Security
data class SecurityProfileArgs(val customInterceptProfile: Output<SecurityProfileCustomInterceptProfileArgs>? = null, val customMirroringProfile: Output<SecurityProfileCustomMirroringProfileArgs>? = null, val description: Output<String>? = null, val labels: Output<Map<String, String>>? = null, val location: Output<String>? = null, val name: Output<String>? = null, val parent: Output<String>? = null, val threatPreventionProfile: Output<SecurityProfileThreatPreventionProfileArgs>? = null, val type: Output<String>? = null) : ConvertibleToJava<SecurityProfileArgs>
A security profile defines the behavior associated to a profile type. To get more information about SecurityProfile, see:
How-to Guides
Example Usage
Network Security Security Profile Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.networksecurity.SecurityProfile("default", {
name: "my-security-profile",
parent: "organizations/123456789",
description: "my description",
type: "THREAT_PREVENTION",
labels: {
foo: "bar",
},
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
default = gcp.networksecurity.SecurityProfile("default",
name="my-security-profile",
parent="organizations/123456789",
description="my description",
type="THREAT_PREVENTION",
labels={
"foo": "bar",
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.NetworkSecurity.SecurityProfile("default", new()
{
Name = "my-security-profile",
Parent = "organizations/123456789",
Description = "my description",
Type = "THREAT_PREVENTION",
Labels =
{
{ "foo", "bar" },
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
Name: pulumi.String("my-security-profile"),
Parent: pulumi.String("organizations/123456789"),
Description: pulumi.String("my description"),
Type: pulumi.String("THREAT_PREVENTION"),
Labels: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.SecurityProfile;
import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new SecurityProfile("default", SecurityProfileArgs.builder()
.name("my-security-profile")
.parent("organizations/123456789")
.description("my description")
.type("THREAT_PREVENTION")
.labels(Map.of("foo", "bar"))
.build());
}
}Content copied to clipboard
resources:
default:
type: gcp:networksecurity:SecurityProfile
properties:
name: my-security-profile
parent: organizations/123456789
description: my description
type: THREAT_PREVENTION
labels:
foo: barContent copied to clipboard
Network Security Security Profile Overrides
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.networksecurity.SecurityProfile("default", {
name: "my-security-profile",
parent: "organizations/123456789",
description: "my description",
type: "THREAT_PREVENTION",
threatPreventionProfile: {
severityOverrides: [
{
action: "ALLOW",
severity: "INFORMATIONAL",
},
{
action: "DENY",
severity: "HIGH",
},
],
threatOverrides: [{
action: "ALLOW",
threatId: "280647",
}],
antivirusOverrides: [{
protocol: "SMTP",
action: "ALLOW",
}],
},
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
default = gcp.networksecurity.SecurityProfile("default",
name="my-security-profile",
parent="organizations/123456789",
description="my description",
type="THREAT_PREVENTION",
threat_prevention_profile={
"severity_overrides": [
{
"action": "ALLOW",
"severity": "INFORMATIONAL",
},
{
"action": "DENY",
"severity": "HIGH",
},
],
"threat_overrides": [{
"action": "ALLOW",
"threat_id": "280647",
}],
"antivirus_overrides": [{
"protocol": "SMTP",
"action": "ALLOW",
}],
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.NetworkSecurity.SecurityProfile("default", new()
{
Name = "my-security-profile",
Parent = "organizations/123456789",
Description = "my description",
Type = "THREAT_PREVENTION",
ThreatPreventionProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileArgs
{
SeverityOverrides = new[]
{
new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileSeverityOverrideArgs
{
Action = "ALLOW",
Severity = "INFORMATIONAL",
},
new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileSeverityOverrideArgs
{
Action = "DENY",
Severity = "HIGH",
},
},
ThreatOverrides = new[]
{
new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileThreatOverrideArgs
{
Action = "ALLOW",
ThreatId = "280647",
