Skip to content

Files

Latest commit

 

History

History
4073 lines (2616 loc) · 175 KB

computeFirewall.python.md

File metadata and controls

4073 lines (2616 loc) · 175 KB

computeFirewall Submodule

Constructs

ComputeFirewall

Represents a {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall google_compute_firewall}.

Initializers 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewall(
  scope: Construct,
  id: str,
  connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection] = None,
  count: typing.Union[typing.Union[int, float], TerraformCount] = None,
  depends_on: typing.List[ITerraformDependable] = None,
  for_each: ITerraformIterator = None,
  lifecycle: TerraformResourceLifecycle = None,
  provider: TerraformProvider = None,
  provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]] = None,
  name: str,
  network: str,
  allow: typing.Union[IResolvable, typing.List[ComputeFirewallAllow]] = None,
  deny: typing.Union[IResolvable, typing.List[ComputeFirewallDeny]] = None,
  description: str = None,
  destination_ranges: typing.List[str] = None,
  direction: str = None,
  disabled: typing.Union[bool, IResolvable] = None,
  enable_logging: typing.Union[bool, IResolvable] = None,
  id: str = None,
  log_config: ComputeFirewallLogConfig = None,
  priority: typing.Union[int, float] = None,
  project: str = None,
  source_ranges: typing.List[str] = None,
  source_service_accounts: typing.List[str] = None,
  source_tags: typing.List[str] = None,
  target_service_accounts: typing.List[str] = None,
  target_tags: typing.List[str] = None,
  timeouts: ComputeFirewallTimeouts = None
)
Name Type Description
scope constructs.Construct The scope in which to define this construct.
id str The scoped construct ID.
connection typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection] No description.
count typing.Union[typing.Union[int, float], cdktf.TerraformCount] No description.
depends_on typing.List[cdktf.ITerraformDependable] No description.
for_each cdktf.ITerraformIterator No description.
lifecycle cdktf.TerraformResourceLifecycle No description.
provider cdktf.TerraformProvider No description.
provisioners typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]] No description.
name str Name of the resource.
network str The name or self_link of the network to attach this firewall to.
allow typing.Union[cdktf.IResolvable, typing.List[ComputeFirewallAllow]] allow block.
deny typing.Union[cdktf.IResolvable, typing.List[ComputeFirewallDeny]] deny block.
description str An optional description of this resource. Provide this property when you create the resource.
destination_ranges typing.List[str] If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges.
direction str Direction of traffic to which this firewall applies;
disabled typing.Union[bool, cdktf.IResolvable] Denotes whether the firewall rule is disabled, i.e not applied to the network it is associated with. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.
enable_logging typing.Union[bool, cdktf.IResolvable] This field denotes whether to enable logging for a particular firewall rule.
id str Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#id ComputeFirewall#id}.
log_config ComputeFirewallLogConfig log_config block.
priority typing.Union[int, float] Priority for this rule.
project str Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#project ComputeFirewall#project}.
source_ranges typing.List[str] If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges.
source_service_accounts typing.List[str] If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list.
source_tags typing.List[str] If source tags are specified, the firewall will apply only to traffic with source IP that belongs to a tag listed in source tags.
target_service_accounts typing.List[str] A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[].
target_tags typing.List[str] A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[].
timeouts ComputeFirewallTimeouts timeouts block.
scopeRequired
  • Type: constructs.Construct

The scope in which to define this construct.

idRequired
  • Type: str

The scoped construct ID.

Must be unique amongst siblings in the same scope

connectionOptional
  • Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]
countOptional
  • Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]
depends_onOptional
  • Type: typing.List[cdktf.ITerraformDependable]
for_eachOptional
  • Type: cdktf.ITerraformIterator
lifecycleOptional
  • Type: cdktf.TerraformResourceLifecycle
providerOptional
  • Type: cdktf.TerraformProvider
provisionersOptional
  • Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]
nameRequired
  • Type: str

Name of the resource.

Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression 'a-z?' which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#name ComputeFirewall#name}

networkRequired
  • Type: str

The name or self_link of the network to attach this firewall to.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#network ComputeFirewall#network}

allowOptional

allow block.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#allow ComputeFirewall#allow}

denyOptional

deny block.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#deny ComputeFirewall#deny}

descriptionOptional
  • Type: str

An optional description of this resource. Provide this property when you create the resource.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#description ComputeFirewall#description}

destination_rangesOptional
  • Type: typing.List[str]

If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges.

These ranges must be expressed in CIDR format. IPv4 or IPv6 ranges are supported.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#destination_ranges ComputeFirewall#destination_ranges}

directionOptional
  • Type: str

Direction of traffic to which this firewall applies;

default is INGRESS. Note: For INGRESS traffic, one of 'source_ranges', 'source_tags' or 'source_service_accounts' is required. Possible values: ["INGRESS", "EGRESS"]

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#direction ComputeFirewall#direction}

disabledOptional
  • Type: typing.Union[bool, cdktf.IResolvable]

Denotes whether the firewall rule is disabled, i.e not applied to the network it is associated with. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#disabled ComputeFirewall#disabled}

enable_loggingOptional
  • Type: typing.Union[bool, cdktf.IResolvable]

This field denotes whether to enable logging for a particular firewall rule.

If logging is enabled, logs will be exported to Stackdriver.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#enable_logging ComputeFirewall#enable_logging}

idOptional
  • Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#id ComputeFirewall#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

log_configOptional

log_config block.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#log_config ComputeFirewall#log_config}

priorityOptional
  • Type: typing.Union[int, float]

Priority for this rule.

This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative priorities determine precedence of conflicting rules. Lower value of priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#priority ComputeFirewall#priority}

projectOptional
  • Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#project ComputeFirewall#project}.

source_rangesOptional
  • Type: typing.List[str]

If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges.

These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. IPv4 or IPv6 ranges are supported. For INGRESS traffic, one of 'source_ranges', 'source_tags' or 'source_service_accounts' is required.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#source_ranges ComputeFirewall#source_ranges}

source_service_accountsOptional
  • Type: typing.List[str]

If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list.

Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags. For INGRESS traffic, one of 'source_ranges', 'source_tags' or 'source_service_accounts' is required.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#source_service_accounts ComputeFirewall#source_service_accounts}

source_tagsOptional
  • Type: typing.List[str]

If source tags are specified, the firewall will apply only to traffic with source IP that belongs to a tag listed in source tags.

