import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * IAP settings - manage IAP settings * * To get more information about Settings, see: * * * [API documentation](https://cloud.google.com/iap/docs/reference/rest/v1/IapSettings) * * How-to Guides * * [Customizing IAP](https://cloud.google.com/iap/docs/customizing) * * ## Example Usage * * ### Iap Settings Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const project = gcp.organizations.getProject({}); * const defaultHealthCheck = new gcp.compute.HealthCheck("default", { * name: "iap-bs-health-check", * checkIntervalSec: 1, * timeoutSec: 1, * tcpHealthCheck: { * port: 80, * }, * }); * const _default = new gcp.compute.RegionBackendService("default", { * name: "iap-settings-tf", * region: "us-central1", * healthChecks: defaultHealthCheck.id, * connectionDrainingTimeoutSec: 10, * sessionAffinity: "CLIENT_IP", * }); * const iapSettings = new gcp.iap.Settings("iap_settings", { * name: pulumi.all([project, _default.name]).apply(([project, name]) => `projects/${project.number}/iap_web/compute-us-central1/services/${name}`), * accessSettings: { * identitySources: ["WORKFORCE_IDENTITY_FEDERATION"], * allowedDomainsSettings: { * domains: ["test.abc.com"], * enable: true, * }, * corsSettings: { * allowHttpOptions: true, * }, * reauthSettings: { * method: "SECURE_KEY", * maxAge: "305s", * policyType: "MINIMUM", * }, * gcipSettings: { * loginPageUri: "https://test.com/?apiKey=abc", * }, * oauthSettings: { * loginHint: "test", * }, * workforceIdentitySettings: { * workforcePools: "wif-pool", * oauth2: { * clientId: "test-client-id", * clientSecret: "test-client-secret", * }, * }, * }, * applicationSettings: { * cookieDomain: "test.abc.com", * csmSettings: { * rctokenAud: "test-aud-set", * }, * accessDeniedPageSettings: { * accessDeniedPageUri: "test-uri", * generateTroubleshootingUri: true, * remediationTokenGenerationEnabled: false, * }, * attributePropagationSettings: { * outputCredentials: ["HEADER"], * expression: "attributes.saml_attributes.filter(attribute, attribute.name in [\"test1\", \"test2\"])", * enable: false, * }, * }, * }); * ``` * * ## Import * * Settings can be imported using any of these accepted formats: * * * `{{name}}/iapSettings` * * * `{{name}}` * * When using the `pulumi import` command, Settings can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:iap/settings:Settings default {{name}}/iapSettings * ``` * * ```sh * $ pulumi import gcp:iap/settings:Settings default {{name}} * ``` */ export declare class Settings extends pulumi.CustomResource { /** * Get an existing Settings resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: SettingsState, opts?: pulumi.CustomResourceOptions): Settings; /** * Returns true if the given object is an instance of Settings. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Settings; /** * Top level wrapper for all access related setting in IAP. * Structure is documented below. */ readonly accessSettings: pulumi.Output; /** * Top level wrapper for all application related settings in IAP. * Structure is documented below. */ readonly applicationSettings: pulumi.Output; /** * The resource name of the IAP protected resource. Name can have below resources: * * organizations/{organization_id} * * folders/{folder_id} * * projects/{project_id} * * projects/{project_id}/iap_web * * projects/{project_id}/iap_web/compute * * projects/{project_id}/iap_web/compute-{region} * * projects/{project_id}/iap_web/compute/services/{service_id} * * projects/{project_id}/iap_web/compute-{region}/services/{service_id} * * projects/{project_id}/iap_web/appengine-{app_id} * * projects/{project_id}/iap_web/appengine-{app_id}/services/{service_id} * * projects/{project_id}/iap_web/appengine-{app_id}/services/{service_id}/version/{version_id} */ readonly name: pulumi.Output; /** * Create a Settings resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args?: SettingsArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Settings resources. */ export interface SettingsState { /** * Top level wrapper for all access related setting in IAP. * Structure is documented below. */ accessSettings?: pulumi.Input; /** * Top level wrapper for all application related settings in IAP. * Structure is documented below. */ applicationSettings?: pulumi.Input; /** * The resource name of the IAP protected resource. Name can have below resources: * * organizations/{organization_id} * * folders/{folder_id} * * projects/{project_id} * * projects/{project_id}/iap_web * * projects/{project_id}/iap_web/compute * * projects/{project_id}/iap_web/compute-{region} * * projects/{project_id}/iap_web/compute/services/{service_id} * * projects/{project_id}/iap_web/compute-{region}/services/{service_id} * * projects/{project_id}/iap_web/appengine-{app_id} * * projects/{project_id}/iap_web/appengine-{app_id}/services/{service_id} * * projects/{project_id}/iap_web/appengine-{app_id}/services/{service_id}/version/{version_id} */ name?: pulumi.Input; } /** * The set of arguments for constructing a Settings resource. */ export interface SettingsArgs { /** * Top level wrapper for all access related setting in IAP. * Structure is documented below. */ accessSettings?: pulumi.Input; /** * Top level wrapper for all application related settings in IAP. * Structure is documented below. */ applicationSettings?: pulumi.Input; /** * The resource name of the IAP protected resource. Name can have below resources: * * organizations/{organization_id} * * folders/{folder_id} * * projects/{project_id} * * projects/{project_id}/iap_web * * projects/{project_id}/iap_web/compute * * projects/{project_id}/iap_web/compute-{region} * * projects/{project_id}/iap_web/compute/services/{service_id} * * projects/{project_id}/iap_web/compute-{region}/services/{service_id} * * projects/{project_id}/iap_web/appengine-{app_id} * * projects/{project_id}/iap_web/appengine-{app_id}/services/{service_id} * * projects/{project_id}/iap_web/appengine-{app_id}/services/{service_id}/version/{version_id} */ name?: pulumi.Input; }