| Address |
Represents an Address resource.
|
| AddressArgs |
|
| AddressArgs.Builder |
|
| AttachedDisk |
Persistent disks can be attached to a compute instance using the `attached_disk`
section within the compute instance configuration.
|
| AttachedDiskArgs |
|
| AttachedDiskArgs.Builder |
|
| Autoscaler |
Represents an Autoscaler resource.
|
| AutoscalerArgs |
|
| AutoscalerArgs.Builder |
|
| BackendBucket |
Backend buckets allow you to use Google Cloud Storage buckets with HTTP(S)
load balancing.
|
| BackendBucketArgs |
|
| BackendBucketArgs.Builder |
|
| BackendBucketIamBinding |
## Import
For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/global/backendBuckets/{{name}} * {{project}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration.
|
| BackendBucketIamBindingArgs |
|
| BackendBucketIamBindingArgs.Builder |
|
| BackendBucketIamMember |
## Import
For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/global/backendBuckets/{{name}} * {{project}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration.
|
| BackendBucketIamMemberArgs |
|
| BackendBucketIamMemberArgs.Builder |
|
| BackendBucketIamPolicy |
## Import
For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/global/backendBuckets/{{name}} * {{project}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration.
|
| BackendBucketIamPolicyArgs |
|
| BackendBucketIamPolicyArgs.Builder |
|
| BackendBucketSignedUrlKey |
A key for signing Cloud CDN signed URLs for BackendBuckets.
|
| BackendBucketSignedUrlKeyArgs |
|
| BackendBucketSignedUrlKeyArgs.Builder |
|
| BackendService |
A Backend Service defines a group of virtual machines that will serve
traffic for load balancing.
|
| BackendServiceArgs |
|
| BackendServiceArgs.Builder |
|
| BackendServiceIamBinding |
## Import
For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/global/backendServices/{{name}} * {{project}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration.
|
| BackendServiceIamBindingArgs |
|
| BackendServiceIamBindingArgs.Builder |
|
| BackendServiceIamMember |
## Import
For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/global/backendServices/{{name}} * {{project}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration.
|
| BackendServiceIamMemberArgs |
|
| BackendServiceIamMemberArgs.Builder |
|
| BackendServiceIamPolicy |
## Import
For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/global/backendServices/{{name}} * {{project}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration.
|
| BackendServiceIamPolicyArgs |
|
| BackendServiceIamPolicyArgs.Builder |
|
| BackendServiceSignedUrlKey |
A key for signing Cloud CDN signed URLs for Backend Services.
|
| BackendServiceSignedUrlKeyArgs |
|
| BackendServiceSignedUrlKeyArgs.Builder |
|
| CaExternalAccountKey |
A representation of an ExternalAccountKey used for external account binding within ACME.
|
| CaExternalAccountKeyArgs |
|
| CaExternalAccountKeyArgs.Builder |
|
| ComputeFunctions |
|
| Disk |
Persistent disks are durable storage devices that function similarly to
the physical disks in a desktop or a server.
|
| DiskArgs |
|
| DiskArgs.Builder |
|
| DiskAsyncReplication |
Starts and stops asynchronous persistent disk replication.
|
| DiskAsyncReplicationArgs |
|
| DiskAsyncReplicationArgs.Builder |
|
| DiskIamBinding |
Three different resources help you manage your IAM policy for Compute Engine Disk.
|
| DiskIamBindingArgs |
|
| DiskIamBindingArgs.Builder |
|
| DiskIamMember |
Three different resources help you manage your IAM policy for Compute Engine Disk.
|
| DiskIamMemberArgs |
|
| DiskIamMemberArgs.Builder |
|
| DiskIamPolicy |
Three different resources help you manage your IAM policy for Compute Engine Disk.
|
| DiskIamPolicyArgs |
|
| DiskIamPolicyArgs.Builder |
|
| DiskResourcePolicyAttachment |
Adds existing resource policies to a disk.
|
| DiskResourcePolicyAttachmentArgs |
|
| DiskResourcePolicyAttachmentArgs.Builder |
|
| ExternalVpnGateway |
Represents a VPN gateway managed outside of GCP.
|
| ExternalVpnGatewayArgs |
|
| ExternalVpnGatewayArgs.Builder |
|
| Firewall |
Each network has its own firewall controlling access to and from the
instances.
|
| FirewallArgs |
|
| FirewallArgs.Builder |
|
| FirewallPolicy |
Hierarchical firewall policy rules let you create and enforce a consistent firewall policy across your organization.
|
| FirewallPolicyArgs |
|
| FirewallPolicyArgs.Builder |
|
| FirewallPolicyAssociation |
Allows associating hierarchical firewall policies with the target where they are applied.
|
| FirewallPolicyAssociationArgs |
|
| FirewallPolicyAssociationArgs.Builder |
|
| FirewallPolicyRule |
The Compute FirewallPolicyRule resource
## Example Usage
### Basic_fir_sec_rule
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.AddressGroup;
import com.pulumi.gcp.networksecurity.AddressGroupArgs;
import com.pulumi.gcp.organizations.Folder;
import com.pulumi.gcp.organizations.FolderArgs;
import com.pulumi.gcp.compute.FirewallPolicy;
import com.pulumi.gcp.compute.FirewallPolicyArgs;
import com.pulumi.gcp.compute.FirewallPolicyRule;
import com.pulumi.gcp.compute.FirewallPolicyRuleArgs;
import com.pulumi.gcp.compute.inputs.FirewallPolicyRuleMatchArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var basicGlobalNetworksecurityAddressGroup = new AddressGroup("basicGlobalNetworksecurityAddressGroup", AddressGroupArgs.builder()
.parent("organizations/123456789")
.description("Sample global networksecurity_address_group")
.location("global")
.items("208.80.154.224/32")
.type("IPV4")
.capacity(100)
.build());
var folder = new Folder("folder", FolderArgs.builder()
.displayName("policy")
.parent("organizations/123456789")
.build());
var default_ = new FirewallPolicy("default", FirewallPolicyArgs.builder()
.parent(folder.id())
.shortName("policy")
.description("Resource created for Terraform acceptance testing")
.build());
var primary = new FirewallPolicyRule("primary", FirewallPolicyRuleArgs.builder()
.firewallPolicy(default_.name())
.description("Resource created for Terraform acceptance testing")
.priority(9000)
.enableLogging(true)
.action("allow")
.direction("EGRESS")
.disabled(false)
.match(FirewallPolicyRuleMatchArgs.builder()
.layer4Configs(
FirewallPolicyRuleMatchLayer4ConfigArgs.builder()
.ipProtocol("tcp")
.ports(8080)
.build(),
FirewallPolicyRuleMatchLayer4ConfigArgs.builder()
.ipProtocol("udp")
.ports(22)
.build())
.destIpRanges("11.100.0.1/32")
.destFqdns()
.destRegionCodes("US")
.destThreatIntelligences("iplist-known-malicious-ips")
.srcAddressGroups()
.destAddressGroups(basicGlobalNetworksecurityAddressGroup.id())
.build())
.targetServiceAccounts(" [email protected]")
.build());
}
}
```
## Import
FirewallPolicyRule can be imported using any of these accepted formats* `locations/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}` * `{{firewall_policy}}/{{priority}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import FirewallPolicyRule using one of the formats above. |
| FirewallPolicyRuleArgs |
|
| FirewallPolicyRuleArgs.Builder |
|
| ForwardingRule |
A ForwardingRule resource.