Source tags cannot be used to control traffic to an instance's external IP address. Because tags are associated with an instance, not an IP address. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. For INGRESS traffic, one of 'source_ranges', 'source_tags' or 'source_service_accounts' is required.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#source_tags ComputeFirewall#source_tags}

target_service_accountsOptional
  • Type: typing.List[str]

A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[].

targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#target_service_accounts ComputeFirewall#target_service_accounts}

target_tagsOptional
  • Type: typing.List[str]

A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[].

If no targetTags are specified, the firewall rule applies to all instances on the specified network.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#target_tags ComputeFirewall#target_tags}

timeoutsOptional

timeouts block.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#timeouts ComputeFirewall#timeouts}

Methods

Name Description
to_string Returns a string representation of this construct.
add_override No description.
override_logical_id Overrides the auto-generated logical ID with a specific ID.
reset_override_logical_id Resets a previously passed logical Id to use the auto-generated logical id again.
to_hcl_terraform No description.
to_metadata No description.
to_terraform Adds this resource to the terraform JSON output.
add_move_target Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
get_any_map_attribute No description.
get_boolean_attribute No description.
get_boolean_map_attribute No description.
get_list_attribute No description.
get_number_attribute No description.
get_number_list_attribute No description.
get_number_map_attribute No description.
get_string_attribute No description.
get_string_map_attribute No description.
has_resource_move No description.
import_from No description.
interpolation_for_attribute No description.
move_from_id Move the resource corresponding to "id" to this resource.
move_to Moves this resource to the target resource given by moveTarget.
move_to_id Moves this resource to the resource corresponding to "id".
put_allow No description.
put_deny No description.
put_log_config No description.
put_timeouts No description.
reset_allow No description.
reset_deny No description.
reset_description No description.
reset_destination_ranges No description.
reset_direction No description.
reset_disabled No description.
reset_enable_logging No description.
reset_id No description.
reset_log_config No description.
reset_priority No description.
reset_project No description.
reset_source_ranges No description.
reset_source_service_accounts No description.
reset_source_tags No description.
reset_target_service_accounts No description.
reset_target_tags No description.
reset_timeouts No description.
to_string 
def to_string() -> str

Returns a string representation of this construct.

add_override 
def add_override(
  path: str,
  value: typing.Any
) -> None
pathRequired
  • Type: str
valueRequired
  • Type: typing.Any
override_logical_id 
def override_logical_id(
  new_logical_id: str
) -> None

Overrides the auto-generated logical ID with a specific ID.

new_logical_idRequired
  • Type: str

The new logical ID to use for this stack element.

reset_override_logical_id 
def reset_override_logical_id() -> None

Resets a previously passed logical Id to use the auto-generated logical id again.

to_hcl_terraform 
def to_hcl_terraform() -> typing.Any
to_metadata 
def to_metadata() -> typing.Any
to_terraform 
def to_terraform() -> typing.Any

Adds this resource to the terraform JSON output.

add_move_target 
def add_move_target(
  move_target: str
) -> None

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

move_targetRequired
  • Type: str

The string move target that will correspond to this resource.

get_any_map_attribute 
def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]
terraform_attributeRequired
  • Type: str
get_boolean_attribute 
def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable
terraform_attributeRequired
  • Type: str
get_boolean_map_attribute 
def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]
terraform_attributeRequired
  • Type: str
get_list_attribute 
def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]
terraform_attributeRequired
  • Type: str
get_number_attribute 
def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]
terraform_attributeRequired
  • Type: str
get_number_list_attribute 
def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]
terraform_attributeRequired
  • Type: str
get_number_map_attribute 
def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]
terraform_attributeRequired
  • Type: str
get_string_attribute 
def get_string_attribute(
  terraform_attribute: str
) -> str
terraform_attributeRequired
  • Type: str
get_string_map_attribute 
def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]
terraform_attributeRequired
  • Type: str
has_resource_move 
def has_resource_move() -> typing.Union[TerraformResourceMoveByTarget, TerraformResourceMoveById]
import_from 
def import_from(
  id: str,
  provider: TerraformProvider = None
) -> None
idRequired
  • Type: str
providerOptional
  • Type: cdktf.TerraformProvider
interpolation_for_attribute 
def interpolation_for_attribute(
  terraform_attribute: str
) -> IResolvable
terraform_attributeRequired
  • Type: str
move_from_id 
def move_from_id(
  id: str
) -> None

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

idRequired
  • Type: str

Full id of resource being moved from, e.g. "aws_s3_bucket.example".

move_to 
def move_to(
  move_target: str,
  index: typing.Union[str, typing.Union[int, float]] = None
) -> None

Moves this resource to the target resource given by moveTarget.

move_targetRequired
  • Type: str

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.

indexOptional
  • Type: typing.Union[str, typing.Union[int, float]]

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.

move_to_id 
def move_to_id(
  id: str
) -> None

Moves this resource to the resource corresponding to "id".

idRequired
  • Type: str

Full id of resource to move to, e.g. "aws_s3_bucket.example".

put_allow 
def put_allow(
  value: typing.Union[IResolvable, typing.List[ComputeFirewallAllow]]
) -> None
valueRequired
put_deny 
def put_deny(
  value: typing.Union[IResolvable, typing.List[ComputeFirewallDeny]]
) -> None
valueRequired
put_log_config 
def put_log_config(
  metadata: str
) -> None
metadataRequired
  • Type: str

This field denotes whether to include or exclude metadata for firewall logs. Possible values: ["EXCLUDE_ALL_METADATA", "INCLUDE_ALL_METADATA"].

