1. Packages
  2. Google Cloud Native
  3. API Docs
  4. vmwareengine
  5. vmwareengine/v1
  6. ExternalAccessRule

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

google-native.vmwareengine/v1.ExternalAccessRule

Explore with Pulumi AI

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

Creates a new external access rule in a given network policy. Auto-naming is currently not supported for this resource.

Create ExternalAccessRule Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ExternalAccessRule(name: string, args: ExternalAccessRuleArgs, opts?: CustomResourceOptions);
@overload
def ExternalAccessRule(resource_name: str,
                       args: ExternalAccessRuleArgs,
                       opts: Optional[ResourceOptions] = None)

@overload
def ExternalAccessRule(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       external_access_rule_id: Optional[str] = None,
                       network_policy_id: Optional[str] = None,
                       location: Optional[str] = None,
                       destination_ports: Optional[Sequence[str]] = None,
                       destination_ip_ranges: Optional[Sequence[IpRangeArgs]] = None,
                       ip_protocol: Optional[str] = None,
                       action: Optional[ExternalAccessRuleAction] = None,
                       description: Optional[str] = None,
                       priority: Optional[int] = None,
                       project: Optional[str] = None,
                       request_id: Optional[str] = None,
                       source_ip_ranges: Optional[Sequence[IpRangeArgs]] = None,
                       source_ports: Optional[Sequence[str]] = None)
func NewExternalAccessRule(ctx *Context, name string, args ExternalAccessRuleArgs, opts ...ResourceOption) (*ExternalAccessRule, error)
public ExternalAccessRule(string name, ExternalAccessRuleArgs args, CustomResourceOptions? opts = null)
public ExternalAccessRule(String name, ExternalAccessRuleArgs args)
public ExternalAccessRule(String name, ExternalAccessRuleArgs args, CustomResourceOptions options)
type: google-native:vmwareengine/v1:ExternalAccessRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. ExternalAccessRuleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. ExternalAccessRuleArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. ExternalAccessRuleArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. ExternalAccessRuleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. ExternalAccessRuleArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var externalAccessRuleResource = new GoogleNative.VMwareEngine.V1.ExternalAccessRule("externalAccessRuleResource", new()
{
    ExternalAccessRuleId = "string",
    NetworkPolicyId = "string",
    Location = "string",
    DestinationPorts = new[]
    {
        "string",
    },
    DestinationIpRanges = new[]
    {
        new GoogleNative.VMwareEngine.V1.Inputs.IpRangeArgs
        {
            ExternalAddress = "string",
            IpAddress = "string",
            IpAddressRange = "string",
        },
    },
    IpProtocol = "string",
    Action = GoogleNative.VMwareEngine.V1.ExternalAccessRuleAction.ActionUnspecified,
    Description = "string",
    Priority = 0,
    Project = "string",
    RequestId = "string",
    SourceIpRanges = new[]
    {
        new GoogleNative.VMwareEngine.V1.Inputs.IpRangeArgs
        {
            ExternalAddress = "string",
            IpAddress = "string",
            IpAddressRange = "string",
        },
    },
    SourcePorts = new[]
    {
        "string",
    },
});
Copy
example, err := vmwareengine.NewExternalAccessRule(ctx, "externalAccessRuleResource", &vmwareengine.ExternalAccessRuleArgs{
	ExternalAccessRuleId: pulumi.String("string"),
	NetworkPolicyId:      pulumi.String("string"),
	Location:             pulumi.String("string"),
