Class FirewallClient (2.32.0)

Firewall resources are used to define a collection of access control rules for an Application.

Each rule is defined with a position which specifies the rule's order in the sequence of rules, an IP range to be matched against requests, and an action to take upon matching requests.

Every request is evaluated against the Firewall rules in priority order. Processesing stops at the first rule which matches the request's IP address. A final rule always specifies an action that applies to all remaining IP addresses. The default final rule for a newly-created application will be set to "allow" if not otherwise specified by the user.

Equality

Instances of this class created via copy-construction or copy-assignment always compare equal. Instances created with equal std::shared_ptr<*Connection> objects compare equal. Objects that compare equal share the same underlying resources.

Performance

Creating a new instance of this class is a relatively expensive operation, new objects establish new connections to the service. In contrast, copy-construction, move-construction, and the corresponding assignment operations are relatively efficient as the copies share all underlying resources.

Thread Safety

Concurrent access to different instances of this class, even if they compare equal, is guaranteed to work. Two or more threads operating on the same instance of this class is not guaranteed to work. Since copy-construction and move-construction is a relatively efficient operation, consider using such a copy when using this class from multiple threads.

Constructors

FirewallClient(FirewallClient const &)

Copy and move support

Parameter
Name Description
FirewallClient const &

FirewallClient(FirewallClient &&)

Copy and move support

Parameter
Name Description
FirewallClient &&

FirewallClient(std::shared_ptr< FirewallConnection >, Options)

Parameters
Name Description
connection std::shared_ptr< FirewallConnection >
opts Options

Operators

operator=(FirewallClient const &)

Copy and move support

Parameter
Name Description
FirewallClient const &
Returns
Type Description
FirewallClient &

operator=(FirewallClient &&)

Copy and move support

Parameter
Name Description
FirewallClient &&
Returns
Type Description
FirewallClient &

Functions

ListIngressRules(google::appengine::v1::ListIngressRulesRequest, Options)

Lists the firewall rules of an application.

Parameters
Name Description
request google::appengine::v1::ListIngressRulesRequest

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.appengine.v1.ListIngressRulesRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StreamRange< google::appengine::v1::FirewallRule >

a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has begin() and end() member functions returning a iterator class meeting the input iterator requirements. The value type for this iterator is a StatusOr as the iteration may fail even after some values are retrieved successfully, for example, if there is a network disconnect. An empty set of results does not indicate an error, it indicates that there are no resources meeting the request criteria. On a successful iteration the StatusOr<T> contains elements of type google.appengine.v1.FirewallRule, or rather, the C++ class generated by Protobuf from that type. Please consult the Protobuf documentation for details on the Protobuf mapping rules.

BatchUpdateIngressRules(google::appengine::v1::BatchUpdateIngressRulesRequest const &, Options)

Replaces the entire firewall ruleset in one bulk operation.

This overrides and replaces the rules of an existing firewall with the new rules.

If the final rule does not match traffic with the '*' wildcard IP range, then an "allow all" rule is explicitly added to the end of the list.

Parameters
Name Description
request google::appengine::v1::BatchUpdateIngressRulesRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.appengine.v1.BatchUpdateIngressRulesRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::appengine::v1::BatchUpdateIngressRulesResponse >

the result of the RPC. The response message type (google.appengine.v1.BatchUpdateIngressRulesResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

CreateIngressRule(google::appengine::v1::CreateIngressRuleRequest const &, Options)

Creates a firewall rule for the application.

Parameters
Name Description
request google::appengine::v1::CreateIngressRuleRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.appengine.v1.CreateIngressRuleRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::appengine::v1::FirewallRule >

the result of the RPC. The response message type (google.appengine.v1.FirewallRule) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

GetIngressRule(google::appengine::v1::GetIngressRuleRequest const &, Options)

Gets the specified firewall rule.

Parameters
Name Description
request google::appengine::v1::GetIngressRuleRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.appengine.v1.GetIngressRuleRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::appengine::v1::FirewallRule >

the result of the RPC. The response message type (google.appengine.v1.FirewallRule) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

UpdateIngressRule(google::appengine::v1::UpdateIngressRuleRequest const &, Options)

Updates the specified firewall rule.

Parameters
Name Description
request google::appengine::v1::UpdateIngressRuleRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.appengine.v1.UpdateIngressRuleRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::appengine::v1::FirewallRule >

the result of the RPC. The response message type (google.appengine.v1.FirewallRule) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

DeleteIngressRule(google::appengine::v1::DeleteIngressRuleRequest const &, Options)

Deletes the specified firewall rule.

Parameters
Name Description
request google::appengine::v1::DeleteIngressRuleRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.appengine.v1.DeleteIngressRuleRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
Status

a Status object. If the request failed, the status contains the details of the failure.