},
},
AntivirusOverrides = new[]
{
new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileAntivirusOverrideArgs
{
Protocol = "SMTP",
Action = "ALLOW",
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
Name: pulumi.String("my-security-profile"),
Parent: pulumi.String("organizations/123456789"),
Description: pulumi.String("my description"),
Type: pulumi.String("THREAT_PREVENTION"),
ThreatPreventionProfile: &networksecurity.SecurityProfileThreatPreventionProfileArgs{
SeverityOverrides: networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArray{
&networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{
Action: pulumi.String("ALLOW"),
Severity: pulumi.String("INFORMATIONAL"),
},
&networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{
Action: pulumi.String("DENY"),
Severity: pulumi.String("HIGH"),
},
},
ThreatOverrides: networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArray{
&networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArgs{
Action: pulumi.String("ALLOW"),
ThreatId: pulumi.String("280647"),
},
},
AntivirusOverrides: networksecurity.SecurityProfileThreatPreventionProfileAntivirusOverrideArray{
&networksecurity.SecurityProfileThreatPreventionProfileAntivirusOverrideArgs{
Protocol: pulumi.String("SMTP"),
Action: pulumi.String("ALLOW"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.SecurityProfile;
import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
import com.pulumi.gcp.networksecurity.inputs.SecurityProfileThreatPreventionProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new SecurityProfile("default", SecurityProfileArgs.builder()
.name("my-security-profile")
.parent("organizations/123456789")
.description("my description")
.type("THREAT_PREVENTION")
.threatPreventionProfile(SecurityProfileThreatPreventionProfileArgs.builder()
.severityOverrides(
SecurityProfileThreatPreventionProfileSeverityOverrideArgs.builder()
.action("ALLOW")
.severity("INFORMATIONAL")
.build(),
SecurityProfileThreatPreventionProfileSeverityOverrideArgs.builder()
.action("DENY")
.severity("HIGH")
.build())
.threatOverrides(SecurityProfileThreatPreventionProfileThreatOverrideArgs.builder()
.action("ALLOW")
.threatId("280647")
.build())
.antivirusOverrides(SecurityProfileThreatPreventionProfileAntivirusOverrideArgs.builder()
.protocol("SMTP")
.action("ALLOW")
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
default:
type: gcp:networksecurity:SecurityProfile
properties:
name: my-security-profile
parent: organizations/123456789
description: my description
type: THREAT_PREVENTION
threatPreventionProfile:
severityOverrides:
- action: ALLOW
severity: INFORMATIONAL
- action: DENY
severity: HIGH
threatOverrides:
- action: ALLOW
threatId: '280647'
antivirusOverrides:
- protocol: SMTP
action: ALLOWContent copied to clipboard
Network Security Security Profile Mirroring
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.compute.Network("default", {
name: "my-network",
autoCreateSubnetworks: false,
});
const defaultMirroringDeploymentGroup = new gcp.networksecurity.MirroringDeploymentGroup("default", {
mirroringDeploymentGroupId: "my-dg",
location: "global",
network: _default.id,
});
const defaultMirroringEndpointGroup = new gcp.networksecurity.MirroringEndpointGroup("default", {
mirroringEndpointGroupId: "my-eg",
location: "global",
mirroringDeploymentGroup: defaultMirroringDeploymentGroup.id,
});
const defaultSecurityProfile = new gcp.networksecurity.SecurityProfile("default", {
name: "my-security-profile",
parent: "organizations/123456789",
description: "my description",
type: "CUSTOM_MIRRORING",
customMirroringProfile: {
mirroringEndpointGroup: defaultMirroringEndpointGroup.id,
},
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
default = gcp.compute.Network("default",
name="my-network",
auto_create_subnetworks=False)
default_mirroring_deployment_group = gcp.networksecurity.MirroringDeploymentGroup("default",
mirroring_deployment_group_id="my-dg",
location="global",
network=default.id)
default_mirroring_endpoint_group = gcp.networksecurity.MirroringEndpointGroup("default",
mirroring_endpoint_group_id="my-eg",
location="global",
