Google Cloud Native v0.30.0, Apr 14 23
Google Cloud Native v0.30.0, Apr 14 23
google-native.networksecurity/v1.ClientTlsPolicy
Explore with Pulumi AI
Creates a new ClientTlsPolicy in a given project and location.
Create ClientTlsPolicy Resource
new ClientTlsPolicy(name: string, args: ClientTlsPolicyArgs, opts?: CustomResourceOptions);
@overload
def ClientTlsPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
client_certificate: Optional[GoogleCloudNetworksecurityV1CertificateProviderArgs] = None,
client_tls_policy_id: Optional[str] = None,
description: Optional[str] = None,
labels: Optional[Mapping[str, str]] = None,
location: Optional[str] = None,
name: Optional[str] = None,
project: Optional[str] = None,
server_validation_ca: Optional[Sequence[ValidationCAArgs]] = None,
sni: Optional[str] = None)
@overload
def ClientTlsPolicy(resource_name: str,
args: ClientTlsPolicyArgs,
opts: Optional[ResourceOptions] = None)
func NewClientTlsPolicy(ctx *Context, name string, args ClientTlsPolicyArgs, opts ...ResourceOption) (*ClientTlsPolicy, error)
public ClientTlsPolicy(string name, ClientTlsPolicyArgs args, CustomResourceOptions? opts = null)
public ClientTlsPolicy(String name, ClientTlsPolicyArgs args)
public ClientTlsPolicy(String name, ClientTlsPolicyArgs args, CustomResourceOptions options)
type: google-native:networksecurity/v1:ClientTlsPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ClientTlsPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ClientTlsPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ClientTlsPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ClientTlsPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ClientTlsPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
ClientTlsPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The ClientTlsPolicy resource accepts the following input properties:
- Client
Tls stringPolicy Id Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
- Client
Certificate Pulumi.Google Native. Network Security. V1. Inputs. Google Cloud Networksecurity V1Certificate Provider Args Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
- Description string
Optional. Free-text description of the resource.
- Labels Dictionary<string, string>
Optional. Set of label tags associated with the resource.
- Location string
- Name string
Name of the ClientTlsPolicy resource. It matches the pattern
projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
- Project string
- Server
Validation List<Pulumi.Ca Google Native. Network Security. V1. Inputs. Validation CAArgs> Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
- Sni string
Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
- Client
Tls stringPolicy Id Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
- Client
Certificate GoogleCloud Networksecurity V1Certificate Provider Args Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
- Description string
Optional. Free-text description of the resource.
- Labels map[string]string
Optional. Set of label tags associated with the resource.
- Location string
- Name string
Name of the ClientTlsPolicy resource. It matches the pattern
projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
- Project string
- Server
Validation []ValidationCa CAArgs Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
- Sni string
Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
- client
Tls StringPolicy Id Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
- client
Certificate GoogleCloud Networksecurity V1Certificate Provider Args Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
- description String
Optional. Free-text description of the resource.
- labels Map<String,String>
Optional. Set of label tags associated with the resource.
- location String
- name String
Name of the ClientTlsPolicy resource. It matches the pattern
projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
- project String
- server
Validation List<ValidationCa CAArgs> Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
- sni String
Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
- client
Tls stringPolicy Id Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
- client
Certificate GoogleCloud Networksecurity V1Certificate Provider Args Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
- description string
Optional. Free-text description of the resource.
- labels {[key: string]: string}
Optional. Set of label tags associated with the resource.
- location string
- name string
Name of the ClientTlsPolicy resource. It matches the pattern
projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
- project string
- server
Validation ValidationCa CAArgs[] Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
- sni string
Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
- client_
tls_ strpolicy_ id Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
- client_
certificate GoogleCloud Networksecurity V1Certificate Provider Args Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
- description str
Optional. Free-text description of the resource.
- labels Mapping[str, str]
Optional. Set of label tags associated with the resource.
