123 lines
4.3 KiB
YAML
123 lines
4.3 KiB
YAML
# Copyright 2023 Google LLC
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
# file: tests/modules/net_swp/examples/rules.yaml
|
|
values:
|
|
module.secure-web-proxy.google_network_security_gateway_security_policy.default:
|
|
description: Managed by Terraform.
|
|
location: europe-west4
|
|
name: secure-web-proxy
|
|
project: my-project
|
|
timeouts: null
|
|
tls_inspection_policy: null
|
|
module.secure-web-proxy.google_network_security_gateway_security_policy_rule.custom_rules["custom-rule-1"]:
|
|
application_matcher: null
|
|
basic_profile: DENY
|
|
description: Managed by Terraform.
|
|
enabled: true
|
|
location: europe-west4
|
|
name: custom-rule-1
|
|
priority: 1004
|
|
project: my-project
|
|
session_matcher: host() == 'google.com'
|
|
timeouts: null
|
|
tls_inspection_enabled: false
|
|
module.secure-web-proxy.google_network_security_gateway_security_policy_rule.secure_tag_rules["secure-tag-1"]:
|
|
application_matcher: null
|
|
basic_profile: ALLOW
|
|
description: Managed by Terraform.
|
|
enabled: true
|
|
gateway_security_policy: secure-web-proxy
|
|
location: europe-west4
|
|
name: secure-tag-1
|
|
priority: 1000
|
|
project: my-project
|
|
session_matcher: source.matchTag('tagValues/281484836404786')
|
|
timeouts: null
|
|
tls_inspection_enabled: false
|
|
module.secure-web-proxy.google_network_security_gateway_security_policy_rule.secure_tag_rules["secure-tag-2"]:
|
|
application_matcher: null
|
|
basic_profile: ALLOW
|
|
description: Managed by Terraform.
|
|
enabled: true
|
|
gateway_security_policy: secure-web-proxy
|
|
location: europe-west4
|
|
name: secure-tag-2
|
|
priority: 1001
|
|
project: my-project
|
|
session_matcher: source.matchTag('tagValues/281484836404786') && (host() != 'google.com')
|
|
timeouts: null
|
|
tls_inspection_enabled: false
|
|
module.secure-web-proxy.google_network_security_gateway_security_policy_rule.url_list_rules["url-list-1"]:
|
|
application_matcher: null
|
|
basic_profile: ALLOW
|
|
description: Managed by Terraform.
|
|
enabled: true
|
|
gateway_security_policy: secure-web-proxy
|
|
location: europe-west4
|
|
name: url-list-1
|
|
priority: 1002
|
|
project: my-project
|
|
timeouts: null
|
|
tls_inspection_enabled: false
|
|
module.secure-web-proxy.google_network_security_gateway_security_policy_rule.url_list_rules["url-list-2"]:
|
|
application_matcher: null
|
|
basic_profile: ALLOW
|
|
description: Managed by Terraform.
|
|
enabled: false
|
|
gateway_security_policy: secure-web-proxy
|
|
location: europe-west4
|
|
name: url-list-2
|
|
priority: 1003
|
|
project: my-project
|
|
session_matcher: inUrlList(host(), 'projects/my-project/locations/europe-west4/urlLists/my-url-list')
|
|
&& (source.matchServiceAccount('my-sa@my-project.iam.gserviceaccount.com'))
|
|
timeouts: null
|
|
tls_inspection_enabled: false
|
|
module.secure-web-proxy.google_network_security_url_lists.default["my-url-list"]:
|
|
description: Managed by Terraform.
|
|
location: europe-west4
|
|
name: my-url-list
|
|
project: my-project
|
|
timeouts: null
|
|
values:
|
|
- www.google.com
|
|
- google.com
|
|
module.secure-web-proxy.google_network_services_gateway.default:
|
|
addresses:
|
|
- 10.142.68.3
|
|
certificate_urls:
|
|
- projects/my-project/locations/europe-west4/certificates/secure-web-proxy-cert
|
|
delete_swg_autogen_router_on_destroy: true
|
|
description: Managed by Terraform.
|
|
labels: null
|
|
location: europe-west4
|
|
name: secure-web-proxy
|
|
network: projects/my-project/global/networks/my-network
|
|
ports:
|
|
- 80
|
|
- 443
|
|
project: my-project
|
|
scope: ''
|
|
server_tls_policy: null
|
|
subnetwork: projects/my-project/regions/europe-west4/subnetworks/my-subnetwork
|
|
timeouts: null
|
|
type: SECURE_WEB_GATEWAY
|
|
|
|
counts:
|
|
google_network_security_gateway_security_policy: 1
|
|
google_network_services_gateway: 1
|
|
google_network_security_gateway_security_policy_rule: 5
|
|
google_network_security_url_lists: 1
|