|
| ForwardingRuleArgs |
|
| ForwardingRuleArgs.Builder |
|
| GlobalAddress |
Represents a Global Address resource.
|
| GlobalAddressArgs |
|
| GlobalAddressArgs.Builder |
|
| GlobalForwardingRule |
Represents a GlobalForwardingRule resource.
|
| GlobalForwardingRuleArgs |
|
| GlobalForwardingRuleArgs.Builder |
|
| GlobalNetworkEndpoint |
A Global Network endpoint represents a IP address and port combination that exists outside of GCP.
|
| GlobalNetworkEndpointArgs |
|
| GlobalNetworkEndpointArgs.Builder |
|
| GlobalNetworkEndpointGroup |
A global network endpoint group contains endpoints that reside outside of Google Cloud.
|
| GlobalNetworkEndpointGroupArgs |
|
| GlobalNetworkEndpointGroupArgs.Builder |
|
| HaVpnGateway |
Represents a VPN gateway running in GCP.
|
| HaVpnGatewayArgs |
|
| HaVpnGatewayArgs.Builder |
|
| HealthCheck |
Health Checks determine whether instances are responsive and able to do work.
|
| HealthCheckArgs |
|
| HealthCheckArgs.Builder |
|
| HttpHealthCheck |
An HttpHealthCheck resource.
|
| HttpHealthCheckArgs |
|
| HttpHealthCheckArgs.Builder |
|
| HttpsHealthCheck |
An HttpsHealthCheck resource.
|
| HttpsHealthCheckArgs |
|
| HttpsHealthCheckArgs.Builder |
|
| Image |
Represents an Image resource.
|
| ImageArgs |
|
| ImageArgs.Builder |
|
| ImageIamBinding |
Three different resources help you manage your IAM policy for Compute Engine Image.
|
| ImageIamBindingArgs |
|
| ImageIamBindingArgs.Builder |
|
| ImageIamMember |
Three different resources help you manage your IAM policy for Compute Engine Image.
|
| ImageIamMemberArgs |
|
| ImageIamMemberArgs.Builder |
|
| ImageIamPolicy |
Three different resources help you manage your IAM policy for Compute Engine Image.
|
| ImageIamPolicyArgs |
|
| ImageIamPolicyArgs.Builder |
|
| Instance |
Manages a VM instance resource within GCE.
|
| InstanceArgs |
|
| InstanceArgs.Builder |
|
| InstanceFromMachineImage |
Manages a VM instance resource within GCE.
|
| InstanceFromMachineImageArgs |
|
| InstanceFromMachineImageArgs.Builder |
|
| InstanceFromTemplate |
Manages a VM instance resource within GCE.
|
| InstanceFromTemplateArgs |
|
| InstanceFromTemplateArgs.Builder |
|
| InstanceGroup |
Creates a group of dissimilar Compute Engine virtual machine instances.
|
| InstanceGroupArgs |
|
| InstanceGroupArgs.Builder |
|
| InstanceGroupManager |
The Google Compute Engine Instance Group Manager API creates and manages pools
of homogeneous Compute Engine virtual machine instances from a common instance
template.
|
| InstanceGroupManagerArgs |
|
| InstanceGroupManagerArgs.Builder |
|
| InstanceGroupNamedPort |
Mange the named ports setting for a managed instance group without
managing the group as whole.
|
| InstanceGroupNamedPortArgs |
|
| InstanceGroupNamedPortArgs.Builder |
|
| InstanceIAMBinding |
Three different resources help you manage your IAM policy for Compute Engine Instance.
|
| InstanceIAMBindingArgs |
|
| InstanceIAMBindingArgs.Builder |
|
| InstanceIAMMember |
Three different resources help you manage your IAM policy for Compute Engine Instance.
|
| InstanceIAMMemberArgs |
|
| InstanceIAMMemberArgs.Builder |
|
| InstanceIAMPolicy |
Three different resources help you manage your IAM policy for Compute Engine Instance.
|
| InstanceIAMPolicyArgs |
|
| InstanceIAMPolicyArgs.Builder |
|
| InstanceSettings |
## Example Usage
### Instance Settings Basic
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.InstanceSettings;
import com.pulumi.gcp.compute.InstanceSettingsArgs;
import com.pulumi.gcp.compute.inputs.InstanceSettingsMetadataArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var gceInstanceSettings = new InstanceSettings("gceInstanceSettings", InstanceSettingsArgs.builder()
.zone("us-east7-b")
.metadata(InstanceSettingsMetadataArgs.builder()
.items(Map.of("foo", "baz"))
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
```
## Import
InstanceSettings can be imported using any of these accepted formats* `projects/{{project}}/zones/{{zone}}/instanceSettings` * `{{project}}/{{zone}}` * `{{zone}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import InstanceSettings using one of the formats above.
|
| InstanceSettingsArgs |
|
| InstanceSettingsArgs.Builder |
|
| InstanceTemplate |
> **Note**: Global instance templates can be used in any region.
|
| InstanceTemplateArgs |
|
| InstanceTemplateArgs.Builder |
|
| InterconnectAttachment |
Represents an InterconnectAttachment (VLAN attachment) resource.
|
| InterconnectAttachmentArgs |
|
| InterconnectAttachmentArgs.Builder |
|
| MachineImage |
Represents a Machine Image resource.
|
| MachineImageArgs |
|
| MachineImageArgs.Builder |
|
| MachineImageIamBinding |
Three different resources help you manage your IAM policy for Compute Engine MachineImage.
|
| MachineImageIamBindingArgs |
|
| MachineImageIamBindingArgs.Builder |
|
| MachineImageIamMember |
Three different resources help you manage your IAM policy for Compute Engine MachineImage.
