google-native logo
Google Cloud Native v0.30.0, Apr 14 23

google-native.networksecurity/v1.ClientTlsPolicy

Explore with Pulumi AI

Creates a new ClientTlsPolicy in a given project and location.

Create ClientTlsPolicy Resource

new ClientTlsPolicy(name: string, args: ClientTlsPolicyArgs, opts?: CustomResourceOptions);
@overload
def ClientTlsPolicy(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    client_certificate: Optional[GoogleCloudNetworksecurityV1CertificateProviderArgs] = None,
                    client_tls_policy_id: Optional[str] = None,
                    description: Optional[str] = None,
                    labels: Optional[Mapping[str, str]] = None,
                    location: Optional[str] = None,
                    name: Optional[str] = None,
                    project: Optional[str] = None,
                    server_validation_ca: Optional[Sequence[ValidationCAArgs]] = None,
                    sni: Optional[str] = None)
@overload
def ClientTlsPolicy(resource_name: str,
                    args: ClientTlsPolicyArgs,
                    opts: Optional[ResourceOptions] = None)
func NewClientTlsPolicy(ctx *Context, name string, args ClientTlsPolicyArgs, opts ...ResourceOption) (*ClientTlsPolicy, error)
public ClientTlsPolicy(string name, ClientTlsPolicyArgs args, CustomResourceOptions? opts = null)
public ClientTlsPolicy(String name, ClientTlsPolicyArgs args)
public ClientTlsPolicy(String name, ClientTlsPolicyArgs args, CustomResourceOptions options)
type: google-native:networksecurity/v1:ClientTlsPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args ClientTlsPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ClientTlsPolicyArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ClientTlsPolicyArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ClientTlsPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args ClientTlsPolicyArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

ClientTlsPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ClientTlsPolicy resource accepts the following input properties:

ClientTlsPolicyId string

Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

ClientCertificate Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1CertificateProviderArgs

Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

Description string

Optional. Free-text description of the resource.

Labels Dictionary<string, string>

Optional. Set of label tags associated with the resource.

Location string
Name string

Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

Project string
ServerValidationCa List<Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.ValidationCAArgs>

Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

Sni string

Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

ClientTlsPolicyId string

Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

ClientCertificate GoogleCloudNetworksecurityV1CertificateProviderArgs

Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

Description string

Optional. Free-text description of the resource.

Labels map[string]string

Optional. Set of label tags associated with the resource.

Location string
Name string

Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

Project string
ServerValidationCa []ValidationCAArgs

Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

Sni string

Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

clientTlsPolicyId String

Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

clientCertificate GoogleCloudNetworksecurityV1CertificateProviderArgs

Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

description String

Optional. Free-text description of the resource.

labels Map<String,String>

Optional. Set of label tags associated with the resource.

location String
name String

Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

project String
serverValidationCa List<ValidationCAArgs>

Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

sni String

Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

clientTlsPolicyId string

Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

clientCertificate GoogleCloudNetworksecurityV1CertificateProviderArgs

Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

description string

Optional. Free-text description of the resource.

labels {[key: string]: string}

Optional. Set of label tags associated with the resource.

location string
name string

Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

project string
serverValidationCa ValidationCAArgs[]

Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

sni string

Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

client_tls_policy_id str

Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

client_certificate GoogleCloudNetworksecurityV1CertificateProviderArgs

Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

description str

Optional. Free-text description of the resource.

labels Mapping[str, str]

Optional. Set of label tags associated with the resource.

location str
name str

Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

project str
server_validation_ca Sequence[ValidationCAArgs]

Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

sni str

Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

clientTlsPolicyId String

Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".

clientCertificate Property Map

Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.

description String

Optional. Free-text description of the resource.

labels Map<String>

Optional. Set of label tags associated with the resource.

location String
name String

Name of the ClientTlsPolicy resource. It matches the pattern projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}

project String
serverValidationCa List<Property Map>

Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.

sni String

Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".

Outputs

All input properties are implicitly available as output properties. Additionally, the ClientTlsPolicy resource produces the following output properties:

CreateTime string

The timestamp when the resource was created.

Id string

The provider-assigned unique ID for this managed resource.

UpdateTime string

The timestamp when the resource was updated.

CreateTime string

The timestamp when the resource was created.

Id string

The provider-assigned unique ID for this managed resource.

UpdateTime string

The timestamp when the resource was updated.

createTime String

The timestamp when the resource was created.

id String

The provider-assigned unique ID for this managed resource.

updateTime String

The timestamp when the resource was updated.

createTime string

The timestamp when the resource was created.

id string

The provider-assigned unique ID for this managed resource.

updateTime string

The timestamp when the resource was updated.

create_time str

The timestamp when the resource was created.

id str

The provider-assigned unique ID for this managed resource.

update_time str

The timestamp when the resource was updated.

createTime String

The timestamp when the resource was created.

id String

The provider-assigned unique ID for this managed resource.

updateTime String

The timestamp when the resource was updated.

Supporting Types

CertificateProviderInstance

PluginInstance string

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

PluginInstance string

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance String

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance string

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

plugin_instance str

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance String

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

CertificateProviderInstanceResponse

PluginInstance string

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

PluginInstance string

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance String

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance string

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

plugin_instance str

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

pluginInstance String

Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.

GoogleCloudNetworksecurityV1CertificateProvider

CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

CertificateProviderInstance CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificate_provider_instance CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance Property Map

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint Property Map

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

GoogleCloudNetworksecurityV1CertificateProviderResponse

CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstanceResponse

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpointResponse

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

CertificateProviderInstance CertificateProviderInstanceResponse

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance CertificateProviderInstanceResponse

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance CertificateProviderInstanceResponse

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificate_provider_instance CertificateProviderInstanceResponse

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

certificateProviderInstance Property Map

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint Property Map

gRPC specific configuration to access the gRPC server to obtain the cert and private key.

GoogleCloudNetworksecurityV1GrpcEndpoint

TargetUri string

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

TargetUri string

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri String

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri string

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

target_uri str

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri String

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

GoogleCloudNetworksecurityV1GrpcEndpointResponse

TargetUri string

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

TargetUri string

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri String

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri string

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

target_uri str

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

targetUri String

The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".

ValidationCA

CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

CertificateProviderInstance CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificate_provider_instance CertificateProviderInstance

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpoint

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance Property Map

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint Property Map

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

ValidationCAResponse

CertificateProviderInstance Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.CertificateProviderInstanceResponse

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

GrpcEndpoint Pulumi.GoogleNative.NetworkSecurity.V1.Inputs.GoogleCloudNetworksecurityV1GrpcEndpointResponse

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

CertificateProviderInstance CertificateProviderInstanceResponse

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

GrpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance CertificateProviderInstanceResponse

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance CertificateProviderInstanceResponse

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificate_provider_instance CertificateProviderInstanceResponse

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpc_endpoint GoogleCloudNetworksecurityV1GrpcEndpointResponse

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

certificateProviderInstance Property Map

The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.

grpcEndpoint Property Map

gRPC specific configuration to access the gRPC server to obtain the CA certificate.

Package Details

Repository
Google Cloud Native pulumi/pulumi-google-native
License
Apache-2.0