pulumi-gcp-kotlin/com.pulumi.gcp.networksecurity.kotlin/SecurityProfile

SecurityProfile

class SecurityProfile : KotlinCustomResource

A security profile defines the behavior associated to a profile type. To get more information about SecurityProfile, see:

Example Usage

Network Security Security Profile Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.networksecurity.SecurityProfile("default", {
    name: "my-security-profile",
    parent: "organizations/123456789",
    description: "my description",
    type: "THREAT_PREVENTION",
    labels: {
        foo: "bar",
    },
});
Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
default = gcp.networksecurity.SecurityProfile("default",
    name="my-security-profile",
    parent="organizations/123456789",
    description="my description",
    type="THREAT_PREVENTION",
    labels={
        "foo": "bar",
    })
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
    var @default = new Gcp.NetworkSecurity.SecurityProfile("default", new()
    {
        Name = "my-security-profile",
        Parent = "organizations/123456789",
        Description = "my description",
        Type = "THREAT_PREVENTION",
        Labels =
        {
            { "foo", "bar" },
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
			Name:        pulumi.String("my-security-profile"),
			Parent:      pulumi.String("organizations/123456789"),
			Description: pulumi.String("my description"),
			Type:        pulumi.String("THREAT_PREVENTION"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.SecurityProfile;
import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var default_ = new SecurityProfile("default", SecurityProfileArgs.builder()
            .name("my-security-profile")
            .parent("organizations/123456789")
            .description("my description")
            .type("THREAT_PREVENTION")
            .labels(Map.of("foo", "bar"))
            .build());
    }
}
Content copied to clipboard
resources:
  default:
    type: gcp:networksecurity:SecurityProfile
    properties:
      name: my-security-profile
      parent: organizations/123456789
      description: my description
      type: THREAT_PREVENTION
      labels:
        foo: bar
Content copied to clipboard

Network Security Security Profile Overrides

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.networksecurity.SecurityProfile("default", {
    name: "my-security-profile",
    parent: "organizations/123456789",
    description: "my description",
    type: "THREAT_PREVENTION",
    threatPreventionProfile: {
        severityOverrides: [
            {
                action: "ALLOW",
                severity: "INFORMATIONAL",
            },
            {
                action: "DENY",
                severity: "HIGH",
            },
        ],
        threatOverrides: [{
            action: "ALLOW",
            threatId: "280647",
        }],
        antivirusOverrides: [{
            protocol: "SMTP",
            action: "ALLOW",
        }],
    },
});
Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
default = gcp.networksecurity.SecurityProfile("default",
    name="my-security-profile",
    parent="organizations/123456789",
    description="my description",
    type="THREAT_PREVENTION",
    threat_prevention_profile={
        "severity_overrides": [
            {
                "action": "ALLOW",
                "severity": "INFORMATIONAL",
            },
            {
                "action": "DENY",
                "severity": "HIGH",
            },
        ],
        "threat_overrides": [{
            "action": "ALLOW",
            "threat_id": "280647",
        }],
        "antivirus_overrides": [{
            "protocol": "SMTP",
            "action": "ALLOW",
        }],
    })
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
    var @default = new Gcp.NetworkSecurity.SecurityProfile("default", new()
    {
        Name = "my-security-profile",
        Parent = "organizations/123456789",
        Description = "my description",
        Type = "THREAT_PREVENTION",
        ThreatPreventionProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileArgs
        {
            SeverityOverrides = new[]
            {
                new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileSeverityOverrideArgs
                {
                    Action = "ALLOW",
                    Severity = "INFORMATIONAL",
                },
                new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileSeverityOverrideArgs
                {
                    Action = "DENY",
                    Severity = "HIGH",
                },
            },
            ThreatOverrides = new[]
            {
                new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileThreatOverrideArgs
                {
                    Action = "ALLOW",
                    ThreatId = "280647",
                },
            },
            AntivirusOverrides = new[]
            {
                new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileAntivirusOverrideArgs
                {
                    Protocol = "SMTP",
                    Action = "ALLOW",
                },
            },
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
			Name:        pulumi.String("my-security-profile"),
			Parent:      pulumi.String("organizations/123456789"),
			Description: pulumi.String("my description"),
			Type:        pulumi.String("THREAT_PREVENTION"),
			ThreatPreventionProfile: &networksecurity.SecurityProfileThreatPreventionProfileArgs{
				SeverityOverrides: networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArray{
					&networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{
						Action:   pulumi.String("ALLOW"),
						Severity: pulumi.String("INFORMATIONAL"),
					},
					&networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{
						Action:   pulumi.String("DENY"),
						Severity: pulumi.String("HIGH"),
					},
				},
				ThreatOverrides: networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArray{
					&networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArgs{
						Action:   pulumi.String("ALLOW"),
						ThreatId: pulumi.String("280647"),
					},
				},
				AntivirusOverrides: networksecurity.SecurityProfileThreatPreventionProfileAntivirusOverrideArray{
					&networksecurity.SecurityProfileThreatPreventionProfileAntivirusOverrideArgs{
						Protocol: pulumi.String("SMTP"),
						Action:   pulumi.String("ALLOW"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.SecurityProfile;
import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
import com.pulumi.gcp.networksecurity.inputs.SecurityProfileThreatPreventionProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var default_ = new SecurityProfile("default", SecurityProfileArgs.builder()
            .name("my-security-profile")
            .parent("organizations/123456789")
            .description("my description")
            .type("THREAT_PREVENTION")
            .threatPreventionProfile(SecurityProfileThreatPreventionProfileArgs.builder()
                .severityOverrides(
                    SecurityProfileThreatPreventionProfileSeverityOverrideArgs.builder()
                        .action("ALLOW")
                        .severity("INFORMATIONAL")
                        .build(),
                    SecurityProfileThreatPreventionProfileSeverityOverrideArgs.builder()
                        .action("DENY")
                        .severity("HIGH")
                        .build())
                .threatOverrides(SecurityProfileThreatPreventionProfileThreatOverrideArgs.builder()
                    .action("ALLOW")
                    .threatId("280647")
                    .build())
                .antivirusOverrides(SecurityProfileThreatPreventionProfileAntivirusOverrideArgs.builder()
                    .protocol("SMTP")
                    .action("ALLOW")
                    .build())
                .build())
            .build());
    }
}
Content copied to clipboard
resources:
  default:
    type: gcp:networksecurity:SecurityProfile
    properties:
      name: my-security-profile
      parent: organizations/123456789
      description: my description
      type: THREAT_PREVENTION
      threatPreventionProfile:
        severityOverrides:
          - action: ALLOW
            severity: INFORMATIONAL
          - action: DENY
            severity: HIGH
        threatOverrides:
          - action: ALLOW
            threatId: '280647'
        antivirusOverrides:
          - protocol: SMTP
            action: ALLOW
Content copied to clipboard

