1. Packages
  2. Google Cloud Native
  3. API Docs
  4. networksecurity
  5. networksecurity/v1
  6. ClientTlsPolicy

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.31.1 published on Thursday, Jul 20, 2023 by Pulumi

google-native.networksecurity/v1.ClientTlsPolicy

Explore with Pulumi AI

google-native logo

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.31.1 published on Thursday, Jul 20, 2023 by Pulumi

    Creates a new ClientTlsPolicy in a given project and location.

    Create ClientTlsPolicy Resource

    new ClientTlsPolicy(name: string, args: ClientTlsPolicyArgs, opts?: CustomResourceOptions);
    @overload
    def ClientTlsPolicy(resource_name: str,
                        opts: Optional[ResourceOptions] = None,
                        client_certificate: Optional[GoogleCloudNetworksecurityV1CertificateProviderArgs] = None,
                        client_tls_policy_id: Optional[str] = None,
                        description: Optional[str] = None,
                        labels: Optional[Mapping[str, str]] = None,
                        location: Optional[str] = None,
                        name: Optional[str] = None,
                        project: Optional[str] = None,
                        server_validation_ca: Optional[Sequence[ValidationCAArgs]] = None,
                        sni: Optional[str] = None)
    @overload
    def ClientTlsPolicy(resource_name: str,
                        args: ClientTlsPolicyArgs,
                        opts: Optional[ResourceOptions] = None)
    func NewClientTlsPolicy(ctx *Context, name string, args ClientTlsPolicyArgs, opts ...ResourceOption) (*ClientTlsPolicy, error)
    public ClientTlsPolicy(string name, ClientTlsPolicyArgs args, CustomResourceOptions? opts = null)
    public ClientTlsPolicy(String name, ClientTlsPolicyArgs args)
    public ClientTlsPolicy(String name, ClientTlsPolicyArgs args, CustomResourceOptions options)
    
    type: google-native:networksecurity/v1:ClientTlsPolicy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args ClientTlsPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ClientTlsPolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ClientTlsPolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ClientTlsPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ClientTlsPolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    ClientTlsPolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The ClientTlsPolicy resource accepts the following input properties:

    ClientTlsPolicyId string

    Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

    ClientCertificate Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1CertificateProvider

    Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

    Description string

    Optional. Free-text description of the resource.

    Labels Dictionary<string, string>

    Optional. Set of label tags associated with the resource.

    Location string
    Name string

    Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

    Project string
    ServerValidationCa List<Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.ValidationCA>

    Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

    Sni string

    Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

    ClientTlsPolicyId string

    Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

    ClientCertificate GoogleCloudNetworksecurityV1CertificateProviderArgs

    Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

    Description string

    Optional. Free-text description of the resource.

    Labels map[string]string

    Optional. Set of label tags associated with the resource.

    Location string
    Name string

    Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

    Project string
    ServerValidationCa []ValidationCAArgs

    Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

    Sni string

    Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

    clientTlsPolicyId String

    Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

    clientCertificate GoogleCloudNetworksecurityV1CertificateProvider

    Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

    description String

    Optional. Free-text description of the resource.

    labels Map<String,String>

    Optional. Set of label tags associated with the resource.

    location String
    name String

    Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

    project String
    serverValidationCa List<ValidationCA>

    Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

    sni String

    Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

    clientTlsPolicyId string

    Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

    clientCertificate GoogleCloudNetworksecurityV1CertificateProvider

    Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

    description string

    Optional. Free-text description of the resource.

    labels {[key: string]: string}

    Optional. Set of label tags associated with the resource.

    location string
    name string

    Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

    project string
    serverValidationCa ValidationCA[]

    Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

    sni string

    Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

    client_tls_policy_id str

    Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

    client_certificate GoogleCloudNetworksecurityV1CertificateProviderArgs

    Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

    description str

    Optional. Free-text description of the resource.

    labels Mapping[str, str]

    Optional. Set of label tags associated with the resource.

    location str
    name str

    Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

    project str
    server_validation_ca Sequence[ValidationCAArgs]

    Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

    sni str

    Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

    clientTlsPolicyId String

    Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

    clientCertificate Property Map

    Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

    description String

    Optional. Free-text description of the resource.

    labels Map<String>

    Optional. Set of label tags associated with the resource.

    location String
    name String

    Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

    project String
    serverValidationCa List<Property Map>

    Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

    sni String

    Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

    Outputs

    All input properties are implicitly available as output properties. Additionally, the ClientTlsPolicy resource produces the following output properties:

    CreateTime string

    The timestamp when the resource was created.

