import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * A set of reusable connection configurations to be used as a source or destination for a stream. * * To get more information about ConnectionProfile, see: * * * [API documentation](https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.connectionProfiles) * * How-to Guides * * [Official Documentation](https://cloud.google.com/datastream/docs/create-connection-profiles) * * ## Example Usage * * ### Datastream Connection Profile Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Connection profile", * location: "us-central1", * connectionProfileId: "my-profile", * gcsProfile: { * bucket: "my-bucket", * rootPath: "/path", * }, * }); * ``` * ### Datastream Connection Profile Postgresql Private Connection * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * import * as random from "@pulumi/random"; * * const _default = new gcp.compute.Network("default", { * name: "my-network", * autoCreateSubnetworks: false, * }); * const defaultSubnetwork = new gcp.compute.Subnetwork("default", { * name: "my-subnetwork", * ipCidrRange: "10.1.0.0/16", * region: "us-central1", * network: _default.id, * }); * const privateConnection = new gcp.datastream.PrivateConnection("private_connection", { * displayName: "Private connection", * location: "us-central1", * privateConnectionId: "my-connection", * vpcPeeringConfig: { * vpc: _default.id, * subnet: "10.0.0.0/29", * }, * }); * const natVmIp = new gcp.compute.Address("nat_vm_ip", {name: "nat-vm-ip"}); * const instance = new gcp.sql.DatabaseInstance("instance", { * name: "my-instance", * databaseVersion: "POSTGRES_14", * region: "us-central1", * settings: { * tier: "db-f1-micro", * ipConfiguration: { * authorizedNetworks: [{ * value: natVmIp.address, * }], * }, * }, * deletionProtection: true, * }); * const db = new gcp.sql.Database("db", { * instance: instance.name, * name: "db", * }); * const pwd = new random.index.Password("pwd", { * length: 16, * special: false, * }); * const user = new gcp.sql.User("user", { * name: "user", * instance: instance.name, * password: pwd.result, * }); * const natVm = new gcp.compute.Instance("nat_vm", { * name: "nat-vm", * machineType: "e2-medium", * zone: "us-central1-a", * desiredStatus: "RUNNING", * bootDisk: { * initializeParams: { * image: "debian-cloud/debian-12", * }, * }, * networkInterfaces: [{ * network: privateConnection.vpcPeeringConfig.apply(vpcPeeringConfig => vpcPeeringConfig?.vpc), * subnetwork: defaultSubnetwork.selfLink, * accessConfigs: [{ * natIp: natVmIp.address, * }], * }], * metadataStartupScript: pulumi.interpolate`#! /bin/bash * # See https://cloud.google.com/datastream/docs/private-connectivity#set-up-reverse-proxy * export DB_ADDR=${instance.publicIpAddress} * export DB_PORT=5432 * echo 1 > /proc/sys/net/ipv4/ip_forward * md_url_prefix=\"http://169.254.169.254/computeMetadata/v1/instance\" * vm_nic_ip=\"$(curl -H \"Metadata-Flavor: Google\" ${md_url_prefix}/network-interfaces/0/ip)\" * iptables -t nat -F * iptables -t nat -A PREROUTING \\ * -p tcp --dport $DB_PORT \\ * -j DNAT \\ * --to-destination $DB_ADDR * iptables -t nat -A POSTROUTING \\ * -p tcp --dport $DB_PORT \\ * -j SNAT \\ * --to-source $vm_nic_ip * iptables-save * `, * }); * const rules = new gcp.compute.Firewall("rules", { * name: "ingress-rule", * network: privateConnection.vpcPeeringConfig.apply(vpcPeeringConfig => vpcPeeringConfig?.vpc), * description: "Allow traffic into NAT VM", * direction: "INGRESS", * allows: [{ * protocol: "tcp", * ports: ["5432"], * }], * sourceRanges: [privateConnection.vpcPeeringConfig.apply(vpcPeeringConfig => vpcPeeringConfig?.subnet)], * }); * const defaultConnectionProfile = new gcp.datastream.ConnectionProfile("default", { * displayName: "Connection profile", * location: "us-central1", * connectionProfileId: "my-profile", * postgresqlProfile: { * hostname: natVm.networkInterfaces.apply(networkInterfaces => networkInterfaces[0].networkIp), * username: user.name, * password: user.password, * database: db.name, * port: 5432, * }, * privateConnectivity: { * privateConnection: privateConnection.id, * }, * }); * ``` * ### Datastream Connection Profile Full * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Connection profile", * location: "us-central1", * connectionProfileId: "my-profile", * gcsProfile: { * bucket: "my-bucket", * rootPath: "/path", * }, * forwardSshConnectivity: { * hostname: "google.com", * username: "my-user", * port: 8022, * password: "swordfish", * }, * labels: { * key: "value", * }, * }); * ``` * ### Datastream Connection Profile Postgres * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * import * as random from "@pulumi/random"; * * const instance = new gcp.sql.DatabaseInstance("instance", { * name: "my-instance", * databaseVersion: "POSTGRES_14", * region: "us-central1", * settings: { * tier: "db-f1-micro", * ipConfiguration: { * authorizedNetworks: [ * { * value: "34.71.242.81", * }, * { * value: "34.72.28.29", * }, * { * value: "34.67.6.157", * }, * { * value: "34.67.234.134", * }, * { * value: "34.72.239.218", * }, * ], * }, * }, * deletionProtection: true, * }); * const db = new gcp.sql.Database("db", { * instance: instance.name, * name: "db", * }); * const pwd = new random.index.Password("pwd", { * length: 16, * special: false, * }); * const user = new gcp.sql.User("user", { * name: "user", * instance: instance.name, * password: pwd.result, * }); * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Connection profile", * location: "us-central1", * connectionProfileId: "my-profile", * postgresqlProfile: { * hostname: instance.publicIpAddress, * username: user.name, * password: user.password, * database: db.name, * }, * }); * ``` * ### Datastream Connection Profile Sql Server * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const instance = new gcp.sql.DatabaseInstance("instance", { * name: "sql-server", * databaseVersion: "SQLSERVER_2019_STANDARD", * region: "us-central1", * rootPassword: "root-password", * deletionProtection: true, * settings: { * tier: "db-custom-2-4096", * ipConfiguration: { * authorizedNetworks: [ * { * value: "34.71.242.81", * }, * { * value: "34.72.28.29", * }, * { * value: "34.67.6.157", * }, * { * value: "34.67.234.134", * }, * { * value: "34.72.239.218", * }, * ], * }, * }, * }); * const db = new gcp.sql.Database("db", { * name: "db", * instance: instance.name, * }); * const user = new gcp.sql.User("user", { * name: "user", * instance: instance.name, * password: "password", * }); * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "SQL Server Source", * location: "us-central1", * connectionProfileId: "source-profile", * sqlServerProfile: { * hostname: instance.publicIpAddress, * port: 1433, * username: user.name, * password: user.password, * database: db.name, * }, * }); * ``` * ### Datastream Stream Postgresql Sslconfig Server And Client Verification * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * import * as random from "@pulumi/random"; * import * as std from "@pulumi/std"; * * const datastreamIps = gcp.datastream.getStaticIps({ * location: "us-central1", * }); * const instance = new gcp.sql.DatabaseInstance("instance", { * name: "my-instance", * databaseVersion: "POSTGRES_15", * region: "us-central1", * settings: { * tier: "db-f1-micro", * ipConfiguration: { * authorizedNetworks: std.format({ * input: "datastream-%d", * args: [entry.key], * }).then(invoke => .map(entry => ({ * name: invoke.result, * value: entry.value, * }))), * ipv4Enabled: true, * sslMode: "TRUSTED_CLIENT_CERTIFICATE_REQUIRED", * }, * }, * deletionProtection: true, * }); * const db = new gcp.sql.Database("db", { * instance: instance.name, * name: "db", * }); * const pwd = new random.index.Password("pwd", { * length: 16, * special: false, * }); * const user = new gcp.sql.User("user", { * name: "user", * instance: instance.name, * password: pwd.result, * }); * const clientCert = new gcp.sql.SslCert("client_cert", { * commonName: "client-name", * instance: instance.name, * }); * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Connection Profile", * location: "us-central1", * connectionProfileId: "profile-id", * postgresqlProfile: { * hostname: instance.publicIpAddress, * port: 5432, * username: "user", * password: pwd.result, * database: db.name, * sslConfig: { * serverAndClientVerification: { * clientCertificate: clientCert.cert, * clientKey: clientCert.privateKey, * caCertificate: clientCert.serverCaCert, * }, * }, * }, * }); * ``` * ### Datastream Connection Profile Salesforce * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Salesforce Source", * location: "us-central1", * connectionProfileId: "source-profile", * createWithoutValidation: true, * salesforceProfile: { * domain: "fake-domain.my.salesforce.com", * userCredentials: { * username: "fake-username", * secretManagerStoredPassword: "fake-password", * secretManagerStoredSecurityToken: "fake-token", * }, * }, * }); * ``` * ### Datastream Connection Profile Spanner * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Spanner Source", * location: "us-central1", * connectionProfileId: "source-profile", * createWithoutValidation: true, * spannerProfile: { * database: "projects/example-project/instances/example-instance/databases/example-database", * host: "https://spanner.example-region.rep.googleapis.com", * }, * }); * ``` * ### Datastream Connection Profile Postgres Secret Manager * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Postgres Source With Secret Manager", * location: "us-central1", * connectionProfileId: "source-profile", * createWithoutValidation: true, * postgresqlProfile: { * hostname: "fake-hostname", * port: 3306, * username: "fake-username", * secretManagerStoredPassword: "projects/fake-project/secrets/fake-secret/versions/1", * database: "fake-database", * }, * }); * ``` * ### Datastream Connection Profile Mongodb * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.datastream.ConnectionProfile("default", { * displayName: "Mongodb Source", * location: "us-central1", * connectionProfileId: "source-profile", * mongodbProfile: { * hostAddresses: [{ * hostname: "mongodb-primary.example.com", * port: 27017, * }], * replicaSet: "myReplicaSet", * username: "mongoUser", * password: "mongoPassword", * database: "myDatabase", * standardConnectionFormat: {}[0], * }, * }); * ``` * * ## Import * * ConnectionProfile can be imported using any of these accepted formats: * * * `projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}}` * * `{{project}}/{{location}}/{{connection_profile_id}}` * * `{{location}}/{{connection_profile_id}}` * * When using the `pulumi import` command, ConnectionProfile can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:datastream/connectionProfile:ConnectionProfile default projects/{{project}}/locations/{{location}}/connectionProfiles/{{connection_profile_id}} * $ pulumi import gcp:datastream/connectionProfile:ConnectionProfile default {{project}}/{{location}}/{{connection_profile_id}} * $ pulumi import gcp:datastream/connectionProfile:ConnectionProfile default {{location}}/{{connection_profile_id}} * ``` */ export declare class ConnectionProfile extends pulumi.CustomResource { /** * Get an existing ConnectionProfile resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: ConnectionProfileState, opts?: pulumi.CustomResourceOptions): ConnectionProfile; /** * Returns true if the given object is an instance of ConnectionProfile. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ConnectionProfile; /** * BigQuery warehouse profile. */ readonly bigqueryProfile: pulumi.Output; /** * The connection profile identifier. */ readonly connectionProfileId: pulumi.Output; /** * Create the connection profile without validating it. */ readonly createWithoutValidation: pulumi.Output; /** * Display name. */ readonly displayName: pulumi.Output; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ readonly effectiveLabels: pulumi.Output<{ [key: string]: string; }>; /** * Forward SSH tunnel connectivity. * Structure is documented below. */ readonly forwardSshConnectivity: pulumi.Output; /** * Cloud Storage bucket profile. * Structure is documented below. */ readonly gcsProfile: pulumi.Output; /** * Labels. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ readonly labels: pulumi.Output<{ [key: string]: string; } | undefined>; /** * The name of the location this connection profile is located in. */ readonly location: pulumi.Output; /** * Configuration for connecting to a MongoDB database. * Structure is documented below. */ readonly mongodbProfile: pulumi.Output; /** * MySQL database profile. * Structure is documented below. */ readonly mysqlProfile: pulumi.Output; /** * The resource's name. */ readonly name: pulumi.Output; /** * Oracle database profile. * Structure is documented below. */ readonly oracleProfile: pulumi.Output; /** * PostgreSQL database profile. * Structure is documented below. */ readonly postgresqlProfile: pulumi.Output; /** * Private connectivity. * Structure