Package com.pulumi.gcp.networksecurity

Class GatewaySecurityPolicy

  • public class GatewaySecurityPolicy
extends com.pulumi.resources.CustomResource
    The GatewaySecurityPolicy resource contains a collection of GatewaySecurityPolicyRules and associated metadata. To get more information about GatewaySecurityPolicy, see: * [API documentation](https://cloud.google.com/secure-web-proxy/docs/reference/network-security/rest/v1/projects.locations.gatewaySecurityPolicies) ## Example Usage ### Network Security Gateway Security Policy Basic ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.gcp.networksecurity.GatewaySecurityPolicy; import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var default_ = new GatewaySecurityPolicy("default", GatewaySecurityPolicyArgs.builder() .description("my description") .location("us-central1") .build()); } } ``` ### Network Security Gateway Security Policy Tls Inspection Basic ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.gcp.certificateauthority.CaPool; import com.pulumi.gcp.certificateauthority.CaPoolArgs; import com.pulumi.gcp.certificateauthority.inputs.CaPoolPublishingOptionsArgs; import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyArgs; import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyBaselineValuesArgs; import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs; import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs; import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyBaselineValuesKeyUsageBaseKeyUsageArgs; import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs; import com.pulumi.gcp.certificateauthority.Authority; import com.pulumi.gcp.certificateauthority.AuthorityArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigCaOptionsArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs; import com.pulumi.gcp.certificateauthority.inputs.AuthorityKeySpecArgs; import com.pulumi.gcp.projects.ServiceIdentity; import com.pulumi.gcp.projects.ServiceIdentityArgs; import com.pulumi.gcp.certificateauthority.CaPoolIamMember; import com.pulumi.gcp.certificateauthority.CaPoolIamMemberArgs; import com.pulumi.gcp.networksecurity.TlsInspectionPolicy; import com.pulumi.gcp.networksecurity.TlsInspectionPolicyArgs; import com.pulumi.gcp.networksecurity.GatewaySecurityPolicy; import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyArgs; import com.pulumi.resources.CustomResourceOptions; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var defaultCaPool = new CaPool("defaultCaPool", CaPoolArgs.builder() .location("us-central1") .tier("DEVOPS") .publishingOptions(CaPoolPublishingOptionsArgs.builder() .publishCaCert(false) .publishCrl(false) .build()) .issuancePolicy(CaPoolIssuancePolicyArgs.builder() .maximumLifetime("1209600s") .baselineValues(CaPoolIssuancePolicyBaselineValuesArgs.builder() .caOptions(CaPoolIssuancePolicyBaselineValuesCaOptionsArgs.builder() .isCa(false) .build()) .keyUsage(CaPoolIssuancePolicyBaselineValuesKeyUsageArgs.builder() .baseKeyUsage() .extendedKeyUsage(CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs.builder() .serverAuth(true) .build()) .build()) .build()) .build()) .build(), CustomResourceOptions.builder() .provider(google_beta) .build()); var defaultAuthority = new Authority("defaultAuthority", AuthorityArgs.builder() .pool(defaultCaPool.name()) .certificateAuthorityId("my-basic-certificate-authority") .location("us-central1") .lifetime("86400s") .type("SELF_SIGNED") .deletionProtection(false) .skipGracePeriod(true) .ignoreActiveCertificatesOnDeletion(true) .config(AuthorityConfigArgs.builder() .subjectConfig(AuthorityConfigSubjectConfigArgs.builder() .subject(AuthorityConfigSubjectConfigSubjectArgs.builder() .organization("Test LLC") .commonName("my-ca") .build()) .build()) .x509Config(AuthorityConfigX509ConfigArgs.builder() .caOptions(AuthorityConfigX509ConfigCaOptionsArgs.builder() .isCa(true) .build()) .keyUsage(AuthorityConfigX509ConfigKeyUsageArgs.builder() .baseKeyUsage(AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs.builder() .certSign(true) .crlSign(true) .build()) .extendedKeyUsage(AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs.builder() .serverAuth(false) .build()) .build()) .build()) .build()) .keySpec(AuthorityKeySpecArgs.builder() .algorithm("RSA_PKCS1_4096_SHA256") .build()) .build(), CustomResourceOptions.builder() .provider(google_beta) .build()); var nsSa = new ServiceIdentity("nsSa", ServiceIdentityArgs.builder() .service("networksecurity.googleapis.com") .build(), CustomResourceOptions.builder() .provider(google_beta) .build()); var tlsInspectionPermission = new CaPoolIamMember("tlsInspectionPermission", CaPoolIamMemberArgs.builder() .caPool(defaultCaPool.id()) .role("roles/privateca.certificateManager") .member(nsSa.email().applyValue(email -> String.format("serviceAccount:%s", email))) .build(), CustomResourceOptions.builder() .provider(google_beta) .build()); var defaultTlsInspectionPolicy = new TlsInspectionPolicy("defaultTlsInspectionPolicy", TlsInspectionPolicyArgs.builder() .location("us-central1") .caPool(defaultCaPool.id()) .build(), CustomResourceOptions.builder() .provider(google_beta) .dependsOn( defaultCaPool, defaultAuthority, tlsInspectionPermission) .build()); var defaultGatewaySecurityPolicy = new GatewaySecurityPolicy("defaultGatewaySecurityPolicy", GatewaySecurityPolicyArgs.builder() .location("us-central1") .description("my description") .tlsInspectionPolicy(defaultTlsInspectionPolicy.id()) .build(), CustomResourceOptions.builder() .provider(google_beta) .dependsOn(defaultTlsInspectionPolicy) .build()); } } ``` ## Import GatewaySecurityPolicy can be imported using any of these accepted formats ```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{name}} ``` ```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{project}}/{{location}}/{{name}} ``` ```sh $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{location}}/{{name}} ```

