetwork.id,
* subnetwork: defaultSubnetwork.id,
* deleteSwgAutogenRouterOnDestroy: true,
* }, {
* dependsOn: [proxyonlysubnet],
* });
* const gateway2 = new gcp.networkservices.Gateway("gateway2", {
* name: "my-gateway2",
* location: "us-south1",
* addresses: ["10.128.0.98"],
* type: "SECURE_WEB_GATEWAY",
* ports: [443],
* scope: "my-default-scope2",
* certificateUrls: [_default.id],
* gatewaySecurityPolicy: defaultGatewaySecurityPolicy.id,
* network: defaultNetwork.id,
* subnetwork: defaultSubnetwork.id,
* deleteSwgAutogenRouterOnDestroy: true,
* }, {
* dependsOn: [proxyonlysubnet],
* });
* ```
*
* ## Import
*
* Gateway can be imported using any of these accepted formats:
*
* * `projects/{{project}}/locations/{{location}}/gateways/{{name}}`
* * `{{project}}/{{location}}/{{name}}`
* * `{{location}}/{{name}}`
*
* When using the `pulumi import` command, Gateway can be imported using one of the formats above. For example:
*
* ```sh
* $ pulumi import gcp:networkservices/gateway:Gateway default projects/{{project}}/locations/{{location}}/gateways/{{name}}
* $ pulumi import gcp:networkservices/gateway:Gateway default {{project}}/{{location}}/{{name}}
* $ pulumi import gcp:networkservices/gateway:Gateway default {{location}}/{{name}}
* ```
*/
export declare class Gateway extends pulumi.CustomResource {
/**
* Get an existing Gateway resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GatewayState, opts?: pulumi.CustomResourceOptions): Gateway;
/**
* Returns true if the given object is an instance of Gateway. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Gateway;
/**
* Zero or one IPv4 or IPv6 address on which the Gateway will receive the traffic.
* When no address is provided, an IP from the subnetwork is allocated.
* This field only applies to gateways of type 'SECURE_WEB_GATEWAY'.
* Gateways of type 'OPEN_MESH' listen on 0.0.0.0 for IPv4 and :: for IPv6.
*/
readonly addresses: pulumi.Output<string[]>;
/**
* Configures this gateway to listen on all ports.
* By enabling the wildcard ports feature on your Secure Web Proxy Gateway,
* it will accept traffic destined for any port (1-65535) on its assigned IP address.
* This field is configurable only for gateways of type SECURE_WEB_GATEWAY.
*/
readonly allPorts: pulumi.Output<boolean | undefined>;
/**
* A fully-qualified Certificates URL reference. The proxy presents a Certificate (selected based on SNI) when establishing a TLS connection.
* This feature only applies to gateways of type 'SECURE_WEB_GATEWAY'.
*/
readonly certificateUrls: pulumi.Output<string[] | undefined>;
/**
* The timestamp when the resource was created.
*/
readonly createTime: pulumi.Output<string>;
/**
* When deleting a gateway of type 'SECURE_WEB_GATEWAY', this boolean option will also delete auto generated router by the gateway creation.
* If there is no other gateway of type 'SECURE_WEB_GATEWAY' remaining for that region and network it will be deleted.
*/
readonly deleteSwgAutogenRouterOnDestroy: pulumi.Output<boolean | undefined>;
/**
* Whether Terraform will be prevented from destroying the resource. Defaults to DELETE.
* When a 'terraform destroy' or 'pulumi up' would delete the resource,
* the command will fail if this field is set to "PREVENT" in Terraform state.
* When set to "ABANDON", the command will remove the resource from Terraform
* management without updating or deleting the resource in the API.
* When set to "DELETE", deleting the resource is allowed.
*/
readonly deletionPolicy: pulumi.Output<string>;
/**
* A free-text description of the resource. Max length 1024 characters.
*/
readonly description: pulumi.Output<string | undefined>;
/**
* All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
*/
readonly effectiveLabels: pulumi.Output<{
[key: string]: string;
}>;
/**
* Determines if envoy will insert internal debug headers into upstream requests.
* Other Envoy headers may still be injected.
* By default, envoy will not insert any debug headers.
* Possible values are: `NONE`, `DEBUG_HEADERS`.
*/
readonly envoyHeaders: pulumi.Output<string | undefined>;
/**
* A fully-qualified GatewaySecurityPolicy URL reference. Defines how a server should apply security policy to inbound (VM to Proxy) initiated connections.
* For example: 'projects/*/locations/*/gatewaySecurityPolicies/swg-policy'.
* This policy is specific to gateways of type 'SECURE_WEB_GATEWAY'.