mirroring_deployment_group=default_mirroring_deployment_group.id)
default_security_profile = gcp.networksecurity.SecurityProfile("default",
name="my-security-profile",
parent="organizations/123456789",
description="my description",
type="CUSTOM_MIRRORING",
custom_mirroring_profile={
"mirroring_endpoint_group": default_mirroring_endpoint_group.id,
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.Compute.Network("default", new()
{
Name = "my-network",
AutoCreateSubnetworks = false,
});
var defaultMirroringDeploymentGroup = new Gcp.NetworkSecurity.MirroringDeploymentGroup("default", new()
{
MirroringDeploymentGroupId = "my-dg",
Location = "global",
Network = @default.Id,
});
var defaultMirroringEndpointGroup = new Gcp.NetworkSecurity.MirroringEndpointGroup("default", new()
{
MirroringEndpointGroupId = "my-eg",
Location = "global",
MirroringDeploymentGroup = defaultMirroringDeploymentGroup.Id,
});
var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile("default", new()
{
Name = "my-security-profile",
Parent = "organizations/123456789",
Description = "my description",
Type = "CUSTOM_MIRRORING",
CustomMirroringProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomMirroringProfileArgs
{
MirroringEndpointGroup = defaultMirroringEndpointGroup.Id,
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_default, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
Name: pulumi.String("my-network"),
AutoCreateSubnetworks: pulumi.Bool(false),
})
if err != nil {
return err
}
defaultMirroringDeploymentGroup, err := networksecurity.NewMirroringDeploymentGroup(ctx, "default", &networksecurity.MirroringDeploymentGroupArgs{
MirroringDeploymentGroupId: pulumi.String("my-dg"),
Location: pulumi.String("global"),
Network: _default.ID(),
})
if err != nil {
return err
}
defaultMirroringEndpointGroup, err := networksecurity.NewMirroringEndpointGroup(ctx, "default", &networksecurity.MirroringEndpointGroupArgs{
MirroringEndpointGroupId: pulumi.String("my-eg"),
Location: pulumi.String("global"),
MirroringDeploymentGroup: defaultMirroringDeploymentGroup.ID(),
})
if err != nil {
return err
}
_, err = networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
Name: pulumi.String("my-security-profile"),
Parent: pulumi.String("organizations/123456789"),
Description: pulumi.String("my description"),
Type: pulumi.String("CUSTOM_MIRRORING"),
CustomMirroringProfile: &networksecurity.SecurityProfileCustomMirroringProfileArgs{
MirroringEndpointGroup: defaultMirroringEndpointGroup.ID(),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.networksecurity.MirroringDeploymentGroup;
import com.pulumi.gcp.networksecurity.MirroringDeploymentGroupArgs;
import com.pulumi.gcp.networksecurity.MirroringEndpointGroup;
import com.pulumi.gcp.networksecurity.MirroringEndpointGroupArgs;
import com.pulumi.gcp.networksecurity.SecurityProfile;
import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomMirroringProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Network("default", NetworkArgs.builder()
.name("my-network")
.autoCreateSubnetworks(false)
.build());
var defaultMirroringDeploymentGroup = new MirroringDeploymentGroup("defaultMirroringDeploymentGroup", MirroringDeploymentGroupArgs.builder()
.mirroringDeploymentGroupId("my-dg")
.location("global")
.network(default_.id())
.build());
var defaultMirroringEndpointGroup = new MirroringEndpointGroup("defaultMirroringEndpointGroup", MirroringEndpointGroupArgs.builder()
.mirroringEndpointGroupId("my-eg")
.location("global")
.mirroringDeploymentGroup(defaultMirroringDeploymentGroup.id())
.build());
var defaultSecurityProfile = new SecurityProfile("defaultSecurityProfile", SecurityProfileArgs.builder()
.name("my-security-profile")
.parent("organizations/123456789")
.description("my description")
.type("CUSTOM_MIRRORING")
.customMirroringProfile(SecurityProfileCustomMirroringProfileArgs.builder()
.mirroringEndpointGroup(defaultMirroringEndpointGroup.id())
.build())
.build());
}
}Content copied to clipboard
resources:
default:
type: gcp:compute:Network
properties:
name: my-network
autoCreateSubnetworks: false
defaultMirroringDeploymentGroup:
type: gcp:networksecurity:MirroringDeploymentGroup