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#metadata ComputeFirewall#metadata}

put_timeouts 
def put_timeouts(
  create: str = None,
  delete: str = None,
  update: str = None
) -> None
createOptional
  • Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#create ComputeFirewall#create}.

deleteOptional
  • Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#delete ComputeFirewall#delete}.

updateOptional
  • Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#update ComputeFirewall#update}.

reset_allow 
def reset_allow() -> None
reset_deny 
def reset_deny() -> None
reset_description 
def reset_description() -> None
reset_destination_ranges 
def reset_destination_ranges() -> None
reset_direction 
def reset_direction() -> None
reset_disabled 
def reset_disabled() -> None
reset_enable_logging 
def reset_enable_logging() -> None
reset_id 
def reset_id() -> None
reset_log_config 
def reset_log_config() -> None
reset_priority 
def reset_priority() -> None
reset_project 
def reset_project() -> None
reset_source_ranges 
def reset_source_ranges() -> None
reset_source_service_accounts 
def reset_source_service_accounts() -> None
reset_source_tags 
def reset_source_tags() -> None
reset_target_service_accounts 
def reset_target_service_accounts() -> None
reset_target_tags 
def reset_target_tags() -> None
reset_timeouts 
def reset_timeouts() -> None

Static Functions

Name Description
is_construct Checks if x is a construct.
is_terraform_element No description.
is_terraform_resource No description.
generate_config_for_import Generates CDKTF code for importing a ComputeFirewall resource upon running "cdktf plan ".
is_construct 
from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewall.is_construct(
  x: typing.Any
)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired
  • Type: typing.Any

Any object.

is_terraform_element 
from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewall.is_terraform_element(
  x: typing.Any
)
xRequired
  • Type: typing.Any
is_terraform_resource 
from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewall.is_terraform_resource(
  x: typing.Any
)
xRequired
  • Type: typing.Any
generate_config_for_import 
from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewall.generate_config_for_import(
  scope: Construct,
  import_to_id: str,
  import_from_id: str,
  provider: TerraformProvider = None
)

Generates CDKTF code for importing a ComputeFirewall resource upon running "cdktf plan ".

scopeRequired
  • Type: constructs.Construct

The scope in which to define this construct.

import_to_idRequired
  • Type: str

The construct id used in the generated config for the ComputeFirewall to import.

import_from_idRequired
  • Type: str

The id of the existing ComputeFirewall that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#import import section} in the documentation of this resource for the id to use

providerOptional
  • Type: cdktf.TerraformProvider

? Optional instance of the provider where the ComputeFirewall to import is found.

Properties

Name Type Description
node constructs.Node The tree node.
cdktf_stack cdktf.TerraformStack No description.
fqn str No description.
friendly_unique_id str No description.
terraform_meta_arguments typing.Mapping[typing.Any] No description.
terraform_resource_type str No description.
terraform_generator_metadata cdktf.TerraformProviderGeneratorMetadata No description.
connection typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection] No description.
count typing.Union[typing.Union[int, float], cdktf.TerraformCount] No description.
depends_on typing.List[str] No description.
for_each cdktf.ITerraformIterator No description.
lifecycle cdktf.TerraformResourceLifecycle No description.
provider cdktf.TerraformProvider No description.
provisioners typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]] No description.
allow ComputeFirewallAllowList No description.
creation_timestamp str No description.
deny ComputeFirewallDenyList No description.
log_config ComputeFirewallLogConfigOutputReference No description.
self_link str No description.
timeouts ComputeFirewallTimeoutsOutputReference No description.
allow_input typing.Union[cdktf.IResolvable, typing.List[ComputeFirewallAllow]] No description.
deny_input typing.Union[cdktf.IResolvable, typing.List[ComputeFirewallDeny]] No description.
description_input str No description.
destination_ranges_input typing.List[str] No description.
direction_input str No description.
disabled_input typing.Union[bool, cdktf.IResolvable] No description.
enable_logging_input typing.Union[bool, cdktf.IResolvable] No description.
id_input str No description.
log_config_input ComputeFirewallLogConfig No description.
name_input str No description.
network_input str No description.
priority_input typing.Union[int, float] No description.
project_input str No description.
source_ranges_input typing.List[str] No description.
source_service_accounts_input typing.List[str] No description.
source_tags_input typing.List[str] No description.
target_service_accounts_input typing.List[str] No description.
target_tags_input typing.List[str] No description.
timeouts_input typing.Union[cdktf.IResolvable, ComputeFirewallTimeouts] No description.
description str No description.
destination_ranges typing.List[str] No description.
direction str No description.
disabled typing.Union[bool, cdktf.IResolvable] No description.
enable_logging typing.Union[bool, cdktf.IResolvable] No description.
id str No description.
name str No description.
network str No description.
priority typing.Union[int, float] No description.
project str No description.
source_ranges typing.List[str] No description.
source_service_accounts typing.List[str] No description.
source_tags typing.List[str] No description.
target_service_accounts typing.List[str] No description.
target_tags typing.List[str] No description.
nodeRequired 
node: Node
  • Type: constructs.Node

The tree node.