*/
readonly gatewaySecurityPolicy: pulumi.Output<string | undefined>;
/**
* The IP Version that will be used by this gateway.
* Possible values are: `IPV4`, `IPV6`.
*/
readonly ipVersion: pulumi.Output<string | undefined>;
/**
* Set of label tags associated with the Gateway resource.
*
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effectiveLabels` for all of the labels present on the resource.
*/
readonly labels: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* The location of the gateway.
* The default value is `global`.
*/
readonly location: pulumi.Output<string | undefined>;
/**
* Name of the Gateway resource.
*/
readonly name: pulumi.Output<string>;
/**
* The relative resource name identifying the VPC network that is using this configuration.
* For example: 'projects/*/global/networks/network-1'.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY'.
*/
readonly network: pulumi.Output<string | undefined>;
/**
* One or more port numbers (1-65535), on which the Gateway will receive traffic.
* The proxy binds to the specified ports.
* Gateways of type 'OPEN_MESH' listen on 0.0.0.0 for IPv4 and :: for IPv6 and support multiple ports.
*/
readonly ports: pulumi.Output<number[] | undefined>;
/**
* The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
readonly project: pulumi.Output<string>;
/**
* The combination of labels configured directly on the resource
* and default labels configured on the provider.
*/
readonly pulumiLabels: pulumi.Output<{
[key: string]: string;
}>;
/**
* The routing mode of the Gateway. This field is configurable only for gateways of type SECURE_WEB_GATEWAY. This field is required for gateways of type SECURE_WEB_GATEWAY.
* Possible values are: `NEXT_HOP_ROUTING_MODE`, `EXPLICIT_ROUTING_MODE`.
*/
readonly routingMode: pulumi.Output<string | undefined>;
/**
* Immutable. Scope determines how configuration across multiple Gateway instances are merged.
* The configuration for multiple Gateway instances with the same scope will be merged as presented as a single coniguration to the proxy/load balancer.
* Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens.
*/
readonly scope: pulumi.Output<string | undefined>;
/**
* Server-defined URL of this resource.
*/
readonly selfLink: pulumi.Output<string>;
/**
* A fully-qualified ServerTLSPolicy URL reference. Specifies how TLS traffic is terminated. If empty, TLS termination is disabled.
*/
readonly serverTlsPolicy: pulumi.Output<string | undefined>;
/**
* The relative resource name identifying the subnetwork in which this SWG is allocated.
* For example: projects/*/regions/us-central1/subnetworks/network-1.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY'.
*/
readonly subnetwork: pulumi.Output<string | undefined>;
/**
* Immutable. The type of the customer managed gateway.
* Possible values are: `OPEN_MESH`, `SECURE_WEB_GATEWAY`.
*/
readonly type: pulumi.Output<string>;
/**
* The timestamp when the resource was updated.
*/
readonly updateTime: pulumi.Output<string>;
/**
* Create a Gateway resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: GatewayArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Gateway resources.
*/
export interface GatewayState {
/**
* Zero or one IPv4 or IPv6 address on which the Gateway will receive the traffic.
* When no address is provided, an IP from the subnetwork is allocated.
* This field only applies to gateways of type 'SECURE_WEB_GATEWAY'.
* Gateways of type 'OPEN_MESH' listen on 0.0.0.0 for IPv4 and :: for IPv6.
*/
addresses?: pulumi.Input<pulumi.Input<string>[] | undefined>;
/**
* Configures this gateway to listen on all ports.
* By enabling the wildcard ports feature on your Secure Web Proxy Gateway,
* it will accept traffic destined for any port (1-65535) on its assigned IP address.
* This field is configurable only for gateways of type SECURE_WEB_GATEWAY.
*/
allPorts?: pulumi.Input<boolean | undefined>;
/**
* A fully-qualified Certificates URL reference. The proxy presents a Certificate (selected based on SNI) when establishing a TLS connection.
* This feature only applies to gateways of type 'SECURE_WEB_GATEWAY'.
*/
certificateUrls?: pulumi.Input<pulumi.Input<string>[] | undefined>;
/**
* The timestamp when the resource was created.
*/
createTime?: pulumi.Input<string | undefined>;
/**
* When deleting a gateway of type 'SECURE_WEB_GATEWAY', this boolean option will also delete auto generated router by the gateway creation.
* If there is no other gateway of type 'SECURE_WEB_GATEWAY' remaining for that region and network it will be deleted.
*/
deleteSwgAutogenRouterOnDestroy?: pulumi.Input<boolean | undefined>;
/**
* Whether Terraform will be prevented from destroying the resource. Defaults to DELETE.
* When a 'terraform destroy' or 'pulumi up' would delete the resource,
* the command will fail if this field is set to "PREVENT" in Terraform state.