- location str
- name str
Name of the ClientTlsPolicy resource. It matches the pattern
projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
- project str
- server_
validation_ Sequence[Validationca CAArgs] Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
- sni str
Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
- client
Tls StringPolicy Id Required. Short name of the ClientTlsPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "client_mtls_policy".
- client
Certificate Property Map Optional. Defines a mechanism to provision client identity (public and private keys) for peer to peer authentication. The presence of this dictates mTLS.
- description String
Optional. Free-text description of the resource.
- labels Map<String>
Optional. Set of label tags associated with the resource.
- location String
- name String
Name of the ClientTlsPolicy resource. It matches the pattern
projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}
- project String
- server
Validation List<Property Map>Ca Optional. Defines the mechanism to obtain the Certificate Authority certificate to validate the server certificate. If empty, client does not validate the server certificate.
- sni String
Optional. Server Name Indication string to present to the server during TLS handshake. E.g: "secure.example.com".
Outputs
All input properties are implicitly available as output properties. Additionally, the ClientTlsPolicy resource produces the following output properties:
- Create
Time string The timestamp when the resource was created.
- Id string
The provider-assigned unique ID for this managed resource.
- Update
Time string The timestamp when the resource was updated.
- Create
Time string The timestamp when the resource was created.
- Id string
The provider-assigned unique ID for this managed resource.
- Update
Time string The timestamp when the resource was updated.
- create
Time String The timestamp when the resource was created.
- id String
The provider-assigned unique ID for this managed resource.
- update
Time String The timestamp when the resource was updated.
- create
Time string The timestamp when the resource was created.
- id string
The provider-assigned unique ID for this managed resource.
- update
Time string The timestamp when the resource was updated.
- create_
time str The timestamp when the resource was created.
- id str
The provider-assigned unique ID for this managed resource.
- update_
time str The timestamp when the resource was updated.
- create
Time String The timestamp when the resource was created.
- id String
The provider-assigned unique ID for this managed resource.
- update
Time String The timestamp when the resource was updated.
Supporting Types
CertificateProviderInstance
- Plugin
Instance string Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
- Plugin
Instance string Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
- plugin
Instance String Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
- plugin
Instance string Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
- plugin_
instance str Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
- plugin
Instance String Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
CertificateProviderInstanceResponse
- Plugin
Instance string Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
- Plugin
Instance string Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
- plugin
Instance String Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
- plugin
Instance string Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
- plugin_
instance str Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
- plugin
Instance String Plugin instance name, used to locate and load CertificateProvider instance configuration. Set to "google_cloud_private_spiffe" to use Certificate Authority Service certificate provider instance.
GoogleCloudNetworksecurityV1CertificateProvider
- Certificate
Provider Pulumi.Instance Google Native. Network Security. V1. Inputs. Certificate Provider Instance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- Grpc
Endpoint Pulumi.Google Native. Network Security. V1. Inputs. Google Cloud Networksecurity V1Grpc Endpoint gRPC specific configuration to access the gRPC server to obtain the cert and private key.
- Certificate
Provider CertificateInstance Provider Instance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- Grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint gRPC specific configuration to access the gRPC server to obtain the cert and private key.
- certificate
Provider CertificateInstance Provider Instance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint gRPC specific configuration to access the gRPC server to obtain the cert and private key.
- certificate
Provider CertificateInstance Provider Instance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint gRPC specific configuration to access the gRPC server to obtain the cert and private key.
- certificate_
provider_ Certificateinstance Provider Instance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc_
endpoint GoogleCloud Networksecurity V1Grpc Endpoint gRPC specific configuration to access the gRPC server to obtain the cert and private key.
- certificate
Provider Property MapInstance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint Property Map gRPC specific configuration to access the gRPC server to obtain the cert and private key.
GoogleCloudNetworksecurityV1CertificateProviderResponse
- Certificate
Provider Pulumi.Instance Google Native. Network Security. V1. Inputs. Certificate Provider Instance Response The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- Grpc
Endpoint Pulumi.Google Native. Network Security. V1. Inputs. Google Cloud Networksecurity V1Grpc Endpoint Response gRPC specific configuration to access the gRPC server to obtain the cert and private key.
