hunfabric/tests/modules/net_swp/examples/tls.yaml

# Copyright 2025 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# file: tests/modules/net_swp/examples/tls.yaml

values:
  google_privateca_ca_pool.pool:
    effective_labels:
      goog-terraform-provisioned: 'true'
    issuance_policy: []
    labels: null
    location: europe-west4
    name: swp
    project: my-project
    publishing_options: []
    terraform_labels:
      goog-terraform-provisioned: 'true'
    tier: DEVOPS
    timeouts: null
  google_privateca_ca_pool_iam_member.member:
    condition: []
    member: serviceAccount:service-123456789@gcp-sa-networksecurity.iam.gserviceaccount.com
    role: roles/privateca.certificateManager
  google_privateca_certificate_authority.ca:
    certificate_authority_id: swp
    config:
    - subject_config:
      - subject:
        - common_name: fabric
          country_code: null
          locality: null
          organization: Cloud Foundation Fabric
          organizational_unit: null
          postal_code: null
          province: null
          street_address: null
        subject_alt_name: []
      subject_key_id: []
      x509_config:
      - additional_extensions: []
        aia_ocsp_servers: null
        ca_options:
        - is_ca: true
          max_issuer_path_length: null
          non_ca: null
          zero_max_issuer_path_length: null
        key_usage:
        - base_key_usage:
          - cert_sign: true
            content_commitment: null
            crl_sign: true
            data_encipherment: null
            decipher_only: null
            digital_signature: null
            encipher_only: null
            key_agreement: null
            key_encipherment: null
          extended_key_usage:
          - client_auth: null
            code_signing: null
            email_protection: null
            ocsp_signing: null
            server_auth: true
            time_stamping: null
          unknown_extended_key_usages: []
        name_constraints: []
        policy_ids: []
    deletion_protection: false
    desired_state: null
    effective_labels:
      goog-terraform-provisioned: 'true'
    gcs_bucket: null
    ignore_active_certificates_on_deletion: false
    key_spec:
    - algorithm: EC_P256_SHA256
      cloud_kms_key_version: null
    labels: null
    lifetime: 1209600s
    location: europe-west4
    pem_ca_certificate: null
    pool: swp
    project: my-project
    skip_grace_period: false
    subordinate_config: []
    terraform_labels:
      goog-terraform-provisioned: 'true'
    timeouts: null
    type: SELF_SIGNED
  module.secure-web-proxy.google_network_security_gateway_security_policy.default:
    description: Managed by Terraform.
    location: europe-west4
    name: secure-web-proxy
    project: my-project
    timeouts: null
  module.secure-web-proxy.google_network_security_gateway_security_policy_rule.default["tls-0"]:
    application_matcher: request.path.contains('generate_204')
    basic_profile: ALLOW
    description: Managed by Terraform.
    enabled: true
    gateway_security_policy: secure-web-proxy
    location: europe-west4
    name: tls-0
    priority: 1000
    project: my-project
    session_matcher: host() == 'google.com'
    timeouts: null
    tls_inspection_enabled: true
  module.secure-web-proxy.google_network_security_tls_inspection_policy.default[0]:
    custom_tls_features: null
    description: Managed by Terraform.
    exclude_public_ca_set: false
    location: europe-west4
    min_tls_version: TLS_VERSION_UNSPECIFIED
    name: secure-web-proxy
    project: my-project
    timeouts: null
    tls_feature_profile: PROFILE_UNSPECIFIED
    trust_config: null
  module.secure-web-proxy.google_network_services_gateway.default:
    addresses:
    - 10.142.68.3
    certificate_urls:
    - projects/my-project/locations/europe-west4/certificates/swp
    delete_swg_autogen_router_on_destroy: true
    description: Managed by Terraform.
    effective_labels:
      goog-terraform-provisioned: 'true'
    labels: null
    location: europe-west4
    name: secure-web-proxy
    network: projects/my-project/global/networks/my-network
    ports:
    - 443
    project: my-project
    routing_mode: null
    scope: null
    server_tls_policy: null
    subnetwork: projects/my-project/regions/europe-west4/subnetworks/my-subnetwork
    terraform_labels:
      goog-terraform-provisioned: 'true'
    timeouts: null
    type: SECURE_WEB_GATEWAY

counts:
  google_network_security_gateway_security_policy: 1
  google_network_services_gateway: 1
  google_network_security_gateway_security_policy_rule: 1
  google_network_security_tls_inspection_policy: 1
  google_privateca_certificate_authority: 1
  google_privateca_ca_pool: 1