* When set to "ABANDON", the command will remove the resource from Terraform
* management without updating or deleting the resource in the API.
* When set to "DELETE", deleting the resource is allowed.
*/
deletionPolicy?: pulumi.Input<string | undefined>;
/**
* A free-text description of the resource. Max length 1024 characters.
*/
description?: pulumi.Input<string | undefined>;
/**
* All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
*/
effectiveLabels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
} | undefined>;
/**
* Determines if envoy will insert internal debug headers into upstream requests.
* Other Envoy headers may still be injected.
* By default, envoy will not insert any debug headers.
* Possible values are: `NONE`, `DEBUG_HEADERS`.
*/
envoyHeaders?: pulumi.Input<string | undefined>;
/**
* A fully-qualified GatewaySecurityPolicy URL reference. Defines how a server should apply security policy to inbound (VM to Proxy) initiated connections.
* For example: 'projects/*/locations/*/gatewaySecurityPolicies/swg-policy'.
* This policy is specific to gateways of type 'SECURE_WEB_GATEWAY'.
*/
gatewaySecurityPolicy?: pulumi.Input<string | undefined>;
/**
* The IP Version that will be used by this gateway.
* Possible values are: `IPV4`, `IPV6`.
*/
ipVersion?: pulumi.Input<string | undefined>;
/**
* Set of label tags associated with the Gateway resource.
*
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effectiveLabels` for all of the labels present on the resource.
*/
labels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
} | undefined>;
/**
* The location of the gateway.
* The default value is `global`.
*/
location?: pulumi.Input<string | undefined>;
/**
* Name of the Gateway resource.
*/
name?: pulumi.Input<string | undefined>;
/**
* The relative resource name identifying the VPC network that is using this configuration.
* For example: 'projects/*/global/networks/network-1'.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY'.
*/
network?: pulumi.Input<string | undefined>;
/**
* One or more port numbers (1-65535), on which the Gateway will receive traffic.
* The proxy binds to the specified ports.
* Gateways of type 'OPEN_MESH' listen on 0.0.0.0 for IPv4 and :: for IPv6 and support multiple ports.
*/
ports?: pulumi.Input<pulumi.Input<number>[] | undefined>;
/**
* The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
project?: pulumi.Input<string | undefined>;
/**
* The combination of labels configured directly on the resource
* and default labels configured on the provider.
*/
pulumiLabels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
} | undefined>;
/**
* The routing mode of the Gateway. This field is configurable only for gateways of type SECURE_WEB_GATEWAY. This field is required for gateways of type SECURE_WEB_GATEWAY.
* Possible values are: `NEXT_HOP_ROUTING_MODE`, `EXPLICIT_ROUTING_MODE`.
*/
routingMode?: pulumi.Input<string | undefined>;
/**
* Immutable. Scope determines how configuration across multiple Gateway instances are merged.
* The configuration for multiple Gateway instances with the same scope will be merged as presented as a single coniguration to the proxy/load balancer.
* Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens.
*/
scope?: pulumi.Input<string | undefined>;
/**
* Server-defined URL of this resource.
*/
selfLink?: pulumi.Input<string | undefined>;
/**
* A fully-qualified ServerTLSPolicy URL reference. Specifies how TLS traffic is terminated. If empty, TLS termination is disabled.
*/
serverTlsPolicy?: pulumi.Input<string | undefined>;
/**
* The relative resource name identifying the subnetwork in which this SWG is allocated.
* For example: projects/*/regions/us-central1/subnetworks/network-1.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY'.
*/
subnetwork?: pulumi.Input<string | undefined>;
/**
* Immutable. The type of the customer managed gateway.
* Possible values are: `OPEN_MESH`, `SECURE_WEB_GATEWAY`.
*/
type?: pulumi.Input<string | undefined>;
/**
* The timestamp when the resource was updated.
*/
updateTime?: pulumi.Input<string | undefined>;
}
/**
* The set of arguments for constructing a Gateway resource.
*/
export interface GatewayArgs {
/**
* Zero or one IPv4 or IPv6 address on which the Gateway will receive the traffic.
* When no address is provided, an IP from the subnetwork is allocated.
* This field only applies to gateways of type 'SECURE_WEB_GATEWAY'.
* Gateways of type 'OPEN_MESH' listen on 0.0.0.0 for IPv4 and :: for IPv6.
*/
addresses?: pulumi.Input<pulumi.Input<string>[] | undefined>;
/**
* Configures this gateway to listen on all ports.
* By enabling the wildcard ports feature on your Secure Web Proxy Gateway,
* it will accept traffic destined for any port (1-65535) on its assigned IP address.