	DestinationPorts: pulumi.StringArray{
		pulumi.String("string"),
	},
	DestinationIpRanges: vmwareengine.IpRangeArray{
		&vmwareengine.IpRangeArgs{
			ExternalAddress: pulumi.String("string"),
			IpAddress:       pulumi.String("string"),
			IpAddressRange:  pulumi.String("string"),
		},
	},
	IpProtocol:  pulumi.String("string"),
	Action:      vmwareengine.ExternalAccessRuleActionActionUnspecified,
	Description: pulumi.String("string"),
	Priority:    pulumi.Int(0),
	Project:     pulumi.String("string"),
	RequestId:   pulumi.String("string"),
	SourceIpRanges: vmwareengine.IpRangeArray{
		&vmwareengine.IpRangeArgs{
			ExternalAddress: pulumi.String("string"),
			IpAddress:       pulumi.String("string"),
			IpAddressRange:  pulumi.String("string"),
		},
	},
	SourcePorts: pulumi.StringArray{
		pulumi.String("string"),
	},
})
Copy
var externalAccessRuleResource = new ExternalAccessRule("externalAccessRuleResource", ExternalAccessRuleArgs.builder()
    .externalAccessRuleId("string")
    .networkPolicyId("string")
    .location("string")
    .destinationPorts("string")
    .destinationIpRanges(IpRangeArgs.builder()
        .externalAddress("string")
        .ipAddress("string")
        .ipAddressRange("string")
        .build())
    .ipProtocol("string")
    .action("ACTION_UNSPECIFIED")
    .description("string")
    .priority(0)
    .project("string")
    .requestId("string")
    .sourceIpRanges(IpRangeArgs.builder()
        .externalAddress("string")
        .ipAddress("string")
        .ipAddressRange("string")
        .build())
    .sourcePorts("string")
    .build());
Copy
external_access_rule_resource = google_native.vmwareengine.v1.ExternalAccessRule("externalAccessRuleResource",
    external_access_rule_id="string",
    network_policy_id="string",
    location="string",
    destination_ports=["string"],
    destination_ip_ranges=[{
        "external_address": "string",
        "ip_address": "string",
        "ip_address_range": "string",
    }],
    ip_protocol="string",
    action=google_native.vmwareengine.v1.ExternalAccessRuleAction.ACTION_UNSPECIFIED,
    description="string",
    priority=0,
    project="string",
    request_id="string",
    source_ip_ranges=[{
        "external_address": "string",
        "ip_address": "string",
        "ip_address_range": "string",
    }],
    source_ports=["string"])
Copy
const externalAccessRuleResource = new google_native.vmwareengine.v1.ExternalAccessRule("externalAccessRuleResource", {
    externalAccessRuleId: "string",
    networkPolicyId: "string",
    location: "string",
    destinationPorts: ["string"],
    destinationIpRanges: [{
        externalAddress: "string",
        ipAddress: "string",
        ipAddressRange: "string",
    }],
    ipProtocol: "string",
    action: google_native.vmwareengine.v1.ExternalAccessRuleAction.ActionUnspecified,
    description: "string",
    priority: 0,
    project: "string",
    requestId: "string",
    sourceIpRanges: [{
        externalAddress: "string",
        ipAddress: "string",
        ipAddressRange: "string",
    }],
    sourcePorts: ["string"],
});
Copy
type: google-native:vmwareengine/v1:ExternalAccessRule
properties:
    action: ACTION_UNSPECIFIED
    description: string
    destinationIpRanges:
        - externalAddress: string
          ipAddress: string
          ipAddressRange: string
    destinationPorts:
        - string
    externalAccessRuleId: string
    ipProtocol: string
    location: string
    networkPolicyId: string
    priority: 0
    project: string
    requestId: string
    sourceIpRanges:
        - externalAddress: string
          ipAddress: string
          ipAddressRange: string
    sourcePorts:
        - string
Copy

ExternalAccessRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ExternalAccessRule resource accepts the following input properties:

ExternalAccessRuleId
This property is required.
Changes to this property will trigger replacement.
string
Required. The user-provided identifier of the ExternalAccessRule to be created. This identifier must be unique among ExternalAccessRule resources within the parent and becomes the final token in the name URI. The identifier must meet the following requirements: * Only contains 1-63 alphanumeric characters and hyphens * Begins with an alphabetical character * Ends with a non-hyphen character * Not formatted as a UUID * Complies with RFC 1034 (section 3.5)
NetworkPolicyId
This property is required.
Changes to this property will trigger replacement.
string
Action Pulumi.GoogleNative.VMwareEngine.V1.ExternalAccessRuleAction
The action that the external access rule performs.
Description string
User-provided description for this external access rule.
DestinationIpRanges List<Pulumi.GoogleNative.VMwareEngine.V1.Inputs.IpRange>
If destination ranges are specified, the external access rule applies only to the traffic that has a destination IP address in these ranges. The specified IP addresses must have reserved external IP addresses in the scope of the parent network policy. To match all external IP addresses in the scope of the parent network policy, specify 0.0.0.0/0. To match a specific external IP address, specify it using the IpRange.external_address property.
DestinationPorts List<string>
A list of destination ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all destination ports, specify ["0-65535"].
IpProtocol string
The IP protocol to which the external access rule applies. This value can be one of the following three protocol strings (not case-sensitive): tcp, udp, or icmp.
Location Changes to this property will trigger replacement. string
Priority int
External access rule priority, which determines the external access rule to use when multiple rules apply. If multiple rules have the same priority, their ordering is non-deterministic. If specific ordering is required, assign unique priorities to enforce such ordering. The external access rule priority is an integer from 100 to 4096, both inclusive. Lower integers indicate higher precedence. For example, a rule with priority 100 has higher precedence than a rule with priority 101.
Project Changes to this property will trigger replacement. string
RequestId string
A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server guarantees that a request doesn't result in creation of duplicate commitments for at least 60 minutes. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if the original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
SourceIpRanges List<Pulumi.GoogleNative.VMwareEngine.V1.Inputs.IpRange>
If source ranges are specified, the external access rule applies only to traffic that has a source IP address in these ranges. These ranges can either be expressed in the CIDR format or as an IP address. As only inbound rules are supported, ExternalAddress resources cannot be the source IP addresses of an external access rule. To match all source addresses, specify 0.0.0.0/0.
SourcePorts List<string>
A list of source ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all source ports, specify ["0-65535"].
ExternalAccessRuleId
This property is required.
Changes to this property will trigger replacement.
string
Required. The user-provided identifier of the ExternalAccessRule to be created. This identifier must be unique among ExternalAccessRule resources within the parent and becomes the final token in the name URI. The identifier must meet the following requirements: * Only contains 1-63 alphanumeric characters and hyphens * Begins with an alphabetical character * Ends with a non-hyphen character * Not formatted as a UUID * Complies with RFC 1034 (section 3.5)
NetworkPolicyId
This property is required.
Changes to this property will trigger replacement.
string
Action ExternalAccessRuleAction
The action that the external access rule performs.
Description string
User-provided description for this external access rule.
DestinationIpRanges []IpRangeArgs
If destination ranges are specified, the external access rule applies only to the traffic that has a destination IP address in these ranges. The specified IP addresses must have reserved external IP addresses in the scope of the parent network policy. To match all external IP addresses in the scope of the parent network policy, specify 0.0.0.0/0. To match a specific external IP address, specify it using the IpRange.external_address property.
DestinationPorts []string
A list of destination ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all destination ports, specify ["0-65535"].
IpProtocol string
The IP protocol to which the external access rule applies. This value can be one of the following three protocol strings (not case-sensitive): tcp, udp, or icmp.
Location Changes to this property will trigger replacement. string
Priority int
External access rule priority, which determines the external access rule to use when multiple rules apply. If multiple rules have the same priority, their ordering is non-deterministic. If specific ordering is required, assign unique priorities to enforce such ordering. The external access rule priority is an integer from 100 to 4096, both inclusive. Lower integers indicate higher precedence. For example, a rule with priority 100 has higher precedence than a rule with priority 101.
Project Changes to this property will trigger replacement. string
RequestId string
A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server guarantees that a request doesn't result in creation of duplicate commitments for at least 60 minutes. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if the original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
SourceIpRanges []IpRangeArgs
If source ranges are specified, the external access rule applies only to traffic that has a source IP address in these ranges. These ranges can either be expressed in the CIDR format or as an IP address. As only inbound rules are supported, ExternalAddress resources cannot be the source IP addresses of an external access rule. To match all source addresses, specify 0.0.0.0/0.
SourcePorts []string
A list of source ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all source ports, specify ["0-65535"].
