import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * An `ApiProduct` in Apigee. * * To get more information about ApiProduct, see: * * * [API documentation](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.apiproducts#ApiProduct) * * How-to Guides * * [Creating an API product](https://cloud.google.com/apigee/docs/api-platform/publish/what-api-product) * * ## Example Usage * * ### Apigee Api Product Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const current = gcp.organizations.getClientConfig({}); * const apigeeNetwork = new gcp.compute.Network("apigee_network", {name: "apigee-network"}); * const apigeeRange = new gcp.compute.GlobalAddress("apigee_range", { * name: "apigee-range", * purpose: "VPC_PEERING", * addressType: "INTERNAL", * prefixLength: 16, * network: apigeeNetwork.id, * }); * const apigeeVpcConnection = new gcp.servicenetworking.Connection("apigee_vpc_connection", { * network: apigeeNetwork.id, * service: "servicenetworking.googleapis.com", * reservedPeeringRanges: [apigeeRange.name], * }); * const apigeeOrg = new gcp.apigee.Organization("apigee_org", { * analyticsRegion: "us-central1", * projectId: current.then(current => current.project), * authorizedNetwork: apigeeNetwork.id, * }, { * dependsOn: [apigeeVpcConnection], * }); * const apigeeInstance = new gcp.apigee.Instance("apigee_instance", { * name: "my-instance", * location: "us-central1", * orgId: apigeeOrg.id, * peeringCidrRange: "SLASH_22", * }); * const basicApiProduct = new gcp.apigee.ApiProduct("basic_api_product", { * orgId: apigeeOrg.id, * name: "my-product", * displayName: "My Basic API Product", * approvalType: "auto", * }, { * dependsOn: [apigeeInstance], * }); * ``` * ### Apigee Api Product With Legacy Operation * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const current = gcp.organizations.getClientConfig({}); * const apigeeNetwork = new gcp.compute.Network("apigee_network", {name: "apigee-network"}); * const apigeeRange = new gcp.compute.GlobalAddress("apigee_range", { * name: "apigee-range", * purpose: "VPC_PEERING", * addressType: "INTERNAL", * prefixLength: 16, * network: apigeeNetwork.id, * }); * const apigeeVpcConnection = new gcp.servicenetworking.Connection("apigee_vpc_connection", { * network: apigeeNetwork.id, * service: "servicenetworking.googleapis.com", * reservedPeeringRanges: [apigeeRange.name], * }); * const apigeeOrg = new gcp.apigee.Organization("apigee_org", { * analyticsRegion: "us-central1", * projectId: current.then(current => current.project), * authorizedNetwork: apigeeNetwork.id, * }, { * dependsOn: [apigeeVpcConnection], * }); * const apigeeInstance = new gcp.apigee.Instance("apigee_instance", { * name: "my-instance", * location: "us-central1", * orgId: apigeeOrg.id, * peeringCidrRange: "SLASH_22", * }); * const fullApiProduct = new gcp.apigee.ApiProduct("full_api_product", { * orgId: apigeeOrg.id, * name: "my-product", * displayName: "My full API Product", * approvalType: "auto", * description: "This is a sample API Product created with Terraform.", * attributes: [{ * name: "access", * value: "private", * }], * environments: [ * "dev", * "hom", * ], * proxies: ["hello-world"], * apiResources: [ * "/", * "/weather/**", * ], * scopes: [ * "read:weather", * "write:reports", * ], * quota: "10000", * quotaInterval: "1", * quotaTimeUnit: "day", * quotaCounterScope: "PROXY", * }, { * dependsOn: [apigeeInstance], * }); * ``` * ## Import * * ApiProduct can be imported using any of these accepted formats: * * * `{{org_id}}/apiproducts/{{name}}` * * * `{{org_id}}/{{name}}` * * When using the `pulumi import` command, ApiProduct can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:apigee/apiProduct:ApiProduct default {{org_id}}/apiproducts/{{name}} * ``` * * ```sh * $ pulumi import gcp:apigee/apiProduct:ApiProduct default {{org_id}}/{{name}} * ``` */ export declare class ApiProduct extends pulumi.CustomResource { /** * Get an existing ApiProduct resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: ApiProductState, opts?: pulumi.CustomResourceOptions): ApiProduct; /** * Returns true if the given object is an instance of ApiProduct. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ApiProduct; /** * Comma-separated list of API resources to be bundled in the API product. By default, the resource paths are mapped from the proxy.pathsuffix variable. * The proxy path suffix is defined as the URI fragment following the ProxyEndpoint base path. For example, if the apiResources element is defined to be /forecastrss and the base path defined for the API proxy is /weather, then only requests to /weather/forecastrss are permitted by the API product. */ readonly apiResources: pulumi.Output; /** * Flag that specifies how API keys are approved to access the APIs defined by the API product. * Valid values are `auto` or `manual`. * Possible values are: `auto`, `manual`. */ readonly approvalType: pulumi.Output; /** * Array of attributes that may be used to extend the default API product profile with customer-specific metadata. You can specify a maximum of 18 attributes. * Use this property to specify the access level of the API product as either public, private, or internal. * Structure is documented below. */ readonly attributes: pulumi.Output; /** * Response only. Creation time of this environment as milliseconds since epoch. */ readonly createdAt: pulumi.Output; /** * Description of the API product. Include key information about the API product that is not captured by other fields. */ readonly description: pulumi.Output; /** * Name displayed in the UI or developer portal to developers registering for API access. */ readonly displayName: pulumi.Output; /** * Comma-separated list of environment names to which the API product is bound. Requests to environments that are not listed are rejected. * By specifying one or more environments, you can bind the resources listed in the API product to a specific environment, preventing developers from accessing those resources through API proxies deployed in another environment. */ readonly environments: pulumi.Output; /** * Configuration used to group Apigee proxies or remote services with graphQL operation name, graphQL operation type and quotas. This grouping allows us to precisely set quota for a particular combination of graphQL name and operation type for a particular proxy request. If graphQL name is not set, this would imply quota will be applied on all graphQL requests matching the operation type. * Structure is documented below. */ readonly graphqlOperationGroup: pulumi.Output; /** * Optional. Configuration used to group Apigee proxies with gRPC services and method names. This grouping allows us to set quota for a particular proxy with the gRPC service name and method. If a method name is not set, this implies quota and authorization are applied to all gRPC methods implemented by that proxy for that particular gRPC service. * Structure is documented below. */ readonly grpcOperationGroup: pulumi.Output; /** * Response only. Modified time of this environment as milliseconds since epoch. */ readonly lastModifiedAt: pulumi.Output; /** * Internal name of the API product. */ readonly name: pulumi.Output; /** * Configuration used to group Apigee proxies or remote services with resources, method types, and quotas. The resource refers to the resource URI (excluding the base path). With this grouping, the API product creator is able to fine-tune and give precise control over which REST methods have access to specific resources and how many calls can be made (using the quota setting). * Note: The apiResources setting cannot be specified for both the API product and operation group; otherwise the call will fail. * Structure is documented below. */ readonly operationGroup: pulumi.Output; /** * The Apigee Organization associated with the Apigee API product, * in the format `organizations/{{org_name}}`. */ readonly orgId: pulumi.Output; /** * Comma-separated list of API proxy names to which this API product is bound. By specifying API proxies, you can associate resources in the API product with specific API proxies, preventing developers from accessing those resources through other API proxies. * Apigee rejects requests to API proxies that are not listed. */ readonly proxies: pulumi.Output; /** * Number of request messages permitted per app by this API product for the specified quotaInterval and quotaTimeUnit. * For example, a quota of 50, for a quotaInterval of 12 and a quotaTimeUnit of hours means 50 requests are allowed every 12 hours. */ readonly quota: pulumi.Output; /** * Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself. * Possible values are: `QUOTA_COUNTER_SCOPE_UNSPECIFIED`, `PROXY`, `OPERATION`. */ readonly quotaCounterScope: pulumi.Output; /** * Time interval over which the number of request messages is calculated. */ readonly quotaInterval: pulumi.Output; /** * Time unit defined for the quotaInterval. Valid values include second, minute, hour, day, month or year. */ readonly quotaTimeUnit: pulumi.Output; /** * Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy associated with the API product. */ readonly scopes: pulumi.Output; /** * Optional. The resource ID of the parent Space. If not set, the parent resource will be the Organization. */ readonly space: pulumi.Output; /** * Create a ApiProduct resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ApiProductArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ApiProduct resources. */ export interface ApiProductState { /** * Comma-separated list of API resources to be bundled in the API product. By default, the resource paths are mapped from the proxy.pathsuffix variable. * The proxy path suffix is defined as the URI fragment following the ProxyEndpoint base path. For example, if the apiResources element is defined to be /forecastrss and the base path defined for the API proxy is /weather, then only requests to /weather/forecastrss are permitted by the API product. */ apiResources?: pulumi.Input[]>; /** * Flag that specifies how API keys are approved to access the APIs defined by the API product. * Valid values are `auto` or `manual`. * Possible values are: `auto`, `manual`. */ approvalType?: pulumi.Input; /** * Array of attributes that may be used to extend the default API product profile with customer-specific metadata. You can specify a maximum of 18 attributes. * Use this property to specify the access level of the API product as either public, private, or internal. * Structure is documented below. */ attributes?: pulumi.Input[]>; /** * Response only. Creation time of this environment as milliseconds since epoch. */ createdAt?: pulumi.Input; /** * Description of the API product. Include key information about the API product that is not captured by other fields. */ description?: pulumi.Input; /** * Name displayed in the UI or developer portal to developers registering for API access. */ displayName?: pulumi.Input; /** * Comma-separated list of environment names to which the API product is bound. Requests to environments that are not listed are rejected. * By specifying one or more environments, you can bind the resources listed in the API product to a specific environment, preventing developers from accessing those resources through API proxies deployed in another environment. */ environments?: pulumi.Input[]>; /** * Configuration used to group Apigee proxies or remote services with graphQL operation name, graphQL operation type and quotas. This grouping allows us to precisely set quota for a particular combination of graphQL name and operation type for a particular proxy request. If graphQL name is not set, this would imply quota will be applied on all graphQL requests matching the operation type. * Structure is documented below. */ graphqlOperationGroup?: pulumi.Input; /** * Optional. Configuration used to group Apigee proxies with gRPC services and method names. This grouping allows us to set quota for a particular proxy with the gRPC service name and method. If a method name is not set, this implies quota and authorization are applied to all gRPC methods implemented by that proxy for that particular gRPC service. * Structure is documented below. */ grpcOperationGroup?: pulumi.Input; /** * Response only. Modified time of this environment as milliseconds since epoch. */ lastModifiedAt?: pulumi.Input; /** * Internal name of the API product. */ name?: pulumi.Input; /** * Configuration used to group Apigee proxies or remote services with resources, method types, and quotas. The resource refers to the resource URI (excluding the base path). With this grouping, the API product creator is able to fine-tune and give precise control over which REST methods have access to specific resources and how many calls can be made (using the quota setting). * Note: The apiResources setting cannot be specified for both the API product and operation group; otherwise the call will fail. * Structure is documented below. */ operationGroup?: pulumi.Input; /** * The Apigee Organization associated with the Apigee API product, * in the format `organizations/{{org_name}}`. */ orgId?: pulumi.Input; /** * Comma-separated list of API proxy names to which this API product is bound. By specifying API proxies, you can associate resources in the API product with specific API proxies, preventing developers from accessing those resources through other API proxies. * Apigee rejects requests to API proxies that are not listed. */ proxies?: pulumi.Input[]>; /** * Number of request messages permitted per app by this API product for the specified quotaInterval and quotaTimeUnit. * For example, a quota of 50, for a quotaInterval of 12 and a quotaTimeUnit of hours means 50 requests are allowed every 12 hours. */ quota?: pulumi.Input; /** * Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself. * Possible values are: `QUOTA_COUNTER_SCOPE_UNSPECIFIED`, `PROXY`, `OPERATION`. */ quotaCounterScope?: pulumi.Input; /** * Time interval over which the number of request messages is calculated. */ quotaInterval?: pulumi.Input; /** * Time unit defined for the quotaInterval. Valid values include second, minute, hour, day, month or year. */ quotaTimeUnit?: pulumi.Input; /** * Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy associated with the API product. */ scopes?: pulumi.Input[]>; /** * Optional. The resource ID of the parent Space. If not set, the parent resource will be the Organization. */ space?: pulumi.Input; } /** * The set of arguments for constructing a ApiProduct resource. */ export interface ApiProductArgs { /** * Comma-separated list of API resources to be bundled in the API product. By default, the resource paths are mapped from the proxy.pathsuffix variable. * The proxy path suffix is defined as the URI fragment following the ProxyEndpoint base path. For example, if the apiResources element is defined to be /forecastrss and the base path defined for the API proxy is /weather, then only requests to /weather/forecastrss are permitted by the API product. */ apiResources?: pulumi.Input[]>; /** * Flag that specifies how API keys are approved to access the APIs defined by the API product. * Valid values are `auto` or `manual`. * Possible values are: `auto`, `manual`. */ approvalType?: pulumi.Input; /** * Array of attributes that may be used to extend the default API product profile with customer-specific metadata. You can specify a maximum of 18 attributes. * Use this property to specify the access level of the API product as either public, private, or internal. * Structure is documented below. */ attributes?: pulumi.Input[]>; /** * Description of the API product. Include key information about the API product that is not captured by other fields. */ description?: pulumi.Input; /** * Name displayed in the UI or developer portal to developers registering for API access. */ displayName: pulumi.Input; /** * Comma-separated list of environment names to which the API product is bound. Requests to environments that are not listed are rejected. * By specifying one or more environments, you can bind the resources listed in the API product to a specific environment, preventing developers from accessing those resources through API proxies deployed in another environment. */ environments?: pulumi.Input[]>; /** * Configuration used to group Apigee proxies or remote services with graphQL operation name, graphQL operation type and quotas. This grouping allows us to precisely set quota for a particular combination of graphQL name and operation type for a particular proxy request. If graphQL name is not set, this would imply quota will be applied on all graphQL requests matching the operation type. * Structure is documented below. */ graphqlOperationGroup?: pulumi.Input; /** * Optional. Configuration used to group Apigee proxies with gRPC services and method names. This grouping allows us to set quota for a particular proxy with the gRPC service name and method. If a method name is not set, this implies quota and authorization are applied to all gRPC methods implemented by that proxy for that particular gRPC service. * Structure is documented below. */ grpcOperationGroup?: pulumi.Input; /** * Internal name of the API product. */ name?: pulumi.Input; /** * Configuration used to group Apigee proxies or remote services with resources, method types, and quotas. The resource refers to the resource URI (excluding the base path). With this grouping, the API product creator is able to fine-tune and give precise control over which REST methods have access to specific resources and how many calls can be made (using the quota setting). * Note: The apiResources setting cannot be specified for both the API product and operation group; otherwise the call will fail. * Structure is documented below. */ operationGroup?: pulumi.Input; /** * The Apigee Organization associated with the Apigee API product, * in the format `organizations/{{org_name}}`. */ orgId: pulumi.Input; /** * Comma-separated list of API proxy names to which this API product is bound. By specifying API proxies, you can associate resources in the API product with specific API proxies, preventing developers from accessing those resources through other API proxies. * Apigee rejects requests to API proxies that are not listed. */ proxies?: pulumi.Input[]>; /** * Number of request messages permitted per app by this API product for the specified quotaInterval and quotaTimeUnit. * For example, a quota of 50, for a quotaInterval of 12 and a quotaTimeUnit of hours means 50 requests are allowed every 12 hours. */ quota?: pulumi.Input; /** * Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself. * Possible values are: `QUOTA_COUNTER_SCOPE_UNSPECIFIED`, `PROXY`, `OPERATION`. */ quotaCounterScope?: pulumi.Input; /** * Time interval over which the number of request messages is calculated. */ quotaInterval?: pulumi.Input; /** * Time unit defined for the quotaInterval. Valid values include second, minute, hour, day, month or year. */ quotaTimeUnit?: pulumi.Input; /** * Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy associated with the API product. */ scopes?: pulumi.Input[]>; /** * Optional. The resource ID of the parent Space. If not set, the parent resource will be the Organization. */ space?: pulumi.Input; }