|
| MachineImageIamMemberArgs |
|
| MachineImageIamMemberArgs.Builder |
|
| MachineImageIamPolicy |
Three different resources help you manage your IAM policy for Compute Engine MachineImage.
|
| MachineImageIamPolicyArgs |
|
| MachineImageIamPolicyArgs.Builder |
|
| ManagedSslCertificate |
An SslCertificate resource, used for HTTPS load balancing.
|
| ManagedSslCertificateArgs |
|
| ManagedSslCertificateArgs.Builder |
|
| MangedSslCertificate |
Deprecated.
|
| MangedSslCertificateArgs |
|
| MangedSslCertificateArgs.Builder |
|
| Network |
Manages a VPC network or legacy network resource on GCP.
|
| NetworkArgs |
|
| NetworkArgs.Builder |
|
| NetworkAttachment |
## Example Usage
### Network Attachment Basic
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.organizations.Project;
import com.pulumi.gcp.organizations.ProjectArgs;
import com.pulumi.gcp.compute.NetworkAttachment;
import com.pulumi.gcp.compute.NetworkAttachmentArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
.region("us-central1")
.network(defaultNetwork.id())
.ipCidrRange("10.0.0.0/16")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var rejectedProducerProject = new Project("rejectedProducerProject", ProjectArgs.builder()
.projectId("prj-rejected")
.orgId("123456789")
.billingAccount("000000-0000000-0000000-000000")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var acceptedProducerProject = new Project("acceptedProducerProject", ProjectArgs.builder()
.projectId("prj-accepted")
.orgId("123456789")
.billingAccount("000000-0000000-0000000-000000")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultNetworkAttachment = new NetworkAttachment("defaultNetworkAttachment", NetworkAttachmentArgs.builder()
.region("us-central1")
.description("basic network attachment description")
.connectionPreference("ACCEPT_MANUAL")
.subnetworks(defaultSubnetwork.selfLink())
.producerAcceptLists(acceptedProducerProject.projectId())
.producerRejectLists(rejectedProducerProject.projectId())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
```
### Network Attachment Instance Usage
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.compute.NetworkAttachment;
import com.pulumi.gcp.compute.NetworkAttachmentArgs;
import com.pulumi.gcp.compute.Instance;
import com.pulumi.gcp.compute.InstanceArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;
import com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultNetwork = new Network("defaultNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultSubnetwork = new Subnetwork("defaultSubnetwork", SubnetworkArgs.builder()
.region("us-central1")
.network(defaultNetwork.id())
.ipCidrRange("10.0.0.0/16")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultNetworkAttachment = new NetworkAttachment("defaultNetworkAttachment", NetworkAttachmentArgs.builder()
.region("us-central1")
.description("my basic network attachment")
.subnetworks(defaultSubnetwork.id())
.connectionPreference("ACCEPT_AUTOMATIC")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var defaultInstance = new Instance("defaultInstance", InstanceArgs.builder()
.zone("us-central1-a")
.machineType("e2-micro")
.bootDisk(InstanceBootDiskArgs.builder()
.initializeParams(InstanceBootDiskInitializeParamsArgs.builder()
.image("debian-cloud/debian-11")
.build())
.build())
.networkInterfaces(
InstanceNetworkInterfaceArgs.builder()
.network("default")
.build(),
InstanceNetworkInterfaceArgs.builder()
.networkAttachment(defaultNetworkAttachment.selfLink())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
```
## Import
NetworkAttachment can be imported using any of these accepted formats* `projects/{{project}}/regions/{{region}}/networkAttachments/{{name}}` * `{{project}}/{{region}}/{{name}}` * `{{region}}/{{name}}` * `{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import NetworkAttachment using one of the formats above.
|
| NetworkAttachmentArgs |
|
| NetworkAttachmentArgs.Builder |
|
| NetworkEdgeSecurityService |
## Example Usage
### Compute Network Edge Security Service Basic
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.NetworkEdgeSecurityService;
import com.pulumi.gcp.compute.NetworkEdgeSecurityServiceArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new NetworkEdgeSecurityService("default", NetworkEdgeSecurityServiceArgs.builder()
.region("us-east1")
.description("My basic resource")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
```
## Import
NetworkEdgeSecurityService can be imported using any of these accepted formats* `projects/{{project}}/regions/{{region}}/networkEdgeSecurityServices/{{name}}` * `{{project}}/{{region}}/{{name}}` * `{{region}}/{{name}}` * `{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import NetworkEdgeSecurityService using one of the formats above.
|
| NetworkEdgeSecurityServiceArgs |
|
| NetworkEdgeSecurityServiceArgs.Builder |
|
| NetworkEndpoint |
A Network endpoint represents a IP address and port combination that is
part of a specific network endpoint group (NEG).
|
| NetworkEndpointArgs |
|
| NetworkEndpointArgs.Builder |
|
| NetworkEndpointGroup |
Network endpoint groups (NEGs) are zonal resources that represent
collections of IP address and port combinations for GCP resources within a
single subnet.
|
| NetworkEndpointGroupArgs |
|
| NetworkEndpointGroupArgs.Builder |
|
| NetworkEndpointList |
A set of network endpoints belonging to a network endpoint group (NEG).
|
| NetworkEndpointListArgs |
|
| NetworkEndpointListArgs.Builder |
|
| NetworkFirewallPolicy |
The Compute NetworkFirewallPolicy resource
## Example Usage
### Global
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.NetworkFirewallPolicy;
import com.pulumi.gcp.compute.NetworkFirewallPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var primary = new NetworkFirewallPolicy("primary", NetworkFirewallPolicyArgs.builder()
.description("Sample global network firewall policy")
.project("my-project-name")
.build());
}
}
```
## Import
NetworkFirewallPolicy can be imported using any of these accepted formats* `projects/{{project}}/global/firewallPolicies/{{name}}` * `{{project}}/{{name}}` * `{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import NetworkFirewallPolicy using one of the formats above.