    • Nested Class Summary

      • Nested classes/interfaces inherited from class com.pulumi.resources.CustomResource

        com.pulumi.resources.CustomResource.CustomResourceInternal

      • Nested classes/interfaces inherited from class com.pulumi.resources.Resource

        com.pulumi.resources.Resource.LazyField<T extends java.lang.Object>, com.pulumi.resources.Resource.LazyFields, com.pulumi.resources.Resource.ResourceInternal

    • Field Summary

      • Fields inherited from class com.pulumi.resources.Resource

        childResources, remote

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      com.pulumi.core.Output<java.lang.String> createTime()  
      com.pulumi.core.Output<java.util.Optional<java.lang.String>> description()  
      static GatewaySecurityPolicy get​(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, GatewaySecurityPolicyState state, com.pulumi.resources.CustomResourceOptions options)
      Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
      com.pulumi.core.Output<java.util.Optional<java.lang.String>> location()  
      com.pulumi.core.Output<java.lang.String> name()  
      com.pulumi.core.Output<java.lang.String> project()  
      com.pulumi.core.Output<java.lang.String> selfLink()  
      com.pulumi.core.Output<java.util.Optional<java.lang.String>> tlsInspectionPolicy()  
      com.pulumi.core.Output<java.lang.String> updateTime()  

      • Methods inherited from class com.pulumi.resources.CustomResource

        getId, idFuture

      • Methods inherited from class com.pulumi.resources.Resource

        getChildResources, getResourceName, getResourceType, getUrn

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • GatewaySecurityPolicy

        public GatewaySecurityPolicy​(java.lang.String name)
        Parameters:
        name - The _unique_ name of the resulting resource.

      • GatewaySecurityPolicy

        public GatewaySecurityPolicy​(java.lang.String name,
                             @Nullable
                             GatewaySecurityPolicyArgs args)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.

      • GatewaySecurityPolicy

        public GatewaySecurityPolicy​(java.lang.String name,
                             @Nullable
                             GatewaySecurityPolicyArgs args,
                             @Nullable
                             com.pulumi.resources.CustomResourceOptions options)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.
        options - A bag of options that control this resource's behavior.

    • Method Detail

      • createTime

        public com.pulumi.core.Output<java.lang.String> createTime()
        Returns:
        The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

      • description

        public com.pulumi.core.Output<java.util.Optional<java.lang.String>> description()
        Returns:
        A free-text description of the resource. Max length 1024 characters.

      • location

        public com.pulumi.core.Output<java.util.Optional<java.lang.String>> location()
        Returns:
        The location of the gateway security policy. The default value is `global`.

      • name

        public com.pulumi.core.Output<java.lang.String> name()
        Returns:
        Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$). ***

      • project

        public com.pulumi.core.Output<java.lang.String> project()
        Returns:
        The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

      • selfLink

        public com.pulumi.core.Output<java.lang.String> selfLink()
        Returns:
        Server-defined URL of this resource.

      • tlsInspectionPolicy

        public com.pulumi.core.Output<java.util.Optional<java.lang.String>> tlsInspectionPolicy()
        Returns:
        Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

      • updateTime

        public com.pulumi.core.Output<java.lang.String> updateTime()
        Returns:
        The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

      • get

        public static GatewaySecurityPolicy get​(java.lang.String name,
                                        com.pulumi.core.Output<java.lang.String> id,
                                        @Nullable
                                        GatewaySecurityPolicyState state,
                                        @Nullable
                                        com.pulumi.resources.CustomResourceOptions options)
        Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
        Parameters:
        name - The _unique_ name of the resulting resource.
        id - The _unique_ provider ID of the resource to lookup.
        state -
        options - Optional settings to control the behavior of the CustomResource.