Google Cloud Native v0.30.0, Apr 14 23

google-native.networksecurity/v1.ClientTlsPolicy

Explore with Pulumi AI

Creates a new ClientTlsPolicy in a given project and location.

Create ClientTlsPolicy Resource

new ClientTlsPolicy(name: string, args: ClientTlsPolicyArgs, opts?: CustomResourceOptions);

@overload
def ClientTlsPolicy(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    client_certificate: Optional[GoogleCloudNetworksecurityV1CertificateProviderArgs] = None,
                    client_tls_policy_id: Optional[str] = None,
                    description: Optional[str] = None,
                    labels: Optional[Mapping[str, str]] = None,
                    location: Optional[str] = None,
                    name: Optional[str] = None,
                    project: Optional[str] = None,
                    server_validation_ca: Optional[Sequence[ValidationCAArgs]] = None,
                    sni: Optional[str] = None)
@overload
def ClientTlsPolicy(resource_name: str,
                    args: ClientTlsPolicyArgs,
                    opts: Optional[ResourceOptions] = None)

func NewClientTlsPolicy(ctx *Context, name string, args ClientTlsPolicyArgs, opts ...ResourceOption) (*ClientTlsPolicy, error)

public ClientTlsPolicy(string name, ClientTlsPolicyArgs args, CustomResourceOptions? opts = null)

public ClientTlsPolicy(String name, ClientTlsPolicyArgs args)
public ClientTlsPolicy(String name, ClientTlsPolicyArgs args, CustomResourceOptions options)

type: google-native:networksecurity/v1:ClientTlsPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ClientTlsPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ClientTlsPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ClientTlsPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ClientTlsPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ClientTlsPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

ClientTlsPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ClientTlsPolicy resource accepts the following input properties:

ClientTlsPolicyId string: Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
ClientCertificate Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1CertificateProviderArgs: Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
Description string: Optional. Free-text description of the resource.
Labels Dictionary<string, string>: Optional. Set of label tags associated with the resource.
Location string
Name string: Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
Project string
ServerValidationCa List<Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.ValidationCAArgs>: Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
Sni string: Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

ClientTlsPolicyId string: Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
ClientCertificate GoogleCloudNetworksecurityV1CertificateProviderArgs: Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
Description string: Optional. Free-text description of the resource.
Labels map[string]string: Optional. Set of label tags associated with the resource.
Location string
Name string: Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
Project string
ServerValidationCa []ValidationCAArgs: Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
Sni string: Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

clientTlsPolicyId String: Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
clientCertificate GoogleCloudNetworksecurityV1CertificateProviderArgs: Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
description String: Optional. Free-text description of the resource.
labels Map<String,String>: Optional. Set of label tags associated with the resource.
location String
name String: Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
project String
serverValidationCa List<ValidationCAArgs>: Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
sni String: Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

clientTlsPolicyId string: Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
clientCertificate GoogleCloudNetworksecurityV1CertificateProviderArgs: Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
description string: Optional. Free-text description of the resource.
labels {[key: string]: string}: Optional. Set of label tags associated with the resource.
location string
name string: Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
project string
serverValidationCa ValidationCAArgs[]: Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
sni string: Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

client_tls_policy_id str: Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
client_certificate GoogleCloudNetworksecurityV1CertificateProviderArgs: Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
description str: Optional. Free-text description of the resource.
labels Mapping[str, str]: Optional. Set of label tags associated with the resource.
location str
name str: Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
project str
server_validation_ca Sequence[ValidationCAArgs]: Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
sni str: Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

clientTlsPolicyId String: Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
clientCertificate Property Map: Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
description String: Optional. Free-text description of the resource.
labels Map<String>: Optional. Set of label tags associated with the resource.
location String
name String: Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
project String
serverValidationCa List<Property Map>: Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
sni String: Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

Outputs

All input properties are implicitly available as output properties. Additionally, the ClientTlsPolicy resource produces the following output properties:

CreateTime string: The timestamp when the resource was created.
Id string: The provider-assigned unique ID for this managed resource.
UpdateTime string: The timestamp when the resource was updated.

CreateTime string: The timestamp when the resource was created.
Id string: The provider-assigned unique ID for this managed resource.
UpdateTime string: The timestamp when the resource was updated.

createTime String: The timestamp when the resource was created.
id String: The provider-assigned unique ID for this managed resource.
updateTime String: The timestamp when the resource was updated.

createTime string: The timestamp when the resource was created.
id string: The provider-assigned unique ID for this managed resource.
updateTime string: The timestamp when the resource was updated.

create_time str: The timestamp when the resource was created.
id str: The provider-assigned unique ID for this managed resource.
update_time str: The timestamp when the resource was updated.

createTime String: The timestamp when the resource was created.
id String: The provider-assigned unique ID for this managed resource.
updateTime String: The timestamp when the resource was updated.

Supporting Types

CertificateProviderInstance

PluginInstance string: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

PluginInstance string: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance String: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance string: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

plugin_instance str: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance String: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

CertificateProviderInstanceResponse

PluginInstance string: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

PluginInstance string: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance String: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance string: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

plugin_instance str: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance String: Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

GoogleCloudNetworksecurityV1CertificateProvider

CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstance: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpoint: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

CertificateProviderInstance CertificateProviderInstance: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance CertificateProviderInstance: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance CertificateProviderInstance: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificate_provider_instance CertificateProviderInstance: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpoint: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance Property Map: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint Property Map: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

GoogleCloudNetworksecurityV1CertificateProviderResponse

CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstanceResponse: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpointResponse: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

CertificateProviderInstance CertificateProviderInstanceResponse: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance CertificateProviderInstanceResponse: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance CertificateProviderInstanceResponse: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificate_provider_instance CertificateProviderInstanceResponse: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance Property Map: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint Property Map: gRPC specific configuration to access the gRPC server to obtain the cert and private key.

GoogleCloudNetworksecurityV1GrpcEndpoint

TargetUri string: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

TargetUri string: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri String: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri string: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

target_uri str: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri String: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

GoogleCloudNetworksecurityV1GrpcEndpointResponse

TargetUri string: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

TargetUri string: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri String: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri string: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

target_uri str: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri String: The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

ValidationCA

CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstance: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpoint: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

CertificateProviderInstance CertificateProviderInstance: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance CertificateProviderInstance: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance CertificateProviderInstance: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificate_provider_instance CertificateProviderInstance: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpoint: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance Property Map: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint Property Map: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

ValidationCAResponse

CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstanceResponse: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpointResponse: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

CertificateProviderInstance CertificateProviderInstanceResponse: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance CertificateProviderInstanceResponse: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance CertificateProviderInstanceResponse: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificate_provider_instance CertificateProviderInstanceResponse: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance Property Map: The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
grpcEndpoint Property Map: gRPC specific configuration to access the gRPC server to obtain the CA certificate.

Package Details

Repository: Google Cloud Native pulumi/pulumi-google-native
License: Apache-2.0