Google Cloud Classic v6.66.0, Sep 18 23

Google Cloud Classic v6.66.0 published on Monday, Sep 18, 2023 by Pulumi

gcp.networksecurity.GatewaySecurityPolicyRule

Explore with Pulumi AI

Google Cloud Classic v6.66.0 published on Monday, Sep 18, 2023 by Pulumi

pulumi/pulumi-gcp

Example Usage

Network Security Gateway Security Policy Rules Basic

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var defaultGatewaySecurityPolicy = new Gcp.NetworkSecurity.GatewaySecurityPolicy("defaultGatewaySecurityPolicy", new()
    {
        Location = "us-central1",
        Description = "gateway security policy created to be used as reference by the rule.",
    });

    var defaultGatewaySecurityPolicyRule = new Gcp.NetworkSecurity.GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule", new()
    {
        Location = "us-central1",
        GatewaySecurityPolicy = defaultGatewaySecurityPolicy.Name,
        Enabled = true,
        Description = "my description",
        Priority = 0,
        SessionMatcher = "host() == 'example.com'",
        BasicProfile = "ALLOW",
    });

});

package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/networksecurity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		defaultGatewaySecurityPolicy, err := networksecurity.NewGatewaySecurityPolicy(ctx, "defaultGatewaySecurityPolicy", &networksecurity.GatewaySecurityPolicyArgs{
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("gateway security policy created to be used as reference by the rule."),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicyRule(ctx, "defaultGatewaySecurityPolicyRule", &networksecurity.GatewaySecurityPolicyRuleArgs{
			Location:              pulumi.String("us-central1"),
			GatewaySecurityPolicy: defaultGatewaySecurityPolicy.Name,
			Enabled:               pulumi.Bool(true),
			Description:           pulumi.String("my description"),
			Priority:              pulumi.Int(0),
			SessionMatcher:        pulumi.String("host() == 'example.com'"),
			BasicProfile:          pulumi.String("ALLOW"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicy;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyArgs;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRule;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var defaultGatewaySecurityPolicy = new GatewaySecurityPolicy("defaultGatewaySecurityPolicy", GatewaySecurityPolicyArgs.builder()        
            .location("us-central1")
            .description("gateway security policy created to be used as reference by the rule.")
            .build());

        var defaultGatewaySecurityPolicyRule = new GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule", GatewaySecurityPolicyRuleArgs.builder()        
            .location("us-central1")
            .gatewaySecurityPolicy(defaultGatewaySecurityPolicy.name())
            .enabled(true)
            .description("my description")
            .priority(0)
            .sessionMatcher("host() == 'example.com'")
            .basicProfile("ALLOW")
            .build());

    }
}

import pulumi
import pulumi_gcp as gcp

default_gateway_security_policy = gcp.networksecurity.GatewaySecurityPolicy("defaultGatewaySecurityPolicy",
    location="us-central1",
    description="gateway security policy created to be used as reference by the rule.")
default_gateway_security_policy_rule = gcp.networksecurity.GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule",
    location="us-central1",
    gateway_security_policy=default_gateway_security_policy.name,
    enabled=True,
    description="my description",
    priority=0,
    session_matcher="host() == 'example.com'",
    basic_profile="ALLOW")

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultGatewaySecurityPolicy = new gcp.networksecurity.GatewaySecurityPolicy("defaultGatewaySecurityPolicy", {
    location: "us-central1",
    description: "gateway security policy created to be used as reference by the rule.",
});
const defaultGatewaySecurityPolicyRule = new gcp.networksecurity.GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule", {
    location: "us-central1",
    gatewaySecurityPolicy: defaultGatewaySecurityPolicy.name,
    enabled: true,
    description: "my description",
    priority: 0,
    sessionMatcher: "host() == 'example.com'",
    basicProfile: "ALLOW",
});

resources:
  defaultGatewaySecurityPolicy:
    type: gcp:networksecurity:GatewaySecurityPolicy
    properties:
      location: us-central1
      description: gateway security policy created to be used as reference by the rule.
  defaultGatewaySecurityPolicyRule:
    type: gcp:networksecurity:GatewaySecurityPolicyRule
    properties:
      location: us-central1
      gatewaySecurityPolicy: ${defaultGatewaySecurityPolicy.name}
      enabled: true
      description: my description
      priority: 0
      sessionMatcher: host() == 'example.com'
      basicProfile: ALLOW

