@twingate/pulumi-twingate/types/output.d.ts

A Pulumi package for creating and managing Twingate cloud resources.

import * as outputs from "../types/output";
export interface GetTwingateConnectorsConnector {
    /**
     * The hostname of the machine hosting the Connector.
     */
    hostname: string;
    /**
     * The ID of the Connector.
     */
    id: string;
    /**
     * The Name of the Connector.
     */
    name: string;
    /**
     * The Connector's private IP addresses.
     */
    privateIps: string[];
    /**
     * The Connector's public IP address.
     */
    publicIp: string;
    /**
     * The ID of the Remote Network attached to the Connector.
     */
    remoteNetworkId: string;
    /**
     * The Connector's state. One of `ALIVE`, `DEAD_NO_HEARTBEAT`, `DEAD_HEARTBEAT_TOO_OLD` or `DEAD_NO_RELAYS`.
     */
    state: string;
    /**
     * Determines whether status notifications are enabled for the Connector.
     */
    statusUpdatesEnabled: boolean;
    /**
     * The Connector's version.
     */
    version: string;
}
export interface GetTwingateDNSFilteringProfileAllowedDomains {
    /**
     * A set of allowed domains.
     */
    domains: string[];
}
export interface GetTwingateDNSFilteringProfileContentCategories {
    /**
     * Whether to block adult content.
     */
    blockAdultContent: boolean;
    /**
     * Whether to block dating content.
     */
    blockDating: boolean;
    /**
     * Whether to block gambling content.
     */
    blockGambling: boolean;
    /**
     * Whether to block games.
     */
    blockGames: boolean;
    /**
     * Whether to block piracy sites.
     */
    blockPiracy: boolean;
    /**
     * Whether to block social media.
     */
    blockSocialMedia: boolean;
    /**
     * Whether to block streaming content.
     */
    blockStreaming: boolean;
    /**
     * Whether to force safe search.
     */
    enableSafesearch: boolean;
    /**
     * Whether to force YouTube to use restricted mode.
     */
    enableYoutubeRestrictedMode: boolean;
}
export interface GetTwingateDNSFilteringProfileDeniedDomains {
    /**
     * A set of denied domains.
     */
    domains: string[];
}
export interface GetTwingateDNSFilteringProfilePrivacyCategories {
    /**
     * Whether to block ads and trackers.
     */
    blockAdsAndTrackers: boolean;
    /**
     * Whether to block affiliate links.
     */
    blockAffiliateLinks: boolean;
    /**
     * Whether to block disguised third party trackers.
     */
    blockDisguisedTrackers: boolean;
}
export interface GetTwingateDNSFilteringProfileSecurityCategories {
    /**
     * Whether to block cryptojacking sites.
     */
    blockCryptojacking: boolean;
    /**
     * Blocks public DNS entries from returning private IP addresses.
     */
    blockDnsRebinding: boolean;
    /**
     * Blocks DGA domains.
     */
    blockDomainGenerationAlgorithms: boolean;
    /**
     * Whether to block homoglyph attacks.
     */
    blockIdnHomoglyph: boolean;
    /**
     * Blocks newly registered domains.
     */
    blockNewlyRegisteredDomains: boolean;
    /**
     * Block parked domains.
     */
    blockParkedDomains: boolean;
    /**
     * Blocks typosquatted domains.
     */
    blockTyposquatting: boolean;
    /**
     * Whether to use Google Safe browsing lists to block content.
     */
    enableGoogleSafeBrowsing: boolean;
    /**
     * Whether to filter content using threat intelligence feeds.
     */
    enableThreatIntelligenceFeeds: boolean;
}
export interface GetTwingateGroupsGroup {
    /**
     * The ID of the Group
     */
    id: string;
    /**
     * Indicates if the Group is active
     */
    isActive: boolean;
    /**
     * The name of the Group
     */
    name: string;
    /**
     * The type of the Group
     */
    type: string;
}
export interface GetTwingateRemoteNetworksRemoteNetwork {
    /**
     * The ID of the Remote Network.
     */
    id: string;
    /**
     * The location of the Remote Network. Must be one of the following: AWS, AZURE, GOOGLE*CLOUD, ON*PREMISE, OTHER.
     */
    location: string;
    /**
     * The name of the Remote Network.
     */
    name?: string;
    /**
     * The type of the Remote Network. Must be one of the following: REGULAR, EXIT.