* This field is configurable only for gateways of type SECURE_WEB_GATEWAY.
*/
allPorts?: pulumi.Input<boolean | undefined>;
/**
* A fully-qualified Certificates URL reference. The proxy presents a Certificate (selected based on SNI) when establishing a TLS connection.
* This feature only applies to gateways of type 'SECURE_WEB_GATEWAY'.
*/
certificateUrls?: pulumi.Input<pulumi.Input<string>[] | undefined>;
/**
* When deleting a gateway of type 'SECURE_WEB_GATEWAY', this boolean option will also delete auto generated router by the gateway creation.
* If there is no other gateway of type 'SECURE_WEB_GATEWAY' remaining for that region and network it will be deleted.
*/
deleteSwgAutogenRouterOnDestroy?: pulumi.Input<boolean | undefined>;
/**
* Whether Terraform will be prevented from destroying the resource. Defaults to DELETE.
* When a 'terraform destroy' or 'pulumi up' would delete the resource,
* the command will fail if this field is set to "PREVENT" in Terraform state.
* When set to "ABANDON", the command will remove the resource from Terraform
* management without updating or deleting the resource in the API.
* When set to "DELETE", deleting the resource is allowed.
*/
deletionPolicy?: pulumi.Input<string | undefined>;
/**
* A free-text description of the resource. Max length 1024 characters.
*/
description?: pulumi.Input<string | undefined>;
/**
* Determines if envoy will insert internal debug headers into upstream requests.
* Other Envoy headers may still be injected.
* By default, envoy will not insert any debug headers.
* Possible values are: `NONE`, `DEBUG_HEADERS`.
*/
envoyHeaders?: pulumi.Input<string | undefined>;
/**
* A fully-qualified GatewaySecurityPolicy URL reference. Defines how a server should apply security policy to inbound (VM to Proxy) initiated connections.
* For example: 'projects/*/locations/*/gatewaySecurityPolicies/swg-policy'.
* This policy is specific to gateways of type 'SECURE_WEB_GATEWAY'.
*/
gatewaySecurityPolicy?: pulumi.Input<string | undefined>;
/**
* The IP Version that will be used by this gateway.
* Possible values are: `IPV4`, `IPV6`.
*/
ipVersion?: pulumi.Input<string | undefined>;
/**
* Set of label tags associated with the Gateway resource.
*
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effectiveLabels` for all of the labels present on the resource.
*/
labels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
} | undefined>;
/**
* The location of the gateway.
* The default value is `global`.
*/
location?: pulumi.Input<string | undefined>;
/**
* Name of the Gateway resource.
*/
name?: pulumi.Input<string | undefined>;
/**
* The relative resource name identifying the VPC network that is using this configuration.
* For example: 'projects/*/global/networks/network-1'.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY'.
*/
network?: pulumi.Input<string | undefined>;
/**
* One or more port numbers (1-65535), on which the Gateway will receive traffic.
* The proxy binds to the specified ports.
* Gateways of type 'OPEN_MESH' listen on 0.0.0.0 for IPv4 and :: for IPv6 and support multiple ports.
*/
ports?: pulumi.Input<pulumi.Input<number>[] | undefined>;
/**
* The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
project?: pulumi.Input<string | undefined>;
/**
* The routing mode of the Gateway. This field is configurable only for gateways of type SECURE_WEB_GATEWAY. This field is required for gateways of type SECURE_WEB_GATEWAY.
* Possible values are: `NEXT_HOP_ROUTING_MODE`, `EXPLICIT_ROUTING_MODE`.
*/
routingMode?: pulumi.Input<string | undefined>;
/**
* Immutable. Scope determines how configuration across multiple Gateway instances are merged.
* The configuration for multiple Gateway instances with the same scope will be merged as presented as a single coniguration to the proxy/load balancer.
* Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens.
*/
scope?: pulumi.Input<string | undefined>;
/**
* A fully-qualified ServerTLSPolicy URL reference. Specifies how TLS traffic is terminated. If empty, TLS termination is disabled.
*/
serverTlsPolicy?: pulumi.Input<string | undefined>;
/**
* The relative resource name identifying the subnetwork in which this SWG is allocated.
* For example: projects/*/regions/us-central1/subnetworks/network-1.
* Currently, this field is specific to gateways of type 'SECURE_WEB_GATEWAY'.
*/
subnetwork?: pulumi.Input<string | undefined>;
/**
* Immutable. The type of the customer managed gateway.
* Possible values are: `OPEN_MESH`, `SECURE_WEB_GATEWAY`.
*/
type: pulumi.Input<string>;
}
//# sourceMappingURL=gateway.d.ts.map