import * as pulumi from "@pulumi/pulumi"; /** * The enforcement configuration for a service supported by App Check. * * To get more information about ServiceConfig, see: * * * [API documentation](https://firebase.google.com/docs/reference/appcheck/rest/v1/projects.services) * * How-to Guides * * [Official Documentation](https://firebase.google.com/docs/app-check) * * ## Example Usage * * ### Firebase App Check Service Config Off * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const appcheck = new gcp.projects.Service("appcheck", { * project: "my-project-name", * service: "firebaseappcheck.googleapis.com", * }); * const _default = new gcp.firebase.AppCheckServiceConfig("default", { * project: "my-project-name", * serviceId: "firestore.googleapis.com", * }, { * dependsOn: [appcheck], * }); * ``` * ### Firebase App Check Service Config Enforced * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const appcheck = new gcp.projects.Service("appcheck", { * project: "my-project-name", * service: "firebaseappcheck.googleapis.com", * }); * const _default = new gcp.firebase.AppCheckServiceConfig("default", { * project: "my-project-name", * serviceId: "firebasestorage.googleapis.com", * enforcementMode: "ENFORCED", * }, { * dependsOn: [appcheck], * }); * ``` * ### Firebase App Check Service Config Unenforced * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const appcheck = new gcp.projects.Service("appcheck", { * project: "my-project-name", * service: "firebaseappcheck.googleapis.com", * }); * const _default = new gcp.firebase.AppCheckServiceConfig("default", { * project: "my-project-name", * serviceId: "identitytoolkit.googleapis.com", * enforcementMode: "UNENFORCED", * }, { * dependsOn: [appcheck], * }); * ``` * * ## Import * * ServiceConfig can be imported using any of these accepted formats: * * * `projects/{{project}}/services/{{service_id}}` * * `{{project}}/{{service_id}}` * * `{{service_id}}` * * When using the `pulumi import` command, ServiceConfig can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:firebase/appCheckServiceConfig:AppCheckServiceConfig default projects/{{project}}/services/{{service_id}} * $ pulumi import gcp:firebase/appCheckServiceConfig:AppCheckServiceConfig default {{project}}/{{service_id}} * $ pulumi import gcp:firebase/appCheckServiceConfig:AppCheckServiceConfig default {{service_id}} * ``` */ export declare class AppCheckServiceConfig extends pulumi.CustomResource { /** * Get an existing AppCheckServiceConfig resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: AppCheckServiceConfigState, opts?: pulumi.CustomResourceOptions): AppCheckServiceConfig; /** * Returns true if the given object is an instance of AppCheckServiceConfig. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is AppCheckServiceConfig; /** * The App Check enforcement mode for a service supported by App Check. Valid values are * (Unset) * Firebase App Check is not enforced for the service, nor are App Check metrics collected. * Though the service is not protected by App Check in this mode, other applicable protections, * such as user authorization, are still enforced. An unconfigured service is in this mode by default. * This is equivalent to OFF in the REST API. Deleting the Terraform resource will also switch the * enforcement to OFF for this service. * UNENFORCED * Firebase App Check is not enforced for the service. App Check metrics are collected to help you * decide when to turn on enforcement for the service. Though the service is not protected by App Check * in this mode, other applicable protections, such as user authorization, are still enforced. * ENFORCED * Firebase App Check is enforced for the service. The service will reject any request that attempts to * access your project's resources if it does not have valid App Check token attached, with some exceptions * depending on the service; for example, some services will still allow requests bearing the developer's * privileged service account credentials without an App Check token. App Check metrics continue to be * collected to help you detect issues with your App Check integration and monitor the composition of your * callers. While the service is protected by App Check, other applicable protections, such as user * authorization, continue to be enforced at the same time. * Use caution when choosing to enforce App Check on a Firebase service. If your users have not updated * to an App Check capable version of your app, their apps will no longer be able to use your Firebase * services that are enforcing App Check. App Check metrics can help you decide whether to enforce App * Check on your Firebase services. * If your app has not launched yet, you should enable enforcement immediately, since there are no outdated * clients in use. * Possible values are: `UNENFORCED`, `ENFORCED`. */ readonly enforcementMode: pulumi.Output; /** * The fully-qualified resource name of the service enforcement configuration. */ readonly name: pulumi.Output; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ readonly project: pulumi.Output; /** * The identifier of the service to configure enforcement. Currently, the following service IDs are supported: * firebasestorage.googleapis.com (Cloud Storage for Firebase) * firebasedatabase.googleapis.com (Firebase Realtime Database) * firestore.googleapis.com (Cloud Firestore) * identitytoolkit.googleapis.com (Authentication) */ readonly serviceId: pulumi.Output; /** * Create a AppCheckServiceConfig resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: AppCheckServiceConfigArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering AppCheckServiceConfig resources. */ export interface AppCheckServiceConfigState { /** * The App Check enforcement mode for a service supported by App Check. Valid values are * (Unset) * Firebase App Check is not enforced for the service, nor are App Check metrics collected. * Though the service is not protected by App Check in this mode, other applicable protections, * such as user authorization, are still enforced. An unconfigured service is in this mode by default. * This is equivalent to OFF in the REST API. Deleting the Terraform resource will also switch the * enforcement to OFF for this service. * UNENFORCED * Firebase App Check is not enforced for the service. App Check metrics are collected to help you * decide when to turn on enforcement for the service. Though the service is not protected by App Check * in this mode, other applicable protections, such as user authorization, are still enforced. * ENFORCED * Firebase App Check is enforced for the service. The service will reject any request that attempts to * access your project's resources if it does not have valid App Check token attached, with some exceptions * depending on the service; for example, some services will still allow requests bearing the developer's * privileged service account credentials without an App Check token. App Check metrics continue to be * collected to help you detect issues with your App Check integration and monitor the composition of your * callers. While the service is protected by App Check, other applicable protections, such as user * authorization, continue to be enforced at the same time. * Use caution when choosing to enforce App Check on a Firebase service. If your users have not updated * to an App Check capable version of your app, their apps will no longer be able to use your Firebase * services that are enforcing App Check. App Check metrics can help you decide whether to enforce App * Check on your Firebase services. * If your app has not launched yet, you should enable enforcement immediately, since there are no outdated * clients in use. * Possible values are: `UNENFORCED`, `ENFORCED`. */ enforcementMode?: pulumi.Input; /** * The fully-qualified resource name of the service enforcement configuration. */ name?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * The identifier of the service to configure enforcement. Currently, the following service IDs are supported: * firebasestorage.googleapis.com (Cloud Storage for Firebase) * firebasedatabase.googleapis.com (Firebase Realtime Database) * firestore.googleapis.com (Cloud Firestore) * identitytoolkit.googleapis.com (Authentication) */ serviceId?: pulumi.Input; } /** * The set of arguments for constructing a AppCheckServiceConfig resource. */ export interface AppCheckServiceConfigArgs { /** * The App Check enforcement mode for a service supported by App Check. Valid values are * (Unset) * Firebase App Check is not enforced for the service, nor are App Check metrics collected. * Though the service is not protected by App Check in this mode, other applicable protections, * such as user authorization, are still enforced. An unconfigured service is in this mode by default. * This is equivalent to OFF in the REST API. Deleting the Terraform resource will also switch the * enforcement to OFF for this service. * UNENFORCED * Firebase App Check is not enforced for the service. App Check metrics are collected to help you * decide when to turn on enforcement for the service. Though the service is not protected by App Check * in this mode, other applicable protections, such as user authorization, are still enforced. * ENFORCED * Firebase App Check is enforced for the service. The service will reject any request that attempts to * access your project's resources if it does not have valid App Check token attached, with some exceptions * depending on the service; for example, some services will still allow requests bearing the developer's * privileged service account credentials without an App Check token. App Check metrics continue to be * collected to help you detect issues with your App Check integration and monitor the composition of your * callers. While the service is protected by App Check, other applicable protections, such as user * authorization, continue to be enforced at the same time. * Use caution when choosing to enforce App Check on a Firebase service. If your users have not updated * to an App Check capable version of your app, their apps will no longer be able to use your Firebase * services that are enforcing App Check. App Check metrics can help you decide whether to enforce App * Check on your Firebase services. * If your app has not launched yet, you should enable enforcement immediately, since there are no outdated * clients in use. * Possible values are: `UNENFORCED`, `ENFORCED`. */ enforcementMode?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * The identifier of the service to configure enforcement. Currently, the following service IDs are supported: * firebasestorage.googleapis.com (Cloud Storage for Firebase) * firebasedatabase.googleapis.com (Firebase Realtime Database) * firestore.googleapis.com (Cloud Firestore) * identitytoolkit.googleapis.com (Authentication) */ serviceId: pulumi.Input; }