cdktf_stackRequired 
cdktf_stack: TerraformStack
  • Type: cdktf.TerraformStack
fqnRequired 
fqn: str
  • Type: str
friendly_unique_idRequired 
friendly_unique_id: str
  • Type: str
terraform_meta_argumentsRequired 
terraform_meta_arguments: typing.Mapping[typing.Any]
  • Type: typing.Mapping[typing.Any]
terraform_resource_typeRequired 
terraform_resource_type: str
  • Type: str
terraform_generator_metadataOptional 
terraform_generator_metadata: TerraformProviderGeneratorMetadata
  • Type: cdktf.TerraformProviderGeneratorMetadata
connectionOptional 
connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection]
  • Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]
countOptional 
count: typing.Union[typing.Union[int, float], TerraformCount]
  • Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]
depends_onOptional 
depends_on: typing.List[str]
  • Type: typing.List[str]
for_eachOptional 
for_each: ITerraformIterator
  • Type: cdktf.ITerraformIterator
lifecycleOptional 
lifecycle: TerraformResourceLifecycle
  • Type: cdktf.TerraformResourceLifecycle
providerOptional 
provider: TerraformProvider
  • Type: cdktf.TerraformProvider
provisionersOptional 
provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]]
  • Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]
allowRequired 
allow: ComputeFirewallAllowList
creation_timestampRequired 
creation_timestamp: str
  • Type: str
denyRequired 
deny: ComputeFirewallDenyList
log_configRequired 
log_config: ComputeFirewallLogConfigOutputReference
self_linkRequired 
self_link: str
  • Type: str
timeoutsRequired 
timeouts: ComputeFirewallTimeoutsOutputReference
allow_inputOptional 
allow_input: typing.Union[IResolvable, typing.List[ComputeFirewallAllow]]
deny_inputOptional 
deny_input: typing.Union[IResolvable, typing.List[ComputeFirewallDeny]]
description_inputOptional 
description_input: str
  • Type: str
destination_ranges_inputOptional 
destination_ranges_input: typing.List[str]
  • Type: typing.List[str]
direction_inputOptional 
direction_input: str
  • Type: str
disabled_inputOptional 
disabled_input: typing.Union[bool, IResolvable]
  • Type: typing.Union[bool, cdktf.IResolvable]
enable_logging_inputOptional 
enable_logging_input: typing.Union[bool, IResolvable]
  • Type: typing.Union[bool, cdktf.IResolvable]
id_inputOptional 
id_input: str
  • Type: str
log_config_inputOptional 
log_config_input: ComputeFirewallLogConfig
name_inputOptional 
name_input: str
  • Type: str
network_inputOptional 
network_input: str
  • Type: str
priority_inputOptional 
priority_input: typing.Union[int, float]
  • Type: typing.Union[int, float]
project_inputOptional 
project_input: str
  • Type: str
source_ranges_inputOptional 
source_ranges_input: typing.List[str]
  • Type: typing.List[str]
source_service_accounts_inputOptional 
source_service_accounts_input: typing.List[str]
  • Type: typing.List[str]
source_tags_inputOptional 
source_tags_input: typing.List[str]
  • Type: typing.List[str]
target_service_accounts_inputOptional 
target_service_accounts_input: typing.List[str]
  • Type: typing.List[str]
target_tags_inputOptional 
target_tags_input: typing.List[str]
  • Type: typing.List[str]
timeouts_inputOptional 
timeouts_input: typing.Union[IResolvable, ComputeFirewallTimeouts]
descriptionRequired 
description: str
  • Type: str
destination_rangesRequired 
destination_ranges: typing.List[str]
  • Type: typing.List[str]
directionRequired 
direction: str
  • Type: str
disabledRequired 
disabled: typing.Union[bool, IResolvable]
  • Type: typing.Union[bool, cdktf.IResolvable]
enable_loggingRequired 
enable_logging: typing.Union[bool, IResolvable]
  • Type: typing.Union[bool, cdktf.IResolvable]
idRequired 
id: str
  • Type: str
nameRequired 
name: str
  • Type: str
networkRequired 
network: str
  • Type: str
priorityRequired 
priority: typing.Union[int, float]
  • Type: typing.Union[int, float]
projectRequired 
project: str
  • Type: str
source_rangesRequired 
source_ranges: typing.List[str]
  • Type: typing.List[str]
source_service_accountsRequired 
source_service_accounts: typing.List[str]
  • Type: typing.List[str]
source_tagsRequired 
source_tags: typing.List[str]
  • Type: typing.List[str]
target_service_accountsRequired 
target_service_accounts: typing.List[str]
  • Type: typing.List[str]
target_tagsRequired 
target_tags: typing.List[str]
  • Type: typing.List[str]

Constants

Name Type Description
tfResourceType str No description.
tfResourceTypeRequired 
tfResourceType: str
  • Type: str

Structs

ComputeFirewallAllow

Initializer 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewallAllow(
  protocol: str,
  ports: typing.List[str] = None
)

Properties

Name Type Description
protocol str The IP protocol to which this rule applies.
ports typing.List[str] An optional list of ports to which this rule applies.
protocolRequired 
protocol: str
  • Type: str

The IP protocol to which this rule applies.

The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, sctp, ipip, all), or the IP protocol number.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#protocol ComputeFirewall#protocol}

portsOptional 
ports: typing.List[str]
  • Type: typing.List[str]

An optional list of ports to which this rule applies.

This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.

Example inputs include: [22], [80, 443], and ["12345-12349"].

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#ports ComputeFirewall#ports}

ComputeFirewallConfig

Initializer 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewallConfig(
  connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection] = None,
  count: typing.Union[typing.Union[int, float], TerraformCount] = None,
  depends_on: typing.List[ITerraformDependable] = None,
  for_each: ITerraformIterator = None,
  lifecycle: TerraformResourceLifecycle = None,
  provider: TerraformProvider = None,
  provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]] = None,
  name: str,
  network: str,
  allow: typing.Union[IResolvable, typing.List[ComputeFirewallAllow]] = None,
  deny: typing.Union[IResolvable, typing.List[ComputeFirewallDeny]] = None,
  description: str = None,
  destination_ranges: typing.List[str] = None,
  direction: str = None,
  disabled: typing.Union[bool, IResolvable] = None,
  enable_logging: typing.Union[bool, IResolvable] = None,
  id: str = None,
  log_config: ComputeFirewallLogConfig = None,
  priority: typing.Union[int, float] = None,
  project: str = None,
  source_ranges: typing.List[str] = None,
  source_service_accounts: typing.List[str] = None,
  source_tags: typing.List[str] = None,
  target_service_accounts: typing.List[str] = None,
  target_tags: typing.List[str] = None,
  timeouts: ComputeFirewallTimeouts = None
)

Properties

Name Type Description
connection typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection] No description.
count typing.Union[typing.Union[int, float], cdktf.TerraformCount] No description.
depends_on typing.List[cdktf.ITerraformDependable] No description.
for_each cdktf.ITerraformIterator No description.
lifecycle cdktf.TerraformResourceLifecycle No description.
provider cdktf.TerraformProvider No description.
provisioners typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]] No description.
name str Name of the resource.
network str The name or self_link of the network to attach this firewall to.
allow typing.Union[cdktf.IResolvable, typing.List[ComputeFirewallAllow]] allow block.
deny typing.Union[cdktf.IResolvable, typing.List[ComputeFirewallDeny]] deny block.
description str An optional description of this resource. Provide this property when you create the resource.
destination_ranges typing.List[str] If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges.
direction str Direction of traffic to which this firewall applies;
disabled typing.Union[bool, cdktf.IResolvable] Denotes whether the firewall rule is disabled, i.e not applied to the network it is associated with. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.
enable_logging typing.Union[bool, cdktf.IResolvable] This field denotes whether to enable logging for a particular firewall rule.
id str Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#id ComputeFirewall#id}.
log_config ComputeFirewallLogConfig log_config block.
priority typing.Union[int, float] Priority for this rule.
project str Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#project ComputeFirewall#project}.
source_ranges typing.List[str] If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges.
source_service_accounts typing.List[str] If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list.
source_tags typing.List[str] If source tags are specified, the firewall will apply only to traffic with source IP that belongs to a tag listed in source tags.
target_service_accounts typing.List[str] A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[].
target_tags typing.List[str] A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[].
timeouts ComputeFirewallTimeouts timeouts block.
connectionOptional 
connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection]
  • Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]
countOptional 
count: typing.Union[typing.Union[int, float], TerraformCount]
  • Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]
depends_onOptional 
depends_on: typing.List[ITerraformDependable]
  • Type: typing.List[cdktf.ITerraformDependable]
for_eachOptional 
for_each: ITerraformIterator
  • Type: cdktf.ITerraformIterator
lifecycleOptional 
lifecycle: TerraformResourceLifecycle
  • Type: cdktf.TerraformResourceLifecycle
providerOptional 
provider: TerraformProvider
  • Type: cdktf.TerraformProvider
provisionersOptional 
provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]]
  • Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]
nameRequired 
name: str
  • Type: str

Name of the resource.

Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression 'a-z?' which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#name ComputeFirewall#name}

networkRequired 
network: str
  • Type: str

The name or self_link of the network to attach this firewall to.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#network ComputeFirewall#network}

allowOptional 
allow: typing.Union[IResolvable, typing.List[ComputeFirewallAllow]]

allow block.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#allow ComputeFirewall#allow}

denyOptional 
deny: typing.Union[IResolvable, typing.List[ComputeFirewallDeny]]

deny block.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#deny ComputeFirewall#deny}

descriptionOptional 
description: str
  • Type: str

An optional description of this resource. Provide this property when you create the resource.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#description ComputeFirewall#description}

destination_rangesOptional 
destination_ranges: typing.List[str]
  • Type: typing.List[str]

If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges.

These ranges must be expressed in CIDR format. IPv4 or IPv6 ranges are supported.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#destination_ranges ComputeFirewall#destination_ranges}

directionOptional 
direction: str
  • Type: str

Direction of traffic to which this firewall applies;

default is INGRESS. Note: For INGRESS traffic, one of 'source_ranges', 'source_tags' or 'source_service_accounts' is required. Possible values: ["INGRESS", "EGRESS"]

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#direction ComputeFirewall#direction}

disabledOptional 
disabled: typing.Union[bool, IResolvable]
  • Type: typing.Union[bool, cdktf.IResolvable]

Denotes whether the firewall rule is disabled, i.e not applied to the network it is associated with. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#disabled ComputeFirewall#disabled}

enable_loggingOptional 
enable_logging: typing.Union[bool, IResolvable]
  • Type: typing.Union[bool, cdktf.IResolvable]

This field denotes whether to enable logging for a particular firewall rule.

If logging is enabled, logs will be exported to Stackdriver.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#enable_logging ComputeFirewall#enable_logging}

idOptional 
id: str
  • Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#id ComputeFirewall#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

log_configOptional 
log_config: ComputeFirewallLogConfig

log_config block.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#log_config ComputeFirewall#log_config}

priorityOptional 
priority: typing.Union[int, float]
  • Type: typing.Union[int, float]

Priority for this rule.

This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative priorities determine precedence of conflicting rules. Lower value of priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#priority ComputeFirewall#priority}

projectOptional 
project: str
  • Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#project ComputeFirewall#project}.

source_rangesOptional 
source_ranges: typing.List[str]
  • Type: typing.List[str]

If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges.

These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. IPv4 or IPv6 ranges are supported. For INGRESS traffic, one of 'source_ranges', 'source_tags' or 'source_service_accounts' is required.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#source_ranges ComputeFirewall#source_ranges}

source_service_accountsOptional 
source_service_accounts: typing.List[str]
  • Type: typing.List[str]

If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list.

Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags. For INGRESS traffic, one of 'source_ranges', 'source_tags' or 'source_service_accounts' is required.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#source_service_accounts ComputeFirewall#source_service_accounts}

source_tagsOptional 
source_tags: typing.List[str]
  • Type: typing.List[str]

If source tags are specified, the firewall will apply only to traffic with source IP that belongs to a tag listed in source tags.

Source tags cannot be used to control traffic to an instance's external IP address. Because tags are associated with an instance, not an IP address. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. For INGRESS traffic, one of 'source_ranges', 'source_tags' or 'source_service_accounts' is required.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#source_tags ComputeFirewall#source_tags}

target_service_accountsOptional 
target_service_accounts: typing.List[str]
  • Type: typing.List[str]

A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[].

targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#target_service_accounts ComputeFirewall#target_service_accounts}

target_tagsOptional 
target_tags: typing.List[str]
  • Type: typing.List[str]

A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[].

If no targetTags are specified, the firewall rule applies to all instances on the specified network.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#target_tags ComputeFirewall#target_tags}

timeoutsOptional 
timeouts: ComputeFirewallTimeouts

timeouts block.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#timeouts ComputeFirewall#timeouts}

ComputeFirewallDeny

Initializer 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewallDeny(
  protocol: str,
  ports: typing.List[str] = None
)

Properties

Name Type Description
protocol str The IP protocol to which this rule applies.
ports typing.List[str] An optional list of ports to which this rule applies.
protocolRequired 
protocol: str
  • Type: str

The IP protocol to which this rule applies.

The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, sctp, ipip, all), or the IP protocol number.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#protocol ComputeFirewall#protocol}

portsOptional 
ports: typing.List[str]
  • Type: typing.List[str]

An optional list of ports to which this rule applies.

This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.

Example inputs include: [22], [80, 443], and ["12345-12349"].

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#ports ComputeFirewall#ports}

ComputeFirewallLogConfig

Initializer 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewallLogConfig(
  metadata: str
)

Properties

Name Type Description
metadata str This field denotes whether to include or exclude metadata for firewall logs. Possible values: ["EXCLUDE_ALL_METADATA", "INCLUDE_ALL_METADATA"].
metadataRequired 
metadata: str
  • Type: str

This field denotes whether to include or exclude metadata for firewall logs. Possible values: ["EXCLUDE_ALL_METADATA", "INCLUDE_ALL_METADATA"].

