import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * External access firewall rules for filtering incoming traffic destined to `ExternalAddress` resources. * * To get more information about ExternalAccessRule, see: * * * [API documentation](https://cloud.google.com/vmware-engine/docs/reference/rest/v1/projects.locations.networkPolicies.externalAccessRules) * * ## Example Usage * * ### Vmware Engine External Access Rule Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const external_access_rule_nw = new gcp.vmwareengine.Network("external-access-rule-nw", { * name: "sample-nw", * location: "global", * type: "STANDARD", * description: "PC network description.", * }); * const external_access_rule_np = new gcp.vmwareengine.NetworkPolicy("external-access-rule-np", { * location: "us-west1", * name: "sample-np", * edgeServicesCidr: "192.168.30.0/26", * vmwareEngineNetwork: external_access_rule_nw.id, * }); * const vmw_engine_external_access_rule = new gcp.vmwareengine.ExternalAccessRule("vmw-engine-external-access-rule", { * name: "sample-external-access-rule", * parent: external_access_rule_np.id, * priority: 101, * action: "DENY", * ipProtocol: "TCP", * sourceIpRanges: [{ * ipAddressRange: "0.0.0.0/0", * }], * sourcePorts: ["80"], * destinationIpRanges: [{ * ipAddressRange: "0.0.0.0/0", * }], * destinationPorts: ["433"], * }); * ``` * ### Vmware Engine External Access Rule Full * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const external_access_rule_nw = new gcp.vmwareengine.Network("external-access-rule-nw", { * name: "sample-nw", * location: "global", * type: "STANDARD", * description: "PC network description.", * }); * const external_access_rule_pc = new gcp.vmwareengine.PrivateCloud("external-access-rule-pc", { * location: "us-west1-a", * name: "sample-pc", * description: "Sample test PC.", * networkConfig: { * managementCidr: "192.168.50.0/24", * vmwareEngineNetwork: external_access_rule_nw.id, * }, * managementCluster: { * clusterId: "sample-mgmt-cluster", * nodeTypeConfigs: [{ * nodeTypeId: "standard-72", * nodeCount: 3, * }], * }, * }); * const external_access_rule_np = new gcp.vmwareengine.NetworkPolicy("external-access-rule-np", { * location: "us-west1", * name: "sample-np", * edgeServicesCidr: "192.168.30.0/26", * vmwareEngineNetwork: external_access_rule_nw.id, * }); * const external_access_rule_ea = new gcp.vmwareengine.ExternalAddress("external-access-rule-ea", { * name: "sample-ea", * parent: external_access_rule_pc.id, * internalIp: "192.168.0.65", * }); * const vmw_engine_external_access_rule = new gcp.vmwareengine.ExternalAccessRule("vmw-engine-external-access-rule", { * name: "sample-external-access-rule", * parent: external_access_rule_np.id, * description: "Sample Description", * priority: 101, * action: "ALLOW", * ipProtocol: "tcp", * sourceIpRanges: [{ * ipAddressRange: "0.0.0.0/0", * }], * sourcePorts: ["80"], * destinationIpRanges: [{ * externalAddress: external_access_rule_ea.id, * }], * destinationPorts: ["433"], * }); * ``` * * ## Import * * ExternalAccessRule can be imported using any of these accepted formats: * * * `{{parent}}/externalAccessRules/{{name}}` * * When using the `pulumi import` command, ExternalAccessRule can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:vmwareengine/externalAccessRule:ExternalAccessRule default {{parent}}/externalAccessRules/{{name}} * ``` */ export declare class ExternalAccessRule extends pulumi.CustomResource { /** * Get an existing ExternalAccessRule resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: ExternalAccessRuleState, opts?: pulumi.CustomResourceOptions): ExternalAccessRule; /** * Returns true if the given object is an instance of ExternalAccessRule. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ExternalAccessRule; /** * The action that the external access rule performs. * Possible values are: `ALLOW`, `DENY`. */ readonly action: pulumi.Output; /** * Creation time of this resource. * A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and * up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". */ readonly createTime: pulumi.Output; /** * User-provided description for the external access rule. */ readonly description: pulumi.Output; /** * If destination ranges are specified, the external access rule applies only to * traffic that has a destination IP address in these ranges. * Structure is documented below. */ readonly destinationIpRanges: pulumi.Output; /** * A list of destination ports to which the external access rule applies. */ readonly destinationPorts: pulumi.Output; /** * The IP protocol to which the external access rule applies. */ readonly ipProtocol: pulumi.Output; /** * The ID of the external access