Network Security Gateway Security Policy Rules Advanced

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var defaultGatewaySecurityPolicy = new Gcp.NetworkSecurity.GatewaySecurityPolicy("defaultGatewaySecurityPolicy", new()
    {
        Location = "us-central1",
        Description = "gateway security policy created to be used as reference by the rule.",
    });

    var defaultGatewaySecurityPolicyRule = new Gcp.NetworkSecurity.GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule", new()
    {
        Location = "us-central1",
        GatewaySecurityPolicy = defaultGatewaySecurityPolicy.Name,
        Enabled = true,
        Description = "my description",
        Priority = 0,
        SessionMatcher = "host() == 'example.com'",
        ApplicationMatcher = "request.method == 'POST'",
        TlsInspectionEnabled = false,
        BasicProfile = "ALLOW",
    });

});

package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/networksecurity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		defaultGatewaySecurityPolicy, err := networksecurity.NewGatewaySecurityPolicy(ctx, "defaultGatewaySecurityPolicy", &networksecurity.GatewaySecurityPolicyArgs{
			Location:    pulumi.String("us-central1"),
			Description: pulumi.String("gateway security policy created to be used as reference by the rule."),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewGatewaySecurityPolicyRule(ctx, "defaultGatewaySecurityPolicyRule", &networksecurity.GatewaySecurityPolicyRuleArgs{
			Location:              pulumi.String("us-central1"),
			GatewaySecurityPolicy: defaultGatewaySecurityPolicy.Name,
			Enabled:               pulumi.Bool(true),
			Description:           pulumi.String("my description"),
			Priority:              pulumi.Int(0),
			SessionMatcher:        pulumi.String("host() == 'example.com'"),
			ApplicationMatcher:    pulumi.String("request.method == 'POST'"),
			TlsInspectionEnabled:  pulumi.Bool(false),
			BasicProfile:          pulumi.String("ALLOW"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicy;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyArgs;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRule;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var defaultGatewaySecurityPolicy = new GatewaySecurityPolicy("defaultGatewaySecurityPolicy", GatewaySecurityPolicyArgs.builder()        
            .location("us-central1")
            .description("gateway security policy created to be used as reference by the rule.")
            .build());

        var defaultGatewaySecurityPolicyRule = new GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule", GatewaySecurityPolicyRuleArgs.builder()        
            .location("us-central1")
            .gatewaySecurityPolicy(defaultGatewaySecurityPolicy.name())
            .enabled(true)
            .description("my description")
            .priority(0)
            .sessionMatcher("host() == 'example.com'")
            .applicationMatcher("request.method == 'POST'")
            .tlsInspectionEnabled(false)
            .basicProfile("ALLOW")
            .build());

    }
}

import pulumi
import pulumi_gcp as gcp

default_gateway_security_policy = gcp.networksecurity.GatewaySecurityPolicy("defaultGatewaySecurityPolicy",
    location="us-central1",
    description="gateway security policy created to be used as reference by the rule.")
default_gateway_security_policy_rule = gcp.networksecurity.GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule",
    location="us-central1",
    gateway_security_policy=default_gateway_security_policy.name,
    enabled=True,
    description="my description",
    priority=0,
    session_matcher="host() == 'example.com'",
    application_matcher="request.method == 'POST'",
    tls_inspection_enabled=False,
    basic_profile="ALLOW")