externalAccessRuleId
This property is required.
Changes to this property will trigger replacement.
String
Required. The user-provided identifier of the ExternalAccessRule to be created. This identifier must be unique among ExternalAccessRule resources within the parent and becomes the final token in the name URI. The identifier must meet the following requirements: * Only contains 1-63 alphanumeric characters and hyphens * Begins with an alphabetical character * Ends with a non-hyphen character * Not formatted as a UUID * Complies with RFC 1034 (section 3.5)
networkPolicyId
This property is required.
Changes to this property will trigger replacement.
String
action ExternalAccessRuleAction
The action that the external access rule performs.
description String
User-provided description for this external access rule.
destinationIpRanges List<IpRange>
If destination ranges are specified, the external access rule applies only to the traffic that has a destination IP address in these ranges. The specified IP addresses must have reserved external IP addresses in the scope of the parent network policy. To match all external IP addresses in the scope of the parent network policy, specify 0.0.0.0/0. To match a specific external IP address, specify it using the IpRange.external_address property.
destinationPorts List<String>
A list of destination ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all destination ports, specify ["0-65535"].
ipProtocol String
The IP protocol to which the external access rule applies. This value can be one of the following three protocol strings (not case-sensitive): tcp, udp, or icmp.
location Changes to this property will trigger replacement. String
priority Integer
External access rule priority, which determines the external access rule to use when multiple rules apply. If multiple rules have the same priority, their ordering is non-deterministic. If specific ordering is required, assign unique priorities to enforce such ordering. The external access rule priority is an integer from 100 to 4096, both inclusive. Lower integers indicate higher precedence. For example, a rule with priority 100 has higher precedence than a rule with priority 101.
project Changes to this property will trigger replacement. String
requestId String
A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server guarantees that a request doesn't result in creation of duplicate commitments for at least 60 minutes. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if the original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
sourceIpRanges List<IpRange>
If source ranges are specified, the external access rule applies only to traffic that has a source IP address in these ranges. These ranges can either be expressed in the CIDR format or as an IP address. As only inbound rules are supported, ExternalAddress resources cannot be the source IP addresses of an external access rule. To match all source addresses, specify 0.0.0.0/0.
sourcePorts List<String>
A list of source ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all source ports, specify ["0-65535"].
externalAccessRuleId
This property is required.
Changes to this property will trigger replacement.
string
Required. The user-provided identifier of the ExternalAccessRule to be created. This identifier must be unique among ExternalAccessRule resources within the parent and becomes the final token in the name URI. The identifier must meet the following requirements: * Only contains 1-63 alphanumeric characters and hyphens * Begins with an alphabetical character * Ends with a non-hyphen character * Not formatted as a UUID * Complies with RFC 1034 (section 3.5)
networkPolicyId
This property is required.
Changes to this property will trigger replacement.
string
action ExternalAccessRuleAction
The action that the external access rule performs.
description string
User-provided description for this external access rule.
destinationIpRanges IpRange[]
If destination ranges are specified, the external access rule applies only to the traffic that has a destination IP address in these ranges. The specified IP addresses must have reserved external IP addresses in the scope of the parent network policy. To match all external IP addresses in the scope of the parent network policy, specify 0.0.0.0/0. To match a specific external IP address, specify it using the IpRange.external_address property.
destinationPorts string[]
A list of destination ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all destination ports, specify ["0-65535"].
ipProtocol string
The IP protocol to which the external access rule applies. This value can be one of the following three protocol strings (not case-sensitive): tcp, udp, or icmp.
location Changes to this property will trigger replacement. string
priority number
External access rule priority, which determines the external access rule to use when multiple rules apply. If multiple rules have the same priority, their ordering is non-deterministic. If specific ordering is required, assign unique priorities to enforce such ordering. The external access rule priority is an integer from 100 to 4096, both inclusive. Lower integers indicate higher precedence. For example, a rule with priority 100 has higher precedence than a rule with priority 101.
project Changes to this property will trigger replacement. string
requestId string
A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server guarantees that a request doesn't result in creation of duplicate commitments for at least 60 minutes. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if the original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
sourceIpRanges IpRange[]
If source ranges are specified, the external access rule applies only to traffic that has a source IP address in these ranges. These ranges can either be expressed in the CIDR format or as an IP address. As only inbound rules are supported, ExternalAddress resources cannot be the source IP addresses of an external access rule. To match all source addresses, specify 0.0.0.0/0.
sourcePorts string[]
A list of source ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all source ports, specify ["0-65535"].
external_access_rule_id
This property is required.