is documented below. */ readonly privateConnectivity: pulumi.Output; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ readonly project: pulumi.Output; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ readonly pulumiLabels: pulumi.Output<{ [key: string]: string; }>; /** * (Optional, Beta) * Salesforce profile. * Structure is documented below. */ readonly salesforceProfile: pulumi.Output; /** * (Optional, Beta) * Spanner profile. * Structure is documented below. */ readonly spannerProfile: pulumi.Output; /** * SQL Server database profile. * Structure is documented below. */ readonly sqlServerProfile: pulumi.Output; /** * Create a ConnectionProfile resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ConnectionProfileArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ConnectionProfile resources. */ export interface ConnectionProfileState { /** * BigQuery warehouse profile. */ bigqueryProfile?: pulumi.Input; /** * The connection profile identifier. */ connectionProfileId?: pulumi.Input; /** * Create the connection profile without validating it. */ createWithoutValidation?: pulumi.Input; /** * Display name. */ displayName?: pulumi.Input; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ effectiveLabels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Forward SSH tunnel connectivity. * Structure is documented below. */ forwardSshConnectivity?: pulumi.Input; /** * Cloud Storage bucket profile. * Structure is documented below. */ gcsProfile?: pulumi.Input; /** * Labels. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The name of the location this connection profile is located in. */ location?: pulumi.Input; /** * Configuration for connecting to a MongoDB database. * Structure is documented below. */ mongodbProfile?: pulumi.Input; /** * MySQL database profile. * Structure is documented below. */ mysqlProfile?: pulumi.Input; /** * The resource's name. */ name?: pulumi.Input; /** * Oracle database profile. * Structure is documented below. */ oracleProfile?: pulumi.Input; /** * PostgreSQL database profile. * Structure is documented below. */ postgresqlProfile?: pulumi.Input; /** * Private connectivity. * Structure is documented below. */ privateConnectivity?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ pulumiLabels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * (Optional, Beta) * Salesforce profile. * Structure is documented below. */ salesforceProfile?: pulumi.Input; /** * (Optional, Beta) * Spanner profile. * Structure is documented below. */ spannerProfile?: pulumi.Input; /** * SQL Server database profile. * Structure is documented below. */ sqlServerProfile?: pulumi.Input; } /** * The set of arguments for constructing a ConnectionProfile resource. */ export interface ConnectionProfileArgs { /** * BigQuery warehouse profile. */ bigqueryProfile?: pulumi.Input; /** * The connection profile identifier. */ connectionProfileId: pulumi.Input; /** * Create the connection profile without validating it. */ createWithoutValidation?: pulumi.Input; /** * Display name. */ displayName: pulumi.Input; /** * Forward SSH tunnel connectivity. * Structure is documented below. */ forwardSshConnectivity?: pulumi.Input; /** * Cloud Storage bucket profile. * Structure is documented below. */ gcsProfile?: pulumi.Input; /** * Labels. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The name of the location this connection profile is located in. */ location: pulumi.Input; /** * Configuration for connecting to a MongoDB database. * Structure is documented below. */ mongodbProfile?: pulumi.Input; /** * MySQL database profile. * Structure is documented below. */ mysqlProfile?: pulumi.Input; /** * Oracle database profile. * Structure is documented below. */ oracleProfile?: pulumi.Input; /** * PostgreSQL database profile. * Structure is documented below. */ postgresqlProfile?: pulumi.Input; /** * Private connectivity. * Structure is documented below. */ privateConnectivity?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * (Optional, Beta) * Salesforce profile. * Structure is documented below. */ salesforceProfile?: pulumi.Input; /** * (Optional, Beta) * Spanner profile. * Structure is documented below. */ spannerProfile?: pulumi.Input; /** * SQL Server database profile. * Structure is documented below. */ sqlServerProfile?: pulumi.Input; }