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const defaultGatewaySecurityPolicy = new gcp.networksecurity.GatewaySecurityPolicy("defaultGatewaySecurityPolicy", {
    location: "us-central1",
    description: "gateway security policy created to be used as reference by the rule.",
});
const defaultGatewaySecurityPolicyRule = new gcp.networksecurity.GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule", {
    location: "us-central1",
    gatewaySecurityPolicy: defaultGatewaySecurityPolicy.name,
    enabled: true,
    description: "my description",
    priority: 0,
    sessionMatcher: "host() == 'example.com'",
    applicationMatcher: "request.method == 'POST'",
    tlsInspectionEnabled: false,
    basicProfile: "ALLOW",
});

resources:
  defaultGatewaySecurityPolicy:
    type: gcp:networksecurity:GatewaySecurityPolicy
    properties:
      location: us-central1
      description: gateway security policy created to be used as reference by the rule.
  defaultGatewaySecurityPolicyRule:
    type: gcp:networksecurity:GatewaySecurityPolicyRule
    properties:
      location: us-central1
      gatewaySecurityPolicy: ${defaultGatewaySecurityPolicy.name}
      enabled: true
      description: my description
      priority: 0
      sessionMatcher: host() == 'example.com'
      applicationMatcher: request.method == 'POST'
      tlsInspectionEnabled: false
      basicProfile: ALLOW

Create GatewaySecurityPolicyRule Resource

new GatewaySecurityPolicyRule(name: string, args: GatewaySecurityPolicyRuleArgs, opts?: CustomResourceOptions);

@overload
def GatewaySecurityPolicyRule(resource_name: str,
                              opts: Optional[ResourceOptions] = None,
                              application_matcher: Optional[str] = None,
                              basic_profile: Optional[str] = None,
                              description: Optional[str] = None,
                              enabled: Optional[bool] = None,
                              gateway_security_policy: Optional[str] = None,
                              location: Optional[str] = None,
                              name: Optional[str] = None,
                              priority: Optional[int] = None,
                              project: Optional[str] = None,
                              session_matcher: Optional[str] = None,
                              tls_inspection_enabled: Optional[bool] = None)
@overload
def GatewaySecurityPolicyRule(resource_name: str,
                              args: GatewaySecurityPolicyRuleArgs,
                              opts: Optional[ResourceOptions] = None)

func NewGatewaySecurityPolicyRule(ctx *Context, name string, args GatewaySecurityPolicyRuleArgs, opts ...ResourceOption) (*GatewaySecurityPolicyRule, error)

public GatewaySecurityPolicyRule(string name, GatewaySecurityPolicyRuleArgs args, CustomResourceOptions? opts = null)

public GatewaySecurityPolicyRule(String name, GatewaySecurityPolicyRuleArgs args)
public GatewaySecurityPolicyRule(String name, GatewaySecurityPolicyRuleArgs args, CustomResourceOptions options)

type: gcp:networksecurity:GatewaySecurityPolicyRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args GatewaySecurityPolicyRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args GatewaySecurityPolicyRuleArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args GatewaySecurityPolicyRuleArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args GatewaySecurityPolicyRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args GatewaySecurityPolicyRuleArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

GatewaySecurityPolicyRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The GatewaySecurityPolicyRule resource accepts the following input properties:

BasicProfile string: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
Enabled bool: Whether the rule is enforced.
GatewaySecurityPolicy string: The name of the gatewat security policy this rule belongs to.
Location string: The location of the gateway security policy.
Priority int: Priority of the rule. Lower number corresponds to higher precedence.
SessionMatcher string: CEL expression for matching on session criteria.
ApplicationMatcher string: CEL expression for matching on L7/application level criteria.
Description string: Free-text description of the resource.
Name string: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
Project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
TlsInspectionEnabled bool: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

BasicProfile string: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
Enabled bool: Whether the rule is enforced.
GatewaySecurityPolicy string: The name of the gatewat security policy this rule belongs to.
Location string: The location of the gateway security policy.
Priority int: Priority of the rule. Lower number corresponds to higher precedence.
SessionMatcher string: CEL expression for matching on session criteria.
ApplicationMatcher string: CEL expression for matching on L7/application level criteria.
Description string: Free-text description of the resource.
Name string: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
Project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
TlsInspectionEnabled bool: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

basicProfile String: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
enabled Boolean: Whether the rule is enforced.
gatewaySecurityPolicy String: The name of the gatewat security policy this rule belongs to.
location String: The location of the gateway security policy.
priority Integer: Priority of the rule. Lower number corresponds to higher precedence.
sessionMatcher String: CEL expression for matching on session criteria.
applicationMatcher String: CEL expression for matching on L7/application level criteria.
description String: Free-text description of the resource.
name String: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
project String: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
tlsInspectionEnabled Boolean: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