    Id string

    The provider-assigned unique ID for this managed resource.

    UpdateTime string

    The timestamp when the resource was updated.

    CreateTime string

    The timestamp when the resource was created.

    Id string

    The provider-assigned unique ID for this managed resource.

    UpdateTime string

    The timestamp when the resource was updated.

    createTime String

    The timestamp when the resource was created.

    id String

    The provider-assigned unique ID for this managed resource.

    updateTime String

    The timestamp when the resource was updated.

    createTime string

    The timestamp when the resource was created.

    id string

    The provider-assigned unique ID for this managed resource.

    updateTime string

    The timestamp when the resource was updated.

    create_time str

    The timestamp when the resource was created.

    id str

    The provider-assigned unique ID for this managed resource.

    update_time str

    The timestamp when the resource was updated.

    createTime String

    The timestamp when the resource was created.

    id String

    The provider-assigned unique ID for this managed resource.

    updateTime String

    The timestamp when the resource was updated.

    Supporting Types

    CertificateProviderInstance, CertificateProviderInstanceArgs

    PluginInstance string

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    PluginInstance string

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    pluginInstance String

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    pluginInstance string

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    plugin_instance str

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    pluginInstance String

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    CertificateProviderInstanceResponse, CertificateProviderInstanceResponseArgs

    PluginInstance string

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    PluginInstance string

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    pluginInstance String

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    pluginInstance string

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    plugin_instance str

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    pluginInstance String

    Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

    GoogleCloudNetworksecurityV1CertificateProvider, GoogleCloudNetworksecurityV1CertificateProviderArgs

    CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstance

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpoint

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    CertificateProviderInstance CertificateProviderInstance

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    certificateProviderInstance CertificateProviderInstance

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    certificateProviderInstance CertificateProviderInstance

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    certificate_provider_instance CertificateProviderInstance

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpoint

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    certificateProviderInstance Property Map

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint Property Map

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    GoogleCloudNetworksecurityV1CertificateProviderResponse, GoogleCloudNetworksecurityV1CertificateProviderResponseArgs

    CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstanceResponse

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpointResponse

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    CertificateProviderInstance CertificateProviderInstanceResponse

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    certificateProviderInstance CertificateProviderInstanceResponse

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    certificateProviderInstance CertificateProviderInstanceResponse

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    certificate_provider_instance CertificateProviderInstanceResponse

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    certificateProviderInstance Property Map

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint Property Map

    gRPC specific configuration to access the gRPC server to obtain the cert and private key.

    GoogleCloudNetworksecurityV1GrpcEndpoint, GoogleCloudNetworksecurityV1GrpcEndpointArgs

    TargetUri string

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    TargetUri string

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    targetUri String

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    targetUri string

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    target_uri str

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    targetUri String

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    GoogleCloudNetworksecurityV1GrpcEndpointResponse, GoogleCloudNetworksecurityV1GrpcEndpointResponseArgs

    TargetUri string

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    TargetUri string

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    targetUri String

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    targetUri string

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    target_uri str

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    targetUri String

    The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

    ValidationCA, ValidationCAArgs

    CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstance

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpoint

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    CertificateProviderInstance CertificateProviderInstance

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    certificateProviderInstance CertificateProviderInstance

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    certificateProviderInstance CertificateProviderInstance

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    certificate_provider_instance CertificateProviderInstance

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpoint

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    certificateProviderInstance Property Map

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint Property Map

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    ValidationCAResponse, ValidationCAResponseArgs

    CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstanceResponse

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpointResponse

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    CertificateProviderInstance CertificateProviderInstanceResponse

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    certificateProviderInstance CertificateProviderInstanceResponse

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    certificateProviderInstance CertificateProviderInstanceResponse

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    certificate_provider_instance CertificateProviderInstanceResponse

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    certificateProviderInstance Property Map

    The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

    grpcEndpoint Property Map

    gRPC specific configuration to access the gRPC server to obtain the CA certificate.

    Package Details

    Repository
    Google Cloud Native pulumi/pulumi-google-native
    License
    Apache-2.0
    google-native logo

    Google Cloud Native is in preview. Google Cloud Classic is fully supported.

    Google Cloud Native v0.31.1 published on Thursday, Jul 20, 2023 by Pulumi