import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. * * To get more information about EndpointPolicy, see: * * * [API documentation](https://cloud.google.com/traffic-director/docs/reference/network-services/rest/v1beta1/projects.locations.endpointPolicies) * * ## Example Usage * * ### Network Services Endpoint Policy Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.networkservices.EndpointPolicy("default", { * name: "my-endpoint-policy", * labels: { * foo: "bar", * }, * description: "my description", * type: "SIDECAR_PROXY", * trafficPortSelector: { * ports: ["8081"], * }, * endpointMatcher: { * metadataLabelMatcher: { * metadataLabelMatchCriteria: "MATCH_ANY", * metadataLabels: [{ * labelName: "foo", * labelValue: "bar", * }], * }, * }, * }); * ``` * ### Network Services Endpoint Policy Empty Match * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.networkservices.EndpointPolicy("default", { * name: "my-endpoint-policy", * labels: { * foo: "bar", * }, * description: "my description", * type: "SIDECAR_PROXY", * trafficPortSelector: { * ports: ["8081"], * }, * endpointMatcher: { * metadataLabelMatcher: { * metadataLabelMatchCriteria: "MATCH_ANY", * }, * }, * }); * ``` * * ## Import * * EndpointPolicy can be imported using any of these accepted formats: * * * `projects/{{project}}/locations/global/endpointPolicies/{{name}}` * * `{{project}}/{{name}}` * * `{{name}}` * * When using the `pulumi import` command, EndpointPolicy can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:networkservices/endpointPolicy:EndpointPolicy default projects/{{project}}/locations/global/endpointPolicies/{{name}} * $ pulumi import gcp:networkservices/endpointPolicy:EndpointPolicy default {{project}}/{{name}} * $ pulumi import gcp:networkservices/endpointPolicy:EndpointPolicy default {{name}} * ``` */ export declare class EndpointPolicy extends pulumi.CustomResource { /** * Get an existing EndpointPolicy resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: EndpointPolicyState, opts?: pulumi.CustomResourceOptions): EndpointPolicy; /** * Returns true if the given object is an instance of EndpointPolicy. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is EndpointPolicy; /** * This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. */ readonly authorizationPolicy: pulumi.Output; /** * A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. */ readonly clientTlsPolicy: pulumi.Output; /** * Time the TcpRoute was created in UTC. */ readonly createTime: pulumi.Output; /** * A free-text description of the resource. Max length 1024 characters. */ readonly description: pulumi.Output; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ readonly effectiveLabels: pulumi.Output<{ [key: string]: string; }>; /** * Required. A matcher that selects endpoints to which the policies should be applied. * Structure is documented below. */ readonly endpointMatcher: pulumi.Output; /** * Set of label tags associated with the TcpRoute resource. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ readonly labels: pulumi.Output<{ [key: string]: string; } | undefined>; /** * Name of the EndpointPolicy resource. */ readonly name: pulumi.Output; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ readonly project: pulumi.Output; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ readonly pulumiLabels: pulumi.Output<{ [key: string]: string; }>; /** * A URL referring to ServerTlsPolicy resource. ServerTlsPolicy is used to determine the authentication policy to be applied to terminate the inbound traffic at the identified backends. */ readonly serverTlsPolicy: pulumi.Output; /** * Port selector for the (matched) endpoints. If no port selector is provided, the matched config is applied to all ports. * Structure is documented below. */ readonly trafficPortSelector: pulumi.Output; /** * The type of endpoint policy. This is primarily used to validate the configuration. * Possible values are: `SIDECAR_PROXY`, `GRPC_SERVER`. */ readonly type: pulumi.Output; /** * Time the TcpRoute was updated in UTC. */ readonly updateTime: pulumi.Output; /** * Create a EndpointPolicy resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: EndpointPolicyArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering EndpointPolicy resources. */ export interface EndpointPolicyState { /** * This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. */ authorizationPolicy?: pulumi.Input; /** * A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. */ clientTlsPolicy?: pulumi.Input; /** * Time the TcpRoute was created in UTC. */ createTime?: pulumi.Input; /** * A free-text description of the resource. Max length 1024 characters. */ description?: pulumi.Input; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ effectiveLabels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Required. A matcher that selects endpoints to which the policies should be applied. * Structure is documented below. */ endpointMatcher?: pulumi.Input; /** * Set of label tags associated with the TcpRoute resource. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Name of the EndpointPolicy resource. */ name?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ pulumiLabels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A URL referring to ServerTlsPolicy resource. ServerTlsPolicy is used to determine the authentication policy to be applied to terminate the inbound traffic at the identified backends. */ serverTlsPolicy?: pulumi.Input; /** * Port selector for the (matched) endpoints. If no port selector is provided, the matched config is applied to all ports. * Structure is documented below. */ trafficPortSelector?: pulumi.Input; /** * The type of endpoint policy. This is primarily used to validate the configuration. * Possible values are: `SIDECAR_PROXY`, `GRPC_SERVER`. */ type?: pulumi.Input; /** * Time the TcpRoute was updated in UTC. */ updateTime?: pulumi.Input; } /** * The set of arguments for constructing a EndpointPolicy resource. */ export interface EndpointPolicyArgs { /** * This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. */ authorizationPolicy?: pulumi.Input; /** * A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. */ clientTlsPolicy?: pulumi.Input; /** * A free-text description of the resource. Max length 1024 characters. */ description?: pulumi.Input; /** * Required. A matcher that selects endpoints to which the policies should be applied. * Structure is documented below. */ endpointMatcher: pulumi.Input; /** * Set of label tags associated with the TcpRoute resource. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Name of the EndpointPolicy resource. */ name?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * A URL referring to ServerTlsPolicy resource. ServerTlsPolicy is used to determine the authentication policy to be applied to terminate the inbound traffic at the identified backends. */ serverTlsPolicy?: pulumi.Input; /** * Port selector for the (matched) endpoints. If no port selector is provided, the matched config is applied to all ports. * Structure is documented below. */ trafficPortSelector?: pulumi.Input; /** * The type of endpoint policy. This is primarily used to validate the configuration. * Possible values are: `SIDECAR_PROXY`, `GRPC_SERVER`. */ type: pulumi.Input; }