|
| NetworkFirewallPolicyArgs |
|
| NetworkFirewallPolicyArgs.Builder |
|
| NetworkFirewallPolicyAssociation |
The Compute NetworkFirewallPolicyAssociation resource
## Example Usage
### Global
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.NetworkFirewallPolicy;
import com.pulumi.gcp.compute.NetworkFirewallPolicyArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkFirewallPolicyAssociation;
import com.pulumi.gcp.compute.NetworkFirewallPolicyAssociationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var networkFirewallPolicy = new NetworkFirewallPolicy("networkFirewallPolicy", NetworkFirewallPolicyArgs.builder()
.project("my-project-name")
.description("Sample global network firewall policy")
.build());
var network = new Network("network");
var primary = new NetworkFirewallPolicyAssociation("primary", NetworkFirewallPolicyAssociationArgs.builder()
.attachmentTarget(network.id())
.firewallPolicy(networkFirewallPolicy.name())
.project("my-project-name")
.build());
}
}
```
## Import
NetworkFirewallPolicyAssociation can be imported using any of these accepted formats* `projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}` * `{{project}}/{{firewall_policy}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import NetworkFirewallPolicyAssociation using one of the formats above.
|
| NetworkFirewallPolicyAssociationArgs |
|
| NetworkFirewallPolicyAssociationArgs.Builder |
|
| NetworkFirewallPolicyRule |
The Compute NetworkFirewallPolicyRule resource
## Example Usage
### Global
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.AddressGroup;
import com.pulumi.gcp.networksecurity.AddressGroupArgs;
import com.pulumi.gcp.compute.NetworkFirewallPolicy;
import com.pulumi.gcp.compute.NetworkFirewallPolicyArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.tags.TagKey;
import com.pulumi.gcp.tags.TagKeyArgs;
import com.pulumi.gcp.tags.TagValue;
import com.pulumi.gcp.tags.TagValueArgs;
import com.pulumi.gcp.compute.NetworkFirewallPolicyRule;
import com.pulumi.gcp.compute.NetworkFirewallPolicyRuleArgs;
import com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyRuleMatchArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var basicGlobalNetworksecurityAddressGroup = new AddressGroup("basicGlobalNetworksecurityAddressGroup", AddressGroupArgs.builder()
.parent("projects/my-project-name")
.description("Sample global networksecurity_address_group")
.location("global")
.items("208.80.154.224/32")
.type("IPV4")
.capacity(100)
.build());
var basicNetworkFirewallPolicy = new NetworkFirewallPolicy("basicNetworkFirewallPolicy", NetworkFirewallPolicyArgs.builder()
.description("Sample global network firewall policy")
.project("my-project-name")
.build());
var basicNetwork = new Network("basicNetwork");
var basicKey = new TagKey("basicKey", TagKeyArgs.builder()
.description("For keyname resources.")
.parent("organizations/123456789")
.purpose("GCE_FIREWALL")
.shortName("tagkey")
.purposeData(Map.of("network", basicNetwork.name().applyValue(name -> String.format("my-project-name/%s", name))))
.build());
var basicValue = new TagValue("basicValue", TagValueArgs.builder()
.description("For valuename resources.")
.parent(basicKey.name().applyValue(name -> String.format("tagKeys/%s", name)))
.shortName("tagvalue")
.build());
var primary = new NetworkFirewallPolicyRule("primary", NetworkFirewallPolicyRuleArgs.builder()
.action("allow")
.description("This is a simple rule description")
.direction("INGRESS")
.disabled(false)
.enableLogging(true)
.firewallPolicy(basicNetworkFirewallPolicy.name())
.priority(1000)
.ruleName("test-rule")
.targetServiceAccounts(" [email protected]")
.match(NetworkFirewallPolicyRuleMatchArgs.builder()
.srcIpRanges("10.100.0.1/32")
.srcFqdns("google.com")
.srcRegionCodes("US")
.srcThreatIntelligences("iplist-known-malicious-ips")
.srcSecureTags(NetworkFirewallPolicyRuleMatchSrcSecureTagArgs.builder()
.name(basicValue.name().applyValue(name -> String.format("tagValues/%s", name)))
.build())
.layer4Configs(NetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()
.ipProtocol("all")
.build())
.srcAddressGroups(basicGlobalNetworksecurityAddressGroup.id())
.build())
.build());
}
}
```
## Import
NetworkFirewallPolicyRule can be imported using any of these accepted formats* `projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}` * `{{project}}/{{firewall_policy}}/{{priority}}` * `{{firewall_policy}}/{{priority}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import NetworkFirewallPolicyRule using one of the formats above. |
| NetworkFirewallPolicyRuleArgs |
|
| NetworkFirewallPolicyRuleArgs.Builder |
|
| NetworkPeering |
Manages a network peering within GCE.
|
| NetworkPeeringArgs |
|
| NetworkPeeringArgs.Builder |
|
| NetworkPeeringRoutesConfig |
Manage a network peering's route settings without managing the peering as
a whole.
|
| NetworkPeeringRoutesConfigArgs |
|
| NetworkPeeringRoutesConfigArgs.Builder |
|
| NodeGroup |
Represents a NodeGroup resource to manage a group of sole-tenant nodes.
|
| NodeGroupArgs |
|
| NodeGroupArgs.Builder |
|
| NodeTemplate |
Represents a NodeTemplate resource.
|
| NodeTemplateArgs |
|
| NodeTemplateArgs.Builder |
|
| OrganizationSecurityPolicy |
Organization security policies are used to control incoming/outgoing traffic.
|
| OrganizationSecurityPolicyArgs |
|
| OrganizationSecurityPolicyArgs.Builder |
|
| OrganizationSecurityPolicyAssociation |
An association for the OrganizationSecurityPolicy.
|
| OrganizationSecurityPolicyAssociationArgs |
|
| OrganizationSecurityPolicyAssociationArgs.Builder |
|
| OrganizationSecurityPolicyRule |
A rule for the OrganizationSecurityPolicy.
|
| OrganizationSecurityPolicyRuleArgs |
|
| OrganizationSecurityPolicyRuleArgs.Builder |
|
| PacketMirroring |
Packet Mirroring mirrors traffic to and from particular VM instances.
|
| PacketMirroringArgs |
|
| PacketMirroringArgs.Builder |
|
| PerInstanceConfig |
A config defined for a single managed instance that belongs to an instance group manager.
|
| PerInstanceConfigArgs |
|
| PerInstanceConfigArgs.Builder |
|
| ProjectDefaultNetworkTier |
Configures the Google Compute Engine
[Default Network Tier](https://cloud.google.com/network-tiers/docs/using-network-service-tiers#setting_the_tier_for_all_resources_in_a_project)
for a project.
|
| ProjectDefaultNetworkTierArgs |
|
| ProjectDefaultNetworkTierArgs.Builder |
|
| ProjectMetadata |
Authoritatively manages metadata common to all instances for a project in GCE.
|
| ProjectMetadataArgs |
|
| ProjectMetadataArgs.Builder |
|
| ProjectMetadataItem |
Manages a single key/value pair on metadata common to all instances for
a project in GCE.