     */
    type: string;
}
export interface GetTwingateResourceProtocols {
    /**
     * Whether to allow ICMP (ping) traffic
     */
    allowIcmp: boolean;
    tcp?: outputs.GetTwingateResourceProtocolsTcp;
    udp?: outputs.GetTwingateResourceProtocolsUdp;
}
export interface GetTwingateResourceProtocolsTcp {
    /**
     * Whether to allow or deny all ports, or restrict protocol access within certain port ranges: Can be `RESTRICTED` (only listed ports are allowed), `ALLOW_ALL`, or `DENY_ALL`
     */
    policy: string;
    /**
     * List of port ranges between 1 and 65535 inclusive, in the format `100-200` for a range, or `8080` for a single port
     */
    ports: string[];
}
export interface GetTwingateResourceProtocolsUdp {
    /**
     * Whether to allow or deny all ports, or restrict protocol access within certain port ranges: Can be `RESTRICTED` (only listed ports are allowed), `ALLOW_ALL`, or `DENY_ALL`
     */
    policy: string;
    /**
     * List of port ranges between 1 and 65535 inclusive, in the format `100-200` for a range, or `8080` for a single port
     */
    ports: string[];
}
export interface GetTwingateResourcesResource {
    /**
     * The Resource's IP/CIDR or FQDN/DNS zone
     */
    address: string;
    /**
     * The id of the Resource
     */
    id: string;
    /**
     * The name of the Resource
     */
    name: string;
    /**
     * Restrict access to certain protocols and ports. By default or when this argument is not defined, there is no restriction, and all protocols and ports are allowed.
     */
    protocols: outputs.GetTwingateResourcesResourceProtocols;
    /**
     * Remote Network ID where the Resource lives
     */
    remoteNetworkId: string;
    /**
     * The `tags` attribute consists of a key-value pairs that correspond with tags to be set on the resource.
     */
    tags: {
        [key: string]: string;
    };
}
export interface GetTwingateResourcesResourceProtocols {
    /**
     * Whether to allow ICMP (ping) traffic
     */
    allowIcmp: boolean;
    tcp: outputs.GetTwingateResourcesResourceProtocolsTcp;
    udp: outputs.GetTwingateResourcesResourceProtocolsUdp;
}
export interface GetTwingateResourcesResourceProtocolsTcp {
    /**
     * Whether to allow or deny all ports, or restrict protocol access within certain port ranges: Can be `RESTRICTED` (only listed ports are allowed), `ALLOW_ALL`, or `DENY_ALL`
     */
    policy: string;
    /**
     * List of port ranges between 1 and 65535 inclusive, in the format `100-200` for a range, or `8080` for a single port
     */
    ports: string[];
}
export interface GetTwingateResourcesResourceProtocolsUdp {
    /**
     * Whether to allow or deny all ports, or restrict protocol access within certain port ranges: Can be `RESTRICTED` (only listed ports are allowed), `ALLOW_ALL`, or `DENY_ALL`
     */
    policy: string;
    /**
     * List of port ranges between 1 and 65535 inclusive, in the format `100-200` for a range, or `8080` for a single port
     */
    ports: string[];
}
export interface GetTwingateSecurityPoliciesSecurityPolicy {
    /**
     * Return a matching Security Policy by its ID. The ID for the Security Policy can be obtained from the Admin API or the URL string in the Admin Console.
     */
    id: string;
    /**
     * Return a Security Policy that exactly matches this name.
     */
    name: string;
}
export interface GetTwingateServiceAccountsServiceAccount {
    /**
     * ID of the Service Account resource
     */
    id: string;
    /**
     * List of twingate*service*account_key IDs that are assigned to the Service Account.
     */
    keyIds: string[];
    /**
     * Name of the Service Account
     */
    name: string;
    /**
     * List of twingate.TwingateResource IDs that the Service Account is assigned to.
     */
    resourceIds: string[];
}
export interface GetTwingateUsersUser {
    /**
     * The email address of the User
     */
    email: string;
    /**
     * The first name of the User
     */
    firstName: string;
    /**
     * The ID of the User
     */
    id: string;
    /**
     * The last name of the User
     */
    lastName: string;
    /**
     * Indicates the User's role. Either ADMIN, DEVOPS, SUPPORT, MEMBER or ACCESS_REVIEWER.
     */
    role: string;
    /**
     * Indicates the User's type. Either MANUAL or SYNCED.
     */
    type: string;
}
export interface TwingateDNSFilteringProfileAllowedDomains {
    /**
     * A set of allowed domains. Defaults to an empty set.
     */
    domains: string[];
    /**
     * Whether Terraform should override changes made outside of Terraform. Defaults to true.
     */
    isAuthoritative: boolean;
}
export interface TwingateDNSFilteringProfileContentCategories {
    /**
     * Whether to block adult content. Defaults to false.
     */
    blockAdultContent: boolean;
    /**
     * Whether to block dating content. Defaults to false.
     */
    blockDating: boolean;
    /**
     * Whether to block gambling content. Defaults to false.
     */
    blockGambling: boolean;
    /**
     * Whether to block games. Defaults to false.
     */
    blockGames: boolean;
    /**
     * Whether to block piracy sites. Defaults to false.
     */
    blockPiracy: boolean;
    /**
     * Whether to block social media. Defaults to false.
     */
    blockSocialMedia: boolean;
    /**
     * Whether to block streaming content. Defaults to false.
     */
    blockStreaming: boolean;
    /**
     * Whether to force safe search. Defaults to false.
     */
    enableSafesearch: boolean;
    /**
     * Whether to force YouTube to use restricted mode. Defaults to false.
     */
    enableYoutubeRestrictedMode: boolean;
}
export interface TwingateDNSFilteringProfileDeniedDomains {
    /**
     * A set of denied domains. Defaults to an empty set.
     */
    domains: string[];
    /**
     * Whether Terraform should override changes made outside of Terraform. Defaults to true.
     */
    isAuthoritative: boolean;
}
export interface TwingateDNSFilteringProfilePrivacyCategories {
    /**
     * Whether to block ads and trackers. Defaults to false.
     */
    blockAdsAndTrackers: boolean;
    /**
     * Whether to block affiliate links. Defaults to false.
     */
    blockAffiliateLinks: boolean;
    /**
     * Whether to block disguised third party trackers. Defaults to false.
     */
    blockDisguisedTrackers: boolean;
}
export interface TwingateDNSFilteringProfileSecurityCategories {
    /**
     * Whether to block cryptojacking sites. Defaults to true.
     */
    blockCryptojacking: boolean;
    /**
     * Blocks public DNS entries from returning private IP addresses. Defaults to true.
     */
    blockDnsRebinding: boolean;
    /**
     * Blocks DGA domains. Defaults to true.
     */
    blockDomainGenerationAlgorithms: boolean;
    /**
     * Whether to block homoglyph attacks. Defaults to true.
     */
    blockIdnHomoglyph: boolean;
    /**
     * Blocks newly registered domains. Defaults to true.
     */
    blockNewlyRegisteredDomains: boolean;
    /**
     * Block parked domains. Defaults to true.
     */
    blockParkedDomains: boolean;
    /**
     * Blocks typosquatted domains. Defaults to true.
     */
    blockTyposquatting: boolean;
    /**
     * Whether to use Google Safe browsing lists to block content. Defaults to true.
     */
    enableGoogleSafeBrowsing: boolean;
    /**
     * Whether to filter content using threat intelligence feeds. Defaults to true.
     */
    enableThreatIntelligenceFeeds: boolean;
}
export interface TwingateGatewayConfigKubernetes {
    /**
     * List of Kubernetes resources. Accepts full twingate*kubernetes*resource references.
     */
    resources?: outputs.TwingateGatewayConfigKubernetesResource[];
}
export interface TwingateGatewayConfigKubernetesResource {
    address: string;
    inCluster: boolean;
    name: string;
}
export interface TwingateGatewayConfigSsh {
    /**
     * SSH CA configuration. Specify either vault.address or private*key*file, not both.
     */
    ca: outputs.TwingateGatewayConfigSshCa;
    /**
     * SSH gateway settings. All fields are optional and fall back to built-in defaults.
     */
    gateway: outputs.TwingateGatewayConfigSshGateway;
    /**
     * List of SSH resources. Accepts full twingate*ssh*resource references.
     */
    resources?: outputs.TwingateGatewayConfigSshResource[];
}
export interface TwingateGatewayConfigSshCa {
    /**
     * Path to the SSH CA private key file. Can't be used together with vault.address.
     */
    privateKeyFile?: string;
    /**
     * Vault SSH CA configuration.
     */
    vault: outputs.TwingateGatewayConfigSshCaVault;
}
export interface TwingateGatewayConfigSshCaVault {
    /**
     * Vault server address. Can't be used together with ca.private*key*file.
     */
    address?: string;
    /**
     * Vault authentication configuration.
     */
    auth: outputs.TwingateGatewayConfigSshCaVaultAuth;
    /**
     * Path to the Vault CA bundle file. Default: "/etc/ssl/vault-ca.crt".
     */
    caBundleFile: string;
    /**
     * Vault SSH secrets engine mount path. Default: "ssh".
     */
    mount: string;
    /**
     * Vault role for signing certificates. Default: "gateway".
     */
    role: string;
}
export interface TwingateGatewayConfigSshCaVaultAuth {
    /**
     * GCP authentication for Vault. Can't be used together with token.
     */
    gcp: outputs.TwingateGatewayConfigSshCaVaultAuthGcp;
    /**
     * Vault token used for authentication. Can't be used together with gcp.
     */
    token?: string;
}
export interface TwingateGatewayConfigSshCaVaultAuthGcp {
    /**
     * Vault GCP auth mount path. Default: "gcp".
     */
    mount: string;
    /**
     * GCP IAM role for Vault GCP authentication.
     */
    role?: string;
    /**
     * Service account email. Required when type is "iam".
     */
    serviceAccountEmail?: string;
    /**
     * GCP authentication type for Vault (e.g. "iam" or "gce"). When set to "iam", service*account*email is required.
     */
    type?: string;
}
export interface TwingateGatewayConfigSshGateway {
    /**
     * Host certificate TTL. Default: "24h".
     */
    hostCertTtl: string;
    /**
     * SSH key type. Default: "ed25519".
     */
    keyType: string;
    /**
     * User certificate TTL. Default: "5m".
     */
    userCertTtl: string;
    /**
     * SSH gateway username. Default: "gateway".
     */
    username: string;
}
export interface TwingateGatewayConfigSshResource {
    address: string;
    name: string;
    username: string;
}
export interface TwingateGatewayConfigTls {
    /**
     * Path to the TLS certificate file. Default: "/etc/gateway/tls.crt".
     */
    certificateFile: string;
    /**
     * Path to the TLS private key file. Default: "/etc/gateway/tls.key".
     */
    privateKeyFile: string;
}
export interface TwingateKubernetesResourceAccessGroup {
    /**
     * Restrict access according to JIT access policy
     */
    accessPolicies?: outputs.TwingateKubernetesResourceAccessGroupAccessPolicy[];
    /**
     * Group ID that will have permission to access the Resource.
     */
    groupId: string;
    /**
     * The ID of a `twingate.getTwingateSecurityPolicy` to use as the access policy for the group IDs in the access block. Default is 'Null' which points to `Default Policy` on Admin console.
     */
    securityPolicyId: string;
}
export interface TwingateKubernetesResourceAccessGroupAccessPolicy {
    /**
     * This will set the approval model for the policy. The valid values are `AUTOMATIC` and `MANUAL`.
     */
    approvalMode: string;
    /**
     * This will set the access duration for the policy. Duration must be between 1 hour and 365 days. Examples of valid values include `1h` and `2d`.
     */
    duration: string;
    /**
     * This will set the accessPolicy mode for the policy. The valid values are `MANUAL`, `AUTO_LOCK` and `ACCESS_REQUEST`.
     */
    mode: string;
}
export interface TwingateKubernetesResourceAccessPolicy {
    /**
     * This will set the approval model for the policy. The valid values are `AUTOMATIC` and `MANUAL`.
     */
    approvalMode: string;
    /**
     * This will set the access duration for the policy. Duration must be between 1 hour and 365 days. Examples of valid values include `1h` and `2d`.
     */
    duration: string;
    /**
     * This will set the accessPolicy mode for the policy. The valid values are `MANUAL`, `AUTO_LOCK` and `ACCESS_REQUEST`.
     */
    mode: string;
}
export interface TwingateKubernetesResourceProtocols {
    /**
     * Whether to allow ICMP (ping) traffic
     */
    allowIcmp: boolean;
    tcp: outputs.TwingateKubernetesResourceProtocolsTcp;
    udp: outputs.TwingateKubernetesResourceProtocolsUdp;
}
export interface TwingateKubernetesResourceProtocolsTcp {
    /**
     * Whether to allow or deny all ports, or restrict protocol access within certain port ranges: Can be `RESTRICTED` (only listed ports are allowed), `ALLOW_ALL`, or `DENY_ALL`
     */
    policy: string;
    /**
     * List of port ranges between 1 and 65535 inclusive, in the format `100-200` for a range, or `8080` for a single port
     */
    ports: string[];
}
export interface TwingateKubernetesResourceProtocolsUdp {
    /**
     * Whether to allow or deny all ports, or restrict protocol access within certain port ranges: Can be `RESTRICTED` (only listed ports are allowed), `ALLOW_ALL`, or `DENY_ALL`
     */
    policy: string;
    /**
     * List of port ranges between 1 and 65535 inclusive, in the format `100-200` for a range, or `8080` for a single port
     */
    ports: string[];
}
export interface TwingateResourceAccessGroup {
    /**
     * Restrict access according to JIT access policy
     */
    accessPolicies?: outputs.TwingateResourceAccessGroupAccessPolicy[];
    /**
     * Group ID that will have permission to access the Resource.
     */
    groupId: string;
    /**
     * The ID of a `twingate.getTwingateSecurityPolicy` to use as the access policy for the group IDs in the access block. Default is 'Null' which points to `Default Policy` on Admin console.
     */
    securityPolicyId: string;
}
export interface TwingateResourceAccessGroupAccessPolicy {
    /**
     * This will set the approval model for the policy. The valid values are `AUTOMATIC` and `MANUAL`.
     */
    approvalMode: string;
    /**
     * This will set the access duration for the policy. Duration must be between 1 hour and 365 days. Examples of valid values include `1h` and `2d`.
     */
    duration: string;
    /**
     * This will set the accessPolicy mode for the policy. The valid values are `MANUAL`, `AUTO_LOCK` and `ACCESS_REQUEST`.
     */
    mode: string;
}
export interface TwingateResourceAccessPolicy {
    /**
     * This will set the approval model for the policy. The valid values are `AUTOMATIC` and `MANUAL`.
     */
    approvalMode: string;
    /**
     * This will set the access duration for the policy. Duration must be between 1 hour and 365 days. Examples of valid values include `1h` and `2d`.
     */
    duration: string;
    /**
     * This will set the accessPolicy mode for the policy. The valid values are `MANUAL`, `AUTO_LOCK` and `ACCESS_REQUEST`.
     */
    mode: string;
}
export interface TwingateResourceAccessService {
    /**
     * The ID of the service account that should have access to this Resource.
     */
    serviceAccountId: string;
}
export interface TwingateResourceProtocols {
    /**
     * Whether to allow ICMP (ping) traffic
     */
    allowIcmp: boolean;
    tcp: outputs.TwingateResourceProtocolsTcp;
    udp: outputs.TwingateResourceProtocolsUdp;
}
export interface TwingateResourceProtocolsTcp {
    /**
     * Whether to allow or deny all ports, or restrict protocol access within certain port ranges: Can be `RESTRICTED` (only listed ports are allowed), `ALLOW_ALL`, or `DENY_ALL`
     */
    policy: string;
    /**
     * List of port ranges between 1 and 65535 inclusive, in the format `100-200` for a range, or `8080` for a single port
     */
    ports: string[];
}
export interface TwingateResourceProtocolsUdp {
    /**
     * Whether to allow or deny all ports, or restrict protocol access within certain port ranges: Can be `RESTRICTED` (only listed ports are allowed), `ALLOW_ALL`, or `DENY_ALL`
     */
    policy: string;
    /**
     * List of port ranges between 1 and 65535 inclusive, in the format `100-200` for a range, or `8080` for a single port
     */
    ports: string[];
}
export interface TwingateSSHResourceAccessGroup {
    /**
     * Restrict access according to JIT access policy
     */
    accessPolicies?: outputs.TwingateSSHResourceAccessGroupAccessPolicy[];
    /**
     * Group ID that will have permission to access the Resource.
     */
    groupId: string;
    /**
     * The ID of a `twingate.getTwingateSecurityPolicy` to use as the access policy for the group IDs in the access block. Default is 'Null' which points to `Default Policy` on Admin console.
     */
    securityPolicyId: string;
}
export interface TwingateSSHResourceAccessGroupAccessPolicy {
    /**
     * This will set the approval model for the policy. The valid values are `AUTOMATIC` and `MANUAL`.