Changes to this property will trigger replacement.
str
Required. The user-provided identifier of the ExternalAccessRule to be created. This identifier must be unique among ExternalAccessRule resources within the parent and becomes the final token in the name URI. The identifier must meet the following requirements: * Only contains 1-63 alphanumeric characters and hyphens * Begins with an alphabetical character * Ends with a non-hyphen character * Not formatted as a UUID * Complies with RFC 1034 (section 3.5)
network_policy_id
This property is required.
Changes to this property will trigger replacement.
str
action ExternalAccessRuleAction
The action that the external access rule performs.
description str
User-provided description for this external access rule.
destination_ip_ranges Sequence[IpRangeArgs]
If destination ranges are specified, the external access rule applies only to the traffic that has a destination IP address in these ranges. The specified IP addresses must have reserved external IP addresses in the scope of the parent network policy. To match all external IP addresses in the scope of the parent network policy, specify 0.0.0.0/0. To match a specific external IP address, specify it using the IpRange.external_address property.
destination_ports Sequence[str]
A list of destination ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all destination ports, specify ["0-65535"].
ip_protocol str
The IP protocol to which the external access rule applies. This value can be one of the following three protocol strings (not case-sensitive): tcp, udp, or icmp.
location Changes to this property will trigger replacement. str
priority int
External access rule priority, which determines the external access rule to use when multiple rules apply. If multiple rules have the same priority, their ordering is non-deterministic. If specific ordering is required, assign unique priorities to enforce such ordering. The external access rule priority is an integer from 100 to 4096, both inclusive. Lower integers indicate higher precedence. For example, a rule with priority 100 has higher precedence than a rule with priority 101.
project Changes to this property will trigger replacement. str
request_id str
A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server guarantees that a request doesn't result in creation of duplicate commitments for at least 60 minutes. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if the original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
source_ip_ranges Sequence[IpRangeArgs]
If source ranges are specified, the external access rule applies only to traffic that has a source IP address in these ranges. These ranges can either be expressed in the CIDR format or as an IP address. As only inbound rules are supported, ExternalAddress resources cannot be the source IP addresses of an external access rule. To match all source addresses, specify 0.0.0.0/0.
source_ports Sequence[str]
A list of source ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all source ports, specify ["0-65535"].
externalAccessRuleId
This property is required.
Changes to this property will trigger replacement.
String
Required. The user-provided identifier of the ExternalAccessRule to be created. This identifier must be unique among ExternalAccessRule resources within the parent and becomes the final token in the name URI. The identifier must meet the following requirements: * Only contains 1-63 alphanumeric characters and hyphens * Begins with an alphabetical character * Ends with a non-hyphen character * Not formatted as a UUID * Complies with RFC 1034 (section 3.5)
networkPolicyId
This property is required.
Changes to this property will trigger replacement.
String
action "ACTION_UNSPECIFIED" | "ALLOW" | "DENY"
The action that the external access rule performs.
description String
User-provided description for this external access rule.
destinationIpRanges List<Property Map>
If destination ranges are specified, the external access rule applies only to the traffic that has a destination IP address in these ranges. The specified IP addresses must have reserved external IP addresses in the scope of the parent network policy. To match all external IP addresses in the scope of the parent network policy, specify 0.0.0.0/0. To match a specific external IP address, specify it using the IpRange.external_address property.
destinationPorts List<String>
A list of destination ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all destination ports, specify ["0-65535"].
ipProtocol String
The IP protocol to which the external access rule applies. This value can be one of the following three protocol strings (not case-sensitive): tcp, udp, or icmp.
location Changes to this property will trigger replacement. String
priority Number
External access rule priority, which determines the external access rule to use when multiple rules apply. If multiple rules have the same priority, their ordering is non-deterministic. If specific ordering is required, assign unique priorities to enforce such ordering. The external access rule priority is an integer from 100 to 4096, both inclusive. Lower integers indicate higher precedence. For example, a rule with priority 100 has higher precedence than a rule with priority 101.
project Changes to this property will trigger replacement. String
requestId String
A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server guarantees that a request doesn't result in creation of duplicate commitments for at least 60 minutes. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if the original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
sourceIpRanges List<Property Map>
If source ranges are specified, the external access rule applies only to traffic that has a source IP address in these ranges. These ranges can either be expressed in the CIDR format or as an IP address. As only inbound rules are supported, ExternalAddress resources cannot be the source IP addresses of an external access rule. To match all source addresses, specify 0.0.0.0/0.
sourcePorts List<String>
A list of source ports to which the external access rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. For example: ["22"], ["80","443"], or ["12345-12349"]. To match all source ports, specify ["0-65535"].

