gcp.cloudids.Endpoint
Cloud IDS is an intrusion detection service that provides threat detection for intrusions, malware, spyware, and command-and-control attacks on your network.
To get more information about Endpoint, see:
Example Usage
Cloudids Endpoint
using System.Collections.Generic;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.Compute.Network("default");
var serviceRange = new Gcp.Compute.GlobalAddress("serviceRange", new()
{
Purpose = "VPC_PEERING",
AddressType = "INTERNAL",
PrefixLength = 16,
Network = @default.Id,
});
var privateServiceConnection = new Gcp.ServiceNetworking.Connection("privateServiceConnection", new()
{
Network = @default.Id,
Service = "servicenetworking.googleapis.com",
ReservedPeeringRanges = new[]
{
serviceRange.Name,
},
});
var example_endpoint = new Gcp.CloudIds.Endpoint("example-endpoint", new()
{
Location = "us-central1-f",
Network = @default.Id,
Severity = "INFORMATIONAL",
}, new CustomResourceOptions
{
DependsOn = new[]
{
privateServiceConnection,
},
});
});
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/cloudids"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/servicenetworking"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := compute.NewNetwork(ctx, "default", nil)
if err != nil {
return err
}
serviceRange, err := compute.NewGlobalAddress(ctx, "serviceRange", &compute.GlobalAddressArgs{
Purpose: pulumi.String("VPC_PEERING"),
AddressType: pulumi.String("INTERNAL"),
PrefixLength: pulumi.Int(16),
Network: _default.ID(),
})
if err != nil {
return err
}
privateServiceConnection, err := servicenetworking.NewConnection(ctx, "privateServiceConnection", &servicenetworking.ConnectionArgs{
Network: _default.ID(),
Service: pulumi.String("servicenetworking.googleapis.com"),
ReservedPeeringRanges: pulumi.StringArray{
serviceRange.Name,
},
})
if err != nil {
return err
}
_, err = cloudids.NewEndpoint(ctx, "example-endpoint", &cloudids.EndpointArgs{
Location: pulumi.String("us-central1-f"),
Network: _default.ID(),
Severity: pulumi.String("INFORMATIONAL"),
}, pulumi.DependsOn([]pulumi.Resource{
privateServiceConnection,
}))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.GlobalAddress;
import com.pulumi.gcp.compute.GlobalAddressArgs;
import com.pulumi.gcp.servicenetworking.Connection;
import com.pulumi.gcp.servicenetworking.ConnectionArgs;
import com.pulumi.gcp.cloudids.Endpoint;
import com.pulumi.gcp.cloudids.EndpointArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Network("default");
var serviceRange = new GlobalAddress("serviceRange", GlobalAddressArgs.builder()
.purpose("VPC_PEERING")
.addressType("INTERNAL")
.prefixLength(16)
.network(default_.id())
.build());
var privateServiceConnection = new Connection("privateServiceConnection", ConnectionArgs.builder()
.network(default_.id())
.service("servicenetworking.googleapis.com")
.reservedPeeringRanges(serviceRange.name())
.build());
var example_endpoint = new Endpoint("example-endpoint", EndpointArgs.builder()
.location("us-central1-f")
.network(default_.id())
.severity("INFORMATIONAL")
.build(), CustomResourceOptions.builder()
.dependsOn(privateServiceConnection)
.build());
}
}
import pulumi
import pulumi_gcp as gcp
default = gcp.compute.Network("default")
service_range = gcp.compute.GlobalAddress("serviceRange",
purpose="VPC_PEERING",
address_type="INTERNAL",
prefix_length=16,
network=default.id)
private_service_connection = gcp.servicenetworking.Connection("privateServiceConnection",
network=default.id,
service="servicenetworking.googleapis.com",
reserved_peering_ranges=[service_range.name])
example_endpoint = gcp.cloudids.Endpoint("example-endpoint",
location="us-central1-f",
network=default.id,
severity="INFORMATIONAL",
opts=pulumi.ResourceOptions(depends_on=[private_service_connection]))
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.compute.Network("default", {});
const serviceRange = new gcp.compute.GlobalAddress("serviceRange", {
purpose: "VPC_PEERING",
addressType: "INTERNAL",
prefixLength: 16,
network: _default.id,
});
const privateServiceConnection = new gcp.servicenetworking.Connection("privateServiceConnection", {
network: _default.id,
service: "servicenetworking.googleapis.com",
reservedPeeringRanges: [serviceRange.name],
});
const example_endpoint = new gcp.cloudids.Endpoint("example-endpoint", {
location: "us-central1-f",
network: _default.id,
severity: "INFORMATIONAL",
}, {
dependsOn: [privateServiceConnection],
});
resources:
default:
type: gcp:compute:Network
serviceRange:
type: gcp:compute:GlobalAddress
properties:
purpose: VPC_PEERING
addressType: INTERNAL
prefixLength: 16
network: ${default.id}
privateServiceConnection:
type: gcp:servicenetworking:Connection
properties:
network: ${default.id}
service: servicenetworking.googleapis.com
reservedPeeringRanges:
- ${serviceRange.name}
example-endpoint:
type: gcp:cloudids:Endpoint
properties:
location: us-central1-f
network: ${default.id}
severity: INFORMATIONAL
options:
dependson:
- ${privateServiceConnection}
Create Endpoint Resource
new Endpoint(name: string, args: EndpointArgs, opts?: CustomResourceOptions);@overload
def Endpoint(resource_name: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
location: Optional[str] = None,
name: Optional[str] = None,
network: Optional[str] = None,
project: Optional[str] = None,
severity: Optional[str] = None,
threat_exceptions: Optional[Sequence[str]] = None)
@overload
def Endpoint(resource_name: str,
args: EndpointArgs,