|
| ProjectMetadataItemArgs |
|
| ProjectMetadataItemArgs.Builder |
|
| PublicAdvertisedPrefix |
Represents a PublicAdvertisedPrefix for use with bring your own IP addresses (BYOIP).
|
| PublicAdvertisedPrefixArgs |
|
| PublicAdvertisedPrefixArgs.Builder |
|
| PublicDelegatedPrefix |
Represents a PublicDelegatedPrefix for use with bring your own IP addresses (BYOIP).
|
| PublicDelegatedPrefixArgs |
|
| PublicDelegatedPrefixArgs.Builder |
|
| RegionAutoscaler |
Represents an Autoscaler resource.
|
| RegionAutoscalerArgs |
|
| RegionAutoscalerArgs.Builder |
|
| RegionBackendService |
A Region Backend Service defines a regionally-scoped group of virtual
machines that will serve traffic for load balancing.
|
| RegionBackendServiceArgs |
|
| RegionBackendServiceArgs.Builder |
|
| RegionBackendServiceIamBinding |
## Import
For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/regions/{{region}}/backendServices/{{name}} * {{project}}/{{region}}/{{name}} * {{region}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration.
|
| RegionBackendServiceIamBindingArgs |
|
| RegionBackendServiceIamBindingArgs.Builder |
|
| RegionBackendServiceIamMember |
## Import
For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/regions/{{region}}/backendServices/{{name}} * {{project}}/{{region}}/{{name}} * {{region}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration.
|
| RegionBackendServiceIamMemberArgs |
|
| RegionBackendServiceIamMemberArgs.Builder |
|
| RegionBackendServiceIamPolicy |
## Import
For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/regions/{{region}}/backendServices/{{name}} * {{project}}/{{region}}/{{name}} * {{region}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration.
|
| RegionBackendServiceIamPolicyArgs |
|
| RegionBackendServiceIamPolicyArgs.Builder |
|
| RegionCommitment |
Represents a regional Commitment resource.
|
| RegionCommitmentArgs |
|
| RegionCommitmentArgs.Builder |
|
| RegionDisk |
Persistent disks are durable storage devices that function similarly to
the physical disks in a desktop or a server.
|
| RegionDiskArgs |
|
| RegionDiskArgs.Builder |
|
| RegionDiskIamBinding |
Three different resources help you manage your IAM policy for Compute Engine Disk.
|
| RegionDiskIamBindingArgs |
|
| RegionDiskIamBindingArgs.Builder |
|
| RegionDiskIamMember |
Three different resources help you manage your IAM policy for Compute Engine Disk.
|
| RegionDiskIamMemberArgs |
|
| RegionDiskIamMemberArgs.Builder |
|
| RegionDiskIamPolicy |
Three different resources help you manage your IAM policy for Compute Engine Disk.
|
| RegionDiskIamPolicyArgs |
|
| RegionDiskIamPolicyArgs.Builder |
|
| RegionDiskResourcePolicyAttachment |
Adds existing resource policies to a disk.
|
| RegionDiskResourcePolicyAttachmentArgs |
|
| RegionDiskResourcePolicyAttachmentArgs.Builder |
|
| RegionHealthCheck |
Health Checks determine whether instances are responsive and able to do work.
|
| RegionHealthCheckArgs |
|
| RegionHealthCheckArgs.Builder |
|
| RegionInstanceGroupManager |
The Google Compute Engine Regional Instance Group Manager API creates and manages pools
of homogeneous Compute Engine virtual machine instances from a common instance
template.
|
| RegionInstanceGroupManagerArgs |
|
| RegionInstanceGroupManagerArgs.Builder |
|
| RegionInstanceTemplate |
## Import
Instance templates can be imported using any of these accepted formats* `projects/{{project}}/regions/{{region}}/instanceTemplates/{{name}}` * `{{project}}/{{name}}` * `{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import instance templates using one of the formats above.
|
| RegionInstanceTemplateArgs |
|
| RegionInstanceTemplateArgs.Builder |
|
| RegionNetworkEndpointGroup |
A regional NEG that can support Serverless Products.
|
| RegionNetworkEndpointGroupArgs |
|
| RegionNetworkEndpointGroupArgs.Builder |
|
| RegionNetworkFirewallPolicy |
The Compute NetworkFirewallPolicy resource
## Example Usage
### Regional
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionNetworkFirewallPolicy;
import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var primary = new RegionNetworkFirewallPolicy("primary", RegionNetworkFirewallPolicyArgs.builder()
.description("Sample regional network firewall policy")
.project("my-project-name")
.region("us-west1")
.build());
}
}
```
## Import
NetworkFirewallPolicy can be imported using any of these accepted formats* `projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}}` * `{{project}}/{{region}}/{{name}}` * `{{region}}/{{name}}` * `{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import NetworkFirewallPolicy using one of the formats above.
|
| RegionNetworkFirewallPolicyArgs |
|
| RegionNetworkFirewallPolicyArgs.Builder |
|
| RegionNetworkFirewallPolicyAssociation |
The Compute NetworkFirewallPolicyAssociation resource
## Example Usage
### Regional
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionNetworkFirewallPolicy;
import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyAssociation;
import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyAssociationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var basicRegionalNetworkFirewallPolicy = new RegionNetworkFirewallPolicy("basicRegionalNetworkFirewallPolicy", RegionNetworkFirewallPolicyArgs.builder()
.project("my-project-name")
.description("Sample global network firewall policy")
.region("us-west1")
.build());
var basicNetwork = new Network("basicNetwork");
var primary = new RegionNetworkFirewallPolicyAssociation("primary", RegionNetworkFirewallPolicyAssociationArgs.builder()
.attachmentTarget(basicNetwork.id())
.firewallPolicy(basicRegionalNetworkFirewallPolicy.name())
.project("my-project-name")
.region("us-west1")
.build());
}
}
```
## Import
NetworkFirewallPolicyAssociation can be imported using any of these accepted formats* `projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/associations/{{name}}` * `{{project}}/{{region}}/{{firewall_policy}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import NetworkFirewallPolicyAssociation using one of the formats above.
