1. Packages
  2. Google Cloud Native
  3. API Docs
  4. networksecurity
  5. networksecurity/v1beta1
  6. Rule

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.31.1 published on Thursday, Jul 20, 2023 by Pulumi

google-native.networksecurity/v1beta1.Rule

Explore with Pulumi AI

google-native logo

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.31.1 published on Thursday, Jul 20, 2023 by Pulumi

    Creates a new GatewaySecurityPolicy in a given project and location. Auto-naming is currently not supported for this resource.

    Create Rule Resource

    new Rule(name: string, args: RuleArgs, opts?: CustomResourceOptions);
    @overload
    def Rule(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             application_matcher: Optional[str] = None,
             basic_profile: Optional[RuleBasicProfile] = None,
             description: Optional[str] = None,
             enabled: Optional[bool] = None,
             gateway_security_policy_id: Optional[str] = None,
             gateway_security_policy_rule_id: Optional[str] = None,
             location: Optional[str] = None,
             name: Optional[str] = None,
             priority: Optional[int] = None,
             project: Optional[str] = None,
             session_matcher: Optional[str] = None,
             tls_inspection_enabled: Optional[bool] = None)
    @overload
    def Rule(resource_name: str,
             args: RuleInitArgs,
             opts: Optional[ResourceOptions] = None)
    func NewRule(ctx *Context, name string, args RuleArgs, opts ...ResourceOption) (*Rule, error)
    public Rule(string name, RuleArgs args, CustomResourceOptions? opts = null)
    public Rule(String name, RuleArgs args)
    public Rule(String name, RuleArgs args, CustomResourceOptions options)
    
    type: google-native:networksecurity/v1beta1:Rule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args RuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args RuleInitArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args RuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args RuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args RuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Rule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Rule resource accepts the following input properties:

    BasicProfile Pulumi.GoogleNative.NetworkSecurity.V1Beta1.RuleBasicProfile

    Profile which tells what the primitive action should be.

    Enabled bool

    Whether the rule is enforced.

    GatewaySecurityPolicyId string
    Name string

    Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).

    Priority int

    Priority of the rule. Lower number corresponds to higher precedence.

    SessionMatcher string

    CEL expression for matching on session criteria.

    ApplicationMatcher string

    Optional. CEL expression for matching on L7/application level criteria.

    Description string

    Optional. Free-text description of the resource.

    GatewaySecurityPolicyRuleId string

    The ID to use for the rule, which will become the final component of the rule's resource name. This value should be 4-63 characters, and valid characters are /a-z-/.

    Location string
    Project string
    TlsInspectionEnabled bool

    Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

    BasicProfile RuleBasicProfile

    Profile which tells what the primitive action should be.

    Enabled bool

    Whether the rule is enforced.

    GatewaySecurityPolicyId string
    Name string

    Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).

    Priority int

    Priority of the rule. Lower number corresponds to higher precedence.

    SessionMatcher string

    CEL expression for matching on session criteria.

    ApplicationMatcher string

    Optional. CEL expression for matching on L7/application level criteria.

    Description string

    Optional. Free-text description of the resource.

    GatewaySecurityPolicyRuleId string

    The ID to use for the rule, which will become the final component of the rule's resource name. This value should be 4-63 characters, and valid characters are /a-z-/.

    Location string
    Project string
    TlsInspectionEnabled bool

    Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

    basicProfile RuleBasicProfile

    Profile which tells what the primitive action should be.

    enabled Boolean

    Whether the rule is enforced.

    gatewaySecurityPolicyId String
    name String

    Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).

    priority Integer

    Priority of the rule. Lower number corresponds to higher precedence.

    sessionMatcher String

    CEL expression for matching on session criteria.

    applicationMatcher String

    Optional. CEL expression for matching on L7/application level criteria.

    description String

    Optional. Free-text description of the resource.

    gatewaySecurityPolicyRuleId String

    The ID to use for the rule, which will become the final component of the rule's resource name. This value should be 4-63 characters, and valid characters are /a-z-/.

    location String
    project String
    tlsInspectionEnabled Boolean

    Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

    basicProfile RuleBasicProfile

    Profile which tells what the primitive action should be.

    enabled boolean

    Whether the rule is enforced.

    gatewaySecurityPolicyId string
    name string

    Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).

    priority number

    Priority of the rule. Lower number corresponds to higher precedence.

    sessionMatcher string

    CEL expression for matching on session criteria.

    applicationMatcher string

    Optional. CEL expression for matching on L7/application level criteria.

    description string

    Optional. Free-text description of the resource.

    gatewaySecurityPolicyRuleId string

    The ID to use for the rule, which will become the final component of the rule's resource name. This value should be 4-63 characters, and valid characters are /a-z-/.