opts: Optional[ResourceOptions] = None)func NewEndpoint(ctx *Context, name string, args EndpointArgs, opts ...ResourceOption) (*Endpoint, error)public Endpoint(string name, EndpointArgs args, CustomResourceOptions? opts = null)
public Endpoint(String name, EndpointArgs args)
public Endpoint(String name, EndpointArgs args, CustomResourceOptions options)
type: gcp:cloudids:Endpoint
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args EndpointArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args EndpointArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args EndpointArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args EndpointArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args EndpointArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Endpoint Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Endpoint resource accepts the following input properties:
- Location string
The location for the endpoint.
- Network string
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- Severity string
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- Description string
An optional description of the endpoint.
- Name string
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- Project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Threat
Exceptions List<string> Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
- Location string
The location for the endpoint.
- Network string
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- Severity string
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- Description string
An optional description of the endpoint.
- Name string
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- Project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Threat
Exceptions []string Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
- location String
The location for the endpoint.
- network String
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- severity String
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- description String
An optional description of the endpoint.
- name String
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- project String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- threat
Exceptions List<String> Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
- location string
The location for the endpoint.
- network string
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- severity string
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- description string
An optional description of the endpoint.
- name string
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- threat
Exceptions string[] Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
- location str
The location for the endpoint.
- network str
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- severity str
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- description str
An optional description of the endpoint.
- name str
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- project str
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- threat_
exceptions Sequence[str] Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
- location String
The location for the endpoint.
- network String
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- severity String
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- description String
An optional description of the endpoint.
- name String
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- project String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- threat
Exceptions List<String> Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
Outputs
All input properties are implicitly available as output properties. Additionally, the Endpoint resource produces the following output properties:
- Create
Time string Creation timestamp in RFC 3339 text format.
- Endpoint
Forwarding stringRule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- Endpoint
Ip string Internal IP address of the endpoint's network entry point.
- Id string
The provider-assigned unique ID for this managed resource.
- Update
Time string Last update timestamp in RFC 3339 text format.
- Create
Time string Creation timestamp in RFC 3339 text format.
- Endpoint
Forwarding stringRule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- Endpoint
Ip string Internal IP address of the endpoint's network entry point.
- Id string
The provider-assigned unique ID for this managed resource.
- Update
Time string Last update timestamp in RFC 3339 text format.
- create
Time String Creation timestamp in RFC 3339 text format.
- endpoint
Forwarding StringRule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- endpoint
Ip String Internal IP address of the endpoint's network entry point.
- id String
The provider-assigned unique ID for this managed resource.
- update
Time String Last update timestamp in RFC 3339 text format.
- create
Time string Creation timestamp in RFC 3339 text format.
- endpoint
Forwarding stringRule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- endpoint
Ip string Internal IP address of the endpoint's network entry point.
- id string
The provider-assigned unique ID for this managed resource.
- update
Time string Last update timestamp in RFC 3339 text format.
- create_
time str Creation timestamp in RFC 3339 text format.
- endpoint_
forwarding_ strrule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- endpoint_
ip str Internal IP address of the endpoint's network entry point.