|
| RegionNetworkFirewallPolicyAssociationArgs |
|
| RegionNetworkFirewallPolicyAssociationArgs.Builder |
|
| RegionNetworkFirewallPolicyRule |
The Compute NetworkFirewallPolicyRule resource
## Example Usage
### Regional
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.AddressGroup;
import com.pulumi.gcp.networksecurity.AddressGroupArgs;
import com.pulumi.gcp.compute.RegionNetworkFirewallPolicy;
import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyArgs;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.tags.TagKey;
import com.pulumi.gcp.tags.TagKeyArgs;
import com.pulumi.gcp.tags.TagValue;
import com.pulumi.gcp.tags.TagValueArgs;
import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule;
import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRuleArgs;
import com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyRuleMatchArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var basicRegionalNetworksecurityAddressGroup = new AddressGroup("basicRegionalNetworksecurityAddressGroup", AddressGroupArgs.builder()
.parent("projects/my-project-name")
.description("Sample regional networksecurity_address_group")
.location("us-west1")
.items("208.80.154.224/32")
.type("IPV4")
.capacity(100)
.build());
var basicRegionalNetworkFirewallPolicy = new RegionNetworkFirewallPolicy("basicRegionalNetworkFirewallPolicy", RegionNetworkFirewallPolicyArgs.builder()
.description("Sample regional network firewall policy")
.project("my-project-name")
.region("us-west1")
.build());
var basicNetwork = new Network("basicNetwork");
var basicKey = new TagKey("basicKey", TagKeyArgs.builder()
.description("For keyname resources.")
.parent("organizations/123456789")
.purpose("GCE_FIREWALL")
.shortName("tagkey")
.purposeData(Map.of("network", basicNetwork.name().applyValue(name -> String.format("my-project-name/%s", name))))
.build());
var basicValue = new TagValue("basicValue", TagValueArgs.builder()
.description("For valuename resources.")
.parent(basicKey.name().applyValue(name -> String.format("tagKeys/%s", name)))
.shortName("tagvalue")
.build());
var primary = new RegionNetworkFirewallPolicyRule("primary", RegionNetworkFirewallPolicyRuleArgs.builder()
.action("allow")
.description("This is a simple rule description")
.direction("INGRESS")
.disabled(false)
.enableLogging(true)
.firewallPolicy(basicRegionalNetworkFirewallPolicy.name())
.priority(1000)
.region("us-west1")
.ruleName("test-rule")
.targetServiceAccounts(" [email protected]")
.match(RegionNetworkFirewallPolicyRuleMatchArgs.builder()
.srcIpRanges("10.100.0.1/32")
.srcFqdns("example.com")
.srcRegionCodes("US")
.srcThreatIntelligences("iplist-known-malicious-ips")
.layer4Configs(RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()
.ipProtocol("all")
.build())
.srcSecureTags(RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs.builder()
.name(basicValue.name().applyValue(name -> String.format("tagValues/%s", name)))
.build())
.srcAddressGroups(basicRegionalNetworksecurityAddressGroup.id())
.build())
.build());
}
}
```
## Import
NetworkFirewallPolicyRule can be imported using any of these accepted formats* `projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/{{priority}}` * `{{project}}/{{region}}/{{firewall_policy}}/{{priority}}` * `{{region}}/{{firewall_policy}}/{{priority}}` * `{{firewall_policy}}/{{priority}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import NetworkFirewallPolicyRule using one of the formats above. |
| RegionNetworkFirewallPolicyRuleArgs |
|
| RegionNetworkFirewallPolicyRuleArgs.Builder |
|
| RegionPerInstanceConfig |
A config defined for a single managed instance that belongs to an instance group manager.
|
| RegionPerInstanceConfigArgs |
|
| RegionPerInstanceConfigArgs.Builder |
|
| RegionSecurityPolicy |
## Example Usage
### Region Security Policy Basic
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionSecurityPolicy;
import com.pulumi.gcp.compute.RegionSecurityPolicyArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var region_sec_policy_basic = new RegionSecurityPolicy("region-sec-policy-basic", RegionSecurityPolicyArgs.builder()
.description("basic region security policy")
.type("CLOUD_ARMOR")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
```
### Region Security Policy With Ddos Protection Config
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionSecurityPolicy;
import com.pulumi.gcp.compute.RegionSecurityPolicyArgs;
import com.pulumi.gcp.compute.inputs.RegionSecurityPolicyDdosProtectionConfigArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var region_sec_policy_ddos_protection = new RegionSecurityPolicy("region-sec-policy-ddos-protection", RegionSecurityPolicyArgs.builder()
.description("with ddos protection config")
.type("CLOUD_ARMOR_NETWORK")
.ddosProtectionConfig(RegionSecurityPolicyDdosProtectionConfigArgs.builder()
.ddosProtection("ADVANCED_PREVIEW")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
```
### Region Security Policy With User Defined Fields
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionSecurityPolicy;
import com.pulumi.gcp.compute.RegionSecurityPolicyArgs;
import com.pulumi.gcp.compute.inputs.RegionSecurityPolicyUserDefinedFieldArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var region_sec_policy_user_defined_fields = new RegionSecurityPolicy("region-sec-policy-user-defined-fields", RegionSecurityPolicyArgs.builder()
.description("with user defined fields")
.type("CLOUD_ARMOR_NETWORK")
.userDefinedFields(
RegionSecurityPolicyUserDefinedFieldArgs.builder()
.name("SIG1_AT_0")
.base("UDP")
.offset(8)
.size(2)
.mask("0x8F00")
.build(),
RegionSecurityPolicyUserDefinedFieldArgs.builder()
.name("SIG2_AT_8")
.base("UDP")
.offset(16)
.size(4)
.mask("0xFFFFFFFF")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
```
## Import
RegionSecurityPolicy can be imported using any of these accepted formats* `projects/{{project}}/regions/{{region}}/securityPolicies/{{name}}` * `{{project}}/{{region}}/{{name}}` * `{{region}}/{{name}}` * `{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import RegionSecurityPolicy using one of the formats above.