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#metadata ComputeFirewall#metadata}

ComputeFirewallTimeouts

Initializer 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewallTimeouts(
  create: str = None,
  delete: str = None,
  update: str = None
)

Properties

Name Type Description
create str Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#create ComputeFirewall#create}.
delete str Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#delete ComputeFirewall#delete}.
update str Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#update ComputeFirewall#update}.
createOptional 
create: str
  • Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#create ComputeFirewall#create}.

deleteOptional 
delete: str
  • Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#delete ComputeFirewall#delete}.

updateOptional 
update: str
  • Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.36.1/docs/resources/compute_firewall#update ComputeFirewall#update}.

Classes

ComputeFirewallAllowList

Initializers 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewallAllowList(
  terraform_resource: IInterpolatingParent,
  terraform_attribute: str,
  wraps_set: bool
)
Name Type Description
terraform_resource cdktf.IInterpolatingParent The parent resource.
terraform_attribute str The attribute on the parent resource this class is referencing.
wraps_set bool whether the list is wrapping a set (will add tolist() to be able to access an item via an index).
terraform_resourceRequired
  • Type: cdktf.IInterpolatingParent

The parent resource.

terraform_attributeRequired
  • Type: str

The attribute on the parent resource this class is referencing.

wraps_setRequired
  • Type: bool

whether the list is wrapping a set (will add tolist() to be able to access an item via an index).

Methods

Name Description
all_with_map_key Creating an iterator for this complex list.
compute_fqn No description.
resolve Produce the Token's value at resolution time.
to_string Return a string representation of this resolvable object.
get No description.
all_with_map_key 
def all_with_map_key(
  map_key_attribute_name: str
) -> DynamicListTerraformIterator

Creating an iterator for this complex list.

The list will be converted into a map with the mapKeyAttributeName as the key.

map_key_attribute_nameRequired
  • Type: str
compute_fqn 
def compute_fqn() -> str
resolve 
def resolve(
  _context: IResolveContext
) -> typing.Any

Produce the Token's value at resolution time.

_contextRequired
  • Type: cdktf.IResolveContext
to_string 
def to_string() -> str

Return a string representation of this resolvable object.

Returns a reversible string representation.

get 
def get(
  index: typing.Union[int, float]
) -> ComputeFirewallAllowOutputReference
indexRequired
  • Type: typing.Union[int, float]

the index of the item to return.

Properties

Name Type Description
creation_stack typing.List[str] The creation stack of this resolvable which will be appended to errors thrown during resolution.
fqn str No description.
internal_value typing.Union[cdktf.IResolvable, typing.List[ComputeFirewallAllow]] No description.
creation_stackRequired 
creation_stack: typing.List[str]
  • Type: typing.List[str]

The creation stack of this resolvable which will be appended to errors thrown during resolution.

If this returns an empty array the stack will not be attached.

fqnRequired 
fqn: str
  • Type: str
internal_valueOptional 
internal_value: typing.Union[IResolvable, typing.List[ComputeFirewallAllow]]

ComputeFirewallAllowOutputReference

Initializers 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewallAllowOutputReference(
  terraform_resource: IInterpolatingParent,
  terraform_attribute: str,
  complex_object_index: typing.Union[int, float],
  complex_object_is_from_set: bool
)
Name Type Description
terraform_resource cdktf.IInterpolatingParent The parent resource.
terraform_attribute str The attribute on the parent resource this class is referencing.
complex_object_index typing.Union[int, float] the index of this item in the list.
complex_object_is_from_set bool whether the list is wrapping a set (will add tolist() to be able to access an item via an index).
terraform_resourceRequired
  • Type: cdktf.IInterpolatingParent

The parent resource.

terraform_attributeRequired
  • Type: str

The attribute on the parent resource this class is referencing.

complex_object_indexRequired
  • Type: typing.Union[int, float]

the index of this item in the list.

complex_object_is_from_setRequired
  • Type: bool

whether the list is wrapping a set (will add tolist() to be able to access an item via an index).

Methods

Name Description
compute_fqn No description.
get_any_map_attribute No description.
get_boolean_attribute No description.
get_boolean_map_attribute No description.
get_list_attribute No description.
get_number_attribute No description.
get_number_list_attribute No description.
get_number_map_attribute No description.
get_string_attribute No description.
get_string_map_attribute No description.
interpolation_for_attribute No description.
resolve Produce the Token's value at resolution time.
to_string Return a string representation of this resolvable object.
reset_ports No description.
compute_fqn 
def compute_fqn() -> str
get_any_map_attribute 
def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]
terraform_attributeRequired
  • Type: str
get_boolean_attribute 
def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable
terraform_attributeRequired
  • Type: str
get_boolean_map_attribute 
def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]
terraform_attributeRequired
  • Type: str
get_list_attribute 
def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]
terraform_attributeRequired
  • Type: str
get_number_attribute 
def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]
terraform_attributeRequired
  • Type: str
get_number_list_attribute 
def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]
terraform_attributeRequired
  • Type: str
get_number_map_attribute 
def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]
terraform_attributeRequired
  • Type: str
get_string_attribute 
def get_string_attribute(
  terraform_attribute: str
) -> str
terraform_attributeRequired
  • Type: str
get_string_map_attribute 
def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]
terraform_attributeRequired
  • Type: str
interpolation_for_attribute 
def interpolation_for_attribute(
  property: str
) -> IResolvable
propertyRequired
  • Type: str
resolve 
def resolve(
  _context: IResolveContext
) -> typing.Any

Produce the Token's value at resolution time.

_contextRequired
  • Type: cdktf.IResolveContext
to_string 
def to_string() -> str

Return a string representation of this resolvable object.

Returns a reversible string representation.

reset_ports 
def reset_ports() -> None

Properties

Name Type Description
creation_stack typing.List[str] The creation stack of this resolvable which will be appended to errors thrown during resolution.
fqn str No description.
ports_input typing.List[str] No description.
protocol_input str No description.
ports typing.List[str] No description.
protocol str No description.
internal_value typing.Union[cdktf.IResolvable, ComputeFirewallAllow] No description.
creation_stackRequired 
creation_stack: typing.List[str]
  • Type: typing.List[str]

The creation stack of this resolvable which will be appended to errors thrown during resolution.