Network Security Security Profile Mirroring

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.compute.Network("default", {
    name: "my-network",
    autoCreateSubnetworks: false,
});
const defaultMirroringDeploymentGroup = new gcp.networksecurity.MirroringDeploymentGroup("default", {
    mirroringDeploymentGroupId: "my-dg",
    location: "global",
    network: _default.id,
});
const defaultMirroringEndpointGroup = new gcp.networksecurity.MirroringEndpointGroup("default", {
    mirroringEndpointGroupId: "my-eg",
    location: "global",
    mirroringDeploymentGroup: defaultMirroringDeploymentGroup.id,
});
const defaultSecurityProfile = new gcp.networksecurity.SecurityProfile("default", {
    name: "my-security-profile",
    parent: "organizations/123456789",
    description: "my description",
    type: "CUSTOM_MIRRORING",
    customMirroringProfile: {
        mirroringEndpointGroup: defaultMirroringEndpointGroup.id,
    },
});
Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
default = gcp.compute.Network("default",
    name="my-network",
    auto_create_subnetworks=False)
default_mirroring_deployment_group = gcp.networksecurity.MirroringDeploymentGroup("default",
    mirroring_deployment_group_id="my-dg",
    location="global",
    network=default.id)
default_mirroring_endpoint_group = gcp.networksecurity.MirroringEndpointGroup("default",
    mirroring_endpoint_group_id="my-eg",
    location="global",
    mirroring_deployment_group=default_mirroring_deployment_group.id)
default_security_profile = gcp.networksecurity.SecurityProfile("default",
    name="my-security-profile",
    parent="organizations/123456789",
    description="my description",
    type="CUSTOM_MIRRORING",
    custom_mirroring_profile={
        "mirroring_endpoint_group": default_mirroring_endpoint_group.id,
    })
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
    var @default = new Gcp.Compute.Network("default", new()
    {
        Name = "my-network",
        AutoCreateSubnetworks = false,
    });
    var defaultMirroringDeploymentGroup = new Gcp.NetworkSecurity.MirroringDeploymentGroup("default", new()
    {
        MirroringDeploymentGroupId = "my-dg",
        Location = "global",
        Network = @default.Id,
    });
    var defaultMirroringEndpointGroup = new Gcp.NetworkSecurity.MirroringEndpointGroup("default", new()
    {
        MirroringEndpointGroupId = "my-eg",
        Location = "global",
        MirroringDeploymentGroup = defaultMirroringDeploymentGroup.Id,
    });
    var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile("default", new()
    {
        Name = "my-security-profile",
        Parent = "organizations/123456789",
        Description = "my description",
        Type = "CUSTOM_MIRRORING",
        CustomMirroringProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomMirroringProfileArgs
        {
            MirroringEndpointGroup = defaultMirroringEndpointGroup.Id,
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_default, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
			Name:                  pulumi.String("my-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		defaultMirroringDeploymentGroup, err := networksecurity.NewMirroringDeploymentGroup(ctx, "default", &networksecurity.MirroringDeploymentGroupArgs{
			MirroringDeploymentGroupId: pulumi.String("my-dg"),
			Location:                   pulumi.String("global"),
			Network:                    _default.ID(),
		})
		if err != nil {
			return err
		}
		defaultMirroringEndpointGroup, err := networksecurity.NewMirroringEndpointGroup(ctx, "default", &networksecurity.MirroringEndpointGroupArgs{
			MirroringEndpointGroupId: pulumi.String("my-eg"),
			Location:                 pulumi.String("global"),
			MirroringDeploymentGroup: defaultMirroringDeploymentGroup.ID(),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
			Name:        pulumi.String("my-security-profile"),
			Parent:      pulumi.String("organizations/123456789"),
			Description: pulumi.String("my description"),
			Type:        pulumi.String("CUSTOM_MIRRORING"),
			CustomMirroringProfile: &networksecurity.SecurityProfileCustomMirroringProfileArgs{
				MirroringEndpointGroup: defaultMirroringEndpointGroup.ID(),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.networksecurity.MirroringDeploymentGroup;
import com.pulumi.gcp.networksecurity.MirroringDeploymentGroupArgs;
import com.pulumi.gcp.networksecurity.MirroringEndpointGroup;
import com.pulumi.gcp.networksecurity.MirroringEndpointGroupArgs;
import com.pulumi.gcp.networksecurity.SecurityProfile;
import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomMirroringProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var default_ = new Network("default", NetworkArgs.builder()
            .name("my-network")
            .autoCreateSubnetworks(false)
            .build());
        var defaultMirroringDeploymentGroup = new MirroringDeploymentGroup("defaultMirroringDeploymentGroup", MirroringDeploymentGroupArgs.builder()
            .mirroringDeploymentGroupId("my-dg")
            .location("global")
            .network(default_.id())
            .build());
        var defaultMirroringEndpointGroup = new MirroringEndpointGroup("defaultMirroringEndpointGroup", MirroringEndpointGroupArgs.builder()
            .mirroringEndpointGroupId("my-eg")
            .location("global")
            .mirroringDeploymentGroup(defaultMirroringDeploymentGroup.id())
            .build());
        var defaultSecurityProfile = new SecurityProfile("defaultSecurityProfile", SecurityProfileArgs.builder()
            .name("my-security-profile")
            .parent("organizations/123456789")
            .description("my description")
            .type("CUSTOM_MIRRORING")
            .customMirroringProfile(SecurityProfileCustomMirroringProfileArgs.builder()
                .mirroringEndpointGroup(defaultMirroringEndpointGroup.id())
                .build())
            .build());
    }
}
Content copied to clipboard
resources:
  default:
    type: gcp:compute:Network
    properties:
      name: my-network
      autoCreateSubnetworks: false
  defaultMirroringDeploymentGroup:
    type: gcp:networksecurity:MirroringDeploymentGroup
    name: default
    properties:
      mirroringDeploymentGroupId: my-dg
      location: global
      network: ${default.id}
  defaultMirroringEndpointGroup:
    type: gcp:networksecurity:MirroringEndpointGroup
    name: default
    properties:
      mirroringEndpointGroupId: my-eg
      location: global
      mirroringDeploymentGroup: ${defaultMirroringDeploymentGroup.id}
  defaultSecurityProfile:
    type: gcp:networksecurity:SecurityProfile
    name: default
    properties:
      name: my-security-profile
      parent: organizations/123456789
      description: my description
      type: CUSTOM_MIRRORING
      customMirroringProfile:
        mirroringEndpointGroup: ${defaultMirroringEndpointGroup.id}
Content copied to clipboard

Network Security Security Profile Intercept

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.compute.Network("default", {
    name: "my-network",
    autoCreateSubnetworks: false,
});
const defaultInterceptDeploymentGroup = new gcp.networksecurity.InterceptDeploymentGroup("default", {
    interceptDeploymentGroupId: "my-dg",
    location: "global",
    network: _default.id,
});
const defaultInterceptEndpointGroup = new gcp.networksecurity.InterceptEndpointGroup("default", {
    interceptEndpointGroupId: "my-eg",
    location: "global",
    interceptDeploymentGroup: defaultInterceptDeploymentGroup.id,
});
const defaultSecurityProfile = new gcp.networksecurity.SecurityProfile("default", {
    name: "my-security-profile",
    parent: "organizations/123456789",
    description: "my description",
    type: "CUSTOM_INTERCEPT",
    customInterceptProfile: {
        interceptEndpointGroup: defaultInterceptEndpointGroup.id,
    },
});
Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
default = gcp.compute.Network("default",
    name="my-network",
    auto_create_subnetworks=False)
default_intercept_deployment_group = gcp.networksecurity.InterceptDeploymentGroup("default",
    intercept_deployment_group_id="my-dg",
    location="global",
    network=default.id)
default_intercept_endpoint_group = gcp.networksecurity.InterceptEndpointGroup("default",
    intercept_endpoint_group_id="my-eg",
    location="global",
    intercept_deployment_group=default_intercept_deployment_group.id)
default_security_profile = gcp.networksecurity.SecurityProfile("default",
    name="my-security-profile",
    parent="organizations/123456789",
    description="my description",
    type="CUSTOM_INTERCEPT",
    custom_intercept_profile={
        "intercept_endpoint_group": default_intercept_endpoint_group.id,
    })
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
    var @default = new Gcp.Compute.Network("default", new()
    {
        Name = "my-network",
        AutoCreateSubnetworks = false,
    });
    var defaultInterceptDeploymentGroup = new Gcp.NetworkSecurity.InterceptDeploymentGroup("default", new()
    {
        InterceptDeploymentGroupId = "my-dg",
        Location = "global",
        Network = @default.Id,
    });
    var defaultInterceptEndpointGroup = new Gcp.NetworkSecurity.InterceptEndpointGroup("default", new()
    {
        InterceptEndpointGroupId = "my-eg",
        Location = "global",
        InterceptDeploymentGroup = defaultInterceptDeploymentGroup.Id,
    });
    var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile("default", new()
    {
        Name = "my-security-profile",
        Parent = "organizations/123456789",
        Description = "my description",
        Type = "CUSTOM_INTERCEPT",
        CustomInterceptProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomInterceptProfileArgs
        {
            InterceptEndpointGroup = defaultInterceptEndpointGroup.Id,
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_default, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{
			Name:                  pulumi.String("my-network"),
			AutoCreateSubnetworks: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		defaultInterceptDeploymentGroup, err := networksecurity.NewInterceptDeploymentGroup(ctx, "default", &networksecurity.InterceptDeploymentGroupArgs{
			InterceptDeploymentGroupId: pulumi.String("my-dg"),
			Location:                   pulumi.String("global"),
			Network:                    _default.ID(),
		})
		if err != nil {
			return err
		}
		defaultInterceptEndpointGroup, err := networksecurity.NewInterceptEndpointGroup(ctx, "default", &networksecurity.InterceptEndpointGroupArgs{
			InterceptEndpointGroupId: pulumi.String("my-eg"),
			Location:                 pulumi.String("global"),
			InterceptDeploymentGroup: defaultInterceptDeploymentGroup.ID(),
		})
		if err != nil {
			return err
		}
		_, err = networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
			Name:        pulumi.String("my-security-profile"),
			Parent:      pulumi.String("organizations/123456789"),
			Description: pulumi.String("my description"),
			Type:        pulumi.String("CUSTOM_INTERCEPT"),
			CustomInterceptProfile: &networksecurity.SecurityProfileCustomInterceptProfileArgs{
				InterceptEndpointGroup: defaultInterceptEndpointGroup.ID(),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.networksecurity.InterceptDeploymentGroup;
import com.pulumi.gcp.networksecurity.InterceptDeploymentGroupArgs;
import com.pulumi.gcp.networksecurity.InterceptEndpointGroup;
import com.pulumi.gcp.networksecurity.InterceptEndpointGroupArgs;
import com.pulumi.gcp.networksecurity.SecurityProfile;
import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomInterceptProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var default_ = new Network("default", NetworkArgs.builder()
            .name("my-network")
            .autoCreateSubnetworks(false)
            .build());
        var defaultInterceptDeploymentGroup = new InterceptDeploymentGroup("defaultInterceptDeploymentGroup", InterceptDeploymentGroupArgs.builder()
            .interceptDeploymentGroupId("my-dg")
            .location("global")
            .network(default_.id())
            .build());
        var defaultInterceptEndpointGroup = new InterceptEndpointGroup("defaultInterceptEndpointGroup", InterceptEndpointGroupArgs.builder()
            .interceptEndpointGroupId("my-eg")
            .location("global")
            .interceptDeploymentGroup(defaultInterceptDeploymentGroup.id())
            .build());
        var defaultSecurityProfile = new SecurityProfile("defaultSecurityProfile", SecurityProfileArgs.builder()
            .name("my-security-profile")
            .parent("organizations/123456789")
            .description("my description")
            .type("CUSTOM_INTERCEPT")
            .customInterceptProfile(SecurityProfileCustomInterceptProfileArgs.builder()
                .interceptEndpointGroup(defaultInterceptEndpointGroup.id())
                .build())
            .build());
    }
}
Content copied to clipboard
resources:
  default:
    type: gcp:compute:Network
    properties:
      name: my-network
      autoCreateSubnetworks: false
  defaultInterceptDeploymentGroup:
    type: gcp:networksecurity:InterceptDeploymentGroup
    name: default
    properties:
      interceptDeploymentGroupId: my-dg
      location: global
      network: ${default.id}
  defaultInterceptEndpointGroup:
    type: gcp:networksecurity:InterceptEndpointGroup
    name: default
    properties:
      interceptEndpointGroupId: my-eg
      location: global
      interceptDeploymentGroup: ${defaultInterceptDeploymentGroup.id}
  defaultSecurityProfile:
    type: gcp:networksecurity:SecurityProfile
    name: default
    properties:
      name: my-security-profile
      parent: organizations/123456789
      description: my description
      type: CUSTOM_INTERCEPT
      customInterceptProfile:
        interceptEndpointGroup: ${defaultInterceptEndpointGroup.id}
Content copied to clipboard

