Package com.pulumi.gcp.compute.inputs

Class RegionSecurityPolicyRuleState.Builder

    • Method Detail

      • action

        public RegionSecurityPolicyRuleState.Builder action​(@Nullable
                                                    com.pulumi.core.Output<java.lang.String> action)
        Parameters:
        action - The Action to perform when the rule is matched. The following are the valid actions: * allow: allow access to target. * deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for STATUS are 403, 404, and 502. * rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rateLimitOptions to be set. * redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. * throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this.
        Returns:
        builder

      • action

        public RegionSecurityPolicyRuleState.Builder action​(java.lang.String action)
        Parameters:
        action - The Action to perform when the rule is matched. The following are the valid actions: * allow: allow access to target. * deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for STATUS are 403, 404, and 502. * rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rateLimitOptions to be set. * redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. * throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this.
        Returns:
        builder

      • description

        public RegionSecurityPolicyRuleState.Builder description​(@Nullable
                                                         com.pulumi.core.Output<java.lang.String> description)
        Parameters:
        description - An optional description of this resource. Provide this property when you create the resource.
        Returns:
        builder

      • description

        public RegionSecurityPolicyRuleState.Builder description​(java.lang.String description)
        Parameters:
        description - An optional description of this resource. Provide this property when you create the resource.
        Returns:
        builder

      • networkMatch

        public RegionSecurityPolicyRuleState.Builder networkMatch​(@Nullable
                                                          com.pulumi.core.Output<RegionSecurityPolicyRuleNetworkMatchArgs> networkMatch)
        Parameters:
        networkMatch - A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). Field values may be extracted directly from the packet or derived from it (e.g. 'srcRegionCodes'). Some fields may not be present in every packet (e.g. 'srcPorts'). A user-defined field is only present if the base header is found in the packet and the entire field is in bounds. Each match field may specify which values can match it, listing one or more ranges, prefixes, or exact values that are considered a match for the field. A field value must be present in order to match a specified match field. If no match values are specified for a match field, then any field value is considered to match it, and it's not required to be present. For strings specifying '*' is also equivalent to match all. For a packet to match a rule, all specified match fields must match the corresponding field values derived from the packet. Example: networkMatch: srcIpRanges: - "192.0.2.0/24" - "198.51.100.0/24" userDefinedFields: - name: "ipv4_fragment_offset" values: - "1-0x1fff" The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named "ipv4_fragment_offset" with a value between 1 and 0x1fff inclusive Structure is documented below.
        Returns:
        builder

      • networkMatch

        public RegionSecurityPolicyRuleState.Builder networkMatch​(RegionSecurityPolicyRuleNetworkMatchArgs networkMatch)
        Parameters:
        networkMatch - A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). Field values may be extracted directly from the packet or derived from it (e.g. 'srcRegionCodes'). Some fields may not be present in every packet (e.g. 'srcPorts'). A user-defined field is only present if the base header is found in the packet and the entire field is in bounds. Each match field may specify which values can match it, listing one or more ranges, prefixes, or exact values that are considered a match for the field. A field value must be present in order to match a specified match field. If no match values are specified for a match field, then any field value is considered to match it, and it's not required to be present. For strings specifying '*' is also equivalent to match all. For a packet to match a rule, all specified match fields must match the corresponding field values derived from the packet. Example: networkMatch: srcIpRanges: - "192.0.2.0/24" - "198.51.100.0/24" userDefinedFields: - name: "ipv4_fragment_offset" values: - "1-0x1fff" The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named "ipv4_fragment_offset" with a value between 1 and 0x1fff inclusive Structure is documented below.
        Returns:
        builder

      • preview

        public RegionSecurityPolicyRuleState.Builder preview​(@Nullable
                                                     com.pulumi.core.Output<java.lang.Boolean> preview)
        Parameters:
        preview - If set to true, the specified action is not enforced.
        Returns:
        builder

      • preview

        public RegionSecurityPolicyRuleState.Builder preview​(java.lang.Boolean preview)
        Parameters:
        preview - If set to true, the specified action is not enforced.
        Returns:
        builder

      • priority

        public RegionSecurityPolicyRuleState.Builder priority​(@Nullable
                                                      com.pulumi.core.Output<java.lang.Integer> priority)
        Parameters:
        priority - An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
        Returns:
        builder

      • priority

        public RegionSecurityPolicyRuleState.Builder priority​(java.lang.Integer priority)
        Parameters:
        priority - An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
        Returns:
        builder

      • project

        public RegionSecurityPolicyRuleState.Builder project​(@Nullable
                                                     com.pulumi.core.Output<java.lang.String> project)
        Parameters:
        project - The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
        Returns:
        builder

      • project

        public RegionSecurityPolicyRuleState.Builder project​(java.lang.String project)
        Parameters:
        project - The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
        Returns:
        builder

      • region

        public RegionSecurityPolicyRuleState.Builder region​(@Nullable
                                                    com.pulumi.core.Output<java.lang.String> region)
        Parameters:
        region - The Region in which the created Region Security Policy rule should reside.
        Returns:
        builder

      • region

        public RegionSecurityPolicyRuleState.Builder region​(java.lang.String region)
        Parameters:
        region - The Region in which the created Region Security Policy rule should reside.
        Returns:
        builder

      • securityPolicy

        public RegionSecurityPolicyRuleState.Builder securityPolicy​(@Nullable
                                                            com.pulumi.core.Output<java.lang.String> securityPolicy)
        Parameters:
        securityPolicy - The name of the security policy this rule belongs to. ***
        Returns:
        builder

      • securityPolicy

        public RegionSecurityPolicyRuleState.Builder securityPolicy​(java.lang.String securityPolicy)
        Parameters:
        securityPolicy - The name of the security policy this rule belongs to. ***
        Returns:
        builder