If this returns an empty array the stack will not be attached.

fqnRequired 
fqn: str
  • Type: str
ports_inputOptional 
ports_input: typing.List[str]
  • Type: typing.List[str]
protocol_inputOptional 
protocol_input: str
  • Type: str
portsRequired 
ports: typing.List[str]
  • Type: typing.List[str]
protocolRequired 
protocol: str
  • Type: str
internal_valueOptional 
internal_value: typing.Union[IResolvable, ComputeFirewallAllow]

ComputeFirewallDenyList

Initializers 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewallDenyList(
  terraform_resource: IInterpolatingParent,
  terraform_attribute: str,
  wraps_set: bool
)
Name Type Description
terraform_resource cdktf.IInterpolatingParent The parent resource.
terraform_attribute str The attribute on the parent resource this class is referencing.
wraps_set bool whether the list is wrapping a set (will add tolist() to be able to access an item via an index).
terraform_resourceRequired
  • Type: cdktf.IInterpolatingParent

The parent resource.

terraform_attributeRequired
  • Type: str

The attribute on the parent resource this class is referencing.

wraps_setRequired
  • Type: bool

whether the list is wrapping a set (will add tolist() to be able to access an item via an index).

Methods

Name Description
all_with_map_key Creating an iterator for this complex list.
compute_fqn No description.
resolve Produce the Token's value at resolution time.
to_string Return a string representation of this resolvable object.
get No description.
all_with_map_key 
def all_with_map_key(
  map_key_attribute_name: str
) -> DynamicListTerraformIterator

Creating an iterator for this complex list.

The list will be converted into a map with the mapKeyAttributeName as the key.

map_key_attribute_nameRequired
  • Type: str
compute_fqn 
def compute_fqn() -> str
resolve 
def resolve(
  _context: IResolveContext
) -> typing.Any

Produce the Token's value at resolution time.

_contextRequired
  • Type: cdktf.IResolveContext
to_string 
def to_string() -> str

Return a string representation of this resolvable object.

Returns a reversible string representation.

get 
def get(
  index: typing.Union[int, float]
) -> ComputeFirewallDenyOutputReference
indexRequired
  • Type: typing.Union[int, float]

the index of the item to return.

Properties

Name Type Description
creation_stack typing.List[str] The creation stack of this resolvable which will be appended to errors thrown during resolution.
fqn str No description.
internal_value typing.Union[cdktf.IResolvable, typing.List[ComputeFirewallDeny]] No description.
creation_stackRequired 
creation_stack: typing.List[str]
  • Type: typing.List[str]

The creation stack of this resolvable which will be appended to errors thrown during resolution.

If this returns an empty array the stack will not be attached.

fqnRequired 
fqn: str
  • Type: str
internal_valueOptional 
internal_value: typing.Union[IResolvable, typing.List[ComputeFirewallDeny]]

ComputeFirewallDenyOutputReference

Initializers 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewallDenyOutputReference(
  terraform_resource: IInterpolatingParent,
  terraform_attribute: str,
  complex_object_index: typing.Union[int, float],
  complex_object_is_from_set: bool
)
Name Type Description
terraform_resource cdktf.IInterpolatingParent The parent resource.
terraform_attribute str The attribute on the parent resource this class is referencing.
complex_object_index typing.Union[int, float] the index of this item in the list.
complex_object_is_from_set bool whether the list is wrapping a set (will add tolist() to be able to access an item via an index).
terraform_resourceRequired
  • Type: cdktf.IInterpolatingParent

The parent resource.

terraform_attributeRequired
  • Type: str

The attribute on the parent resource this class is referencing.

complex_object_indexRequired
  • Type: typing.Union[int, float]

the index of this item in the list.

complex_object_is_from_setRequired
  • Type: bool

whether the list is wrapping a set (will add tolist() to be able to access an item via an index).

Methods

Name Description
compute_fqn No description.
get_any_map_attribute No description.
get_boolean_attribute No description.
get_boolean_map_attribute No description.
get_list_attribute No description.
get_number_attribute No description.
get_number_list_attribute No description.
get_number_map_attribute No description.
get_string_attribute No description.
get_string_map_attribute No description.
interpolation_for_attribute No description.
resolve Produce the Token's value at resolution time.
to_string Return a string representation of this resolvable object.
reset_ports No description.
compute_fqn 
def compute_fqn() -> str
get_any_map_attribute 
def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]
terraform_attributeRequired
  • Type: str
get_boolean_attribute 
def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable
terraform_attributeRequired
  • Type: str
get_boolean_map_attribute 
def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]
terraform_attributeRequired
  • Type: str
get_list_attribute 
def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]
terraform_attributeRequired
  • Type: str
get_number_attribute 
def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]
terraform_attributeRequired
  • Type: str
get_number_list_attribute 
def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]
terraform_attributeRequired
  • Type: str
get_number_map_attribute 
def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]
terraform_attributeRequired
  • Type: str
get_string_attribute 
def get_string_attribute(
  terraform_attribute: str
) -> str
terraform_attributeRequired
  • Type: str
get_string_map_attribute 
def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]
terraform_attributeRequired
  • Type: str
interpolation_for_attribute 
def interpolation_for_attribute(
  property: str
) -> IResolvable
propertyRequired
  • Type: str
resolve 
def resolve(
  _context: IResolveContext
) -> typing.Any

Produce the Token's value at resolution time.

_contextRequired
  • Type: cdktf.IResolveContext
to_string 
def to_string() -> str

Return a string representation of this resolvable object.

Returns a reversible string representation.

reset_ports 
def reset_ports() -> None

Properties

Name Type Description
creation_stack typing.List[str] The creation stack of this resolvable which will be appended to errors thrown during resolution.
fqn str No description.
ports_input typing.List[str] No description.
protocol_input str No description.
ports typing.List[str] No description.
protocol str No description.
internal_value typing.Union[cdktf.IResolvable, ComputeFirewallDeny] No description.
creation_stackRequired 
creation_stack: typing.List[str]
  • Type: typing.List[str]

The creation stack of this resolvable which will be appended to errors thrown during resolution.

If this returns an empty array the stack will not be attached.

fqnRequired 
fqn: str
  • Type: str
ports_inputOptional 
ports_input: typing.List[str]
  • Type: typing.List[str]
protocol_inputOptional 
protocol_input: str
  • Type: str
portsRequired 
ports: typing.List[str]
  • Type: typing.List[str]
protocolRequired 
protocol: str
  • Type: str
internal_valueOptional 
internal_value: typing.Union[IResolvable, ComputeFirewallDeny]

ComputeFirewallLogConfigOutputReference

Initializers 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewallLogConfigOutputReference(
  terraform_resource: IInterpolatingParent,
  terraform_attribute: str
)
Name Type Description
terraform_resource cdktf.IInterpolatingParent The parent resource.
terraform_attribute str The attribute on the parent resource this class is referencing.
terraform_resourceRequired
  • Type: cdktf.IInterpolatingParent

The parent resource.

terraform_attributeRequired
  • Type: str

The attribute on the parent resource this class is referencing.