Import

SecurityProfile can be imported using any of these accepted formats:

  • {{parent}}/locations/{{location}}/securityProfiles/{{name}} When using the pulumi import command, SecurityProfile can be imported using one of the formats above. For example:

$ pulumi import gcp:networksecurity/securityProfile:SecurityProfile default {{parent}}/locations/{{location}}/securityProfiles/{{name}}
Content copied to clipboard

Properties

Link copied to clipboard
val createTime: Output<String>

Time the security profile was created in UTC.

Link copied to clipboard
val customInterceptProfile: Output<SecurityProfileCustomInterceptProfile>?

The configuration for defining the Intercept Endpoint Group used to intercept traffic to third-party firewall appliances. Structure is documented below.

Link copied to clipboard
val customMirroringProfile: Output<SecurityProfileCustomMirroringProfile>?

The configuration for defining the Mirroring Endpoint Group used to mirror traffic to third-party collectors. Structure is documented below.

Link copied to clipboard
val description: Output<String>?

An optional description of the security profile. The Max length is 512 characters.

Link copied to clipboard
val effectiveLabels: Output<Map<String, String>>

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

Link copied to clipboard
val etag: Output<String>

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val labels: Output<Map<String, String>>?

A map of key/value label pairs to assign to the resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

Link copied to clipboard
val location: Output<String>?

The location of the security profile. The default value is global.

Link copied to clipboard
val name: Output<String>

The name of the security profile resource.

Link copied to clipboard
val parent: Output<String>?

The name of the parent this security profile belongs to. Format: organizations/{organization_id}.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
val pulumiLabels: Output<Map<String, String>>

The combination of labels configured directly on the resource and default labels configured on the provider.

Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val selfLink: Output<String>

Server-defined URL of this resource.

Link copied to clipboard
val threatPreventionProfile: Output<SecurityProfileThreatPreventionProfile>?

The threat prevention configuration for the security profile. Structure is documented below.

Link copied to clipboard
val type: Output<String>

The type of security profile. Possible values are: THREAT_PREVENTION, CUSTOM_MIRRORING, CUSTOM_INTERCEPT.

Link copied to clipboard
val updateTime: Output<String>

Time the security profile was updated in UTC.

Link copied to clipboard
val urn: Output<String>