- Certificate
Provider CertificateInstance Provider Instance Response The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- Grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint Response gRPC specific configuration to access the gRPC server to obtain the cert and private key.
- certificate
Provider CertificateInstance Provider Instance Response The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint Response gRPC specific configuration to access the gRPC server to obtain the cert and private key.
- certificate
Provider CertificateInstance Provider Instance Response The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint Response gRPC specific configuration to access the gRPC server to obtain the cert and private key.
- certificate_
provider_ Certificateinstance Provider Instance Response The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc_
endpoint GoogleCloud Networksecurity V1Grpc Endpoint Response gRPC specific configuration to access the gRPC server to obtain the cert and private key.
- certificate
Provider Property MapInstance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint Property Map gRPC specific configuration to access the gRPC server to obtain the cert and private key.
GoogleCloudNetworksecurityV1GrpcEndpoint
- Target
Uri string The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
- Target
Uri string The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
- target
Uri String The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
- target
Uri string The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
- target_
uri str The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
- target
Uri String The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
GoogleCloudNetworksecurityV1GrpcEndpointResponse
- Target
Uri string The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
- Target
Uri string The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
- target
Uri String The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
- target
Uri string The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
- target_
uri str The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
- target
Uri String The target URI of the gRPC endpoint. Only UDS path is supported, and should start with "unix:".
ValidationCA
- Certificate
Provider Pulumi.Instance Google Native. Network Security. V1. Inputs. Certificate Provider Instance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- Grpc
Endpoint Pulumi.Google Native. Network Security. V1. Inputs. Google Cloud Networksecurity V1Grpc Endpoint gRPC specific configuration to access the gRPC server to obtain the CA certificate.
- Certificate
Provider CertificateInstance Provider Instance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- Grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint gRPC specific configuration to access the gRPC server to obtain the CA certificate.
- certificate
Provider CertificateInstance Provider Instance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint gRPC specific configuration to access the gRPC server to obtain the CA certificate.
- certificate
Provider CertificateInstance Provider Instance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint gRPC specific configuration to access the gRPC server to obtain the CA certificate.
- certificate_
provider_ Certificateinstance Provider Instance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc_
endpoint GoogleCloud Networksecurity V1Grpc Endpoint gRPC specific configuration to access the gRPC server to obtain the CA certificate.
- certificate
Provider Property MapInstance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint Property Map gRPC specific configuration to access the gRPC server to obtain the CA certificate.
ValidationCAResponse
- Certificate
Provider Pulumi.Instance Google Native. Network Security. V1. Inputs. Certificate Provider Instance Response The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- Grpc
Endpoint Pulumi.Google Native. Network Security. V1. Inputs. Google Cloud Networksecurity V1Grpc Endpoint Response gRPC specific configuration to access the gRPC server to obtain the CA certificate.
- Certificate
Provider CertificateInstance Provider Instance Response The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- Grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint Response gRPC specific configuration to access the gRPC server to obtain the CA certificate.
- certificate
Provider CertificateInstance Provider Instance Response The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint Response gRPC specific configuration to access the gRPC server to obtain the CA certificate.
- certificate
Provider CertificateInstance Provider Instance Response The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint GoogleCloud Networksecurity V1Grpc Endpoint Response gRPC specific configuration to access the gRPC server to obtain the CA certificate.
- certificate_
provider_ Certificateinstance Provider Instance Response The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc_
endpoint GoogleCloud Networksecurity V1Grpc Endpoint Response gRPC specific configuration to access the gRPC server to obtain the CA certificate.
- certificate
Provider Property MapInstance The certificate provider instance specification that will be passed to the data plane, which will be used to load necessary credential information.
- grpc
Endpoint Property Map gRPC specific configuration to access the gRPC server to obtain the CA certificate.
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0