basicProfile string: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
enabled boolean: Whether the rule is enforced.
gatewaySecurityPolicy string: The name of the gatewat security policy this rule belongs to.
location string: The location of the gateway security policy.
priority number: Priority of the rule. Lower number corresponds to higher precedence.
sessionMatcher string: CEL expression for matching on session criteria.
applicationMatcher string: CEL expression for matching on L7/application level criteria.
description string: Free-text description of the resource.
name string: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
tlsInspectionEnabled boolean: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

basic_profile str: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
enabled bool: Whether the rule is enforced.
gateway_security_policy str: The name of the gatewat security policy this rule belongs to.
location str: The location of the gateway security policy.
priority int: Priority of the rule. Lower number corresponds to higher precedence.
session_matcher str: CEL expression for matching on session criteria.
application_matcher str: CEL expression for matching on L7/application level criteria.
description str: Free-text description of the resource.
name str: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
project str: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
tls_inspection_enabled bool: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

basicProfile String: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
enabled Boolean: Whether the rule is enforced.
gatewaySecurityPolicy String: The name of the gatewat security policy this rule belongs to.
location String: The location of the gateway security policy.
priority Number: Priority of the rule. Lower number corresponds to higher precedence.
sessionMatcher String: CEL expression for matching on session criteria.
applicationMatcher String: CEL expression for matching on L7/application level criteria.
description String: Free-text description of the resource.
name String: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
project String: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
tlsInspectionEnabled Boolean: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

Outputs

All input properties are implicitly available as output properties. Additionally, the GatewaySecurityPolicyRule resource produces the following output properties:

CreateTime string: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
Id string: The provider-assigned unique ID for this managed resource.
SelfLink string: Server-defined URL of this resource.
UpdateTime string: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

CreateTime string: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
Id string: The provider-assigned unique ID for this managed resource.
SelfLink string: Server-defined URL of this resource.
UpdateTime string: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

createTime String: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
id String: The provider-assigned unique ID for this managed resource.
selfLink String: Server-defined URL of this resource.
updateTime String: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

createTime string: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
id string: The provider-assigned unique ID for this managed resource.
selfLink string: Server-defined URL of this resource.
updateTime string: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

create_time str: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
id str: The provider-assigned unique ID for this managed resource.
self_link str: Server-defined URL of this resource.
update_time str: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

createTime String: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
id String: The provider-assigned unique ID for this managed resource.
selfLink String: Server-defined URL of this resource.
updateTime String: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

Look up Existing GatewaySecurityPolicyRule Resource

Get an existing GatewaySecurityPolicyRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: GatewaySecurityPolicyRuleState, opts?: CustomResourceOptions): GatewaySecurityPolicyRule

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        application_matcher: Optional[str] = None,
        basic_profile: Optional[str] = None,
        create_time: Optional[str] = None,
        description: Optional[str] = None,
        enabled: Optional[bool] = None,
        gateway_security_policy: Optional[str] = None,
        location: Optional[str] = None,
        name: Optional[str] = None,
        priority: Optional[int] = None,
        project: Optional[str] = None,
        self_link: Optional[str] = None,
        session_matcher: Optional[str] = None,
        tls_inspection_enabled: Optional[bool] = None,
        update_time: Optional[str] = None) -> GatewaySecurityPolicyRule

func GetGatewaySecurityPolicyRule(ctx *Context, name string, id IDInput, state *GatewaySecurityPolicyRuleState, opts ...ResourceOption) (*GatewaySecurityPolicyRule, error)

public static GatewaySecurityPolicyRule Get(string name, Input<string> id, GatewaySecurityPolicyRuleState? state, CustomResourceOptions? opts = null)

public static GatewaySecurityPolicyRule get(String name, Output<String> id, GatewaySecurityPolicyRuleState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ApplicationMatcher string: CEL expression for matching on L7/application level criteria.
BasicProfile string: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
CreateTime string: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
Description string: Free-text description of the resource.
Enabled bool: Whether the rule is enforced.
GatewaySecurityPolicy string: The name of the gatewat security policy this rule belongs to.
Location string: The location of the gateway security policy.
Name string: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
Priority int: Priority of the rule. Lower number corresponds to higher precedence.
Project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
SelfLink string: Server-defined URL of this resource.
SessionMatcher string: CEL expression for matching on session criteria.
TlsInspectionEnabled bool: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
UpdateTime string: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

