pulumi-gcp-kotlin/com.pulumi.gcp.networksecurity.kotlin/GatewaySecurityPolicyRule

GatewaySecurityPolicyRule

class GatewaySecurityPolicyRule : KotlinCustomResource

The GatewaySecurityPolicyRule resource is in a nested collection within a GatewaySecurityPolicy and represents a traffic matching condition and associated action to perform. To get more information about GatewaySecurityPolicyRule, see:

Example Usage

Network Security Gateway Security Policy Rules Basic

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicy;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyArgs;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRule;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var defaultGatewaySecurityPolicy = new GatewaySecurityPolicy("defaultGatewaySecurityPolicy", GatewaySecurityPolicyArgs.builder()
            .location("us-central1")
            .description("gateway security policy created to be used as reference by the rule.")
            .build());
        var defaultGatewaySecurityPolicyRule = new GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule", GatewaySecurityPolicyRuleArgs.builder()
            .location("us-central1")
            .gatewaySecurityPolicy(defaultGatewaySecurityPolicy.name())
            .enabled(true)
            .description("my description")
            .priority(0)
            .sessionMatcher("host() == 'example.com'")
            .basicProfile("ALLOW")
            .build());
    }
}
Content copied to clipboard

Network Security Gateway Security Policy Rules Advanced

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicy;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyArgs;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRule;
import com.pulumi.gcp.networksecurity.GatewaySecurityPolicyRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var defaultGatewaySecurityPolicy = new GatewaySecurityPolicy("defaultGatewaySecurityPolicy", GatewaySecurityPolicyArgs.builder()
            .location("us-central1")
            .description("gateway security policy created to be used as reference by the rule.")
            .build());
        var defaultGatewaySecurityPolicyRule = new GatewaySecurityPolicyRule("defaultGatewaySecurityPolicyRule", GatewaySecurityPolicyRuleArgs.builder()
            .location("us-central1")
            .gatewaySecurityPolicy(defaultGatewaySecurityPolicy.name())
            .enabled(true)
            .description("my description")
            .priority(0)
            .sessionMatcher("host() == 'example.com'")
            .applicationMatcher("request.method == 'POST'")
            .tlsInspectionEnabled(false)
            .basicProfile("ALLOW")
            .build());
    }
}
Content copied to clipboard

Import

GatewaySecurityPolicyRule can be imported using any of these accepted formats

$ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{gateway_security_policy}}/rules/{{name}}
Content copied to clipboard
$ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default {{project}}/{{location}}/{{gateway_security_policy}}/{{name}}
Content copied to clipboard
$ pulumi import gcp:networksecurity/gatewaySecurityPolicyRule:GatewaySecurityPolicyRule default {{location}}/{{gateway_security_policy}}/{{name}}
Content copied to clipboard

Properties

Link copied to clipboard
val applicationMatcher: Output<String>?

CEL expression for matching on L7/application level criteria.

Link copied to clipboard
val basicProfile: Output<String>

Profile which tells what the primitive action should be. Possible values are: * ALLOW * DENY. Possible values are: BASIC_PROFILE_UNSPECIFIED, ALLOW, DENY.

Link copied to clipboard
val createTime: Output<String>

The timestamp when the resource was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z"

Link copied to clipboard
val description: Output<String>?

Free-text description of the resource.

Link copied to clipboard
val enabled: Output<Boolean>

Whether the rule is enforced.

Link copied to clipboard
val gatewaySecurityPolicy: Output<String>

The name of the gatewat security policy this rule belongs to.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val location: Output<String>

The location of the gateway security policy.

Link copied to clipboard
val name: Output<String>

Name of the resource. ame is the full resource name so projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} rule should match the pattern: (^a-z?$).

Link copied to clipboard
val priority: Output<Int>

Priority of the rule. Lower number corresponds to higher precedence.

Link copied to clipboard
val project: Output<String>

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val selfLink: Output<String>

Server-defined URL of this resource.

Link copied to clipboard
val sessionMatcher: Output<String>

CEL expression for matching on session criteria.

Link copied to clipboard
val tlsInspectionEnabled: Output<Boolean>?

Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.

Link copied to clipboard
val updateTime: Output<String>

The timestamp when the resource was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

Link copied to clipboard
val urn: Output<String>