|
| RegionSecurityPolicyArgs |
|
| RegionSecurityPolicyArgs.Builder |
|
| RegionSecurityPolicyRule |
## Example Usage
### Region Security Policy Rule Basic
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionSecurityPolicy;
import com.pulumi.gcp.compute.RegionSecurityPolicyArgs;
import com.pulumi.gcp.compute.RegionSecurityPolicyRule;
import com.pulumi.gcp.compute.RegionSecurityPolicyRuleArgs;
import com.pulumi.gcp.compute.inputs.RegionSecurityPolicyRuleMatchArgs;
import com.pulumi.gcp.compute.inputs.RegionSecurityPolicyRuleMatchConfigArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new RegionSecurityPolicy("default", RegionSecurityPolicyArgs.builder()
.region("us-west2")
.description("basic region security policy")
.type("CLOUD_ARMOR")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var policyRule = new RegionSecurityPolicyRule("policyRule", RegionSecurityPolicyRuleArgs.builder()
.region("us-west2")
.securityPolicy(default_.name())
.description("new rule")
.priority(100)
.match(RegionSecurityPolicyRuleMatchArgs.builder()
.versionedExpr("SRC_IPS_V1")
.config(RegionSecurityPolicyRuleMatchConfigArgs.builder()
.srcIpRanges("10.10.0.0/16")
.build())
.build())
.action("allow")
.preview(true)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
```
### Region Security Policy Rule Multiple Rules
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionSecurityPolicy;
import com.pulumi.gcp.compute.RegionSecurityPolicyArgs;
import com.pulumi.gcp.compute.RegionSecurityPolicyRule;
import com.pulumi.gcp.compute.RegionSecurityPolicyRuleArgs;
import com.pulumi.gcp.compute.inputs.RegionSecurityPolicyRuleMatchArgs;
import com.pulumi.gcp.compute.inputs.RegionSecurityPolicyRuleMatchConfigArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new RegionSecurityPolicy("default", RegionSecurityPolicyArgs.builder()
.region("us-west2")
.description("basic region security policy")
.type("CLOUD_ARMOR")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var policyRuleOne = new RegionSecurityPolicyRule("policyRuleOne", RegionSecurityPolicyRuleArgs.builder()
.region("us-west2")
.securityPolicy(default_.name())
.description("new rule one")
.priority(100)
.match(RegionSecurityPolicyRuleMatchArgs.builder()
.versionedExpr("SRC_IPS_V1")
.config(RegionSecurityPolicyRuleMatchConfigArgs.builder()
.srcIpRanges("10.10.0.0/16")
.build())
.build())
.action("allow")
.preview(true)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var policyRuleTwo = new RegionSecurityPolicyRule("policyRuleTwo", RegionSecurityPolicyRuleArgs.builder()
.region("us-west2")
.securityPolicy(default_.name())
.description("new rule two")
.priority(101)
.match(RegionSecurityPolicyRuleMatchArgs.builder()
.versionedExpr("SRC_IPS_V1")
.config(RegionSecurityPolicyRuleMatchConfigArgs.builder()
.srcIpRanges(
"192.168.0.0/16",
"10.0.0.0/8")
.build())
.build())
.action("allow")
.preview(true)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
```
### Region Security Policy Rule With Network Match
```java
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionSecurityPolicy;
import com.pulumi.gcp.compute.RegionSecurityPolicyArgs;
import com.pulumi.gcp.compute.inputs.RegionSecurityPolicyDdosProtectionConfigArgs;
import com.pulumi.gcp.compute.NetworkEdgeSecurityService;
import com.pulumi.gcp.compute.NetworkEdgeSecurityServiceArgs;
import com.pulumi.gcp.compute.inputs.RegionSecurityPolicyUserDefinedFieldArgs;
import com.pulumi.gcp.compute.RegionSecurityPolicyRule;
import com.pulumi.gcp.compute.RegionSecurityPolicyRuleArgs;
import com.pulumi.gcp.compute.inputs.RegionSecurityPolicyRuleNetworkMatchArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var policyddosprotection = new RegionSecurityPolicy("policyddosprotection", RegionSecurityPolicyArgs.builder()
.region("us-west2")
.description("policy for activating network DDoS protection for the desired region")
.type("CLOUD_ARMOR_NETWORK")
.ddosProtectionConfig(RegionSecurityPolicyDdosProtectionConfigArgs.builder()
.ddosProtection("ADVANCED_PREVIEW")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var edgeSecService = new NetworkEdgeSecurityService("edgeSecService", NetworkEdgeSecurityServiceArgs.builder()
.region("us-west2")
.description("linking policy to edge security service")
.securityPolicy(policyddosprotection.selfLink())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var policynetworkmatch = new RegionSecurityPolicy("policynetworkmatch", RegionSecurityPolicyArgs.builder()
.region("us-west2")
.description("region security policy for network match")
.type("CLOUD_ARMOR_NETWORK")
.userDefinedFields(RegionSecurityPolicyUserDefinedFieldArgs.builder()
.name("SIG1_AT_0")
.base("TCP")
.offset(8)
.size(2)
.mask("0x8F00")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(edgeSecService)
.build());
var policyRuleNetworkMatch = new RegionSecurityPolicyRule("policyRuleNetworkMatch", RegionSecurityPolicyRuleArgs.builder()
.region("us-west2")
.securityPolicy(policynetworkmatch.name())
.description("custom rule for network match")
.priority(100)
.networkMatch(RegionSecurityPolicyRuleNetworkMatchArgs.builder()
.srcIpRanges("10.10.0.0/16")
.userDefinedFields(RegionSecurityPolicyRuleNetworkMatchUserDefinedFieldArgs.builder()
.name("SIG1_AT_0")
.values("0x8F00")
.build())
.build())
.action("allow")
.preview(true)
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
```
## Import
RegionSecurityPolicyRule can be imported using any of these accepted formats* `projects/{{project}}/regions/{{region}}/securityPolicies/{{security_policy}}/priority/{{priority}}` * `{{project}}/{{region}}/{{security_policy}}/{{priority}}` * `{{region}}/{{security_policy}}/{{priority}}` * `{{security_policy}}/{{priority}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import RegionSecurityPolicyRule using one of the formats above.
|
| RegionSecurityPolicyRuleArgs |
|
| RegionSecurityPolicyRuleArgs.Builder |
|
| RegionSslCertificate |
A RegionSslCertificate resource, used for HTTPS load balancing.
|
| RegionSslCertificateArgs |
|
| RegionSslCertificateArgs.Builder |
|
| RegionSslPolicy |
Represents a Regional SSL policy.
|
| RegionSslPolicyArgs |
|
| RegionSslPolicyArgs.Builder |
|
| RegionTargetHttpProxy |
Represents a RegionTargetHttpProxy resource, which is used by one or more
forwarding rules to route incoming HTTP requests to a URL map.
|
| RegionTargetHttpProxyArgs |
|
| RegionTargetHttpProxyArgs.Builder |
|
| RegionTargetHttpsProxy |
Represents a RegionTargetHttpsProxy resource, which is used by one or more
forwarding rules to route incoming HTTPS requests to a URL map.
|
| RegionTargetHttpsProxyArgs |
|
| RegionTargetHttpsProxyArgs.Builder |
|
| RegionTargetTcpProxy |
Represents a RegionTargetTcpProxy resource, which is used by one or more
forwarding rules to route incoming TCP requests to a regional TCP proxy load
balancer.