ApplicationMatcher string: CEL expression for matching on L7/application level criteria.
BasicProfile string: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
CreateTime string: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
Description string: Free-text description of the resource.
Enabled bool: Whether the rule is enforced.
GatewaySecurityPolicy string: The name of the gatewat security policy this rule belongs to.
Location string: The location of the gateway security policy.
Name string: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
Priority int: Priority of the rule. Lower number corresponds to higher precedence.
Project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
SelfLink string: Server-defined URL of this resource.
SessionMatcher string: CEL expression for matching on session criteria.
TlsInspectionEnabled bool: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
UpdateTime string: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

applicationMatcher String: CEL expression for matching on L7/application level criteria.
basicProfile String: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
createTime String: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
description String: Free-text description of the resource.
enabled Boolean: Whether the rule is enforced.
gatewaySecurityPolicy String: The name of the gatewat security policy this rule belongs to.
location String: The location of the gateway security policy.
name String: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
priority Integer: Priority of the rule. Lower number corresponds to higher precedence.
project String: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
selfLink String: Server-defined URL of this resource.
sessionMatcher String: CEL expression for matching on session criteria.
tlsInspectionEnabled Boolean: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
updateTime String: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

applicationMatcher string: CEL expression for matching on L7/application level criteria.
basicProfile string: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
createTime string: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
description string: Free-text description of the resource.
enabled boolean: Whether the rule is enforced.
gatewaySecurityPolicy string: The name of the gatewat security policy this rule belongs to.
location string: The location of the gateway security policy.
name string: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
priority number: Priority of the rule. Lower number corresponds to higher precedence.
project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
selfLink string: Server-defined URL of this resource.
sessionMatcher string: CEL expression for matching on session criteria.
tlsInspectionEnabled boolean: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
updateTime string: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

application_matcher str: CEL expression for matching on L7/application level criteria.
basic_profile str: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
create_time str: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
description str: Free-text description of the resource.
enabled bool: Whether the rule is enforced.
gateway_security_policy str: The name of the gatewat security policy this rule belongs to.
location str: The location of the gateway security policy.
name str: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
priority int: Priority of the rule. Lower number corresponds to higher precedence.
project str: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
self_link str: Server-defined URL of this resource.
session_matcher str: CEL expression for matching on session criteria.
tls_inspection_enabled bool: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
update_time str: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

applicationMatcher String: CEL expression for matching on L7/application level criteria.
basicProfile String: Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.
createTime String: The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"
description String: Free-text description of the resource.
enabled Boolean: Whether the rule is enforced.
gatewaySecurityPolicy String: The name of the gatewat security policy this rule belongs to.
location String: The location of the gateway security policy.
name String: Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).
priority Number: Priority of the rule. Lower number corresponds to higher precedence.
project String: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
selfLink String: Server-defined URL of this resource.
sessionMatcher String: CEL expression for matching on session criteria.
tlsInspectionEnabled Boolean: Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.
updateTime String: The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

Import

GatewaySecurityPolicyRule can be imported using any of these accepted formats

 $ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{gateway_security_policy}}/rules/{{name}}

 $ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default {{project}}/{{location}}/{{gateway_security_policy}}/{{name}}

 $ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default {{location}}/{{gateway_security_policy}}/{{name}}

Package Details

Repository: Google Cloud (GCP) Classic pulumi/pulumi-gcp
License: Apache-2.0
Notes: This Pulumi package is based on the google-beta Terraform Provider.

Google Cloud Classic v6.66.0 published on Monday, Sep 18, 2023 by Pulumi

pulumi/pulumi-gcp

gcp.networksecurity.GatewaySecurityPolicyRule

On this page

On this page

Example Usage

Network Security Gateway Security Policy Rules Basic

Network Security Gateway Security Policy Rules Advanced

Create GatewaySecurityPolicyRule Resource

GatewaySecurityPolicyRule Resource Properties

Inputs

Outputs

Look up Existing GatewaySecurityPolicyRule Resource

Import

Package Details

On this page

On this page