Outputs

All input properties are implicitly available as output properties. Additionally, the ExternalAccessRule resource produces the following output properties:

CreateTime string
Creation time of this resource.
Id string
The provider-assigned unique ID for this managed resource.
Name string
The resource name of this external access rule. Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. For example: projects/my-project/locations/us-central1/networkPolicies/my-policy/externalAccessRules/my-rule
State string
The state of the resource.
Uid string
System-generated unique identifier for the resource.
UpdateTime string
Last update time of this resource.
CreateTime string
Creation time of this resource.
Id string
The provider-assigned unique ID for this managed resource.
Name string
The resource name of this external access rule. Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. For example: projects/my-project/locations/us-central1/networkPolicies/my-policy/externalAccessRules/my-rule
State string
The state of the resource.
Uid string
System-generated unique identifier for the resource.
UpdateTime string
Last update time of this resource.
createTime String
Creation time of this resource.
id String
The provider-assigned unique ID for this managed resource.
name String
The resource name of this external access rule. Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. For example: projects/my-project/locations/us-central1/networkPolicies/my-policy/externalAccessRules/my-rule
state String
The state of the resource.
uid String
System-generated unique identifier for the resource.
updateTime String
Last update time of this resource.
createTime string
Creation time of this resource.
id string
The provider-assigned unique ID for this managed resource.
name string
The resource name of this external access rule. Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. For example: projects/my-project/locations/us-central1/networkPolicies/my-policy/externalAccessRules/my-rule
state string
The state of the resource.
uid string
System-generated unique identifier for the resource.
updateTime string
Last update time of this resource.
create_time str
Creation time of this resource.
id str
The provider-assigned unique ID for this managed resource.
name str
The resource name of this external access rule. Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. For example: projects/my-project/locations/us-central1/networkPolicies/my-policy/externalAccessRules/my-rule
state str
The state of the resource.
uid str
System-generated unique identifier for the resource.
update_time str
Last update time of this resource.
createTime String
Creation time of this resource.
id String
The provider-assigned unique ID for this managed resource.
name String
The resource name of this external access rule. Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. For example: projects/my-project/locations/us-central1/networkPolicies/my-policy/externalAccessRules/my-rule
state String
The state of the resource.
uid String
System-generated unique identifier for the resource.
updateTime String
Last update time of this resource.

