import * as pulumi from "@pulumi/pulumi"; /** * The acl resource allows you to configure a Tailscale ACL. See https://tailscale.com/kb/1018/acls for more information. Note that this resource will completely overwrite existing ACL contents for a given tailnet. * * If tests are defined in the ACL (the top-level "tests" section), ACL validation will occur before creation and update operations are applied. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as tailscale from "@pulumi/tailscale"; * * const asJson = new tailscale.Acl("as_json", {acl: JSON.stringify({ * acls: [{ * action: "accept", * users: ["*"], * ports: ["*:*"], * }], * })}); * const asHujson = new tailscale.Acl("as_hujson", {acl: ` { * // Comments in HuJSON policy are preserved when the policy is applied. * "acls": [ * { * // Allow all users access to all ports. * action = "accept", * users = ["*"], * ports = ["*:*"], * }, * ], * } * `}); * ``` * * ## Import * * ID doesn't matter. * * ```sh * $ pulumi import tailscale:index/acl:Acl sample_acl acl * ``` */ export declare class Acl extends pulumi.CustomResource { /** * Get an existing Acl resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: AclState, opts?: pulumi.CustomResourceOptions): Acl; /** * Returns true if the given object is an instance of Acl. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Acl; /** * The policy that defines which devices and users are allowed to connect in your network. Can be either a JSON or a HuJSON string. */ readonly acl: pulumi.Output; /** * If true, will skip requirement to import acl before allowing changes. Be careful, can cause ACL to be overwritten */ readonly overwriteExistingContent: pulumi.Output; /** * If true, will reset the ACL for the Tailnet to the default when this resource is destroyed */ readonly resetAclOnDestroy: pulumi.Output; /** * Create a Acl resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: AclArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Acl resources. */ export interface AclState { /** * The policy that defines which devices and users are allowed to connect in your network. Can be either a JSON or a HuJSON string. */ acl?: pulumi.Input; /** * If true, will skip requirement to import acl before allowing changes. Be careful, can cause ACL to be overwritten */ overwriteExistingContent?: pulumi.Input; /** * If true, will reset the ACL for the Tailnet to the default when this resource is destroyed */ resetAclOnDestroy?: pulumi.Input; } /** * The set of arguments for constructing a Acl resource. */ export interface AclArgs { /** * The policy that defines which devices and users are allowed to connect in your network. Can be either a JSON or a HuJSON string. */ acl: pulumi.Input; /** * If true, will skip requirement to import acl before allowing changes. Be careful, can cause ACL to be overwritten */ overwriteExistingContent?: pulumi.Input; /** * If true, will reset the ACL for the Tailnet to the default when this resource is destroyed */ resetAclOnDestroy?: pulumi.Input; }