@twingate/pulumi-twingate
Version:
A Pulumi package for creating and managing Twingate cloud resources.
226 lines (225 loc) • 8.48 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "./types/input";
import * as outputs from "./types/output";
/**
* SSH Resources are Twingate resources accessed via a Gateway.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as std from "@pulumi/std";
* import * as twingate from "@twingate/pulumi-twingate";
*
* const prod = new twingate.TwingateRemoteNetwork("prod", {name: "Production Network"});
* const tls = new twingate.TwingateX509CertificateAuthority("tls", {
* name: "My TLS CA",
* certificate: std.file({
* input: "ca.pem",
* }).then(invoke => invoke.result),
* });
* const ssh = new twingate.TwingateSSHCertificateAuthority("ssh", {
* name: "My SSH CA",
* publicKey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIr+Aj3O8csUrFRNWS7wViafil3rMlZ0glQ/OZ0CjCti",
* });
* const main = new twingate.TwingateGateway("main", {
* remoteNetworkId: prod.id,
* address: "10.0.0.1:8443",
* x509CaId: tls.id,
* sshCaId: ssh.id,
* });
* const sshServer = new twingate.TwingateSSHResource("ssh_server", {
* name: "SSH Server",
* gatewayId: main.id,
* alias: "test.int",
* remoteNetworkId: prod.id,
* address: "10.128.0.105",
* username: "ubuntu",
* });
* ```
*/
export declare class TwingateSSHResource extends pulumi.CustomResource {
/**
* Get an existing TwingateSSHResource resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: TwingateSSHResourceState, opts?: pulumi.CustomResourceOptions): TwingateSSHResource;
/**
* Returns true if the given object is an instance of TwingateSSHResource. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is TwingateSSHResource;
/**
* Restrict access to certain group
*/
readonly accessGroups: pulumi.Output<outputs.TwingateSSHResourceAccessGroup[] | undefined>;
/**
* Restrict access according to JIT access policy
*/
readonly accessPolicies: pulumi.Output<outputs.TwingateSSHResourceAccessPolicy[] | undefined>;
/**
* The address of the SSH Resource (IP or FQDN).
*/
readonly address: pulumi.Output<string>;
/**
* Set a DNS alias address for the Resource. Must be a DNS-valid name string.
*/
readonly alias: pulumi.Output<string | undefined>;
/**
* The ID of the Gateway used to access this SSH Resource.
*/
readonly gatewayId: pulumi.Output<string>;
/**
* Controls whether this Resource will be visible in the main Resource list in the Twingate Client. Default is `true`.
*/
readonly isVisible: pulumi.Output<boolean>;
/**
* The name of the SSH Resource.
*/
readonly name: pulumi.Output<string>;
/**
* Restrict access to certain protocols and ports. By default or when this argument is not defined, there is no restriction, and all protocols and ports are allowed.
*/
readonly protocols: pulumi.Output<outputs.TwingateSSHResourceProtocols>;
/**
* The ID of the Remote Network the SSH Resource belongs to.
*/
readonly remoteNetworkId: pulumi.Output<string>;
/**
* The ID of a `twingate.getTwingateSecurityPolicy` to set as this Resource's Security Policy. Default is 'Null' which points to `Default Policy` on Admin console.
*/
readonly securityPolicyId: pulumi.Output<string>;
/**
* A map of key-value pair tags to set on this resource.
*/
readonly tags: pulumi.Output<{
[key: string]: string;
}>;
/**
* The username to use when connecting to the SSH Resource.
*/
readonly username: pulumi.Output<string | undefined>;
/**
* Create a TwingateSSHResource resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: TwingateSSHResourceArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering TwingateSSHResource resources.
*/
export interface TwingateSSHResourceState {
/**
* Restrict access to certain group
*/
accessGroups?: pulumi.Input<pulumi.Input<inputs.TwingateSSHResourceAccessGroup>[]>;
/**
* Restrict access according to JIT access policy
*/
accessPolicies?: pulumi.Input<pulumi.Input<inputs.TwingateSSHResourceAccessPolicy>[]>;
/**
* The address of the SSH Resource (IP or FQDN).
*/
address?: pulumi.Input<string>;
/**
* Set a DNS alias address for the Resource. Must be a DNS-valid name string.
*/
alias?: pulumi.Input<string>;
/**
* The ID of the Gateway used to access this SSH Resource.
*/
gatewayId?: pulumi.Input<string>;
/**
* Controls whether this Resource will be visible in the main Resource list in the Twingate Client. Default is `true`.
*/
isVisible?: pulumi.Input<boolean>;
/**
* The name of the SSH Resource.
*/
name?: pulumi.Input<string>;
/**
* Restrict access to certain protocols and ports. By default or when this argument is not defined, there is no restriction, and all protocols and ports are allowed.
*/
protocols?: pulumi.Input<inputs.TwingateSSHResourceProtocols>;
/**
* The ID of the Remote Network the SSH Resource belongs to.
*/
remoteNetworkId?: pulumi.Input<string>;
/**
* The ID of a `twingate.getTwingateSecurityPolicy` to set as this Resource's Security Policy. Default is 'Null' which points to `Default Policy` on Admin console.
*/
securityPolicyId?: pulumi.Input<string>;
/**
* A map of key-value pair tags to set on this resource.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* The username to use when connecting to the SSH Resource.
*/
username?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a TwingateSSHResource resource.
*/
export interface TwingateSSHResourceArgs {
/**
* Restrict access to certain group
*/
accessGroups?: pulumi.Input<pulumi.Input<inputs.TwingateSSHResourceAccessGroup>[]>;
/**
* Restrict access according to JIT access policy
*/
accessPolicies?: pulumi.Input<pulumi.Input<inputs.TwingateSSHResourceAccessPolicy>[]>;
/**
* The address of the SSH Resource (IP or FQDN).
*/
address: pulumi.Input<string>;
/**
* Set a DNS alias address for the Resource. Must be a DNS-valid name string.
*/
alias?: pulumi.Input<string>;
/**
* The ID of the Gateway used to access this SSH Resource.
*/
gatewayId: pulumi.Input<string>;
/**
* Controls whether this Resource will be visible in the main Resource list in the Twingate Client. Default is `true`.
*/
isVisible?: pulumi.Input<boolean>;
/**
* The name of the SSH Resource.
*/
name?: pulumi.Input<string>;
/**
* Restrict access to certain protocols and ports. By default or when this argument is not defined, there is no restriction, and all protocols and ports are allowed.
*/
protocols?: pulumi.Input<inputs.TwingateSSHResourceProtocols>;
/**
* The ID of the Remote Network the SSH Resource belongs to.
*/
remoteNetworkId: pulumi.Input<string>;
/**
* The ID of a `twingate.getTwingateSecurityPolicy` to set as this Resource's Security Policy. Default is 'Null' which points to `Default Policy` on Admin console.
*/
securityPolicyId?: pulumi.Input<string>;
/**
* A map of key-value pair tags to set on this resource.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* The username to use when connecting to the SSH Resource.
*/
username?: pulumi.Input<string>;
}