    location string
    project string
    tlsInspectionEnabled boolean

    Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

    basic_profile RuleBasicProfile

    Profile which tells what the primitive action should be.

    enabled bool

    Whether the rule is enforced.

    gateway_security_policy_id str
    name str

    Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).

    priority int

    Priority of the rule. Lower number corresponds to higher precedence.

    session_matcher str

    CEL expression for matching on session criteria.

    application_matcher str

    Optional. CEL expression for matching on L7/application level criteria.

    description str

    Optional. Free-text description of the resource.

    gateway_security_policy_rule_id str

    The ID to use for the rule, which will become the final component of the rule's resource name. This value should be 4-63 characters, and valid characters are /a-z-/.

    location str
    project str
    tls_inspection_enabled bool

    Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

    basicProfile "BASIC_PROFILE_UNSPECIFIED" | "ALLOW" | "DENY"

    Profile which tells what the primitive action should be.

    enabled Boolean

    Whether the rule is enforced.

    gatewaySecurityPolicyId String
    name String

    Immutable. Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).

    priority Number

    Priority of the rule. Lower number corresponds to higher precedence.

    sessionMatcher String

    CEL expression for matching on session criteria.

    applicationMatcher String

    Optional. CEL expression for matching on L7/application level criteria.

    description String

    Optional. Free-text description of the resource.

    gatewaySecurityPolicyRuleId String

    The ID to use for the rule, which will become the final component of the rule's resource name. This value should be 4-63 characters, and valid characters are /a-z-/.

    location String
    project String
    tlsInspectionEnabled Boolean

    Optional. Flag to enable TLS inspection of traffic matching on , can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Rule resource produces the following output properties:

    CreateTime string

    Time when the rule was created.

    Id string

    The provider-assigned unique ID for this managed resource.

    UpdateTime string

    Time when the rule was updated.

    CreateTime string

    Time when the rule was created.

    Id string

    The provider-assigned unique ID for this managed resource.

    UpdateTime string

    Time when the rule was updated.

    createTime String

    Time when the rule was created.

    id String

    The provider-assigned unique ID for this managed resource.

    updateTime String

    Time when the rule was updated.

    createTime string

    Time when the rule was created.

    id string

    The provider-assigned unique ID for this managed resource.

    updateTime string

    Time when the rule was updated.

    create_time str

    Time when the rule was created.

    id str

    The provider-assigned unique ID for this managed resource.

    update_time str

    Time when the rule was updated.

    createTime String

    Time when the rule was created.

    id String

    The provider-assigned unique ID for this managed resource.

    updateTime String

    Time when the rule was updated.

    Supporting Types

    RuleBasicProfile, RuleBasicProfileArgs

    BasicProfileUnspecified
    BASIC_PROFILE_UNSPECIFIED

    If there is not a mentioned action for the target.

    Allow
    ALLOW

    Allow the matched traffic.

    Deny
    DENY

    Deny the matched traffic.

    RuleBasicProfileBasicProfileUnspecified
    BASIC_PROFILE_UNSPECIFIED

    If there is not a mentioned action for the target.

    RuleBasicProfileAllow
    ALLOW

    Allow the matched traffic.

    RuleBasicProfileDeny
    DENY

    Deny the matched traffic.

    BasicProfileUnspecified
    BASIC_PROFILE_UNSPECIFIED

    If there is not a mentioned action for the target.

    Allow
    ALLOW

    Allow the matched traffic.

    Deny
    DENY

    Deny the matched traffic.

    BasicProfileUnspecified
    BASIC_PROFILE_UNSPECIFIED

    If there is not a mentioned action for the target.

    Allow
    ALLOW

    Allow the matched traffic.

    Deny
    DENY

    Deny the matched traffic.

    BASIC_PROFILE_UNSPECIFIED
    BASIC_PROFILE_UNSPECIFIED

    If there is not a mentioned action for the target.

    ALLOW
    ALLOW

    Allow the matched traffic.

    DENY
    DENY

    Deny the matched traffic.

    "BASIC_PROFILE_UNSPECIFIED"
    BASIC_PROFILE_UNSPECIFIED

    If there is not a mentioned action for the target.

    "ALLOW"
    ALLOW

    Allow the matched traffic.

    "DENY"
    DENY

    Deny the matched traffic.

    Package Details

    Repository
    Google Cloud Native pulumi/pulumi-google-native
    License
    Apache-2.0
    google-native logo

    Google Cloud Native is in preview. Google Cloud Classic is fully supported.

    Google Cloud Native v0.31.1 published on Thursday, Jul 20, 2023 by Pulumi