Class SecurityPolicy
A Security Policy defines an IP blacklist or whitelist that protects load balanced Google Cloud services by denying or permitting traffic from specified IP ranges. For more information see the official documentation and the API.
Example Usage
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var policy = new Gcp.Compute.SecurityPolicy("policy", new Gcp.Compute.SecurityPolicyArgs
{
Rules =
{
new Gcp.Compute.Inputs.SecurityPolicyRuleArgs
{
Action = "deny(403)",
Description = "Deny access to IPs in 9.9.9.0/24",
Match = new Gcp.Compute.Inputs.SecurityPolicyRuleMatchArgs
{
Config = new Gcp.Compute.Inputs.SecurityPolicyRuleMatchConfigArgs
{
SrcIpRanges =
{
"9.9.9.0/24",
},
},
VersionedExpr = "SRC_IPS_V1",
},
Priority = "1000",
},
new Gcp.Compute.Inputs.SecurityPolicyRuleArgs
{
Action = "allow",
Description = "default rule",
Match = new Gcp.Compute.Inputs.SecurityPolicyRuleMatchArgs
{
Config = new Gcp.Compute.Inputs.SecurityPolicyRuleMatchConfigArgs
{
SrcIpRanges =
{
"*",
},
},
VersionedExpr = "SRC_IPS_V1",
},
Priority = "2147483647",
},
},
});
}
}
Inherited Members
Namespace: Pulumi.Gcp.Compute
Assembly: Pulumi.Gcp.dll
Syntax
public class SecurityPolicy : CustomResourceConstructors
View SourceSecurityPolicy(String, SecurityPolicyArgs, CustomResourceOptions)
Create a SecurityPolicy resource with the given unique name, arguments, and options.
Declaration
public SecurityPolicy(string name, SecurityPolicyArgs args = null, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resource |
| SecurityPolicyArgs | args | The arguments used to populate this resource's properties |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Properties
View SourceDescription
An optional description of this rule. Max size is 64.
Declaration
public Output<string> Description { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Fingerprint
Fingerprint of this resource.
Declaration
public Output<string> Fingerprint { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Name
The name of the security policy.
Declaration
public Output<string> Name { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Project
The project in which the resource belongs. If it is not provided, the provider project is used.
Declaration
public Output<string> Project { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Rules
The set of rules that belong to this policy. There must always be a default rule (rule with priority 2147483647 and match "*"). If no rules are provided when creating a security policy, a default rule with action "allow" will be added. Structure is documented below.
Declaration
public Output<ImmutableArray<SecurityPolicyRule>> Rules { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableArray<SecurityPolicyRule>> |
SelfLink
The URI of the created resource.
Declaration
public Output<string> SelfLink { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Methods
View SourceGet(String, Input<String>, SecurityPolicyState, CustomResourceOptions)
Get an existing SecurityPolicy resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
Declaration
public static SecurityPolicy Get(string name, Input<string> id, SecurityPolicyState state = null, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resulting resource. |
| Input<System.String> | id | The unique provider ID of the resource to lookup. |
| SecurityPolicyState | state | Any extra arguments used during the lookup. |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Returns
| Type | Description |
|---|---|
| SecurityPolicy |