rule. */ readonly name: pulumi.Output; /** * The resource name of the network policy. * Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. * For example: projects/my-project/locations/us-west1-a/networkPolicies/my-policy */ readonly parent: pulumi.Output; /** * External access rule priority, which determines the external access rule to use when multiple rules apply. */ readonly priority: pulumi.Output; /** * If source ranges are specified, the external access rule applies only to * traffic that has a source IP address in these ranges. * Structure is documented below. */ readonly sourceIpRanges: pulumi.Output; /** * A list of source ports to which the external access rule applies. */ readonly sourcePorts: pulumi.Output; /** * State of the Cluster. */ readonly state: pulumi.Output; /** * System-generated unique identifier for the resource. */ readonly uid: pulumi.Output; /** * Last updated time of this resource. * A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine * fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". */ readonly updateTime: pulumi.Output; /** * Create a ExternalAccessRule resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ExternalAccessRuleArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ExternalAccessRule resources. */ export interface ExternalAccessRuleState { /** * The action that the external access rule performs. * Possible values are: `ALLOW`, `DENY`. */ action?: pulumi.Input; /** * Creation time of this resource. * A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and * up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". */ createTime?: pulumi.Input; /** * User-provided description for the external access rule. */ description?: pulumi.Input; /** * If destination ranges are specified, the external access rule applies only to * traffic that has a destination IP address in these ranges. * Structure is documented below. */ destinationIpRanges?: pulumi.Input[]>; /** * A list of destination ports to which the external access rule applies. */ destinationPorts?: pulumi.Input[]>; /** * The IP protocol to which the external access rule applies. */ ipProtocol?: pulumi.Input; /** * The ID of the external access rule. */ name?: pulumi.Input; /** * The resource name of the network policy. * Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. * For example: projects/my-project/locations/us-west1-a/networkPolicies/my-policy */ parent?: pulumi.Input; /** * External access rule priority, which determines the external access rule to use when multiple rules apply. */ priority?: pulumi.Input; /** * If source ranges are specified, the external access rule applies only to * traffic that has a source IP address in these ranges. * Structure is documented below. */ sourceIpRanges?: pulumi.Input[]>; /** * A list of source ports to which the external access rule applies. */ sourcePorts?: pulumi.Input[]>; /** * State of the Cluster. */ state?: pulumi.Input; /** * System-generated unique identifier for the resource. */ uid?: pulumi.Input; /** * Last updated time of this resource. * A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine * fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". */ updateTime?: pulumi.Input; } /** * The set of arguments for constructing a ExternalAccessRule resource. */ export interface ExternalAccessRuleArgs { /** * The action that the external access rule performs. * Possible values are: `ALLOW`, `DENY`. */ action: pulumi.Input; /** * User-provided description for the external access rule. */ description?: pulumi.Input; /** * If destination ranges are specified, the external access rule applies only to * traffic that has a destination IP address in these ranges. * Structure is documented below. */ destinationIpRanges: pulumi.Input[]>; /** * A list of destination ports to which the external access rule applies. */ destinationPorts: pulumi.Input[]>; /** * The IP protocol to which the external access rule applies. */ ipProtocol: pulumi.Input; /** * The ID of the external access rule. */ name?: pulumi.Input; /** * The resource name of the network policy. * Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. * For example: projects/my-project/locations/us-west1-a/networkPolicies/my-policy */ parent: pulumi.Input; /** * External access rule priority, which determines the external access rule to use when multiple rules apply. */ priority: pulumi.Input; /** * If source ranges are specified, the external access rule applies only to * traffic that has a source IP address in these ranges. * Structure is documented below. */ sourceIpRanges: pulumi.Input[]>; /** * A list of source ports to which the external access rule applies. */ sourcePorts: pulumi.Input[]>; }