Supporting Types

ExternalAccessRuleAction
, ExternalAccessRuleActionArgs

ActionUnspecified
ACTION_UNSPECIFIEDDefaults to allow.
Allow
ALLOWAllows connections that match the other specified components.
Deny
DENYBlocks connections that match the other specified components.
ExternalAccessRuleActionActionUnspecified
ACTION_UNSPECIFIEDDefaults to allow.
ExternalAccessRuleActionAllow
ALLOWAllows connections that match the other specified components.
ExternalAccessRuleActionDeny
DENYBlocks connections that match the other specified components.
ActionUnspecified
ACTION_UNSPECIFIEDDefaults to allow.
Allow
ALLOWAllows connections that match the other specified components.
Deny
DENYBlocks connections that match the other specified components.
ActionUnspecified
ACTION_UNSPECIFIEDDefaults to allow.
Allow
ALLOWAllows connections that match the other specified components.
Deny
DENYBlocks connections that match the other specified components.
ACTION_UNSPECIFIED
ACTION_UNSPECIFIEDDefaults to allow.
ALLOW
ALLOWAllows connections that match the other specified components.
DENY
DENYBlocks connections that match the other specified components.
"ACTION_UNSPECIFIED"
ACTION_UNSPECIFIEDDefaults to allow.
"ALLOW"
ALLOWAllows connections that match the other specified components.
"DENY"
DENYBlocks connections that match the other specified components.

IpRange
, IpRangeArgs

ExternalAddress string
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
IpAddress string
A single IP address. For example: 10.0.0.5.
IpAddressRange string
An IP address range in the CIDR format. For example: 10.0.0.0/24.
ExternalAddress string
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
IpAddress string
A single IP address. For example: 10.0.0.5.
IpAddressRange string
An IP address range in the CIDR format. For example: 10.0.0.0/24.
externalAddress String
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
ipAddress String
A single IP address. For example: 10.0.0.5.
ipAddressRange String
An IP address range in the CIDR format. For example: 10.0.0.0/24.
externalAddress string
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
ipAddress string
A single IP address. For example: 10.0.0.5.
ipAddressRange string
An IP address range in the CIDR format. For example: 10.0.0.0/24.
external_address str
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
ip_address str
A single IP address. For example: 10.0.0.5.
ip_address_range str
An IP address range in the CIDR format. For example: 10.0.0.0/24.
externalAddress String
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
ipAddress String
A single IP address. For example: 10.0.0.5.
ipAddressRange String
An IP address range in the CIDR format. For example: 10.0.0.0/24.

IpRangeResponse
, IpRangeResponseArgs

ExternalAddress This property is required. string
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
IpAddress This property is required. string
A single IP address. For example: 10.0.0.5.
IpAddressRange This property is required. string
An IP address range in the CIDR format. For example: 10.0.0.0/24.
ExternalAddress This property is required. string
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
IpAddress This property is required. string
A single IP address. For example: 10.0.0.5.
IpAddressRange This property is required. string
An IP address range in the CIDR format. For example: 10.0.0.0/24.
externalAddress This property is required. String
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
ipAddress This property is required. String
A single IP address. For example: 10.0.0.5.
ipAddressRange This property is required. String
An IP address range in the CIDR format. For example: 10.0.0.0/24.
externalAddress This property is required. string
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
ipAddress This property is required. string
A single IP address. For example: 10.0.0.5.
ipAddressRange This property is required. string
An IP address range in the CIDR format. For example: 10.0.0.0/24.
external_address This property is required. str
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
ip_address This property is required. str
A single IP address. For example: 10.0.0.5.
ip_address_range This property is required. str
An IP address range in the CIDR format. For example: 10.0.0.0/24.
externalAddress This property is required. String
The name of an ExternalAddress resource. The external address must have been reserved in the scope of this external access rule's parent network policy. Provide the external address name in the form of projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}. For example: projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address.
ipAddress This property is required. String
A single IP address. For example: 10.0.0.5.
ipAddressRange This property is required. String
An IP address range in the CIDR format. For example: 10.0.0.0/24.

Package Details

Repository
Google Cloud Native pulumi/pulumi-google-native
License
Apache-2.0

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi