gcp.networksecurity.GatewaySecurityPolicy

Explore with Pulumi AI

Import

GatewaySecurityPolicy can be imported using any of these accepted formats

 $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{name}}
 $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{project}}/{{location}}/{{name}}
 $ pulumi import gcp:networksecurity/gatewaySecurityPolicy:GatewaySecurityPolicy default {{location}}/{{name}}

Example Usage

Network Security Gateway Security Policy Basic

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var @default = new Gcp.NetworkSecurity.GatewaySecurityPolicy("default", new()
    {
        Location = "us-central1",
        Description = "my description",
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

});
package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/networksecurity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewGatewaySecurityPolicy(ctx, "default", &networksecurity.GatewaySecurityPolicyArgs{
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("my description"),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicy;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var default_ = new GatewaySecurityPolicy("default", GatewaySecurityPolicyArgs.builder()        
            .location("us-central1")
            .description("my description")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

    }
}
import pulumi
import pulumi_gcp as gcp

default = gcp.networksecurity.GatewaySecurityPolicy("default",
    location="us-central1",
    description="my description",
    opts=pulumi.ResourceOptions(provider=google_beta))
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const _default = new gcp.networksecurity.GatewaySecurityPolicy("default", {
    location: "us-central1",
    description: "my description",
}, {
    provider: google_beta,
});
resources:
  default:
    type: gcp:networksecurity:GatewaySecurityPolicy
    properties:
      location: us-central1
      description: my description
    options:
      provider: ${["google-beta"]}

Network Security Gateway Security Policy Tls Inspection Basic

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var defaultCaPool = new Gcp.CertificateAuthority.CaPool("defaultCaPool", new()
    {
        Location = "us-central1",
        Tier = "DEVOPS",
        PublishingOptions = new Gcp.CertificateAuthority.Inputs.CaPoolPublishingOptionsArgs
        {
            PublishCaCert = false,
            PublishCrl = false,
        },
        IssuancePolicy = new Gcp.CertificateAuthority.Inputs.CaPoolIssuancePolicyArgs
        {
            MaximumLifetime = "1209600s",
            BaselineValues = new Gcp.CertificateAuthority.Inputs.CaPoolIssuancePolicyBaselineValuesArgs
            {
                CaOptions = new Gcp.CertificateAuthority.Inputs.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs
                {
                    IsCa = false,
                },
                KeyUsage = new Gcp.CertificateAuthority.Inputs.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs
                {
                    BaseKeyUsage = null,
                    ExtendedKeyUsage = new Gcp.CertificateAuthority.Inputs.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs
                    {
                        ServerAuth = true,
                    },
                },
            },
        },
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

    var defaultAuthority = new Gcp.CertificateAuthority.Authority("defaultAuthority", new()
    {
        Pool = defaultCaPool.Name,
        CertificateAuthorityId = "my-basic-certificate-authority",
        Location = "us-central1",
        Lifetime = "86400s",
        Type = "SELF_SIGNED",
        DeletionProtection = false,
        SkipGracePeriod = true,
        IgnoreActiveCertificatesOnDeletion = true,
        Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigArgs
        {
            SubjectConfig = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigArgs
            {
                Subject = new Gcp.CertificateAuthority.Inputs.AuthorityConfigSubjectConfigSubjectArgs
                {
                    Organization = "Test LLC",
                    CommonName = "my-ca",
                },
            },
            X509Config = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigArgs
            {
                CaOptions = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigCaOptionsArgs
                {
                    IsCa = true,
                },
                KeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageArgs
                {
                    BaseKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs
                    {
                        CertSign = true,
                        CrlSign = true,
                    },
                    ExtendedKeyUsage = new Gcp.CertificateAuthority.Inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs
                    {
                        ServerAuth = false,
                    },
                },
            },
        },
        KeySpec = new Gcp.CertificateAuthority.Inputs.AuthorityKeySpecArgs
        {
            Algorithm = "RSA_PKCS1_4096_SHA256",
        },
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

    var defaultTlsInspectionPolicy = new Gcp.NetworkSecurity.TlsInspectionPolicy("defaultTlsInspectionPolicy", new()
    {
        Location = "us-central1",
        CaPool = defaultCaPool.Id,
    }, new CustomResourceOptions
    {
        Provider = google_beta,
        DependsOn = new[]
        {
            defaultCaPool,
            defaultAuthority,
        },
    });

    var defaultGatewaySecurityPolicy = new Gcp.NetworkSecurity.GatewaySecurityPolicy("defaultGatewaySecurityPolicy", new()
    {
        Location = "us-central1",
        Description = "my description",
        TlsInspectionPolicy = defaultTlsInspectionPolicy.Id,
    }, new CustomResourceOptions
    {
        Provider = google_beta,
        DependsOn = new[]
        {
            defaultTlsInspectionPolicy,
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/certificateauthority"
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/networksecurity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		defaultCaPool, err := certificateauthority.NewCaPool(ctx, "defaultCaPool", &certificateauthority.CaPoolArgs{
			Location: pulumi.String("us-central1"),
			Tier:     pulumi.String("DEVOPS"),
			PublishingOptions: &certificateauthority.CaPoolPublishingOptionsArgs{
				PublishCaCert: pulumi.Bool(false),
				PublishCrl:    pulumi.Bool(false),
			},
			IssuancePolicy: &certificateauthority.CaPoolIssuancePolicyArgs{
				MaximumLifetime: pulumi.String("1209600s"),
				BaselineValues: &certificateauthority.CaPoolIssuancePolicyBaselineValuesArgs{
					CaOptions: &certificateauthority.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs{
						IsCa: pulumi.Bool(false),
					},
					KeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs{
						BaseKeyUsage: nil,
						ExtendedKeyUsage: &certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(true),
						},
					},
				},
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		defaultAuthority, err := certificateauthority.NewAuthority(ctx, "defaultAuthority", &certificateauthority.AuthorityArgs{
			Pool:                               defaultCaPool.Name,
			CertificateAuthorityId:             pulumi.String("my-basic-certificate-authority"),
			Location:                           pulumi.String("us-central1"),
			Lifetime:                           pulumi.String("86400s"),
			Type:                               pulumi.String("SELF_SIGNED"),
			DeletionProtection:                 pulumi.Bool(false),
			SkipGracePeriod:                    pulumi.Bool(true),
			IgnoreActiveCertificatesOnDeletion: pulumi.Bool(true),
			Config: &certificateauthority.AuthorityConfigArgs{
				SubjectConfig: &certificateauthority.AuthorityConfigSubjectConfigArgs{
					Subject: &certificateauthority.AuthorityConfigSubjectConfigSubjectArgs{
						Organization: pulumi.String("Test LLC"),
						CommonName:   pulumi.String("my-ca"),
					},
				},
				X509Config: &certificateauthority.AuthorityConfigX509ConfigArgs{
					CaOptions: &certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs{
						IsCa: pulumi.Bool(true),
					},
					KeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs{
						BaseKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs{
							CertSign: pulumi.Bool(true),
							CrlSign:  pulumi.Bool(true),
						},
						ExtendedKeyUsage: &certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs{
							ServerAuth: pulumi.Bool(false),
						},
					},
				},
			},
			KeySpec: &certificateauthority.AuthorityKeySpecArgs{
				Algorithm: pulumi.String("RSA_PKCS1_4096_SHA256"),
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		defaultTlsInspectionPolicy, err := networksecurity.NewTlsInspectionPolicy(ctx, "defaultTlsInspectionPolicy", &networksecurity.TlsInspectionPolicyArgs{
			Location: pulumi.String("us-central1"),
			CaPool:   defaultCaPool.ID(),
		}, pulumi.Provider(google_beta), pulumi.DependsOn([]pulumi.Resource{
			defaultCaPool,
			defaultAuthority,
		}))
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicy(ctx, "defaultGatewaySecurityPolicy", &networksecurity.GatewaySecurityPolicyArgs{
			Location:            pulumi.String("us-central1"),
			Description:         pulumi.String("my description"),
			TlsInspectionPolicy: defaultTlsInspectionPolicy.ID(),
		}, pulumi.Provider(google_beta), pulumi.DependsOn([]pulumi.Resource{
			defaultTlsInspectionPolicy,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.certificateauthority.CaPool;
import com.pulumi.gcp.certificateauthority.CaPoolArgs;
import com.pulumi.gcp.certificateauthority.inputs.CaPoolPublishingOptionsArgs;
import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyArgs;
import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyBaselineValuesArgs;
import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs;
import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs;
import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyBaselineValuesKeyUsageBaseKeyUsageArgs;
import com.pulumi.gcp.certificateauthority.inputs.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs;
import com.pulumi.gcp.certificateauthority.Authority;
import com.pulumi.gcp.certificateauthority.AuthorityArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigSubjectConfigSubjectArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigCaOptionsArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs;
import com.pulumi.gcp.certificateauthority.inputs.AuthorityKeySpecArgs;
import com.pulumi.gcp.networksecurity.TlsInspectionPolicy;
import com.pulumi.gcp.networksecurity.TlsInspectionPolicyArgs;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicy;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var defaultCaPool = new CaPool("defaultCaPool", CaPoolArgs.builder()        
            .location("us-central1")
            .tier("DEVOPS")
            .publishingOptions(CaPoolPublishingOptionsArgs.builder()
                .publishCaCert(false)
                .publishCrl(false)
                .build())
            .issuancePolicy(CaPoolIssuancePolicyArgs.builder()
                .maximumLifetime("1209600s")
                .baselineValues(CaPoolIssuancePolicyBaselineValuesArgs.builder()
                    .caOptions(CaPoolIssuancePolicyBaselineValuesCaOptionsArgs.builder()
                        .isCa(false)
                        .build())
                    .keyUsage(CaPoolIssuancePolicyBaselineValuesKeyUsageArgs.builder()
                        .baseKeyUsage()
                        .extendedKeyUsage(CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs.builder()
                            .serverAuth(true)
                            .build())
                        .build())
                    .build())
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

        var defaultAuthority = new Authority("defaultAuthority", AuthorityArgs.builder()        
            .pool(defaultCaPool.name())
            .certificateAuthorityId("my-basic-certificate-authority")
            .location("us-central1")
            .lifetime("86400s")
            .type("SELF_SIGNED")
            .deletionProtection(false)
            .skipGracePeriod(true)
            .ignoreActiveCertificatesOnDeletion(true)
            .config(AuthorityConfigArgs.builder()
                .subjectConfig(AuthorityConfigSubjectConfigArgs.builder()
                    .subject(AuthorityConfigSubjectConfigSubjectArgs.builder()
                        .organization("Test LLC")
                        .commonName("my-ca")
                        .build())
                    .build())
                .x509Config(AuthorityConfigX509ConfigArgs.builder()
                    .caOptions(AuthorityConfigX509ConfigCaOptionsArgs.builder()
                        .isCa(true)
                        .build())
                    .keyUsage(AuthorityConfigX509ConfigKeyUsageArgs.builder()
                        .baseKeyUsage(AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs.builder()
                            .certSign(true)
                            .crlSign(true)
                            .build())
                        .extendedKeyUsage(AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs.builder()
                            .serverAuth(false)
                            .build())
                        .build())
                    .build())
                .build())
            .keySpec(AuthorityKeySpecArgs.builder()
                .algorithm("RSA_PKCS1_4096_SHA256")
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

        var defaultTlsInspectionPolicy = new TlsInspectionPolicy("defaultTlsInspectionPolicy", TlsInspectionPolicyArgs.builder()        
            .location("us-central1")
            .caPool(defaultCaPool.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(                
                    defaultCaPool,
                    defaultAuthority)
                .build());

        var defaultGatewaySecurityPolicy = new GatewaySecurityPolicy("defaultGatewaySecurityPolicy", GatewaySecurityPolicyArgs.builder()        
            .location("us-central1")
            .description("my description")
            .tlsInspectionPolicy(defaultTlsInspectionPolicy.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(defaultTlsInspectionPolicy)
                .build());

    }
}
import pulumi
import pulumi_gcp as gcp

default_ca_pool = gcp.certificateauthority.CaPool("defaultCaPool",
    location="us-central1",
    tier="DEVOPS",
    publishing_options=gcp.certificateauthority.CaPoolPublishingOptionsArgs(
        publish_ca_cert=False,
        publish_crl=False,
    ),
    issuance_policy=gcp.certificateauthority.CaPoolIssuancePolicyArgs(
        maximum_lifetime="1209600s",
        baseline_values=gcp.certificateauthority.CaPoolIssuancePolicyBaselineValuesArgs(
            ca_options=gcp.certificateauthority.CaPoolIssuancePolicyBaselineValuesCaOptionsArgs(
                is_ca=False,
            ),
            key_usage=gcp.certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageArgs(
                base_key_usage=gcp.certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageBaseKeyUsageArgs(),
                extended_key_usage=gcp.certificateauthority.CaPoolIssuancePolicyBaselineValuesKeyUsageExtendedKeyUsageArgs(
                    server_auth=True,
                ),
            ),
        ),
    ),
    opts=pulumi.ResourceOptions(provider=google_beta))
default_authority = gcp.certificateauthority.Authority("defaultAuthority",
    pool=default_ca_pool.name,
    certificate_authority_id="my-basic-certificate-authority",
    location="us-central1",
    lifetime="86400s",
    type="SELF_SIGNED",
    deletion_protection=False,
    skip_grace_period=True,
    ignore_active_certificates_on_deletion=True,
    config=gcp.certificateauthority.AuthorityConfigArgs(
        subject_config=gcp.certificateauthority.AuthorityConfigSubjectConfigArgs(
            subject=gcp.certificateauthority.AuthorityConfigSubjectConfigSubjectArgs(
                organization="Test LLC",
                common_name="my-ca",
            ),
        ),
        x509_config=gcp.certificateauthority.AuthorityConfigX509ConfigArgs(
            ca_options=gcp.certificateauthority.AuthorityConfigX509ConfigCaOptionsArgs(
                is_ca=True,
            ),
            key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageArgs(
                base_key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageBaseKeyUsageArgs(
                    cert_sign=True,
                    crl_sign=True,
                ),
                extended_key_usage=gcp.certificateauthority.AuthorityConfigX509ConfigKeyUsageExtendedKeyUsageArgs(
                    server_auth=False,
                ),
            ),
        ),
    ),
    key_spec=gcp.certificateauthority.AuthorityKeySpecArgs(
        algorithm="RSA_PKCS1_4096_SHA256",
    ),
    opts=pulumi.ResourceOptions(provider=google_beta))
default_tls_inspection_policy = gcp.networksecurity.TlsInspectionPolicy("defaultTlsInspectionPolicy",
    location="us-central1",
    ca_pool=default_ca_pool.id,
    opts=pulumi.ResourceOptions(provider=google_beta,
        depends_on=[
            default_ca_pool,
            default_authority,
        ]))
default_gateway_security_policy = gcp.networksecurity.GatewaySecurityPolicy("defaultGatewaySecurityPolicy",
    location="us-central1",
    description="my description",
    tls_inspection_policy=default_tls_inspection_policy.id,
    opts=pulumi.ResourceOptions(provider=google_beta,
        depends_on=[default_tls_inspection_policy]))
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultCaPool = new gcp.certificateauthority.CaPool("defaultCaPool", {
    location: "us-central1",
    tier: "DEVOPS",
    publishingOptions: {
        publishCaCert: false,
        publishCrl: false,
    },
    issuancePolicy: {
        maximumLifetime: "1209600s",
        baselineValues: {
            caOptions: {
                isCa: false,
            },
            keyUsage: {
                baseKeyUsage: {},
                extendedKeyUsage: {
                    serverAuth: true,
                },
            },
        },
    },
}, {
    provider: google_beta,
});
const defaultAuthority = new gcp.certificateauthority.Authority("defaultAuthority", {
    pool: defaultCaPool.name,
    certificateAuthorityId: "my-basic-certificate-authority",
    location: "us-central1",
    lifetime: "86400s",
    type: "SELF_SIGNED",
    deletionProtection: false,
    skipGracePeriod: true,
    ignoreActiveCertificatesOnDeletion: true,
    config: {
        subjectConfig: {
            subject: {
                organization: "Test LLC",
                commonName: "my-ca",
            },
        },
        x509Config: {
            caOptions: {
                isCa: true,
            },
            keyUsage: {
                baseKeyUsage: {
                    certSign: true,
                    crlSign: true,
                },
                extendedKeyUsage: {
                    serverAuth: false,
                },
            },
        },
    },
    keySpec: {
        algorithm: "RSA_PKCS1_4096_SHA256",
    },
}, {
    provider: google_beta,
});
const defaultTlsInspectionPolicy = new gcp.networksecurity.TlsInspectionPolicy("defaultTlsInspectionPolicy", {
    location: "us-central1",
    caPool: defaultCaPool.id,
}, {
    provider: google_beta,
    dependsOn: [
        defaultCaPool,
        defaultAuthority,
    ],
});
const defaultGatewaySecurityPolicy = new gcp.networksecurity.GatewaySecurityPolicy("defaultGatewaySecurityPolicy", {
    location: "us-central1",
    description: "my description",
    tlsInspectionPolicy: defaultTlsInspectionPolicy.id,
}, {
    provider: google_beta,
    dependsOn: [defaultTlsInspectionPolicy],
});
resources:
  defaultCaPool:
    type: gcp:certificateauthority:CaPool
    properties:
      location: us-central1
      tier: DEVOPS
      publishingOptions:
        publishCaCert: false
        publishCrl: false
      issuancePolicy:
        maximumLifetime: 1209600s
        baselineValues:
          caOptions:
            isCa: false
          keyUsage:
            baseKeyUsage: {}
            extendedKeyUsage:
              serverAuth: true
    options:
      provider: ${["google-beta"]}
  defaultAuthority:
    type: gcp:certificateauthority:Authority
    properties:
      pool: ${defaultCaPool.name}
      certificateAuthorityId: my-basic-certificate-authority
      location: us-central1
      lifetime: 86400s
      type: SELF_SIGNED
      deletionProtection: false
      skipGracePeriod: true
      ignoreActiveCertificatesOnDeletion: true
      config:
        subjectConfig:
          subject:
            organization: Test LLC
            commonName: my-ca
        x509Config:
          caOptions:
            isCa: true
          keyUsage:
            baseKeyUsage:
              certSign: true
              crlSign: true
            extendedKeyUsage:
              serverAuth: false
      keySpec:
        algorithm: RSA_PKCS1_4096_SHA256
    options:
      provider: ${["google-beta"]}
  defaultTlsInspectionPolicy:
    type: gcp:networksecurity:TlsInspectionPolicy
    properties:
      location: us-central1
      caPool: ${defaultCaPool.id}
    options:
      provider: ${["google-beta"]}
      dependson:
        - ${defaultCaPool}
        - ${defaultAuthority}
  defaultGatewaySecurityPolicy:
    type: gcp:networksecurity:GatewaySecurityPolicy
    properties:
      location: us-central1
      description: my description
      tlsInspectionPolicy: ${defaultTlsInspectionPolicy.id}
    options:
      provider: ${["google-beta"]}
      dependson:
        - ${defaultTlsInspectionPolicy}

Create GatewaySecurityPolicy Resource

new GatewaySecurityPolicy(name: string, args?: GatewaySecurityPolicyArgs, opts?: CustomResourceOptions);
@overload
def GatewaySecurityPolicy(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          description: Optional[str] = None,
                          location: Optional[str] = None,
                          name: Optional[str] = None,
                          project: Optional[str] = None,
                          tls_inspection_policy: Optional[str] = None)
@overload
def GatewaySecurityPolicy(resource_name: str,
                          args: Optional[GatewaySecurityPolicyArgs] = None,
                          opts: Optional[ResourceOptions] = None)
func NewGatewaySecurityPolicy(ctx *Context, name string, args *GatewaySecurityPolicyArgs, opts ...ResourceOption) (*GatewaySecurityPolicy, error)
public GatewaySecurityPolicy(string name, GatewaySecurityPolicyArgs? args = null, CustomResourceOptions? opts = null)
public GatewaySecurityPolicy(String name, GatewaySecurityPolicyArgs args)
public GatewaySecurityPolicy(String name, GatewaySecurityPolicyArgs args, CustomResourceOptions options)
type: gcp:networksecurity:GatewaySecurityPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args GatewaySecurityPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args GatewaySecurityPolicyArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args GatewaySecurityPolicyArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args GatewaySecurityPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args GatewaySecurityPolicyArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

GatewaySecurityPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The GatewaySecurityPolicy resource accepts the following input properties:

Description string

A free-text description of the resource. Max length 1024 characters.

Location string

The location of the gateway security policy. The default value is global.

Name string

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

TlsInspectionPolicy string

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

Description string

A free-text description of the resource. Max length 1024 characters.

Location string

The location of the gateway security policy. The default value is global.

Name string

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

TlsInspectionPolicy string

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

description String

A free-text description of the resource. Max length 1024 characters.

location String

The location of the gateway security policy. The default value is global.

name String

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

tlsInspectionPolicy String

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

description string

A free-text description of the resource. Max length 1024 characters.

location string

The location of the gateway security policy. The default value is global.

name string

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

tlsInspectionPolicy string

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

description str

A free-text description of the resource. Max length 1024 characters.

location str

The location of the gateway security policy. The default value is global.

name str

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


project str

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

tls_inspection_policy str

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

description String

A free-text description of the resource. Max length 1024 characters.

location String

The location of the gateway security policy. The default value is global.

name String

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

tlsInspectionPolicy String

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

Outputs

All input properties are implicitly available as output properties. Additionally, the GatewaySecurityPolicy resource produces the following output properties:

CreateTime string

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

Id string

The provider-assigned unique ID for this managed resource.

SelfLink string

Server-defined URL of this resource.

UpdateTime string

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

CreateTime string

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

Id string

The provider-assigned unique ID for this managed resource.

SelfLink string

Server-defined URL of this resource.

UpdateTime string

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

createTime String

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

id String

The provider-assigned unique ID for this managed resource.

selfLink String

Server-defined URL of this resource.

updateTime String

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

createTime string

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

id string

The provider-assigned unique ID for this managed resource.

selfLink string

Server-defined URL of this resource.

updateTime string

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

create_time str

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

id str

The provider-assigned unique ID for this managed resource.

self_link str

Server-defined URL of this resource.

update_time str

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

createTime String

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

id String

The provider-assigned unique ID for this managed resource.

selfLink String

Server-defined URL of this resource.

updateTime String

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

Look up Existing GatewaySecurityPolicy Resource

Get an existing GatewaySecurityPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: GatewaySecurityPolicyState, opts?: CustomResourceOptions): GatewaySecurityPolicy
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        create_time: Optional[str] = None,
        description: Optional[str] = None,
        location: Optional[str] = None,
        name: Optional[str] = None,
        project: Optional[str] = None,
        self_link: Optional[str] = None,
        tls_inspection_policy: Optional[str] = None,
        update_time: Optional[str] = None) -> GatewaySecurityPolicy
func GetGatewaySecurityPolicy(ctx *Context, name string, id IDInput, state *GatewaySecurityPolicyState, opts ...ResourceOption) (*GatewaySecurityPolicy, error)
public static GatewaySecurityPolicy Get(string name, Input<string> id, GatewaySecurityPolicyState? state, CustomResourceOptions? opts = null)
public static GatewaySecurityPolicy get(String name, Output<String> id, GatewaySecurityPolicyState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
CreateTime string

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

Description string

A free-text description of the resource. Max length 1024 characters.

Location string

The location of the gateway security policy. The default value is global.

Name string

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

SelfLink string

Server-defined URL of this resource.

TlsInspectionPolicy string

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

UpdateTime string

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

CreateTime string

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

Description string

A free-text description of the resource. Max length 1024 characters.

Location string

The location of the gateway security policy. The default value is global.

Name string

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


Project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

SelfLink string

Server-defined URL of this resource.

TlsInspectionPolicy string

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

UpdateTime string

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

createTime String

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

description String

A free-text description of the resource. Max length 1024 characters.

location String

The location of the gateway security policy. The default value is global.

name String

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink String

Server-defined URL of this resource.

tlsInspectionPolicy String

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

updateTime String

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

createTime string

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

description string

A free-text description of the resource. Max length 1024 characters.

location string

The location of the gateway security policy. The default value is global.

name string

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


project string

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink string

Server-defined URL of this resource.

tlsInspectionPolicy string

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

updateTime string

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

create_time str

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

description str

A free-text description of the resource. Max length 1024 characters.

location str

The location of the gateway security policy. The default value is global.

name str

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


project str

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

self_link str

Server-defined URL of this resource.

tls_inspection_policy str

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

update_time str

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

createTime String

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

description String

A free-text description of the resource. Max length 1024 characters.

location String

The location of the gateway security policy. The default value is global.

name String

Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gatewaySecurityPolicy} gatewaySecurityPolicy should match the pattern:(^a-z?$).


project String

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

selfLink String

Server-defined URL of this resource.

tlsInspectionPolicy String

Name of a TlsInspectionPolicy resource that defines how TLS inspection is performed for any rule that enables it.

updateTime String

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

Package Details

Repository
Google Cloud (GCP) Classic pulumi/pulumi-gcp
License
Apache-2.0
Notes

This Pulumi package is based on the google-beta Terraform Provider.