Methods

Name Description
compute_fqn No description.
get_any_map_attribute No description.
get_boolean_attribute No description.
get_boolean_map_attribute No description.
get_list_attribute No description.
get_number_attribute No description.
get_number_list_attribute No description.
get_number_map_attribute No description.
get_string_attribute No description.
get_string_map_attribute No description.
interpolation_for_attribute No description.
resolve Produce the Token's value at resolution time.
to_string Return a string representation of this resolvable object.
compute_fqn 
def compute_fqn() -> str
get_any_map_attribute 
def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]
terraform_attributeRequired
  • Type: str
get_boolean_attribute 
def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable
terraform_attributeRequired
  • Type: str
get_boolean_map_attribute 
def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]
terraform_attributeRequired
  • Type: str
get_list_attribute 
def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]
terraform_attributeRequired
  • Type: str
get_number_attribute 
def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]
terraform_attributeRequired
  • Type: str
get_number_list_attribute 
def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]
terraform_attributeRequired
  • Type: str
get_number_map_attribute 
def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]
terraform_attributeRequired
  • Type: str
get_string_attribute 
def get_string_attribute(
  terraform_attribute: str
) -> str
terraform_attributeRequired
  • Type: str
get_string_map_attribute 
def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]
terraform_attributeRequired
  • Type: str
interpolation_for_attribute 
def interpolation_for_attribute(
  property: str
) -> IResolvable
propertyRequired
  • Type: str
resolve 
def resolve(
  _context: IResolveContext
) -> typing.Any

Produce the Token's value at resolution time.

_contextRequired
  • Type: cdktf.IResolveContext
to_string 
def to_string() -> str

Return a string representation of this resolvable object.

Returns a reversible string representation.

Properties

Name Type Description
creation_stack typing.List[str] The creation stack of this resolvable which will be appended to errors thrown during resolution.
fqn str No description.
metadata_input str No description.
metadata str No description.
internal_value ComputeFirewallLogConfig No description.
creation_stackRequired 
creation_stack: typing.List[str]
  • Type: typing.List[str]

The creation stack of this resolvable which will be appended to errors thrown during resolution.

If this returns an empty array the stack will not be attached.

fqnRequired 
fqn: str
  • Type: str
metadata_inputOptional 
metadata_input: str
  • Type: str
metadataRequired 
metadata: str
  • Type: str
internal_valueOptional 
internal_value: ComputeFirewallLogConfig

ComputeFirewallTimeoutsOutputReference

Initializers 

from cdktf_cdktf_provider_google import compute_firewall

computeFirewall.ComputeFirewallTimeoutsOutputReference(
  terraform_resource: IInterpolatingParent,
  terraform_attribute: str
)
Name Type Description
terraform_resource cdktf.IInterpolatingParent The parent resource.
terraform_attribute str The attribute on the parent resource this class is referencing.
terraform_resourceRequired
  • Type: cdktf.IInterpolatingParent

The parent resource.

terraform_attributeRequired
  • Type: str

The attribute on the parent resource this class is referencing.

Methods

Name Description
compute_fqn No description.
get_any_map_attribute No description.
get_boolean_attribute No description.
get_boolean_map_attribute No description.
get_list_attribute No description.
get_number_attribute No description.
get_number_list_attribute No description.
get_number_map_attribute No description.
get_string_attribute No description.
get_string_map_attribute No description.
interpolation_for_attribute No description.
resolve Produce the Token's value at resolution time.
to_string Return a string representation of this resolvable object.
reset_create No description.
reset_delete No description.
reset_update No description.
compute_fqn 
def compute_fqn() -> str
get_any_map_attribute 
def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]
terraform_attributeRequired
  • Type: str
get_boolean_attribute 
def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable
terraform_attributeRequired
  • Type: str
get_boolean_map_attribute 
def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]
terraform_attributeRequired
  • Type: str
get_list_attribute 
def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]
terraform_attributeRequired
  • Type: str
get_number_attribute 
def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]
terraform_attributeRequired
  • Type: str
get_number_list_attribute 
def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]
terraform_attributeRequired
  • Type: str
get_number_map_attribute 
def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]
terraform_attributeRequired
  • Type: str
get_string_attribute 
def get_string_attribute(
  terraform_attribute: str
) -> str
terraform_attributeRequired
  • Type: str
get_string_map_attribute 
def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]
terraform_attributeRequired
  • Type: str
interpolation_for_attribute 
def interpolation_for_attribute(
  property: str
) -> IResolvable
propertyRequired
  • Type: str
resolve 
def resolve(
  _context: IResolveContext
) -> typing.Any

Produce the Token's value at resolution time.

_contextRequired
  • Type: cdktf.IResolveContext
to_string 
def to_string() -> str

Return a string representation of this resolvable object.

Returns a reversible string representation.

reset_create 
def reset_create() -> None
reset_delete 
def reset_delete() -> None
reset_update 
def reset_update() -> None

Properties

Name Type Description
creation_stack typing.List[str] The creation stack of this resolvable which will be appended to errors thrown during resolution.
fqn str No description.
create_input str No description.
delete_input str No description.
update_input str No description.
create str No description.
delete str No description.
update str No description.
internal_value typing.Union[cdktf.IResolvable, ComputeFirewallTimeouts] No description.
creation_stackRequired 
creation_stack: typing.List[str]
  • Type: typing.List[str]

The creation stack of this resolvable which will be appended to errors thrown during resolution.

If this returns an empty array the stack will not be attached.

fqnRequired 
fqn: str
  • Type: str
create_inputOptional 
create_input: str
  • Type: str
delete_inputOptional 
delete_input: str
  • Type: str
update_inputOptional 
update_input: str
  • Type: str
createRequired 
create: str
  • Type: str
deleteRequired 
delete: str
  • Type: str
updateRequired 
update: str
  • Type: str
internal_valueOptional 
internal_value: typing.Union[IResolvable, ComputeFirewallTimeouts]