pulumi-gcp-kotlin/com.pulumi.gcp.compute.kotlin.inputs/NetworkFirewallPolicyWithRulesRuleMatchArgs

NetworkFirewallPolicyWithRulesRuleMatchArgs

data class NetworkFirewallPolicyWithRulesRuleMatchArgs(val destAddressGroups: Output<List<String>>? = null, val destFqdns: Output<List<String>>? = null, val destIpRanges: Output<List<String>>? = null, val destNetworkScope: Output<String>? = null, val destRegionCodes: Output<List<String>>? = null, val destThreatIntelligences: Output<List<String>>? = null, val layer4Configs: Output<List<NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs>>, val srcAddressGroups: Output<List<String>>? = null, val srcFqdns: Output<List<String>>? = null, val srcIpRanges: Output<List<String>>? = null, val srcNetworkScope: Output<String>? = null, val srcNetworks: Output<List<String>>? = null, val srcRegionCodes: Output<List<String>>? = null, val srcSecureTags: Output<List<NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs>>? = null, val srcThreatIntelligences: Output<List<String>>? = null) : ConvertibleToJava<NetworkFirewallPolicyWithRulesRuleMatchArgs>

Constructors

constructor(destAddressGroups: Output<List<String>>? = null, destFqdns: Output<List<String>>? = null, destIpRanges: Output<List<String>>? = null, destNetworkScope: Output<String>? = null, destRegionCodes: Output<List<String>>? = null, destThreatIntelligences: Output<List<String>>? = null, layer4Configs: Output<List<NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs>>, srcAddressGroups: Output<List<String>>? = null, srcFqdns: Output<List<String>>? = null, srcIpRanges: Output<List<String>>? = null, srcNetworkScope: Output<String>? = null, srcNetworks: Output<List<String>>? = null, srcRegionCodes: Output<List<String>>? = null, srcSecureTags: Output<List<NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs>>? = null, srcThreatIntelligences: Output<List<String>>? = null)

Properties

Link copied to clipboard
val destAddressGroups: Output<List<String>>? = null

Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10.

Link copied to clipboard
val destFqdns: Output<List<String>>? = null

Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100.

Link copied to clipboard
val destIpRanges: Output<List<String>>? = null

Destination IP address range in CIDR format. Required for EGRESS rules.

Link copied to clipboard
val destNetworkScope: Output<String>? = null

Network scope of the traffic destination. Possible values are: INTERNET, INTRA_VPC, NON_INTERNET, VPC_NETWORKS.

Link copied to clipboard
val destRegionCodes: Output<List<String>>? = null

Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of destination region codes allowed is 5000.

Link copied to clipboard
val destThreatIntelligences: Output<List<String>>? = null

Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination.

Link copied to clipboard
val layer4Configs: Output<List<NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs>>

Pairs of IP protocols and ports that the rule should match. Structure is documented below.

Link copied to clipboard
val srcAddressGroups: Output<List<String>>? = null

Address groups which should be matched against the traffic source. Maximum number of source address groups is 10.

Link copied to clipboard
val srcFqdns: Output<List<String>>? = null

Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100.

Link copied to clipboard
val srcIpRanges: Output<List<String>>? = null

Source IP address range in CIDR format. Required for INGRESS rules.

Link copied to clipboard
val srcNetworks: Output<List<String>>? = null

Networks of the traffic source. It can be either a full or partial url.

Link copied to clipboard
val srcNetworkScope: Output<String>? = null

Network scope of the traffic source. Possible values are: INTERNET, INTRA_VPC, NON_INTERNET, VPC_NETWORKS.

Link copied to clipboard
val srcRegionCodes: Output<List<String>>? = null

Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000.

Link copied to clipboard
val srcSecureTags: Output<List<NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs>>? = null

List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. Structure is documented below. The layer4_config block supports:

Link copied to clipboard
val srcThreatIntelligences: Output<List<String>>? = null

Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source.

Functions

Link copied to clipboard
open override fun toJava(): NetworkFirewallPolicyWithRulesRuleMatchArgs