     */
    approvalMode: string;
    /**
     * This will set the access duration for the policy. Duration must be between 1 hour and 365 days. Examples of valid values include `1h` and `2d`.
     */
    duration: string;
    /**
     * This will set the accessPolicy mode for the policy. The valid values are `MANUAL`, `AUTO_LOCK` and `ACCESS_REQUEST`.
     */
    mode: string;
}
export interface TwingateSSHResourceAccessPolicy {
    /**
     * This will set the approval model for the policy. The valid values are `AUTOMATIC` and `MANUAL`.
     */
    approvalMode: string;
    /**
     * This will set the access duration for the policy. Duration must be between 1 hour and 365 days. Examples of valid values include `1h` and `2d`.
     */
    duration: string;
    /**
     * This will set the accessPolicy mode for the policy. The valid values are `MANUAL`, `AUTO_LOCK` and `ACCESS_REQUEST`.
     */
    mode: string;
}
export interface TwingateSSHResourceProtocols {
    /**
     * Whether to allow ICMP (ping) traffic
     */
    allowIcmp: boolean;
    tcp: outputs.TwingateSSHResourceProtocolsTcp;
    udp: outputs.TwingateSSHResourceProtocolsUdp;
}
export interface TwingateSSHResourceProtocolsTcp {
    /**
     * Whether to allow or deny all ports, or restrict protocol access within certain port ranges: Can be `RESTRICTED` (only listed ports are allowed), `ALLOW_ALL`, or `DENY_ALL`
     */
    policy: string;
    /**
     * List of port ranges between 1 and 65535 inclusive, in the format `100-200` for a range, or `8080` for a single port
     */
    ports: string[];
}
export interface TwingateSSHResourceProtocolsUdp {
    /**
     * Whether to allow or deny all ports, or restrict protocol access within certain port ranges: Can be `RESTRICTED` (only listed ports are allowed), `ALLOW_ALL`, or `DENY_ALL`
     */
    policy: string;
    /**
     * List of port ranges between 1 and 65535 inclusive, in the format `100-200` for a range, or `8080` for a single port
     */
    ports: string[];
}
export declare namespace config {
    interface Cache {
        /**
         * Specifies whether the provider should cache groups. The default value is `true`.
         */
        groupsEnabled?: boolean;
        /**
         * Specifies the filter for the groups to be cached.
         */
        groupsFilter?: outputs.config.CacheGroupsFilter;
        /**
         * Specifies whether the provider should cache resources. The default value is `true`.
         */
        resourceEnabled?: boolean;
        /**
         * Specifies the filter for the resources to be cached.
         */
        resourcesFilter?: outputs.config.CacheResourcesFilter;
    }
    interface CacheGroupsFilter {
        /**
         * Returns only Groups matching the specified state.
         */
        isActive?: boolean;
        /**
         * Returns only groups that exactly match this name. If no options are passed it will return all resources. Only one option can be used at a time.
         */
        name?: string;
        /**
         * Match when the value exist in the name of the group.
         */
        nameContains?: string;
        /**
         * Match when the exact value does not exist in the name of the group.
         */
        nameExclude?: string;
        /**
         * The name of the group must start with the value.
         */
        namePrefix?: string;
        /**
         * The regular expression match of the name of the group.
         */
        nameRegexp?: string;
        /**
         * The name of the group must end with the value.
         */
        nameSuffix?: string;
        /**
         * Returns groups that match a list of types. valid types: `MANUAL`, `SYNCED`, `SYSTEM`.
         */
        types?: string[];
    }
    interface CacheResourcesFilter {
        /**
         * Returns only resources that exactly match this name. If no options are passed it will return all resources. Only one option can be used at a time.
         */
        name?: string;
        /**
         * Match when the value exist in the name of the resource.
         */
        nameContains?: string;
        /**
         * Match when the exact value does not exist in the name of the resource.
         */
        nameExclude?: string;
        /**
         * The name of the resource must start with the value.
         */
        namePrefix?: string;
        /**
         * The regular expression match of the name of the resource.
         */
        nameRegexp?: string;
        /**
         * The name of the resource must end with the value.
         */
        nameSuffix?: string;
        /**
         * Returns only resources that exactly match the given tags.
         */
        tags?: {
            [key: string]: string;
        };
    }
    interface DefaultTags {
        /**
         * A map of key-value pair tags to be set on all resources by default.
         */
        tags?: {
            [key: string]: string;
        };
    }
}