name: default
properties:
mirroringDeploymentGroupId: my-dg
location: global
network: ${default.id}
defaultMirroringEndpointGroup:
type: gcp:networksecurity:MirroringEndpointGroup
name: default
properties:
mirroringEndpointGroupId: my-eg
location: global
mirroringDeploymentGroup: ${defaultMirroringDeploymentGroup.id}
defaultSecurityProfile:
type: gcp:networksecurity:SecurityProfile
name: default
properties:
name: my-security-profile
parent: organizations/123456789
description: my description
type: CUSTOM_MIRRORING
customMirroringProfile:
mirroringEndpointGroup: ${defaultMirroringEndpointGroup.id}Content copied to clipboard
Network Security Security Profile Intercept
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.compute.Network("default", {
name: "my-network",
autoCreateSubnetworks: false,
});
const defaultInterceptDeploymentGroup = new gcp.networksecurity.InterceptDeploymentGroup("default", {
interceptDeploymentGroupId: "my-dg",
location: "global",
network: _default.id,
});
const defaultInterceptEndpointGroup = new gcp.networksecurity.InterceptEndpointGroup("default", {
interceptEndpointGroupId: "my-eg",
location: "global",
interceptDeploymentGroup: defaultInterceptDeploymentGroup.id,
});
const defaultSecurityProfile = new gcp.networksecurity.SecurityProfile("default", {
name: "my-security-profile",
parent: "organizations/123456789",
description: "my description",
type: "CUSTOM_INTERCEPT",
customInterceptProfile: {
interceptEndpointGroup: defaultInterceptEndpointGroup.id,
},
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
default = gcp.compute.Network("default",
name="my-network",
auto_create_subnetworks=False)
default_intercept_deployment_group = gcp.networksecurity.InterceptDeploymentGroup("default",
intercept_deployment_group_id="my-dg",
location="global",
network=default.id)
default_intercept_endpoint_group = gcp.networksecurity.InterceptEndpointGroup("default",
intercept_endpoint_group_id="my-eg",
location="global",
intercept_deployment_group=default_intercept_deployment_group.id)
default_security_profile = gcp.networksecurity.SecurityProfile("default",
name="my-security-profile",
parent="organizations/123456789",
description="my description",
type="CUSTOM_INTERCEPT",
custom_intercept_profile={
"intercept_endpoint_group": default_intercept_endpoint_group.id,
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.Compute.Network("default", new()
{
Name = "my-network",
AutoCreateSubnetworks = false,
});
var defaultInterceptDeploymentGroup = new Gcp.NetworkSecurity.InterceptDeploymentGroup("default", new()
{
InterceptDeploymentGroupId = "my-dg",
Location = "global",
Network = @default.Id,
});
var defaultInterceptEndpointGroup = new Gcp.NetworkSecurity.InterceptEndpointGroup("default", new()
{
InterceptEndpointGroupId = "my-eg",
Location = "global",
InterceptDeploymentGroup = defaultInterceptDeploymentGroup.Id,
});
var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile("default", new()
{
Name = "my-security-profile",
Parent = "organizations/123456789",
Description = "my description",
Type = "CUSTOM_INTERCEPT",
CustomInterceptProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomInterceptProfileArgs
{
InterceptEndpointGroup = defaultInterceptEndpointGroup.Id,
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_default, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
Name: pulumi.String("my-network"),
AutoCreateSubnetworks: pulumi.Bool(false),
})
if err != nil {
return err
}
defaultInterceptDeploymentGroup, err := networksecurity.NewInterceptDeploymentGroup(ctx, "default", &networksecurity.InterceptDeploymentGroupArgs{
InterceptDeploymentGroupId: pulumi.String("my-dg"),
Location: pulumi.String("global"),
Network: _default.ID(),
})
if err != nil {
return err
}
defaultInterceptEndpointGroup, err := networksecurity.NewInterceptEndpointGroup(ctx, "default", &networksecurity.InterceptEndpointGroupArgs{
InterceptEndpointGroupId: pulumi.String("my-eg"),
Location: pulumi.String("global"),
InterceptDeploymentGroup: defaultInterceptDeploymentGroup.ID(),
})
if err != nil {
return err
}
_, err = networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