- id str
The provider-assigned unique ID for this managed resource.
- update_
time str Last update timestamp in RFC 3339 text format.
- create
Time String Creation timestamp in RFC 3339 text format.
- endpoint
Forwarding StringRule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- endpoint
Ip String Internal IP address of the endpoint's network entry point.
- id String
The provider-assigned unique ID for this managed resource.
- update
Time String Last update timestamp in RFC 3339 text format.
Look up Existing Endpoint Resource
Get an existing Endpoint resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: EndpointState, opts?: CustomResourceOptions): Endpoint@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
create_time: Optional[str] = None,
description: Optional[str] = None,
endpoint_forwarding_rule: Optional[str] = None,
endpoint_ip: Optional[str] = None,
location: Optional[str] = None,
name: Optional[str] = None,
network: Optional[str] = None,
project: Optional[str] = None,
severity: Optional[str] = None,
threat_exceptions: Optional[Sequence[str]] = None,
update_time: Optional[str] = None) -> Endpointfunc GetEndpoint(ctx *Context, name string, id IDInput, state *EndpointState, opts ...ResourceOption) (*Endpoint, error)public static Endpoint Get(string name, Input<string> id, EndpointState? state, CustomResourceOptions? opts = null)public static Endpoint get(String name, Output<String> id, EndpointState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Create
Time string Creation timestamp in RFC 3339 text format.
- Description string
An optional description of the endpoint.
- Endpoint
Forwarding stringRule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- Endpoint
Ip string Internal IP address of the endpoint's network entry point.
- Location string
The location for the endpoint.
- Name string
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- Network string
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- Project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Severity string
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- Threat
Exceptions List<string> Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
- Update
Time string Last update timestamp in RFC 3339 text format.
- Create
Time string Creation timestamp in RFC 3339 text format.
- Description string
An optional description of the endpoint.
- Endpoint
Forwarding stringRule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- Endpoint
Ip string Internal IP address of the endpoint's network entry point.
- Location string
The location for the endpoint.
- Name string
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- Network string
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- Project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Severity string
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- Threat
Exceptions []string Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
- Update
Time string Last update timestamp in RFC 3339 text format.
- create
Time String Creation timestamp in RFC 3339 text format.
- description String
An optional description of the endpoint.
- endpoint
Forwarding StringRule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- endpoint
Ip String Internal IP address of the endpoint's network entry point.
- location String
The location for the endpoint.
- name String
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- network String
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- project String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- severity String
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- threat
Exceptions List<String> Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
- update
Time String Last update timestamp in RFC 3339 text format.
- create
Time string Creation timestamp in RFC 3339 text format.
- description string
An optional description of the endpoint.
- endpoint
Forwarding stringRule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- endpoint
Ip string Internal IP address of the endpoint's network entry point.
- location string
The location for the endpoint.
- name string
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- network string
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- project string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- severity string
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- threat
Exceptions string[] Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
- update
Time string Last update timestamp in RFC 3339 text format.
- create_
time str Creation timestamp in RFC 3339 text format.
- description str
An optional description of the endpoint.
- endpoint_
forwarding_ strrule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- endpoint_
ip str Internal IP address of the endpoint's network entry point.
- location str
The location for the endpoint.
- name str
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- network str
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- project str
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- severity str
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- threat_
exceptions Sequence[str] Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
- update_
time str Last update timestamp in RFC 3339 text format.
- create
Time String Creation timestamp in RFC 3339 text format.
- description String
An optional description of the endpoint.
- endpoint
Forwarding StringRule URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
- endpoint
Ip String Internal IP address of the endpoint's network entry point.
- location String
The location for the endpoint.
- name String
Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
- network String
Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
- project String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- severity String
The minimum alert severity level that is reported by the endpoint. Possible values are
INFORMATIONAL,LOW,MEDIUM,HIGH, andCRITICAL.- threat
Exceptions List<String> Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.
- update
Time String Last update timestamp in RFC 3339 text format.
Import
Endpoint can be imported using any of these accepted formats
$ pulumi import gcp:cloudids/endpoint:Endpoint default projects/{{project}}/locations/{{location}}/endpoints/{{name}}
$ pulumi import gcp:cloudids/endpoint:Endpoint default {{project}}/{{location}}/{{name}}
$ pulumi import gcp:cloudids/endpoint:Endpoint default {{location}}/{{name}}
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
google-betaTerraform Provider.