|
| RegionTargetTcpProxyArgs |
|
| RegionTargetTcpProxyArgs.Builder |
|
| RegionUrlMap |
UrlMaps are used to route requests to a backend service based on rules
that you define for the host and path of an incoming URL.
|
| RegionUrlMapArgs |
|
| RegionUrlMapArgs.Builder |
|
| Reservation |
Represents a reservation resource.
|
| ReservationArgs |
|
| ReservationArgs.Builder |
|
| ResourcePolicy |
A policy that can be attached to a resource to specify or schedule actions on that resource.
|
| ResourcePolicyArgs |
|
| ResourcePolicyArgs.Builder |
|
| Route |
Represents a Route resource.
|
| RouteArgs |
|
| RouteArgs.Builder |
|
| Router |
Represents a Router resource.
|
| RouterArgs |
|
| RouterArgs.Builder |
|
| RouterInterface |
Manages a Cloud Router interface.
|
| RouterInterfaceArgs |
|
| RouterInterfaceArgs.Builder |
|
| RouterNat |
A NAT service created in a router.
|
| RouterNatArgs |
|
| RouterNatArgs.Builder |
|
| RouterPeer |
BGP information that must be configured into the routing stack to
establish BGP peering.
|
| RouterPeerArgs |
|
| RouterPeerArgs.Builder |
|
| SecurityPolicy |
A Security Policy defines an IP blacklist or whitelist that protects load balanced Google Cloud services by denying or permitting traffic from specified IP ranges.
|
| SecurityPolicyArgs |
|
| SecurityPolicyArgs.Builder |
|
| SecurityScanConfig |
A ScanConfig resource contains the configurations to launch a scan.
|
| SecurityScanConfigArgs |
|
| SecurityScanConfigArgs.Builder |
|
| ServiceAttachment |
Represents a ServiceAttachment resource.
|
| ServiceAttachmentArgs |
|
| ServiceAttachmentArgs.Builder |
|
| SharedVPCHostProject |
Enables the Google Compute Engine
[Shared VPC](https://cloud.google.com/compute/docs/shared-vpc)
feature for a project, assigning it as a Shared VPC host project.
|
| SharedVPCHostProjectArgs |
|
| SharedVPCHostProjectArgs.Builder |
|
| SharedVPCServiceProject |
Enables the Google Compute Engine
[Shared VPC](https://cloud.google.com/compute/docs/shared-vpc)
feature for a project, assigning it as a Shared VPC service project associated
with a given host project.
|
| SharedVPCServiceProjectArgs |
|
| SharedVPCServiceProjectArgs.Builder |
|
| Snapshot |
Represents a Persistent Disk Snapshot resource.
|
| SnapshotArgs |
|
| SnapshotArgs.Builder |
|
| SnapshotIamBinding |
Three different resources help you manage your IAM policy for Compute Engine Snapshot.
|
| SnapshotIamBindingArgs |
|
| SnapshotIamBindingArgs.Builder |
|
| SnapshotIamMember |
Three different resources help you manage your IAM policy for Compute Engine Snapshot.
|
| SnapshotIamMemberArgs |
|
| SnapshotIamMemberArgs.Builder |
|
| SnapshotIamPolicy |
Three different resources help you manage your IAM policy for Compute Engine Snapshot.
|
| SnapshotIamPolicyArgs |
|
| SnapshotIamPolicyArgs.Builder |
|
| SSLCertificate |
An SslCertificate resource, used for HTTPS load balancing.
|
| SSLCertificateArgs |
|
| SSLCertificateArgs.Builder |
|
| SSLPolicy |
Represents a SSL policy.
|
| SSLPolicyArgs |
|
| SSLPolicyArgs.Builder |
|
| Subnetwork |
A VPC network is a virtual version of the traditional physical networks
that exist within and between physical data centers.
|
| SubnetworkArgs |
|
| SubnetworkArgs.Builder |
|
| SubnetworkIAMBinding |
Three different resources help you manage your IAM policy for Compute Engine Subnetwork.
|
| SubnetworkIAMBindingArgs |
|
| SubnetworkIAMBindingArgs.Builder |
|
| SubnetworkIAMMember |
Three different resources help you manage your IAM policy for Compute Engine Subnetwork.
|
| SubnetworkIAMMemberArgs |
|
| SubnetworkIAMMemberArgs.Builder |
|
| SubnetworkIAMPolicy |
Three different resources help you manage your IAM policy for Compute Engine Subnetwork.
|
| SubnetworkIAMPolicyArgs |
|
| SubnetworkIAMPolicyArgs.Builder |
|
| TargetGrpcProxy |
Represents a Target gRPC Proxy resource.
|
| TargetGrpcProxyArgs |
|
| TargetGrpcProxyArgs.Builder |
|
| TargetHttpProxy |
Represents a TargetHttpProxy resource, which is used by one or more global
forwarding rule to route incoming HTTP requests to a URL map.
|
| TargetHttpProxyArgs |
|
| TargetHttpProxyArgs.Builder |
|
| TargetHttpsProxy |
Represents a TargetHttpsProxy resource, which is used by one or more
global forwarding rule to route incoming HTTPS requests to a URL map.
|
| TargetHttpsProxyArgs |
|
| TargetHttpsProxyArgs.Builder |
|
| TargetInstance |
Represents a TargetInstance resource which defines an endpoint instance
that terminates traffic of certain protocols.
|
| TargetInstanceArgs |
|
| TargetInstanceArgs.Builder |
|
| TargetPool |
Manages a Target Pool within GCE.
|
| TargetPoolArgs |
|
| TargetPoolArgs.Builder |
|
| TargetSSLProxy |
Represents a TargetSslProxy resource, which is used by one or more
global forwarding rule to route incoming SSL requests to a backend
service.
|
| TargetSSLProxyArgs |
|
| TargetSSLProxyArgs.Builder |
|
| TargetTCPProxy |
Represents a TargetTcpProxy resource, which is used by one or more
global forwarding rule to route incoming TCP requests to a Backend
service.
|
| TargetTCPProxyArgs |
|
| TargetTCPProxyArgs.Builder |
|
| URLMap |
UrlMaps are used to route requests to a backend service based on rules
that you define for the host and path of an incoming URL.
|
| URLMapArgs |
|
| URLMapArgs.Builder |
|
| VPNGateway |
Represents a VPN gateway running in GCP.
|
| VPNGatewayArgs |
|
| VPNGatewayArgs.Builder |
|
| VPNTunnel |
VPN tunnel resource.
|
| VPNTunnelArgs |
|
| VPNTunnelArgs.Builder |
|