import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * An `Instance` is the runtime dataplane in Apigee. * * To get more information about Instance, see: * * * [API documentation](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances/create) * * How-to Guides * * [Creating a runtime instance](https://cloud.google.com/apigee/docs/api-platform/get-started/create-instance) * * ## Example Usage * * ### Apigee Instance Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const current = gcp.organizations.getClientConfig({}); * const apigeeNetwork = new gcp.compute.Network("apigee_network", {name: "apigee-network"}); * const apigeeRange = new gcp.compute.GlobalAddress("apigee_range", { * name: "apigee-range", * purpose: "VPC_PEERING", * addressType: "INTERNAL", * prefixLength: 16, * network: apigeeNetwork.id, * }); * const apigeeVpcConnection = new gcp.servicenetworking.Connection("apigee_vpc_connection", { * network: apigeeNetwork.id, * service: "servicenetworking.googleapis.com", * reservedPeeringRanges: [apigeeRange.name], * }); * const apigeeOrg = new gcp.apigee.Organization("apigee_org", { * analyticsRegion: "us-central1", * projectId: current.then(current => current.project), * authorizedNetwork: apigeeNetwork.id, * }, { * dependsOn: [apigeeVpcConnection], * }); * const apigeeInstance = new gcp.apigee.Instance("apigee_instance", { * name: "my-instance-name", * location: "us-central1", * orgId: apigeeOrg.id, * }); * ``` * ### Apigee Instance Cidr Range * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const current = gcp.organizations.getClientConfig({}); * const apigeeNetwork = new gcp.compute.Network("apigee_network", {name: "apigee-network"}); * const apigeeRange = new gcp.compute.GlobalAddress("apigee_range", { * name: "apigee-range", * purpose: "VPC_PEERING", * addressType: "INTERNAL", * prefixLength: 22, * network: apigeeNetwork.id, * }); * const apigeeVpcConnection = new gcp.servicenetworking.Connection("apigee_vpc_connection", { * network: apigeeNetwork.id, * service: "servicenetworking.googleapis.com", * reservedPeeringRanges: [apigeeRange.name], * }); * const apigeeOrg = new gcp.apigee.Organization("apigee_org", { * analyticsRegion: "us-central1", * projectId: current.then(current => current.project), * authorizedNetwork: apigeeNetwork.id, * }, { * dependsOn: [apigeeVpcConnection], * }); * const apigeeInstance = new gcp.apigee.Instance("apigee_instance", { * name: "my-instance-name", * location: "us-central1", * orgId: apigeeOrg.id, * peeringCidrRange: "SLASH_22", * }); * ``` * ### Apigee Instance Ip Range * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const current = gcp.organizations.getClientConfig({}); * const apigeeNetwork = new gcp.compute.Network("apigee_network", {name: "apigee-network"}); * const apigeeRange = new gcp.compute.GlobalAddress("apigee_range", { * name: "apigee-range", * purpose: "VPC_PEERING", * addressType: "INTERNAL", * prefixLength: 22, * network: apigeeNetwork.id, * }); * const apigeeVpcConnection = new gcp.servicenetworking.Connection("apigee_vpc_connection", { * network: apigeeNetwork.id, * service: "servicenetworking.googleapis.com", * reservedPeeringRanges: [apigeeRange.name], * }); * const apigeeOrg = new gcp.apigee.Organization("apigee_org", { * analyticsRegion: "us-central1", * projectId: current.then(current => current.project), * authorizedNetwork: apigeeNetwork.id, * }, { * dependsOn: [apigeeVpcConnection], * }); * const apigeeInstance = new gcp.apigee.Instance("apigee_instance", { * name: "my-instance-name", * location: "us-central1", * orgId: apigeeOrg.id, * ipRange: "10.87.8.0/22", * }); * ``` * ### Apigee Instance Full * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const current = gcp.organizations.getClientConfig({}); * const apigeeNetwork = new gcp.compute.Network("apigee_network", {name: "apigee-network"}); * const apigeeRange = new gcp.compute.GlobalAddress("apigee_range", { * name: "apigee-range", * purpose: "VPC_PEERING", * addressType: "INTERNAL", * prefixLength: 16, * network: apigeeNetwork.id, * }); * const apigeeVpcConnection = new gcp.servicenetworking.Connection("apigee_vpc_connection", { * network: apigeeNetwork.id, * service: "servicenetworking.googleapis.com", * reservedPeeringRanges: [apigeeRange.name], * }); * const apigeeKeyring = new gcp.kms.KeyRing("apigee_keyring", { * name: "apigee-keyring", * location: "us-central1", * }); * const apigeeKey = new gcp.kms.CryptoKey("apigee_key", { * name: "apigee-key", * keyRing: apigeeKeyring.id, * }); * const apigeeSa = new gcp.projects.ServiceIdentity("apigee_sa", { * project: project.projectId, * service: apigee.service, * }); * const apigeeSaKeyuser = new gcp.kms.CryptoKeyIAMMember("apigee_sa_keyuser", { * cryptoKeyId: apigeeKey.id, * role: "roles/cloudkms.cryptoKeyEncrypterDecrypter", * member: apigeeSa.member, * }); * const apigeeOrg = new gcp.apigee.Organization("apigee_org", { * analyticsRegion: "us-central1", * displayName: "apigee-org", * description: "Auto-provisioned Apigee Org.", * projectId: current.then(current => current.project), * authorizedNetwork: apigeeNetwork.id, * runtimeDatabaseEncryptionKeyName: apigeeKey.id, * }, { * dependsOn: [ * apigeeVpcConnection, * apigeeSaKeyuser, * ], * }); * const apigeeInstance = new gcp.apigee.Instance("apigee_instance", { * name: "my-instance-name", * location: "us-central1", * description: "Auto-managed Apigee Runtime Instance", * displayName: "my-instance-name", * orgId: apigeeOrg.id, * diskEncryptionKeyName: apigeeKey.id, * }); * ``` * * ## Import * * Instance can be imported using any of these accepted formats: * * * `{{org_id}}/instances/{{name}}` * * * `{{org_id}}/{{name}}` * * When using the `pulumi import` command, Instance can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:apigee/instance:Instance default {{org_id}}/instances/{{name}} * ``` * * ```sh * $ pulumi import gcp:apigee/instance:Instance default {{org_id}}/{{name}} * ``` */ export declare class Instance extends pulumi.CustomResource { /** * Get an existing Instance resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: InstanceState, opts?: pulumi.CustomResourceOptions): Instance; /** * Returns true if the given object is an instance of Instance. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Instance; /** * Access logging configuration enables the access logging feature at the instance. * Apigee customers can enable access logging to ship the access logs to their own project's cloud logging. * Structure is documented below. */ readonly accessLoggingConfig: pulumi.Output; /** * Optional. Customer accept list represents the list of projects (id/number) on customer * side that can privately connect to the service attachment. It is an optional field * which the customers can provide during the instance creation. By default, the customer * project associated with the Apigee organization will be included to the list. */ readonly consumerAcceptLists: pulumi.Output; /** * Description of the instance. */ readonly description: pulumi.Output; /** * Customer Managed Encryption Key (CMEK) used for disk and volume encryption. Required for Apigee paid subscriptions only. * Use the following format: `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)` */ readonly diskEncryptionKeyName: pulumi.Output; /** * Display name of the instance. */ readonly displayName: pulumi.Output; /** * Output only. Hostname or IP address of the exposed Apigee endpoint used by clients to connect to the service. */ readonly host: pulumi.Output; /** * IP range represents the customer-provided CIDR block of length 22 that will be used for * the Apigee instance creation. This optional range, if provided, should be freely * available as part of larger named range the customer has allocated to the Service * Networking peering. If this is not provided, Apigee will automatically request for any * available /22 CIDR block from Service Networking. The customer should use this CIDR block * for configuring their firewall needs to allow traffic from Apigee. * Input format: "a.b.c.d/22" */ readonly ipRange: pulumi.Output; /** * Required. Compute Engine location where the instance resides. */ readonly location: pulumi.Output; /** * Resource ID of the instance. */ readonly name: pulumi.Output; /** * The Apigee Organization associated with the Apigee instance, * in the format `organizations/{{org_name}}`. */ readonly orgId: pulumi.Output; /** * The size of the CIDR block range that will be reserved by the instance. For valid values, * see [CidrRange](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#CidrRange) on the documentation. */ readonly peeringCidrRange: pulumi.Output; /** * Output only. Port number of the exposed Apigee endpoint. */ readonly port: pulumi.Output; /** * Output only. Resource name of the service attachment created for the instance in * the format: projects/*/regions/*/serviceAttachments/* Apigee customers can privately * forward traffic to this service attachment using the PSC endpoints. */ readonly serviceAttachment: pulumi.Output; /** * Create a Instance resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: InstanceArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Instance resources. */ export interface InstanceState { /** * Access logging configuration enables the access logging feature at the instance. * Apigee customers can enable access logging to ship the access logs to their own project's cloud logging. * Structure is documented below. */ accessLoggingConfig?: pulumi.Input; /** * Optional. Customer accept list represents the list of projects (id/number) on customer * side that can privately connect to the service attachment. It is an optional field * which the customers can provide during the instance creation. By default, the customer * project associated with the Apigee organization will be included to the list. */ consumerAcceptLists?: pulumi.Input[]>; /** * Description of the instance. */ description?: pulumi.Input; /** * Customer Managed Encryption Key (CMEK) used for disk and volume encryption. Required for Apigee paid subscriptions only. * Use the following format: `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)` */ diskEncryptionKeyName?: pulumi.Input; /** * Display name of the instance. */ displayName?: pulumi.Input; /** * Output only. Hostname or IP address of the exposed Apigee endpoint used by clients to connect to the service. */ host?: pulumi.Input; /** * IP range represents the customer-provided CIDR block of length 22 that will be used for * the Apigee instance creation. This optional range, if provided, should be freely * available as part of larger named range the customer has allocated to the Service * Networking peering. If this is not provided, Apigee will automatically request for any * available /22 CIDR block from Service Networking. The customer should use this CIDR block * for configuring their firewall needs to allow traffic from Apigee. * Input format: "a.b.c.d/22" */ ipRange?: pulumi.Input; /** * Required. Compute Engine location where the instance resides. */ location?: pulumi.Input; /** * Resource ID of the instance. */ name?: pulumi.Input; /** * The Apigee Organization associated with the Apigee instance, * in the format `organizations/{{org_name}}`. */ orgId?: pulumi.Input; /** * The size of the CIDR block range that will be reserved by the instance. For valid values, * see [CidrRange](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#CidrRange) on the documentation. */ peeringCidrRange?: pulumi.Input; /** * Output only. Port number of the exposed Apigee endpoint. */ port?: pulumi.Input; /** * Output only. Resource name of the service attachment created for the instance in * the format: projects/*/regions/*/serviceAttachments/* Apigee customers can privately * forward traffic to this service attachment using the PSC endpoints. */ serviceAttachment?: pulumi.Input; } /** * The set of arguments for constructing a Instance resource. */ export interface InstanceArgs { /** * Access logging configuration enables the access logging feature at the instance. * Apigee customers can enable access logging to ship the access logs to their own project's cloud logging. * Structure is documented below. */ accessLoggingConfig?: pulumi.Input; /** * Optional. Customer accept list represents the list of projects (id/number) on customer * side that can privately connect to the service attachment. It is an optional field * which the customers can provide during the instance creation. By default, the customer * project associated with the Apigee organization will be included to the list. */ consumerAcceptLists?: pulumi.Input[]>; /** * Description of the instance. */ description?: pulumi.Input; /** * Customer Managed Encryption Key (CMEK) used for disk and volume encryption. Required for Apigee paid subscriptions only. * Use the following format: `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)` */ diskEncryptionKeyName?: pulumi.Input; /** * Display name of the instance. */ displayName?: pulumi.Input; /** * IP range represents the customer-provided CIDR block of length 22 that will be used for * the Apigee instance creation. This optional range, if provided, should be freely * available as part of larger named range the customer has allocated to the Service * Networking peering. If this is not provided, Apigee will automatically request for any * available /22 CIDR block from Service Networking. The customer should use this CIDR block * for configuring their firewall needs to allow traffic from Apigee. * Input format: "a.b.c.d/22" */ ipRange?: pulumi.Input; /** * Required. Compute Engine location where the instance resides. */ location: pulumi.Input; /** * Resource ID of the instance. */ name?: pulumi.Input; /** * The Apigee Organization associated with the Apigee instance, * in the format `organizations/{{org_name}}`. */ orgId: pulumi.Input; /** * The size of the CIDR block range that will be reserved by the instance. For valid values, * see [CidrRange](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#CidrRange) on the documentation. */ peeringCidrRange?: pulumi.Input; }