Name: pulumi.String("my-security-profile"),
Parent: pulumi.String("organizations/123456789"),
Description: pulumi.String("my description"),
Type: pulumi.String("CUSTOM_INTERCEPT"),
CustomInterceptProfile: &networksecurity.SecurityProfileCustomInterceptProfileArgs{
InterceptEndpointGroup: defaultInterceptEndpointGroup.ID(),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.networksecurity.InterceptDeploymentGroup;
import com.pulumi.gcp.networksecurity.InterceptDeploymentGroupArgs;
import com.pulumi.gcp.networksecurity.InterceptEndpointGroup;
import com.pulumi.gcp.networksecurity.InterceptEndpointGroupArgs;
import com.pulumi.gcp.networksecurity.SecurityProfile;
import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomInterceptProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Network("default", NetworkArgs.builder()
.name("my-network")
.autoCreateSubnetworks(false)
.build());
var defaultInterceptDeploymentGroup = new InterceptDeploymentGroup("defaultInterceptDeploymentGroup", InterceptDeploymentGroupArgs.builder()
.interceptDeploymentGroupId("my-dg")
.location("global")
.network(default_.id())
.build());
var defaultInterceptEndpointGroup = new InterceptEndpointGroup("defaultInterceptEndpointGroup", InterceptEndpointGroupArgs.builder()
.interceptEndpointGroupId("my-eg")
.location("global")
.interceptDeploymentGroup(defaultInterceptDeploymentGroup.id())
.build());
var defaultSecurityProfile = new SecurityProfile("defaultSecurityProfile", SecurityProfileArgs.builder()
.name("my-security-profile")
.parent("organizations/123456789")
.description("my description")
.type("CUSTOM_INTERCEPT")
.customInterceptProfile(SecurityProfileCustomInterceptProfileArgs.builder()
.interceptEndpointGroup(defaultInterceptEndpointGroup.id())
.build())
.build());
}
}Content copied to clipboard
resources:
default:
type: gcp:compute:Network
properties:
name: my-network
autoCreateSubnetworks: false
defaultInterceptDeploymentGroup:
type: gcp:networksecurity:InterceptDeploymentGroup
name: default
properties:
interceptDeploymentGroupId: my-dg
location: global
network: ${default.id}
defaultInterceptEndpointGroup:
type: gcp:networksecurity:InterceptEndpointGroup
name: default
properties:
interceptEndpointGroupId: my-eg
location: global
interceptDeploymentGroup: ${defaultInterceptDeploymentGroup.id}
defaultSecurityProfile:
type: gcp:networksecurity:SecurityProfile
name: default
properties:
name: my-security-profile
parent: organizations/123456789
description: my description
type: CUSTOM_INTERCEPT
customInterceptProfile:
interceptEndpointGroup: ${defaultInterceptEndpointGroup.id}Content copied to clipboard
Import
SecurityProfile can be imported using any of these accepted formats:
{{parent}}/locations/{{location}}/securityProfiles/{{name}}When using thepulumi importcommand, SecurityProfile can be imported using one of the formats above. For example:
$ pulumi import gcp:networksecurity/securityProfile:SecurityProfile default {{parent}}/locations/{{location}}/securityProfiles/{{name}}Content copied to clipboard
Constructors
Link copied to clipboard
constructor(customInterceptProfile: Output<SecurityProfileCustomInterceptProfileArgs>? = null, customMirroringProfile: Output<SecurityProfileCustomMirroringProfileArgs>? = null, description: Output<String>? = null, labels: Output<Map<String, String>>? = null, location: Output<String>? = null, name: Output<String>? = null, parent: Output<String>? = null, threatPreventionProfile: Output<SecurityProfileThreatPreventionProfileArgs>? = null, type: Output<String>? = null)
Properties
Link copied to clipboard
The configuration for defining the Intercept Endpoint Group used to intercept traffic to third-party firewall appliances. Structure is documented below.
Link copied to clipboard
The configuration for defining the Mirroring Endpoint Group used to mirror traffic to third-party collectors. Structure is documented below.
Link copied to clipboard
An optional description of the security profile. The Max length is 512 characters.
Link copied to clipboard
Link copied to clipboard
The threat prevention configuration for the security profile. Structure is documented below.